重构注解鉴权底层，可以方便的自定义注解了

2026-02-27 16:50:24 +08:00 · 2024-08-03 18:50:11 +08:00
parent a3746878de
commit 834e1d5b34
26 changed files with 210 additions and 560 deletions
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/SaTokenCaseApplication.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/SaTokenCaseApplication.java
@@ -1,10 +1,9 @@
 package com.pj;

+import cn.dev33.satoken.SaManager;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;

-import cn.dev33.satoken.SaManager;
-
 /**
 * Sa-Token 示例 
 * @author click33
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/test/TestController.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/test/TestController.java
@@ -1,10 +1,9 @@
 package com.pj.cases.test;

+import cn.dev33.satoken.util.SaResult;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

-import cn.dev33.satoken.util.SaResult;
-
 /**
 * 测试专用 Controller 
 * @author click33
@@ -17,14 +16,14 @@ public class TestController {
 	// 测试   浏览器访问： http://localhost:8081/test/test
 	@RequestMapping("test")
 	public SaResult test() {
-		System.out.println("------------进来了"); 
+		System.out.println("------------进来了");
 		return SaResult.ok(); 
 	}
 	
 	// 测试   浏览器访问： http://localhost:8081/test/test2
 	@RequestMapping("test2")
 	public SaResult test2() {
-		System.out.println("------------进来了"); 
+		System.out.println("------------进来了");
 		return SaResult.ok();
 	}

--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/current/GlobalException.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/current/GlobalException.java
@@ -4,7 +4,7 @@ import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;

 import cn.dev33.satoken.exception.DisableServiceException;
-import cn.dev33.satoken.exception.NotBasicAuthException;
+import cn.dev33.satoken.exception.NotHttpBasicAuthException;
 import cn.dev33.satoken.exception.NotLoginException;
 import cn.dev33.satoken.exception.NotPermissionException;
 import cn.dev33.satoken.exception.NotRoleException;
@@ -57,8 +57,8 @@ public class GlobalException {
 	}

 	// 拦截：Http Basic 校验失败异常 
-	@ExceptionHandler(NotBasicAuthException.class)
-	public SaResult handlerException(NotBasicAuthException e) {
+	@ExceptionHandler(NotHttpBasicAuthException.class)
+	public SaResult handlerException(NotHttpBasicAuthException e) {
 		e.printStackTrace(); 
 		return SaResult.error(e.getMessage());
 	}
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/SaTokenConfigure.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/SaTokenConfigure.java
@@ -5,6 +5,7 @@ import cn.dev33.satoken.filter.SaServletFilter;
 import cn.dev33.satoken.interceptor.SaInterceptor;
 import cn.dev33.satoken.router.SaRouter;
 import cn.dev33.satoken.stp.StpUtil;
+import cn.dev33.satoken.strategy.SaAnnotationStrategy;
 import cn.dev33.satoken.strategy.SaStrategy;
 import cn.dev33.satoken.util.SaResult;
 import org.springframework.context.annotation.Bean;
@@ -117,9 +118,9 @@ public class SaTokenConfigure implements WebMvcConfigurer {
    @PostConstruct
    public void rewriteSaStrategy() {
    	// 重写Sa-Token的注解处理器，增加注解合并功能 
-    	SaStrategy.instance.getAnnotation = (element, annotationClass) -> {
-    		return AnnotatedElementUtils.getMergedAnnotation(element, annotationClass);
-    	};
+//    	SaAnnotationStrategy.instance.getAnnotation = (element, annotationClass) -> {
+//    		return AnnotatedElementUtils.getMergedAnnotation(element, annotationClass);
+//    	};
    }
    
 }
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/custom_annotation/SaUserCheckLogin.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/custom_annotation/SaUserCheckLogin.java
@@ -1,20 +1,16 @@
-package com.pj.satoken.at;
+package com.pj.satoken.custom_annotation;

 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;

-import cn.dev33.satoken.annotation.SaCheckLogin;
-import com.pj.satoken.StpUserUtil;
-
 /**
 * 登录认证(User版)：只有登录之后才能进入该方法 
- * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上） 
- * @author click33
+ * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上）
 *
+ * @author click33
 */
-@SaCheckLogin(type = StpUserUtil.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE})
 public @interface SaUserCheckLogin {
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/custom_annotation/SaUserCheckPermission.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/custom_annotation/SaUserCheckPermission.java
@@ -1,23 +1,19 @@
-package com.pj.satoken.at;
+package com.pj.satoken.custom_annotation;
+
+import cn.dev33.satoken.annotation.SaMode;

 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;

-import com.pj.satoken.StpUserUtil;
-import org.springframework.core.annotation.AliasFor;
-
-import cn.dev33.satoken.annotation.SaCheckPermission;
-import cn.dev33.satoken.annotation.SaMode;
-
 /**
 * 权限认证(User版)：必须具有指定权限才能进入该方法 
- * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上） 
+ * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上）
+ *
 * @author click33
 *
 */
-@SaCheckPermission(type = StpUserUtil.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE})
 public @interface SaUserCheckPermission {
@@ -26,14 +22,29 @@ public @interface SaUserCheckPermission {
 	 * 需要校验的权限码
 	 * @return 需要校验的权限码
 	 */
-	@AliasFor(annotation = SaCheckPermission.class)
 	String [] value() default {};

 	/**
 	 * 验证模式：AND | OR，默认AND
 	 * @return 验证模式
 	 */
-	@AliasFor(annotation = SaCheckPermission.class)
 	SaMode mode() default SaMode.AND;
-	
+
+	/**
+	 * 在权限校验不通过时的次要选择，两者只要其一校验成功即可通过校验
+	 *
+	 * <p>
+	 * 	例1：@SaCheckPermission(value="user-add", orRole="admin")，
+	 * 	代表本次请求只要具有 user-add权限 或 admin角色 其一即可通过校验。
+	 * </p>
+	 *
+	 * <p>
+	 * 	例2： orRole = {"admin", "manager", "staff"}，具有三个角色其一即可。 <br>
+	 * 	例3： orRole = {"admin, manager, staff"}，必须三个角色同时具备。
+	 * </p>
+	 *
+	 * @return /
+	 */
+	String[] orRole() default {};
+
 }
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/custom_annotation/SaUserCheckRole.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/custom_annotation/SaUserCheckRole.java
@@ -1,23 +1,18 @@
-package com.pj.satoken.at;
+package com.pj.satoken.custom_annotation;
+
+import cn.dev33.satoken.annotation.SaMode;

 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;

-import com.pj.satoken.StpUserUtil;
-import org.springframework.core.annotation.AliasFor;
-
-import cn.dev33.satoken.annotation.SaCheckRole;
-import cn.dev33.satoken.annotation.SaMode;
-
 /**
 * 角色认证(User版)：必须具有指定角色标识才能进入该方法 
 * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上） 
 * @author click33
 *
 */
-@SaCheckRole(type = StpUserUtil.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE})
 public @interface SaUserCheckRole {
@@ -26,14 +21,12 @@ public @interface SaUserCheckRole {
 	 * 需要校验的角色标识
 	 * @return 需要校验的角色标识
 	 */
-	@AliasFor(annotation = SaCheckRole.class)
 	String [] value() default {};

 	/**
 	 * 验证模式：AND | OR，默认AND
 	 * @return 验证模式
 	 */
-	@AliasFor(annotation = SaCheckRole.class)
 	SaMode mode() default SaMode.AND;
 	
 }