feat(plugin): 新增 sa-token-spring-el 插件，用于支持 SpEL 表达式注解鉴权

2025-10-07 23:24:24 +08:00 · 2025-01-15 22:28:50 +08:00
parent 079376107a
commit b7b13fe4ed
16 changed files with 698 additions and 2 deletions
--- a/sa-token-demo/sa-token-demo-case/pom.xml
+++ b/sa-token-demo/sa-token-demo-case/pom.xml
@@ -45,7 +45,14 @@
            <artifactId>sa-token-redis-jackson</artifactId>
            <version>${sa-token.version}</version>
        </dependency>
-        
+
+		<!-- Sa-Token 注解鉴权使用 EL 表达式 -->
+		<dependency>
+			<groupId>cn.dev33</groupId>
+			<artifactId>sa-token-spring-el</artifactId>
+			<version>${sa-token.version}</version>
+		</dependency>
+
 		<!-- 提供Redis连接池 -->
 		<dependency>
            <groupId>org.apache.commons</groupId>
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/more/SaCheckELController.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/more/SaCheckELController.java
@@ -0,0 +1,102 @@
+package com.pj.cases.more;
+
+import cn.dev33.satoken.annotation.SaCheckEL;
+import cn.dev33.satoken.annotation.SaIgnore;
+import cn.dev33.satoken.util.SaResult;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * SaCheckEL EL表达式注解鉴权示例
+ *
+ * @author click33
+ * @since 2022-10-13
+ */
+@RestController
+@RequestMapping("/check-el/")
+public class SaCheckELController {
+
+	// 登录校验  ---- http://localhost:8081/check-el/test1
+	@SaCheckEL("stp.checkLogin()")
+	@RequestMapping("test1")
+	public SaResult test1() {
+		return SaResult.ok();
+	}
+
+	// 角色校验  ---- http://localhost:8081/check-el/test2
+	@SaCheckEL("stp.checkRole('dev-admin')")
+	@RequestMapping("test2")
+	public SaResult test2() {
+		return SaResult.ok();
+	}
+
+	// 权限校验  ---- http://localhost:8081/check-el/test3
+	@SaCheckEL("stp.checkPermission('user:edit')")
+	@RequestMapping("test3")
+	public SaResult test3() {
+		return SaResult.ok();
+	}
+
+	// 二级认证  ---- http://localhost:8081/check-el/test4
+	@SaCheckEL("stp.checkSafe()")
+	@RequestMapping("test4")
+	public SaResult test4() {
+		return SaResult.ok();
+	}
+
+	// 参数长度校验  ---- http://localhost:8081/check-el/test5?name=zhangsan
+	@SaCheckEL("NEED( #name.length() > 3 )")
+	@RequestMapping("test5")
+	public SaResult test5(@RequestParam(defaultValue = "") String name) {
+		return SaResult.ok().set("name", name);
+	}
+
+	// 参数长度校验，并自定义异常描述信息  ---- http://localhost:8081/check-el/test6?name=z
+	@SaCheckEL("NEED( #name !=null && #name.length() > 3, 'name长度不够' )")
+	@RequestMapping("test6")
+	public SaResult test6(String name) {
+		return SaResult.ok().set("name", name);
+	}
+
+	// 已登录, 或者查询数据在公开范围内 ---- http://localhost:8081/check-el/test7?id=10044
+	@SaCheckEL("NEED( stp.isLogin() or (#id != null and #id > 10010) )")
+	@RequestMapping("test7")
+	public SaResult test7(long id) {
+		return SaResult.ok().set("id", id);
+	}
+
+	// SaSession 里取值校验 ---- http://localhost:8081/check-el/test8
+	@SaCheckEL("NEED( stp.getSession().get('name') == 'zhangsan' )")
+	@RequestMapping("test8")
+	public SaResult test8() {
+		return SaResult.ok();
+	}
+
+	// 多账号体系鉴权测试 ---- http://localhost:8081/check-el/test9
+	@SaCheckEL("stpUser.checkLogin()")
+	@RequestMapping("test9")
+	public SaResult test9() {
+		return SaResult.ok();
+	}
+
+	// 本模块需要鉴权的权限码
+	public String permissionCode = "article:add";
+
+	// 调用本类的成员变量 ---- http://localhost:8081/check-el/test10
+	@SaCheckEL("stp.checkPermission( this.permissionCode )")
+	@RequestMapping("test10")
+	public SaResult test10() {
+		return SaResult.ok();
+	}
+
+	// 忽略鉴权测试 ---- http://localhost:8081/check-el/test11
+	@SaIgnore
+	@SaCheckEL("stp.checkPermission( 'abc' )")
+	@RequestMapping("test11")
+	public SaResult test11() {
+		return SaResult.ok();
+	}
+
+
+}
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/SaTokenConfigure.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/satoken/SaTokenConfigure.java
@@ -120,6 +120,15 @@ public class SaTokenConfigure implements WebMvcConfigurer {
    	SaAnnotationStrategy.instance.getAnnotation = (element, annotationClass) -> {
    		return AnnotatedElementUtils.getMergedAnnotation(element, annotationClass);
    	};
+
+		// 重写 SaCheckELRootMap 扩展函数，增加注解鉴权 EL 表达式可使用的根对象
+		SaAnnotationStrategy.instance.checkELRootMapExtendFunction = rootMap -> {
+			System.out.println("--------- 执行 SaCheckELRootMap 增强，目前已包含的的跟对象包括：" + rootMap.keySet());
+			// 新增 stpUser 根对象，使之可以在表达式中通过 stpUser.checkLogin() 方式进行多账号体系鉴权
+			rootMap.put("stpUser", StpUserUtil.getStpLogic());
+		};
    }
-    
+
+
+
 }