center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

Merge pull request #2461 from dataease/pr@dev@fix_api_auth_error_i18n

Browse Source 
fix: api权限错误提示国际化
This commit is contained in:
fit2cloud-chenyw 2022-06-21 14:40:45 +08:00 committed by GitHub
commit 3d2e4f5edd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 150 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
backend/src/main/java/io/dataease/auth/aop/DePermissionAnnotationHandler.java
View File

@ -4,9 +4,13 @@ import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissions;
import io.dataease.auth.entity.AuthItem;
import io.dataease.auth.util.ReflectUtil;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.utils.AuthUtils;
import io.dataease.commons.utils.LogUtil;
import io.dataease.dto.log.FolderItem;
import io.dataease.i18n.Translator;
import io.dataease.service.sys.log.LogManager;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.authz.annotation.Logical;
import org.aspectj.lang.ProceedingJoinPoint;
@ -15,6 +19,7 @@ import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import java.lang.reflect.Array;
import java.lang.reflect.Method;
import java.util.*;
@ -24,6 +29,9 @@ import java.util.stream.Collectors;
@Component
public class DePermissionAnnotationHandler {
@Resource
private LogManager logManager;
@Around(value = "@annotation(io.dataease.auth.annotation.DePermissions)")
public Object PermissionsAround(ProceedingJoinPoint point) throws Throwable {
@ -31,66 +39,59 @@ public class DePermissionAnnotationHandler {
return point.proceed(point.getArgs());
}
Boolean access = false;
try {
MethodSignature ms = (MethodSignature) point.getSignature();
Method method = ms.getMethod();
DePermissions annotation = method.getAnnotation(DePermissions.class);
Logical logical = annotation.logical();
DePermission[] dePermissions = annotation.value();
Object[] args = point.getArgs();
if (logical == Logical.AND) {
access = true;
for (int i = 0; i < dePermissions.length; i++) {
DePermission permission = dePermissions[i];
boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
if (!currentAccess) {
access = false;
break;
}
}
} else {
List<Exception> exceptions = new ArrayList<>();
for (int i = 0; i < dePermissions.length; i++) {
DePermission permission = dePermissions[i];
try {
boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
if (currentAccess) {
access = true;
break;
}
} catch (Exception e) {
exceptions.add(e);
}
}
if (!access && exceptions.size() > 0) {
throw exceptions.get(0);
MethodSignature ms = (MethodSignature) point.getSignature();
Method method = ms.getMethod();
DePermissions annotation = method.getAnnotation(DePermissions.class);
Logical logical = annotation.logical();
DePermission[] dePermissions = annotation.value();
Object[] args = point.getArgs();
if (logical == Logical.AND) {
access = true;
for (int i = 0; i < dePermissions.length; i++) {
DePermission permission = dePermissions[i];
boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
if (!currentAccess) {
access = false;
break;
}
}
} catch (Throwable throwable) {
LogUtil.error(throwable.getMessage(), throwable);
throw new RuntimeException(throwable.getMessage());
} else {
List<Exception> exceptions = new ArrayList<>();
for (int i = 0; i < dePermissions.length; i++) {
DePermission permission = dePermissions[i];
try {
boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
if (currentAccess) {
access = true;
break;
}
} catch (Exception e) {
exceptions.add(e);
}
}
if (!access && exceptions.size() > 0) {
throw exceptions.get(0);
}
}
return access ? point.proceed(point.getArgs()) : null;
}
@Around(value = "@annotation(io.dataease.auth.annotation.DePermission)")
public Object PermissionAround(ProceedingJoinPoint point) throws Throwable {
Boolean access = false;
try {
if (AuthUtils.getUser().getIsAdmin()) {
return point.proceed(point.getArgs());
}
MethodSignature ms = (MethodSignature) point.getSignature();
Method method = ms.getMethod();
DePermission annotation = method.getAnnotation(DePermission.class);
Object arg = point.getArgs()[annotation.paramIndex()];
if (access(arg, annotation, 0)) {
access = true;
}
} catch (Throwable throwable) {
LogUtil.error(throwable.getMessage(), throwable);
throw new RuntimeException(throwable.getMessage());
if (AuthUtils.getUser().getIsAdmin()) {
return point.proceed(point.getArgs());
}
MethodSignature ms = (MethodSignature) point.getSignature();
Method method = ms.getMethod();
DePermission annotation = method.getAnnotation(DePermission.class);
Object arg = point.getArgs()[annotation.paramIndex()];
if (access(arg, annotation, 0)) {
access = true;
}
return access ? point.proceed(point.getArgs()) : null;
}
@ -107,8 +108,7 @@ public class DePermissionAnnotationHandler {
boolean permissionValid = resourceIds.contains(arg);
if (permissionValid)
return true;
throw new UnauthorizedException("Subject does not have permission[" + annotation.level().name() + ":"
+ annotation.type() + ":" + arg + "]");
throw new UnauthorizedException(msgI18n(arg, annotation));
} else if (ReflectUtil.isArray(parameterType)) {
for (int i = 0; i < Array.getLength(arg); i++) {
Object o = Array.get(arg, i);
@ -139,4 +139,26 @@ public class DePermissionAnnotationHandler {
}
return true;
}
private String msgI18n(Object arg, DePermission annotation) {
int sourceTypeValue = 0;
DePermissionType type = annotation.type();
if (type == DePermissionType.DATASOURCE) {
sourceTypeValue = 1;
}
if (type == DePermissionType.DATASET) {
sourceTypeValue = 2;
}
if (type == DePermissionType.PANEL) {
sourceTypeValue = 3;
}
String name = arg.toString();
if (sourceTypeValue > 0) {
FolderItem sourceInfo = logManager.nameWithId(arg.toString(), sourceTypeValue);
if (ObjectUtils.isNotEmpty(sourceInfo))
name = StringUtils.isNotBlank(sourceInfo.getName()) ? sourceInfo.getName() : arg.toString();
}
String msg = Translator.get("I18N_NO_PERMISSION") + "[" + Translator.get("I18N_" + annotation.level().name()) + ": " + Translator.get("SOURCE_TYPE_" + annotation.type().name()) + ": " + name + "]," + Translator.get("I18N_PLEASE_CONCAT_ADMIN");
return msg;
}
}

1
backend/src/main/java/io/dataease/auth/aop/DePermissionProxyHandler.java
View File

@ -44,7 +44,6 @@ public class DePermissionProxyHandler {
return point.proceed(args);
} catch (Throwable throwable) {
LogUtil.error(throwable.getMessage(), throwable);
/* throw new RuntimeException(throwable.getMessage()); */
DataEaseException.throwException(throwable);
} finally {
AuthUtils.cleanProxyUser();

25
backend/src/main/resources/i18n/messages_en_US.properties
View File

@ -163,3 +163,28 @@ i18n_user_not_exist=user does not exist
i18n_default_login_reset=Switched back to default login mode
I18N_COMMON_LEVEL_USE=Consult
I18N_PANNEL_LEVEL_VIEW=Consult
I18N_PANNEL_LEVEL_EXPORT=Export
I18N_PANNEL_LEVEL_MANAGE=Manage
I18N_PANNEL_LEVEL_GRANT=Grant
I18N_DATASET_LEVEL_USE=Consult
I18N_DATASET_LEVEL_MANAGE=Manage
I18N_DATASET_LEVEL_GRANT=Grant
I18N_LINK_LEVEL_USE=Consult
I18N_LINK_LEVEL_MANAGE=Manage
I18N_LINK_LEVEL_GRANT=Grant
I18N_DATASOURCE_LEVEL_USE=Consult
I18N_DATASOURCE_LEVEL_MANAGE=Manage
I18N_DATASOURCE_LEVEL_GRANT=Grant
I18N_NO_PERMISSION=You do not have permission to
I18N_PLEASE_CONCAT_ADMIN=Please contact the administrator for authorization

25
backend/src/main/resources/i18n/messages_zh_CN.properties
View File

@ -166,4 +166,27 @@ i18n_not_admin_error=不是管理员账号
i18n_user_not_exist=用户不存在
i18n_default_login_reset=已切换回默认登录方式
i18n_default_login_reset=已切换回默认登录方式
I18N_COMMON_LEVEL_USE=查看
I18N_PANNEL_LEVEL_VIEW=查看
I18N_PANNEL_LEVEL_EXPORT=导出
I18N_PANNEL_LEVEL_MANAGE=管理
I18N_PANNEL_LEVEL_GRANT=授权
I18N_DATASET_LEVEL_USE=查看
I18N_DATASET_LEVEL_MANAGE=管理
I18N_DATASET_LEVEL_GRANT=授权
I18N_LINK_LEVEL_USE=查看
I18N_LINK_LEVEL_MANAGE=管理
I18N_LINK_LEVEL_GRANT=授权
I18N_DATASOURCE_LEVEL_USE=查看
I18N_DATASOURCE_LEVEL_MANAGE=管理
I18N_DATASOURCE_LEVEL_GRANT=授权
I18N_NO_PERMISSION=当前用户没有权限
I18N_PLEASE_CONCAT_ADMIN=请联系管理员开通

27
backend/src/main/resources/i18n/messages_zh_TW.properties
View File

@ -159,4 +159,29 @@ I18N_DRIVER_NOT_FOUND=未找到驅動
i18n_not_admin_error=不是管理員賬號
i18n_user_not_exist=用戶不存在
i18n_default_login_reset=已切換回默認登錄方式
i18n_default_login_reset=已切換回默認登錄方式
I18N_COMMON_LEVEL_USE=查看
I18N_PANNEL_LEVEL_VIEW=查看
I18N_PANNEL_LEVEL_EXPORT=導出
I18N_PANNEL_LEVEL_MANAGE=管理
I18N_PANNEL_LEVEL_GRANT=授權
I18N_DATASET_LEVEL_USE=查看
I18N_DATASET_LEVEL_MANAGE=管理
I18N_DATASET_LEVEL_GRANT=授權
I18N_LINK_LEVEL_USE=查看
I18N_LINK_LEVEL_MANAGE=管理
I18N_LINK_LEVEL_GRANT=授權
I18N_DATASOURCE_LEVEL_USE=查看
I18N_DATASOURCE_LEVEL_MANAGE=管理
I18N_DATASOURCE_LEVEL_GRANT=授權
I18N_NO_PERMISSION=當前用戶沒有權限
I18N_PLEASE_CONCAT_ADMIN=請聯系管理員開通