java source code of PermissionInterceptor

Project: my_curd (GitHub Link)

my_curd-master
- src
  - main
    - resources
      - config.txt
      - logback.xml
      - logging.properties
      - config-dev.txt
      - generator
        singletable
        controller.ftl
        form.ftl
        index.ftl
        oneToMany
        controller.ftl
        form.ftl
        index.ftl
        model
        model.ftl
        dict.ftl
        ModelMapping.ftl
        baseModel.ftl
        dict.md
    - java
      - com
        github
        qinyou
        api
        ApiRoutes.java
        controller
        DemoController.java
        common
        utils
        RandomUtils.java
        Model2Bean.java
        jwt
        JwtUtils.java
        UserClaim.java
        JsonUtils.java
        RegexUtils.java
        log
        LogBackLog.java
        LogBackLogFactory.java
        guava
        LoginRetryLimitCache.java
        CacheContainer.java
        BaseCache.java
        TreeTableUtils.java
        ReflectionUtils.java
        thread
        DownBook.java
        ExecutorServiceUtils.java
        BaseServiceThread.java
        FileUtils.java
        Id
        SnowflakeIdWorker.java
        IdUtils.java
        ZipUtils.java
        freemarker
        FreemarkerUtils.java
        StringTemplateLoader.java
        SerializeUtils.java
        StringUtils.java
        WebUtils.java
        web
        BaseController.java
        LoginController.java
        UtilsController.java
        LoginService.java
        MainController.java
        MainService.java
        FileController.java
        render
        ImageRender.java
        ExcelRender.java
        ZipRender.java
        XmlRender.java
        constant
        Constant.java
        validator
        IdsRequired.java
        IdRequired.java
        interceptor
        SessionInViewInterceptor.java
        SearchSql.java
        PermissionInterceptor.java
        ApiInterceptor.java
        VisitLogInterceptor.java
        ComActionInterceptor.java
        LoginInterceptor.java
        annotation
        RequirePermission.java
        gen
        client
        JfinalModelClient.java
        ModelMappingClient.java
        SingleTableClient.java
        OneToManyClient.java
        ModelClient.java
        ModelDictClient.java
        Config.java
        GeneratorConfig.java
        tools
        ColumnMeta.java
        MysqlMetaUtils.java
        TableMeta.java
        MysqlDataSourceUtils.java
        ws
        OnlineUserContainer.java
        WebSocketServer.java
        UserIdEncryptUtils.java
        SendMsgUtils.java
        AppConfig.java
        oa
        vo
        TaskInfo.java
        ProcessDefinitionInfo.java
        ProcessDeploymentInfo.java
        HistoricTaskInfo.java
        ProcessInstanceInfo.java
        activiti.md
        Test.java
        activiti
        ActivitiPlugin.java
        ActivitiTransaction.java
        ActivitiConfig.java
        ActivitiTransactionFactory.java
        ActivitiKit.java
        model
        FormLeave.java
        base
        BaseFormLeave.java
        BaseBusinessFormInfo.java
        BusinessFormInfo.java
        OARoutes.java
        OaModelMapping.java
        controller
        ProcessDefineController.java
        BusinessFormInfoController.java
        OAFormBaseController.java
        ProcessDeployController.java
        OAController.java
        MyTaskController.java
        form
        FormLeaveController.java
        MyProcessController.java
        MyCompleteTaskController.java
        MyCandidateTaskController.java
        ProcessInstanceController.java
        example
        ExampleModelMapping.java
        ExampleRoutes.java
        model
        ExStaffExperience.java
        ExStaffEducation.java
        base
        BaseExSingleTable.java
        BaseExStaffExperience.java
        BaseExStaffFamily.java
        BaseExStaff.java
        BaseExStaffEducation.java
        ExStaffFamily.java
        ExStaff.java
        ExSingleTable.java
        controller
        ExStaffController.java
        ExSingleTableController.java
        system
        vo
        Cron4jTaskIntro.java
        SystemModelMapping.java
        task
        DelSysNoticeTask.java
        TestTask.java
        service
        SysNoticeService.java
        SystemRoutes.java
        model
        SysVisitLog.java
        SysOrg.java
        SysTaskLog.java
        SysButton.java
        SysRoleButton.java
        SysNotice.java
        SysNoticeType.java
        SysMenu.java
        base
        BaseSysNoticeTypeSysRole.java
        BaseSysNotice.java
        BaseSysButton.java
        BaseSysRoleButton.java
        BaseSysUser.java
        BaseSysVisitLog.java
        BaseSysMenu.java
        BaseSysSetting.java
        BaseSysRoleMenu.java
        BaseSysUserRole.java
        BaseSysNoticeDetail.java
        BaseSysOrg.java
        BaseSysDict.java
        BaseSysDictGroup.java
        BaseSysTaskLog.java
        BaseSysRole.java
        BaseSysNoticeType.java
        SysDictGroup.java
        SysNoticeDetail.java
        SysRole.java
        SysRoleMenu.java
        SysNoticeTypeSysRole.java
        SysDict.java
        SysSetting.java
        SysUserRole.java
        SysUser.java
        controller
        SysSettingController.java
        SysUserController.java
        SysNoticeTypeController.java
        SysMenuController.java
        SysTaskController.java
        SysRoleController.java
        SysUserUnlockController.java
        SysVisitLogController.java
        SysDictController.java
        SysOrgController.java
        genOnline
        GenOnlineRoutes.java
        controller
        GenOnlineController.java
    - webapp
      - WEB-INF
        views
        login.ftl
        userNotice.ftl
        common
        utils
        user.ftl
        userListByRole.ftl
        orgInfo.ftl
        role.ftl
        userInfo.ftl
        uploadFile.ftl
        card.ftl
        custom.ftl
        pure-page.ftl
        no_permission.ftl
        relativeTime.ftl
        btnControl.ftl
        popup.ftl
        403.ftl
        500.ftl
        404.ftl
        common.ftl
        easyui.ftl
        main.ftl
        userPass.ftl
        oa
        processDeploy.ftl
        myCompleteTask.ftl
        myProcess.ftl
        businessFormInfo_form.ftl
        myTask_complete.ftl
        myCandidateTask.ftl
        form
        formLeave_detail.ftl
        formLeave_form.ftl
        processInstance.ftl
        businessFormList.ftl
        processDefine.ftl
        processInstance_detail.ftl
        historicTaskInfos.ftl
        businessFormInfo.ftl
        processDeploy_form.ftl
        myTask.ftl
        example
        exStaff.ftl
        exStaff_form.ftl
        exSingleTable.ftl
        exSingleTable_form.ftl
        system
        sysButton_form.ftl
        sysDictGroup_form.ftl
        sysDict.ftl
        sysUser_role.ftl
        sysOrg_form.ftl
        sysButton.ftl
        sysTask.ftl
        sysMenu.ftl
        sysNoticeType_role.ftl
        sysDict_form.ftl
        sysRole.ftl
        sysSetting.ftl
        sysRole_user.ftl
        sysNoticeType_form.ftl
        sysNoticeType.ftl
        sysUser.ftl
        sysVisitLog_view.ftl
        sysVisitLog.ftl
        sysMenu_form.ftl
        sysOrg.ftl
        sysRole_permission.ftl
        sysUserUnlock.ftl
        sysMenu_role.ftl
        sysButton_role.ftl
        sysSetting_form.ftl
        sysUser_form.ftl
        sysRole_form.ftl
        sysTaskLog.ftl
        userInfo.ftl
        genOnline
        genOnline_onetomany_form.ftl
        genOnline_modeldict_form.ftl
        genOnline_single_form.ftl
        genOnline.ftl
        genOnline_model_form.ftl
        genOnline_mappingkit_form.ftl
        web.xml
      - static
        iconfont
        iconfont.json
        iconfont.svg
        demo_index.html
        iconfont.eot
        iconfont.ttf
        iconfont.woff2
        iconfont.woff
        iconfont.css
        demo.css
        iconfont.js
        plugins
        easyui1.8.5
        jquery.min.js
        themes
        icons
        blank.gif
        material-teal
        images
        blank.gif
        loading.gif
        Thumbs.db
        easyui.css
        icon.css
        datagrid-scrollview.js
        locale
        easyui-lang-zh_CN.js
        easyui-lang-en.js
        jquery.edatagrid.js
        datagrid-extend.js
        layer
        theme
        default
        loading-0.gif
        layer.css
        loading-1.gif
        loading-2.gif
        layer.js
        purecss
        grids-responsive-min.css
        grids-responsive-old-ie-min.css
        pure-min.css
        magic-check
        magic-check.css
        js
        easyui-tree-tools.js
        loading.js
        dg-curd.js
        one-to-many.js
        input2combotree.js
        popup.js
        tg-curd.js
        tab-tools.js
        utils.js
        oa.js
        image
        loading.gif
        female.jpg
        male.jpg
        favicon.ico
        css
        main.css
        custom-theme-default.css
        custom-ui.css
        oa.css
        one-to-many.css
        custom-theme-wechat.css
        tree-icon.css
- db
- start.bat
- pom.xml
- stop.sh
- LICENSE
- package.xml
- .gitattributes
- restart.sh
- README.md
- start.sh
- .gitignore

package com.github.qinyou.common.interceptor;

import com.github.qinyou.common.annotation.RequirePermission;
import com.github.qinyou.common.utils.StringUtils;
import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.core.Controller;
import com.jfinal.kit.Ret;
import lombok.extern.slf4j.Slf4j;

import java.util.List;

/**
 * 后台 权限菜单 拦截器
 *
 * @author zhangchuang
 */
@Slf4j
public class PermissionInterceptor implements Interceptor {

    @Override
    public void intercept(Invocation inv) {
        boolean flag = true;

        Controller controller = inv.getController();

        // 验证菜单权限
        RequirePermission requirePermission = inv.getClass().getAnnotation(RequirePermission.class);
        List<String> codes;
        if (requirePermission != null ) {
            codes = requirePermission.isPermission() ?
                    controller.getSessionAttr("menuCodes") : controller.getSessionAttr("roleCodes");
            flag = codes.contains(requirePermission.value());
        }

        if (flag) {
            // 菜单权限通后 再验证按钮权限
            requirePermission = inv.getMethod().getAnnotation(RequirePermission.class);
            if (requirePermission != null) {
                codes = requirePermission.isPermission() ?
                        controller.getSessionAttr("buttonCodes") : controller.getSessionAttr("roleCodes");
                flag = codes.contains(requirePermission.value());
            }
        }

        if (flag) {
            // 菜单权限、按钮权限 都具备 放行
            inv.invoke();
            return;
        }

        // 无权限响应
        String requestType = inv.getController().getHeader("X-Requested-With");
        if ("XMLHttpRequest".equals(requestType) || StringUtils.notEmpty(inv.getController().getPara("xmlHttpRequest"))) {
            Ret ret = Ret.create().setFail().set("msg", "无权限操作！您的行为已被记录到日志。"); // 其实并没有，可以自行扩展
            controller.renderJson(ret);
        } else {
            controller.render("/WEB-INF/views/common/no_permission.ftl");
        }
    }
}