package com.hotent.runtime.aop; import com.fasterxml.jackson.databind.JsonNode; import com.hotent.base.context.BaseContext; import com.hotent.base.enums.ResponseErrorEnums; import com.hotent.base.exception.BaseException; import com.hotent.base.query.*; import com.hotent.base.util.BeanUtils; import com.hotent.base.util.ContextThread; import com.hotent.base.util.JsonUtil; import com.hotent.base.util.StringUtil; import com.hotent.bpm.persistence.manager.BpmDefActManager; import com.hotent.bpm.persistence.manager.BpmDefAuthorizeManager; import com.hotent.bpm.persistence.manager.BpmProcessInstanceManager; import com.hotent.bpm.persistence.manager.BpmTaskManager; import com.hotent.bpm.persistence.model.BpmDefAuthorizeType; import com.hotent.bpm.persistence.model.DefaultBpmProcessInstance; import com.hotent.bpm.persistence.model.DefaultBpmTask; import com.hotent.runtime.annotation.PermissionCheck; import com.hotent.runtime.manager.IFlowManager; import com.hotent.uc.api.impl.util.ContextUtil; import io.swagger.annotations.ApiOperation; import org.apache.poi.ss.formula.functions.T; import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.annotation.Around; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.reflect.MethodSignature; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.core.LocalVariableTableParameterNameDiscoverer; import org.springframework.expression.ExpressionParser; import org.springframework.expression.spel.standard.SpelExpressionParser; import org.springframework.expression.spel.support.StandardEvaluationContext; import org.springframework.stereotype.Component; import javax.annotation.Resource; import java.lang.reflect.Method; import java.util.Arrays; import java.util.Map; /** * 流程实例和待办任务权限校验 *
* 流程实例和待办任务权限校验 ** * @company 广州宏天软件股份有限公司 * @author yijj * @email yijj@jee-soft.cn * @date 2022年11月01日 */ @Aspect @Component public class PermissionCheckAspect { @Resource IFlowManager iFlowManager; @Resource BaseContext baseContext; @Resource BpmDefAuthorizeManager bpmDefAuthorizeManager; @Resource BpmProcessInstanceManager bpmProcessInstanceManager; @Resource BpmTaskManager bpmTaskManager; private Logger logger = LoggerFactory.getLogger(getClass()); @Around("execution(* *..*Controller.*(..)) && @annotation(com.hotent.runtime.annotation.PermissionCheck)") public Object permissionCheck(ProceedingJoinPoint joinPoint) throws Throwable{ //获取注解标注的方法 Class> targetClass = joinPoint.getTarget().getClass(); String methodName =joinPoint.getSignature().getName(); Method[] methods = targetClass.getMethods(); Object[] args = joinPoint.getArgs(); // 当前切中的方法 Method method = null; for (int i = 0; i < methods.length; i++){ if (methods[i].getName().equals(methodName)){ method = methods[i]; break; } } PermissionCheck permissionCheck = method.getAnnotation(PermissionCheck.class); //获取被拦截方法参数名列表(使用Spring支持类库) LocalVariableTableParameterNameDiscoverer localVariableTable = new LocalVariableTableParameterNameDiscoverer(); String[] paraNameArr = localVariableTable.getParameterNames(method); //使用SPEL进行key的解析 ExpressionParser parser = new SpelExpressionParser(); //SPEL上下文 StandardEvaluationContext context = new StandardEvaluationContext(); //把方法参数放入SPEL上下文中 for(int i=0;i