基于注解实现的菜单权限功能demo

定义菜单注解类

import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;

import java.lang.annotation.*;

@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)

@Documented
@Inherited
@Configuration
@EnableAutoConfiguration
@ComponentScan
public @interface MenuAnnotion {
     
    String id();
}

定义拦截器

import com.example.config.annotion.MenuAnnotion;
import com.example.mapper.UserMapper;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class AuthInterceptor implements HandlerInterceptor {
     
    @Autowired
    private UserMapper userMapper;
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
     
        String token = request.getHeader("token");
        //解析tonken获取到userId
        //todo
        //根据userId查询该用户的权限
        List<String> authList = Arrays.asList(userMapper.roleAuth(2).split(","));
        HandlerMethod hm = (HandlerMethod) handler;
        Method method = hm.getMethod();
        if (method.isAnnotationPresent(MenuAnnotion.class)){
     
            MenuAnnotion annotation = method.getAnnotation(MenuAnnotion.class);
            String menus = annotation.id();
            if (authList != null && authList.contains(menus)){
     
                return true;
            }
            Map<String,String> result = new HashMap<>();
            result.put("code","00000");
            result.put("message","该菜单你尚无权限访问，请联系管理员");
            ObjectMapper mapper = new ObjectMapper();
            response.setContentType("application/json;charset=UTF-8");
            response.getWriter().write(mapper.writeValueAsString(result));
            response.getWriter().flush();
            return false;
        }
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
     

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
     

    }
}

@RestController
@RequestMapping("/user")
public class UserController {
     
    @MenuAnnotion(id = "01")
    @GetMapping(value = "/getUser",produces = "application/json;charset=utf-8")
    public String userDetail(){
     
        return "查询用户详情成功";
    }
}

权限表的情况：
菜单权限表：menu

角色表：role

用户表：user