优化权限控制

zhou-hao · zhou-hao · commit ef26546f037d · 2017-02-24T18:19:09.000+08:00
diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java
@@ -61,6 +61,16 @@ public interface Permission extends Serializable {
      */
     String ACTION_EXPORT = "export";
 
+    /**
+     * 禁用
+     */
+    String ACTION_DISABLE = "disable";
+
+    /**
+     * 启用
+     */
+    String ACTION_ENABLE = "enable";
+
     /**
      * 获取权限ID，权限的唯一标识
      *
diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/listener/UserAuthorizationListener.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/listener/UserAuthorizationListener.java
@@ -36,5 +36,8 @@ default void onAuthorizeBefore(String username) {
     default void onAuthorizeFail(String username) {
     }
 
+    default void onLoginOut(Authorization authorization){
+
+    }
     void onAuthorizeSuccess(boolean isRemembered, Authorization authorization);
 }
diff --git a/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/ListenerAuthorizingRealm.java b/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/ListenerAuthorizingRealm.java
@@ -67,6 +67,13 @@ private AuthenticationInfo createAuthenticationInfo(Authorization authorization)
                 authorization.getUser().getName());
     }
 
+    @Override
+    public void onLoginOut(Authorization authorization) {
+        if (null != authorization)
+            getCache(authorization.getUser().getUsername()).clear();
+        SecurityUtils.getSubject().logout();
+    }
+
     @Override
     public void onAuthorizeSuccess(boolean isRemembered, Authorization authorization) {
         SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
diff --git a/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java b/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java
@@ -65,6 +65,7 @@ public void assertAuthorized(Annotation a) throws AuthorizationException {
             if (!(a instanceof Authorize)) return;
             MethodInterceptorHolder holder = MethodInterceptorHolder.current();
             if (null == holder) {
+                logger.warn("MethodInterceptorHolder is null,maybe config is error!");
                 return;
             }
             AuthorizeConfig authorizeConfig = new AuthorizeConfig(holder.getArgs());
diff --git a/hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/TestController.java b/hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/TestController.java
@@ -61,10 +61,6 @@ public ResponseMessage testUpdate(@PathVariable String id, @RequestBody UserEnti
         return ResponseMessage.ok(entity);
     }
 
-    public static void main(String[] args) throws NoSuchMethodException {
-        System.out.println(UserController.class.getMethod("list", Entity.class));
-    }
-
     @Override
     public TestService getService() {
         return new TestService();

Original file line number	Diff line number	Diff line change
`@@ -36,5 +36,8 @@ default void onAuthorizeBefore(String username) {`
`36`	`36`	`default void onAuthorizeFail(String username) {`
`37`	`37`	`}`
`38`	`38`
	`39`	`+ default void onLoginOut(Authorization authorization){`
	`40`	`+`
	`41`	`+ }`
`39`	`42`	`void onAuthorizeSuccess(boolean isRemembered, Authorization authorization);`
`40`	`43`	`}`
Original file line number	Diff line number	Diff line change
`@@ -65,6 +65,7 @@ public void assertAuthorized(Annotation a) throws AuthorizationException {`
`65`	`65`	`if (!(a instanceof Authorize)) return;`
`66`	`66`	`MethodInterceptorHolder holder = MethodInterceptorHolder.current();`
`67`	`67`	`if (null == holder) {`
	`68`	`+ logger.warn("MethodInterceptorHolder is null,maybe config is error!");`
`68`	`69`	`return;`
`69`	`70`	`}`
`70`	`71`	`AuthorizeConfig authorizeConfig = new AuthorizeConfig(holder.getArgs());`