修复权限校验失败跳转页面配置错误的bug

5 years ago · aa43aac81d
parent 1af38d4310
commit aa43aac81d
2 changed files with 159 additions and 159 deletions
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
@ -1,65 +1,65 @@
-package com.ruoyi.web.controller.system;
+package com.ruoyi.web.controller.system;
-
+
-import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponse;
-import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.subject.Subject;
+import org.apache.shiro.subject.Subject;
-import org.springframework.stereotype.Controller;
+import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.ResponseBody;
-import com.ruoyi.common.core.controller.BaseController;
+import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.ServletUtils;
-import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.StringUtils;
-
+
-/**
+/**
- * 登录验证
+ * 登录验证
- * 
+ * 
- * @author ruoyi
+ * @author ruoyi
- */
+ */
-@Controller
+@Controller
-public class SysLoginController extends BaseController
+public class SysLoginController extends BaseController
-{
+{
-    @GetMapping("/login")
+    @GetMapping("/login")
-    public String login(HttpServletRequest request, HttpServletResponse response)
+    public String login(HttpServletRequest request, HttpServletResponse response)
-    {
+    {
-        // 如果是Ajax请求，返回Json字符串。
+        // 如果是Ajax请求，返回Json字符串。
-        if (ServletUtils.isAjaxRequest(request))
+        if (ServletUtils.isAjaxRequest(request))
-        {
+        {
-            return ServletUtils.renderString(response, "{\"code\":\"1\",\"msg\":\"未登录或登录超时。请重新登录\"}");
+            return ServletUtils.renderString(response, "{\"code\":\"1\",\"msg\":\"未登录或登录超时。请重新登录\"}");
-        }
+        }
-
+
-        return "login";
+        return "login";
-    }
+    }
-
+
-    @PostMapping("/login")
+    @PostMapping("/login")
-    @ResponseBody
+    @ResponseBody
-    public AjaxResult ajaxLogin(String username, String password, Boolean rememberMe)
+    public AjaxResult ajaxLogin(String username, String password, Boolean rememberMe)
-    {
+    {
-        UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe);
+        UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe);
-        Subject subject = SecurityUtils.getSubject();
+        Subject subject = SecurityUtils.getSubject();
-        try
+        try
-        {
+        {
-            subject.login(token);
+            subject.login(token);
-            return success();
+            return success();
-        }
+        }
-        catch (AuthenticationException e)
+        catch (AuthenticationException e)
-        {
+        {
-            String msg = "用户或密码错误";
+            String msg = "用户或密码错误";
-            if (StringUtils.isNotEmpty(e.getMessage()))
+            if (StringUtils.isNotEmpty(e.getMessage()))
-            {
+            {
-                msg = e.getMessage();
+                msg = e.getMessage();
-            }
+            }
-            return error(msg);
+            return error(msg);
-        }
+        }
-    }
+    }
-
+
-    @GetMapping("/unauth")
+    @GetMapping("/unauth")
-    public String unauth()
+    public String unauth()
-    {
+    {
-        return "/error/unauth";
+        return "error/unauth";
-    }
+    }
-}
+}
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java
@ -1,94 +1,94 @@
-package com.ruoyi.framework.web.exception;
+package com.ruoyi.framework.web.exception;
-
+
-import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequest;
-import org.apache.shiro.authz.AuthorizationException;
+import org.apache.shiro.authz.AuthorizationException;
-import org.slf4j.Logger;
+import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.slf4j.LoggerFactory;
-import org.springframework.web.HttpRequestMethodNotSupportedException;
+import org.springframework.web.HttpRequestMethodNotSupportedException;
-import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ExceptionHandler;
-import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
-import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.ModelAndView;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.exception.BusinessException;
+import com.ruoyi.common.exception.BusinessException;
-import com.ruoyi.common.exception.DemoModeException;
+import com.ruoyi.common.exception.DemoModeException;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.ServletUtils;
-import com.ruoyi.common.utils.security.PermissionUtils;
+import com.ruoyi.common.utils.security.PermissionUtils;
-
+
-/**
+/**
- * 全局异常处理器
+ * 全局异常处理器
- * 
+ * 
- * @author ruoyi
+ * @author ruoyi
- */
+ */
-@RestControllerAdvice
+@RestControllerAdvice
-public class GlobalExceptionHandler
+public class GlobalExceptionHandler
-{
+{
-    private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
+    private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
-
+
-    /**
+    /**
-     * 权限校验失败 如果请求为ajax返回json，普通请求跳转页面
+     * 权限校验失败 如果请求为ajax返回json，普通请求跳转页面
-     */
+     */
-    @ExceptionHandler(AuthorizationException.class)
+    @ExceptionHandler(AuthorizationException.class)
-    public Object handleAuthorizationException(HttpServletRequest request, AuthorizationException e)
+    public Object handleAuthorizationException(HttpServletRequest request, AuthorizationException e)
-    {
+    {
-        log.error(e.getMessage(), e);
+        log.error(e.getMessage(), e);
-        if (ServletUtils.isAjaxRequest(request))
+        if (ServletUtils.isAjaxRequest(request))
-        {
+        {
-            return AjaxResult.error(PermissionUtils.getMsg(e.getMessage()));
+            return AjaxResult.error(PermissionUtils.getMsg(e.getMessage()));
-        }
+        }
-        else
+        else
-        {
+        {
-            ModelAndView modelAndView = new ModelAndView();
+            ModelAndView modelAndView = new ModelAndView();
-            modelAndView.setViewName("/error/unauth");
+            modelAndView.setViewName("error/unauth");
-            return modelAndView;
+            return modelAndView;
-        }
+        }
-    }
+    }
-
+
-    /**
+    /**
-     * 请求方式不支持
+     * 请求方式不支持
-     */
+     */
-    @ExceptionHandler({ HttpRequestMethodNotSupportedException.class })
+    @ExceptionHandler({ HttpRequestMethodNotSupportedException.class })
-    public AjaxResult handleException(HttpRequestMethodNotSupportedException e)
+    public AjaxResult handleException(HttpRequestMethodNotSupportedException e)
-    {
+    {
-        log.error(e.getMessage(), e);
+        log.error(e.getMessage(), e);
-        return AjaxResult.error("不支持' " + e.getMethod() + "'请求");
+        return AjaxResult.error("不支持' " + e.getMethod() + "'请求");
-    }
+    }
-
+
-    /**
+    /**
-     * 拦截未知的运行时异常
+     * 拦截未知的运行时异常
-     */
+     */
-    @ExceptionHandler(RuntimeException.class)
+    @ExceptionHandler(RuntimeException.class)
-    public AjaxResult notFount(RuntimeException e)
+    public AjaxResult notFount(RuntimeException e)
-    {
+    {
-        log.error("运行时异常:", e);
+        log.error("运行时异常:", e);
-        return AjaxResult.error("运行时异常:" + e.getMessage());
+        return AjaxResult.error("运行时异常:" + e.getMessage());
-    }
+    }
-
+
-    /**
+    /**
-     * 系统异常
+     * 系统异常
-     */
+     */
-    @ExceptionHandler(Exception.class)
+    @ExceptionHandler(Exception.class)
-    public AjaxResult handleException(Exception e)
+    public AjaxResult handleException(Exception e)
-    {
+    {
-        log.error(e.getMessage(), e);
+        log.error(e.getMessage(), e);
-        return AjaxResult.error("服务器错误，请联系管理员");
+        return AjaxResult.error("服务器错误，请联系管理员");
-    }
+    }
-
+
-    /**
+    /**
-     * 业务异常
+     * 业务异常
-     */
+     */
-    @ExceptionHandler(BusinessException.class)
+    @ExceptionHandler(BusinessException.class)
-    public AjaxResult businessException(BusinessException e)
+    public AjaxResult businessException(BusinessException e)
-    {
+    {
-        log.error(e.getMessage(), e);
+        log.error(e.getMessage(), e);
-        return AjaxResult.error(e.getMessage());
+        return AjaxResult.error(e.getMessage());
-    }
+    }
-
+
-    /**
+    /**
-     * 演示模式异常
+     * 演示模式异常
-     */
+     */
-    @ExceptionHandler(DemoModeException.class)
+    @ExceptionHandler(DemoModeException.class)
-    public AjaxResult demoModeException(DemoModeException e)
+    public AjaxResult demoModeException(DemoModeException e)
-    {
+    {
-        return AjaxResult.error("演示模式，不允许操作");
+        return AjaxResult.error("演示模式，不允许操作");
-    }
+    }
-}
+}