优化信息安全处理逻辑

framework-security/src/main/java/com/chelvc/framework/security/config/SecurityProperties.java

@@ -39,11 +39,6 @@ public class SecurityProperties {
      */
     @Data
     public static class Request {
-        /**
-         * 是否启用
-         */
-        private boolean enabled;
-
         /**
          * 放行资源地址，多个地址使用","号隔开
          */
@@ -70,11 +65,6 @@ public class SecurityProperties {
      */
     @Data
     public static class Signature {
-        /**
-         * 是否启用
-         */
-        private boolean enabled;
-
         /**
          * 放行资源地址，多个地址使用","号隔开
          */
@@ -96,11 +86,6 @@ public class SecurityProperties {
      */
     @Data
     public static class Permission {
-        /**
-         * 是否启用
-         */
-        private boolean enabled;
-
         /**
          * 放行资源地址，多个地址使用","号隔开
          */

framework-security/src/main/java/com/chelvc/framework/security/interceptor/PermissionValidateInterceptor.java

@@ -40,21 +40,21 @@ public class PermissionValidateInterceptor implements Filter {
      */
     private boolean validate(HttpServletRequest request, HttpServletResponse response) throws IOException {
         // 判断是否拥有访问权限
-        SecurityProperties.Permission permission =
-                ApplicationContextHolder.getBean(SecurityProperties.class).getPermission();
-        if (!permission.isEnabled()) {
+        SecurityProperties properties = ApplicationContextHolder.getBean(SecurityProperties.class);
+        SecurityProperties.Permission config = properties.getPermission();
+        if (StringUtils.isEmpty(config.getPermit()) && StringUtils.isEmpty(config.getRequire())) {
             return true;
         }
         String method = request.getMethod(), uri = HttpUtils.getRequestURI(request);
-        if (StringUtils.isPath(permission.getPermit(), uri) || (StringUtils.nonEmpty(permission.getRequire())
-                && !StringUtils.isPath(permission.getRequire(), uri))
+        if (StringUtils.isPath(config.getPermit(), uri) || (StringUtils.nonEmpty(config.getRequire())
+                && !StringUtils.isPath(config.getRequire(), uri))
                 || SecurityContextHolder.hasPermission(method, uri)) {
             return true;
         }
 
         // 无访问权限
         log.warn(HttpUtils.getExceptionMessage(request, HttpStatus.FORBIDDEN, "Permission denied"));
-        if (StringUtils.isPath(permission.getIgnore(), uri)) {
+        if (StringUtils.isPath(config.getIgnore(), uri)) {
             return true;
         }
         response.setStatus(HttpStatus.FORBIDDEN.value());

framework-security/src/main/java/com/chelvc/framework/security/interceptor/RequestSecurityInterceptor.java

@@ -40,8 +40,9 @@ public class RequestSecurityInterceptor implements Filter {
      */
     private boolean validate(HttpServletRequest request, HttpServletResponse response) throws IOException {
         // 判断是否需要放行
-        SecurityProperties.Request config = ApplicationContextHolder.getBean(SecurityProperties.class).getRequest();
-        if (!config.isEnabled()) {
+        SecurityProperties properties = ApplicationContextHolder.getBean(SecurityProperties.class);
+        SecurityProperties.Request config = properties.getRequest();
+        if (StringUtils.isEmpty(config.getPermit()) && StringUtils.isEmpty(config.getRequire())) {
             return true;
         }
         String uri = HttpUtils.getRequestURI(request);

framework-security/src/main/java/com/chelvc/framework/security/interceptor/SignatureValidateInterceptor.java

@@ -43,13 +43,13 @@ public class SignatureValidateInterceptor implements Filter {
     private boolean validate(HttpServletRequest request, HttpServletResponse response) throws IOException {
         // 判断请求是否需要放行
         SecurityProperties properties = ApplicationContextHolder.getBean(SecurityProperties.class);
-        SecurityProperties.Signature signature = properties.getSignature();
-        if (!signature.isEnabled()) {
+        SecurityProperties.Signature config = properties.getSignature();
+        if (StringUtils.isEmpty(config.getPermit()) && StringUtils.isEmpty(config.getRequire())) {
             return true;
         }
         String uri = HttpUtils.getRequestURI(request);
-        if (StringUtils.isPath(signature.getPermit(), uri) || (StringUtils.nonEmpty(signature.getRequire())
-                && !StringUtils.isPath(signature.getRequire(), uri))) {
+        if (StringUtils.isPath(config.getPermit(), uri) || (StringUtils.nonEmpty(config.getRequire())
+                && !StringUtils.isPath(config.getRequire(), uri))) {
             return true;
         }
 
@@ -71,7 +71,7 @@ public class SignatureValidateInterceptor implements Filter {
 
         // 签名无效
         log.warn(HttpUtils.getExceptionMessage(request, HttpStatus.FORBIDDEN, "Signature invalid"));
-        if (StringUtils.isPath(signature.getIgnore(), uri)) {
+        if (StringUtils.isPath(config.getIgnore(), uri)) {
             return true;
         }
         response.setStatus(HttpStatus.FORBIDDEN.value());