tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 优化响应状态码映射,权限不足时返回403 Forbidden

Browse Source
This commit is contained in:
Ray.Hao
2026-03-24 10:57:05 +08:00
parent c71becea68
commit 8f5c1fc8e4
2 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/main/java/com/youlai/boot/common/result/ResponseWriter.java
View File

@@ -69,7 +69,7 @@ public final class ResponseWriter {
Result<?> result = message == null Result<?> result = message == null
? Result.failed(resultCode) ? Result.failed(resultCode)
: Result.failed(resultCode, message); : Result.failed(resultCode, message);
int httpStatus = mapHttpStatus(resultCode); int httpStatus = mapHttpStatus(resultCode);
writeResult(response, result, httpStatus); writeResult(response, result, httpStatus);
} }
@@ -85,11 +85,11 @@ public final class ResponseWriter {
try { try {
// 设置HTTP状态码 // 设置HTTP状态码
response.setStatus(httpStatus); response.setStatus(httpStatus);
// 设置响应编码和内容类型 // 设置响应编码和内容类型
response.setCharacterEncoding(StandardCharsets.UTF_8.toString()); response.setCharacterEncoding(StandardCharsets.UTF_8.toString());
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
// 写入响应 // 写入响应
JakartaServletUtil.write(response, JakartaServletUtil.write(response,
JSONUtil.toJsonStr(result), JSONUtil.toJsonStr(result),
@@ -103,6 +103,9 @@ public final class ResponseWriter {
/** /**
* 根据业务结果码映射HTTP状态码 * 根据业务结果码映射HTTP状态码
* 401: 未认证token无效/过期)
* 403: 权限不足
* 400: 其他业务错误
* *
* @param resultCode 业务结果码 * @param resultCode 业务结果码
* @return HTTP状态码 * @return HTTP状态码
@@ -110,9 +113,10 @@ public final class ResponseWriter {
private static int mapHttpStatus(ResultCode resultCode) { private static int mapHttpStatus(ResultCode resultCode) {
return switch (resultCode) { return switch (resultCode) {
case ACCESS_UNAUTHORIZED, case ACCESS_UNAUTHORIZED,
ACCESS_TOKEN_INVALID, ACCESS_TOKEN_INVALID,
REFRESH_TOKEN_INVALID -> HttpStatus.UNAUTHORIZED.value(); REFRESH_TOKEN_INVALID -> HttpStatus.UNAUTHORIZED.value();
case ACCESS_PERMISSION_EXCEPTION -> HttpStatus.FORBIDDEN.value();
default -> HttpStatus.BAD_REQUEST.value(); default -> HttpStatus.BAD_REQUEST.value();
}; };
} }
} }

3
src/main/java/com/youlai/boot/framework/security/handler/MyAccessDeniedHandler.java
View File

@@ -18,7 +18,8 @@ public class MyAccessDeniedHandler implements AccessDeniedHandler {
@Override @Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) { public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) {
ResponseWriter.writeError(response, ResultCode.ACCESS_UNAUTHORIZED); // 权限不足返回 403 Forbidden
ResponseWriter.writeError(response, ResultCode.ACCESS_PERMISSION_EXCEPTION);
} }
} }