From e203870849e21935d4aedbdb05b1373b173a3986 Mon Sep 17 00:00:00 2001
From: haoxr <1490493387@qq.com>
Date: Fri, 1 Dec 2023 18:41:46 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E5=85=A8=E5=B1=80=E5=BC=82=E5=B8=B8?=
 =?UTF-8?q?=E5=A4=84=E7=90=86=E5=AF=BC=E8=87=B4`Spring=20Security`?=
 =?UTF-8?q?=E8=87=AA=E5=AE=9A=E4=B9=89=E6=9C=AA=E8=AE=A4=E8=AF=81=E3=80=81?=
 =?UTF-8?q?=E6=9C=AA=E6=8E=88=E6=9D=83=E5=BC=82=E5=B8=B8=E5=A4=B1=E6=95=88?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/exception/GlobalExceptionHandler.java      | 11 +++++++++--
 .../security/exception/MyAccessDeniedHandler.java     |  2 +-
 .../system/core/security/jwt/JwtTokenProvider.java    |  5 +++--
 .../core/security/service/PermissionService.java      |  2 +-
 4 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/youlai/system/common/exception/GlobalExceptionHandler.java b/src/main/java/com/youlai/system/common/exception/GlobalExceptionHandler.java
index 5091b681..ae7e9041 100644
--- a/src/main/java/com/youlai/system/common/exception/GlobalExceptionHandler.java
+++ b/src/main/java/com/youlai/system/common/exception/GlobalExceptionHandler.java
@@ -10,6 +10,8 @@ import org.springframework.context.support.DefaultMessageSourceResolvable;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.converter.HttpMessageNotReadableException;
 import org.springframework.jdbc.BadSqlGrammarException;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.validation.BindException;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.MissingServletRequestParameterException;
@@ -183,7 +185,12 @@ public class GlobalExceptionHandler {
 
     @ExceptionHandler(Exception.class)
     @ResponseStatus(HttpStatus.BAD_REQUEST)
-    public <T> Result<T> handleException(Exception e) {
+    public <T> Result<T> handleException(Exception e) throws Exception{
+        // 将 Spring Security 异常继续抛出，以便交给自定义处理器处理
+        if (e instanceof AccessDeniedException
+                || e instanceof AuthenticationException) {
+            throw e;
+        }
         log.error("unknown exception: {}", e.getMessage());
         return Result.failed(e.getLocalizedMessage());
     }
@@ -203,7 +210,7 @@ public class GlobalExceptionHandler {
         if (matcher.find()) {
             String matchString = matcher.group();
             matchString = matchString.replace("[", "").replace("]", "");
-            matchString = "%s字段类型错误".formatted(matchString.replaceAll("\\\"", ""));
+            matchString = "%s字段类型错误".formatted(matchString.replaceAll("\"", ""));
             group += matchString;
         }
         return group;
diff --git a/src/main/java/com/youlai/system/core/security/exception/MyAccessDeniedHandler.java b/src/main/java/com/youlai/system/core/security/exception/MyAccessDeniedHandler.java
index 9bfa52bd..c7979301 100644
--- a/src/main/java/com/youlai/system/core/security/exception/MyAccessDeniedHandler.java
+++ b/src/main/java/com/youlai/system/core/security/exception/MyAccessDeniedHandler.java
@@ -20,6 +20,6 @@ import java.io.IOException;
 public class MyAccessDeniedHandler implements AccessDeniedHandler {
     @Override
     public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
-        ResponseUtils.writeErrMsg(response, ResultCode.TOKEN_ACCESS_FORBIDDEN);
+        ResponseUtils.writeErrMsg(response, ResultCode.ACCESS_UNAUTHORIZED);
     }
 }
diff --git a/src/main/java/com/youlai/system/core/security/jwt/JwtTokenProvider.java b/src/main/java/com/youlai/system/core/security/jwt/JwtTokenProvider.java
index 0bc5fffc..2f34d6c3 100644
--- a/src/main/java/com/youlai/system/core/security/jwt/JwtTokenProvider.java
+++ b/src/main/java/com/youlai/system/core/security/jwt/JwtTokenProvider.java
@@ -78,7 +78,8 @@ public class JwtTokenProvider {
 
         // claims 中添加角色信息
         Set<String> roles = userDetails.getAuthorities().stream()
-                .map(GrantedAuthority::getAuthority).collect(Collectors.toSet());
+                .map(GrantedAuthority::getAuthority)
+                .collect(Collectors.toSet());
         claims.put(JwtClaimConstants.AUTHORITIES, roles);
 
         Date now = new Date();
@@ -107,7 +108,7 @@ public class JwtTokenProvider {
         userDetails.setDataScope(Convert.toInt(claims.get(JwtClaimConstants.DATA_SCOPE))); // 数据权限范围
 
         // 角色集合
-        Set<SimpleGrantedAuthority> authorities = ((Set<String>) claims.get(JwtClaimConstants.AUTHORITIES))
+        Set<SimpleGrantedAuthority> authorities = ((ArrayList<String>) claims.get(JwtClaimConstants.AUTHORITIES))
                 .stream()
                 .map(SimpleGrantedAuthority::new)
                 .collect(Collectors.toSet());
diff --git a/src/main/java/com/youlai/system/core/security/service/PermissionService.java b/src/main/java/com/youlai/system/core/security/service/PermissionService.java
index 98fbf05c..b13b8784 100644
--- a/src/main/java/com/youlai/system/core/security/service/PermissionService.java
+++ b/src/main/java/com/youlai/system/core/security/service/PermissionService.java
@@ -72,7 +72,7 @@ public class PermissionService {
             }
         }
         if (!hasPermission) {
-            log.error("用户无访问权限");
+            log.error("用户无操作权限");
         }
         return hasPermission;
     }