文件资源添加自定义权限

package com.huida.framework.config;


import com.huida.framework.interceptor.FileInterceptor;
import com.huida.framework.interceptor.RequestInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class FileRequestConfig implements WebMvcConfigurer {

    //自定义的拦截器对象
    @Autowired
    private FileInterceptor fileInterceptor;


    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //注册自定义拦截器对象
        //设置拦截器拦截的请求路径（ /** 表示拦截所有请求）
        registry.addInterceptor(fileInterceptor)
                .addPathPatterns("/upload-file/**")
                .addPathPatterns("/upload/**");
    }
}

package com.huida.framework.interceptor;

import com.alibaba.fastjson2.JSON;
import com.huida.common.annotation.RepeatSubmit;
import com.huida.common.core.domain.AjaxResult;
import com.huida.common.utils.ServletUtils;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.AsyncHandlerInterceptor;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

/**
 * 文件访问拦截器
 *
 * @author huida
 */
@Component
public abstract class FileInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        return fileAuthImpl(request, response, handler);
    }

    /**
     *
     */
    public abstract boolean fileAuthImpl(HttpServletRequest request, HttpServletResponse response, Object handler);

}

package com.huida.framework.interceptor.impl;

import com.alibaba.fastjson2.JSON;
import com.huida.common.annotation.RepeatSubmit;
import com.huida.common.config.HuiDaConfig;
import com.huida.common.constant.CacheConstants;
import com.huida.common.core.domain.AjaxResult;
import com.huida.common.core.domain.model.LoginUser;
import com.huida.common.core.redis.RedisCache;
import com.huida.common.exception.ServiceException;
import com.huida.common.filter.RepeatedlyRequestWrapper;
import com.huida.common.utils.SecurityUtils;
import com.huida.common.utils.ServletUtils;
import com.huida.common.utils.StringUtils;
import com.huida.common.utils.http.HttpHelper;
import com.huida.common.utils.satoken.StpClientUtil;
import com.huida.framework.interceptor.FileInterceptor;
import com.huida.system.mapper.UploadFileMapper;
import org.apache.commons.lang3.ObjectUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;

/**
 * @author huida
 */
@Component
public class FileInterceptorImpl extends FileInterceptor {

    @Resource
    private UploadFileMapper uploadFileMapper;

    /**
     * @param request
     * @param response
     * @param handler
     */
    @Override
    public boolean fileAuthImpl(HttpServletRequest request, HttpServletResponse response, Object handler) {
        String requestURI = request.getRequestURI();
        String gxfgjjPath = HuiDaConfig.getGxtzyProfile() + "/gxfgjj/authentication";
        String trainPath = HuiDaConfig.getTrainProfile();
        if (requestURI.contains(gxfgjjPath)) {
            Long tzlyUserId = StpClientUtil.getLoginId(-1L);
            LoginUser manageUser = SecurityUtils.getLoginUserNoException();
            if (tzlyUserId == -1L && ObjectUtils.isEmpty(manageUser)) {
                AjaxResult ajaxResult = AjaxResult.error("未登录，只允许登录访问!");
                ServletUtils.renderString(response, JSON.toJSONString(ajaxResult));
                return false;
            }
            if (tzlyUserId != -1L) {
                int exist = uploadFileMapper.getExistByExamineUserIdAndDomain(tzlyUserId, "6");
                if (exist == 0) {
                    AjaxResult ajaxResult = AjaxResult.error("您没有访问权限");
                    ServletUtils.renderString(response, JSON.toJSONString(ajaxResult));
                    return false;
                }
            }
        } else if (requestURI.contains(trainPath)) {
            Long tzlyUserId = StpClientUtil.getLoginId(-1L);
            LoginUser manageUser = SecurityUtils.getLoginUserNoException();
            if (tzlyUserId == -1L && org.apache.commons.lang3.ObjectUtils.isEmpty(manageUser)) {
                AjaxResult ajaxResult = AjaxResult.error("未登录，只允许登录访问!");
                ServletUtils.renderString(response, JSON.toJSONString(ajaxResult));
                return false;
            }

        }
        return true;
    }
}