鉴权修改

cash-common/cash-common-sa-token/src/main/java/com/czg/handler/SaAdminCheckPermissionHandler.java

@@ -0,0 +1,47 @@
+package com.czg.handler;
+
+import cn.dev33.satoken.annotation.handler.SaAnnotationHandlerInterface;
+import com.czg.annotation.SaAdminCheckPermission;
+import com.czg.sa.StpKit;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+import java.lang.reflect.Method;
+import cn.dev33.satoken.annotation.SaMode;
+
+/**
+ * 员工权限校验
+ * @author Administrator
+ */
+@Component
+@Slf4j
+public class SaAdminCheckPermissionHandler implements SaAnnotationHandlerInterface<SaAdminCheckPermission> {
+
+    @Override
+    public Class<SaAdminCheckPermission> getHandlerAnnotationClass() {
+        return SaAdminCheckPermission.class;
+    }
+
+    @Override
+    public void checkMethod(SaAdminCheckPermission annotation, Method method) {
+
+        // 2️⃣ 如果是管理员，直接放行
+        if (StpKit.USER.hasRole("admin")) {
+            log.debug("[SaAdminCheckPermissionHandler] 管理员免校验权限: userId={}", StpKit.USER.getLoginId());
+            return;
+        }
+
+        // 3️⃣ 非管理员执行权限校验
+        String[] permissions = annotation.value();
+        SaMode mode = annotation.mode();
+
+        if (permissions != null && permissions.length > 0) {
+            if (mode == SaMode.AND) {
+                StpKit.USER.checkPermissionAnd(permissions);
+            } else {
+                StpKit.USER.checkPermissionOr(permissions);
+            }
+        }
+
+        log.debug("[SaAdminCheckPermissionHandler] 非管理员执行权限校验: userId={}", StpKit.USER.getLoginId());
+    }
+}