Skip to content

Commit

Permalink
增加流程图
Browse files Browse the repository at this point in the history
  • Loading branch information
@zhou-hao
zhou-hao committed Oct 12, 2018
1 parent 65b0d75 commit 1f171a2
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 9 deletions.
25 changes: 16 additions & 9 deletions hsweb-authorization/hsweb-authorization-basic/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,20 @@
2. 实现数据权限控制
3. 可动态进行权限配置设置

默认仅提供了aop方式的权限控制,控制逻辑如下:

## 授权
使用`hsweb-authorization-api`提供的监听器,类`UserOnSignIn`监听用户授权事件`AuthorizationSuccessEvent`
当用户完成授权(授权方式可自行实现或者使用框架默认的授权方式,主要触发该事件即可).授权通过后会触发该事件.流程如下
1. 完成授权,触发`AuthorizationSuccessEvent`
2. `UserOnSignIn` 收到`AuthorizationSuccessEvent`事件,获取参数`token_type`(默认为`sessionId`),以及授权信息
3. 根据`token_type` 生成token.
4. 将token和授权信息中的userId注册到`UserTokenManager`
5. 将token返回给授权接口

![授权](./img/autz-flow.png "授权")


## 权限控制
1. `AopAuthorizingController` aop拦截所有controller方法(注解了:`Controller`或者`RestController`的类的方法)
2. 在客户端发起请求的时候,将拦截到的方法信息(`MethodInterceptorContext`)传给权限定义解析器(`AopMethodAuthorizeDefinitionParser`)
进行解析
Expand All @@ -14,15 +27,9 @@
5. 默认的权限控制实现`DefaultAuthorizingHandler`,将分别进行RBAC,数据权限,表达式方式的权限控制.
6. 如果授权未通过,则抛出`AccessDenyException`异常

## 授权
使用`hsweb-authorization-api`提供的监听器,类`UserOnSignIn`监听用户授权事件`AuthorizationSuccessEvent`
当用户完成授权(授权方式可自行实现或者使用框架默认的授权方式,主要触发该事件即可).授权通过后会触发该事件.流程如下
![权限控制](./img/autz-handle-flow.png "权限控制")


1. 完成授权,触发`AuthorizationSuccessEvent`
2. `UserOnSignIn` 收到`AuthorizationSuccessEvent`事件,获取参数`token_type`(默认为`sessionId`),以及授权信息
3. 根据`token_type` 生成token.
4. 将token和授权信息中的userId注册到`UserTokenManager`
5. 将token返回给授权接口

## 注销
与授权同理,类`UserOnSignOut`监听`AuthorizationExitEvent` ,当触发事件后,调用`UserTokenManager`移除当前登录的token信息
Expand Down
Binary file added hsweb-authorization/hsweb-authorization-basic/img/autz-flow.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added hsweb-authorization/hsweb-authorization-basic/img/autz-handle-flow.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit 1f171a2

Please sign in to comment.