<!--AOP包-->
<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-aop</artifactId>
</dependency>

@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface Permission {

   String authorities() default "ADMIN";

}

public class AnnotationParse {
  /***
   * 解析權限注解
   * @return 返回注解的authorities值
   * @throws Exception
   */
  public static String privilegeParse(Method method) throws Exception {
    //獲取該方法
    if(method.isAnnotationPresent(Permission.class)){
      Permission annotation = method.getAnnotation(Permission.class);
      return annotation.authorities();
    }
    return null;
  }
}

@Aspect
@Component
public class ControllerAspect {

  private final static Logger logger = LoggerFactory.getLogger(ControllerAspect.class);

  @Autowired
  private UserService userService;
  /**
   * 定義切點
   */
  @Pointcut("execution(public * com.wqh.blog.controller.*.*(..))")
  public void privilege(){}

  /**
   * 權限環繞通知
   * @param joinPoint
   * @throws Throwable
   */
  @ResponseBody
  @Around("privilege()")
  public Object isAccessMethod(ProceedingJoinPoint joinPoint) throws Throwable {
    //獲取訪問目標方法
    MethodSignature methodSignature = (MethodSignature)joinPoint.getSignature();
    Method targetMethod = methodSignature.getMethod();
    //得到方法的訪問權限
    final String methodAccess = AnnotationParse.privilegeParse(targetMethod);

    //如果該方法上沒有權限注解，直接調用目標方法
    if(StringUtils.isBlank(methodAccess)){
      return joinPoint.proceed();
    }else {
      //獲取當前用戶的權限,這里是自定義的發那個發
      User currentUser = userService.getCurrentUser();
      logger.info("訪問用戶，{}",currentUser.toString());
      if(currentUser == null){
        throw new LoginException(ResultEnum.LOGIN_ERROR);
      }
      if(methodAccess.equals(currentUser.getRole().toString())){
        return joinPoint.proceed();
      }else {
        throw new BusinessException(ResultEnum.ROLE_ERROR);
      }
    }
  }
}