package com.walker.web.security; import com.walker.infrastructure.utils.JsonUtils; import com.walker.web.ResponseValue; import com.walker.web.util.ServletUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.web.access.AccessDeniedHandler; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * 认证过的用户访问无权限资源时的处理器. * @author 时克英 * @date 2022-11-01 */ public class DefaultAccessDeniedHandler implements AccessDeniedHandler { protected final transient Logger logger = LoggerFactory.getLogger(getClass()); @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { String msg = "已认证,但未分配系统权限:" + request.getRequestURI(); try { // ServletUtils.renderString(response, JsonUtils.objectToJsonString(ResponseValue.error(ResponseCode.NO_PERMISSION.getCode(), msg))); ServletUtils.renderString(response, JsonUtils.objectToJsonString(ResponseValue.error(msg))); } catch (Exception e) { logger.error("未分配系统权限:" + request.getRequestURI()); } } }