package org.dromara.common.security.handler; import cn.dev33.satoken.exception.NotLoginException; import cn.dev33.satoken.exception.NotPermissionException; import cn.dev33.satoken.exception.NotRoleException; import cn.dev33.satoken.exception.SameTokenInvalidException; import cn.hutool.core.util.ObjectUtil; import cn.hutool.http.HttpStatus; import jakarta.servlet.http.HttpServletRequest; import jakarta.validation.ConstraintViolation; import jakarta.validation.ConstraintViolationException; import lombok.extern.slf4j.Slf4j; import org.dromara.common.core.domain.R; import org.dromara.common.core.exception.ServiceException; import org.dromara.common.core.exception.base.BaseException; import org.dromara.common.core.utils.StreamUtils; import org.springframework.context.support.DefaultMessageSourceResolvable; import org.springframework.validation.BindException; import org.springframework.web.HttpRequestMethodNotSupportedException; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.MissingPathVariableException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException; /** * 全局异常处理器 * * @author Lion Li */ @Slf4j @RestControllerAdvice public class GlobalExceptionHandler { /** * 权限码异常 */ @ExceptionHandler(NotPermissionException.class) public R handleNotPermissionException(NotPermissionException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求地址'{}',权限码校验失败'{}'", requestURI, e.getMessage()); return R.fail(HttpStatus.HTTP_FORBIDDEN, "没有访问权限,请联系管理员授权"); } /** * 角色权限异常 */ @ExceptionHandler(NotRoleException.class) public R handleNotRoleException(NotRoleException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求地址'{}',角色权限校验失败'{}'", requestURI, e.getMessage()); return R.fail(HttpStatus.HTTP_FORBIDDEN, "没有访问权限,请联系管理员授权"); } /** * 认证失败 */ @ExceptionHandler(NotLoginException.class) public R handleNotLoginException(NotLoginException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求地址'{}',认证失败'{}',无法访问系统资源", requestURI, e.getMessage()); return R.fail(HttpStatus.HTTP_UNAUTHORIZED, "认证失败,无法访问系统资源"); } /** * 无效认证 */ @ExceptionHandler(SameTokenInvalidException.class) public R handleSameTokenInvalidException(SameTokenInvalidException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求地址'{}',内网认证失败'{}',无法访问系统资源", requestURI, e.getMessage()); return R.fail(HttpStatus.HTTP_UNAUTHORIZED, "认证失败,无法访问系统资源"); } /** * 请求方式不支持 */ @ExceptionHandler(HttpRequestMethodNotSupportedException.class) public R handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求地址'{}',不支持'{}'请求", requestURI, e.getMethod()); return R.fail(e.getMessage()); } /** * 业务异常 */ @ExceptionHandler(ServiceException.class) public R handleServiceException(ServiceException e, HttpServletRequest request) { log.error(e.getMessage()); Integer code = e.getCode(); return ObjectUtil.isNotNull(code) ? R.fail(code, e.getMessage()) : R.fail(e.getMessage()); } /** * 业务异常 */ @ExceptionHandler(BaseException.class) public R handleBaseException(BaseException e, HttpServletRequest request) { log.error(e.getMessage()); return R.fail(e.getMessage()); } /** * 请求路径中缺少必需的路径变量 */ @ExceptionHandler(MissingPathVariableException.class) public R handleMissingPathVariableException(MissingPathVariableException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求路径中缺少必需的路径变量'{}',发生系统异常.", requestURI); return R.fail(String.format("请求路径中缺少必需的路径变量[%s]", e.getVariableName())); } /** * 请求参数类型不匹配 */ @ExceptionHandler(MethodArgumentTypeMismatchException.class) public R handleMethodArgumentTypeMismatchException(MethodArgumentTypeMismatchException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求参数类型不匹配'{}',发生系统异常.", requestURI); return R.fail(String.format("请求参数类型不匹配,参数[%s]要求类型为:'%s',但输入值为:'%s'", e.getName(), e.getRequiredType().getName(), e.getValue())); } /** * 拦截未知的运行时异常 */ @ExceptionHandler(RuntimeException.class) public R handleRuntimeException(RuntimeException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求地址'{}',发生未知异常.", requestURI, e); return R.fail(e.getMessage()); } /** * 系统异常 */ @ExceptionHandler(Exception.class) public R handleException(Exception e, HttpServletRequest request) { String requestURI = request.getRequestURI(); log.error("请求地址'{}',发生系统异常.", requestURI, e); return R.fail(e.getMessage()); } /** * 自定义验证异常 */ @ExceptionHandler(BindException.class) public R handleBindException(BindException e) { log.error(e.getMessage()); String message = StreamUtils.join(e.getAllErrors(), DefaultMessageSourceResolvable::getDefaultMessage, ", "); return R.fail(message); } /** * 自定义验证异常 */ @ExceptionHandler(ConstraintViolationException.class) public R constraintViolationException(ConstraintViolationException e) { log.error(e.getMessage()); String message = StreamUtils.join(e.getConstraintViolations(), ConstraintViolation::getMessage, ", "); return R.fail(message); } /** * 自定义验证异常 */ @ExceptionHandler(MethodArgumentNotValidException.class) public R handleMethodArgumentNotValidException(MethodArgumentNotValidException e) { log.error(e.getMessage()); String message = e.getBindingResult().getFieldError().getDefaultMessage(); return R.fail(message); } }