问题描述
SELECT
si1.itemno,si2.itemno,count(*)
FROM
saleitems as si1
INNER JOIN
saleitems as si2
ON si1.invoiceno = si2.invoiceno
AND si1.itemno < si2.itemno
WHERE
si1.orgno = 9
AND si2.orgno = 9
GROUP BY
si1.itemno,si2.itemno
在 HttpRequest> 请求标头中,我找不到检查用户是否通过身份验证的方法,是否存在声明?
如何检查用户是否通过身份验证?
@Singleton
public class AdminHandler implements SecurityRule {
@Override
public SecurityRuleResult check(HttpRequest<?> request,@Nullable RouteMatch<?> routeMatch,@Nullable Map<String,Object> claims) {
if (routeMatch instanceof MethodBasedRouteMatch) {
MethodBasedRouteMatch methodBasedRouteMatch = (MethodBasedRouteMatch) routeMatch;
if (methodBasedRouteMatch.hasAnnotation(IAdminRequirement.class)) {
AnnotationValue<IAdminRequirement> requiredPermissionAnnotation = methodBasedRouteMatch.getAnnotation(IAdminRequirement.class);
// Get parameters from annotation on method
Optional<String> resourceIdName = requiredPermissionAnnotation.stringValue("resourceIdName");
Optional<String> permission = requiredPermissionAnnotation.stringValue("permission");
if (permission.isPresent() && resourceIdName.isPresent() && claims != null) {
// Use name of parameter to get the value passed in as an argument to the method
String resourceId = methodBasedRouteMatch.getvariableValues().get(resourceIdName.get()).toString();
// Get claim from jwt using the resource ID
Object permissionForResource = ((Map) claims.get("https://your-domain.com/claims")).get(resourceId);
if (permissionForResource != null && permissionForResource.equals(permission.get())) {
// if the permission exists and it's equal,allow access
return SecurityRuleResult.ALLOWED;
}
}
}
}
return SecurityRuleResult.UNKNowN;
}
}
解决方法
如果声明不为空,则请求通过身份验证