权限校验失败如果请求为ajax返回json，普通请求跳转页面

2019-03-14 19:41:26 +08:00 · 2019-03-14 19:41:26 +08:00 · 9bf809061e
parent 47f5d7a7b7
commit 9bf809061e
2 changed files with 17 additions and 5 deletions
--- a/ruoyi-admin/src/main/resources/templates/error/unauth.html
+++ b/ruoyi-admin/src/main/resources/templates/error/unauth.html
@ -14,8 +14,8 @@
        <h3 class="font-bold">您没有访问权限！</h3>

        <div class="error-desc">
-                                对不起，您正在寻找的页面已经找到。尝试检查URL的错误，然后按浏览器上的刷新按钮或尝试在我们的应用程序中找到其他内容。
-            <a href="javascript:top.document.location.href='/'" class="btn btn-primary m-t">主页</a>
+                                对不起，您没有访问权限，请不要进行非法操作！您可以返回主页面
+            <a href="javascript:top.document.location.href='/'" class="btn btn-outline btn-primary btn-xs">返回主页</a>
        </div>
    </div>
    <script src="/js/jquery.min.js?v=2.1.4"></script>
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java
@ -1,14 +1,17 @@
 package com.ruoyi.framework.web.exception;

+import javax.servlet.http.HttpServletRequest;
 import org.apache.shiro.authz.AuthorizationException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.HttpRequestMethodNotSupportedException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.servlet.ModelAndView;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.exception.BusinessException;
 import com.ruoyi.common.exception.DemoModeException;
+import com.ruoyi.common.utils.ServletUtils;
 import com.ruoyi.framework.util.PermissionUtils;

 /**
@ -22,13 +25,22 @@ public class GlobalExceptionHandler
    private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);

    /**
-     * 权限校验失败
+     * 权限校验失败 如果请求为ajax返回json，普通请求跳转页面
     */
    @ExceptionHandler(AuthorizationException.class)
-    public AjaxResult handleAuthorizationException(AuthorizationException e)
+    public Object handleAuthorizationException(HttpServletRequest request, AuthorizationException e)
    {
        log.error(e.getMessage(), e);
-        return AjaxResult.error(PermissionUtils.getMsg(e.getMessage()));
+        if (ServletUtils.isAjaxRequest(request))
+        {
+            return AjaxResult.error(PermissionUtils.getMsg(e.getMessage()));
+        }
+        else
+        {
+            ModelAndView modelAndView = new ModelAndView();
+            modelAndView.setViewName("/error/unauth");
+            return modelAndView;
+        }
    }

    /**