From b368dadc3c88a2e00fd315aead1d03671d55993a Mon Sep 17 00:00:00 2001 From: XiaoLFeng Date: Tue, 16 Apr 2024 21:59:39 +0800 Subject: [PATCH] =?UTF-8?q?fix=EF=BC=9A=E8=B0=83=E6=95=B4=E6=9D=83?= =?UTF-8?q?=E9=99=90=E9=AA=8C=E8=AF=81=E9=80=BB=E8=BE=91=EF=BC=8C=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D=E8=AE=BF=E9=97=AE=E7=A9=BA=E6=8C=87=E9=92=88=E9=97=AE?= =?UTF-8?q?=E9=A2=98=EF=BC=8C=E4=BC=98=E5=8C=96=E6=97=A5=E5=BF=97=E4=BF=A1?= =?UTF-8?q?=E6=81=AF=EF=BC=8C=E8=B0=83=E6=95=B4=E5=AE=A1=E6=A0=B8=E6=9F=A5?= =?UTF-8?q?=E8=AF=A2=E6=8E=A5=E5=8F=A3=E5=AD=97=E6=AE=B5=E5=90=8D=E7=A7=B0?= =?UTF-8?q?=EF=BC=8C=E4=BF=AE=E6=AD=A3=E6=9F=A5=E8=AF=A2=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=E5=88=86=E9=A1=B5=E9=97=AE=E9=A2=98=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/jsl/oa/config/filter/JwtFilter.java | 2 +- .../com/jsl/oa/services/impl/InfoServiceImpl.java | 4 ++-- .../jsl/oa/services/impl/ModuleServiceImpl.java | 2 +- .../jsl/oa/services/impl/ProjectServiceImpl.java | 6 +++--- .../com/jsl/oa/services/impl/RoleServiceImpl.java | 14 +++++++------- .../com/jsl/oa/services/impl/UserServiceImpl.java | 10 ++++------ src/main/java/com/jsl/oa/utils/JwtUtil.java | 4 ++-- src/main/java/com/jsl/oa/utils/Processing.java | 8 ++++---- 8 files changed, 24 insertions(+), 26 deletions(-) diff --git a/src/main/java/com/jsl/oa/config/filter/JwtFilter.java b/src/main/java/com/jsl/oa/config/filter/JwtFilter.java index 8e48ce3..1d5c70e 100755 --- a/src/main/java/com/jsl/oa/config/filter/JwtFilter.java +++ b/src/main/java/com/jsl/oa/config/filter/JwtFilter.java @@ -46,7 +46,7 @@ public class JwtFilter extends BasicHttpAuthenticationFilter { } else { // 解析Bearer后面的令牌 token = token.replace("Bearer ", ""); - log.info("请求令牌:" + token); + log.info("[FILTER] 请求令牌:" + token); return JwtUtil.verify(token); } } diff --git a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java index 31ec4be..0abcde9 100644 --- a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java @@ -127,7 +127,7 @@ public class InfoServiceImpl implements InfoService { @NeedRoleGroup("info.image.del") public BaseResponse delHeaderImage(HttpServletRequest request, Integer id) { // 用户权限校验 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取轮播图信息 @@ -149,7 +149,7 @@ public class InfoServiceImpl implements InfoService { @NeedRoleGroup("info.image.setting.edit") public BaseResponse editSettingHeaderImage(HttpServletRequest request, Boolean showType) { // 用户权限校验 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取轮播图信息 diff --git a/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java index 6dba1bf..7ac2e7a 100644 --- a/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java @@ -82,7 +82,7 @@ public class ModuleServiceImpl implements ModuleService { @Override public BaseResponse deleteById(HttpServletRequest request, Long id) { // 检测是否为管理员 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_PERMISSION); } diff --git a/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java index d6b65d1..1dad3a6 100644 --- a/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java @@ -85,7 +85,7 @@ public class ProjectServiceImpl implements ProjectService { //是否是增加子系统 if (projectWorkVO.getType() == 0) { //是否是老师 - if (Processing.checkUserIsTeacher(request, roleDAO)) { + if (Processing.checkUserIsPrincipal(request, roleDAO)) { projectDAO.projectWorkAdd(projectWorkVO); } else { return ResultUtil.error(ErrorCode.NOT_PERMISSION); @@ -201,7 +201,7 @@ public class ProjectServiceImpl implements ProjectService { //判断用户是否为老师 或者 项目负责人 - if (!Processing.checkUserIsTeacher(request, roleDAO) + if (!Processing.checkUserIsPrincipal(request, roleDAO) || !projectDAO.isPrincipalUser(Processing.getAuthHeaderToUserId(request), projectId)) { return ResultUtil.error(ErrorCode.NOT_PERMISSION); } @@ -345,7 +345,7 @@ public class ProjectServiceImpl implements ProjectService { public BaseResponse projectDelete(HttpServletRequest request, List id) { //判断用户是否为老师 或者 项目负责人 - if (!Processing.checkUserIsTeacher(request, roleDAO)) { + if (!Processing.checkUserIsPrincipal(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_PERMISSION); } diff --git a/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java index 8eb9af4..821faf1 100644 --- a/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java @@ -44,7 +44,7 @@ public class RoleServiceImpl implements RoleService { @Override @NeedRoleGroup("role.add") public BaseResponse roleAddUser(HttpServletRequest request, Long uid, Long rid) { - if (Processing.checkUserIsAdmin(request, roleDAO)) { + if (Processing.checkUserIsConsole(request, roleDAO)) { roleDAO.addRoleUser(uid, rid); return ResultUtil.success(); } else { @@ -55,7 +55,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleRemoveUser(HttpServletRequest request, Long uid) { - if (Processing.checkUserIsAdmin(request, roleDAO)) { + if (Processing.checkUserIsConsole(request, roleDAO)) { roleDAO.delRoleUser(uid); return ResultUtil.success(); } else { @@ -74,7 +74,7 @@ public class RoleServiceImpl implements RoleService { return ResultUtil.error(ErrorCode.USER_NOT_CHANGE_TO_THEMSELVES); } //检测用户权限是否为管理员 - if (Processing.checkUserIsAdmin(request, roleDAO)) { + if (Processing.checkUserIsConsole(request, roleDAO)) { if (roleDAO.roleChangeUser(uid, rid)) { return ResultUtil.success(); } else { @@ -88,7 +88,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleGet(HttpServletRequest request, String id) { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取 Role 权限组 @@ -114,7 +114,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleEdit(HttpServletRequest request, RoleEditVO roleEditVO) { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取 Role 相关信息 @@ -137,7 +137,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleDelete(HttpServletRequest request, Long id) { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取 Role 相关信息 @@ -158,7 +158,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse addRole(HttpServletRequest request, RoleAddVo roleAddVO) throws ClassCopyException { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 检查权限名称是否重复 diff --git a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java index 8fb39c9..08364c3 100755 --- a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java @@ -1,6 +1,5 @@ package com.jsl.oa.services.impl; -import com.jsl.oa.annotations.NeedRoleGroup; import com.jsl.oa.annotations.UserAbleToUse; import com.jsl.oa.dao.PermissionDAO; import com.jsl.oa.dao.RoleDAO; @@ -54,7 +53,7 @@ public class UserServiceImpl implements UserService { public BaseResponse userDelete(HttpServletRequest request, Long id) { //判断用户是否存在 if (userDAO.isExistUser(id)) { - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 用户是否已删除 @@ -71,7 +70,7 @@ public class UserServiceImpl implements UserService { @Override public BaseResponse userLock(HttpServletRequest request, Long id, Long isLock) { - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } //判断用户是否存在 @@ -94,7 +93,6 @@ public class UserServiceImpl implements UserService { } @Override - @NeedRoleGroup("user.current.all") public BaseResponse userCurrentAll(HttpServletRequest request, @NotNull UserAllCurrentVO userAllCurrentVO) { // 检查数据 if (userAllCurrentVO.getPage() == null || userAllCurrentVO.getPage() < 1) { @@ -189,7 +187,7 @@ public class UserServiceImpl implements UserService { @Override public BaseResponse userAdd(UserAddVO userAddVo, HttpServletRequest request) { // 检测用户是否为管理员 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } //如果用户不重复,添加用户 @@ -226,7 +224,7 @@ public class UserServiceImpl implements UserService { @Override public BaseResponse userEdit(UserEditVO userEditVO, HttpServletRequest request) { // 检测用户是否为管理员 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } //根据id获取用户信息 diff --git a/src/main/java/com/jsl/oa/utils/JwtUtil.java b/src/main/java/com/jsl/oa/utils/JwtUtil.java index 9858c9f..557bccb 100755 --- a/src/main/java/com/jsl/oa/utils/JwtUtil.java +++ b/src/main/java/com/jsl/oa/utils/JwtUtil.java @@ -54,10 +54,10 @@ public class JwtUtil { try { Long getTokenInUserId = getUserId(token); // 验证用户名是否匹配 - log.info("令牌用户主键:" + getTokenInUserId.toString()); + log.info("[FILTER] 令牌用户主键:{}", getTokenInUserId.toString()); return Pattern.matches("^[0-9]+$", getTokenInUserId.toString()); } catch (Exception e) { - log.info("令牌错误或失效"); + log.info("[FILTER] 令牌错误或失效"); return false; } } diff --git a/src/main/java/com/jsl/oa/utils/Processing.java b/src/main/java/com/jsl/oa/utils/Processing.java index 2c12f37..28261da 100755 --- a/src/main/java/com/jsl/oa/utils/Processing.java +++ b/src/main/java/com/jsl/oa/utils/Processing.java @@ -167,10 +167,10 @@ public class Processing { * @param request 请求 * @return 如果为 true 是管理员,false 不是管理员 */ - public static @NotNull Boolean checkUserIsAdmin(HttpServletRequest request, @NotNull RoleDAO roleDAO) { + public static @NotNull Boolean checkUserIsConsole(HttpServletRequest request, @NotNull RoleDAO roleDAO) { RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(Processing.getAuthHeaderToUserId(request)); if (roleUserDO != null) { - RoleDO roleDO = roleDAO.getRoleByRoleName("admin"); + RoleDO roleDO = roleDAO.getRoleByRoleName("console"); return roleUserDO.getRid().equals(roleDO.getId()); } else { return false; @@ -183,10 +183,10 @@ public class Processing { * @param request 请求 * @return 如果为 true 是老师,false 不是老师 */ - public static @NotNull Boolean checkUserIsTeacher(HttpServletRequest request, @NotNull RoleDAO roleDAO) { + public static @NotNull Boolean checkUserIsPrincipal(HttpServletRequest request, @NotNull RoleDAO roleDAO) { RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(Processing.getAuthHeaderToUserId(request)); if (roleUserDO != null) { - RoleDO roleDO = roleDAO.getRoleByRoleName("teacher"); + RoleDO roleDO = roleDAO.getRoleByRoleName("principal"); return roleUserDO.getRid().equals(roleDO.getId()); } else { return false;