diff --git a/src/main/java/com/jsl/oa/aspect/CheckUserPermissionAspect.java b/src/main/java/com/jsl/oa/aspect/CheckUserPermissionAspect.java index f17128d..adfd88d 100644 --- a/src/main/java/com/jsl/oa/aspect/CheckUserPermissionAspect.java +++ b/src/main/java/com/jsl/oa/aspect/CheckUserPermissionAspect.java @@ -3,11 +3,14 @@ package com.jsl.oa.aspect; import com.google.gson.Gson; import com.google.gson.reflect.TypeToken; import com.jsl.oa.annotations.NeedPermission; +import com.jsl.oa.common.constant.BusinessConstants; import com.jsl.oa.dao.RoleDAO; import com.jsl.oa.exception.library.NotLoginException; import com.jsl.oa.exception.library.PermissionDeniedException; +import com.jsl.oa.exception.library.TokenNotFoundedException; import com.jsl.oa.model.dodata.RoleDO; import com.jsl.oa.utils.Processing; +import com.jsl.oa.utils.redis.TokenRedisUtil; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.aspectj.lang.ProceedingJoinPoint; @@ -37,6 +40,7 @@ public class CheckUserPermissionAspect { private final RoleDAO roleDAO; private final Gson gson; + private final TokenRedisUtil tokenRedisUtil; /** * 检查权限 @@ -58,6 +62,9 @@ public class CheckUserPermissionAspect { if (getUserId == null) { throw new NotLoginException("用户信息不存在"); } + if (tokenRedisUtil.getData(BusinessConstants.BUSINESS_LOGIN, getUserId.toString()) == null) { + throw new TokenNotFoundedException("用户未登录"); + } // 获取方法签名 MethodSignature signature = (MethodSignature) pjp.getSignature(); NeedPermission checkAccountPermission = signature.getMethod().getAnnotation(NeedPermission.class); diff --git a/src/main/java/com/jsl/oa/config/startup/PermissionList.java b/src/main/java/com/jsl/oa/config/startup/PermissionList.java index c671696..02ba8b5 100644 --- a/src/main/java/com/jsl/oa/config/startup/PermissionList.java +++ b/src/main/java/com/jsl/oa/config/startup/PermissionList.java @@ -19,19 +19,16 @@ public class PermissionList { public PermissionList() { - permissionList.add(new PermissionVO("auth:logout", "账户登出")); permissionList.add(new PermissionVO("auth:change_password", "修改密码")); permissionList.add(new PermissionVO("info:get_header_image", "获取头部图片")); permissionList.add(new PermissionVO("info:edit_header_image", "编辑头部图片")); permissionList.add(new PermissionVO("info:delete_header_image", "删除头部图片")); - permissionPrincipal.add(new PermissionVO("auth:logout", "账户登出")); permissionPrincipal.add(new PermissionVO("auth:change_password", "修改密码")); permissionPrincipal.add(new PermissionVO("info:get_header_image", "获取头部图片")); permissionPrincipal.add(new PermissionVO("info:edit_header_image", "编辑头部图片")); permissionPrincipal.add(new PermissionVO("info:delete_header_image", "删除头部图片")); - permissionDeveloper.add(new PermissionVO("auth:logout", "账户登出")); permissionDeveloper.add(new PermissionVO("auth:change_password", "修改密码")); permissionDeveloper.add(new PermissionVO("info:get_header_image", "获取头部图片")); permissionDeveloper.add(new PermissionVO("info:edit_header_image", "编辑头部图片")); diff --git a/src/main/java/com/jsl/oa/controllers/AuthController.java b/src/main/java/com/jsl/oa/controllers/AuthController.java index cd9d9b9..cee382d 100755 --- a/src/main/java/com/jsl/oa/controllers/AuthController.java +++ b/src/main/java/com/jsl/oa/controllers/AuthController.java @@ -147,7 +147,6 @@ public class AuthController { * @since v1.1.0 */ @GetMapping("/auth/logout") - @NeedPermission("auth:logout") public BaseResponse authLogout(HttpServletRequest request) { return authService.authLogout(request); } diff --git a/src/main/java/com/jsl/oa/exception/ProcessException.java b/src/main/java/com/jsl/oa/exception/ProcessException.java index 8fc0aee..64da780 100755 --- a/src/main/java/com/jsl/oa/exception/ProcessException.java +++ b/src/main/java/com/jsl/oa/exception/ProcessException.java @@ -1,6 +1,7 @@ package com.jsl.oa.exception; import com.jsl.oa.exception.library.PermissionDeniedException; +import com.jsl.oa.exception.library.TokenNotFoundedException; import com.jsl.oa.utils.BaseResponse; import com.jsl.oa.utils.ErrorCode; import com.jsl.oa.utils.ResultUtil; @@ -110,4 +111,10 @@ public class ProcessException { log.warn("[EXCEPTION] 无权限操作,需要权限: {}", e.getNeedPermission()); return ResultUtil.error("需要权限: " + e.getNeedPermission(), ErrorCode.PERMISSION_NOT_EXIST); } + + @ExceptionHandler(value = TokenNotFoundedException.class) + public BaseResponse businessTokenNotFoundedException(TokenNotFoundedException e) { + log.warn("[EXCEPTION] {}", e.getMessage()); + return ResultUtil.error(e.getMessage(), ErrorCode.TOKEN_NOT_EXIST); + } } diff --git a/src/main/java/com/jsl/oa/exception/library/TokenNotFoundedException.java b/src/main/java/com/jsl/oa/exception/library/TokenNotFoundedException.java new file mode 100644 index 0000000..62510be --- /dev/null +++ b/src/main/java/com/jsl/oa/exception/library/TokenNotFoundedException.java @@ -0,0 +1,7 @@ +package com.jsl.oa.exception.library; + +public class TokenNotFoundedException extends RuntimeException { + public TokenNotFoundedException(String message) { + super(message); + } +} diff --git a/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java index 0b989f2..685d9af 100755 --- a/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java @@ -213,7 +213,7 @@ public class AuthServiceImpl implements AuthService { if (tokenRedisUtil.delData(BusinessConstants.BUSINESS_LOGIN, userDO.getId().toString())) { return ResultUtil.success("登出成功"); } else { - return ResultUtil.error(ErrorCode.DATABASE_DELETE_ERROR); + return ResultUtil.error(ErrorCode.TOKEN_NOT_EXIST); } }