diff --git a/src/main/java/com/jsl/oa/annotations/CheckUserAbleToUse.java b/src/main/java/com/jsl/oa/annotations/CheckUserAbleToUse.java
deleted file mode 100644
index 508fc24..0000000
--- a/src/main/java/com/jsl/oa/annotations/CheckUserAbleToUse.java
+++ /dev/null
@@ -1,60 +0,0 @@
-package com.jsl.oa.annotations;
-
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-/**
- * 检查用户是否可用
- *
- * 用于检查用户是否可用
- *
- * @version v1.1.0
- * @since v1.1.0
- * @see com.jsl.oa.aspect.AnnotationsAspect
- * @author xiao_lfeng
- */
-@Target(ElementType.METHOD)
-@Retention(RetentionPolicy.RUNTIME)
-public @interface CheckUserAbleToUse {
- /**
- * 是否启用
- *
- * 用于指定是否启用
- * 请注意,禁用后任何用户权限校验不校验用户是否启用
- *
- * @return {@link Boolean}
- */
- boolean isCheckEnable() default true;
-
- /**
- * 是否删除
- *
- * 用于指定是否删除
- * 请注意,禁用后任何用户权限校验不校验用户是否删除
- *
- * @return {@link Boolean}
- */
- boolean isCheckDelete() default true;
-
- /**
- * 是否锁定
- *
- * 用于指定是否锁定
- * 请注意,禁用后任何用户权限校验不校验用户是否锁定
- *
- * @return {@link Boolean}
- */
- boolean isCheckLock() default true;
-
- /**
- * 是否过期
- *
- * 用于指定是否过期
- * 请注意,禁用后任何用户权限校验不校验用户是否过期
- *
- * @return {@link Boolean}
- */
- boolean isCheckExpire() default true;
-}
diff --git a/src/main/java/com/jsl/oa/annotations/CheckUserHasPermission.java b/src/main/java/com/jsl/oa/annotations/NeedRoleGroup.java
similarity index 57%
rename from src/main/java/com/jsl/oa/annotations/CheckUserHasPermission.java
rename to src/main/java/com/jsl/oa/annotations/NeedRoleGroup.java
index 824f40e..2f4c7c2 100644
--- a/src/main/java/com/jsl/oa/annotations/CheckUserHasPermission.java
+++ b/src/main/java/com/jsl/oa/annotations/NeedRoleGroup.java
@@ -14,7 +14,7 @@ import java.lang.annotation.*;
@Documented
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
-public @interface CheckUserHasPermission {
+public @interface NeedRoleGroup {
/**
* 权限名称
*
@@ -23,14 +23,4 @@ public @interface CheckUserHasPermission {
* @return {@link String}
*/
String value() default "";
-
- /**
- * 是否检查
- *
- * 用于指定是否检查
- * 请注意,该方法只会禁止检查权限,但是不会禁止检查用户是否允许继续执行
- * @since v1.1.0
- * @return {@link Boolean}
- */
- boolean isCheck() default true;
}
diff --git a/src/main/java/com/jsl/oa/annotations/UserAbleToUse.java b/src/main/java/com/jsl/oa/annotations/UserAbleToUse.java
new file mode 100644
index 0000000..1e7a847
--- /dev/null
+++ b/src/main/java/com/jsl/oa/annotations/UserAbleToUse.java
@@ -0,0 +1,19 @@
+package com.jsl.oa.annotations;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 检查用户是否可用
+ *
+ * 用于检查用户是否可用
+ *
+ * @version v1.1.0
+ * @since v1.1.0
+ * @author xiao_lfeng
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface UserAbleToUse { }
diff --git a/src/main/java/com/jsl/oa/aspect/AnnotationsAspect.java b/src/main/java/com/jsl/oa/aspect/AnnotationsAspect.java
deleted file mode 100644
index 6578f3c..0000000
--- a/src/main/java/com/jsl/oa/aspect/AnnotationsAspect.java
+++ /dev/null
@@ -1,206 +0,0 @@
-package com.jsl.oa.aspect;
-
-import com.jsl.oa.annotations.CheckUserAbleToUse;
-import com.jsl.oa.annotations.CheckUserHasPermission;
-import com.jsl.oa.dao.PermissionDAO;
-import com.jsl.oa.dao.RoleDAO;
-import com.jsl.oa.mapper.UserMapper;
-import com.jsl.oa.model.dodata.RoleDO;
-import com.jsl.oa.model.dodata.RoleUserDO;
-import com.jsl.oa.model.dodata.UserDO;
-import com.jsl.oa.utils.BaseResponse;
-import com.jsl.oa.utils.ErrorCode;
-import com.jsl.oa.utils.Processing;
-import com.jsl.oa.utils.ResultUtil;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
-import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.reflect.MethodSignature;
-import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
-import org.springframework.stereotype.Component;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import javax.servlet.http.HttpServletRequest;
-import java.lang.reflect.Method;
-import java.util.List;
-import java.util.Objects;
-
-/**
- * 注解切面
- *
- * 用于注解的切面
- *
- * @author xiao_lfeng
- * @version v1.1.0
- * @since v1.1.0
- */
-@Slf4j
-@Aspect
-@Component
-@RequiredArgsConstructor
-public class AnnotationsAspect {
- private final UserMapper userMapper;
- private final RoleDAO roleDAO;
- private final PermissionDAO permissionDAO;
-
- /**
- * 检查用户是否有权限
- *
- * 检查用户是否有权限
- *
- * @param pjp ProceedingJoinPoint对象
- * @return {@link Object}
- * @throws Throwable 异常
- */
- @Around("@annotation(com.jsl.oa.annotations.CheckUserHasPermission)")
- public Object checkUserHasPermission(@NotNull ProceedingJoinPoint pjp) throws Throwable {
- log.info("用户权限检查");
- // 获取 HttpServletRequest 对象
- HttpServletRequest request =
- ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes()))
- .getRequest();
-
- // 获取注解方法
- CheckUserHasPermission checkUserHasPermission = getCheckUserHasPermission(pjp);
- // 获取注解值
- String permissionName = null;
- boolean permissionCheck = true;
- if (checkUserHasPermission != null) {
- permissionName = checkUserHasPermission.value();
- permissionCheck = checkUserHasPermission.isCheck();
- }
-
- // 获取用户信息
- Long userId = Processing.getAuthHeaderToUserId(request);
- if (userId != null) {
- // 检查用户是否允许继续执行
- BaseResponse checkUserAbleToNext = checkUserAbleToNext(userId, userMapper);
- if (checkUserAbleToNext != null) {
- return checkUserAbleToNext;
- } else {
- if (permissionCheck) {
- // 检查用户权限
- List getPermission = permissionDAO.getPermission(userId);
- // 匹配权限
- if (getPermission.contains(permissionName)) {
- return pjp.proceed();
- } else {
- log.info("\t> 用户权限不足,检查是否是管理员");
- // 检查用户是管理员
- RoleUserDO roleUserDO = roleDAO
- .getRoleUserByUid(Processing.getAuthHeaderToUserId(request));
- if (roleUserDO == null) {
- return ResultUtil.error(ErrorCode.NOT_ADMIN);
- }
- RoleDO roleDO = roleDAO.getRoleByRoleName("admin");
- if (roleUserDO.getRid().equals(roleDO.getId())) {
- return pjp.proceed();
- } else {
- return ResultUtil.error(ErrorCode.NOT_PERMISSION);
- }
- }
- } else {
- return pjp.proceed();
- }
- }
- } else {
- return ResultUtil.error(ErrorCode.TOKEN_NOT_EXIST);
- }
- }
-
- @Around("@annotation(com.jsl.oa.annotations.CheckUserAbleToUse)")
- public Object checkUserAbleToUse(ProceedingJoinPoint pjp) throws Throwable {
- log.info("检查用户是否有权限继续");
- // 获取 HttpServletRequest 对象
- HttpServletRequest request =
- ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes()))
- .getRequest();
-
- // 获取注解方法
- CheckUserAbleToUse check = getCheckUserAbleToUse(pjp);
- // 获取注解值
- assert check != null;
-
- // 获取用户信息
- Long userId = Processing.getAuthHeaderToUserId(request);
- UserDO userDO = userMapper.getUserById(userId);
- // 用户不存在
- if (userDO == null) {
- return ResultUtil.error(ErrorCode.USER_NOT_EXIST);
- }
- if (check.isCheckEnable()) {
- // 用户是否被禁用
- if (!userDO.getEnabled()) {
- return ResultUtil.error(ErrorCode.USER_DISABLED);
- }
- }
- if (check.isCheckLock()) {
- // 用户是否被封禁
- if (!userDO.getAccountNoLocked()) {
- return ResultUtil.error(ErrorCode.USER_LOCKED);
- }
- }
- if (check.isCheckDelete()) {
- // 用户是否被删除
- if (userDO.getIsDelete()) {
- return ResultUtil.error(ErrorCode.USER_ALREADY_DELETE);
- }
- }
- if (check.isCheckExpire()) {
- // 用户是否过期
- if (!userDO.getAccountNoExpired()) {
- return ResultUtil.error(ErrorCode.USER_EXPIRED);
- }
- }
- return pjp.proceed();
- }
-
- private @Nullable CheckUserHasPermission getCheckUserHasPermission(@NotNull ProceedingJoinPoint joinPoint) {
- // 获取方法对象
- MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
- Method method = methodSignature.getMethod();
-
- // 获取方法上的注解
- return (method != null) ? method.getAnnotation(CheckUserHasPermission.class) : null;
- }
-
- private @Nullable CheckUserAbleToUse getCheckUserAbleToUse(@NotNull ProceedingJoinPoint joinPoint) {
- // 获取方法对象
- MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
- Method method = methodSignature.getMethod();
-
- // 获取方法上的注解
- return (method != null) ? method.getAnnotation(CheckUserAbleToUse.class) : null;
- }
-
- private @Nullable BaseResponse checkUserAbleToNext(Long userId, @NotNull UserMapper userMapper) {
- log.info("\t> 检查用户是否有权限继续");
- // 获取用户信息
- UserDO userDO = userMapper.getUserById(userId);
- // 用户不存在
- if (userDO == null) {
- return ResultUtil.error(ErrorCode.USER_NOT_EXIST);
- }
- // 用户是否被禁用
- if (!userDO.getEnabled()) {
- return ResultUtil.error(ErrorCode.USER_DISABLED);
- }
- // 用户是否被封禁
- if (!userDO.getAccountNoLocked()) {
- return ResultUtil.error(ErrorCode.USER_LOCKED);
- }
- // 用户是否被删除
- if (userDO.getIsDelete()) {
- return ResultUtil.error(ErrorCode.USER_ALREADY_DELETE);
- }
- // 用户是否过期
- if (!userDO.getAccountNoExpired()) {
- return ResultUtil.error(ErrorCode.USER_EXPIRED);
- }
- return null;
- }
-}
diff --git a/src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java b/src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java
deleted file mode 100755
index c1d9fac..0000000
--- a/src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java
+++ /dev/null
@@ -1,131 +0,0 @@
-package com.jsl.oa.aspect;
-
-import com.jsl.oa.common.constant.BusinessConstants;
-import com.jsl.oa.utils.ErrorCode;
-import com.jsl.oa.utils.ResultUtil;
-import com.jsl.oa.utils.redis.TokenRedisUtil;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
-import org.aspectj.lang.annotation.Aspect;
-import org.jetbrains.annotations.NotNull;
-import org.springframework.stereotype.Component;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.Objects;
-
-/**
- * 用户控制器切面
- *
- * 用于用户控制器的切面
- *
- * @author xiao_lfeng
- * @version v1.1.0
- * @since v1.0.0
- */
-@Slf4j
-@Aspect
-@Component
-@RequiredArgsConstructor
-public class AuthControllerAspect {
- private final TokenRedisUtil tokenRedisUtil;
-
- /**
- * 用户控制器切面
- *
- * 用于用户控制器的切面
- *
- * @param pjp ProceedingJoinPoint对象
- * @return {@link Object}
- * @throws Throwable 异常
- * @since v1.0.0
- */
- @Around("execution(* com.jsl.oa.controllers.*.*(..)) && !execution(* com.jsl.oa.controllers.IndexController.*(..))")
- public Object controllerAround(ProceedingJoinPoint pjp) throws Throwable {
- // 获取HttpServletRequest对象
- HttpServletRequest request =
- ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes()))
- .getRequest();
-
- // 时间戳检查
- if (checkTimestamp(request)) {
- // TODO: 2023/12/21 0001 后期固定业务(如:日志处理)
- return pjp.proceed();
- } else {
- return ResultUtil.error(ErrorCode.TIMESTAMP_ERROR);
- }
- }
-
- /**
- * Token检查切面
- *
- * 用于检查Token是否有效
- *
- * @param pjp ProceedingJoinPoint对象
- * @return {@link Object}
- * @throws Throwable 异常
- */
- @Around("execution(* com.jsl.oa.controllers.*.*(..)) "
- + "&& !execution(* com.jsl.oa.controllers.AuthController.authSendEmailCode(..))"
- + "&& !execution(* com.jsl.oa.controllers.AuthController.authLoginByEmail(..))"
- + "&& !execution(* com.jsl.oa.controllers.AuthController.authForgetPassword(..))"
- + "&& !execution(* com.jsl.oa.controllers.AuthController.authLogin(..))"
- + "&& !execution(* com.jsl.oa.controllers.AuthController.authRegister(..)) "
- + "&& !execution(* com.jsl.oa.controllers.IndexController.*(..)) "
- + "&& !execution(* com.jsl.oa.controllers.CustomController.*(..)) "
- + "&& !execution(* com.jsl.oa.controllers.InfoController.infoGetHeaderImage(..)) "
- + "&& !execution(* com.jsl.oa.controllers.InfoController.infoGetHeaderUser(..))"
- + "&& !execution(* com.jsl.oa.controllers.ProjectController.*(..))"
- + "&& !execution(* com.jsl.oa.controllers.TagController.*(..))")
- public Object tokenControllerAround(ProceedingJoinPoint pjp) throws Throwable {
- // 获取 HttpServletRequest 对象
- HttpServletRequest request =
- ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes()))
- .getRequest();
-
- // 检查 Token 是否有效
- String token = request.getHeader("Authorization");
- if (token != null && !token.isEmpty()) {
- // 获取 Redis 检查 Token 是否存在
- String finalToken = token.replace("Bearer ", "");
- for (String it : tokenRedisUtil.getList(BusinessConstants.BUSINESS_LOGIN)) {
- if (it.equals(finalToken)) {
- return pjp.proceed();
- }
- }
- }
- return ResultUtil.error(ErrorCode.TOKEN_NOT_EXIST);
- }
-
- /**
- * 时间戳检查
- *
- * 用于检查时间戳是否合法,合法时间范围正负5秒
- *
- * @param request HttpServletRequest对象
- * @return {@link Boolean}
- * @since v1.0.0
- */
- private @NotNull Boolean checkTimestamp(@NotNull HttpServletRequest request) {
- // 获取请求头中的时间戳
- String getTimestamp = request.getHeader("Timestamp");
- log.info("\t> 获取到的时间戳为 {} | 当前时间戳 {}", getTimestamp, System.currentTimeMillis());
- // 判断是否为空
- if (getTimestamp == null || getTimestamp.isEmpty()) {
- return false;
- } else {
- if (getTimestamp.length() == 10) {
- getTimestamp += "000";
- }
- }
- // 获取当前时间戳
- long nowTimestamp = System.currentTimeMillis();
-
- // 时间误差允许前后五秒钟
- return nowTimestamp - Long.parseLong(getTimestamp) <= 10000
- && nowTimestamp - Long.parseLong(getTimestamp) >= -10000;
- }
-}
diff --git a/src/main/java/com/jsl/oa/aspect/BusinessAop.java b/src/main/java/com/jsl/oa/aspect/BusinessAop.java
new file mode 100644
index 0000000..3772f4e
--- /dev/null
+++ b/src/main/java/com/jsl/oa/aspect/BusinessAop.java
@@ -0,0 +1,85 @@
+package com.jsl.oa.aspect;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.jetbrains.annotations.NotNull;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+
+/**
+ * 业务切面
+ *
+ * 对业务进行切入,进行对内容操作的预处理
+ *
+ * @since v1.2.0
+ * @version v1.2.0
+ * @author xiao_lfeng
+ */
+@Slf4j
+@Aspect
+@Component
+@RequiredArgsConstructor
+public class BusinessAop {
+
+ /**
+ * 在控制器的所有方法执行前执行
+ *
+ * @param joinPoint 切入点提供对方法执行的信息
+ */
+ @Before("execution(* com.jsl.oa.controllers.*.*(..))")
+ public void beforeController(@NotNull JoinPoint joinPoint) {
+ // 从ServletRequest中获取用户信息
+ ServletRequestAttributes servletRequestAttributes =
+ (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+
+ if (servletRequestAttributes != null) {
+ HttpServletRequest request = servletRequestAttributes.getRequest();
+ // 获取方法签名
+ MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
+ String methodName = methodSignature.getName();
+
+ log.info("[CONTROL] 执行 {} 接口 | 地址: [{}]{}", methodName, request.getMethod(), request.getServletPath());
+ } else {
+ throw new RuntimeException("无法获取信息");
+ }
+ }
+
+ /**
+ * 在服务的所有方法执行前执行
+ *
+ * @param joinPoint 切入点提供对方法执行的信息
+ */
+ @Before("execution(* com.jsl.oa.services.impl.*.*(..))")
+ public void beforeService(@NotNull JoinPoint joinPoint) {
+ // 获取方法签名
+ MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
+ String methodName = methodSignature.getName();
+
+ log.info("[SERVICE] 执行 {} 业务", methodName);
+ }
+
+ /**
+ * 在DAO的所有方法执行前执行
+ *
+ * @param joinPoint 切入点提供对方法执行的信息
+ */
+ @Before("execution(* com.jsl.oa.dao.*.*(..))")
+ public void beforeDao(@NotNull JoinPoint joinPoint) {
+ // 获取方法签名
+ MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
+ String methodName = methodSignature.getName();
+ Object[] args = joinPoint.getArgs();
+ log.info("[DAO] 操作 {} 记录", methodName);
+ if (args.length != 0) {
+ log.debug("\t> 传入信息:{}", Arrays.toString(args));
+ }
+ }
+}
diff --git a/src/main/java/com/jsl/oa/aspect/CheckUserAbleToUseAspect.java b/src/main/java/com/jsl/oa/aspect/CheckUserAbleToUseAspect.java
new file mode 100644
index 0000000..08e4989
--- /dev/null
+++ b/src/main/java/com/jsl/oa/aspect/CheckUserAbleToUseAspect.java
@@ -0,0 +1,75 @@
+package com.jsl.oa.aspect;
+
+import com.jsl.oa.dao.UserDAO;
+import com.jsl.oa.exception.library.NotLoginException;
+import com.jsl.oa.exception.library.UserCanntUse;
+import com.jsl.oa.model.dodata.UserDO;
+import com.jsl.oa.utils.Processing;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+/**
+ * 检查用户权限切面
+ *
+ * 检查用户能否正常使用,在用户使用之前进行可用性检查
+ *
+ * @since v1.2.0
+ * @version v1.2.0
+ * @author xiao_lfeng
+ */
+@Slf4j
+@Aspect
+@Component
+@RequiredArgsConstructor
+public class CheckUserAbleToUseAspect {
+
+ private final UserDAO userDAO;
+
+ @Around("@annotation(com.jsl.oa.annotations.NeedRoleGroup)")
+ public Object checkUse(ProceedingJoinPoint pjp) throws Throwable {
+ // 从ServletRequest中获取用户信息
+ ServletRequestAttributes servletRequestAttributes =
+ (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+
+ if (servletRequestAttributes != null) {
+ // 获取用户
+ Long getUserId = Processing.getAuthHeaderToUserId(servletRequestAttributes.getRequest());
+ if (getUserId == null) {
+ throw new NotLoginException("用户信息不存在");
+ }
+
+ // 获取用户详细信息
+ UserDO getUser = userDAO.getUserById(getUserId);
+ if (getUser != null) {
+ // 用户是否被禁用
+ if (!getUser.getEnabled()) {
+ throw new UserCanntUse("用户未启用");
+ }
+ // 用户是否被封禁
+ if (!getUser.getAccountNoLocked()) {
+ throw new UserCanntUse("用户被封禁");
+ }
+ // 用户是否被删除
+ if (getUser.getIsDelete()) {
+ throw new UserCanntUse("用户被删除");
+ }
+ // 用户是否过期
+ if (!getUser.getAccountNoExpired()) {
+ throw new UserCanntUse("用户已过期");
+ }
+
+ return pjp.proceed();
+ } else {
+ throw new NotLoginException("用户信息不存在");
+ }
+ } else {
+ throw new RuntimeException("无法获取信息");
+ }
+ }
+}
diff --git a/src/main/java/com/jsl/oa/aspect/CheckUserPermissionAspect.java b/src/main/java/com/jsl/oa/aspect/CheckUserPermissionAspect.java
new file mode 100644
index 0000000..c0daa7b
--- /dev/null
+++ b/src/main/java/com/jsl/oa/aspect/CheckUserPermissionAspect.java
@@ -0,0 +1,76 @@
+package com.jsl.oa.aspect;
+
+import com.jsl.oa.annotations.NeedRoleGroup;
+import com.jsl.oa.dao.RoleDAO;
+import com.jsl.oa.exception.library.NotLoginException;
+import com.jsl.oa.exception.library.PermissionDeniedException;
+import com.jsl.oa.model.dodata.RoleDO;
+import com.jsl.oa.utils.Processing;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+/**
+ * 检查用户权限切面
+ *
+ * 检查访问的用户是否包含正确的访问权限,若用户有正确的访问权限则允许访问,若没有指定的权限将会返回错误的权限信息。
+ *
+ * @since v1.2.0
+ * @version v1.2.0
+ * @author xiao_lfeng
+ */
+@Slf4j
+@Aspect
+@Component
+@RequiredArgsConstructor
+public class CheckUserPermissionAspect {
+
+ private final RoleDAO roleDAO;
+
+ /**
+ * 检查权限
+ *
+ * 检查注解中填写的权限,只有当接口符合注解中的权限信息,才会实际进入业务,否则将会被拦截
+ *
+ * @param pjp {@link ProceedingJoinPoint}
+ * @return {@link Object}
+ */
+ @Around("@annotation(com.jsl.oa.annotations.NeedRoleGroup)")
+ public Object checkPermission(ProceedingJoinPoint pjp) throws Throwable {
+ // 从ServletRequest中获取用户信息
+ ServletRequestAttributes servletRequestAttributes =
+ (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+
+ if (servletRequestAttributes != null) {
+ // 获取用户
+ Long getUserId = Processing.getAuthHeaderToUserId(servletRequestAttributes.getRequest());
+ if (getUserId == null) {
+ throw new NotLoginException("用户信息不存在");
+ }
+ // 获取方法签名
+ MethodSignature signature = (MethodSignature) pjp.getSignature();
+ NeedRoleGroup checkAccountPermission = signature.getMethod().getAnnotation(NeedRoleGroup.class);
+ String getRoleAtAnnotation = checkAccountPermission.value();
+
+ // 获取用户所在权限组
+ RoleDO getUserRole = roleDAO.getRoleNameByUid(getUserId);
+ if (getUserRole != null) {
+ if (getUserRole.getRoleName().equals(getRoleAtAnnotation)) {
+ return pjp.proceed();
+ } else {
+ throw new PermissionDeniedException("用户组不匹配", getRoleAtAnnotation);
+ }
+ } else {
+ throw new PermissionDeniedException("用户组不匹配", getRoleAtAnnotation);
+ }
+ } else {
+ throw new RuntimeException("无法获取信息");
+ }
+ }
+}
diff --git a/src/main/java/com/jsl/oa/config/filter/TimestampFilter.java b/src/main/java/com/jsl/oa/config/filter/TimestampFilter.java
new file mode 100644
index 0000000..4bcb93e
--- /dev/null
+++ b/src/main/java/com/jsl/oa/config/filter/TimestampFilter.java
@@ -0,0 +1,65 @@
+package com.jsl.oa.config.filter;
+
+import com.google.gson.Gson;
+import com.jsl.oa.utils.ErrorCode;
+import com.jsl.oa.utils.ResultUtil;
+import lombok.extern.slf4j.Slf4j;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * 时间戳过滤器
+ *
+ * 对前端发送的时间戳进行检查,当检查通过后将会进入通过过滤器,若检查不通过将会被当前拦截器拦截并返回 {@link ErrorCode} 内的 TIMESTAMP_ERROR
+ * 信息。另外,该过滤器仅对 OPTION 请求不进行时间戳检查,其他请求都将会检查处理。
+ *
+ * @since v1.2.0
+ * @version v1.2.0
+ * @author xiao_lfeng
+ */
+@Slf4j
+public class TimestampFilter implements Filter {
+ private final Gson gson = new Gson();
+
+ @Override
+ public void doFilter(
+ ServletRequest request,
+ ServletResponse response,
+ FilterChain chain
+ ) throws IOException, ServletException {
+ HttpServletRequest req = (HttpServletRequest) request;
+ HttpServletResponse res = (HttpServletResponse) response;
+
+ res.setContentType("application/json;charset=UTF-8");
+ // 获取当前时间戳
+ long nowTimestamp = System.currentTimeMillis();
+ if (!req.getMethod().equals("OPTIONS")) {
+ String getTimestamp = req.getHeader("Timestamp");
+ log.info("[FILTER] 获取到的时间戳为 {} | 当前时间戳 {}", getTimestamp, nowTimestamp);
+ if (getTimestamp == null || getTimestamp.isEmpty()) {
+ res.setStatus(200);
+ res.getWriter().write(gson.toJson(ResultUtil.error(ErrorCode.TIMESTAMP_ERROR)));
+ } else {
+ // 秒与毫秒转换
+ if (getTimestamp.length() == 10) {
+ getTimestamp += "000";
+ }
+ // 时间误差允许前后五秒钟
+ if (nowTimestamp - Long.parseLong(getTimestamp) <= 10000
+ && nowTimestamp - Long.parseLong(getTimestamp) >= -10000) {
+ chain.doFilter(req, res);
+ } else {
+ res.setStatus(200);
+ res.getWriter().write(gson.toJson(ResultUtil.error(ErrorCode.TIMESTAMP_ERROR)));
+ }
+ }
+ } else {
+ log.info("[FILTER] 预执行请求[OPTION],不进行时间戳检查");
+ res.setStatus(200);
+ res.getWriter().write(gson.toJson(ResultUtil.success("Option成功")));
+ }
+ }
+}
diff --git a/src/main/java/com/jsl/oa/config/shiro/ShiroConfiguration.java b/src/main/java/com/jsl/oa/config/shiro/ShiroConfiguration.java
index 3a11cb0..98d2ef8 100755
--- a/src/main/java/com/jsl/oa/config/shiro/ShiroConfiguration.java
+++ b/src/main/java/com/jsl/oa/config/shiro/ShiroConfiguration.java
@@ -2,6 +2,7 @@ package com.jsl.oa.config.shiro;
import com.jsl.oa.config.filter.CorsFilter;
import com.jsl.oa.config.filter.JwtFilter;
+import com.jsl.oa.config.filter.TimestampFilter;
import lombok.RequiredArgsConstructor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
@@ -46,8 +47,13 @@ public class ShiroConfiguration {
// 添加JWT过滤器
Map filters = new LinkedHashMap<>();
- filters.put("authc", new JwtFilter()); // 配置自定义的JWT过滤器
- filters.put("anon", new CorsFilter()); // 配置自定义的CORS过滤器
+ // 配置自定义的JWT过滤器
+ filters.put("authc", new JwtFilter());
+ // 配置自定义的CORS过滤器
+ filters.put("anon", new CorsFilter());
+ // 配置自定义的时间戳检查
+ filters.put("time", new TimestampFilter());
+
shiroFilterFactoryBean.setFilters(filters);
return shiroFilterFactoryBean;
}
@@ -86,7 +92,7 @@ public class ShiroConfiguration {
@NotNull
private static Map setFilterChain() {
Map filterChainDefinitionMap = new LinkedHashMap<>();
- filterChainDefinitionMap.put("/auth/**/**", "anon");
+ filterChainDefinitionMap.put("/auth/**/**", "anon, time");
filterChainDefinitionMap.put("/unauthorized", "anon");
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/info/header-image/get", "anon");
@@ -98,7 +104,7 @@ public class ShiroConfiguration {
filterChainDefinitionMap.put("/project/work/add", "anon");
filterChainDefinitionMap.put("/tags/project/list", "anon");
filterChainDefinitionMap.put("/module/add", "anon");
- filterChainDefinitionMap.put("/**/**", "authc");
+ filterChainDefinitionMap.put("/**/**", "authc, time");
return filterChainDefinitionMap;
}
diff --git a/src/main/java/com/jsl/oa/exception/library/NotLoginException.java b/src/main/java/com/jsl/oa/exception/library/NotLoginException.java
new file mode 100644
index 0000000..f1d95af
--- /dev/null
+++ b/src/main/java/com/jsl/oa/exception/library/NotLoginException.java
@@ -0,0 +1,16 @@
+package com.jsl.oa.exception.library;
+
+/**
+ * 自定义异常类
+ *
+ * 用于表示用户未登录的情况。
+ *
+ * @since v1.2.0
+ * @version v1.2.0
+ * @author xiao_lfeng
+ */
+public class NotLoginException extends RuntimeException {
+ public NotLoginException(String message) {
+ super(message);
+ }
+}
diff --git a/src/main/java/com/jsl/oa/exception/library/PermissionDeniedException.java b/src/main/java/com/jsl/oa/exception/library/PermissionDeniedException.java
new file mode 100644
index 0000000..a76cb73
--- /dev/null
+++ b/src/main/java/com/jsl/oa/exception/library/PermissionDeniedException.java
@@ -0,0 +1,22 @@
+package com.jsl.oa.exception.library;
+
+import lombok.Getter;
+
+/**
+ * 自定义异常类
+ *
+ * 用于权限拒绝的情况
+ *
+ * @since v1.2.0
+ * @version v1.2.0
+ * @author xiao_lfeng
+ */
+@Getter
+public class PermissionDeniedException extends RuntimeException {
+ private final String needGroup;
+
+ public PermissionDeniedException(String message, String needGroup) {
+ super(message);
+ this.needGroup = needGroup;
+ }
+}
diff --git a/src/main/java/com/jsl/oa/exception/library/UserCanntUse.java b/src/main/java/com/jsl/oa/exception/library/UserCanntUse.java
new file mode 100644
index 0000000..987f796
--- /dev/null
+++ b/src/main/java/com/jsl/oa/exception/library/UserCanntUse.java
@@ -0,0 +1,16 @@
+package com.jsl.oa.exception.library;
+
+/**
+ * 自定义异常类
+ *
+ * 用于反馈用户被禁止使用的情况
+ *
+ * @since v1.2.0
+ * @version v1.2.0
+ * @author xiao_lfeng
+ */
+public class UserCanntUse extends RuntimeException {
+ public UserCanntUse(String message) {
+ super(message);
+ }
+}
diff --git a/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java
index 600ce2d..9784c60 100755
--- a/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java
@@ -1,10 +1,9 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserAbleToUse;
+import com.jsl.oa.annotations.UserAbleToUse;
import com.jsl.oa.common.constant.BusinessConstants;
import com.jsl.oa.dao.PermissionDAO;
import com.jsl.oa.dao.RoleDAO;
-import com.jsl.oa.mapper.RoleMapper;
import com.jsl.oa.mapper.UserMapper;
import com.jsl.oa.model.dodata.RoleDO;
import com.jsl.oa.model.dodata.RoleUserDO;
@@ -41,7 +40,6 @@ import java.util.regex.Pattern;
@RequiredArgsConstructor
public class AuthServiceImpl implements AuthService {
private final UserMapper userMapper;
- private final RoleMapper roleMapper;
private final RoleDAO roleDAO;
private final PermissionDAO permissionDAO;
@@ -178,7 +176,7 @@ public class AuthServiceImpl implements AuthService {
}
@Override
- @CheckUserAbleToUse
+ @UserAbleToUse
public BaseResponse authChangePassword(
@NotNull UserChangePasswordVO userChangePasswordVO,
HttpServletRequest request
@@ -212,7 +210,7 @@ public class AuthServiceImpl implements AuthService {
}
@Override
- @CheckUserAbleToUse
+ @UserAbleToUse
public BaseResponse authLogout(HttpServletRequest request) {
log.info("\t> 执行 Service 层 AuthService.authLogout 方法");
// 获取用户
diff --git a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java
index f0c70a2..517d3e6 100644
--- a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java
@@ -1,6 +1,6 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserHasPermission;
+import com.jsl.oa.annotations.NeedRoleGroup;
import com.jsl.oa.dao.InfoDAO;
import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.dao.UserDAO;
@@ -41,7 +41,7 @@ public class InfoServiceImpl implements InfoService {
private final RoleDAO roleDAO;
@Override
- @CheckUserHasPermission("info.image.add")
+ @NeedRoleGroup("info.image.add")
public BaseResponse addHeaderImage(HttpServletRequest request, @NotNull CarouselVO carouselVO) {
log.info("\t> 执行 Service 层 InfoService.addHeaderImage 方法");
// 获取用户
@@ -75,7 +75,7 @@ public class InfoServiceImpl implements InfoService {
}
@Override
- @CheckUserHasPermission("info.image.edit")
+ @NeedRoleGroup("info.image.edit")
public BaseResponse editHeaderImage(HttpServletRequest request, @NotNull CarouselVO carouselVO) {
log.info("\t> 执行 Service 层 InfoService.editHeaderImage 方法");
// 获取用户
@@ -127,7 +127,7 @@ public class InfoServiceImpl implements InfoService {
}
@Override
- @CheckUserHasPermission("info.image.del")
+ @NeedRoleGroup("info.image.del")
public BaseResponse delHeaderImage(HttpServletRequest request, Integer id) {
log.info("\t> 执行 Service 层 InfoService.delHeaderImage 方法");
// 用户权限校验
@@ -150,7 +150,7 @@ public class InfoServiceImpl implements InfoService {
}
@Override
- @CheckUserHasPermission("info.image.setting.edit")
+ @NeedRoleGroup("info.image.setting.edit")
public BaseResponse editSettingHeaderImage(HttpServletRequest request, Boolean showType) {
log.info("\t> 执行 Service 层 InfoService.editSettingHeaderImage 方法");
// 用户权限校验
diff --git a/src/main/java/com/jsl/oa/services/impl/MailServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/MailServiceImpl.java
index 9a3380e..2ea7e95 100755
--- a/src/main/java/com/jsl/oa/services/impl/MailServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/MailServiceImpl.java
@@ -1,6 +1,6 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserAbleToUse;
+import com.jsl.oa.annotations.UserAbleToUse;
import com.jsl.oa.services.MailService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
@@ -39,7 +39,7 @@ public class MailServiceImpl implements MailService {
@Override
@Async
- @CheckUserAbleToUse
+ @UserAbleToUse
public void sendMail(String sendTo, String subject, String text) {
log.info("\t> 执行 Service 层 MailService.sendMail 方法");
//发送多媒体邮件
@@ -63,14 +63,14 @@ public class MailServiceImpl implements MailService {
@Override
@Async
- @CheckUserAbleToUse
+ @UserAbleToUse
public void sendMail(String sendTo, String model) {
log.info("\t> 执行 Service 层 MailService.sendMail 方法");
}
@Override
@Async
- @CheckUserAbleToUse
+ @UserAbleToUse
public void sendMailAboutUserLogin(String email, Integer code) {
log.info("\t> 执行 Service 层 MailService.sendMailAboutUserLogin 方法");
// 发送邮件带HTML模块部分
diff --git a/src/main/java/com/jsl/oa/services/impl/MessageServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/MessageServiceImpl.java
index d774276..042ec62 100644
--- a/src/main/java/com/jsl/oa/services/impl/MessageServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/MessageServiceImpl.java
@@ -1,5 +1,6 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserAbleToUse;
+
+import com.jsl.oa.annotations.UserAbleToUse;
import com.jsl.oa.dao.UserDAO;
import com.jsl.oa.mapper.MessageMapper;
import com.jsl.oa.mapper.ProjectMapper;
@@ -13,6 +14,7 @@ import com.jsl.oa.utils.*;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
+
import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.util.ArrayList;
@@ -37,7 +39,7 @@ public class MessageServiceImpl implements MessageService {
private final ProjectMapper projectMapper;
@Override
- @CheckUserAbleToUse
+ @UserAbleToUse
public BaseResponse messageDelete(Long mid, HttpServletRequest request) {
//获取消息数据
MessageDO messageDO = messageMapper.getMessageById(mid);
@@ -55,7 +57,7 @@ public class MessageServiceImpl implements MessageService {
@SuppressWarnings("checkstyle:Regexp")
@Override
- @CheckUserAbleToUse
+ @UserAbleToUse
public BaseResponse messageGet(LocalDateTime beginTime,
LocalDateTime endTime,
Integer page,
@@ -90,11 +92,11 @@ public class MessageServiceImpl implements MessageService {
/**
* 添加指派消息
*
- * @param pId 项目id
+ * @param pId 项目id
* @param systemId 系统id
* @param moddleId 模块id
- * @param uid 用户id
- * @param request
+ * @param uid 用户id
+ * @param request 请求
*/
@Override
public void messageAdd(
@@ -129,12 +131,12 @@ public class MessageServiceImpl implements MessageService {
/**
* 添加审批消息
*
- * @param pId 项目id
+ * @param pId 项目id
* @param systemId 系统id
* @param moddleId 模块id
- * @param uid 用户id
- * @param isPass 是否通过 1:通过 0:未通过
- * @param request
+ * @param uid 用户id
+ * @param isPass 是否通过 1:通过 0:未通过
+ * @param request 请求
*/
@Override
public void messageAdd(
@@ -163,10 +165,11 @@ public class MessageServiceImpl implements MessageService {
/**
* 添加项目变动消息
- * @param pId 项目id
- * @param type 类型 1:上传文档 2:修改状态 3:修改负责人
+ *
+ * @param pId 项目id
+ * @param type 类型 1:上传文档 2:修改状态 3:修改负责人
* @param systemId 系统id
- * @param request
+ * @param request 请求
*/
@Override
public void messageAdd(
@@ -201,11 +204,11 @@ public class MessageServiceImpl implements MessageService {
/**
* 添加子系统变动消息
*
- * @param pId 项目id
+ * @param pId 项目id
* @param systmeId 系统id
* @param moddleId 模块id
- * @param type 类型 1:删除模块 2:修改简介 3:修改周期
- * @param request
+ * @param type 类型 1:删除模块 2:修改简介 3:修改周期
+ * @param request 请求
*/
@Override
public void messageAdd(
@@ -238,8 +241,8 @@ public class MessageServiceImpl implements MessageService {
messageAddVO.setText("项目经理" + senderName + "修改了" + projectName + "项目的"
+ systemName + "系统的简介说明");
} else if (type == 3) {
- messageAddVO.setText("项目经理" + senderName + "修改了" + projectName + "项目的"
- + systemName + "系统的系统周期/工作量");
+ messageAddVO.setText("项目经理" + senderName + "修改了" + projectName + "项目的"
+ + systemName + "系统的系统周期/工作量");
}
messageAddVO.setType("跳转系统页");
messageAddVO.setToId(systmeId);
@@ -323,8 +326,8 @@ public class MessageServiceImpl implements MessageService {
String systemName = projectMapper.getWorkById(projectWorkDO.getProjectChildId().intValue()).getName();
String moddleName = projectWorkDO.getName();
messageAddVO.setText("您负责的" + projectName + "项目的" + systemName + "系统的" + moddleName + "模块"
- + "还有三天就要到期了,请及时处理");
- messageAddVO.setType("跳转模块页");
+ + "还有三天就要到期了,请及时处理");
+ messageAddVO.setType("跳转模块页");
messageAddVO.setToId(projectWorkDO.getId().intValue());
messageMapper.messageAdd(messageAddVO);
}
diff --git a/src/main/java/com/jsl/oa/services/impl/NewsServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/NewsServiceImpl.java
index 6b231eb..2db150a 100644
--- a/src/main/java/com/jsl/oa/services/impl/NewsServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/NewsServiceImpl.java
@@ -1,7 +1,7 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserHasPermission;
+import com.jsl.oa.annotations.NeedRoleGroup;
import com.jsl.oa.dao.NewsDAO;
import com.jsl.oa.model.dodata.NewsDO;
import com.jsl.oa.model.vodata.NewsAddVO;
@@ -35,7 +35,7 @@ public class NewsServiceImpl implements NewsService {
private final NewsDAO newsDAO;
@Override
- @CheckUserHasPermission("news.add")
+ @NeedRoleGroup("news.add")
public BaseResponse newsAdd(NewsAddVO newsAddVO, @NotNull HttpServletRequest request) {
log.info("\t> 执行 Service 层 NewsService.newsAdd 方法");
// 拷贝新闻数据到实体类
diff --git a/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java
index 657dee5..92c8370 100644
--- a/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java
@@ -1,6 +1,6 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserHasPermission;
+import com.jsl.oa.annotations.NeedRoleGroup;
import com.jsl.oa.dao.PermissionDAO;
import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.dao.UserDAO;
@@ -41,7 +41,7 @@ public class PermissionServiceImpl implements PermissionService {
private final UserDAO userDAO;
@Override
- @CheckUserHasPermission("permission.add")
+ @NeedRoleGroup("permission.add")
public BaseResponse permissionAdd(HttpServletRequest request, Long rid, Long pid) {
log.info("\t> 执行 Service 层 PermissionService.permissionAdd 方法");
permissionMapper.permissionAdd(rid, pid);
@@ -49,7 +49,7 @@ public class PermissionServiceImpl implements PermissionService {
}
@Override
- @CheckUserHasPermission("permission.user")
+ @NeedRoleGroup("permission.user")
public BaseResponse permissionUser(HttpServletRequest request, Long uid) {
log.info("\t> 执行 Service 层 PermissionService.permissionUserPid 方法");
if (userDAO.isExistUser(uid)) {
@@ -70,7 +70,7 @@ public class PermissionServiceImpl implements PermissionService {
@Override
- @CheckUserHasPermission("permission.get")
+ @NeedRoleGroup("permission.get")
public BaseResponse permissionGet(HttpServletRequest request) {
log.info("\t> 执行 Service 层 PermissionService.permissionGet 方法");
//获取所有权限数据
@@ -82,7 +82,7 @@ public class PermissionServiceImpl implements PermissionService {
}
@Override
- @CheckUserHasPermission("permission.edit")
+ @NeedRoleGroup("permission.edit")
public BaseResponse permissionEdit(PermissionEditVO permissionEditVo, HttpServletRequest request) {
log.info("\t> 执行 Service 层 PermissionService.permissionEdit 方法");
//根据id获取对应permission数据
@@ -100,7 +100,7 @@ public class PermissionServiceImpl implements PermissionService {
}
@Override
- @CheckUserHasPermission("permission.delete")
+ @NeedRoleGroup("permission.delete")
public BaseResponse permissionDelete(HttpServletRequest request, Long pid) {
log.info("\t> 执行 Service 层 PermissionService.permissionDelete 方法");
//删除权限
diff --git a/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java
index 0f0697c..dad777b 100644
--- a/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java
@@ -3,7 +3,7 @@ package com.jsl.oa.services.impl;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
-import com.jsl.oa.annotations.CheckUserHasPermission;
+import com.jsl.oa.annotations.NeedRoleGroup;
import com.jsl.oa.dao.ProjectDAO;
import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.dao.UserDAO;
@@ -236,7 +236,7 @@ public class ProjectServiceImpl implements ProjectService {
}
@Override
- @CheckUserHasPermission("info.project.add")
+ @NeedRoleGroup("info.project.add")
public BaseResponse addHeader(HttpServletRequest request, ProjectShowVO projectShowVO) {
log.info("\t> 执行 Service 层 InfoService.addHeader 方法");
// 获取用户
@@ -263,7 +263,7 @@ public class ProjectServiceImpl implements ProjectService {
}
@Override
- @CheckUserHasPermission("info.project.del")
+ @NeedRoleGroup("info.project.del")
public BaseResponse delHeader(Integer id, HttpServletRequest request) {
log.info("\t> 执行 Service 层 InfoService.delHeader 方法");
// 获取展示信息
@@ -282,7 +282,7 @@ public class ProjectServiceImpl implements ProjectService {
}
@Override
- @CheckUserHasPermission("info.project.edit")
+ @NeedRoleGroup("info.project.edit")
public BaseResponse editHeader(HttpServletRequest request, ProjectShowVO projectShowVO, Integer id) {
log.info("\t> 执行 Service 层 InfoService.editHeader 方法");
// 获取用户
diff --git a/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java
index 41be8e8..f6b6e39 100644
--- a/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java
@@ -1,6 +1,6 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserHasPermission;
+import com.jsl.oa.annotations.NeedRoleGroup;
import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.dao.UserDAO;
import com.jsl.oa.exception.ClassCopyException;
@@ -42,7 +42,7 @@ public class RoleServiceImpl implements RoleService {
private final UserDAO userDAO;
@Override
- @CheckUserHasPermission("role.add")
+ @NeedRoleGroup("role.add")
public BaseResponse roleAddUser(HttpServletRequest request, Long uid, Long rid) {
log.info("\t> 执行 Service 层 RoleService.addRoleUser 方法");
if (Processing.checkUserIsAdmin(request, roleDAO)) {
diff --git a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java
index d8ae754..df3f19b 100755
--- a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java
@@ -1,7 +1,7 @@
package com.jsl.oa.services.impl;
-import com.jsl.oa.annotations.CheckUserAbleToUse;
-import com.jsl.oa.annotations.CheckUserHasPermission;
+import com.jsl.oa.annotations.NeedRoleGroup;
+import com.jsl.oa.annotations.UserAbleToUse;
import com.jsl.oa.dao.PermissionDAO;
import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.dao.UserDAO;
@@ -97,7 +97,7 @@ public class UserServiceImpl implements UserService {
}
@Override
- @CheckUserHasPermission("user.current.all")
+ @NeedRoleGroup("user.current.all")
public BaseResponse userCurrentAll(HttpServletRequest request, @NotNull UserAllCurrentVO userAllCurrentVO) {
log.info("\t> 执行 Service 层 UserService.userCurrentAll 方法");
// 检查数据
@@ -133,7 +133,7 @@ public class UserServiceImpl implements UserService {
@SuppressWarnings("checkstyle:NestedIfDepth")
@Override
- @CheckUserAbleToUse
+ @UserAbleToUse
public BaseResponse userCurrent(HttpServletRequest request,
String id,
String username,
diff --git a/src/main/java/com/jsl/oa/utils/BaseResponse.java b/src/main/java/com/jsl/oa/utils/BaseResponse.java
index d0f1cac..9d8a87b 100755
--- a/src/main/java/com/jsl/oa/utils/BaseResponse.java
+++ b/src/main/java/com/jsl/oa/utils/BaseResponse.java
@@ -18,6 +18,6 @@ public class BaseResponse {
this.code = code;
this.message = message;
this.data = data;
- log.info("==================================================");
+ log.info("============================================================");
}
}
diff --git a/src/main/java/com/jsl/oa/utils/ResultUtil.java b/src/main/java/com/jsl/oa/utils/ResultUtil.java
index e50c690..d421197 100755
--- a/src/main/java/com/jsl/oa/utils/ResultUtil.java
+++ b/src/main/java/com/jsl/oa/utils/ResultUtil.java
@@ -20,7 +20,6 @@ public class ResultUtil {
public static @NotNull BaseResponse success() {
log.info("成功: Success[200] 操作成功 - 不带数据");
- log.info("==================================================");
return new BaseResponse("Success", 200, "操作成功", null);
}