diff --git a/src/main/java/com/jsl/oa/config/filter/JwtFilter.java b/src/main/java/com/jsl/oa/config/filter/JwtFilter.java index 8e48ce3..1d5c70e 100755 --- a/src/main/java/com/jsl/oa/config/filter/JwtFilter.java +++ b/src/main/java/com/jsl/oa/config/filter/JwtFilter.java @@ -46,7 +46,7 @@ public class JwtFilter extends BasicHttpAuthenticationFilter { } else { // 解析Bearer后面的令牌 token = token.replace("Bearer ", ""); - log.info("请求令牌:" + token); + log.info("[FILTER] 请求令牌:" + token); return JwtUtil.verify(token); } } diff --git a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java index 31ec4be..0abcde9 100644 --- a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java @@ -127,7 +127,7 @@ public class InfoServiceImpl implements InfoService { @NeedRoleGroup("info.image.del") public BaseResponse delHeaderImage(HttpServletRequest request, Integer id) { // 用户权限校验 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取轮播图信息 @@ -149,7 +149,7 @@ public class InfoServiceImpl implements InfoService { @NeedRoleGroup("info.image.setting.edit") public BaseResponse editSettingHeaderImage(HttpServletRequest request, Boolean showType) { // 用户权限校验 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取轮播图信息 diff --git a/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java index 6dba1bf..7ac2e7a 100644 --- a/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/ModuleServiceImpl.java @@ -82,7 +82,7 @@ public class ModuleServiceImpl implements ModuleService { @Override public BaseResponse deleteById(HttpServletRequest request, Long id) { // 检测是否为管理员 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_PERMISSION); } diff --git a/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java index d6b65d1..1dad3a6 100644 --- a/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/ProjectServiceImpl.java @@ -85,7 +85,7 @@ public class ProjectServiceImpl implements ProjectService { //是否是增加子系统 if (projectWorkVO.getType() == 0) { //是否是老师 - if (Processing.checkUserIsTeacher(request, roleDAO)) { + if (Processing.checkUserIsPrincipal(request, roleDAO)) { projectDAO.projectWorkAdd(projectWorkVO); } else { return ResultUtil.error(ErrorCode.NOT_PERMISSION); @@ -201,7 +201,7 @@ public class ProjectServiceImpl implements ProjectService { //判断用户是否为老师 或者 项目负责人 - if (!Processing.checkUserIsTeacher(request, roleDAO) + if (!Processing.checkUserIsPrincipal(request, roleDAO) || !projectDAO.isPrincipalUser(Processing.getAuthHeaderToUserId(request), projectId)) { return ResultUtil.error(ErrorCode.NOT_PERMISSION); } @@ -345,7 +345,7 @@ public class ProjectServiceImpl implements ProjectService { public BaseResponse projectDelete(HttpServletRequest request, List id) { //判断用户是否为老师 或者 项目负责人 - if (!Processing.checkUserIsTeacher(request, roleDAO)) { + if (!Processing.checkUserIsPrincipal(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_PERMISSION); } diff --git a/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java index 8eb9af4..821faf1 100644 --- a/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/RoleServiceImpl.java @@ -44,7 +44,7 @@ public class RoleServiceImpl implements RoleService { @Override @NeedRoleGroup("role.add") public BaseResponse roleAddUser(HttpServletRequest request, Long uid, Long rid) { - if (Processing.checkUserIsAdmin(request, roleDAO)) { + if (Processing.checkUserIsConsole(request, roleDAO)) { roleDAO.addRoleUser(uid, rid); return ResultUtil.success(); } else { @@ -55,7 +55,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleRemoveUser(HttpServletRequest request, Long uid) { - if (Processing.checkUserIsAdmin(request, roleDAO)) { + if (Processing.checkUserIsConsole(request, roleDAO)) { roleDAO.delRoleUser(uid); return ResultUtil.success(); } else { @@ -74,7 +74,7 @@ public class RoleServiceImpl implements RoleService { return ResultUtil.error(ErrorCode.USER_NOT_CHANGE_TO_THEMSELVES); } //检测用户权限是否为管理员 - if (Processing.checkUserIsAdmin(request, roleDAO)) { + if (Processing.checkUserIsConsole(request, roleDAO)) { if (roleDAO.roleChangeUser(uid, rid)) { return ResultUtil.success(); } else { @@ -88,7 +88,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleGet(HttpServletRequest request, String id) { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取 Role 权限组 @@ -114,7 +114,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleEdit(HttpServletRequest request, RoleEditVO roleEditVO) { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取 Role 相关信息 @@ -137,7 +137,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse roleDelete(HttpServletRequest request, Long id) { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 获取 Role 相关信息 @@ -158,7 +158,7 @@ public class RoleServiceImpl implements RoleService { @Override public BaseResponse addRole(HttpServletRequest request, RoleAddVo roleAddVO) throws ClassCopyException { // 检查用户权限 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 检查权限名称是否重复 diff --git a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java index 8fb39c9..08364c3 100755 --- a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java +++ b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java @@ -1,6 +1,5 @@ package com.jsl.oa.services.impl; -import com.jsl.oa.annotations.NeedRoleGroup; import com.jsl.oa.annotations.UserAbleToUse; import com.jsl.oa.dao.PermissionDAO; import com.jsl.oa.dao.RoleDAO; @@ -54,7 +53,7 @@ public class UserServiceImpl implements UserService { public BaseResponse userDelete(HttpServletRequest request, Long id) { //判断用户是否存在 if (userDAO.isExistUser(id)) { - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } // 用户是否已删除 @@ -71,7 +70,7 @@ public class UserServiceImpl implements UserService { @Override public BaseResponse userLock(HttpServletRequest request, Long id, Long isLock) { - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } //判断用户是否存在 @@ -94,7 +93,6 @@ public class UserServiceImpl implements UserService { } @Override - @NeedRoleGroup("user.current.all") public BaseResponse userCurrentAll(HttpServletRequest request, @NotNull UserAllCurrentVO userAllCurrentVO) { // 检查数据 if (userAllCurrentVO.getPage() == null || userAllCurrentVO.getPage() < 1) { @@ -189,7 +187,7 @@ public class UserServiceImpl implements UserService { @Override public BaseResponse userAdd(UserAddVO userAddVo, HttpServletRequest request) { // 检测用户是否为管理员 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } //如果用户不重复,添加用户 @@ -226,7 +224,7 @@ public class UserServiceImpl implements UserService { @Override public BaseResponse userEdit(UserEditVO userEditVO, HttpServletRequest request) { // 检测用户是否为管理员 - if (!Processing.checkUserIsAdmin(request, roleDAO)) { + if (!Processing.checkUserIsConsole(request, roleDAO)) { return ResultUtil.error(ErrorCode.NOT_ADMIN); } //根据id获取用户信息 diff --git a/src/main/java/com/jsl/oa/utils/JwtUtil.java b/src/main/java/com/jsl/oa/utils/JwtUtil.java index 9858c9f..557bccb 100755 --- a/src/main/java/com/jsl/oa/utils/JwtUtil.java +++ b/src/main/java/com/jsl/oa/utils/JwtUtil.java @@ -54,10 +54,10 @@ public class JwtUtil { try { Long getTokenInUserId = getUserId(token); // 验证用户名是否匹配 - log.info("令牌用户主键:" + getTokenInUserId.toString()); + log.info("[FILTER] 令牌用户主键:{}", getTokenInUserId.toString()); return Pattern.matches("^[0-9]+$", getTokenInUserId.toString()); } catch (Exception e) { - log.info("令牌错误或失效"); + log.info("[FILTER] 令牌错误或失效"); return false; } } diff --git a/src/main/java/com/jsl/oa/utils/Processing.java b/src/main/java/com/jsl/oa/utils/Processing.java index 2c12f37..28261da 100755 --- a/src/main/java/com/jsl/oa/utils/Processing.java +++ b/src/main/java/com/jsl/oa/utils/Processing.java @@ -167,10 +167,10 @@ public class Processing { * @param request 请求 * @return 如果为 true 是管理员,false 不是管理员 */ - public static @NotNull Boolean checkUserIsAdmin(HttpServletRequest request, @NotNull RoleDAO roleDAO) { + public static @NotNull Boolean checkUserIsConsole(HttpServletRequest request, @NotNull RoleDAO roleDAO) { RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(Processing.getAuthHeaderToUserId(request)); if (roleUserDO != null) { - RoleDO roleDO = roleDAO.getRoleByRoleName("admin"); + RoleDO roleDO = roleDAO.getRoleByRoleName("console"); return roleUserDO.getRid().equals(roleDO.getId()); } else { return false; @@ -183,10 +183,10 @@ public class Processing { * @param request 请求 * @return 如果为 true 是老师,false 不是老师 */ - public static @NotNull Boolean checkUserIsTeacher(HttpServletRequest request, @NotNull RoleDAO roleDAO) { + public static @NotNull Boolean checkUserIsPrincipal(HttpServletRequest request, @NotNull RoleDAO roleDAO) { RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(Processing.getAuthHeaderToUserId(request)); if (roleUserDO != null) { - RoleDO roleDO = roleDAO.getRoleByRoleName("teacher"); + RoleDO roleDO = roleDAO.getRoleByRoleName("principal"); return roleUserDO.getRid().equals(roleDO.getId()); } else { return false;