fix:调整权限验证逻辑,修复访问空指针问题,优化日志信息,调整审核查询接口字段名称,修正查询接口分页问题。
This commit is contained in:
parent
e5b87e6f4f
commit
b368dadc3c
GPG Key ID:
F693AA12AABBFA87
|
|
@ -46,7 +46,7 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
|
|||
} else {
|
||||
// 解析Bearer后面的令牌
|
||||
token = token.replace("Bearer ", "");
|
||||
log.info("请求令牌:" + token);
|
||||
log.info("[FILTER] 请求令牌:" + token);
|
||||
return JwtUtil.verify(token);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -127,7 +127,7 @@ public class InfoServiceImpl implements InfoService {
|
|||
@NeedRoleGroup("info.image.del")
|
||||
public BaseResponse delHeaderImage(HttpServletRequest request, Integer id) {
|
||||
// 用户权限校验
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
// 获取轮播图信息
|
||||
|
|
@ -149,7 +149,7 @@ public class InfoServiceImpl implements InfoService {
|
|||
@NeedRoleGroup("info.image.setting.edit")
|
||||
public BaseResponse editSettingHeaderImage(HttpServletRequest request, Boolean showType) {
|
||||
// 用户权限校验
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
// 获取轮播图信息
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ public class ModuleServiceImpl implements ModuleService {
|
|||
@Override
|
||||
public BaseResponse deleteById(HttpServletRequest request, Long id) {
|
||||
// 检测是否为管理员
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_PERMISSION);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ public class ProjectServiceImpl implements ProjectService {
|
|||
//是否是增加子系统
|
||||
if (projectWorkVO.getType() == 0) {
|
||||
//是否是老师
|
||||
if (Processing.checkUserIsTeacher(request, roleDAO)) {
|
||||
if (Processing.checkUserIsPrincipal(request, roleDAO)) {
|
||||
projectDAO.projectWorkAdd(projectWorkVO);
|
||||
} else {
|
||||
return ResultUtil.error(ErrorCode.NOT_PERMISSION);
|
||||
|
|
@ -201,7 +201,7 @@ public class ProjectServiceImpl implements ProjectService {
|
|||
|
||||
|
||||
//判断用户是否为老师 或者 项目负责人
|
||||
if (!Processing.checkUserIsTeacher(request, roleDAO)
|
||||
if (!Processing.checkUserIsPrincipal(request, roleDAO)
|
||||
|| !projectDAO.isPrincipalUser(Processing.getAuthHeaderToUserId(request), projectId)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_PERMISSION);
|
||||
}
|
||||
|
|
@ -345,7 +345,7 @@ public class ProjectServiceImpl implements ProjectService {
|
|||
public BaseResponse projectDelete(HttpServletRequest request, List<Long> id) {
|
||||
|
||||
//判断用户是否为老师 或者 项目负责人
|
||||
if (!Processing.checkUserIsTeacher(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsPrincipal(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_PERMISSION);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ public class RoleServiceImpl implements RoleService {
|
|||
@Override
|
||||
@NeedRoleGroup("role.add")
|
||||
public BaseResponse roleAddUser(HttpServletRequest request, Long uid, Long rid) {
|
||||
if (Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
roleDAO.addRoleUser(uid, rid);
|
||||
return ResultUtil.success();
|
||||
} else {
|
||||
|
|
@ -55,7 +55,7 @@ public class RoleServiceImpl implements RoleService {
|
|||
@Override
|
||||
|
||||
public BaseResponse roleRemoveUser(HttpServletRequest request, Long uid) {
|
||||
if (Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
roleDAO.delRoleUser(uid);
|
||||
return ResultUtil.success();
|
||||
} else {
|
||||
|
|
@ -74,7 +74,7 @@ public class RoleServiceImpl implements RoleService {
|
|||
return ResultUtil.error(ErrorCode.USER_NOT_CHANGE_TO_THEMSELVES);
|
||||
}
|
||||
//检测用户权限是否为管理员
|
||||
if (Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
if (roleDAO.roleChangeUser(uid, rid)) {
|
||||
return ResultUtil.success();
|
||||
} else {
|
||||
|
|
@ -88,7 +88,7 @@ public class RoleServiceImpl implements RoleService {
|
|||
@Override
|
||||
public BaseResponse roleGet(HttpServletRequest request, String id) {
|
||||
// 检查用户权限
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
// 获取 Role 权限组
|
||||
|
|
@ -114,7 +114,7 @@ public class RoleServiceImpl implements RoleService {
|
|||
@Override
|
||||
public BaseResponse roleEdit(HttpServletRequest request, RoleEditVO roleEditVO) {
|
||||
// 检查用户权限
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
// 获取 Role 相关信息
|
||||
|
|
@ -137,7 +137,7 @@ public class RoleServiceImpl implements RoleService {
|
|||
@Override
|
||||
public BaseResponse roleDelete(HttpServletRequest request, Long id) {
|
||||
// 检查用户权限
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
// 获取 Role 相关信息
|
||||
|
|
@ -158,7 +158,7 @@ public class RoleServiceImpl implements RoleService {
|
|||
@Override
|
||||
public BaseResponse addRole(HttpServletRequest request, RoleAddVo roleAddVO) throws ClassCopyException {
|
||||
// 检查用户权限
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
// 检查权限名称是否重复
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
package com.jsl.oa.services.impl;
|
||||
|
||||
import com.jsl.oa.annotations.NeedRoleGroup;
|
||||
import com.jsl.oa.annotations.UserAbleToUse;
|
||||
import com.jsl.oa.dao.PermissionDAO;
|
||||
import com.jsl.oa.dao.RoleDAO;
|
||||
|
|
@ -54,7 +53,7 @@ public class UserServiceImpl implements UserService {
|
|||
public BaseResponse userDelete(HttpServletRequest request, Long id) {
|
||||
//判断用户是否存在
|
||||
if (userDAO.isExistUser(id)) {
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
// 用户是否已删除
|
||||
|
|
@ -71,7 +70,7 @@ public class UserServiceImpl implements UserService {
|
|||
|
||||
@Override
|
||||
public BaseResponse userLock(HttpServletRequest request, Long id, Long isLock) {
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
//判断用户是否存在
|
||||
|
|
@ -94,7 +93,6 @@ public class UserServiceImpl implements UserService {
|
|||
}
|
||||
|
||||
@Override
|
||||
@NeedRoleGroup("user.current.all")
|
||||
public BaseResponse userCurrentAll(HttpServletRequest request, @NotNull UserAllCurrentVO userAllCurrentVO) {
|
||||
// 检查数据
|
||||
if (userAllCurrentVO.getPage() == null || userAllCurrentVO.getPage() < 1) {
|
||||
|
|
@ -189,7 +187,7 @@ public class UserServiceImpl implements UserService {
|
|||
@Override
|
||||
public BaseResponse userAdd(UserAddVO userAddVo, HttpServletRequest request) {
|
||||
// 检测用户是否为管理员
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
//如果用户不重复,添加用户
|
||||
|
|
@ -226,7 +224,7 @@ public class UserServiceImpl implements UserService {
|
|||
@Override
|
||||
public BaseResponse userEdit(UserEditVO userEditVO, HttpServletRequest request) {
|
||||
// 检测用户是否为管理员
|
||||
if (!Processing.checkUserIsAdmin(request, roleDAO)) {
|
||||
if (!Processing.checkUserIsConsole(request, roleDAO)) {
|
||||
return ResultUtil.error(ErrorCode.NOT_ADMIN);
|
||||
}
|
||||
//根据id获取用户信息
|
||||
|
|
|
|||
|
|
@ -54,10 +54,10 @@ public class JwtUtil {
|
|||
try {
|
||||
Long getTokenInUserId = getUserId(token);
|
||||
// 验证用户名是否匹配
|
||||
log.info("令牌用户主键:" + getTokenInUserId.toString());
|
||||
log.info("[FILTER] 令牌用户主键:{}", getTokenInUserId.toString());
|
||||
return Pattern.matches("^[0-9]+$", getTokenInUserId.toString());
|
||||
} catch (Exception e) {
|
||||
log.info("令牌错误或失效");
|
||||
log.info("[FILTER] 令牌错误或失效");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -167,10 +167,10 @@ public class Processing {
|
|||
* @param request 请求
|
||||
* @return 如果为 true 是管理员,false 不是管理员
|
||||
*/
|
||||
public static @NotNull Boolean checkUserIsAdmin(HttpServletRequest request, @NotNull RoleDAO roleDAO) {
|
||||
public static @NotNull Boolean checkUserIsConsole(HttpServletRequest request, @NotNull RoleDAO roleDAO) {
|
||||
RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(Processing.getAuthHeaderToUserId(request));
|
||||
if (roleUserDO != null) {
|
||||
RoleDO roleDO = roleDAO.getRoleByRoleName("admin");
|
||||
RoleDO roleDO = roleDAO.getRoleByRoleName("console");
|
||||
return roleUserDO.getRid().equals(roleDO.getId());
|
||||
} else {
|
||||
return false;
|
||||
|
|
@ -183,10 +183,10 @@ public class Processing {
|
|||
* @param request 请求
|
||||
* @return 如果为 true 是老师,false 不是老师
|
||||
*/
|
||||
public static @NotNull Boolean checkUserIsTeacher(HttpServletRequest request, @NotNull RoleDAO roleDAO) {
|
||||
public static @NotNull Boolean checkUserIsPrincipal(HttpServletRequest request, @NotNull RoleDAO roleDAO) {
|
||||
RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(Processing.getAuthHeaderToUserId(request));
|
||||
if (roleUserDO != null) {
|
||||
RoleDO roleDO = roleDAO.getRoleByRoleName("teacher");
|
||||
RoleDO roleDO = roleDAO.getRoleByRoleName("principal");
|
||||
return roleUserDO.getRid().equals(roleDO.getId());
|
||||
} else {
|
||||
return false;
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user