日本项目，场景权限校验改造

src/main/java/com/fdkankan/scene/aop/CheckCurrenUserAspect.java

@@ -1,20 +1,25 @@
 package com.fdkankan.scene.aop;
 
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.util.StrUtil;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.fdkankan.common.constant.ErrorCode;
+import com.fdkankan.common.constant.SceneStatus;
 import com.fdkankan.common.exception.BusinessException;
 import com.fdkankan.scene.annotation.CheckCurrentUser;
-import com.fdkankan.scene.entity.Camera;
-import com.fdkankan.scene.entity.SceneCooperation;
-import com.fdkankan.scene.entity.ScenePro;
-import com.fdkankan.scene.service.ICameraService;
-import com.fdkankan.scene.service.ISceneCooperationService;
-import com.fdkankan.scene.service.ISceneProService;
+import com.fdkankan.scene.entity.*;
+import com.fdkankan.scene.service.*;
 import com.fdkankan.web.user.SSOLoginHelper;
 import com.fdkankan.web.user.SSOUser;
 import java.io.IOException;
 import java.lang.reflect.Method;
+import java.util.List;
 import java.util.Objects;
+import java.util.Set;
+import java.util.stream.Collectors;
 import javax.servlet.http.HttpServletRequest;
+
+import com.fdkankan.web.util.WebUtil;
 import lombok.extern.log4j.Log4j2;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
@@ -44,6 +49,10 @@ public class CheckCurrenUserAspect {
 
 	@Autowired
 	private ISceneCooperationService sceneCooperationService;
+	@Autowired
+	private IUserRoleService userRoleService;
+	@Autowired
+	private IUserService userService;
 
 	// Service层切点
 	@Pointcut("@annotation(com.fdkankan.scene.annotation.CheckCurrentUser)")
@@ -59,51 +68,110 @@ public class CheckCurrenUserAspect {
 	 */
 	@Before("checkUserAspect()")
 	public void doBefore(JoinPoint joinPoint) throws Exception {
-		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
+
+		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
 		// 读取session中的用户
-		SSOUser user = ssoLoginHelper.loginCheckV3(request.getHeader("token"));
-		String sceneNum = request.getParameter("sceneNum");
-
-		ScenePro entity = sceneProService.findBySceneNum(sceneNum);
-		if(user == null){
-			log.info(getCheckUserMthodDescription(joinPoint));
-			log.info("不是当前用户的方法:"
-					+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
-			throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
+		SSOUser user = ssoLoginHelper.getSsoUser(request.getHeader("token"));
+		if(Objects.isNull(user)){
+			throw new BusinessException(ErrorCode.TOKEN_NOT_FOUND);
+		}
+		String num = WebUtil.getParameter("num", joinPoint, request);
+		if(StrUtil.isEmpty(num)){
+			throw new BusinessException(ErrorCode.PARAM_REQUIRED);
 		}
 
-		if("18750226207".equals(user.getUserName())){
-			log.info("18750226207该账号默认超级管理员，可以操作所有场景");
+		ScenePro scenePro= sceneProService.findBySceneNum(num);
+		if(Objects.isNull(scenePro)){
+			throw new BusinessException(ErrorCode.FAILURE_CODE_5005);
+		}
+		//如果是计算中或者计算出错，返回计算中
+		if(SceneStatus.wait.code().equals(scenePro.getStatus())
+				|| SceneStatus.FAILD.code().equals(scenePro.getStatus())){
+			throw new BusinessException(ErrorCode.FAILURE_CODE_5033);
+		}
+
+		//校验场景用户是否与当前登录用户相同，相同则跳出
+		if(Objects.isNull(scenePro.getUserId())){
+			throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
+		}
+		if(scenePro.getUserId().equals(user.getId())){
 			return;
 		}
 
-		if(user.getId() == null){
-			Camera cameraEntity = cameraService.findByChildName(user.getUserName());
-			if((cameraEntity != null && entity != null) && (cameraEntity.getId().longValue() != entity.getCameraId().longValue())){
-				log.info(getCheckUserMthodDescription(joinPoint));
-				log.info("不是当前用户的方法:"
-						+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
-				throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
-			}
+		//如果上面场景用户与当前用户不匹配，需要校验当前用户是否拥有某些角色，从而可以访问此场景
+		List<UserRole> list = userRoleService.list(new LambdaQueryWrapper<UserRole>().eq(UserRole::getUserId, user.getId()));
+		Set<Long> roleIdSet = null;
+		if(CollUtil.isNotEmpty(list)){
+			roleIdSet = list.stream().map(ur -> ur.getRoleId()).collect(Collectors.toSet());
 		}
-		else if((user != null && entity != null) && entity.getUserId() != null && (user.getId().longValue() != entity.getUserId().longValue())){
-			SceneCooperation sceneCooperation = sceneCooperationService.getByNum(sceneNum);
-			if(Objects.nonNull(sceneCooperation)){
-				if(sceneCooperation.getUserId().longValue() != user.getId().longValue()){
-					log.info(getCheckUserMthodDescription(joinPoint));
-					log.info("不是当前用户的方法:"
-							+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
-					throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
-				}
-			}else {
-				log.info(getCheckUserMthodDescription(joinPoint));
-				log.info("不是当前用户的方法:"
-						+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
+		if(CollUtil.isEmpty(roleIdSet)){
+			throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
+		}
+		//平台管理员拥有最高权限
+		if(roleIdSet.contains(5L)){
+			return;
+		}
+
+		//判断是否有公司管理者权限，有则放开
+		if(roleIdSet.contains(6L)){
+			//当前登录用户user
+			User currentUser = userService.getById(user.getId());
+			User sceneUser = userService.getById(scenePro.getUserId());
+			if(Objects.isNull(currentUser) || Objects.isNull(currentUser.getCompanyId())
+					|| Objects.isNull(sceneUser) || Objects.isNull(sceneUser.getCompanyId())
+					|| !currentUser.getCompanyId().equals(sceneUser.getCompanyId())){
 				throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
 			}
 		}
 
+
+
+
+//		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
+//				.getRequest();
+//		// 读取session中的用户
+//		SSOUser user = ssoLoginHelper.loginCheckV3(request.getHeader("token"));
+//		String sceneNum = request.getParameter("sceneNum");
+//
+//		ScenePro entity = sceneProService.findBySceneNum(sceneNum);
+//		if(user == null){
+//			log.info(getCheckUserMthodDescription(joinPoint));
+//			log.info("不是当前用户的方法:"
+//					+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
+//			throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
+//		}
+//
+//		if("18750226207".equals(user.getUserName())){
+//			log.info("18750226207该账号默认超级管理员，可以操作所有场景");
+//			return;
+//		}
+//
+//		if(user.getId() == null){
+//			Camera cameraEntity = cameraService.findByChildName(user.getUserName());
+//			if((cameraEntity != null && entity != null) && (cameraEntity.getId().longValue() != entity.getCameraId().longValue())){
+//				log.info(getCheckUserMthodDescription(joinPoint));
+//				log.info("不是当前用户的方法:"
+//						+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
+//				throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
+//			}
+//		}
+//		else if((user != null && entity != null) && entity.getUserId() != null && (user.getId().longValue() != entity.getUserId().longValue())){
+//			SceneCooperation sceneCooperation = sceneCooperationService.getByNum(sceneNum);
+//			if(Objects.nonNull(sceneCooperation)){
+//				if(sceneCooperation.getUserId().longValue() != user.getId().longValue()){
+//					log.info(getCheckUserMthodDescription(joinPoint));
+//					log.info("不是当前用户的方法:"
+//							+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
+//					throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
+//				}
+//			}else {
+//				log.info(getCheckUserMthodDescription(joinPoint));
+//				log.info("不是当前用户的方法:"
+//						+ (joinPoint.getTarget().getClass().getName() + "." + joinPoint.getSignature().getName() + "()"));
+//				throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
+//			}
+//		}
+
 	}
 
 	/**

src/main/java/com/fdkankan/scene/controller/RoleController.java

@@ -0,0 +1,21 @@
+package com.fdkankan.scene.controller;
+
+
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * <p>
+ * 角色表 前端控制器
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@RestController
+@RequestMapping("/scene/role")
+public class RoleController {
+
+}
+

src/main/java/com/fdkankan/scene/controller/UserRoleController.java

@@ -0,0 +1,21 @@
+package com.fdkankan.scene.controller;
+
+
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * <p>
+ * 用户角色关系表 前端控制器
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@RestController
+@RequestMapping("/scene/userRole")
+public class UserRoleController {
+
+}
+

src/main/java/com/fdkankan/scene/entity/Role.java

@@ -0,0 +1,72 @@
+package com.fdkankan.scene.entity;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableLogic;
+import com.baomidou.mybatisplus.annotation.TableName;
+import java.io.Serializable;
+import java.util.Date;
+import lombok.Getter;
+import lombok.Setter;
+
+/**
+ * <p>
+ * 角色表
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@Getter
+@Setter
+@TableName("t_role")
+public class Role implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * id
+     */
+    @TableId(value = "id", type = IdType.AUTO)
+    private Long id;
+
+    /**
+     * 角色描述
+     */
+    @TableField("role_desc")
+    private String roleDesc;
+
+    /**
+     * 角色名
+     */
+    @TableField("role_name")
+    private String roleName;
+
+    /**
+     * 角色key
+     */
+    @TableField("role_key")
+    private String roleKey;
+
+    /**
+     * 创建时间
+     */
+    @TableField("create_time")
+    private Date createTime;
+
+    /**
+     * 更新时间
+     */
+    @TableField("update_time")
+    private Date updateTime;
+
+    /**
+     * 记录的状态，A: 生效，I: 禁用
+     */
+    @TableField("rec_status")
+    @TableLogic
+    private String recStatus;
+
+
+}

src/main/java/com/fdkankan/scene/entity/User.java

@@ -137,5 +137,11 @@ public class User implements Serializable {
     @TableField("update_time")
     private Date updateTime;
 
+    /**
+     * 公司id
+     */
+    @TableField("company_id")
+    private Integer companyId;
+
 
 }

src/main/java/com/fdkankan/scene/entity/UserRole.java

@@ -0,0 +1,63 @@
+package com.fdkankan.scene.entity;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableLogic;
+import com.baomidou.mybatisplus.annotation.TableName;
+import java.io.Serializable;
+import java.util.Date;
+import lombok.Getter;
+import lombok.Setter;
+
+/**
+ * <p>
+ * 用户角色关系表
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@Getter
+@Setter
+@TableName("t_user_role")
+public class UserRole implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @TableId(value = "id", type = IdType.AUTO)
+    private Long id;
+
+    /**
+     * 用户表id
+     */
+    @TableField("user_id")
+    private Long userId;
+
+    /**
+     * 角色表id
+     */
+    @TableField("role_id")
+    private Long roleId;
+
+    /**
+     * 创建时间
+     */
+    @TableField("create_time")
+    private Date createTime;
+
+    /**
+     * 记录的状态，A: 生效，I: 禁用
+     */
+    @TableField("rec_status")
+    @TableLogic
+    private String recStatus;
+
+    /**
+     * 更新时间
+     */
+    @TableField("update_time")
+    private Date updateTime;
+
+
+}

src/main/java/com/fdkankan/scene/generate/AutoGenerate.java

@@ -20,7 +20,7 @@ public class AutoGenerate {
         String path =System.getProperty("user.dir");
 
         generate(path,"scene", getTables(new String[]{
-                "t_scene_data_download"
+                "t_user_role","t_role"
         }));
 
 //        generate(path,"goods", getTables(new String[]{
@@ -48,8 +48,8 @@ public class AutoGenerate {
 
 
     public static void  generate(String path,String moduleName,  List<String> tables){
-        FastAutoGenerator.create("jdbc:mysql://120.24.144.164:3306/4dkankan_v4",
-                "root","4Dage@4Dage#@168")
+        FastAutoGenerator.create("jdbc:mysql://120.77.76.141:13306/4dkankan_v4",
+                "root","JK20220120%JIK")
                 .globalConfig(builder -> {
                     builder.author("")               //作者
                             .outputDir(path+"\\src\\main\\java")    //输出路径(写到java目录)

src/main/java/com/fdkankan/scene/mapper/IRoleMapper.java

@@ -0,0 +1,18 @@
+package com.fdkankan.scene.mapper;
+
+import com.fdkankan.scene.entity.Role;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+
+/**
+ * <p>
+ * 角色表 Mapper 接口
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@Mapper
+public interface IRoleMapper extends BaseMapper<Role> {
+
+}

src/main/java/com/fdkankan/scene/mapper/IUserRoleMapper.java

@@ -0,0 +1,18 @@
+package com.fdkankan.scene.mapper;
+
+import com.fdkankan.scene.entity.UserRole;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+
+/**
+ * <p>
+ * 用户角色关系表 Mapper 接口
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@Mapper
+public interface IUserRoleMapper extends BaseMapper<UserRole> {
+
+}

src/main/java/com/fdkankan/scene/service/IRoleService.java

@@ -0,0 +1,16 @@
+package com.fdkankan.scene.service;
+
+import com.fdkankan.scene.entity.Role;
+import com.baomidou.mybatisplus.extension.service.IService;
+
+/**
+ * <p>
+ * 角色表 服务类
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+public interface IRoleService extends IService<Role> {
+
+}

src/main/java/com/fdkankan/scene/service/IUserRoleService.java

@@ -0,0 +1,16 @@
+package com.fdkankan.scene.service;
+
+import com.fdkankan.scene.entity.UserRole;
+import com.baomidou.mybatisplus.extension.service.IService;
+
+/**
+ * <p>
+ * 用户角色关系表 服务类
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+public interface IUserRoleService extends IService<UserRole> {
+
+}

src/main/java/com/fdkankan/scene/service/impl/RoleServiceImpl.java

@@ -0,0 +1,20 @@
+package com.fdkankan.scene.service.impl;
+
+import com.fdkankan.scene.entity.Role;
+import com.fdkankan.scene.mapper.IRoleMapper;
+import com.fdkankan.scene.service.IRoleService;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import org.springframework.stereotype.Service;
+
+/**
+ * <p>
+ * 角色表 服务实现类
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@Service
+public class RoleServiceImpl extends ServiceImpl<IRoleMapper, Role> implements IRoleService {
+
+}

src/main/java/com/fdkankan/scene/service/impl/UserRoleServiceImpl.java

@@ -0,0 +1,20 @@
+package com.fdkankan.scene.service.impl;
+
+import com.fdkankan.scene.entity.UserRole;
+import com.fdkankan.scene.mapper.IUserRoleMapper;
+import com.fdkankan.scene.service.IUserRoleService;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import org.springframework.stereotype.Service;
+
+/**
+ * <p>
+ * 用户角色关系表 服务实现类
+ * </p>
+ *
+ * @author 
+ * @since 2023-01-03
+ */
+@Service
+public class UserRoleServiceImpl extends ServiceImpl<IUserRoleMapper, UserRole> implements IUserRoleService {
+
+}

src/main/resources/mapper/scene/RoleMapper.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.fdkankan.scene.mapper.IRoleMapper">
+
+</mapper>

src/main/resources/mapper/scene/UserRoleMapper.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.fdkankan.scene.mapper.IUserRoleMapper">
+
+</mapper>