Quellcode durchsuchen

场景查看权限改为调用管理后台接口

dsx vor 1 Jahr
Ursprung
Commit
09237acffa

+ 22 - 9
src/main/java/com/fdkankan/scene/Interceptor/CheckViewBizAuthAspect.java

@@ -14,8 +14,10 @@ import com.fdkankan.common.util.PasswordUtils;
 import com.fdkankan.common.util.SecurityUtil;
 import com.fdkankan.redis.util.RedisUtil;
 import com.fdkankan.scene.entity.*;
+import com.fdkankan.scene.httpclient.MyClient;
 import com.fdkankan.scene.service.*;
 import com.fdkankan.scene.util.JmgaSSOLoginHelper;
+import com.fdkankan.scene.vo.CheckNumAuthVo;
 import com.fdkankan.web.response.ResultData;
 import com.fdkankan.web.user.SSOLoginHelper;
 import com.fdkankan.web.user.SSOUser;
@@ -52,6 +54,9 @@ public class CheckViewBizAuthAspect {
 	@Value("${scene.view.encrypt-key:3d8904474ebbdbbd81c5952524dad646}")
 	private String ENCRYPT_KEY;
 
+	@Value("${4dkk.v4fdService.basePath}")
+	private String host;
+
 	@Resource
 	private JmgaSSOLoginHelper jmgaSSOLoginHelper;
 	@Autowired
@@ -70,6 +75,8 @@ public class CheckViewBizAuthAspect {
 	private IJyUserService jyUserService;
 	@Autowired
 	private ISysLogService sysLogService;
+	@Autowired
+	private MyClient myClient;
 
 
 	@Pointcut("@annotation(com.fdkankan.scene.annotation.CheckViewBizAuth)")
@@ -157,6 +164,7 @@ public class CheckViewBizAuthAspect {
 						if(StrUtil.isNotEmpty(token)){
 							SSOUser user = jmgaSSOLoginHelper.getSsoUser(token);
 							if(Objects.nonNull(user)){
+								userName = user.getUserName();
 								JyUser jyUser = jyUserService.getBySysUserId(user.getId().intValue());
 								log.info("user:{}", JSON.toJSONString(user));
 								ScenePlus scenePlus = scenePlusService.getScenePlusByNum(num);
@@ -164,9 +172,14 @@ public class CheckViewBizAuthAspect {
 									throw new BusinessException(ErrorCode.FAILURE_CODE_5005);
 								}
 								log.info("scenePlus:{}", scenePlus);
-								if(Objects.nonNull(scenePlus.getUserId()) && Objects.nonNull(jyUser) && jyUser.getUserId() == scenePlus.getUserId().intValue()){
+
+								//当前用户与场景用户id相同,则拥有最高权限,可以编辑
+								String url = host.concat("/service/manage/inner/checkNumAuth/").concat(num);
+								ResultData<CheckNumAuthVo> checkNumAuth = myClient.checkNumAuth(url, request.getHeader("token"));
+								log.info("checkNumAuth:{}", JSON.toJSONString(checkNumAuth));
+								CheckNumAuthVo data = checkNumAuth.getData();
+								if(data.isViewAuth()){
 									interruptCheck = true;
-									userName = user.getUserName();
 								}
 							}
 
@@ -186,6 +199,12 @@ public class CheckViewBizAuthAspect {
 						if(Objects.isNull(jyUser)){
 							throw new BusinessException(ErrorCode.PASSWORD_ERROR);
 						}
+						//模拟前端密码加密规则生成前端密码
+						password = SecurityUtil.MD52(Base64Converter.decode(password));
+						//数据库密码比对
+						if(!password.equals(jyUser.getRyPassword())){
+							throw new BusinessException(ErrorCode.PASSWORD_ERROR);
+						}
 						JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
 						if(Objects.isNull(jySceneUserAuth)){
 							throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
@@ -194,13 +213,7 @@ public class CheckViewBizAuthAspect {
 							throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
 						}
 
-						//如果授权校验通过,校验密码是否正确
-						//模拟前端密码加密规则生成前端密码
-						password = SecurityUtil.MD52(Base64Converter.decode(password));
-						//数据库密码比对
-						if(!password.equals(jyUser.getRyPassword())){
-							throw new BusinessException(ErrorCode.PASSWORD_ERROR);
-						}
+
 					}
 				}
 			}