|
|
@@ -1,6 +1,8 @@
|
|
|
package com.fdkankan.scene.Interceptor;
|
|
|
|
|
|
+import cn.hutool.core.collection.CollUtil;
|
|
|
import cn.hutool.core.util.StrUtil;
|
|
|
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
|
|
import com.fdkankan.common.constant.CommonStatus;
|
|
|
import com.fdkankan.common.constant.ErrorCode;
|
|
|
import com.fdkankan.common.constant.SceneStatus;
|
|
|
@@ -9,13 +11,17 @@ import com.fdkankan.redis.constant.RedisKey;
|
|
|
import com.fdkankan.redis.util.RedisUtil;
|
|
|
import com.fdkankan.scene.entity.SceneCooperation;
|
|
|
import com.fdkankan.scene.entity.ScenePlus;
|
|
|
-import com.fdkankan.scene.service.ISceneCooperationService;
|
|
|
-import com.fdkankan.scene.service.IScenePlusService;
|
|
|
+import com.fdkankan.scene.entity.User;
|
|
|
+import com.fdkankan.scene.entity.UserRole;
|
|
|
+import com.fdkankan.scene.service.*;
|
|
|
import com.fdkankan.web.user.SSOLoginHelper;
|
|
|
import com.fdkankan.web.user.SSOUser;
|
|
|
import com.fdkankan.web.util.WebUtil;
|
|
|
import java.io.IOException;
|
|
|
+import java.util.List;
|
|
|
import java.util.Objects;
|
|
|
+import java.util.Set;
|
|
|
+import java.util.stream.Collectors;
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
import lombok.extern.log4j.Log4j2;
|
|
|
import org.aspectj.lang.JoinPoint;
|
|
|
@@ -42,6 +48,12 @@ public class CheckPermitAspect {
|
|
|
private IScenePlusService scenePlusService;
|
|
|
@Autowired
|
|
|
private ISceneCooperationService sceneCooperationService;
|
|
|
+ @Autowired
|
|
|
+ private IRoleService roleService;
|
|
|
+ @Autowired
|
|
|
+ private IUserRoleService userRoleService;
|
|
|
+ @Autowired
|
|
|
+ private IUserService userService;
|
|
|
|
|
|
|
|
|
@Pointcut("@annotation(com.fdkankan.scene.annotation.CheckPermit)")
|
|
|
@@ -68,48 +80,50 @@ public class CheckPermitAspect {
|
|
|
throw new BusinessException(ErrorCode.PARAM_REQUIRED);
|
|
|
}
|
|
|
|
|
|
- ScenePlus scenePlus= scenePlusService.getScenePlusByNum(num);
|
|
|
+ ScenePlus scenePlus= scenePlusService.getScenePlusByNum(num);
|
|
|
if(Objects.isNull(scenePlus)){
|
|
|
throw new BusinessException(ErrorCode.FAILURE_CODE_5005);
|
|
|
}
|
|
|
//如果是计算中或者计算出错,返回计算中
|
|
|
if(SceneStatus.wait.code().equals(scenePlus.getSceneStatus())
|
|
|
- || SceneStatus.FAILD.code().equals(scenePlus.getSceneStatus())){
|
|
|
+ || SceneStatus.FAILD.code().equals(scenePlus.getSceneStatus())){
|
|
|
throw new BusinessException(ErrorCode.FAILURE_CODE_5033);
|
|
|
}
|
|
|
|
|
|
- //判断是否相机登录,是否场景的相机id和相机登录的相机id是否相等,如果都满足,则放行,否则判定为用户登录
|
|
|
- if(Objects.nonNull(user.getCameraLogin())
|
|
|
- && CommonStatus.YES.code().byteValue() == user.getCameraLogin().intValue()){
|
|
|
- if(scenePlus.getCameraId().equals(user.getCameraId())){
|
|
|
- return;
|
|
|
- }else{
|
|
|
- throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- //走到这里代表是用户账号密码登录,如果查到的场景的userid是空,证明相机解绑了,需要返回无权操作
|
|
|
+ //校验场景用户是否与当前登录用户相同,相同则跳出
|
|
|
if(Objects.isNull(scenePlus.getUserId())){
|
|
|
throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
|
|
|
}
|
|
|
+ if(scenePlus.getUserId().equals(user.getId())){
|
|
|
+ return;
|
|
|
+ }
|
|
|
|
|
|
- if(scenePlus.getUserId().equals(user.getId())){
|
|
|
- return;
|
|
|
- }
|
|
|
+ //如果上面场景用户与当前用户不匹配,需要校验当前用户是否拥有某些角色,从而可以访问此场景
|
|
|
+ List<UserRole> list = userRoleService.list(new LambdaQueryWrapper<UserRole>().eq(UserRole::getUserId, user.getId()));
|
|
|
+ Set<Long> roleIdSet = null;
|
|
|
+ if(CollUtil.isNotEmpty(list)){
|
|
|
+ roleIdSet = list.stream().map(ur -> ur.getRoleId()).collect(Collectors.toSet());
|
|
|
+ }
|
|
|
+ if(CollUtil.isEmpty(roleIdSet)){
|
|
|
+ throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
|
|
|
+ }
|
|
|
+ //平台管理员拥有最高权限
|
|
|
+ if(roleIdSet.contains(5L)){
|
|
|
+ return;
|
|
|
+ }
|
|
|
|
|
|
- //如果不是用户自己的场景,判断是否有协作权限
|
|
|
- Long userId = null;
|
|
|
- SceneCooperation sceneCooperation = sceneCooperationService.getByNum(num);
|
|
|
- if(Objects.nonNull(sceneCooperation)){
|
|
|
- userId = sceneCooperation.getUserId();
|
|
|
+ //判断是否有公司管理者权限,有则放开
|
|
|
+ if(roleIdSet.contains(6L)){
|
|
|
+ //当前登录用户user
|
|
|
+ User currentUser = userService.getById(user.getId());
|
|
|
+ User sceneUser = userService.getById(scenePlus.getUserId());
|
|
|
+ if(Objects.isNull(currentUser) || Objects.isNull(currentUser.getCompanyId())
|
|
|
+ || Objects.isNull(sceneUser) || Objects.isNull(sceneUser.getCompanyId())
|
|
|
+ || !currentUser.getCompanyId().equals(sceneUser.getCompanyId())){
|
|
|
+ throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
- if(Objects.isNull(userId)){
|
|
|
- throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
|
|
|
- }
|
|
|
- if(!userId.equals(user.getId())){
|
|
|
- throw new BusinessException(ErrorCode.FAILURE_CODE_5014);
|
|
|
- }
|
|
|
}
|
|
|
|
|
|
}
|
