|
|
@@ -99,11 +99,13 @@ public class CheckViewBizAuthAspect {
|
|
|
sysLog.setOperationType("scene-view");
|
|
|
sysLog.setParams(JSON.toJSONString(params));
|
|
|
|
|
|
+ boolean interruptCheck = false;
|
|
|
Integer errorCode = null;
|
|
|
String errorMsg = null;
|
|
|
String userName = null, ip = null, timestamp = null;
|
|
|
boolean flag = true;
|
|
|
if(StrUtil.isNotEmpty(sign)){
|
|
|
+ interruptCheck = true;
|
|
|
sign = sign.replaceAll("%2B", "+").replaceAll(" ", "+");
|
|
|
String[] split = null;
|
|
|
try {
|
|
|
@@ -146,7 +148,23 @@ public class CheckViewBizAuthAspect {
|
|
|
errorMsg = "超出访问截止时间";
|
|
|
}
|
|
|
}
|
|
|
- }else{
|
|
|
+ }
|
|
|
+
|
|
|
+ //校验token
|
|
|
+ if(!interruptCheck){
|
|
|
+ SSOUser user = ssoLoginHelper.getSsoUser(request.getHeader("token"));
|
|
|
+ ScenePlus scenePlus = scenePlusService.getScenePlusByNum(num);
|
|
|
+ if(Objects.isNull(scenePlus.getUserId()) || !user.getId().equals(scenePlus.getUserId())){
|
|
|
+ flag = false;
|
|
|
+ errorCode = ErrorCode.AUTH_FAIL.code();
|
|
|
+ errorMsg = "无权访问";
|
|
|
+ }else{
|
|
|
+ interruptCheck = true;
|
|
|
+ userName = user.getUserName();
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ if(!interruptCheck){
|
|
|
//查询场景是否业务授权
|
|
|
JySceneAuth jySceneAuth = jySceneAuthService.getByNum(num);
|
|
|
if(!Objects.isNull(jySceneAuth) && jySceneAuth.getAuthType() == 0){
|
