|
|
@@ -158,63 +158,43 @@ public class CheckViewBizAuthAspect {
|
|
|
}
|
|
|
|
|
|
if(!interruptCheck){
|
|
|
- //查询场景是否业务授权,如果是,依次校验token和用户名密码
|
|
|
- JySceneAuth jySceneAuth = jySceneAuthService.getByNum(num);
|
|
|
- if(!Objects.isNull(jySceneAuth) && jySceneAuth.getAuthType() == 0){
|
|
|
- //校验token
|
|
|
- if(!interruptCheck){
|
|
|
- log.info("num:{}", num);
|
|
|
- log.info("token:{}", request.getHeader("token"));
|
|
|
- String token = request.getHeader("token");
|
|
|
- if(StrUtil.isNotEmpty(token)){
|
|
|
- SSOUser user = jmgaSSOLoginHelper.getSsoUser(token);
|
|
|
- if(Objects.nonNull(user)){
|
|
|
- userName = user.getUserName();
|
|
|
- JyUser jyUser = jyUserService.getBySysUserId(user.getId().intValue());
|
|
|
- log.info("user:{}", JSON.toJSONString(user));
|
|
|
-
|
|
|
- //当前用户与场景用户id相同,则拥有最高权限,可以编辑
|
|
|
- String url = host.concat("/service/manage/inner/checkNumAuth/").concat(num);
|
|
|
- ResultData<CheckNumAuthVo> checkNumAuth = myClient.checkNumAuth(url, request.getHeader("token"));
|
|
|
- log.info("checkNumAuth:{}", JSON.toJSONString(checkNumAuth));
|
|
|
- CheckNumAuthVo data = checkNumAuth.getData();
|
|
|
- if(data.isViewAuth()){
|
|
|
- interruptCheck = true;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- }
|
|
|
-
|
|
|
+ //当前用户与场景用户id相同,则拥有最高权限,可以编辑
|
|
|
+ String url = host.concat("/service/manage/inner/checkNumAuth/").concat(num);
|
|
|
+ ResultData<CheckNumAuthVo> checkNumAuth = myClient.checkNumAuth(url, request.getHeader("token"));
|
|
|
+ log.info("checkNumAuth:{}", JSON.toJSONString(checkNumAuth));
|
|
|
+ CheckNumAuthVo data = checkNumAuth.getData();
|
|
|
+ if(data.isViewAuth()){
|
|
|
+ SSOUser user = jmgaSSOLoginHelper.getSsoUser(request.getHeader("token"));
|
|
|
+ if(Objects.nonNull(user)){
|
|
|
+ userName = user.getUserName();
|
|
|
+ }
|
|
|
+ }else{
|
|
|
+ //业务授权校验用户名密码
|
|
|
+ userName = (String) params.get("userName");
|
|
|
+ String password = (String) params.get("password");
|
|
|
+ if(StrUtil.isEmpty(userName) || StrUtil.isEmpty(password)){
|
|
|
+ throw new BusinessException(ErrorCode.USERNAME_PASSWORD_REQUIRE);
|
|
|
+ }
|
|
|
+ //查询用户
|
|
|
+ JyUser jyUser = jyUserService.getByJyNo(userName);
|
|
|
+ if(Objects.isNull(jyUser)){
|
|
|
+ throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
+ }
|
|
|
+ //模拟前端密码加密规则生成前端密码
|
|
|
+ password = SecurityUtil.MD52(Base64Converter.decode(password));
|
|
|
+ //数据库密码比对
|
|
|
+ if(!password.equals(jyUser.getRyPassword())){
|
|
|
+ throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
}
|
|
|
|
|
|
- if(!interruptCheck){
|
|
|
- //业务授权校验用户名密码
|
|
|
- userName = (String) params.get("userName");
|
|
|
- String password = (String) params.get("password");
|
|
|
- if(StrUtil.isEmpty(userName) || StrUtil.isEmpty(password)){
|
|
|
- throw new BusinessException(ErrorCode.USERNAME_PASSWORD_REQUIRE);
|
|
|
- }
|
|
|
- //查询用户
|
|
|
- JyUser jyUser = jyUserService.getByJyNo(userName);
|
|
|
- if(Objects.isNull(jyUser)){
|
|
|
- throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
+ //判断是不是场景归属人的场景,如果不是,则校验是否是授权用户
|
|
|
+ if(scenePlus.getUserId().intValue() != jyUser.getUserId()){
|
|
|
+ JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
|
|
|
+ if(Objects.isNull(jySceneUserAuth)){
|
|
|
+ throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
|
|
|
}
|
|
|
- //模拟前端密码加密规则生成前端密码
|
|
|
- password = SecurityUtil.MD52(Base64Converter.decode(password));
|
|
|
- //数据库密码比对
|
|
|
- if(!password.equals(jyUser.getRyPassword())){
|
|
|
- throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
- }
|
|
|
-
|
|
|
- //判断是不是场景归属人的场景,如果不是,则校验是否是授权用户
|
|
|
- if(scenePlus.getUserId().intValue() != jyUser.getUserId()){
|
|
|
- JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
|
|
|
- if(Objects.isNull(jySceneUserAuth)){
|
|
|
- throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
|
|
|
- }
|
|
|
- if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
|
|
|
- throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
|
|
|
- }
|
|
|
+ if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
|
|
|
+ throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
|
|
|
}
|
|
|
}
|
|
|
}
|
