1 year ago · a74ade378c
--- a/src/main/java/com/fdkankan/scene/Interceptor/CheckViewBizAuthAspect.java
+++ b/src/main/java/com/fdkankan/scene/Interceptor/CheckViewBizAuthAspect.java
@@ -100,6 +100,11 @@ public class CheckViewBizAuthAspect {
 
				 		String num = (String) params.get("num");
			
 
				 		String sign = (String) params.get("sign");
			
 
				 
			
 
				+		ScenePlus scenePlus = scenePlusService.getScenePlusByNum(num);
			
 
				+		if(Objects.isNull(scenePlus)){
			
 
				+			throw new BusinessException(ErrorCode.FAILURE_CODE_5005);
			
 
				+		}
			
 
				+
			
 
				 		SysLog sysLog = new SysLog();
			
 
				 		sysLog.setRequestPath("场景展示");
			
 
				 		sysLog.setUri(request.getRequestURI());
			
@@ -167,11 +172,6 @@ public class CheckViewBizAuthAspect {
 
				 								userName = user.getUserName();
			
 
				 								JyUser jyUser = jyUserService.getBySysUserId(user.getId().intValue());
			
 
				 								log.info("user:{}", JSON.toJSONString(user));
			
 
				-								ScenePlus scenePlus = scenePlusService.getScenePlusByNum(num);
			
 
				-								if(Objects.isNull(scenePlus)){
			
 
				-									throw new BusinessException(ErrorCode.FAILURE_CODE_5005);
			
 
				-								}
			
 
				-								log.info("scenePlus:{}", scenePlus);
			
 
				 
			
 
				 								//当前用户与场景用户id相同，则拥有最高权限，可以编辑
			
 
				 								String url = host.concat("/service/manage/inner/checkNumAuth/").concat(num);
			
@@ -205,15 +205,17 @@ public class CheckViewBizAuthAspect {
 
				 						if(!password.equals(jyUser.getRyPassword())){
			
 
				 							throw new BusinessException(ErrorCode.PASSWORD_ERROR);
			
 
				 						}
			
 
				-						JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
			
 
				-						if(Objects.isNull(jySceneUserAuth)){
			
 
				-							throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
			
 
				-						}
			
 
				-						if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
			
 
				-							throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
			
 
				-						}
			
 
				-
			
 
				 
			
 
				+						//判断是不是场景归属人的场景,如果不是，则校验是否是授权用户
			
 
				+						if(!scenePlus.getUserId().equals(jyUser.getUserId())){
			
 
				+							JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
			
 
				+							if(Objects.isNull(jySceneUserAuth)){
			
 
				+								throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
			
 
				+							}
			
 
				+							if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
			
 
				+								throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
			
 
				+							}
			
 
				+						}
			
 
				 					}
			
 
				 				}
			
 
				 			}