|
|
@@ -144,68 +144,68 @@ public class CheckViewBizAuthAspect {
|
|
|
}
|
|
|
|
|
|
//校验token
|
|
|
- if(!interruptCheck){
|
|
|
- log.info("num:{}", num);
|
|
|
- log.info("token:{}", request.getHeader("token"));
|
|
|
- String token = request.getHeader("token");
|
|
|
- if(StrUtil.isNotEmpty(token)){
|
|
|
- SSOUser user = jmgaSSOLoginHelper.getSsoUser(token);
|
|
|
- if(Objects.isNull(user)){
|
|
|
- throw new BusinessException(ErrorCode.AUTH_FAIL.code(), ErrorCode.TOKEN_NOT_FOUND.message());
|
|
|
- }
|
|
|
- JyUser jyUser = jyUserService.getBySysUserId(user.getId().intValue());
|
|
|
- log.info("user:{}", JSON.toJSONString(user));
|
|
|
- ScenePlus scenePlus = scenePlusService.getScenePlusByNum(num);
|
|
|
- if(Objects.isNull(scenePlus)){
|
|
|
- throw new BusinessException(ErrorCode.FAILURE_CODE_5005);
|
|
|
- }
|
|
|
- log.info("scenePlus:{}", scenePlus);
|
|
|
- if(Objects.isNull(scenePlus.getUserId()) || Objects.isNull(jyUser) || jyUser.getUserId() != scenePlus.getUserId().intValue()){
|
|
|
- throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
|
|
|
- }else{
|
|
|
- interruptCheck = true;
|
|
|
- userName = user.getUserName();
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- }
|
|
|
-
|
|
|
- if(!interruptCheck){
|
|
|
- //查询场景是否业务授权
|
|
|
- JySceneAuth jySceneAuth = jySceneAuthService.getByNum(num);
|
|
|
- if(!Objects.isNull(jySceneAuth) && jySceneAuth.getAuthType() == 0){
|
|
|
- //业务授权校验用户名密码
|
|
|
- userName = (String) params.get("userName");
|
|
|
- String password = (String) params.get("password");
|
|
|
- if(StrUtil.isEmpty(userName) || StrUtil.isEmpty(password)){
|
|
|
- throw new BusinessException(ErrorCode.USERNAME_PASSWORD_REQUIRE);
|
|
|
- }
|
|
|
- //查询用户
|
|
|
- JyUser jyUser = jyUserService.getByJyNo(userName);
|
|
|
- if(Objects.isNull(jyUser)){
|
|
|
- throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
- }
|
|
|
- JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
|
|
|
- if(Objects.isNull(jySceneUserAuth)){
|
|
|
- throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
|
|
|
- }
|
|
|
- if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
|
|
|
- throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
|
|
|
- }
|
|
|
-
|
|
|
- //如果授权校验通过,校验密码是否正确
|
|
|
- User user = userService.findByUserName(userName);
|
|
|
- if(Objects.isNull(user)){
|
|
|
- throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
- }
|
|
|
- //模拟前端密码加密规则生成前端密码
|
|
|
- password = SecurityUtil.MD5(Base64Converter.decode(password));
|
|
|
- //数据库密码比对
|
|
|
- if(Objects.isNull(user) || !password.equals(user.getPassword())){
|
|
|
- throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
+// if(!interruptCheck){
|
|
|
+// log.info("num:{}", num);
|
|
|
+// log.info("token:{}", request.getHeader("token"));
|
|
|
+// String token = request.getHeader("token");
|
|
|
+// if(StrUtil.isNotEmpty(token)){
|
|
|
+// SSOUser user = jmgaSSOLoginHelper.getSsoUser(token);
|
|
|
+// if(Objects.isNull(user)){
|
|
|
+// throw new BusinessException(ErrorCode.AUTH_FAIL.code(), ErrorCode.TOKEN_NOT_FOUND.message());
|
|
|
+// }
|
|
|
+// JyUser jyUser = jyUserService.getBySysUserId(user.getId().intValue());
|
|
|
+// log.info("user:{}", JSON.toJSONString(user));
|
|
|
+// ScenePlus scenePlus = scenePlusService.getScenePlusByNum(num);
|
|
|
+// if(Objects.isNull(scenePlus)){
|
|
|
+// throw new BusinessException(ErrorCode.FAILURE_CODE_5005);
|
|
|
+// }
|
|
|
+// log.info("scenePlus:{}", scenePlus);
|
|
|
+// if(Objects.isNull(scenePlus.getUserId()) || Objects.isNull(jyUser) || jyUser.getUserId() != scenePlus.getUserId().intValue()){
|
|
|
+// throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
|
|
|
+// }else{
|
|
|
+// interruptCheck = true;
|
|
|
+// userName = user.getUserName();
|
|
|
+// }
|
|
|
+// }
|
|
|
+//
|
|
|
+// }
|
|
|
+
|
|
|
+// if(!interruptCheck){
|
|
|
+// //查询场景是否业务授权
|
|
|
+// JySceneAuth jySceneAuth = jySceneAuthService.getByNum(num);
|
|
|
+// if(!Objects.isNull(jySceneAuth) && jySceneAuth.getAuthType() == 0){
|
|
|
+// //业务授权校验用户名密码
|
|
|
+// userName = (String) params.get("userName");
|
|
|
+// String password = (String) params.get("password");
|
|
|
+// if(StrUtil.isEmpty(userName) || StrUtil.isEmpty(password)){
|
|
|
+// throw new BusinessException(ErrorCode.USERNAME_PASSWORD_REQUIRE);
|
|
|
+// }
|
|
|
+// //查询用户
|
|
|
+// JyUser jyUser = jyUserService.getByJyNo(userName);
|
|
|
+// if(Objects.isNull(jyUser)){
|
|
|
+// throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
+// }
|
|
|
+// JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
|
|
|
+// if(Objects.isNull(jySceneUserAuth)){
|
|
|
+// throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
|
|
|
+// }
|
|
|
+// if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
|
|
|
+// throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
|
|
|
+// }
|
|
|
+//
|
|
|
+// //如果授权校验通过,校验密码是否正确
|
|
|
+// User user = userService.findByUserName(userName);
|
|
|
+// if(Objects.isNull(user)){
|
|
|
+// throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
+// }
|
|
|
+// //模拟前端密码加密规则生成前端密码
|
|
|
+// password = SecurityUtil.MD5(Base64Converter.decode(password));
|
|
|
+// //数据库密码比对
|
|
|
+// if(Objects.isNull(user) || !password.equals(user.getPassword())){
|
|
|
+// throw new BusinessException(ErrorCode.PASSWORD_ERROR);
|
|
|
+// }
|
|
|
+// }
|
|
|
+// }
|
|
|
}catch (BusinessException e){
|
|
|
//写入日志
|
|
|
sysLog.setUserName(userName);
|
