1 سال پیش · c3df6610f3
--- a/src/main/java/com/fdkankan/scene/Interceptor/CheckPermitAspect.java
+++ b/src/main/java/com/fdkankan/scene/Interceptor/CheckPermitAspect.java
@@ -25,6 +25,8 @@ import com.fdkankan.web.user.SSOLoginHelper;
 
				 import com.fdkankan.web.user.SSOUser;
			
 
				 import com.fdkankan.web.util.WebUtil;
			
 
				 import java.io.IOException;
			
 
				+import java.util.HashMap;
			
 
				+import java.util.Map;
			
 
				 import java.util.Objects;
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import lombok.extern.log4j.Log4j2;
			
@@ -110,7 +112,9 @@ public class CheckPermitAspect {
 
				 
			
 
				 		//当前用户与场景用户id相同，则拥有最高权限，可以编辑
			
 
				 		String url = host.concat("/service/manage/inner/checkNumAuth/").concat(num);
			
 
				-		ResultData<CheckNumAuthVo> checkNumAuth = myClient.checkNumAuth(url, request.getHeader("token"));
			
 
				+		Map<String, Object> headers = new HashMap<>();
			
 
				+		headers.put("token", request.getHeader("token"));
			
 
				+		ResultData<CheckNumAuthVo> checkNumAuth = myClient.checkNumAuth(url, headers);
			
 
				 		log.info("checkNumAuth:{}", JSON.toJSONString(checkNumAuth));
			
 
				 		CheckNumAuthVo data = checkNumAuth.getData();
			
 
				 		if(!data.isEditAuth()){
			
--- a/src/main/java/com/fdkankan/scene/Interceptor/CheckViewBizAuthAspect.java
+++ b/src/main/java/com/fdkankan/scene/Interceptor/CheckViewBizAuthAspect.java
@@ -76,7 +76,7 @@ public class CheckViewBizAuthAspect {
 
				 	private IJyUserService jyUserService;
			
 
				 	@Autowired
			
 
				 	private ISysLogService sysLogService;
			
 
				-	@Autowired
			
 
				+	@Resource
			
 
				 	private MyClient myClient;
			
 
				 	@Autowired
			
 
				 	private ISysUserService sysUserService;
			
@@ -163,7 +163,9 @@ public class CheckViewBizAuthAspect {
 
				 			if(!interruptCheck){
			
 
				 				//当前用户与场景用户id相同，则拥有最高权限，可以编辑
			
 
				 				String url = host.concat("/service/manage/inner/checkNumAuth/").concat(num);
			
 
				-				ResultData<CheckNumAuthVo> checkNumAuth = myClient.checkNumAuth(url, request.getHeader("token"));
			
 
				+				Map<String, Object> headers = new HashMap<>();
			
 
				+				headers.put("token", request.getHeader("token"));
			
 
				+				ResultData<CheckNumAuthVo> checkNumAuth = myClient.checkNumAuth(url, headers);
			
 
				 				log.info("checkNumAuth:{}", JSON.toJSONString(checkNumAuth));
			
 
				 				CheckNumAuthVo data = null;
			
 
				 				if(checkNumAuth.getCode() == ServerCode.SUCCESS.code()){
			
@@ -192,20 +194,14 @@ public class CheckViewBizAuthAspect {
 
				 					if(!password.equals(jyUser.getRyPassword())){
			
 
				 						throw new BusinessException(ErrorCode.PASSWORD_ERROR);
			
 
				 					}
			
 
				-
			
 
				-					//查询是否是管理员角色，如果是则有权访问
			
 
				-					long count = sysUserService.count(new LambdaQueryWrapper<SysUser>().eq(SysUser::getId, jyUser.getSysUserId()).in(SysUser::getRoleId, 1, 45));
			
 
				-					if(count == 0){
			
 
				-						//判断是不是场景归属人的场景,如果不是，则校验是否是授权用户
			
 
				-						if(scenePlus.getUserId().intValue() != jyUser.getUserId()){
			
 
				-							JySceneUserAuth jySceneUserAuth = jySceneUserAuthService.getSceneViewAuth(num, jyUser.getId());
			
 
				-							if(Objects.isNull(jySceneUserAuth)){
			
 
				-								throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "无权访问");
			
 
				-							}
			
 
				-							if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
			
 
				-								throw new BusinessException(ErrorCode.AUTH_FAIL.code(), "超出访问截止时间");
			
 
				-							}
			
 
				-						}
			
 
				+					headers.put("userName", userName);
			
 
				+					headers.put("password", password);
			
 
				+					checkNumAuth = myClient.checkNumAuth(url, headers);
			
 
				+					if(checkNumAuth.getCode() == ServerCode.SUCCESS.code()){
			
 
				+						data = checkNumAuth.getData();
			
 
				+					}
			
 
				+					if(Objects.nonNull(data) || !data.isViewAuth()){
			
 
				+						throw new BusinessException(ErrorCode.PASSWORD_ERROR);
			
 
				 					}
			
 
				 				}
			
 
				 			}
			
--- a/src/main/java/com/fdkankan/scene/httpclient/MyClient.java
+++ b/src/main/java/com/fdkankan/scene/httpclient/MyClient.java
@@ -3,6 +3,7 @@ package com.fdkankan.scene.httpclient;
 
				 
			
 
				 import com.dtflys.forest.annotation.Get;
			
 
				 import com.dtflys.forest.annotation.Header;
			
 
				+import com.dtflys.forest.annotation.Post;
			
 
				 import com.dtflys.forest.annotation.Var;
			
 
				 import com.dtflys.forest.callback.OnProgress;
			
 
				 import com.dtflys.forest.extensions.DownloadFile;
			
@@ -10,6 +11,7 @@ import com.fdkankan.scene.vo.CheckNumAuthVo;
 
				 import com.fdkankan.web.response.ResultData;
			
 
				 
			
 
				 import java.io.File;
			
 
				+import java.util.Map;
			
 
				 
			
 
				 public interface MyClient {
			
 
				 
			
@@ -33,6 +35,6 @@ public interface MyClient {
 
				     ResultData get(@Var("url") String url, @Var("params") String params);
			
 
				 
			
 
				     @Get(url = "${url}")
			
 
				-    ResultData<CheckNumAuthVo> checkNumAuth(@Var("url") String url, @Header("token") String token);
			
 
				+    ResultData<CheckNumAuthVo> checkNumAuth(@Var("url") String url, @Header Map<String, Object> headerMap);
			
 
				 
			
 
				 }