Compare commits
No commits in common. "de63dfe9d65f24dfc30313a40e2f0dd5a7bf2dff" and "d0551b30948c1317cb75ae8a4439623c6cdd8d31" have entirely different histories.
de63dfe9d6
...
d0551b3094
|
|
@ -28,54 +28,39 @@ public class FilePermissionCheckAspect {
|
|||
|
||||
@Around("@annotation(requiredPermission)")
|
||||
public Object requirePermission(ProceedingJoinPoint joinPoint, RequiredPermission requiredPermission) throws Throwable{
|
||||
|
||||
// 获取方法参数
|
||||
Object[] args = joinPoint.getArgs();
|
||||
|
||||
if (args.length == 0) {
|
||||
return joinPoint.proceed();
|
||||
}
|
||||
|
||||
if (args.length > 0) {
|
||||
FilePermission filePermission = requiredPermission.value();
|
||||
String userId = UserThreadLocal.getUserId();
|
||||
String id = extractId(args[0]); // 提取ID逻辑封装成方法,减少冗余代码
|
||||
String id = "";
|
||||
|
||||
if (args[0] instanceof String) {
|
||||
String childId = args[0].toString();
|
||||
id = edFileInfoService.getCategoryId(childId);
|
||||
}
|
||||
|
||||
if (args[0] instanceof UpdateFileInfoDTO) {
|
||||
UpdateFileInfoDTO updateFileInfoDTO = (UpdateFileInfoDTO) args[0];
|
||||
String childId = updateFileInfoDTO.getId();
|
||||
id = edFileInfoService.getCategoryId(childId);
|
||||
}
|
||||
|
||||
// 特殊处理 FileInfoQueryDTO
|
||||
if (args[0] instanceof FileInfoQueryDTO) {
|
||||
FileInfoQueryDTO fileInfoQueryDTO = (FileInfoQueryDTO) args[0];
|
||||
id = fileInfoQueryDTO.getParentId();
|
||||
if (id.length() > ElectromagneticConstants.PRJ_ID_LENGTH) {
|
||||
return joinPoint.proceed();
|
||||
}
|
||||
}
|
||||
|
||||
// 先判断是否有权限,避免不必要的 `if` 嵌套
|
||||
if (!permissionService.isPermitted(filePermission.getCode(), userId, id)) {
|
||||
Map<String,Boolean> permissions = permissionService.getUserPermission(userId,id,true);
|
||||
if (!permissions.get(filePermission.getCode()).equals(Boolean.TRUE)) {
|
||||
throw new PermissionDeniedException("用户无权限执行此操作");
|
||||
}
|
||||
|
||||
// 如果是 MOVE 操作,还需要检查目标文件夹权限
|
||||
if (filePermission.equals(FilePermission.MOVE)) {
|
||||
if (args.length < 2 || !(args[1] instanceof String)) {
|
||||
throw new IllegalArgumentException("MOVE 操作需要提供目标文件夹 ID");
|
||||
}
|
||||
String targetId = edFileInfoService.getCategoryId(args[1].toString());
|
||||
if (!permissionService.isPermitted(filePermission.getCode(), userId, targetId)) {
|
||||
throw new PermissionDeniedException("用户无权限对目标文件夹执行此操作");
|
||||
}
|
||||
}
|
||||
|
||||
return joinPoint.proceed();
|
||||
}
|
||||
|
||||
/**
|
||||
* 提取参数中的 ID,避免重复代码
|
||||
*/
|
||||
private String extractId(Object arg) {
|
||||
if (arg instanceof String) {
|
||||
return edFileInfoService.getCategoryId(arg.toString());
|
||||
} else if (arg instanceof UpdateFileInfoDTO) {
|
||||
return edFileInfoService.getCategoryId(((UpdateFileInfoDTO) arg).getId());
|
||||
} else if (arg instanceof FileInfoQueryDTO) {
|
||||
return ((FileInfoQueryDTO) arg).getParentId();
|
||||
}
|
||||
throw new IllegalArgumentException("不支持的参数类型:" + arg.getClass().getName());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -49,12 +49,4 @@ public interface PermissionService {
|
|||
*/
|
||||
void syncPermissions (String prjId);
|
||||
|
||||
/**
|
||||
* 判断用户有无权限
|
||||
* @param permissionCode 权限
|
||||
* @param userId 用户编码
|
||||
* @param fileId 文件编码
|
||||
* @return
|
||||
*/
|
||||
boolean isPermitted (String permissionCode, String userId, String fileId);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ public interface RolePermissionService extends IService<RolePermission> {
|
|||
* @param currentPermission
|
||||
* @param infoId
|
||||
*/
|
||||
void syncNewPermissions (List<RolePermission> currentPermission, String infoId);
|
||||
void syncPermissions (List<RolePermission> currentPermission, String infoId);
|
||||
|
||||
/**
|
||||
* 获取新权限
|
||||
|
|
|
|||
|
|
@ -1,13 +1,16 @@
|
|||
package com.electromagnetic.industry.software.manage.service.serviceimpl;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import com.electromagnetic.industry.software.common.enums.*;
|
||||
import com.electromagnetic.industry.software.common.util.EleLog;
|
||||
import com.electromagnetic.industry.software.common.util.UserThreadLocal;
|
||||
import com.electromagnetic.industry.software.manage.mapper.EdFileInfoMapper;
|
||||
import com.electromagnetic.industry.software.manage.mapper.UserRoleMapper;
|
||||
import com.electromagnetic.industry.software.manage.pojo.models.EdFileInfo;
|
||||
import com.electromagnetic.industry.software.manage.pojo.models.RolePermission;
|
||||
import com.electromagnetic.industry.software.manage.pojo.models.UserRole;
|
||||
import com.electromagnetic.industry.software.manage.pojo.req.PublishedFileDTO;
|
||||
import com.electromagnetic.industry.software.manage.service.PermissionService;
|
||||
import com.electromagnetic.industry.software.manage.service.RolePermissionService;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -202,29 +205,4 @@ public class PermissionServiceImpl implements PermissionService {
|
|||
rolePermissionService.syncPermissionsAfterTreeUpdate(files, prjId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断用户有无权限
|
||||
* @param permissionCode 权限
|
||||
* @param userId 用户编码
|
||||
* @param fileId 文件编码
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
public boolean isPermitted (String permissionCode, String userId, String fileId) {
|
||||
LambdaQueryWrapper<UserRole> queryWrapper = new LambdaQueryWrapper<>();
|
||||
queryWrapper.eq(UserRole::getUserId, userId);
|
||||
List<String> roleIds = Optional.ofNullable(userRoleMapper.selectList(queryWrapper))
|
||||
.orElse(Collections.emptyList())
|
||||
.stream().map(UserRole::getRoleId).collect(Collectors.toList());
|
||||
|
||||
if (roleIds.isEmpty()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
LambdaQueryWrapper<RolePermission> queryWrapper1 = new LambdaQueryWrapper<>();
|
||||
queryWrapper1.eq(RolePermission::getPermissionCode, permissionCode)
|
||||
.eq(RolePermission::getFileId, fileId)
|
||||
.in(RolePermission::getRoleId, roleIds);
|
||||
return rolePermissionService.count(queryWrapper1)>0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@ package com.electromagnetic.industry.software.manage.service.serviceimpl;
|
|||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import com.electromagnetic.industry.software.common.enums.EffectFlagEnum;
|
||||
import com.electromagnetic.industry.software.common.enums.EleDataStatusEnum;
|
||||
import com.electromagnetic.industry.software.manage.mapper.RolePermissionMapper;
|
||||
import com.electromagnetic.industry.software.manage.pojo.models.EdFileInfo;
|
||||
import com.electromagnetic.industry.software.manage.pojo.models.RolePermission;
|
||||
|
|
@ -30,9 +32,9 @@ public class RolePermissionServiceImpl extends ServiceImpl<RolePermissionMapper,
|
|||
* @param currentPermission
|
||||
* @param infoId
|
||||
*/
|
||||
@Transactional
|
||||
@Override
|
||||
public void syncNewPermissions (List<RolePermission> currentPermission, String infoId) {
|
||||
@Transactional
|
||||
public void syncPermissions (List<RolePermission> currentPermission, String infoId) {
|
||||
|
||||
if (currentPermission == null) {
|
||||
throw new IllegalArgumentException("currentPermission must not be null");
|
||||
|
|
@ -102,11 +104,8 @@ public class RolePermissionServiceImpl extends ServiceImpl<RolePermissionMapper,
|
|||
levelMap.computeIfAbsent(len, k -> new ArrayList<>()).add(file);
|
||||
}
|
||||
|
||||
System.out.println("levelMap:"+levelMap);
|
||||
|
||||
// 获取叶子节点
|
||||
int maxLen = levelMap.lastKey();
|
||||
|
||||
// 从最底层的叶子节点的上级节点开始遍历,更新权限
|
||||
for (int i=maxLen-1; i>0;i--) {
|
||||
for (EdFileInfo fileInfo : levelMap.get(i)) {
|
||||
|
|
@ -118,11 +117,11 @@ public class RolePermissionServiceImpl extends ServiceImpl<RolePermissionMapper,
|
|||
publishedFileDTO.newInit();
|
||||
publishedFileDTO.setFileId(infoId);
|
||||
List<RolePermission> currentPermission = getCurrentPermission(publishedFileDTO);
|
||||
syncNewPermissions(currentPermission, infoId);
|
||||
}
|
||||
syncPermissions(currentPermission, infoId);
|
||||
}
|
||||
log.info("同步项目权限结束:{}", prjId);
|
||||
}
|
||||
}
|
||||
|
||||
private boolean isLeafNode(String id, List<EdFileInfo> files) {
|
||||
Set<String> parentIdSet = files.stream()
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#required
|
||||
spring.application.name=electromagnetic-data
|
||||
spring.datasource.typd=com.alibaba.druid.pool.DruidDataSource
|
||||
spring.datasource.url=jdbc:mysql://139.196.179.195:3306/em_data_test?serverTimezone=UTC&useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=GMT%2B8&allowMultiQueries=true&rewriteBatchedStatements=true
|
||||
spring.datasource.url=jdbc:mysql://139.196.179.195:3306/em_user_test?serverTimezone=UTC&useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=GMT%2B8&allowMultiQueries=true&rewriteBatchedStatements=true
|
||||
spring.datasource.username=em_user_test
|
||||
spring.datasource.password=Szsd#2O25$test
|
||||
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
|
||||
|
|
@ -14,7 +14,7 @@ pagehelper.helperDialect=mysql
|
|||
pagehelper.reasonable=false
|
||||
server.port=12395
|
||||
file.security.passwd=adknfhkj87654knd
|
||||
#windowsæÂÂ件åÂÂå¨ç®å½Âï¼Âç¨äºÂæµÂè¯Â
|
||||
#windowsæ件åå¨ç®å½ï¼ç¨äºæµè¯
|
||||
data.windows.path=D:/tmp/eleData/project/
|
||||
data.linux.path=/szsd/data/eleData/project/
|
||||
data.upload.windows.tmp.path=D:/tmp/eleData/upload/
|
||||
|
|
|
|||
Loading…
Reference in New Issue