新增了ProjectAuthorize注解,将token数据存储到了request attribute中

master
ArgonarioD 2022-12-27 13:18:42 +08:00
parent 8ba644811a
commit 0f836f29f8
6 changed files with 40 additions and 8 deletions

View File

@ -0,0 +1,14 @@
package cn.edu.hfut.rmdjzz.projectmanagement.annotation;
import java.lang.annotation.*;
@Documented
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface ProjectAuthorize {
/**
* pg1
* "p>0 && p<3"3
*/
String value();
}

View File

@ -1,5 +1,6 @@
package cn.edu.hfut.rmdjzz.projectmanagement.controller;
import cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize;
import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement;
import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO;
import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
@ -49,18 +50,21 @@ public class AnnouncementController {
}
@SneakyThrows
@ProjectAuthorize("a>0 && a<=2")
@PostMapping
public ResponseMap createAnnouncement(
@RequestHeader(TokenUtils.HEADER_TOKEN) String token,
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@PathVariable Integer projectId,
@RequestBody Announcement announcement
) {
Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
/*Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
if (accessLevel == 0 || accessLevel > 2) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
}*/
announcement.setProjectId(projectId);
announcement.setAnnouncementPublisherId(TokenUtils.getStaffId(token));
// announcement.setAnnouncementPublisherId(TokenUtils.getStaffId(token));
announcement.setAnnouncementPublisherId(staffId);
announcement.setAnnouncementPublishTime(null);
if (announcementService.save(announcement)) {
return ResponseMap.ofSuccess();

View File

@ -49,6 +49,11 @@ public class TokenInterceptor implements HandlerInterceptor {
Objects.requireNonNull(TokenUtils.getDuration(token)), TimeUnit.SECONDS
);
}
httpServletRequest.setAttribute(TokenUtils.STAFF_USERNAME, TokenUtils.getUsername(token));
httpServletRequest.setAttribute(TokenUtils.STAFF_ID, TokenUtils.getStaffId(token));
httpServletRequest.setAttribute(TokenUtils.STAFF_GLOBAL_LEVEL, TokenUtils.getStaffGlobalLevel(token));
httpServletResponse.setHeader(TokenUtils.HEADER_TOKEN, newToken);
return true;
}

View File

@ -150,10 +150,11 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
@NotNull
private void addResultProjectProcess(List<StaffProcessDTO> resList, String projectType) {
Boolean typeExist = false;
boolean typeExist = false;
for (StaffProcessDTO staffProcessDTO : resList) {
if (Objects.equals(staffProcessDTO.getTaskType(), projectType)) {
typeExist = true;
break;
}
}
if (!typeExist) {

View File

@ -19,9 +19,9 @@ public final class TokenUtils {
private final static String PV_KEY = "SignedByRMDJZZ";
public final static String HEADER_TOKEN = "Token";
private final static String STAFF_USERNAME = "staffUsername";
private final static String STAFF_ID = "staffId";
private final static String STAFF_GLOBAL_LEVEL = "staffGlobalLevel";
public final static String STAFF_USERNAME = "staffUsername";
public final static String STAFF_ID = "staffId";
public final static String STAFF_GLOBAL_LEVEL = "staffGlobalLevel";
private final static String DURATION = "duration";
public static String getToken(String staffUsername, Integer staffId, Integer staffGlobalLevel, Long duration) {

View File

@ -1,6 +1,7 @@
package cn.edu.hfut.rmdjzz.projectmanagement;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TimeUtils;
import lombok.SneakyThrows;
import org.junit.jupiter.api.Test;
import java.time.LocalDate;
@ -21,4 +22,11 @@ public class UtilTests {
LocalTime t = LocalTime.now();
System.out.println(TimeUtils.validateDateTimeLine(a, b, c));
}
@SneakyThrows
@Test
public void test() {
Class<?> returnType = this.getClass().getMethod("timeTest").getReturnType();
System.out.println(returnType.equals(void.class));
}
}