From 0f836f29f8e0d4637a18a193453ca9bb38818c73 Mon Sep 17 00:00:00 2001 From: ArgonarioD Date: Tue, 27 Dec 2022 13:18:42 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E4=BA=86ProjectAuthorize?= =?UTF-8?q?=E6=B3=A8=E8=A7=A3=EF=BC=8C=E5=B0=86token=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E5=AD=98=E5=82=A8=E5=88=B0=E4=BA=86request=20attribute?= =?UTF-8?q?=E4=B8=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../annotation/ProjectAuthorize.java | 14 ++++++++++++++ .../controller/AnnouncementController.java | 12 ++++++++---- .../interceptor/TokenInterceptor.java | 5 +++++ .../service/impl/TaskServiceImpl.java | 3 ++- .../rmdjzz/projectmanagement/utils/TokenUtils.java | 6 +++--- .../hfut/rmdjzz/projectmanagement/UtilTests.java | 8 ++++++++ 6 files changed, 40 insertions(+), 8 deletions(-) create mode 100644 src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/ProjectAuthorize.java diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/ProjectAuthorize.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/ProjectAuthorize.java new file mode 100644 index 0000000..dd55d62 --- /dev/null +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/ProjectAuthorize.java @@ -0,0 +1,14 @@ +package cn.edu.hfut.rmdjzz.projectmanagement.annotation; + +import java.lang.annotation.*; + +@Documented +@Retention(RetentionPolicy.RUNTIME) +@Target(ElementType.METHOD) +public @interface ProjectAuthorize { + /** + * 填写逻辑判断式,用p代表项目内权限,g代表全局权限,拥有1级全局权限的人默认拥有所有项目内权限 + * 如 "p>0 && p<3",指该接口只有在该项目的权限大于3的人才能执行 + */ + String value(); +} diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java index 63f98fc..0b2ccbb 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java @@ -1,5 +1,6 @@ package cn.edu.hfut.rmdjzz.projectmanagement.controller; +import cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement; import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; @@ -49,18 +50,21 @@ public class AnnouncementController { } @SneakyThrows + @ProjectAuthorize("a>0 && a<=2") @PostMapping public ResponseMap createAnnouncement( - @RequestHeader(TokenUtils.HEADER_TOKEN) String token, +// @RequestHeader(TokenUtils.HEADER_TOKEN) String token, + @RequestAttribute Integer staffId, @PathVariable Integer projectId, @RequestBody Announcement announcement ) { - Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId); + /*Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId); if (accessLevel == 0 || accessLevel > 2) { throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE); - } + }*/ announcement.setProjectId(projectId); - announcement.setAnnouncementPublisherId(TokenUtils.getStaffId(token)); +// announcement.setAnnouncementPublisherId(TokenUtils.getStaffId(token)); + announcement.setAnnouncementPublisherId(staffId); announcement.setAnnouncementPublishTime(null); if (announcementService.save(announcement)) { return ResponseMap.ofSuccess(); diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/TokenInterceptor.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/TokenInterceptor.java index b24488b..3dacef8 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/TokenInterceptor.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/TokenInterceptor.java @@ -49,6 +49,11 @@ public class TokenInterceptor implements HandlerInterceptor { Objects.requireNonNull(TokenUtils.getDuration(token)), TimeUnit.SECONDS ); } + + httpServletRequest.setAttribute(TokenUtils.STAFF_USERNAME, TokenUtils.getUsername(token)); + httpServletRequest.setAttribute(TokenUtils.STAFF_ID, TokenUtils.getStaffId(token)); + httpServletRequest.setAttribute(TokenUtils.STAFF_GLOBAL_LEVEL, TokenUtils.getStaffGlobalLevel(token)); + httpServletResponse.setHeader(TokenUtils.HEADER_TOKEN, newToken); return true; } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java index d6d314f..79254b4 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java @@ -150,10 +150,11 @@ public class TaskServiceImpl extends ServiceImpl implements IT @NotNull private void addResultProjectProcess(List resList, String projectType) { - Boolean typeExist = false; + boolean typeExist = false; for (StaffProcessDTO staffProcessDTO : resList) { if (Objects.equals(staffProcessDTO.getTaskType(), projectType)) { typeExist = true; + break; } } if (!typeExist) { diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java index 748ae7c..888c951 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java @@ -19,9 +19,9 @@ public final class TokenUtils { private final static String PV_KEY = "SignedByRMDJZZ"; public final static String HEADER_TOKEN = "Token"; - private final static String STAFF_USERNAME = "staffUsername"; - private final static String STAFF_ID = "staffId"; - private final static String STAFF_GLOBAL_LEVEL = "staffGlobalLevel"; + public final static String STAFF_USERNAME = "staffUsername"; + public final static String STAFF_ID = "staffId"; + public final static String STAFF_GLOBAL_LEVEL = "staffGlobalLevel"; private final static String DURATION = "duration"; public static String getToken(String staffUsername, Integer staffId, Integer staffGlobalLevel, Long duration) { diff --git a/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/UtilTests.java b/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/UtilTests.java index 9dd63c6..02ba0d7 100644 --- a/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/UtilTests.java +++ b/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/UtilTests.java @@ -1,6 +1,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement; import cn.edu.hfut.rmdjzz.projectmanagement.utils.TimeUtils; +import lombok.SneakyThrows; import org.junit.jupiter.api.Test; import java.time.LocalDate; @@ -21,4 +22,11 @@ public class UtilTests { LocalTime t = LocalTime.now(); System.out.println(TimeUtils.validateDateTimeLine(a, b, c)); } + + @SneakyThrows + @Test + public void test() { + Class returnType = this.getClass().getMethod("timeTest").getReturnType(); + System.out.println(returnType.equals(void.class)); + } }