diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/DoNotDeserialize.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/DoNotSerialize.java similarity index 92% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/DoNotDeserialize.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/DoNotSerialize.java index 772abb7..024e36c 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/DoNotDeserialize.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/DoNotSerialize.java @@ -13,5 +13,5 @@ import java.lang.annotation.*; @Retention(RetentionPolicy.RUNTIME) @Documented @Target({ElementType.FIELD}) -public @interface DoNotDeserialize { +public @interface DoNotSerialize { } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java index fda0eb7..2ec330c 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java @@ -1,11 +1,12 @@ package cn.edu.hfut.rmdjzz.projectmanagement.controller; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.service.IAnnouncementService; import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService; +import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService; import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils; import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList; import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap; @@ -29,9 +30,9 @@ public class AnnouncementController { @SneakyThrows @GetMapping - public ResponseList getAnnouncementList(@RequestHeader("Token") String token, @PathVariable Integer projectId) { + public ResponseList getAnnouncementList(@RequestHeader("Token") String token, @PathVariable Integer projectId) { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } return ResponseList.ofSuccess("查询成功", announcementService.getAnnouncementList(projectId)); } @@ -44,7 +45,7 @@ public class AnnouncementController { @PathVariable Long announcementId ) { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } return ResponseMap.ofSuccess("查询成功", announcementService.getAnnouncementById(announcementId)); } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectController.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectController.java index e34cbbb..a17edd0 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectController.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectController.java @@ -1,7 +1,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.controller; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Project; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService; import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService; @@ -34,13 +34,13 @@ public class ProjectController { @Operation(summary = "根据Token获取该员工的ProjectList") @SneakyThrows @GetMapping - public ResponseList getProjectListOfStaff( + public ResponseList getProjectListOfStaff( @RequestHeader("Token") String token, @Valid RequestPage page, @Parameter(description = "参数列表见Project实体类,时间可以用xxxxStart与xxxxEnd来确定区间" , required = true) @RequestParam("paramMap") Map paramMap ) { - Page result = projectService.getOnePageProject(token, page, paramMap); + Page result = projectService.getOnePageProject(token, page, paramMap); return ResponseList.ofSuccess("成功返回列表", result); } @@ -61,7 +61,7 @@ public class ProjectController { @GetMapping("/count") public ResponseMap getProjectNumOfStaff(@RequestHeader("Token") String token) { return ResponseMap.ofSuccess("查询成功") - .put("totalNum", projectService.getAllProjectOfStaff(token)); + .put("totalNum", projectService.countMyProjects(token)); } @SneakyThrows diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java index fe9227d..50c2dd5 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java @@ -1,9 +1,9 @@ package cn.edu.hfut.rmdjzz.projectmanagement.controller; import cn.edu.hfut.rmdjzz.projectmanagement.entity.ProjectGroup; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.vo.GroupPositionVo; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.vo.GroupPositionVO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService; @@ -40,13 +40,13 @@ public class ProjectGroupController { @Operation(description = "传入合法page参数时分页查询,否则拉取整个列表") @SneakyThrows @GetMapping - public ResponseList getGroupMembers( + public ResponseList getGroupMembers( @PathVariable Integer projectId, @RequestHeader("Token") String token, RequestPage page ) { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } if (validateUtils.validate(page).isEmpty()) { return ResponseList.ofSuccess("查询成功", projectGroupService.pageProjectMembers(page, projectId)); @@ -63,7 +63,7 @@ public class ProjectGroupController { @PathVariable Integer staffId ) { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } return ResponseMap.ofSuccess("查询成功", projectGroupService.getOne( Wrappers.lambdaQuery() @@ -78,7 +78,7 @@ public class ProjectGroupController { public ResponseMap addGroupMember( @RequestHeader("Token") String token, @PathVariable Integer projectId, - @RequestBody GroupPositionVo groupPosition + @RequestBody GroupPositionVO groupPosition ) { projectGroupService.insertNewMember(token, projectId, groupPosition.getStaffId(), groupPosition.getPositions()); return ResponseMap.ofSuccess("创建成功"); @@ -91,7 +91,7 @@ public class ProjectGroupController { @RequestHeader("Token") String token, @PathVariable Integer projectId, @PathVariable Integer staffId, - @Parameter(description = "不需要在body中传递staffId,用path传递") @RequestBody GroupPositionVo groupPosition + @Parameter(description = "不需要在body中传递staffId,用path传递") @RequestBody GroupPositionVO groupPosition ) { projectGroupService.updateStaffPositions(token, staffId, projectId, groupPosition.getPositions()); return ResponseMap.ofSuccess("更新成功"); @@ -108,7 +108,7 @@ public class ProjectGroupController { @SneakyThrows @GetMapping("/{staffId}/stats") - public ResponseList getProjectProcessOfStaff( + public ResponseList getProjectProcessOfStaff( @RequestHeader("Token") String token, @PathVariable Integer projectId, @PathVariable Integer staffId diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/TaskController.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/TaskController.java index 1bd307c..05c0156 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/TaskController.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/TaskController.java @@ -1,7 +1,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.controller; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Task; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService; import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService; @@ -26,12 +26,12 @@ public class TaskController { private IProjectService projectService; @SneakyThrows @GetMapping("/{fatherId}/subtask") - public ResponseList getSubTaskList( + public ResponseList getSubTaskList( @RequestHeader("Token") String token, @PathVariable("projectId") Integer projectId, @PathVariable("fatherId") Long fatherId ) { - List result = taskService.getSubTaskList(token, projectId, fatherId); + List result = taskService.getSubTaskList(token, projectId, fatherId); return ResponseList.ofSuccess("查询成功", result); } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/Staff.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/Staff.java index 058b9ff..11be2d8 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/Staff.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/Staff.java @@ -1,5 +1,6 @@ package cn.edu.hfut.rmdjzz.projectmanagement.entity; +import cn.edu.hfut.rmdjzz.projectmanagement.annotation.DoNotSerialize; import com.baomidou.mybatisplus.annotation.IdType; import com.baomidou.mybatisplus.annotation.TableId; import lombok.Data; @@ -13,9 +14,11 @@ public class Staff { @TableId(type = IdType.AUTO) private Integer staffId; private String staffUsername; - private String staffPassword; private String staffFullname; private String staffGender; + @DoNotSerialize + private String staffPassword; + @DoNotSerialize private String staffSalt; - private Integer staffLevel; + private Integer staffGlobalLevel; } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/AnnouncementDto.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/AnnouncementDTO.java similarity index 93% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/AnnouncementDto.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/AnnouncementDTO.java index 4affe2c..2f1e987 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/AnnouncementDto.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/AnnouncementDTO.java @@ -9,7 +9,7 @@ import java.time.LocalDateTime; * @since 2022/7/7 11:33 */ @Data -public class AnnouncementDto { +public class AnnouncementDTO { private Long announcementId; private Integer announcementPublisherId; private String announcementPublisherName; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectDto.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectDTO.java similarity index 96% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectDto.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectDTO.java index a5e5da8..d51503f 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectDto.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectDTO.java @@ -14,7 +14,7 @@ import java.time.LocalDate; @Data @AllArgsConstructor @NoArgsConstructor -public class ProjectDto { +public class ProjectDTO { @TableId Integer projectId; String projectName; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectGroupDto.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectGroupDTO.java similarity index 90% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectGroupDto.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectGroupDTO.java index f3ce31d..880d8ea 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectGroupDto.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectGroupDTO.java @@ -8,7 +8,7 @@ import lombok.Data; */ @Data -public class ProjectGroupDto { +public class ProjectGroupDTO { Integer staffId; String staffUsername; String staffFullname; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectProcessDto.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectProcessDTO.java similarity index 86% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectProcessDto.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectProcessDTO.java index 333fa97..2ef668c 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectProcessDto.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/ProjectProcessDTO.java @@ -7,7 +7,7 @@ import lombok.Data; * @since 2022/7/7 11:42 */ @Data -public class ProjectProcessDto { +public class ProjectProcessDTO { Integer projectId; Long completeNum; Long totalNum; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/StaffProcessDto.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/StaffProcessDTO.java similarity index 86% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/StaffProcessDto.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/StaffProcessDTO.java index ea7368b..1c9f13a 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/StaffProcessDto.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/StaffProcessDTO.java @@ -7,7 +7,7 @@ import lombok.Data; * @since 2022/7/7 10:28 */ @Data -public class StaffProcessDto { +public class StaffProcessDTO { String taskType; Long completeNum; Long totalNum; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDto.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDTO.java similarity index 97% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDto.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDTO.java index f4f15e4..a3b09cf 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDto.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDTO.java @@ -12,7 +12,7 @@ import java.util.Map; * @since 2022/7/6 10:25 */ @Data -public class TaskDto { +public class TaskDTO { private Long taskId; private String taskName; private Integer taskProjectId; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/vo/GroupPositionVo.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/vo/GroupPositionVO.java similarity index 86% rename from src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/vo/GroupPositionVo.java rename to src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/vo/GroupPositionVO.java index 8ca0de4..65c313b 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/vo/GroupPositionVo.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/vo/GroupPositionVO.java @@ -7,7 +7,7 @@ import lombok.Data; * @since 2022/7/7 0:27 */ @Data -public class GroupPositionVo { +public class GroupPositionVO { private Integer staffId; private String positions; } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/AnnouncementMapper.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/AnnouncementMapper.java index 57ee30c..5d1ddae 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/AnnouncementMapper.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/AnnouncementMapper.java @@ -1,7 +1,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.mapper; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO; import com.baomidou.mybatisplus.core.mapper.BaseMapper; import org.apache.ibatis.annotations.Param; @@ -12,7 +12,7 @@ import java.util.List; * @since 2022/7/7 11:26 */ public interface AnnouncementMapper extends BaseMapper { - List selectAnnouncementList(@Param("projectId") Integer projectId); + List selectAnnouncementList(@Param("projectId") Integer projectId); - AnnouncementDto selectAnnouncementById(@Param("announcementId") Long announcementId); + AnnouncementDTO selectAnnouncementById(@Param("announcementId") Long announcementId); } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectGroupMapper.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectGroupMapper.java index ef611d4..ff46c40 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectGroupMapper.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectGroupMapper.java @@ -1,8 +1,8 @@ package cn.edu.hfut.rmdjzz.projectmanagement.mapper; import cn.edu.hfut.rmdjzz.projectmanagement.entity.ProjectGroup; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDTO; import com.baomidou.mybatisplus.core.mapper.BaseMapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; @@ -21,12 +21,12 @@ public interface ProjectGroupMapper extends BaseMapper { FROM project_group inner join staff ON project_group.staff_id = staff.staff_id AND project_group.project_id = #{projectId} """) - Page selectMembersByPage(IPage pg, @Param("projectId") Integer projectId); + Page selectMembersByPage(IPage pg, @Param("projectId") Integer projectId); @Select(""" SELECT staff.staff_id, staff_username, staff_fullname, project_staff_position, project_access_level FROM project_group inner join staff ON project_group.staff_id = staff.staff_id AND project_group.project_id = #{projectId} """) - List selectMembersByList(@Param("projectId") Integer projectId); + List selectMembersByList(@Param("projectId") Integer projectId); } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectMapper.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectMapper.java index 1f46487..e812493 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectMapper.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/ProjectMapper.java @@ -1,13 +1,12 @@ package cn.edu.hfut.rmdjzz.projectmanagement.mapper; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Project; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectProcessDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectProcessDTO; import com.baomidou.mybatisplus.core.conditions.Wrapper; import com.baomidou.mybatisplus.core.mapper.BaseMapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.core.toolkit.Constants; -import io.swagger.v3.oas.models.security.SecurityScheme; import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Select; @@ -18,12 +17,11 @@ import org.apache.ibatis.annotations.Select; public interface ProjectMapper extends BaseMapper { @Select(""" - SELECT COUNT(*) FROM project WHERE project_id IN - (SELECT DISTINCT project_id FROM project_group WHERE staff_id = #{staffId}) + SELECT COUNT(project_id) FROM project_group WHERE staff_id = #{staffId}; """) - Long findProjectCount(@Param("staffId") Integer staffId); + Long selectMyProjectCount(@Param("staffId") Integer staffId); - ProjectProcessDto findProjectProcess(@Param("projectId") Integer projectId); + ProjectProcessDTO selectProjectProcess(@Param("projectId") Integer projectId); - IPage findMyProject(IPage pg, @Param("staffId") Integer staff_id, @Param(Constants.WRAPPER) Wrapper wrapper); + IPage selectMyProject(IPage pg, @Param("staffId") Integer staff_id, @Param(Constants.WRAPPER) Wrapper wrapper); } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/TaskMapper.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/TaskMapper.java index 03f7900..88d1406 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/TaskMapper.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/mapper/TaskMapper.java @@ -1,8 +1,8 @@ package cn.edu.hfut.rmdjzz.projectmanagement.mapper; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Task; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDTO; import com.baomidou.mybatisplus.core.mapper.BaseMapper; import org.apache.ibatis.annotations.Param; @@ -13,7 +13,7 @@ import java.util.List; * created at 2022/7/4 14:52 */ public interface TaskMapper extends BaseMapper { - List selectSubTaskList(@Param("projectId") Integer projectId, @Param("fatherId") Long fatherId); + List selectSubTaskList(@Param("projectId") Integer projectId, @Param("fatherId") Long fatherId); - List selectProjectProcessOfStaff(@Param("projectId") Integer projectId, @Param("staffId") Integer staffId); + List selectProjectProcessOfStaff(@Param("projectId") Integer projectId, @Param("staffId") Integer staffId); } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IAnnouncementService.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IAnnouncementService.java index d5c1c62..5e89ff1 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IAnnouncementService.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IAnnouncementService.java @@ -1,7 +1,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import com.baomidou.mybatisplus.extension.service.IService; @@ -14,9 +14,9 @@ import java.util.List; */ public interface IAnnouncementService extends IService { - List getAnnouncementList(Integer projectId); + List getAnnouncementList(Integer projectId); - AnnouncementDto getAnnouncementById(Long announcementId); + AnnouncementDTO getAnnouncementById(Long announcementId); Boolean updateAnnouncement(String token, Integer projectId, Announcement announcement) throws ForbiddenException, BadRequestException; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectGroupService.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectGroupService.java index b973d81..fa87d00 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectGroupService.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectGroupService.java @@ -1,7 +1,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service; import cn.edu.hfut.rmdjzz.projectmanagement.entity.ProjectGroup; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; @@ -15,6 +15,12 @@ import java.util.Map; * created at 2022/6/30 21:36 */ public interface IProjectGroupService extends IService { + + String UNABLE_TO_ACCESS = "无该项目访问权限"; + + String POSITION_1 = "项目经理"; + String POSITION_2 = "项目主管"; + Boolean addCreator(Integer projectId, Integer staffId); void insertNewMember(String token, Integer projectId, Integer staffId, String positions) throws ForbiddenException; @@ -22,11 +28,16 @@ public interface IProjectGroupService extends IService { void updateStaffPositions(String token, Integer projectId, Integer targetId, String positions) throws ForbiddenException; /** - * @return 如果不存在就返回0,否则返回AccessLevel + * @return 如果不存在就返回0,否则返回AccessLevel;对于全局权限为1的用户,直接返回1 */ Integer getProjectAccessLevel(String token, Integer projectId); - Integer getProjectAccessLevel(Integer staffId, Integer projectId); + Integer getProjectAccessLevel(Integer staffId, Integer staffGlobalLevel, Integer projectId); + + + Integer getProjectAccessLevelIgnoreGlobalLevel(String token, Integer projectId); + + Integer getProjectAccessLevelIgnoreGlobalLevel(Integer staffId, Integer projectId); /** * 比较token持有者与目标id在项目中的权限等级大小关系,一般用于当token持有者对目标id的某条目做危险操作时判断用 @@ -37,9 +48,9 @@ public interface IProjectGroupService extends IService { */ Integer compareProjectAccessLevel(Integer projectId, String token, Integer targetId); - Page pageProjectMembers(RequestPage page, Integer projectId); + Page pageProjectMembers(RequestPage page, Integer projectId); - List listProjectMembers(Integer projectId); + List listProjectMembers(Integer projectId); /** * 统计小组中各岗位数量 diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectService.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectService.java index 1344707..019b80d 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectService.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectService.java @@ -1,8 +1,8 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Project; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectProcessDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectProcessDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage; @@ -17,17 +17,17 @@ import java.util.Map; */ public interface IProjectService extends IService { - Long getAllProjectOfStaff(String token); + Long countMyProjects(String token); - ProjectProcessDto getProjectProcess(String token, Integer projectId) throws ForbiddenException; + ProjectProcessDTO getProjectProcess(String token, Integer projectId) throws ForbiddenException, BadRequestException; - Page getOnePageProject(String token, RequestPage page, Map params); + Page getOnePageProject(String token, RequestPage page, Map params); Boolean setProjectCompleted(String token, Integer projectId) throws BadRequestException; - Boolean createProject(String token, Project project) throws BadRequestException; + Boolean createProject(String token, Project project) throws BadRequestException, ForbiddenException; Boolean checkOpenStatus(Integer projectId); - Boolean updateProject(String token, Project project) throws BadRequestException; + Boolean updateProject(String token, Project project) throws BadRequestException, ForbiddenException; } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IStaffService.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IStaffService.java index 56d66a9..6f81318 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IStaffService.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IStaffService.java @@ -2,6 +2,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Staff; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; +import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.TokenException; import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap; import com.baomidou.mybatisplus.extension.service.IService; @@ -16,5 +17,5 @@ public interface IStaffService extends IService { Boolean logout(String token) throws TokenException; - Integer multiImport(String token, MultipartFile file) throws BadRequestException; + Integer multiImport(String token, MultipartFile file) throws BadRequestException, ForbiddenException; } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/ITaskService.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/ITaskService.java index 5a60b67..eb7f1ae 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/ITaskService.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/ITaskService.java @@ -1,8 +1,8 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Task; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import com.baomidou.mybatisplus.extension.service.IService; @@ -14,7 +14,7 @@ import java.util.List; * created at 2022/7/4 14:49 */ public interface ITaskService extends IService { - List getSubTaskList(String token, Integer projectId, Long fatherId) throws BadRequestException, ForbiddenException; + List getSubTaskList(String token, Integer projectId, Long fatherId) throws BadRequestException, ForbiddenException; Boolean existSubTask(String token, Integer projectId, Long taskId) throws BadRequestException, ForbiddenException; @@ -22,12 +22,12 @@ public interface ITaskService extends IService { Boolean closeTaskAndSubTask(String token, Integer projectId, Long taskId) throws BadRequestException; - List getProjectProcessOfStaff(String token, Integer projectId) throws BadRequestException, ForbiddenException; + List getProjectProcessOfStaff(String token, Integer projectId) throws BadRequestException, ForbiddenException; /** * @return 1:all rights 2:father holder 3:current holder 0:no right */ - Integer getHolderLevel(Integer staffId, Long taskId); + Integer getHolderLevel(Integer staffId, Integer staffGlobalLevel, Long taskId); /** * @return 1:all rights 2:father holder 3:current holder 0:no right diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/AnnouncementServiceImpl.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/AnnouncementServiceImpl.java index c5ca655..2e25fa8 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/AnnouncementServiceImpl.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/AnnouncementServiceImpl.java @@ -1,13 +1,13 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service.impl; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.mapper.AnnouncementMapper; import cn.edu.hfut.rmdjzz.projectmanagement.service.IAnnouncementService; import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService; -import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils; +import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import org.springframework.beans.factory.annotation.Autowired; @@ -27,21 +27,20 @@ public class AnnouncementServiceImpl extends ServiceImpl getAnnouncementList(Integer projectId) { + public List getAnnouncementList(Integer projectId) { return baseMapper.selectAnnouncementList(projectId); } @Override - public AnnouncementDto getAnnouncementById(Long announcementId) { + public AnnouncementDTO getAnnouncementById(Long announcementId) { return baseMapper.selectAnnouncementById(announcementId); } @Override public Boolean updateAnnouncement(String token, Integer projectId, Announcement announcement) throws ForbiddenException, BadRequestException { - Integer staffId = TokenUtils.getStaffId(token); - Integer accessLevel = projectGroupService.getProjectAccessLevel(staffId, projectId); + Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId); if (accessLevel == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } if (accessLevel > 2) { throw new ForbiddenException("无权修改该公告"); @@ -58,10 +57,9 @@ public class AnnouncementServiceImpl extends ServiceImpl 2) { throw new ForbiddenException("无权修改该公告"); diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectGroupServiceImpl.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectGroupServiceImpl.java index 4a59bc6..f4e824e 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectGroupServiceImpl.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectGroupServiceImpl.java @@ -1,10 +1,11 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service.impl; import cn.edu.hfut.rmdjzz.projectmanagement.entity.ProjectGroup; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectGroupDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.mapper.ProjectGroupMapper; import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService; +import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService; import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils; import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage; import com.baomidou.mybatisplus.core.toolkit.Wrappers; @@ -29,7 +30,7 @@ public class ProjectGroupServiceImpl extends ServiceImpl 2) { throw new ForbiddenException("无新增成员权限"); } String[] positionArray = positions.split(","); for (String position : positionArray) { - if (position.equals("项目经理")) { + if (position.equals(POSITION_1)) { throw new ForbiddenException("不能授予他人项目经理职位"); } - if (position.equals("项目主管")) { + if (position.equals(POSITION_2)) { if (accessLevel != 1) { throw new ForbiddenException("无授予项目主管职位权限"); } @@ -64,20 +65,20 @@ public class ProjectGroupServiceImpl extends ServiceImpl 2 || accessLevel >= targetLevel) { throw new ForbiddenException("无更改此人职位权限"); } String[] positionArray = positions.split(","); for (String position : positionArray) { - if (position.equals("项目经理")) { + if (position.equals(POSITION_1)) { throw new ForbiddenException("不能授予他人项目经理职位"); } - if (position.equals("项目主管") && accessLevel != 1) { + if (position.equals(POSITION_2) && accessLevel != 1) { throw new ForbiddenException("无授予项目主管职位权限"); } } @@ -94,13 +95,30 @@ public class ProjectGroupServiceImpl extends ServiceImpllambdaQuery() + .select(ProjectGroup::getProjectAccessLevel) .eq(ProjectGroup::getStaffId, staffId) .eq(ProjectGroup::getProjectId, projectId) ); @@ -114,32 +132,23 @@ public class ProjectGroupServiceImpl extends ServiceImpllambdaQuery() - .select(ProjectGroup::getProjectAccessLevel) - .eq(ProjectGroup::getStaffId, targetId) - .eq(ProjectGroup::getProjectId, projectId) - ).getProjectAccessLevel(); - - if (targetLevel == null) { - targetLevel = 0; - } - return Integer.compare(getProjectAccessLevel(token, projectId), targetLevel); + return Integer.compare(getProjectAccessLevel(token, projectId), getProjectAccessLevelIgnoreGlobalLevel(targetId, projectId)); } @Override - public Page pageProjectMembers(RequestPage page, Integer projectId) { + public Page pageProjectMembers(RequestPage page, Integer projectId) { return baseMapper.selectMembersByPage(page.getPage(), projectId); } @Override - public List listProjectMembers(Integer projectId) { + public List listProjectMembers(Integer projectId) { return baseMapper.selectMembersByList(projectId); } @Override public Map collectStatsForGroupPositions(String token, Integer projectId) throws ForbiddenException { if (getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } Map res = new HashMap<>(); List infos = baseMapper.selectList( diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectServiceImpl.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectServiceImpl.java index f37c5f2..c43383b 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectServiceImpl.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectServiceImpl.java @@ -1,8 +1,8 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service.impl; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Project; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectProcessDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectProcessDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.mapper.ProjectMapper; @@ -12,7 +12,6 @@ import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils; import cn.edu.hfut.rmdjzz.projectmanagement.utils.WrapperUtils; import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage; import com.baomidou.mybatisplus.core.metadata.IPage; -import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import org.springframework.beans.factory.annotation.Autowired; @@ -29,32 +28,36 @@ import java.util.Objects; */ @Service public class ProjectServiceImpl extends ServiceImpl implements IProjectService { + @Autowired private IProjectGroupService projectGroupService; @Override - public Long getAllProjectOfStaff(String token) { + public Long countMyProjects(String token) { Integer staffId = TokenUtils.getStaffId(token); - return baseMapper.findProjectCount(staffId); + return baseMapper.selectMyProjectCount(staffId); } @Override - public ProjectProcessDto getProjectProcess(String token, Integer projectId) throws ForbiddenException { + public ProjectProcessDTO getProjectProcess(String token, Integer projectId) throws ForbiddenException, BadRequestException { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无查看权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } - return baseMapper.findProjectProcess(projectId); + if (Objects.equals(projectId, 0)) { + throw new BadRequestException("参数非法"); + } + return baseMapper.selectProjectProcess(projectId); } @Override - public Page getOnePageProject( + public Page getOnePageProject( String token, RequestPage page, Map params ) { Integer staffId = TokenUtils.getStaffId(token); - IPage userPage = baseMapper.findMyProject(page.getPage(), staffId, WrapperUtils.allEqAndTimeIntervalQueryWrapper(params)); - return (Page) userPage; + IPage userPage = baseMapper.selectMyProject(page.getPage(), staffId, WrapperUtils.allEqAndTimeIntervalQueryWrapper(params)); + return (Page) userPage; } @Override @@ -66,7 +69,7 @@ public class ProjectServiceImpl extends ServiceImpl impl if (targetProject == null) throw new BadRequestException("项目不存在"); if (!Objects.equals(staffId, targetProject.getProjectCreator())) - throw new BadRequestException("用户请求非法"); + throw new BadRequestException("无该操作权限"); if (targetProject.getCompleted()) throw new BadRequestException("该项目已结项"); targetProject.setCompleted(true); @@ -76,9 +79,12 @@ public class ProjectServiceImpl extends ServiceImpl impl throw new BadRequestException("操作失败"); } - //FIXME: 时间线判断? @Override - public Boolean createProject(String token, Project project) throws BadRequestException { + public Boolean createProject(String token, Project project) throws BadRequestException, ForbiddenException { + Integer staffGlobalLevel = TokenUtils.getStaffGlobalLevel(token); + if (staffGlobalLevel == 0 || staffGlobalLevel > 2) { + throw new ForbiddenException("无该操作权限"); + } project.setProjectId(null); project.setCompleted(false); project.setProjectCreatedTime(null); @@ -111,10 +117,10 @@ public class ProjectServiceImpl extends ServiceImpl impl return project != null && !project.getCompleted(); } - public Boolean updateProject(String token, Project project) throws BadRequestException { + public Boolean updateProject(String token, Project project) throws BadRequestException, ForbiddenException { Integer staffId = TokenUtils.getStaffId(token); - if (!staffId.equals(project.getProjectCreator())) { - throw new BadRequestException("无权操作"); + if (!staffId.equals(project.getProjectCreator()) && TokenUtils.getStaffGlobalLevel(token) != 1) { + throw new ForbiddenException("无该操作权限"); } Project rawProject = baseMapper.selectById(project.getProjectId()); if (!project.checkModification(rawProject)) { diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java index 625963d..8550b9a 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java @@ -2,7 +2,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service.impl; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Staff; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; -import cn.edu.hfut.rmdjzz.projectmanagement.exception.TokenException; +import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.mapper.StaffMapper; import cn.edu.hfut.rmdjzz.projectmanagement.service.IStaffService; import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils; @@ -10,12 +10,8 @@ import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import org.apache.commons.lang3.RandomStringUtils; -import org.apache.poi.ss.usermodel.CellType; -import org.apache.poi.xssf.usermodel.XSSFCell; import org.apache.poi.xssf.usermodel.XSSFSheet; import org.apache.poi.xssf.usermodel.XSSFWorkbook; -import org.jetbrains.annotations.Contract; -import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.stereotype.Service; @@ -40,7 +36,7 @@ public class StaffServiceImpl extends ServiceImpl implements private RedisTemplate redisTemplate; @Override - public ResponseMap login(String staffUsername, String password) throws BadRequestException, TokenException { + public ResponseMap login(String staffUsername, String password) throws BadRequestException { if (staffUsername == null || staffUsername.trim().length() == 0) throw new BadRequestException("用户名为空"); else if (!staffUsername.equals(staffUsername.replaceAll("[^a-zA-Z0-9]", ""))) @@ -54,21 +50,18 @@ public class StaffServiceImpl extends ServiceImpl implements password = DigestUtils.md5DigestAsHex((password + staff.getStaffSalt()).getBytes()); if (!staff.getStaffPassword().equals(password)) throw new BadRequestException("密码错误"); - String token = TokenUtils.getToken(staff.getStaffUsername(), staff.getStaffId(), tokenDuration); + String token = TokenUtils.getToken(staff.getStaffUsername(), staff.getStaffId(), staff.getStaffGlobalLevel(), tokenDuration); redisTemplate.opsForValue().set( Objects.requireNonNull(TokenUtils.getStaffId(token)), token, Objects.requireNonNull(TokenUtils.getDuration(token)), TimeUnit.SECONDS ); - return ResponseMap.ofSuccess("ok") - .put("Token", token) - .put("staffUsername", staffUsername) - .put("staffFullname", staff.getStaffFullname()) - .put("staffId", staff.getStaffId()); + return ResponseMap.ofSuccess("ok", staff) + .put("Token", token); } @Override - public Boolean logout(String token) throws TokenException { + public Boolean logout(String token) { Integer staffId = TokenUtils.getStaffId(token); if (staffId == null) return false; @@ -81,8 +74,11 @@ public class StaffServiceImpl extends ServiceImpl implements @Transactional(isolation = Isolation.SERIALIZABLE, rollbackFor = Exception.class) @Override - public Integer multiImport(String token, MultipartFile file) throws BadRequestException { + public Integer multiImport(String token, MultipartFile file) throws BadRequestException, ForbiddenException { //TODO:check Token here + if (TokenUtils.getStaffGlobalLevel(token) != 1) { + throw new ForbiddenException("无该操作权限"); + } try { XSSFWorkbook xwb = new XSSFWorkbook(file.getInputStream()); @@ -96,7 +92,7 @@ public class StaffServiceImpl extends ServiceImpl implements ArrayList staffPasswordC = new ArrayList<>(); ArrayList staffFullnameC = new ArrayList<>(); ArrayList staffGenderC = new ArrayList<>(); - ArrayList staffLevelC = new ArrayList<>(); + ArrayList staffGlobalLevelC = new ArrayList<>(); if (!xlsxColumnGetter("staffUsername", 0, staffUsernameC, sheet)) { throw new BadRequestException("读取列staffUsername失败"); } @@ -122,14 +118,14 @@ public class StaffServiceImpl extends ServiceImpl implements throw new BadRequestException("读取列staffGender失败"); } System.out.println(staffGenderC); - if (!xlsxColumnGetter("staffLevel", 4, staffLevelC, sheet) || - staffLevelC.size() != totalCount) { - throw new BadRequestException("读取列staffLevel失败"); + if (!xlsxColumnGetter("staffGlobalLevel", 4, staffGlobalLevelC, sheet) || + staffGlobalLevelC.size() != totalCount) { + throw new BadRequestException("读取列staffGlobalLevel失败"); } - System.out.println(staffLevelC); + System.out.println(staffGlobalLevelC); for (int i = 0; i < totalCount; i++) { - if (Integer.parseInt(staffLevelC.get(i)) != 2 && Integer.parseInt(staffLevelC.get(i)) != 3) { - throw new BadRequestException("列staffLevel无效"); + if (Integer.parseInt(staffGlobalLevelC.get(i)) != 2 && Integer.parseInt(staffGlobalLevelC.get(i)) != 3) { + throw new BadRequestException("列staffGlobalLevel无效"); } } @@ -144,7 +140,7 @@ public class StaffServiceImpl extends ServiceImpl implements staff.setStaffPassword(DigestUtils.md5DigestAsHex((DigestUtils.md5DigestAsHex(staffPasswordC.get(i).getBytes()) + staff.getStaffSalt()).getBytes())); staff.setStaffFullname(staffFullnameC.get(i)); staff.setStaffGender(staffGenderC.get(i)); - staff.setStaffLevel(Integer.parseInt(staffLevelC.get(i))); + staff.setStaffGlobalLevel(Integer.parseInt(staffGlobalLevelC.get(i))); System.out.println(staff); if (baseMapper.insert(staff) != 1) { throw new BadRequestException("第" + (i + 1) + "行数据错误"); @@ -165,10 +161,10 @@ public class StaffServiceImpl extends ServiceImpl implements return false; } for (int i = 1; i <= sheet.getLastRowNum(); i++) { - String value=sheet.getRow(i).getCell(columnIndex).getStringCellValue(); - if(value==null||value.length()<=2) + String value = sheet.getRow(i).getCell(columnIndex).getStringCellValue(); + if (value == null || value.length() <= 2) return true; - result.add(value.substring(1,value.length()-1)); + result.add(value.substring(1, value.length() - 1)); } return true; } catch (Exception e) { diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java index d3322b4..fdfbf6e 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java @@ -1,11 +1,12 @@ package cn.edu.hfut.rmdjzz.projectmanagement.service.impl; import cn.edu.hfut.rmdjzz.projectmanagement.entity.Task; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDto; -import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDto; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.StaffProcessDTO; +import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.TaskDTO; import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException; import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException; import cn.edu.hfut.rmdjzz.projectmanagement.mapper.TaskMapper; +import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService; import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService; import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils; import com.baomidou.mybatisplus.core.toolkit.Wrappers; @@ -28,13 +29,12 @@ import java.util.stream.Collectors; @Service public class TaskServiceImpl extends ServiceImpl implements ITaskService { @Autowired - private ProjectGroupServiceImpl projectGroupService; + private IProjectGroupService projectGroupService; - //FIXME: 抛出未授权异常 @Override - public List getSubTaskList(String token, Integer projectId, Long fatherId) throws ForbiddenException, BadRequestException { + public List getSubTaskList(String token, Integer projectId, Long fatherId) throws ForbiddenException, BadRequestException { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } if (fatherId == null) { throw new BadRequestException("请求参数错误"); @@ -45,7 +45,7 @@ public class TaskServiceImpl extends ServiceImpl implements IT @Override public Boolean existSubTask(String token, Integer projectId, Long taskId) throws ForbiddenException { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } return baseMapper.exists(Wrappers.lambdaQuery().eq(Task::getTaskFatherId, taskId)); } @@ -55,7 +55,7 @@ public class TaskServiceImpl extends ServiceImpl implements IT public Boolean deleteTaskAndSubTask(String token, Integer projectId, Long taskId) throws BadRequestException, ForbiddenException { Integer level = getHolderLevel(token, taskId); if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } if (level == 0 || level == 3) { throw new BadRequestException("错误父级参数"); @@ -82,7 +82,7 @@ public class TaskServiceImpl extends ServiceImpl implements IT public Boolean closeTaskAndSubTask(String token, Integer projectId, Long taskId) throws BadRequestException { Integer level = getHolderLevel(token, taskId); if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new BadRequestException("无该项目访问权限"); + throw new BadRequestException(IProjectGroupService.UNABLE_TO_ACCESS); } if (level == 0) { throw new BadRequestException("父级参数错误"); @@ -114,17 +114,20 @@ public class TaskServiceImpl extends ServiceImpl implements IT } @Override - public List getProjectProcessOfStaff(String token, Integer projectId) throws BadRequestException, ForbiddenException { + public List getProjectProcessOfStaff(String token, Integer projectId) throws BadRequestException, ForbiddenException { Integer staffId = TokenUtils.getStaffId(token); - if(projectGroupService.getProjectAccessLevel(token, projectId) == 0) { + if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { throw new ForbiddenException("无查看权限"); } return baseMapper.selectProjectProcessOfStaff(projectId, staffId); } @Override - public Integer getHolderLevel(Integer staffId, Long taskId) { + public Integer getHolderLevel(Integer staffId, Integer staffGlobalLevel, Long taskId) { try { + if (staffGlobalLevel == 1) { + return 1; + } Task task = baseMapper.selectOne(Wrappers.lambdaQuery().eq(Task::getTaskId, taskId)); if (task == null || staffId <= 0) return 0; @@ -146,13 +149,14 @@ public class TaskServiceImpl extends ServiceImpl implements IT @Override public Integer getHolderLevel(String token, Long taskId) { Integer staffId = TokenUtils.getStaffId(token); - return getHolderLevel(staffId, taskId); + Integer staffGlobalLevel = TokenUtils.getStaffGlobalLevel(token); + return getHolderLevel(staffId, staffGlobalLevel, taskId); } @Override public List getMyTaskList(String token, Integer projectId) throws BadRequestException { if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) { - throw new BadRequestException("无该项目访问权限"); + throw new BadRequestException(IProjectGroupService.UNABLE_TO_ACCESS); } Integer staffId = TokenUtils.getStaffId(token); return baseMapper.selectList(Wrappers.lambdaQuery() @@ -186,7 +190,7 @@ public class TaskServiceImpl extends ServiceImpl implements IT Integer userLevel = projectGroupService.getProjectAccessLevel(token, task.getTaskProjectId()); if (userLevel == 0) { System.out.println(userLevel); - throw new ForbiddenException("无该项目访问权限"); + throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS); } if (!task.checkInsert()) { throw new BadRequestException("工作项参数错误"); diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/BeanUtils.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/BeanUtils.java index 02bb33c..28a2312 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/BeanUtils.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/BeanUtils.java @@ -1,6 +1,6 @@ package cn.edu.hfut.rmdjzz.projectmanagement.utils; -import cn.edu.hfut.rmdjzz.projectmanagement.annotation.DoNotDeserialize; +import cn.edu.hfut.rmdjzz.projectmanagement.annotation.DoNotSerialize; import com.baomidou.mybatisplus.core.toolkit.StringUtils; import java.beans.PropertyDescriptor; @@ -16,7 +16,7 @@ import java.util.Map; */ public class BeanUtils { /** - * 将bean转成map,被标注{@link DoNotDeserialize}注释的变量会被跳过 + * 将bean转成map,被标注{@link DoNotSerialize}注释的变量会被跳过 * * @param putNulls 是否将值为null的变量也放入结果map * @param toUnderline 是否将变量命名转为下划线型 @@ -30,7 +30,7 @@ public class BeanUtils { Class clazz = object.getClass(); for (Field field : fields) { String fieldName = field.getName(); - if (fieldName.equals("serialVersionUID") || field.getAnnotation(DoNotDeserialize.class) != null) { + if (fieldName.equals("serialVersionUID") || field.getAnnotation(DoNotSerialize.class) != null) { continue; } String key = toUnderline ? StringUtils.camelToUnderline(fieldName) : fieldName; diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java index b34cbda..ab0fcb0 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java @@ -17,21 +17,22 @@ import java.util.Date; //TODO: 演示的时候把expireTime改短点儿 @Component public final class TokenUtils { - public final static String pvKey = "SignedByRMDJZZ"; + private final static String PV_KEY = "SignedByRMDJZZ"; //TODO: 加个大权限 - public static String getToken(String staffUsername, Integer staffId, Long duration) { + public static String getToken(String staffUsername, Integer staffId, Integer staffGlobalLevel, Long duration) { return JWT.create() .withClaim("staffUsername", staffUsername) .withClaim("staffId", staffId) + .withClaim("staffGlobalLevel", staffGlobalLevel) .withClaim("duration", duration) .withIssuedAt(new Date()) .withExpiresAt(new Date(System.currentTimeMillis() + duration * 1000L)) - .sign(Algorithm.HMAC256(pvKey)); + .sign(Algorithm.HMAC256(PV_KEY)); } public static boolean checkToken(String token) throws TokenException { - JWTVerifier verifier = JWT.require(Algorithm.HMAC256(pvKey)).build(); + JWTVerifier verifier = JWT.require(Algorithm.HMAC256(PV_KEY)).build(); try { verifier.verify(token); return true; @@ -52,12 +53,16 @@ public final class TokenUtils { return JWT.decode(token).getClaim("staffId").asInt(); } + public static Integer getStaffGlobalLevel(String token) { + return JWT.decode(token).getClaim("staffGlobalLevel").asInt(); + } + public static Long getDuration(String token) { return JWT.decode(token).getClaim("duration").asLong(); } public static String refreshToken(String token) { - return getToken(getUsername(token), getStaffId(token), getDuration(token)); + return getToken(getUsername(token), getStaffId(token), getStaffGlobalLevel(token), getDuration(token)); } public static String autoRequire(String token) { diff --git a/src/main/resources/mapper/AnnouncementMapper.xml b/src/main/resources/mapper/AnnouncementMapper.xml index 98b772a..b41c211 100644 --- a/src/main/resources/mapper/AnnouncementMapper.xml +++ b/src/main/resources/mapper/AnnouncementMapper.xml @@ -1,7 +1,7 @@ - + diff --git a/src/main/resources/mapper/ProjectMapper.xml b/src/main/resources/mapper/ProjectMapper.xml index b60f49d..6666853 100644 --- a/src/main/resources/mapper/ProjectMapper.xml +++ b/src/main/resources/mapper/ProjectMapper.xml @@ -1,42 +1,46 @@ - + - SELECT * FROM (SELECT project_id, - project_name, - contract_amount, - project_importance, - project_creator, - pt1.project_class_name AS project_class_name, - pt2.project_class_name AS project_subclass_name, - is_completed, - is_deleted, - project_closed_date, - IF(complete_num IS NULL, 0, complete_num) AS complete_num, - IF(total_num IS NULL, 0, total_num) AS total_num - FROM project - JOIN project_type pt1 ON project.project_class_id = pt1.project_class_id - JOIN project_type pt2 ON project.project_subclass_id = pt2.project_class_id - LEFT JOIN (SELECT task_project_id, - SUM(IF(task_status = '已完成' OR task_status = '关闭', 1, 0)) AS complete_num, - COUNT(task_status) AS total_num - FROM task - WHERE is_deleted = false - AND task_project_id != 0 - GROUP BY task_project_id) AS t - ON project.project_id = t.task_project_id - WHERE project_id IN (SELECT DISTINCT project_id FROM project_group WHERE staff_id = #{staffId}) - AND is_deleted = false) AS T - ${ew.customSqlSegment} + project_name, + contract_amount, + project_importance, + project_creator, + pt1.project_class_name AS project_class_name, + pt2.project_class_name AS project_subclass_name, + is_completed, + is_deleted, + project_closed_date, + IF(complete_num IS NULL, 0, complete_num) AS complete_num, + IF(total_num IS NULL, 0, total_num) AS total_num + FROM project + JOIN project_type pt1 ON project.project_class_id = pt1.project_class_id + JOIN project_type pt2 ON project.project_subclass_id = pt2.project_class_id + LEFT JOIN (SELECT task_project_id, + SUM(IF(task_status = '已完成' OR task_status = '关闭', 1, 0)) AS complete_num, + COUNT(task_status) AS total_num + FROM task + WHERE is_deleted = false + AND task_project_id != 0 + GROUP BY task_project_id) AS t + ON project.project_id = t.task_project_id + + + WHERE project_id IN (SELECT DISTINCT project_id FROM project_group WHERE staff_id = #{staffId} ) + + + ) AS T + ${ew.customSqlSegment} - SELECT #{projectId} AS project_id, IF(complete_num IS NULL, 0, complete_num) AS complete_num, total_num @@ -44,7 +48,6 @@ COUNT(task_status) AS total_num FROM task WHERE is_deleted = false - AND task_project_id != 0 AND task_project_id = #{projectId}) AS T; diff --git a/src/main/resources/mapper/TaskMapper.xml b/src/main/resources/mapper/TaskMapper.xml index 8becc7a..6563660 100644 --- a/src/main/resources/mapper/TaskMapper.xml +++ b/src/main/resources/mapper/TaskMapper.xml @@ -1,9 +1,10 @@ - + - + - SELECT t2.task_type, - IF(complete_num IS NULL, 0, complete_num) AS complete_num, - IF(total_num IS NULL, 0, total_num) AS total_num + IF(complete_num IS NULL, 0, complete_num) AS complete_num, + IF(total_num IS NULL, 0, total_num) AS total_num FROM (SELECT task_type, - SUM(IF(task_status = '已完成' OR task_status = '关闭', 1, 0)) AS complete_num, - COUNT(task_status) AS total_num - FROM task - WHERE is_deleted = false - AND task_project_id != 0 - AND task_project_id = #{projectId} - AND task_holder_id = #{staffId} - GROUP BY task_type) AS t1 - RIGHT JOIN (SELECT DISTINCT task_type FROM task) AS t2 - ON t1.task_type = t2.task_type + SUM(IF(task_status = '已完成' OR task_status = '关闭', 1, 0)) AS complete_num, + COUNT(task_status) AS total_num + FROM task + WHERE is_deleted = false + AND task_project_id != 0 + AND task_project_id = #{projectId} + AND task_holder_id = #{staffId} + GROUP BY task_type) AS t1 + RIGHT JOIN (SELECT DISTINCT task_type FROM task) AS t2 + ON t1.task_type = t2.task_type diff --git a/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/MybatisPlusTests.java b/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/MybatisPlusTests.java index 980c6ba..bfdbbfa 100644 --- a/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/MybatisPlusTests.java +++ b/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/MybatisPlusTests.java @@ -75,7 +75,7 @@ public class MybatisPlusTests { @Test public void resultProjectTest() { System.out.println(objectMapper.writeValueAsString(((ProjectServiceImpl) projectService).getBaseMapper() - .findMyProject(new Page<>(1, 5), 1, Wrappers.query()))); + .selectMyProject(new Page<>(1, 5), 1, Wrappers.query()))); } @SneakyThrows