修改了错误的注释

添加了一些注释，删除了一些无效注释
确认并删除了无用的代码
2023-01-14 17:14:07 +08:00 · 2023-01-14 17:05:06 +08:00 · 2023-01-13 23:03:59 +08:00 · 2023-01-13 22:47:48 +08:00 · 2023-01-13 22:45:21 +08:00 · 2023-01-13 22:29:43 +08:00
29 changed files with 190 additions and 386 deletions
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/advice/ExceptionHandlerAdvice.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/advice/ExceptionHandlerAdvice.java
@ -25,29 +25,24 @@ public class ExceptionHandlerAdvice {
    @ExceptionHandler(UnauthorizedException.class)
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public ResponseMap handleUnauthorizedException(Exception e) {
-        // log.error(ExceptionUtils.getStackTrace(e));
-        // log.error(e.getMessage(), e);
        return ResponseMap.of(HttpStatus.UNAUTHORIZED.value(), e.getMessage());
    }

    @ExceptionHandler(BadRequestException.class)
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    public ResponseMap handleBadRequestException(BadRequestException e) {
-        // log.error(e.getMessage(), e);
        return ResponseMap.of(HttpStatus.BAD_REQUEST.value(), e.getMessage());
    }

    @ExceptionHandler(ForbiddenException.class)
    @ResponseStatus(HttpStatus.FORBIDDEN)
    public ResponseMap handleForbiddenException(ForbiddenException e) {
-//        log.error(e.getMessage(), e);
        return ResponseMap.of(HttpStatus.FORBIDDEN.value(), e.getMessage());
    }

    @ExceptionHandler(BindException.class)
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    public ResponseMap handleBindException(BindException e) {
-//        log.error(e.getMessage(), e);
        return ResponseMap.of(HttpStatus.BAD_REQUEST.value(),
                e.getAllErrors().stream()
                        .map(DefaultMessageSourceResolvable::getDefaultMessage)
@ -58,7 +53,6 @@ public class ExceptionHandlerAdvice {
    @ExceptionHandler(TooManyRequestException.class)
    @ResponseStatus(HttpStatus.TOO_MANY_REQUESTS)
    public ResponseMap handleTooManyRequestException(TooManyRequestException e) {
-//        log.error(e.getMessage(), e);
        return ResponseMap.of(HttpStatus.TOO_MANY_REQUESTS.value(), e.getMessage());
    }
 }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/ProjectAuthorize.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/annotation/ProjectAuthorize.java
@ -7,8 +7,8 @@ import java.lang.annotation.*;
@Target(ElementType.METHOD)
 public @interface ProjectAuthorize {
    /**
-     * 填写逻辑判断式，用p代表项目内权限，g代表全局权限，拥有1级全局权限的人默认拥有所有项目内权限
-     * 如 "p>0 && p<3"，指该接口只有在该项目的权限大于3的人才能执行
+     * 填写逻辑判断式，用a代表项目内权限，g代表全局权限，拥有1级全局权限的人默认拥有所有项目内权限
+     * 如 "a>0 && a<3"，指该接口只有在该项目的权限大于3的人才能执行
     */
    String value();
 }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/aop/ProjectAuthorizeAOP.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/aop/ProjectAuthorizeAOP.java
@ -0,0 +1,73 @@
+package cn.edu.hfut.rmdjzz.projectmanagement.aop;
+
+import cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize;
+import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
+import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
+import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
+import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
+import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.HttpUtils;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.expression.ExpressionParser;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.HandlerMapping;
+
+import java.util.Map;
+
+@Aspect
+@Component
+public class ProjectAuthorizeAOP {
+
+    @Autowired
+    private IProjectService projectService;
+    @Autowired
+    private IProjectGroupService projectGroupService;
+
+    @Pointcut("@annotation(cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize)")
+    public void pointcut() {
+    }
+
+    @SuppressWarnings("unchecked")
+    @Before(value = "pointcut()")
+    public void preAuthorize(JoinPoint joinPoint) throws ForbiddenException {
+        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        assert attributes != null;
+        MethodSignature signature = (MethodSignature) (joinPoint.getSignature());
+        ProjectAuthorize annotation = signature.getMethod().getAnnotation(ProjectAuthorize.class);
+        String expression = annotation.value();
+
+        Integer globalAccessLevel = HttpUtils.getAttribute(attributes, TokenUtils.STAFF_GLOBAL_LEVEL);
+        Integer projectAccessLevel = null;
+        if (expression.contains("a")) {  // 如果涉及到项目权限
+            Integer staffId = HttpUtils.getAttribute(attributes, TokenUtils.STAFF_ID);
+            // 获取路径参数中的projectId
+            Map<String, String> pathVariables = ((Map<String, String>) (attributes
+                    .getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE, RequestAttributes.SCOPE_REQUEST)));
+            assert pathVariables != null;
+            Integer projectId = Integer.parseInt(pathVariables.get("projectId"));
+            // 获取项目权限，并将项目权限和项目记录本身放入RequestAttribute中
+            projectAccessLevel = projectGroupService.getProjectAccessLevel(staffId, globalAccessLevel, projectId);
+            attributes.setAttribute(TokenUtils.PROJECT_ACCESS_LEVEL, projectAccessLevel, RequestAttributes.SCOPE_REQUEST);
+            attributes.setAttribute(TokenUtils.TARGET_PROJECT, projectService.getById(projectId), RequestAttributes.SCOPE_REQUEST);
+        }
+        // 解析SpEL表达式，进行鉴权
+        ExpressionParser parser = new SpelExpressionParser();
+        Boolean result = parser.parseExpression(expression)
+                .getValue(new ValidateObject(globalAccessLevel, projectAccessLevel), Boolean.class);
+        if (!Boolean.TRUE.equals(result)) {
+            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
+        }
+    }
+
+    private record ValidateObject(Integer g, Integer a) {
+
+    }
+}
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/AnnouncementController.java
@ -4,13 +4,9 @@ import cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize;
 import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement;
 import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO;
 import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
-import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IAnnouncementService;
-import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
-import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
-import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;

@ -24,45 +20,32 @@ public class AnnouncementController {

    @Autowired
    private IAnnouncementService announcementService;
-    @Autowired
-    private IProjectGroupService projectGroupService;

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping
    public ResponseList<AnnouncementDTO> getAnnouncementList(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable Integer projectId
    ) {
        return ResponseList.ofSuccess(announcementService.getAnnouncementList(projectId));
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping("/{announcementId}")
    public ResponseMap getAnnouncementById(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable Integer projectId,
            @PathVariable Long announcementId
    ) {
        return ResponseMap.ofSuccess(announcementService.getAnnouncementById(projectId, announcementId));
    }

-    @SneakyThrows
    @ProjectAuthorize("a>0 && a<=2")
    @PostMapping
    public ResponseMap createAnnouncement(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @PathVariable Integer projectId,
            @RequestBody Announcement announcement
    ) {
-        /*Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
-        if (accessLevel == 0 || accessLevel > 2) {
-            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-        }*/
        announcement.setProjectId(projectId);
-//        announcement.setAnnouncementPublisherId(TokenUtils.getStaffId(token));
        announcement.setAnnouncementPublisherId(staffId);
        announcement.setAnnouncementPublishTime(null);
        if (announcementService.save(announcement)) {
@ -71,27 +54,9 @@ public class AnnouncementController {
        throw new BadRequestException(BadRequestException.OPERATE_FAILED);
    }

-    // 取消功能
-    /*@SneakyThrows
-    @PutMapping("/{announcementId}")
-    public ResponseMap modifyAnnouncement(
-            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
-            @PathVariable Integer projectId,
-            @PathVariable Long announcementId,
-            @RequestBody Announcement announcement
-    ) {
-        announcement.setAnnouncementId(announcementId);
-        if (announcementService.updateAnnouncement(token, projectId, announcement)) {
-            return ResponseMap.ofSuccess("更新成功");
-        }
-        throw new BadRequestException("更新失败");
-    }*/
-
-    @SneakyThrows
    @ProjectAuthorize("a>0 && a<=2")
    @DeleteMapping("/{announcementId}")
    public ResponseMap deleteAnnouncement(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @RequestAttribute Integer globalAccessLevel,
            @PathVariable Integer projectId,
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectController.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectController.java
@ -5,17 +5,13 @@ import cn.edu.hfut.rmdjzz.projectmanagement.annotation.RateLimit;
 import cn.edu.hfut.rmdjzz.projectmanagement.entity.Project;
 import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDTO;
 import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
-import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
-import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
-import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
-import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;

@ -35,67 +31,51 @@ public class ProjectController {

    @Autowired
    private IProjectService projectService;
-    @Autowired
-    private IProjectGroupService projectGroupService;

    @Operation(summary = "根据Token获取该员工的ProjectList")
    @RateLimit(key = "ProjectPage", permitsPerSecond = 50, maxBurstSeconds = 15, timeout = 1200)
-    @SneakyThrows
    @GetMapping
    public ResponseList<ProjectDTO> getProjectListOfStaff(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer globalAccessLevel,
            @RequestAttribute Integer staffId,
            @Valid RequestPage page,
-            @Parameter(description = "参数列表见Project实体类，时间可以用xxxxStart与xxxxEnd来确定区间"
-                    , required = true) @RequestParam("paramMap") Map<String, Object> paramMap
+            @Parameter(description = "参数列表见Project实体类，时间可以用xxxxStart与xxxxEnd来确定区间", required = true)
+            @RequestParam("paramMap") Map<String, Object> paramMap
    ) {
-        if(globalAccessLevel == 1) staffId = null;
+        if (globalAccessLevel == 1) staffId = null;
        Page<ProjectDTO> result = projectService.pageMyProjects(staffId, page, paramMap);
        return ResponseList.ofSuccess(result);
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping("/{projectId}")
    public ResponseMap getOneProjectBasicInfo(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable("projectId") Integer projectId
    ) {
        return ResponseMap.ofSuccess(projectService.getById(projectId));
    }

    @Operation(description = "根据Token获取该员工的Project数")
-    @SneakyThrows
    @GetMapping("/count")
    public ResponseMap getProjectNumOfStaff(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token
            @RequestAttribute Integer staffId
    ) {
        return ResponseMap.ofSuccess()
                .put("totalNum", projectService.countMyProjects(staffId));
    }

-    @SneakyThrows
    @ProjectAuthorize("a == 1 || g == 1")
    @PostMapping("/complete/{projectId}")
-    public ResponseMap completeProject(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
-            @RequestAttribute Project targetProject,
-            @Parameter(description = "只需要传projectId即可，例：{\"projectId\": 1}")
-            @PathVariable Integer projectId
-    ) {
+    public ResponseMap completeProject(@RequestAttribute Project targetProject) {
        if (targetProject.getCompleted())
            throw new BadRequestException(PROJECT_COMPLETED);
        projectService.setProjectCompleted(targetProject);
        return ResponseMap.ofSuccess();
    }

-    @SneakyThrows
    @ProjectAuthorize("g != 0 && g <= 2")
    @PostMapping
    public ResponseMap createProject(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @RequestBody Project project
    ) {
@ -103,11 +83,9 @@ public class ProjectController {
        return ResponseMap.ofSuccess();
    }

-    @SneakyThrows
    @ProjectAuthorize("a == 1 || g == 1")
    @PutMapping("/{projectId}")
    public ResponseMap updateProject(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @PathVariable Integer projectId,
            @RequestBody Project project
@ -119,11 +97,9 @@ public class ProjectController {
        return ResponseMap.ofSuccess();
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping("/{projectId}/stats")
    public ResponseMap getProjectProcess(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @RequestAttribute Integer globalAccessLevel,
            @PathVariable Integer projectId
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java
@ -8,14 +8,12 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IStaffService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService;
-import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.ValidateUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import io.swagger.v3.oas.annotations.Operation;
-import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;

@ -37,21 +35,12 @@ public class ProjectGroupController {
    private ValidateUtils validateUtils;

    @Operation(description = "传入合法page参数时分页查询，否则拉取整个列表")
-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping
    public ResponseList<ProjectGroupDTO> getGroupMembers(
            @PathVariable Integer projectId,
-            // @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            RequestPage page
    ) {
-        // if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-        //     throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-        // }
-        // if (validateUtils.validate(page).isEmpty()) {
-        //     return ResponseList.ofSuccess(projectGroupService.pageProjectMembers(page, projectId));
-        // }
-        //return ResponseList.ofSuccess(projectGroupService.listProjectMembers(projectId));
        ResponseList<ProjectGroupDTO> groupMembers;
        if (validateUtils.validate(page).isEmpty()) {
            groupMembers = ResponseList.ofSuccess(projectGroupService.pageProjectMembers(page, projectId));
@ -62,17 +51,12 @@ public class ProjectGroupController {
    }


-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping("/{staffId}")
    public ResponseMap getDesignatedStaffPosition(
-            // @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable Integer projectId,
            @PathVariable Integer staffId
    ) {
-        // if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-        //     throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-        // }
        ProjectGroup designatedStaff = projectGroupService.getOne(
                Wrappers.<ProjectGroup>lambdaQuery()
                        .eq(ProjectGroup::getStaffId, staffId)
@ -84,10 +68,9 @@ public class ProjectGroupController {
    }

    @Operation(description = "body中只传staffUsername和projectStaffPosition")
-    @SneakyThrows
+    @ProjectAuthorize("a == 1")
    @PostMapping
    public ResponseMap addGroupMember(
-            // @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer accessLevel,
            @PathVariable Integer projectId,
            @RequestBody GroupPositionVO groupPosition
@ -98,10 +81,9 @@ public class ProjectGroupController {
        throw new BadRequestException(BadRequestException.OPERATE_FAILED);
    }

-    @SneakyThrows
+    @ProjectAuthorize("a == 1")
    @DeleteMapping("/{staffId}")
    public ResponseMap deleteGroupMember(
-            // @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer accessLevel,
            @PathVariable Integer projectId,
            @PathVariable Integer staffId
@ -113,10 +95,9 @@ public class ProjectGroupController {
    }

    @Operation(description = "body中只传projectStaffPosition")
-    @SneakyThrows
+    @ProjectAuthorize("a > 0 && a <= 2")
    @PutMapping("/{staffId}")
    public ResponseMap modifyDesignatedStaffPosition(
-            // @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer accessLevel,
            @PathVariable Integer projectId,
            @PathVariable Integer staffId,
@ -128,10 +109,8 @@ public class ProjectGroupController {
        throw new BadRequestException(BadRequestException.OPERATE_FAILED);
    }

-    @SneakyThrows
    @GetMapping("/stats")
    public ResponseMap getGroupPositionsStatistics(
-            // @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer accessLevel,
            @PathVariable Integer projectId
    ) {
@ -139,30 +118,28 @@ public class ProjectGroupController {
    }

    @Operation(description = "请求体是一个key为taskId，value为staffId的map")
-    @SneakyThrows
+    @ProjectAuthorize("a > 0 && a <= 2")
    @PutMapping("/{staffId}/transfer")
    public ResponseMap transferStaffTasks(
-            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable Integer projectId,
            @PathVariable Integer staffId,
            @RequestBody Map<Long, Integer> transferMap
    ) {
-        if (taskService.transferStaffTasks(token, projectId, staffId, transferMap)) {
+        if (taskService.transferStaffTasks(projectId, staffId, transferMap)) {
            return ResponseMap.ofSuccess();
        }
        throw new BadRequestException(BadRequestException.OPERATE_FAILED);
    }

    @Operation(description = "将staffId的所有工作项转移至targetStaffId")
-    @SneakyThrows
+    @ProjectAuthorize("a > 0 && a <= 2")
    @PutMapping("/{staffId}/transfer/{targetStaffId}")
    public ResponseMap transferTasksToSingleStaff(
-            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable Integer projectId,
            @PathVariable Integer staffId,
            @PathVariable Integer targetStaffId
    ) {
-        if (taskService.transferTasksToSingleStaff(token, projectId, staffId, targetStaffId)) {
+        if (taskService.transferTasksToSingleStaff(projectId, staffId, targetStaffId)) {
            return ResponseMap.ofSuccess();
        }
        throw new BadRequestException(BadRequestException.OPERATE_FAILED);
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/StaffController.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/StaffController.java
@ -8,7 +8,6 @@ import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.HttpUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
 import io.swagger.v3.oas.annotations.Parameter;
-import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.util.DigestUtils;
@ -16,6 +15,7 @@ import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;

 import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
 import java.util.Objects;

 /**
@ -28,7 +28,6 @@ public class StaffController {
    @Autowired
    private IStaffService staffService;

-    @SneakyThrows
    @PostMapping("/login")
    public ResponseMap login(
            @Parameter(description = "只需要传入staffUsername和staffPassword两个属性即可，staffPassword需要md5加密后传输")
@ -40,7 +39,6 @@ public class StaffController {
                staffService.login(requestIpAddress, staff.getStaffUsername(), staff.getStaffPassword()));
    }

-    @SneakyThrows
    @PostMapping("/logout")
    public ResponseMap logout(@RequestHeader(TokenUtils.HEADER_TOKEN) String token) {
        if (staffService.logout(token)) {
@ -49,14 +47,12 @@ public class StaffController {
        throw new TokenException("登出失败");
    }

-    @SneakyThrows
    @PostMapping(value = "/import")
    public ResponseMap importStaffs(
-            // @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffGlobalLevel,
            @RequestParam("fileDigest") String digest,
-            @RequestParam("uploadFile") MultipartFile uploadFile
-    ) {
+            @RequestParam MultipartFile uploadFile
+    ) throws IOException {
        if (null == uploadFile) {
            throw new BadRequestException("文件传输错误");
        }
@ -71,23 +67,6 @@ public class StaffController {
        return ResponseMap.ofSuccess("成功导入" + successCount + "条数据");
    }

-    //取消功能
-    /*@SneakyThrows
-    @GetMapping("/import/template")
-    public void downloadTemplate(
-            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
-            HttpServletResponse response
-    ) {
-        if (TokenUtils.getStaffGlobalLevel(token) > 2) {
-            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-        }
-        if (FileUtils.downloadResource("static/public/账户导入模板.xlsx", response)) {
-            return;
-        }
-        throw new BadRequestException(BadRequestException.OPERATE_FAILED);
-    }*/
-
-    @SneakyThrows
    @GetMapping("/import/template")
    @ResponseStatus(HttpStatus.SEE_OTHER)
    public ResponseMap downloadTemplate() {
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/TaskController.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/TaskController.java
@ -10,11 +10,8 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService;
-import cn.edu.hfut.rmdjzz.projectmanagement.service.impl.TaskServiceImpl;
-import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
-import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;

@ -32,51 +29,43 @@ public class TaskController {
    @Autowired
    private IProjectService projectService;

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping("/{fatherId}/subtask")
    public ResponseList<TaskDTO> getSubTaskList(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
-            @PathVariable("projectId") Integer projectId,
-            @PathVariable("fatherId") Long fatherId
+            @PathVariable Integer projectId,
+            @PathVariable Long fatherId
    ) {
        List<TaskDTO> result = taskService.listSubtasks(projectId, fatherId);
        return ResponseList.ofSuccess(result);
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @RateLimit(key = "TaskMine", permitsPerSecond = 40, maxBurstSeconds = 15, timeout = 1200)
    @GetMapping("/mine")
    public ResponseList<TaskDTO> getMyTasks(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
-            @PathVariable("projectId") Integer projectId
+            @PathVariable Integer projectId
    ) {
        List<TaskDTO> result = taskService.listMyTasks(staffId, projectId);
        return ResponseList.ofSuccess(result);
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping("/subtask/exist")
    public ResponseMap existSubTask(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
-            @PathVariable("projectId") Integer projectId,
-            @RequestParam("taskId") Long taskId
+            @PathVariable Integer projectId,
+            @RequestParam Long taskId
    ) {
        return ResponseMap.ofSuccess()
                .put("existSubTask", taskService.existSubTask(projectId, taskId));
    }

-    @SneakyThrows
    @PostMapping
    public ResponseMap createTask(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @RequestAttribute Integer globalAccessLevel,
            @RequestAttribute Integer accessLevel,
-            @PathVariable("projectId") Integer projectId,
+            @PathVariable Integer projectId,
            @RequestBody Task task
    ) {
        if (!projectService.checkOpenStatus(projectId))
@ -86,17 +75,15 @@ public class TaskController {
        return ResponseMap.ofSuccess();
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @RateLimit(key = "TaskModify", permitsPerSecond = 40, maxBurstSeconds = 15, timeout = 1200)
    @PutMapping("/{taskId}")
    public ResponseMap modifyTask(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @RequestAttribute Integer globalAccessLevel,
            @RequestAttribute Integer accessLevel,
-            @PathVariable("projectId") Integer projectId,
-            @PathVariable("taskId") Long taskId,
+            @PathVariable Integer projectId,
+            @PathVariable Long taskId,
            @RequestBody Task task
    ) {
        if (!projectService.checkOpenStatus(projectId))
@ -108,15 +95,13 @@ public class TaskController {
        return ResponseMap.ofSuccess();
    }

-    @SneakyThrows
    @RateLimit(key = "TaskModify", permitsPerSecond = 40, maxBurstSeconds = 15, timeout = 1200)
    @DeleteMapping("/{taskId}")
    public ResponseMap deleteTaskAndSubTask(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @RequestAttribute Integer globalAccessLevel,
-            @PathVariable("projectId") Integer projectId,
-            @PathVariable("taskId") Long taskId
+            @PathVariable Integer projectId,
+            @PathVariable Long taskId
    ) {
        if (!projectService.checkOpenStatus(projectId))
            throw new BadRequestException(IProjectService.PROJECT_UNOPENED);
@ -128,12 +113,10 @@ public class TaskController {
        return ResponseMap.ofSuccess();
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @RateLimit(key = "TaskTrend", permitsPerSecond = 50, maxBurstSeconds = 15, timeout = 1200)
    @GetMapping("/stats/trend")
    public ResponseMap getTaskTrend(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable Integer projectId
    ) {
        if (!projectService.checkOpenStatus(projectId)) {
@ -142,21 +125,17 @@ public class TaskController {
        return ResponseMap.ofSuccess("查询成功", taskService.getProjectTaskTrend(projectId));
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping("/stats/group")
    public ResponseMap getTaskNumOfEveryone(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @PathVariable Integer projectId
    ) {
        return ResponseMap.ofSuccess("查询成功", taskService.getProjectProcessOfEveryone(projectId));
    }

-    @SneakyThrows
    @ProjectAuthorize("a != 0")
    @GetMapping({"/stats", "/stats/{targetStaffId}"})
    public ResponseList<StaffProcessDTO> getProjectStatistics(
-//            @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
            @RequestAttribute Integer staffId,
            @PathVariable Integer projectId,
            @PathVariable(required = false) Integer targetStaffId
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/ProjectType.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/ProjectType.java
@ -2,7 +2,6 @@ package cn.edu.hfut.rmdjzz.projectmanagement.entity;

 import com.baomidou.mybatisplus.annotation.IdType;
 import com.baomidou.mybatisplus.annotation.TableId;
-import com.baomidou.mybatisplus.annotation.TableName;
 import lombok.Data;

 /**
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDTO.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskDTO.java
@ -1,7 +1,5 @@
 package cn.edu.hfut.rmdjzz.projectmanagement.entity.dto;

-import com.baomidou.mybatisplus.annotation.TableField;
-import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
 import lombok.Data;

 import java.time.LocalDateTime;
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskTrendDTO.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/entity/dto/TaskTrendDTO.java
@ -2,7 +2,6 @@ package cn.edu.hfut.rmdjzz.projectmanagement.entity.dto;

 import cn.edu.hfut.rmdjzz.projectmanagement.entity.Task;
 import lombok.Data;
-import lombok.NonNull;

 import java.time.LocalDate;
 import java.util.Objects;
@ -18,15 +17,16 @@ public class TaskTrendDTO {
    Long taskNum;

    public void changeForUnclosed(TaskTrendDTO taskTrend) {
-        if(Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
+        if (Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
            taskNum += taskTrend.getTaskNum();
        }
    }
+
    public void changeForClosed(TaskTrendDTO taskTrend) {
-        if(Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
+        if (Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
            taskNum -= taskTrend.getTaskNum();
        } else {
-            if(Objects.equals(taskTrend.getTaskStatus(), taskStatus)) {
+            if (Objects.equals(taskTrend.getTaskStatus(), taskStatus)) {
                taskNum += taskTrend.getTaskNum();
            }
        }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/BadRequestException.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/BadRequestException.java
@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
 * @author 张韬
 * created at 2022/6/28 21:24
 */
-public class BadRequestException extends Exception {
+public class BadRequestException extends BusinessException {

    public static final String WRONG_PARAMETERS = "参数错误";
    public static final String OPERATE_FAILED = "操作失败";
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/BusinessException.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/BusinessException.java
@ -0,0 +1,12 @@
+package cn.edu.hfut.rmdjzz.projectmanagement.exception;
+
+public class BusinessException extends RuntimeException {
+    public BusinessException(String message) {
+        super(message);
+    }
+
+    @Override
+    public synchronized Throwable fillInStackTrace() {
+        return this;
+    }
+}
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/ForbiddenException.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/ForbiddenException.java
@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
 * @author 佘语殊
 * @since 2022/7/6 20:14
 */
-public class ForbiddenException extends Exception {
+public class ForbiddenException extends BusinessException {

    public static final String UNABLE_TO_OPERATE = "无该操作权限";

--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/TooManyRequestException.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/TooManyRequestException.java
@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
 * @author 佘语殊
 * @since 2022/7/11 17:35
 */
-public class TooManyRequestException extends Exception {
+public class TooManyRequestException extends BusinessException {
    public TooManyRequestException(String message) {
        super(message);
    }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/UnauthorizedException.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/exception/UnauthorizedException.java
@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
 * @author 佘语殊
 * @since 2022/7/5 23:36
 */
-public class UnauthorizedException extends Exception {
+public class UnauthorizedException extends BusinessException {
    public UnauthorizedException(String message) {
        super(message);
    }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/CorsInterceptor.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/CorsInterceptor.java
@ -1,5 +1,6 @@
 package cn.edu.hfut.rmdjzz.projectmanagement.interceptor;

+import org.jetbrains.annotations.NotNull;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
@ -7,8 +8,6 @@ import org.springframework.web.servlet.HandlerInterceptor;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.util.Enumeration;
-import java.util.Iterator;

 /**
 * @author 张韬
@ -18,7 +17,7 @@ import java.util.Iterator;
 public class CorsInterceptor implements HandlerInterceptor {

    @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, @NotNull Object handler) {
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "*");
        response.setHeader("Access-Control-Allow-Headers", "Content-Type,Token");
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/TokenInterceptor.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/TokenInterceptor.java
@ -36,8 +36,6 @@ public class TokenInterceptor implements HandlerInterceptor {
        if (TokenUtils.checkTimeOut(token)) {
            throw new TokenException("Token已过期");
        }
-//        log.debug(Objects.requireNonNull(TokenUtils.getStaffId(token)));
-//        log.debug(token);
        if (!token.equals(redisTemplate.opsForValue().get(Objects.<Integer>requireNonNull(TokenUtils.getStaffId(token))))) {
            throw new TokenException("请重新登录");
        }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IAnnouncementService.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IAnnouncementService.java
@ -18,8 +18,6 @@ public interface IAnnouncementService extends IService<Announcement> {

    AnnouncementDTO getAnnouncementById(Integer projectId, Long announcementId);

-//    Boolean updateAnnouncement(Integer projectId, Announcement announcement) throws ForbiddenException, BadRequestException;
-
    Boolean deleteAnnouncement(Integer projectId, Integer staffId, Integer globalAccessLevel, Long announcementId) throws ForbiddenException, BadRequestException;

 }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectGroupService.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/IProjectGroupService.java
@ -37,8 +37,6 @@ public interface IProjectGroupService extends IService<ProjectGroup> {
    Integer getProjectAccessLevel(Integer staffId, Integer staffGlobalLevel, Integer projectId);


-    Integer getProjectAccessLevelIgnoreGlobalLevel(String token, Integer projectId);
-
    Integer getProjectAccessLevelIgnoreGlobalLevel(Integer staffId, Integer projectId);

    /**
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/ITaskService.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/ITaskService.java
@ -15,6 +15,7 @@ import java.util.Map;
 * @author 张韬
 * created at 2022/7/4 14:49
 */
+@SuppressWarnings("UnusedReturnValue")
 public interface ITaskService extends IService<Task> {
    List<TaskDTO> listSubtasks(Integer projectId, Long fatherId) throws BadRequestException, ForbiddenException;

@ -22,8 +23,6 @@ public interface ITaskService extends IService<Task> {

    Boolean deleteTaskAndSubTask(Integer staffId, Integer globalAccessLevel, Long taskId) throws BadRequestException, ForbiddenException;

-//    Boolean closeTaskAndSubTask(String token, Integer projectId, Long taskId) throws BadRequestException;
-
    List<StaffProcessDTO> getProjectStatistics(Integer projectId, Integer staffId) throws BadRequestException, ForbiddenException;

    /**
@ -31,13 +30,6 @@ public interface ITaskService extends IService<Task> {
     */
    Integer getHolderLevel(Integer staffId, Integer staffGlobalLevel, Long taskId);

-    /**
-     * 对拥有项目一级/二级访问权限的员工，直接返回1
-     *
-     * @return 1:all rights 2:father holder 3:current holder 0:no right
-     */
-//    Integer getHolderLevel(String token, Long taskId);
-
    List<TaskDTO> listMyTasks(Integer staffId, Integer projectId) throws BadRequestException, ForbiddenException;

    Boolean canBeDone(Long taskId);
@ -48,9 +40,9 @@ public interface ITaskService extends IService<Task> {

    Map<String, List<TaskTrendDTO>> getProjectTaskTrend(Integer projectId) throws ForbiddenException;

-    Boolean transferStaffTasks(String token, Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException;
+    Boolean transferStaffTasks(Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException;

-    Boolean transferTasksToSingleStaff(String token, Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException;
+    Boolean transferTasksToSingleStaff(Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException;

    Map<String, Long> getProjectProcessOfEveryone(Integer projectId) throws ForbiddenException;
 }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/AnnouncementServiceImpl.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/AnnouncementServiceImpl.java
@ -35,25 +35,6 @@ public class AnnouncementServiceImpl extends ServiceImpl<AnnouncementMapper, Ann
        return baseMapper.selectAnnouncementById(projectId, announcementId);
    }

-//    @Override
-//    public Boolean updateAnnouncement(Integer projectId, Announcement announcement) throws ForbiddenException, BadRequestException {
-//        Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
-//        if (accessLevel == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
-//        if (accessLevel > 2) {
-//            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//        }
-//        Announcement rawAnnouncement = baseMapper.selectById(announcement.getAnnouncementId());
-//        if (projectGroupService.compareProjectAccessLevel(projectId, token, rawAnnouncement.getAnnouncementPublisherId()) <= 0) {
-//            if (!announcement.checkModification(rawAnnouncement)) {
-//                throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
-//            }
-//            return updateById(announcement);
-//        }
-//        throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//    }
-
    @Override
    public Boolean deleteAnnouncement(
            Integer staffId,
@ -61,13 +42,6 @@ public class AnnouncementServiceImpl extends ServiceImpl<AnnouncementMapper, Ann
            Integer projectId,
            Long announcementId
    ) throws ForbiddenException, BadRequestException {
-//        Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
-//        if (accessLevel == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
-//        if (accessLevel > 2) {
-//            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//        }
        Announcement rawAnnouncement = baseMapper.selectOne(Wrappers.<Announcement>lambdaQuery()
                .select(Announcement::getProjectId, Announcement::getAnnouncementPublisherId)
                .eq(Announcement::getAnnouncementId, announcementId)
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectGroupServiceImpl.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectGroupServiceImpl.java
@ -8,7 +8,6 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
 import cn.edu.hfut.rmdjzz.projectmanagement.mapper.ProjectGroupMapper;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IStaffService;
-import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
@ -43,29 +42,8 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
        return baseMapper.insert(projectGroup) == 1;
    }

-    @Override
-    public Boolean insertNewMember(int accessLevel, Integer projectId, String targetUsername, String positions) throws ForbiddenException, BadRequestException {
-        if (targetUsername.equals("root")) {
-            throw new BadRequestException(IStaffService.STAFF_DOES_NOT_EXIST);
-        }
-        //int accessLevel = getProjectAccessLevel(token, projectId);
-        int targetLevel = 3;
-
-        Staff targetStaff = staffService.getOne(Wrappers.<Staff>lambdaQuery().eq(Staff::getStaffUsername, targetUsername));
-        if (targetStaff == null) {
-            throw new BadRequestException(IStaffService.STAFF_DOES_NOT_EXIST);
-        }
-        if (getProjectAccessLevelIgnoreGlobalLevel(targetStaff.getStaffId(), projectId) != 0) {
-            throw new BadRequestException("该成员已经在本项目中");
-        }
-
-        if (accessLevel == 0) {
-            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-        }
-        if (accessLevel > 2) {
-            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-        }
-        String[] positionArray = positions.split(",");
+    private void buildPositions(ProjectGroup projectGroup, int accessLevel) {
+        String[] positionArray = projectGroup.getProjectStaffPosition().split(",");
        for (String position : positionArray) {
            position = position.strip();
            if (position.equals(POSITION_1)) {
@ -75,12 +53,30 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
                if (accessLevel != 1) {
                    throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
                }
-                targetLevel = 2;
+                projectGroup.setProjectAccessLevel(2);
            }
        }
-        positions = String.join(",", positionArray);
+        projectGroup.setProjectStaffPosition(String.join(",", positionArray));
+    }

-        return baseMapper.insert(new ProjectGroup(targetStaff.getStaffId(), projectId, positions, targetLevel)) == 1;
+    @Override
+    public Boolean insertNewMember(int accessLevel, Integer projectId, String targetUsername, String positions) throws ForbiddenException, BadRequestException {
+        if (targetUsername.equals("root")) {
+            throw new BadRequestException(IStaffService.STAFF_DOES_NOT_EXIST);
+        }
+        int targetLevel = 3;
+
+        Staff targetStaff = staffService.getOne(Wrappers.<Staff>lambdaQuery().eq(Staff::getStaffUsername, targetUsername));
+        if (targetStaff == null) {
+            throw new BadRequestException(IStaffService.STAFF_DOES_NOT_EXIST);
+        }
+        if (getProjectAccessLevelIgnoreGlobalLevel(targetStaff.getStaffId(), projectId) != 0) {
+            throw new BadRequestException("该成员已经在本项目中");
+        }
+        ProjectGroup newProjectGroupRelation = new ProjectGroup(targetStaff.getStaffId(), projectId, positions, targetLevel);
+        buildPositions(newProjectGroupRelation, accessLevel);
+
+        return baseMapper.insert(newProjectGroupRelation) == 1;
    }

    @Override
@ -99,8 +95,6 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro

    @Override
    public Boolean updateStaffPositions(Integer accessLevel, Integer projectId, Integer targetId, String positions) throws ForbiddenException, BadRequestException {
-        //int accessLevel = getProjectAccessLevel(token, projectId);
-        //int originTargetLevel = getProjectAccessLevelIgnoreGlobalLevel(targetId, projectId);
        ProjectGroup originProjectGroup = baseMapper.selectOne(Wrappers.<ProjectGroup>lambdaQuery()
                .select(ProjectGroup::getProjectStaffPosition, ProjectGroup::getProjectAccessLevel)
                .eq(ProjectGroup::getStaffId, targetId)
@ -114,34 +108,16 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
        }
        int targetLevel = 3;

-        if (accessLevel == 0) {
-            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-        }
-        if (accessLevel > 2 || accessLevel >= originProjectGroup.getProjectAccessLevel()) {
-            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-        }
-        String[] positionArray = positions.split(",");
-        for (String position : positionArray) {
-            position = position.strip();
-            if (position.equals(POSITION_1)) {
-                throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-            }
-            if (position.equals(POSITION_2)) {
-                if (accessLevel != 1) {
-                    throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-                }
-                targetLevel = 2;
-            }
-        }
-        positions = String.join(",", positionArray);
+        ProjectGroup newProjectGroupRelation = new ProjectGroup(targetId, projectId, positions, targetLevel);
+        buildPositions(newProjectGroupRelation, accessLevel);

        return baseMapper.update(
                null,
                Wrappers.<ProjectGroup>lambdaUpdate()
-                        .eq(ProjectGroup::getProjectId, projectId)
-                        .eq(ProjectGroup::getStaffId, targetId)
-                        .set(ProjectGroup::getProjectStaffPosition, positions)
-                        .set(ProjectGroup::getProjectAccessLevel, targetLevel)
+                        .eq(ProjectGroup::getProjectId, newProjectGroupRelation.getProjectId())
+                        .eq(ProjectGroup::getStaffId, newProjectGroupRelation.getStaffId())
+                        .set(ProjectGroup::getProjectStaffPosition, newProjectGroupRelation.getProjectStaffPosition())
+                        .set(ProjectGroup::getProjectAccessLevel, newProjectGroupRelation.getProjectAccessLevel())
        ) == 1;
    }

@ -154,12 +130,6 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
        return getProjectAccessLevelIgnoreGlobalLevel(staffId, projectId);
    }

-    @Override
-    public Integer getProjectAccessLevelIgnoreGlobalLevel(String token, Integer projectId) {
-        Integer staffId = TokenUtils.getStaffId(token);
-        return getProjectAccessLevelIgnoreGlobalLevel(staffId, projectId);
-    }
-
    @Override
    public Integer getProjectAccessLevelIgnoreGlobalLevel(Integer staffId, Integer projectId) {
        try {
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectServiceImpl.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/ProjectServiceImpl.java
@ -8,7 +8,6 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
 import cn.edu.hfut.rmdjzz.projectmanagement.mapper.ProjectMapper;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
-import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.WrapperUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
 import com.baomidou.mybatisplus.core.metadata.IPage;
@ -39,23 +38,15 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl

    @Override
    public ProjectProcessDTO getProjectProcess(Integer staffId, Integer globalAccessLevel, Integer projectId) throws ForbiddenException, BadRequestException {
-//        if (projectGroupService.getProjectAccessLevel(staffId, globalAccessLevel, projectId) == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
-//        if (Objects.equals(projectId, 0)) {
-//            throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
-//        }
        return baseMapper.selectProjectProcess(projectId);
    }

    @Override
    public Page<ProjectDTO> pageMyProjects(
-//            String token,
            Integer staffId,
            RequestPage page,
            Map<String, Object> params
    ) {
-//        Integer staffId = TokenUtils.getStaffGlobalLevel(token) == 1 ? null : TokenUtils.getStaffId(token);
        IPage<ProjectDTO> userPage = baseMapper.selectMyProject(page.getPage(), staffId, WrapperUtils.allEqAndTimeIntervalQueryWrapper(params));
        return (Page<ProjectDTO>) userPage;
    }
@ -63,14 +54,7 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
    @Override
    public Boolean setProjectCompleted(
            Project targetProject
-    ) throws BadRequestException, ForbiddenException
-    {
-//        Project targetProject = baseMapper.selectById(project.getProjectId());
-//        if (targetProject == null)
-//            throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
-        /*if (!Objects.equals(staffId, targetProject.getProjectCreator())
-                && !Objects.equals(globalAccessLevel, 1))
-            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);*/
+    ) throws BadRequestException, ForbiddenException {
        targetProject.setCompleted(true);
        targetProject.setProjectClosedDate(LocalDate.now());
        if (baseMapper.updateById(targetProject) == 1)
@ -80,15 +64,12 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl

    @Override
    public Boolean createProject(Integer staffId, Project project) throws BadRequestException, ForbiddenException {
-//        Integer staffGlobalLevel = TokenUtils.getStaffGlobalLevel(token);
-//        if (staffGlobalLevel == 0 || staffGlobalLevel > 2) {
-//            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//        }
        project.setProjectId(null);
        project.setCompleted(false);
        project.setProjectCreatedTime(null);
        project.setProjectCreator(staffId);
        project.setProjectClosedDate(null);
+
        if (project.getExpectedCompletion() == null) {
            project.setExpectedCompletion((short) 100);
        } else if (project.getExpectedCompletion() < 0 || project.getExpectedCompletion() > 100 ||
@ -102,7 +83,6 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
                return projectGroupService.addCreator(project.getProjectId(), staffId);
            }
        } catch (Exception e) {
-//            log.error(e.getMessage(), e);
            throw new BadRequestException(BadRequestException.OPERATE_FAILED);
        }
        return false;
@ -116,10 +96,6 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
    }

    public Boolean updateProject(Integer staffId, Project project) throws BadRequestException, ForbiddenException {
-//        Integer staffId = TokenUtils.getStaffId(token);
-//        if (!staffId.equals(project.getProjectCreator()) && TokenUtils.getStaffGlobalLevel(token) != 1) {
-//            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//        }
        Project rawProject = baseMapper.selectById(project.getProjectId());
        if (Objects.equals(project, rawProject)) {
            return true;
@ -132,7 +108,6 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
                return true;
            throw new BadRequestException(BadRequestException.OPERATE_FAILED);
        } catch (Exception e) {
-//            log.error(e.getMessage(), e);
            throw new BadRequestException(BadRequestException.OPERATE_FAILED);
        }
    }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java
@ -146,28 +146,22 @@ public class StaffServiceImpl extends ServiceImpl<StaffMapper, Staff> implements
            if (totalCount < 1) {
                throw new BadRequestException("读取不到条目");
            }
-//            log.debug(totalCount);
-//            log.debug(staffUsernameC);
            if (!xlsxColumnGetter("staffPassword", 1, staffPasswordC, sheet) ||
                    staffPasswordC.size() != totalCount) {
                throw new BadRequestException("读取列staffPassword失败");
            }
-//            log.debug(staffPasswordC);
            if (!xlsxColumnGetter("staffFullname", 2, staffFullnameC, sheet) ||
                    staffFullnameC.size() != totalCount) {
                throw new BadRequestException("读取列staffFullname失败");
            }
-//            log.debug(staffFullnameC);
            if (!xlsxColumnGetter("staffGender", 3, staffGenderC, sheet) ||
                    staffGenderC.size() != totalCount) {
                throw new BadRequestException("读取列staffGender失败");
            }
-//            log.debug(staffGenderC);
            if (!xlsxColumnGetter("staffGlobalLevel", 4, staffGlobalLevelC, sheet) ||
                    staffGlobalLevelC.size() != totalCount) {
                throw new BadRequestException("读取列staffGlobalLevel失败");
            }
-//            log.debug(staffGlobalLevelC);
            if (staffGlobalLevelC.stream().anyMatch(level -> Integer.parseInt(level) < 2)) {
                throw new BadRequestException("列staffGlobalLevel无效");
            }
@ -184,7 +178,6 @@ public class StaffServiceImpl extends ServiceImpl<StaffMapper, Staff> implements
                staff.setStaffFullname(staffFullnameC.get(i));
                staff.setStaffGender(staffGenderC.get(i));
                staff.setStaffGlobalLevel(Integer.parseInt(staffGlobalLevelC.get(i)));
-//                log.debug(staff);
                if (baseMapper.insert(staff) != 1) {
                    throw new BadRequestException("第" + (i + 1) + "行数据错误");
                }
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/TaskServiceImpl.java
@ -10,7 +10,6 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
 import cn.edu.hfut.rmdjzz.projectmanagement.mapper.TaskMapper;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService;
-import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.baomidou.mybatisplus.extension.toolkit.SimpleQuery;
@ -39,9 +38,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT

    @Override
    public List<TaskDTO> listSubtasks(Integer projectId, Long fatherId) throws ForbiddenException, BadRequestException {
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
        if (fatherId == null) {
            throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
        }
@ -53,9 +49,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT

    @Override
    public Boolean existSubTask(Integer projectId, Long taskId) throws ForbiddenException {
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
        return baseMapper.exists(Wrappers.<Task>lambdaQuery().eq(Task::getTaskFatherId, taskId));
    }

@ -66,13 +59,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            Integer globalAccessLevel,
            Long taskId
    ) throws BadRequestException, ForbiddenException {
-//        Integer level = getHolderLevel(staffId, globalAccessLevel, taskId);
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
-//        if (level == 0 || level == 3) {
-//            throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
-//        }
        try {
            List<Long> res = new ArrayList<>();
            // 添加根任务点Id，获得子节点数目
@ -100,17 +86,13 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            }
            return true;
        } catch (Exception e) {
-//            log.error(e.getMessage(), e);
            return false;
        }
    }

    @Transactional(isolation = Isolation.SERIALIZABLE, rollbackFor = Exception.class)
-    public Boolean closeTaskAndSubTask(Integer staffId, Integer globalAccessLevel, Integer projectId, Long taskId) throws BadRequestException {
+    public Boolean closeTaskAndSubTask(Integer staffId, Integer globalAccessLevel, Long taskId) throws BadRequestException {
        Integer level = getHolderLevel(staffId, globalAccessLevel, taskId);
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new BadRequestException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
        if (level == 0) {
            throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
        }
@ -140,19 +122,12 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            }
            return true;
        } catch (Exception e) {
-//            log.error(e.getMessage(), e);
            return false;
        }
    }

    @Override
    public List<StaffProcessDTO> getProjectStatistics(Integer projectId, Integer staffId) throws ForbiddenException {
-//        if (staffId != null && !TokenUtils.getStaffId(token).equals(staffId)) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
        List<StaffProcessDTO> resList = baseMapper.selectProjectProcess(projectId, staffId);
        addResultProjectProcess(resList, Task.TYPE_ASSIGNMENT);
        addResultProjectProcess(resList, Task.TYPE_DEFECT);
@ -202,18 +177,10 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            }
            return count;
        } catch (Exception e) {
-//            log.error(e.getMessage(), e);
            return 0;
        }
    }

-//    @Override
-//    public Integer getHolderLevel(String token, Long taskId) {
-//        Integer staffId = TokenUtils.getStaffId(token);
-//        Integer staffGlobalLevel = TokenUtils.getStaffGlobalLevel(token);
-//        return getHolderLevel(staffId, staffGlobalLevel, taskId);
-//    }
-
    private int lowerBound(List<Task> data, long x) {
        int l = 0, r = data.size() - 1;
        while (l < r) {
@ -239,10 +206,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT

    @Override
    public List<TaskDTO> listMyTasks(Integer staffId, Integer projectId) throws ForbiddenException {
-//        Integer staffId = TokenUtils.getStaffId(token);
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new ForbiddenException("不可操作的项目");
-//        }
        List<Task> resList = baseMapper.selectList(Wrappers.<Task>lambdaQuery()
                .select(Task::getTaskId, Task::getTaskFatherId, Task::getTaskHolderId)
                .eq(Task::getTaskProjectId, projectId)
@ -290,7 +253,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            }
            return true;
        } catch (Exception e) {
-//            log.error(e.getMessage(), e);
            return false;
        }
    }
@ -303,10 +265,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            Task task
    ) throws BadRequestException, ForbiddenException {
        task.setTaskId(null);
-//        Integer userLevel = projectGroupService.getProjectAccessLevel(token, task.getTaskProjectId());
-//        if (userLevel == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
        if (!task.checkInsert()) {
            throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
        }
@ -342,7 +300,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            Integer accessLevel,
            Task task
    ) throws BadRequestException, ForbiddenException {
-//        Integer userLevel = projectGroupService.getProjectAccessLevel(token, task.getTaskProjectId());
        Task rawTask = baseMapper.selectOne(Wrappers.<Task>lambdaQuery().eq(Task::getTaskId, task.getTaskId()));
        if (accessLevel == 0 || (accessLevel == 3 && getHolderLevel(staffId, globalAccessLevel, task.getTaskId()) == 0)) {
            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
@ -354,7 +311,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            if (task.getTaskStatus().equals(Task.STATUS_CLOSED))
                typeChangeValue = 2;
        }
-//        log.debug(!task.checkModification(rawTask));
        if (!task.checkModification(rawTask) || !task.checkInsert()) {
            throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
        }
@ -367,7 +323,7 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
                task.setTaskClosedTime(LocalDateTime.now());
            }
            if (typeChangeValue == 2) {
-                closed = closeTaskAndSubTask(staffId, globalAccessLevel, task.getTaskProjectId(), task.getTaskId());
+                closed = closeTaskAndSubTask(staffId, globalAccessLevel, task.getTaskId());
            }
            if (Objects.equals(rawTask, task)) {
                return task;
@ -376,7 +332,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
                throw new BadRequestException(BadRequestException.OPERATE_FAILED);
            }
        } catch (Exception e) {
-//            log.error(e.getMessage(), e);
            throw new BadRequestException(BadRequestException.OPERATE_FAILED);
        }
        return task;
@ -385,9 +340,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
    // 完成任务数目概况统计
    @Override
    public Map<String, List<TaskTrendDTO>> getProjectTaskTrend(Integer projectId) throws ForbiddenException {
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//        }
        // 起止日期
        LocalDate endDate = LocalDate.now();
        LocalDate startDate = endDate.plusDays(-14);
@ -410,8 +362,8 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
            List<TaskTrendDTO> taskList = new ArrayList<>();
            ListIterator<TaskTrendDTO> closedIter = closedList.listIterator();
            ListIterator<TaskTrendDTO> unclosedIter = unclosedList.listIterator();
-            TaskTrendDTO closedTaskTrend = null;
-            TaskTrendDTO unclosedTaskTrend = null;
+            TaskTrendDTO closedTaskTrend;
+            TaskTrendDTO unclosedTaskTrend;

            // 关闭与未关闭的任务的中间累加对象
            closedTaskTrend = closedIter.next();
@ -453,8 +405,8 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
    private List<TaskTrendDTO> getResultTaskStatus(Integer projectId, LocalDate startDate) {
        List<TaskTrendDTO> resList = baseMapper.selectClosedTaskTrendBeforeDate(projectId, startDate);
        List<TaskTrendDTO> taskList = new ArrayList<>();
-        Boolean existClosed = false;
-        Boolean existCompleted = false;
+        boolean existClosed = false;
+        boolean existCompleted = false;
        for (TaskTrendDTO taskTrendDTO : resList) {
            if (Objects.equals(Task.STATUS_CLOSED, taskTrendDTO.getTaskStatus())) {
                existClosed = true;
@ -483,19 +435,9 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
        return taskTrendDTO;
    }

-    // FIXME
    @Transactional(isolation = Isolation.SERIALIZABLE, rollbackFor = Exception.class)
    @Override
-    public Boolean transferStaffTasks(String token, Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException {
-        if (
-//                projectGroupService.getProjectAccessLevel(token, projectId) == 0 ||
-                 projectGroupService.getProjectAccessLevelIgnoreGlobalLevel(transferredStaffId, projectId) == 0) {
-            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-        }
-//        if (projectGroupService.compareProjectAccessLevel(projectId, token, transferredStaffId) > 0) {
-//            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//        }
-
+    public Boolean transferStaffTasks(Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException {
        Map<Long, Task> originTransferTaskMap = SimpleQuery.keyMap(
                Wrappers.<Task>lambdaQuery()
                        .eq(Task::getTaskProjectId, projectId)
@ -539,19 +481,9 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
    }


-    // FIXME
    @Transactional(isolation = Isolation.SERIALIZABLE, rollbackFor = Exception.class)
    @Override
-    public Boolean transferTasksToSingleStaff(String token, Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException {
-        if (
-//                projectGroupService.getProjectAccessLevel(token, projectId) == 0 ||
-                 projectGroupService.getProjectAccessLevelIgnoreGlobalLevel(transferredStaffId, projectId) == 0
-                || projectGroupService.getProjectAccessLevelIgnoreGlobalLevel(targetStaffId, projectId) == 0) {
-            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-        }
-//        if (projectGroupService.compareProjectAccessLevel(projectId, token, transferredStaffId) > 0) {
-//            throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
-//        }
+    public Boolean transferTasksToSingleStaff(Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException {
        Long transferredTaskCount = baseMapper.selectCount(Wrappers.<Task>lambdaQuery()
                .eq(Task::getTaskHolderId, transferredStaffId)
                .and(wrapper -> wrapper
@ -575,9 +507,6 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT

    @Override
    public Map<String, Long> getProjectProcessOfEveryone(Integer projectId) throws ForbiddenException {
-//        if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
-//            throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
-//        }
        Map<String, Long> resMap = new HashMap<>();
        List<TaskNumOfEveryoneDTO> resList = baseMapper.selectProjectProcessOfEveryone(projectId);
        for (TaskNumOfEveryoneDTO taskNumOfEveryoneDTO : resList) {
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/TokenUtils.java
@ -21,7 +21,9 @@ public final class TokenUtils {
    public final static String HEADER_TOKEN = "Token";
    public final static String STAFF_USERNAME = "staffUsername";
    public final static String STAFF_ID = "staffId";
-    public final static String STAFF_GLOBAL_LEVEL = "staffGlobalLevel";
+    public final static String STAFF_GLOBAL_LEVEL = "globalAccessLevel";
+    public final static String PROJECT_ACCESS_LEVEL = "projectAccessLevel";
+    public static final String TARGET_PROJECT = "targetProject";
    private final static String DURATION = "duration";

    public static String getToken(String staffUsername, Integer staffId, Integer staffGlobalLevel, Long duration) {
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/http/HttpUtils.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/http/HttpUtils.java
@ -1,5 +1,8 @@
 package cn.edu.hfut.rmdjzz.projectmanagement.utils.http;

+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
 import javax.servlet.http.HttpServletRequest;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
@ -52,4 +55,13 @@ public class HttpUtils {
    private static boolean ipAddressAvailable(String ipAddress) {
        return ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress);
    }
+
+    @SuppressWarnings("unchecked")
+    public static <T> T getAttribute(ServletRequestAttributes attributes, String key) {
+        Object value = attributes.getAttribute(key, RequestAttributes.SCOPE_REQUEST);
+        if (value == null) {
+            return null;
+        }
+        return (T) value;
+    }
 }
--- a/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/UtilTests.java
+++ b/src/test/java/cn/edu/hfut/rmdjzz/projectmanagement/UtilTests.java
@ -3,6 +3,8 @@ package cn.edu.hfut.rmdjzz.projectmanagement;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.TimeUtils;
 import lombok.SneakyThrows;
 import org.junit.jupiter.api.Test;
+import org.springframework.expression.ExpressionParser;
+import org.springframework.expression.spel.standard.SpelExpressionParser;

 import java.time.LocalDate;
 import java.time.LocalDateTime;
@ -29,4 +31,14 @@ public class UtilTests {
        Class<?> returnType = this.getClass().getMethod("timeTest").getReturnType();
        System.out.println(returnType.equals(void.class));
    }
+
+    @Test
+    public void spelTest() {
+        ExpressionParser parser = new SpelExpressionParser();
+        System.out.println(parser.parseExpression("a == 1").getValue(new R(2), Boolean.class));
+        System.out.println(parser.parseExpression("a == 1").getValue(new R(1), Boolean.class));
+    }
+
+    record R(int a) {
+    }
 }
Author	SHA1	Message	Date
ArgonarioD	68dea0790f	修改了错误的注释	2023-01-14 17:14:07 +08:00
ArgonarioD	817746871a	添加了一些注释，删除了一些无效注释	2023-01-14 17:05:06 +08:00
ArgonarioD	1cfed731e7	确认并删除了无用的代码	2023-01-13 23:03:59 +08:00
ArgonarioD	c0018c5788	删除了没用的SneakyThrows	2023-01-13 22:47:48 +08:00
ArgonarioD	f607650c73	彻底将鉴权部分挪移到切面处	2023-01-13 22:45:21 +08:00
ArgonarioD	ba6f19544e	Merge remote-tracking branch 'origin/master'	2023-01-13 22:29:43 +08:00
ArgonarioD	75d07779c1	完成了新的鉴权切面	2023-01-13 22:29:36 +08:00