Compare commits

..

No commits in common. "68dea0790f32aabbedd65fd016b5416d519867a8" and "3b35115cb6eae948c465aca2a95b1c5e3e01b41c" have entirely different histories.

29 changed files with 383 additions and 187 deletions

View File

@ -25,24 +25,29 @@ public class ExceptionHandlerAdvice {
@ExceptionHandler(UnauthorizedException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public ResponseMap handleUnauthorizedException(Exception e) {
// log.error(ExceptionUtils.getStackTrace(e));
// log.error(e.getMessage(), e);
return ResponseMap.of(HttpStatus.UNAUTHORIZED.value(), e.getMessage());
}
@ExceptionHandler(BadRequestException.class)
@ResponseStatus(HttpStatus.BAD_REQUEST)
public ResponseMap handleBadRequestException(BadRequestException e) {
// log.error(e.getMessage(), e);
return ResponseMap.of(HttpStatus.BAD_REQUEST.value(), e.getMessage());
}
@ExceptionHandler(ForbiddenException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
public ResponseMap handleForbiddenException(ForbiddenException e) {
// log.error(e.getMessage(), e);
return ResponseMap.of(HttpStatus.FORBIDDEN.value(), e.getMessage());
}
@ExceptionHandler(BindException.class)
@ResponseStatus(HttpStatus.BAD_REQUEST)
public ResponseMap handleBindException(BindException e) {
// log.error(e.getMessage(), e);
return ResponseMap.of(HttpStatus.BAD_REQUEST.value(),
e.getAllErrors().stream()
.map(DefaultMessageSourceResolvable::getDefaultMessage)
@ -53,6 +58,7 @@ public class ExceptionHandlerAdvice {
@ExceptionHandler(TooManyRequestException.class)
@ResponseStatus(HttpStatus.TOO_MANY_REQUESTS)
public ResponseMap handleTooManyRequestException(TooManyRequestException e) {
// log.error(e.getMessage(), e);
return ResponseMap.of(HttpStatus.TOO_MANY_REQUESTS.value(), e.getMessage());
}
}

View File

@ -7,8 +7,8 @@ import java.lang.annotation.*;
@Target(ElementType.METHOD)
public @interface ProjectAuthorize {
/**
* ag1
* "a>0 && a<3"3
* pg1
* "p>0 && p<3"3
*/
String value();
}

View File

@ -1,73 +0,0 @@
package cn.edu.hfut.rmdjzz.projectmanagement.aop;
import cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize;
import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.HttpUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.servlet.HandlerMapping;
import java.util.Map;
@Aspect
@Component
public class ProjectAuthorizeAOP {
@Autowired
private IProjectService projectService;
@Autowired
private IProjectGroupService projectGroupService;
@Pointcut("@annotation(cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize)")
public void pointcut() {
}
@SuppressWarnings("unchecked")
@Before(value = "pointcut()")
public void preAuthorize(JoinPoint joinPoint) throws ForbiddenException {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
assert attributes != null;
MethodSignature signature = (MethodSignature) (joinPoint.getSignature());
ProjectAuthorize annotation = signature.getMethod().getAnnotation(ProjectAuthorize.class);
String expression = annotation.value();
Integer globalAccessLevel = HttpUtils.getAttribute(attributes, TokenUtils.STAFF_GLOBAL_LEVEL);
Integer projectAccessLevel = null;
if (expression.contains("a")) { // 如果涉及到项目权限
Integer staffId = HttpUtils.getAttribute(attributes, TokenUtils.STAFF_ID);
// 获取路径参数中的projectId
Map<String, String> pathVariables = ((Map<String, String>) (attributes
.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE, RequestAttributes.SCOPE_REQUEST)));
assert pathVariables != null;
Integer projectId = Integer.parseInt(pathVariables.get("projectId"));
// 获取项目权限并将项目权限和项目记录本身放入RequestAttribute中
projectAccessLevel = projectGroupService.getProjectAccessLevel(staffId, globalAccessLevel, projectId);
attributes.setAttribute(TokenUtils.PROJECT_ACCESS_LEVEL, projectAccessLevel, RequestAttributes.SCOPE_REQUEST);
attributes.setAttribute(TokenUtils.TARGET_PROJECT, projectService.getById(projectId), RequestAttributes.SCOPE_REQUEST);
}
// 解析SpEL表达式进行鉴权
ExpressionParser parser = new SpelExpressionParser();
Boolean result = parser.parseExpression(expression)
.getValue(new ValidateObject(globalAccessLevel, projectAccessLevel), Boolean.class);
if (!Boolean.TRUE.equals(result)) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
}
private record ValidateObject(Integer g, Integer a) {
}
}

View File

@ -4,9 +4,13 @@ import cn.edu.hfut.rmdjzz.projectmanagement.annotation.ProjectAuthorize;
import cn.edu.hfut.rmdjzz.projectmanagement.entity.Announcement;
import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.AnnouncementDTO;
import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IAnnouncementService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
@ -20,32 +24,45 @@ public class AnnouncementController {
@Autowired
private IAnnouncementService announcementService;
@Autowired
private IProjectGroupService projectGroupService;
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping
public ResponseList<AnnouncementDTO> getAnnouncementList(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId
) {
return ResponseList.ofSuccess(announcementService.getAnnouncementList(projectId));
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping("/{announcementId}")
public ResponseMap getAnnouncementById(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId,
@PathVariable Long announcementId
) {
return ResponseMap.ofSuccess(announcementService.getAnnouncementById(projectId, announcementId));
}
@SneakyThrows
@ProjectAuthorize("a>0 && a<=2")
@PostMapping
public ResponseMap createAnnouncement(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@PathVariable Integer projectId,
@RequestBody Announcement announcement
) {
/*Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
if (accessLevel == 0 || accessLevel > 2) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}*/
announcement.setProjectId(projectId);
// announcement.setAnnouncementPublisherId(TokenUtils.getStaffId(token));
announcement.setAnnouncementPublisherId(staffId);
announcement.setAnnouncementPublishTime(null);
if (announcementService.save(announcement)) {
@ -54,9 +71,27 @@ public class AnnouncementController {
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
// 取消功能
/*@SneakyThrows
@PutMapping("/{announcementId}")
public ResponseMap modifyAnnouncement(
@RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId,
@PathVariable Long announcementId,
@RequestBody Announcement announcement
) {
announcement.setAnnouncementId(announcementId);
if (announcementService.updateAnnouncement(token, projectId, announcement)) {
return ResponseMap.ofSuccess("更新成功");
}
throw new BadRequestException("更新失败");
}*/
@SneakyThrows
@ProjectAuthorize("a>0 && a<=2")
@DeleteMapping("/{announcementId}")
public ResponseMap deleteAnnouncement(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@RequestAttribute Integer globalAccessLevel,
@PathVariable Integer projectId,

View File

@ -5,13 +5,17 @@ import cn.edu.hfut.rmdjzz.projectmanagement.annotation.RateLimit;
import cn.edu.hfut.rmdjzz.projectmanagement.entity.Project;
import cn.edu.hfut.rmdjzz.projectmanagement.entity.dto.ProjectDTO;
import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
@ -31,51 +35,67 @@ public class ProjectController {
@Autowired
private IProjectService projectService;
@Autowired
private IProjectGroupService projectGroupService;
@Operation(summary = "根据Token获取该员工的ProjectList")
@RateLimit(key = "ProjectPage", permitsPerSecond = 50, maxBurstSeconds = 15, timeout = 1200)
@SneakyThrows
@GetMapping
public ResponseList<ProjectDTO> getProjectListOfStaff(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer globalAccessLevel,
@RequestAttribute Integer staffId,
@Valid RequestPage page,
@Parameter(description = "参数列表见Project实体类时间可以用xxxxStart与xxxxEnd来确定区间", required = true)
@RequestParam("paramMap") Map<String, Object> paramMap
@Parameter(description = "参数列表见Project实体类时间可以用xxxxStart与xxxxEnd来确定区间"
, required = true) @RequestParam("paramMap") Map<String, Object> paramMap
) {
if (globalAccessLevel == 1) staffId = null;
if(globalAccessLevel == 1) staffId = null;
Page<ProjectDTO> result = projectService.pageMyProjects(staffId, page, paramMap);
return ResponseList.ofSuccess(result);
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping("/{projectId}")
public ResponseMap getOneProjectBasicInfo(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable("projectId") Integer projectId
) {
return ResponseMap.ofSuccess(projectService.getById(projectId));
}
@Operation(description = "根据Token获取该员工的Project数")
@SneakyThrows
@GetMapping("/count")
public ResponseMap getProjectNumOfStaff(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token
@RequestAttribute Integer staffId
) {
return ResponseMap.ofSuccess()
.put("totalNum", projectService.countMyProjects(staffId));
}
@SneakyThrows
@ProjectAuthorize("a == 1 || g == 1")
@PostMapping("/complete/{projectId}")
public ResponseMap completeProject(@RequestAttribute Project targetProject) {
public ResponseMap completeProject(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Project targetProject,
@Parameter(description = "只需要传projectId即可{\"projectId\": 1}")
@PathVariable Integer projectId
) {
if (targetProject.getCompleted())
throw new BadRequestException(PROJECT_COMPLETED);
projectService.setProjectCompleted(targetProject);
return ResponseMap.ofSuccess();
}
@SneakyThrows
@ProjectAuthorize("g != 0 && g <= 2")
@PostMapping
public ResponseMap createProject(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@RequestBody Project project
) {
@ -83,9 +103,11 @@ public class ProjectController {
return ResponseMap.ofSuccess();
}
@SneakyThrows
@ProjectAuthorize("a == 1 || g == 1")
@PutMapping("/{projectId}")
public ResponseMap updateProject(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@PathVariable Integer projectId,
@RequestBody Project project
@ -97,9 +119,11 @@ public class ProjectController {
return ResponseMap.ofSuccess();
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping("/{projectId}/stats")
public ResponseMap getProjectProcess(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@RequestAttribute Integer globalAccessLevel,
@PathVariable Integer projectId

View File

@ -8,12 +8,14 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IStaffService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.ValidateUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import io.swagger.v3.oas.annotations.Operation;
import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
@ -35,12 +37,21 @@ public class ProjectGroupController {
private ValidateUtils validateUtils;
@Operation(description = "传入合法page参数时分页查询否则拉取整个列表")
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping
public ResponseList<ProjectGroupDTO> getGroupMembers(
@PathVariable Integer projectId,
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
RequestPage page
) {
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
// if (validateUtils.validate(page).isEmpty()) {
// return ResponseList.ofSuccess(projectGroupService.pageProjectMembers(page, projectId));
// }
//return ResponseList.ofSuccess(projectGroupService.listProjectMembers(projectId));
ResponseList<ProjectGroupDTO> groupMembers;
if (validateUtils.validate(page).isEmpty()) {
groupMembers = ResponseList.ofSuccess(projectGroupService.pageProjectMembers(page, projectId));
@ -51,12 +62,17 @@ public class ProjectGroupController {
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping("/{staffId}")
public ResponseMap getDesignatedStaffPosition(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId,
@PathVariable Integer staffId
) {
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
ProjectGroup designatedStaff = projectGroupService.getOne(
Wrappers.<ProjectGroup>lambdaQuery()
.eq(ProjectGroup::getStaffId, staffId)
@ -68,9 +84,10 @@ public class ProjectGroupController {
}
@Operation(description = "body中只传staffUsername和projectStaffPosition")
@ProjectAuthorize("a == 1")
@SneakyThrows
@PostMapping
public ResponseMap addGroupMember(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer accessLevel,
@PathVariable Integer projectId,
@RequestBody GroupPositionVO groupPosition
@ -81,9 +98,10 @@ public class ProjectGroupController {
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
@ProjectAuthorize("a == 1")
@SneakyThrows
@DeleteMapping("/{staffId}")
public ResponseMap deleteGroupMember(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer accessLevel,
@PathVariable Integer projectId,
@PathVariable Integer staffId
@ -95,9 +113,10 @@ public class ProjectGroupController {
}
@Operation(description = "body中只传projectStaffPosition")
@ProjectAuthorize("a > 0 && a <= 2")
@SneakyThrows
@PutMapping("/{staffId}")
public ResponseMap modifyDesignatedStaffPosition(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer accessLevel,
@PathVariable Integer projectId,
@PathVariable Integer staffId,
@ -109,8 +128,10 @@ public class ProjectGroupController {
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
@SneakyThrows
@GetMapping("/stats")
public ResponseMap getGroupPositionsStatistics(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer accessLevel,
@PathVariable Integer projectId
) {
@ -118,28 +139,30 @@ public class ProjectGroupController {
}
@Operation(description = "请求体是一个key为taskIdvalue为staffId的map")
@ProjectAuthorize("a > 0 && a <= 2")
@SneakyThrows
@PutMapping("/{staffId}/transfer")
public ResponseMap transferStaffTasks(
@RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId,
@PathVariable Integer staffId,
@RequestBody Map<Long, Integer> transferMap
) {
if (taskService.transferStaffTasks(projectId, staffId, transferMap)) {
if (taskService.transferStaffTasks(token, projectId, staffId, transferMap)) {
return ResponseMap.ofSuccess();
}
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
@Operation(description = "将staffId的所有工作项转移至targetStaffId")
@ProjectAuthorize("a > 0 && a <= 2")
@SneakyThrows
@PutMapping("/{staffId}/transfer/{targetStaffId}")
public ResponseMap transferTasksToSingleStaff(
@RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId,
@PathVariable Integer staffId,
@PathVariable Integer targetStaffId
) {
if (taskService.transferTasksToSingleStaff(projectId, staffId, targetStaffId)) {
if (taskService.transferTasksToSingleStaff(token, projectId, staffId, targetStaffId)) {
return ResponseMap.ofSuccess();
}
throw new BadRequestException(BadRequestException.OPERATE_FAILED);

View File

@ -8,6 +8,7 @@ import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.HttpUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
import io.swagger.v3.oas.annotations.Parameter;
import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.util.DigestUtils;
@ -15,7 +16,6 @@ import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Objects;
/**
@ -28,6 +28,7 @@ public class StaffController {
@Autowired
private IStaffService staffService;
@SneakyThrows
@PostMapping("/login")
public ResponseMap login(
@Parameter(description = "只需要传入staffUsername和staffPassword两个属性即可staffPassword需要md5加密后传输")
@ -39,6 +40,7 @@ public class StaffController {
staffService.login(requestIpAddress, staff.getStaffUsername(), staff.getStaffPassword()));
}
@SneakyThrows
@PostMapping("/logout")
public ResponseMap logout(@RequestHeader(TokenUtils.HEADER_TOKEN) String token) {
if (staffService.logout(token)) {
@ -47,12 +49,14 @@ public class StaffController {
throw new TokenException("登出失败");
}
@SneakyThrows
@PostMapping(value = "/import")
public ResponseMap importStaffs(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffGlobalLevel,
@RequestParam("fileDigest") String digest,
@RequestParam MultipartFile uploadFile
) throws IOException {
@RequestParam("uploadFile") MultipartFile uploadFile
) {
if (null == uploadFile) {
throw new BadRequestException("文件传输错误");
}
@ -67,6 +71,23 @@ public class StaffController {
return ResponseMap.ofSuccess("成功导入" + successCount + "条数据");
}
//取消功能
/*@SneakyThrows
@GetMapping("/import/template")
public void downloadTemplate(
@RequestHeader(TokenUtils.HEADER_TOKEN) String token,
HttpServletResponse response
) {
if (TokenUtils.getStaffGlobalLevel(token) > 2) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
if (FileUtils.downloadResource("static/public/账户导入模板.xlsx", response)) {
return;
}
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}*/
@SneakyThrows
@GetMapping("/import/template")
@ResponseStatus(HttpStatus.SEE_OTHER)
public ResponseMap downloadTemplate() {

View File

@ -10,8 +10,11 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.impl.TaskServiceImpl;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
@ -29,43 +32,51 @@ public class TaskController {
@Autowired
private IProjectService projectService;
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping("/{fatherId}/subtask")
public ResponseList<TaskDTO> getSubTaskList(
@PathVariable Integer projectId,
@PathVariable Long fatherId
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable("projectId") Integer projectId,
@PathVariable("fatherId") Long fatherId
) {
List<TaskDTO> result = taskService.listSubtasks(projectId, fatherId);
return ResponseList.ofSuccess(result);
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@RateLimit(key = "TaskMine", permitsPerSecond = 40, maxBurstSeconds = 15, timeout = 1200)
@GetMapping("/mine")
public ResponseList<TaskDTO> getMyTasks(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@PathVariable Integer projectId
@PathVariable("projectId") Integer projectId
) {
List<TaskDTO> result = taskService.listMyTasks(staffId, projectId);
return ResponseList.ofSuccess(result);
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping("/subtask/exist")
public ResponseMap existSubTask(
@PathVariable Integer projectId,
@RequestParam Long taskId
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable("projectId") Integer projectId,
@RequestParam("taskId") Long taskId
) {
return ResponseMap.ofSuccess()
.put("existSubTask", taskService.existSubTask(projectId, taskId));
}
@SneakyThrows
@PostMapping
public ResponseMap createTask(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@RequestAttribute Integer globalAccessLevel,
@RequestAttribute Integer accessLevel,
@PathVariable Integer projectId,
@PathVariable("projectId") Integer projectId,
@RequestBody Task task
) {
if (!projectService.checkOpenStatus(projectId))
@ -75,15 +86,17 @@ public class TaskController {
return ResponseMap.ofSuccess();
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@RateLimit(key = "TaskModify", permitsPerSecond = 40, maxBurstSeconds = 15, timeout = 1200)
@PutMapping("/{taskId}")
public ResponseMap modifyTask(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@RequestAttribute Integer globalAccessLevel,
@RequestAttribute Integer accessLevel,
@PathVariable Integer projectId,
@PathVariable Long taskId,
@PathVariable("projectId") Integer projectId,
@PathVariable("taskId") Long taskId,
@RequestBody Task task
) {
if (!projectService.checkOpenStatus(projectId))
@ -95,13 +108,15 @@ public class TaskController {
return ResponseMap.ofSuccess();
}
@SneakyThrows
@RateLimit(key = "TaskModify", permitsPerSecond = 40, maxBurstSeconds = 15, timeout = 1200)
@DeleteMapping("/{taskId}")
public ResponseMap deleteTaskAndSubTask(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@RequestAttribute Integer globalAccessLevel,
@PathVariable Integer projectId,
@PathVariable Long taskId
@PathVariable("projectId") Integer projectId,
@PathVariable("taskId") Long taskId
) {
if (!projectService.checkOpenStatus(projectId))
throw new BadRequestException(IProjectService.PROJECT_UNOPENED);
@ -113,10 +128,12 @@ public class TaskController {
return ResponseMap.ofSuccess();
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@RateLimit(key = "TaskTrend", permitsPerSecond = 50, maxBurstSeconds = 15, timeout = 1200)
@GetMapping("/stats/trend")
public ResponseMap getTaskTrend(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId
) {
if (!projectService.checkOpenStatus(projectId)) {
@ -125,17 +142,21 @@ public class TaskController {
return ResponseMap.ofSuccess("查询成功", taskService.getProjectTaskTrend(projectId));
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping("/stats/group")
public ResponseMap getTaskNumOfEveryone(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@PathVariable Integer projectId
) {
return ResponseMap.ofSuccess("查询成功", taskService.getProjectProcessOfEveryone(projectId));
}
@SneakyThrows
@ProjectAuthorize("a != 0")
@GetMapping({"/stats", "/stats/{targetStaffId}"})
public ResponseList<StaffProcessDTO> getProjectStatistics(
// @RequestHeader(TokenUtils.HEADER_TOKEN) String token,
@RequestAttribute Integer staffId,
@PathVariable Integer projectId,
@PathVariable(required = false) Integer targetStaffId

View File

@ -2,6 +2,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.entity;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
/**

View File

@ -1,5 +1,7 @@
package cn.edu.hfut.rmdjzz.projectmanagement.entity.dto;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
import lombok.Data;
import java.time.LocalDateTime;

View File

@ -2,6 +2,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.entity.dto;
import cn.edu.hfut.rmdjzz.projectmanagement.entity.Task;
import lombok.Data;
import lombok.NonNull;
import java.time.LocalDate;
import java.util.Objects;
@ -17,16 +18,15 @@ public class TaskTrendDTO {
Long taskNum;
public void changeForUnclosed(TaskTrendDTO taskTrend) {
if (Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
if(Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
taskNum += taskTrend.getTaskNum();
}
}
public void changeForClosed(TaskTrendDTO taskTrend) {
if (Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
if(Objects.equals(Task.STATUS_UNCLOSED, taskStatus)) {
taskNum -= taskTrend.getTaskNum();
} else {
if (Objects.equals(taskTrend.getTaskStatus(), taskStatus)) {
if(Objects.equals(taskTrend.getTaskStatus(), taskStatus)) {
taskNum += taskTrend.getTaskNum();
}
}

View File

@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
* @author
* created at 2022/6/28 21:24
*/
public class BadRequestException extends BusinessException {
public class BadRequestException extends Exception {
public static final String WRONG_PARAMETERS = "参数错误";
public static final String OPERATE_FAILED = "操作失败";

View File

@ -1,12 +0,0 @@
package cn.edu.hfut.rmdjzz.projectmanagement.exception;
public class BusinessException extends RuntimeException {
public BusinessException(String message) {
super(message);
}
@Override
public synchronized Throwable fillInStackTrace() {
return this;
}
}

View File

@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
* @author
* @since 2022/7/6 20:14
*/
public class ForbiddenException extends BusinessException {
public class ForbiddenException extends Exception {
public static final String UNABLE_TO_OPERATE = "无该操作权限";

View File

@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
* @author
* @since 2022/7/11 17:35
*/
public class TooManyRequestException extends BusinessException {
public class TooManyRequestException extends Exception {
public TooManyRequestException(String message) {
super(message);
}

View File

@ -4,7 +4,7 @@ package cn.edu.hfut.rmdjzz.projectmanagement.exception;
* @author
* @since 2022/7/5 23:36
*/
public class UnauthorizedException extends BusinessException {
public class UnauthorizedException extends Exception {
public UnauthorizedException(String message) {
super(message);
}

View File

@ -1,6 +1,5 @@
package cn.edu.hfut.rmdjzz.projectmanagement.interceptor;
import org.jetbrains.annotations.NotNull;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
@ -8,6 +7,8 @@ import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Enumeration;
import java.util.Iterator;
/**
* @author
@ -17,7 +18,7 @@ import javax.servlet.http.HttpServletResponse;
public class CorsInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, @NotNull Object handler) {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Allow-Headers", "Content-Type,Token");

View File

@ -36,6 +36,8 @@ public class TokenInterceptor implements HandlerInterceptor {
if (TokenUtils.checkTimeOut(token)) {
throw new TokenException("Token已过期");
}
// log.debug(Objects.requireNonNull(TokenUtils.getStaffId(token)));
// log.debug(token);
if (!token.equals(redisTemplate.opsForValue().get(Objects.<Integer>requireNonNull(TokenUtils.getStaffId(token))))) {
throw new TokenException("请重新登录");
}

View File

@ -18,6 +18,8 @@ public interface IAnnouncementService extends IService<Announcement> {
AnnouncementDTO getAnnouncementById(Integer projectId, Long announcementId);
// Boolean updateAnnouncement(Integer projectId, Announcement announcement) throws ForbiddenException, BadRequestException;
Boolean deleteAnnouncement(Integer projectId, Integer staffId, Integer globalAccessLevel, Long announcementId) throws ForbiddenException, BadRequestException;
}

View File

@ -37,6 +37,8 @@ public interface IProjectGroupService extends IService<ProjectGroup> {
Integer getProjectAccessLevel(Integer staffId, Integer staffGlobalLevel, Integer projectId);
Integer getProjectAccessLevelIgnoreGlobalLevel(String token, Integer projectId);
Integer getProjectAccessLevelIgnoreGlobalLevel(Integer staffId, Integer projectId);
/**

View File

@ -15,7 +15,6 @@ import java.util.Map;
* @author
* created at 2022/7/4 14:49
*/
@SuppressWarnings("UnusedReturnValue")
public interface ITaskService extends IService<Task> {
List<TaskDTO> listSubtasks(Integer projectId, Long fatherId) throws BadRequestException, ForbiddenException;
@ -23,6 +22,8 @@ public interface ITaskService extends IService<Task> {
Boolean deleteTaskAndSubTask(Integer staffId, Integer globalAccessLevel, Long taskId) throws BadRequestException, ForbiddenException;
// Boolean closeTaskAndSubTask(String token, Integer projectId, Long taskId) throws BadRequestException;
List<StaffProcessDTO> getProjectStatistics(Integer projectId, Integer staffId) throws BadRequestException, ForbiddenException;
/**
@ -30,6 +31,13 @@ public interface ITaskService extends IService<Task> {
*/
Integer getHolderLevel(Integer staffId, Integer staffGlobalLevel, Long taskId);
/**
* /访1
*
* @return 1:all rights 2:father holder 3:current holder 0:no right
*/
// Integer getHolderLevel(String token, Long taskId);
List<TaskDTO> listMyTasks(Integer staffId, Integer projectId) throws BadRequestException, ForbiddenException;
Boolean canBeDone(Long taskId);
@ -40,9 +48,9 @@ public interface ITaskService extends IService<Task> {
Map<String, List<TaskTrendDTO>> getProjectTaskTrend(Integer projectId) throws ForbiddenException;
Boolean transferStaffTasks(Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException;
Boolean transferStaffTasks(String token, Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException;
Boolean transferTasksToSingleStaff(Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException;
Boolean transferTasksToSingleStaff(String token, Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException;
Map<String, Long> getProjectProcessOfEveryone(Integer projectId) throws ForbiddenException;
}

View File

@ -35,6 +35,25 @@ public class AnnouncementServiceImpl extends ServiceImpl<AnnouncementMapper, Ann
return baseMapper.selectAnnouncementById(projectId, announcementId);
}
// @Override
// public Boolean updateAnnouncement(Integer projectId, Announcement announcement) throws ForbiddenException, BadRequestException {
// Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
// if (accessLevel == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
// if (accessLevel > 2) {
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
// Announcement rawAnnouncement = baseMapper.selectById(announcement.getAnnouncementId());
// if (projectGroupService.compareProjectAccessLevel(projectId, token, rawAnnouncement.getAnnouncementPublisherId()) <= 0) {
// if (!announcement.checkModification(rawAnnouncement)) {
// throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
// }
// return updateById(announcement);
// }
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
@Override
public Boolean deleteAnnouncement(
Integer staffId,
@ -42,6 +61,13 @@ public class AnnouncementServiceImpl extends ServiceImpl<AnnouncementMapper, Ann
Integer projectId,
Long announcementId
) throws ForbiddenException, BadRequestException {
// Integer accessLevel = projectGroupService.getProjectAccessLevel(token, projectId);
// if (accessLevel == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
// if (accessLevel > 2) {
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
Announcement rawAnnouncement = baseMapper.selectOne(Wrappers.<Announcement>lambdaQuery()
.select(Announcement::getProjectId, Announcement::getAnnouncementPublisherId)
.eq(Announcement::getAnnouncementId, announcementId)

View File

@ -8,6 +8,7 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
import cn.edu.hfut.rmdjzz.projectmanagement.mapper.ProjectGroupMapper;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IStaffService;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
@ -42,28 +43,12 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
return baseMapper.insert(projectGroup) == 1;
}
private void buildPositions(ProjectGroup projectGroup, int accessLevel) {
String[] positionArray = projectGroup.getProjectStaffPosition().split(",");
for (String position : positionArray) {
position = position.strip();
if (position.equals(POSITION_1)) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
if (position.equals(POSITION_2)) {
if (accessLevel != 1) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
projectGroup.setProjectAccessLevel(2);
}
}
projectGroup.setProjectStaffPosition(String.join(",", positionArray));
}
@Override
public Boolean insertNewMember(int accessLevel, Integer projectId, String targetUsername, String positions) throws ForbiddenException, BadRequestException {
if (targetUsername.equals("root")) {
throw new BadRequestException(IStaffService.STAFF_DOES_NOT_EXIST);
}
//int accessLevel = getProjectAccessLevel(token, projectId);
int targetLevel = 3;
Staff targetStaff = staffService.getOne(Wrappers.<Staff>lambdaQuery().eq(Staff::getStaffUsername, targetUsername));
@ -73,10 +58,29 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
if (getProjectAccessLevelIgnoreGlobalLevel(targetStaff.getStaffId(), projectId) != 0) {
throw new BadRequestException("该成员已经在本项目中");
}
ProjectGroup newProjectGroupRelation = new ProjectGroup(targetStaff.getStaffId(), projectId, positions, targetLevel);
buildPositions(newProjectGroupRelation, accessLevel);
return baseMapper.insert(newProjectGroupRelation) == 1;
if (accessLevel == 0) {
throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
}
if (accessLevel > 2) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
String[] positionArray = positions.split(",");
for (String position : positionArray) {
position = position.strip();
if (position.equals(POSITION_1)) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
if (position.equals(POSITION_2)) {
if (accessLevel != 1) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
targetLevel = 2;
}
}
positions = String.join(",", positionArray);
return baseMapper.insert(new ProjectGroup(targetStaff.getStaffId(), projectId, positions, targetLevel)) == 1;
}
@Override
@ -95,6 +99,8 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
@Override
public Boolean updateStaffPositions(Integer accessLevel, Integer projectId, Integer targetId, String positions) throws ForbiddenException, BadRequestException {
//int accessLevel = getProjectAccessLevel(token, projectId);
//int originTargetLevel = getProjectAccessLevelIgnoreGlobalLevel(targetId, projectId);
ProjectGroup originProjectGroup = baseMapper.selectOne(Wrappers.<ProjectGroup>lambdaQuery()
.select(ProjectGroup::getProjectStaffPosition, ProjectGroup::getProjectAccessLevel)
.eq(ProjectGroup::getStaffId, targetId)
@ -108,16 +114,34 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
}
int targetLevel = 3;
ProjectGroup newProjectGroupRelation = new ProjectGroup(targetId, projectId, positions, targetLevel);
buildPositions(newProjectGroupRelation, accessLevel);
if (accessLevel == 0) {
throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
}
if (accessLevel > 2 || accessLevel >= originProjectGroup.getProjectAccessLevel()) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
String[] positionArray = positions.split(",");
for (String position : positionArray) {
position = position.strip();
if (position.equals(POSITION_1)) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
if (position.equals(POSITION_2)) {
if (accessLevel != 1) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
}
targetLevel = 2;
}
}
positions = String.join(",", positionArray);
return baseMapper.update(
null,
Wrappers.<ProjectGroup>lambdaUpdate()
.eq(ProjectGroup::getProjectId, newProjectGroupRelation.getProjectId())
.eq(ProjectGroup::getStaffId, newProjectGroupRelation.getStaffId())
.set(ProjectGroup::getProjectStaffPosition, newProjectGroupRelation.getProjectStaffPosition())
.set(ProjectGroup::getProjectAccessLevel, newProjectGroupRelation.getProjectAccessLevel())
.eq(ProjectGroup::getProjectId, projectId)
.eq(ProjectGroup::getStaffId, targetId)
.set(ProjectGroup::getProjectStaffPosition, positions)
.set(ProjectGroup::getProjectAccessLevel, targetLevel)
) == 1;
}
@ -130,6 +154,12 @@ public class ProjectGroupServiceImpl extends ServiceImpl<ProjectGroupMapper, Pro
return getProjectAccessLevelIgnoreGlobalLevel(staffId, projectId);
}
@Override
public Integer getProjectAccessLevelIgnoreGlobalLevel(String token, Integer projectId) {
Integer staffId = TokenUtils.getStaffId(token);
return getProjectAccessLevelIgnoreGlobalLevel(staffId, projectId);
}
@Override
public Integer getProjectAccessLevelIgnoreGlobalLevel(Integer staffId, Integer projectId) {
try {

View File

@ -8,6 +8,7 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
import cn.edu.hfut.rmdjzz.projectmanagement.mapper.ProjectMapper;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectService;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.WrapperUtils;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.RequestPage;
import com.baomidou.mybatisplus.core.metadata.IPage;
@ -38,15 +39,23 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
@Override
public ProjectProcessDTO getProjectProcess(Integer staffId, Integer globalAccessLevel, Integer projectId) throws ForbiddenException, BadRequestException {
// if (projectGroupService.getProjectAccessLevel(staffId, globalAccessLevel, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
// if (Objects.equals(projectId, 0)) {
// throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
// }
return baseMapper.selectProjectProcess(projectId);
}
@Override
public Page<ProjectDTO> pageMyProjects(
// String token,
Integer staffId,
RequestPage page,
Map<String, Object> params
) {
// Integer staffId = TokenUtils.getStaffGlobalLevel(token) == 1 ? null : TokenUtils.getStaffId(token);
IPage<ProjectDTO> userPage = baseMapper.selectMyProject(page.getPage(), staffId, WrapperUtils.allEqAndTimeIntervalQueryWrapper(params));
return (Page<ProjectDTO>) userPage;
}
@ -54,7 +63,14 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
@Override
public Boolean setProjectCompleted(
Project targetProject
) throws BadRequestException, ForbiddenException {
) throws BadRequestException, ForbiddenException
{
// Project targetProject = baseMapper.selectById(project.getProjectId());
// if (targetProject == null)
// throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
/*if (!Objects.equals(staffId, targetProject.getProjectCreator())
&& !Objects.equals(globalAccessLevel, 1))
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);*/
targetProject.setCompleted(true);
targetProject.setProjectClosedDate(LocalDate.now());
if (baseMapper.updateById(targetProject) == 1)
@ -64,12 +80,15 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
@Override
public Boolean createProject(Integer staffId, Project project) throws BadRequestException, ForbiddenException {
// Integer staffGlobalLevel = TokenUtils.getStaffGlobalLevel(token);
// if (staffGlobalLevel == 0 || staffGlobalLevel > 2) {
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
project.setProjectId(null);
project.setCompleted(false);
project.setProjectCreatedTime(null);
project.setProjectCreator(staffId);
project.setProjectClosedDate(null);
if (project.getExpectedCompletion() == null) {
project.setExpectedCompletion((short) 100);
} else if (project.getExpectedCompletion() < 0 || project.getExpectedCompletion() > 100 ||
@ -83,6 +102,7 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
return projectGroupService.addCreator(project.getProjectId(), staffId);
}
} catch (Exception e) {
// log.error(e.getMessage(), e);
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
return false;
@ -96,6 +116,10 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
}
public Boolean updateProject(Integer staffId, Project project) throws BadRequestException, ForbiddenException {
// Integer staffId = TokenUtils.getStaffId(token);
// if (!staffId.equals(project.getProjectCreator()) && TokenUtils.getStaffGlobalLevel(token) != 1) {
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
Project rawProject = baseMapper.selectById(project.getProjectId());
if (Objects.equals(project, rawProject)) {
return true;
@ -108,6 +132,7 @@ public class ProjectServiceImpl extends ServiceImpl<ProjectMapper, Project> impl
return true;
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
} catch (Exception e) {
// log.error(e.getMessage(), e);
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
}

View File

@ -146,22 +146,28 @@ public class StaffServiceImpl extends ServiceImpl<StaffMapper, Staff> implements
if (totalCount < 1) {
throw new BadRequestException("读取不到条目");
}
// log.debug(totalCount);
// log.debug(staffUsernameC);
if (!xlsxColumnGetter("staffPassword", 1, staffPasswordC, sheet) ||
staffPasswordC.size() != totalCount) {
throw new BadRequestException("读取列staffPassword失败");
}
// log.debug(staffPasswordC);
if (!xlsxColumnGetter("staffFullname", 2, staffFullnameC, sheet) ||
staffFullnameC.size() != totalCount) {
throw new BadRequestException("读取列staffFullname失败");
}
// log.debug(staffFullnameC);
if (!xlsxColumnGetter("staffGender", 3, staffGenderC, sheet) ||
staffGenderC.size() != totalCount) {
throw new BadRequestException("读取列staffGender失败");
}
// log.debug(staffGenderC);
if (!xlsxColumnGetter("staffGlobalLevel", 4, staffGlobalLevelC, sheet) ||
staffGlobalLevelC.size() != totalCount) {
throw new BadRequestException("读取列staffGlobalLevel失败");
}
// log.debug(staffGlobalLevelC);
if (staffGlobalLevelC.stream().anyMatch(level -> Integer.parseInt(level) < 2)) {
throw new BadRequestException("列staffGlobalLevel无效");
}
@ -178,6 +184,7 @@ public class StaffServiceImpl extends ServiceImpl<StaffMapper, Staff> implements
staff.setStaffFullname(staffFullnameC.get(i));
staff.setStaffGender(staffGenderC.get(i));
staff.setStaffGlobalLevel(Integer.parseInt(staffGlobalLevelC.get(i)));
// log.debug(staff);
if (baseMapper.insert(staff) != 1) {
throw new BadRequestException("第" + (i + 1) + "行数据错误");
}

View File

@ -10,6 +10,7 @@ import cn.edu.hfut.rmdjzz.projectmanagement.exception.ForbiddenException;
import cn.edu.hfut.rmdjzz.projectmanagement.mapper.TaskMapper;
import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
import cn.edu.hfut.rmdjzz.projectmanagement.service.ITaskService;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.baomidou.mybatisplus.extension.toolkit.SimpleQuery;
@ -38,6 +39,9 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
@Override
public List<TaskDTO> listSubtasks(Integer projectId, Long fatherId) throws ForbiddenException, BadRequestException {
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
if (fatherId == null) {
throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
}
@ -49,6 +53,9 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
@Override
public Boolean existSubTask(Integer projectId, Long taskId) throws ForbiddenException {
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
return baseMapper.exists(Wrappers.<Task>lambdaQuery().eq(Task::getTaskFatherId, taskId));
}
@ -59,6 +66,13 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
Integer globalAccessLevel,
Long taskId
) throws BadRequestException, ForbiddenException {
// Integer level = getHolderLevel(staffId, globalAccessLevel, taskId);
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
// if (level == 0 || level == 3) {
// throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
// }
try {
List<Long> res = new ArrayList<>();
// 添加根任务点Id获得子节点数目
@ -86,13 +100,17 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
}
return true;
} catch (Exception e) {
// log.error(e.getMessage(), e);
return false;
}
}
@Transactional(isolation = Isolation.SERIALIZABLE, rollbackFor = Exception.class)
public Boolean closeTaskAndSubTask(Integer staffId, Integer globalAccessLevel, Long taskId) throws BadRequestException {
public Boolean closeTaskAndSubTask(Integer staffId, Integer globalAccessLevel, Integer projectId, Long taskId) throws BadRequestException {
Integer level = getHolderLevel(staffId, globalAccessLevel, taskId);
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new BadRequestException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
if (level == 0) {
throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
}
@ -122,12 +140,19 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
}
return true;
} catch (Exception e) {
// log.error(e.getMessage(), e);
return false;
}
}
@Override
public List<StaffProcessDTO> getProjectStatistics(Integer projectId, Integer staffId) throws ForbiddenException {
// if (staffId != null && !TokenUtils.getStaffId(token).equals(staffId)) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
List<StaffProcessDTO> resList = baseMapper.selectProjectProcess(projectId, staffId);
addResultProjectProcess(resList, Task.TYPE_ASSIGNMENT);
addResultProjectProcess(resList, Task.TYPE_DEFECT);
@ -177,10 +202,18 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
}
return count;
} catch (Exception e) {
// log.error(e.getMessage(), e);
return 0;
}
}
// @Override
// public Integer getHolderLevel(String token, Long taskId) {
// Integer staffId = TokenUtils.getStaffId(token);
// Integer staffGlobalLevel = TokenUtils.getStaffGlobalLevel(token);
// return getHolderLevel(staffId, staffGlobalLevel, taskId);
// }
private int lowerBound(List<Task> data, long x) {
int l = 0, r = data.size() - 1;
while (l < r) {
@ -206,6 +239,10 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
@Override
public List<TaskDTO> listMyTasks(Integer staffId, Integer projectId) throws ForbiddenException {
// Integer staffId = TokenUtils.getStaffId(token);
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException("不可操作的项目");
// }
List<Task> resList = baseMapper.selectList(Wrappers.<Task>lambdaQuery()
.select(Task::getTaskId, Task::getTaskFatherId, Task::getTaskHolderId)
.eq(Task::getTaskProjectId, projectId)
@ -253,6 +290,7 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
}
return true;
} catch (Exception e) {
// log.error(e.getMessage(), e);
return false;
}
}
@ -265,6 +303,10 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
Task task
) throws BadRequestException, ForbiddenException {
task.setTaskId(null);
// Integer userLevel = projectGroupService.getProjectAccessLevel(token, task.getTaskProjectId());
// if (userLevel == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
if (!task.checkInsert()) {
throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
}
@ -300,6 +342,7 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
Integer accessLevel,
Task task
) throws BadRequestException, ForbiddenException {
// Integer userLevel = projectGroupService.getProjectAccessLevel(token, task.getTaskProjectId());
Task rawTask = baseMapper.selectOne(Wrappers.<Task>lambdaQuery().eq(Task::getTaskId, task.getTaskId()));
if (accessLevel == 0 || (accessLevel == 3 && getHolderLevel(staffId, globalAccessLevel, task.getTaskId()) == 0)) {
throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
@ -311,6 +354,7 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
if (task.getTaskStatus().equals(Task.STATUS_CLOSED))
typeChangeValue = 2;
}
// log.debug(!task.checkModification(rawTask));
if (!task.checkModification(rawTask) || !task.checkInsert()) {
throw new BadRequestException(BadRequestException.WRONG_PARAMETERS);
}
@ -323,7 +367,7 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
task.setTaskClosedTime(LocalDateTime.now());
}
if (typeChangeValue == 2) {
closed = closeTaskAndSubTask(staffId, globalAccessLevel, task.getTaskId());
closed = closeTaskAndSubTask(staffId, globalAccessLevel, task.getTaskProjectId(), task.getTaskId());
}
if (Objects.equals(rawTask, task)) {
return task;
@ -332,6 +376,7 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
} catch (Exception e) {
// log.error(e.getMessage(), e);
throw new BadRequestException(BadRequestException.OPERATE_FAILED);
}
return task;
@ -340,6 +385,9 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
// 完成任务数目概况统计
@Override
public Map<String, List<TaskTrendDTO>> getProjectTaskTrend(Integer projectId) throws ForbiddenException {
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
// 起止日期
LocalDate endDate = LocalDate.now();
LocalDate startDate = endDate.plusDays(-14);
@ -362,8 +410,8 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
List<TaskTrendDTO> taskList = new ArrayList<>();
ListIterator<TaskTrendDTO> closedIter = closedList.listIterator();
ListIterator<TaskTrendDTO> unclosedIter = unclosedList.listIterator();
TaskTrendDTO closedTaskTrend;
TaskTrendDTO unclosedTaskTrend;
TaskTrendDTO closedTaskTrend = null;
TaskTrendDTO unclosedTaskTrend = null;
// 关闭与未关闭的任务的中间累加对象
closedTaskTrend = closedIter.next();
@ -405,8 +453,8 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
private List<TaskTrendDTO> getResultTaskStatus(Integer projectId, LocalDate startDate) {
List<TaskTrendDTO> resList = baseMapper.selectClosedTaskTrendBeforeDate(projectId, startDate);
List<TaskTrendDTO> taskList = new ArrayList<>();
boolean existClosed = false;
boolean existCompleted = false;
Boolean existClosed = false;
Boolean existCompleted = false;
for (TaskTrendDTO taskTrendDTO : resList) {
if (Objects.equals(Task.STATUS_CLOSED, taskTrendDTO.getTaskStatus())) {
existClosed = true;
@ -435,9 +483,19 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
return taskTrendDTO;
}
// FIXME
@Transactional(isolation = Isolation.SERIALIZABLE, rollbackFor = Exception.class)
@Override
public Boolean transferStaffTasks(Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException {
public Boolean transferStaffTasks(String token, Integer projectId, Integer transferredStaffId, Map<Long, Integer> transferMap) throws ForbiddenException, BadRequestException {
if (
// projectGroupService.getProjectAccessLevel(token, projectId) == 0 ||
projectGroupService.getProjectAccessLevelIgnoreGlobalLevel(transferredStaffId, projectId) == 0) {
throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
}
// if (projectGroupService.compareProjectAccessLevel(projectId, token, transferredStaffId) > 0) {
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
Map<Long, Task> originTransferTaskMap = SimpleQuery.keyMap(
Wrappers.<Task>lambdaQuery()
.eq(Task::getTaskProjectId, projectId)
@ -481,9 +539,19 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
}
// FIXME
@Transactional(isolation = Isolation.SERIALIZABLE, rollbackFor = Exception.class)
@Override
public Boolean transferTasksToSingleStaff(Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException {
public Boolean transferTasksToSingleStaff(String token, Integer projectId, Integer transferredStaffId, Integer targetStaffId) throws ForbiddenException, BadRequestException {
if (
// projectGroupService.getProjectAccessLevel(token, projectId) == 0 ||
projectGroupService.getProjectAccessLevelIgnoreGlobalLevel(transferredStaffId, projectId) == 0
|| projectGroupService.getProjectAccessLevelIgnoreGlobalLevel(targetStaffId, projectId) == 0) {
throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
}
// if (projectGroupService.compareProjectAccessLevel(projectId, token, transferredStaffId) > 0) {
// throw new ForbiddenException(ForbiddenException.UNABLE_TO_OPERATE);
// }
Long transferredTaskCount = baseMapper.selectCount(Wrappers.<Task>lambdaQuery()
.eq(Task::getTaskHolderId, transferredStaffId)
.and(wrapper -> wrapper
@ -507,6 +575,9 @@ public class TaskServiceImpl extends ServiceImpl<TaskMapper, Task> implements IT
@Override
public Map<String, Long> getProjectProcessOfEveryone(Integer projectId) throws ForbiddenException {
// if (projectGroupService.getProjectAccessLevel(token, projectId) == 0) {
// throw new ForbiddenException(IProjectGroupService.UNABLE_TO_ACCESS_PROJECT);
// }
Map<String, Long> resMap = new HashMap<>();
List<TaskNumOfEveryoneDTO> resList = baseMapper.selectProjectProcessOfEveryone(projectId);
for (TaskNumOfEveryoneDTO taskNumOfEveryoneDTO : resList) {

View File

@ -21,9 +21,7 @@ public final class TokenUtils {
public final static String HEADER_TOKEN = "Token";
public final static String STAFF_USERNAME = "staffUsername";
public final static String STAFF_ID = "staffId";
public final static String STAFF_GLOBAL_LEVEL = "globalAccessLevel";
public final static String PROJECT_ACCESS_LEVEL = "projectAccessLevel";
public static final String TARGET_PROJECT = "targetProject";
public final static String STAFF_GLOBAL_LEVEL = "staffGlobalLevel";
private final static String DURATION = "duration";
public static String getToken(String staffUsername, Integer staffId, Integer staffGlobalLevel, Long duration) {

View File

@ -1,8 +1,5 @@
package cn.edu.hfut.rmdjzz.projectmanagement.utils.http;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.net.InetAddress;
import java.net.UnknownHostException;
@ -55,13 +52,4 @@ public class HttpUtils {
private static boolean ipAddressAvailable(String ipAddress) {
return ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress);
}
@SuppressWarnings("unchecked")
public static <T> T getAttribute(ServletRequestAttributes attributes, String key) {
Object value = attributes.getAttribute(key, RequestAttributes.SCOPE_REQUEST);
if (value == null) {
return null;
}
return (T) value;
}
}

View File

@ -3,8 +3,6 @@ package cn.edu.hfut.rmdjzz.projectmanagement;
import cn.edu.hfut.rmdjzz.projectmanagement.utils.TimeUtils;
import lombok.SneakyThrows;
import org.junit.jupiter.api.Test;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import java.time.LocalDate;
import java.time.LocalDateTime;
@ -31,14 +29,4 @@ public class UtilTests {
Class<?> returnType = this.getClass().getMethod("timeTest").getReturnType();
System.out.println(returnType.equals(void.class));
}
@Test
public void spelTest() {
ExpressionParser parser = new SpelExpressionParser();
System.out.println(parser.parseExpression("a == 1").getValue(new R(2), Boolean.class));
System.out.println(parser.parseExpression("a == 1").getValue(new R(1), Boolean.class));
}
record R(int a) {
}
}