diff --git a/src/main/java/com/rymcu/forest/service/ArticleService.java b/src/main/java/com/rymcu/forest/service/ArticleService.java index f839ed5..f564de9 100644 --- a/src/main/java/com/rymcu/forest/service/ArticleService.java +++ b/src/main/java/com/rymcu/forest/service/ArticleService.java @@ -67,7 +67,7 @@ public interface ArticleService extends Service
{ * @param id * @return * */ - Map delete(Integer id); + Map delete(Integer id) throws BaseApiException; /** * 增量文章浏览数 diff --git a/src/main/java/com/rymcu/forest/service/impl/ArticleServiceImpl.java b/src/main/java/com/rymcu/forest/service/impl/ArticleServiceImpl.java index af287d1..5308dc0 100644 --- a/src/main/java/com/rymcu/forest/service/impl/ArticleServiceImpl.java +++ b/src/main/java/com/rymcu/forest/service/impl/ArticleServiceImpl.java @@ -249,8 +249,18 @@ public class ArticleServiceImpl extends AbstractService
implements Arti @Override @Transactional(rollbackFor = Exception.class) - public Map delete(Integer id) { + public Map delete(Integer id) throws BaseApiException { Map map = new HashMap(1); + // 鉴权 + User user = UserUtils.getCurrentUserByToken(); + Integer roleWeights = userService.findRoleWeightsByUser(user.getIdUser()); + if (roleWeights > 2) { + Article article = articleMapper.selectByPrimaryKey(id); + if (!user.getIdUser().equals(article.getArticleAuthorId())) { + map.put("message", "非法访问!"); + return map; + } + } Integer result; // 判断是否有评论 boolean isHavComment = articleMapper.existsCommentWithPrimaryKey(id); diff --git a/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java b/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java index 32c7526..69a6d98 100644 --- a/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java +++ b/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java @@ -61,7 +61,7 @@ public class ArticleController { } @DeleteMapping("/delete/{id}") - public GlobalResult delete(@PathVariable Integer id) { + public GlobalResult delete(@PathVariable Integer id) throws BaseApiException { Map map = articleService.delete(id); return GlobalResultGenerator.genSuccessResult(map); }