From 2500be0fc39fc215db7aa11ab17375fb0f570252 Mon Sep 17 00:00:00 2001 From: ronger Date: Thu, 17 Feb 2022 16:46:36 +0800 Subject: [PATCH] =?UTF-8?q?:bug:=20=E4=BF=AE=E6=94=B9=E6=96=87=E7=AB=A0?= =?UTF-8?q?=E6=A0=87=E7=AD=BE=E6=9D=83=E9=99=90=E5=88=A4=E6=96=AD=E9=97=AE?= =?UTF-8?q?=E9=A2=98=E4=BF=AE=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../core/service/security/AuthorshipAspect.java | 12 +++++++++++- src/main/java/com/rymcu/forest/enumerate/Module.java | 3 ++- src/main/java/com/rymcu/forest/util/UserUtils.java | 1 + .../forest/web/api/article/ArticleController.java | 2 +- 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java b/src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java index b937046..093b48d 100644 --- a/src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java +++ b/src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java @@ -8,6 +8,7 @@ import com.rymcu.forest.entity.Article; import com.rymcu.forest.entity.Portfolio; import com.rymcu.forest.enumerate.Module; import com.rymcu.forest.jwt.def.JwtConstants; +import com.rymcu.forest.mapper.UserMapper; import com.rymcu.forest.service.ArticleService; import com.rymcu.forest.service.PortfolioService; import com.rymcu.forest.util.UserUtils; @@ -52,6 +53,8 @@ public class AuthorshipAspect { private ArticleService articleService; @Resource private PortfolioService portfolioService; + @Resource + private UserMapper userMapper; /** * 检查用户修改信息权限 @@ -119,7 +122,14 @@ public class AuthorshipAspect { TokenUser tokenUser = UserUtils.getTokenUser(authHeader); if (Objects.nonNull(tokenUser)) { if (!idAuthor.equals(tokenUser.getIdUser())) { - throw new BaseApiException(ErrorCode.ACCESS_DENIED); + boolean hasPermission = false; + if (Module.ARTICLE_TAG.equals(log.moduleName())) { + // 判断管理员权限 + hasPermission = userMapper.hasAdminPermission(tokenUser.getAccount()); + } + if (!hasPermission) { + throw new BaseApiException(ErrorCode.ACCESS_DENIED); + } } } else { throw new BaseApiException(ErrorCode.ACCESS_DENIED); diff --git a/src/main/java/com/rymcu/forest/enumerate/Module.java b/src/main/java/com/rymcu/forest/enumerate/Module.java index c25fa6e..2b47a3a 100644 --- a/src/main/java/com/rymcu/forest/enumerate/Module.java +++ b/src/main/java/com/rymcu/forest/enumerate/Module.java @@ -8,5 +8,6 @@ package com.rymcu.forest.enumerate; */ public enum Module { ARTICLE, - PORTFOLIO; + PORTFOLIO, + ARTICLE_TAG; } diff --git a/src/main/java/com/rymcu/forest/util/UserUtils.java b/src/main/java/com/rymcu/forest/util/UserUtils.java index 2343060..c69b70e 100644 --- a/src/main/java/com/rymcu/forest/util/UserUtils.java +++ b/src/main/java/com/rymcu/forest/util/UserUtils.java @@ -69,6 +69,7 @@ public class UserUtils { if (user != null) { TokenUser tokenUser = new TokenUser(); BeanCopierUtil.copy(user, tokenUser); + tokenUser.setAccount(user.getEmail()); tokenUser.setToken(token); tokenUser.setWeights(userMapper.selectRoleWeightsByUser(user.getIdUser())); return tokenUser; diff --git a/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java b/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java index 700cbe8..a21f5e8 100644 --- a/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java +++ b/src/main/java/com/rymcu/forest/web/api/article/ArticleController.java @@ -94,7 +94,7 @@ public class ArticleController { } @PostMapping("/update-tags") - @AuthorshipInterceptor(moduleName = Module.ARTICLE) + @AuthorshipInterceptor(moduleName = Module.ARTICLE_TAG) public GlobalResult updateTags(@RequestBody Article article) throws BaseApiException, UnsupportedEncodingException { Map map = articleService.updateTags(article.getIdArticle(), article.getArticleTags()); return GlobalResultGenerator.genSuccessResult(map);