完善用户权限判断
1. 完善用户权限判断 2. 升级相关依赖 3. 解决 slf4j 无法正常加载问题 4. 修复修改昵称为空的问题
This commit is contained in:
commit
c438bf4cdd
112
pom.xml
112
pom.xml
@ -5,7 +5,7 @@
|
||||
<parent>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-parent</artifactId>
|
||||
<version>2.7.17</version>
|
||||
<version>2.7.18</version>
|
||||
<relativePath/> <!-- lookup parent from repository -->
|
||||
</parent>
|
||||
<groupId>com.rymcu</groupId>
|
||||
@ -19,7 +19,8 @@
|
||||
<properties>
|
||||
<java.version>1.8</java.version>
|
||||
<lucene.version>8.11.2</lucene.version>
|
||||
<hutool.version>5.8.24</hutool.version>
|
||||
<hutool.version>5.8.26</hutool.version>
|
||||
<okio.version>3.9.0</okio.version>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
@ -27,14 +28,14 @@
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-data-redis</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-to-slf4j</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-codec</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-to-slf4j</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.yaml</groupId>
|
||||
<artifactId>snakeyaml</artifactId>
|
||||
@ -49,30 +50,6 @@
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>ch.qos.logback</groupId>
|
||||
<artifactId>logback-classic</artifactId>
|
||||
<version>1.4.12</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>ch.qos.logback</groupId>
|
||||
<artifactId>logback-core</artifactId>
|
||||
<version>1.4.12</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-codec</artifactId>
|
||||
<version>4.1.86.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.yaml</groupId>
|
||||
<artifactId>snakeyaml</artifactId>
|
||||
<version>1.33</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-mail</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
@ -84,6 +61,41 @@
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>ch.qos.logback</groupId>
|
||||
<artifactId>logback-classic</artifactId>
|
||||
<version>1.5.3</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>ch.qos.logback</groupId>
|
||||
<artifactId>logback-core</artifactId>
|
||||
<version>1.5.3</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.slf4j</groupId>
|
||||
<artifactId>slf4j-simple</artifactId>
|
||||
<version>1.7.36</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-to-slf4j</artifactId>
|
||||
<version>2.19.0</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-codec</artifactId>
|
||||
<version>4.1.86.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.yaml</groupId>
|
||||
<artifactId>snakeyaml</artifactId>
|
||||
<version>2.2</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-mail</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind -->
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
@ -91,19 +103,19 @@
|
||||
<version>2.14.0</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>org.mybatis.spring.boot</groupId>
|
||||
<artifactId>mybatis-spring-boot-starter</artifactId>
|
||||
<version>3.0.0</version>
|
||||
</dependency>
|
||||
|
||||
<!-- https://mvnrepository.com/artifact/com.mysql/mysql-connector-j -->
|
||||
<dependency>
|
||||
<groupId>mysql</groupId>
|
||||
<artifactId>mysql-connector-java</artifactId>
|
||||
<version>8.0.33</version>
|
||||
<scope>runtime</scope>
|
||||
<groupId>com.mysql</groupId>
|
||||
<artifactId>mysql-connector-j</artifactId>
|
||||
<version>8.3.0</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.projectlombok</groupId>
|
||||
<artifactId>lombok</artifactId>
|
||||
@ -177,7 +189,7 @@
|
||||
<dependency>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-spring</artifactId>
|
||||
<version>1.10.0</version>
|
||||
<version>1.13.0</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>commons-collections</groupId>
|
||||
@ -240,23 +252,6 @@
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-to-slf4j</artifactId>
|
||||
<version>2.19.0</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-api</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-api</artifactId>
|
||||
<version>2.19.0</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-configuration-processor</artifactId>
|
||||
@ -353,6 +348,17 @@
|
||||
<groupId>com.squareup.retrofit2</groupId>
|
||||
<artifactId>retrofit</artifactId>
|
||||
<version>2.9.0</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>com.squareup.okio</groupId>
|
||||
<artifactId>okio</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.squareup.okio</groupId>
|
||||
<artifactId>okio</artifactId>
|
||||
<version>${okio.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.squareup.retrofit2</groupId>
|
||||
|
@ -67,12 +67,7 @@ public class TransactionRecordServiceImpl extends AbstractService<TransactionRec
|
||||
|
||||
private ReentrantLock getUserTransferLocks(String formBankAccount) {
|
||||
synchronized (userTransferLocks) {
|
||||
ReentrantLock lock = userTransferLocks.get(formBankAccount);
|
||||
if (lock == null) {
|
||||
lock = new ReentrantLock();
|
||||
userTransferLocks.put(formBankAccount, lock);
|
||||
}
|
||||
return lock;
|
||||
return userTransferLocks.computeIfAbsent(formBankAccount, k -> new ReentrantLock());
|
||||
}
|
||||
}
|
||||
|
||||
@ -83,15 +78,15 @@ public class TransactionRecordServiceImpl extends AbstractService<TransactionRec
|
||||
return list;
|
||||
}
|
||||
|
||||
private TransactionRecordDTO genTransactionRecord(TransactionRecordDTO transactionRecordDTO) {
|
||||
private void genTransactionRecord(TransactionRecordDTO transactionRecordDTO) {
|
||||
BankAccountDTO toBankAccount = bankAccountMapper.selectByBankAccount(transactionRecordDTO.getToBankAccount());
|
||||
BankAccountDTO formBankAccount = bankAccountMapper.selectByBankAccount(transactionRecordDTO.getFormBankAccount());
|
||||
transactionRecordDTO.setFormBankAccountInfo(formBankAccount);
|
||||
transactionRecordDTO.setToBankAccountInfo(toBankAccount);
|
||||
return transactionRecordDTO;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public TransactionRecord userTransfer(Long toUserId, Long formUserId, TransactionEnum transactionType) {
|
||||
BankAccountDTO toBankAccount = bankAccountMapper.findPersonBankAccountByIdUser(toUserId);
|
||||
BankAccountDTO formBankAccount = bankAccountMapper.findPersonBankAccountByIdUser(formUserId);
|
||||
@ -107,6 +102,7 @@ public class TransactionRecordServiceImpl extends AbstractService<TransactionRec
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public TransactionRecord bankTransfer(Long idUser, TransactionEnum transactionType) {
|
||||
BankAccountDTO toBankAccount = bankAccountMapper.findPersonBankAccountByIdUser(idUser);
|
||||
if (Objects.isNull(toBankAccount)) {
|
||||
@ -143,6 +139,7 @@ public class TransactionRecordServiceImpl extends AbstractService<TransactionRec
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public TransactionRecord newbieRewards(TransactionRecord transactionRecord) {
|
||||
// 判断是否重复发放
|
||||
Boolean result = transactionRecordMapper.existsWithNewbieRewards(transactionRecord.getToBankAccount());
|
||||
|
@ -188,11 +188,11 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public UserInfoDTO updateUserInfo(UserInfoDTO user) throws ServiceException {
|
||||
user.setNickname(formatNickname(user.getNickname()));
|
||||
Integer number = userMapper.checkNicknameByIdUser(user.getIdUser(), user.getNickname());
|
||||
if (number > 0) {
|
||||
boolean number = checkNicknameByIdUser(user.getIdUser(), user.getNickname());
|
||||
if (number) {
|
||||
throw new NicknameOccupyException("该昵称已使用!");
|
||||
}
|
||||
user.setNickname(formatNickname(user.getNickname()));
|
||||
if (FileDataType.BASE64.equals(user.getAvatarType())) {
|
||||
String avatarUrl = UploadController.uploadBase64File(user.getAvatarUrl(), FilePath.AVATAR);
|
||||
user.setAvatarUrl(avatarUrl);
|
||||
@ -216,11 +216,11 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
}
|
||||
|
||||
public boolean checkNicknameByIdUser(Long idUser, String nickname) {
|
||||
Integer number = userMapper.checkNicknameByIdUser(idUser, nickname);
|
||||
if (number > 0) {
|
||||
return false;
|
||||
if (StringUtils.isBlank(formatNickname(nickname))) {
|
||||
throw new IllegalArgumentException("昵称不能为空!");
|
||||
}
|
||||
return true;
|
||||
Integer number = userMapper.checkNicknameByIdUser(idUser, nickname);
|
||||
return number <= 0;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -5,6 +5,8 @@ import com.rymcu.forest.core.result.GlobalResultGenerator;
|
||||
import com.rymcu.forest.dto.ArticleUpdateStatusDTO;
|
||||
import com.rymcu.forest.entity.Article;
|
||||
import com.rymcu.forest.service.ArticleService;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.PatchMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -20,6 +22,7 @@ import javax.annotation.Resource;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/admin/article")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public class AdminArticleController {
|
||||
|
||||
@Resource
|
||||
|
@ -12,6 +12,8 @@ import com.rymcu.forest.dto.admin.UserRoleDTO;
|
||||
import com.rymcu.forest.entity.*;
|
||||
import com.rymcu.forest.service.*;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -23,6 +25,7 @@ import java.util.List;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/admin")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public class AdminController {
|
||||
|
||||
@Resource
|
||||
|
@ -7,6 +7,8 @@ import com.rymcu.forest.core.result.GlobalResultGenerator;
|
||||
import com.rymcu.forest.dto.TransactionRecordDTO;
|
||||
import com.rymcu.forest.entity.CurrencyRule;
|
||||
import com.rymcu.forest.service.CurrencyRuleService;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
@ -24,6 +26,7 @@ import java.util.List;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/admin/rule/currency")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public class AdminCurrencyRuleController {
|
||||
@Resource
|
||||
private CurrencyRuleService currencyRuleService;
|
||||
|
@ -9,6 +9,8 @@ import com.rymcu.forest.dto.BankAccountDTO;
|
||||
import com.rymcu.forest.dto.UserInfoDTO;
|
||||
import com.rymcu.forest.dto.admin.Dashboard;
|
||||
import com.rymcu.forest.service.DashboardService;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
@ -23,6 +25,7 @@ import java.util.Map;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/admin/dashboard")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public class DashboardController {
|
||||
|
||||
@Resource
|
||||
|
@ -18,6 +18,9 @@ import com.rymcu.forest.service.ArticleThumbsUpService;
|
||||
import com.rymcu.forest.service.CommentService;
|
||||
import com.rymcu.forest.service.SponsorService;
|
||||
import com.rymcu.forest.util.UserUtils;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -48,6 +51,7 @@ public class ArticleController {
|
||||
}
|
||||
|
||||
@PostMapping("/post")
|
||||
@RequiresPermissions(value = "user")
|
||||
public GlobalResult<Long> postArticle(@RequestBody ArticleDTO article) throws UnsupportedEncodingException {
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
return GlobalResultGenerator.genSuccessResult(articleService.postArticle(article, user));
|
||||
@ -75,6 +79,7 @@ public class ArticleController {
|
||||
}
|
||||
|
||||
@GetMapping("/drafts")
|
||||
@RequiresPermissions(value = "user")
|
||||
public GlobalResult<PageInfo<ArticleDTO>> drafts(@RequestParam(defaultValue = "0") Integer page, @RequestParam(defaultValue = "10") Integer rows) {
|
||||
PageHelper.startPage(page, rows);
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
@ -84,12 +89,14 @@ public class ArticleController {
|
||||
}
|
||||
|
||||
@GetMapping("/{idArticle}/share")
|
||||
@RequiresPermissions(value = "user")
|
||||
public GlobalResult<String> share(@PathVariable Integer idArticle) {
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
return GlobalResultGenerator.genResult(true, articleService.share(idArticle, user.getAccount()), "");
|
||||
}
|
||||
|
||||
@PostMapping("/update-tags")
|
||||
@RequiresPermissions(value = "user")
|
||||
@AuthorshipInterceptor(moduleName = Module.ARTICLE_TAG)
|
||||
public GlobalResult<Boolean> updateTags(@RequestBody Article article) throws UnsupportedEncodingException {
|
||||
Long idArticle = article.getIdArticle();
|
||||
@ -99,6 +106,7 @@ public class ArticleController {
|
||||
}
|
||||
|
||||
@PostMapping("/thumbs-up")
|
||||
@RequiresPermissions(value = "user")
|
||||
public GlobalResult<Integer> thumbsUp(@RequestBody ArticleThumbsUp articleThumbsUp) {
|
||||
if (Objects.isNull(articleThumbsUp) || Objects.isNull(articleThumbsUp.getIdArticle())) {
|
||||
throw new BusinessException("数据异常,文章不存在!");
|
||||
@ -109,6 +117,7 @@ public class ArticleController {
|
||||
}
|
||||
|
||||
@PostMapping("/sponsor")
|
||||
@RequiresPermissions(value = "user")
|
||||
public GlobalResult<Boolean> sponsor(@RequestBody Sponsor sponsor) {
|
||||
if (Objects.isNull(sponsor) || Objects.isNull(sponsor.getDataId()) || Objects.isNull(sponsor.getDataType())) {
|
||||
throw new IllegalArgumentException("数据异常");
|
||||
|
@ -8,6 +8,8 @@ import com.rymcu.forest.dto.BankAccountDTO;
|
||||
import com.rymcu.forest.dto.BankAccountSearchDTO;
|
||||
import com.rymcu.forest.dto.TransactionRecordDTO;
|
||||
import com.rymcu.forest.service.BankAccountService;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -19,6 +21,7 @@ import java.util.List;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/admin/bank-account")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public class BankAccountController {
|
||||
|
||||
@Resource
|
||||
|
@ -4,6 +4,8 @@ import com.rymcu.forest.core.result.GlobalResult;
|
||||
import com.rymcu.forest.core.result.GlobalResultGenerator;
|
||||
import com.rymcu.forest.entity.TransactionRecord;
|
||||
import com.rymcu.forest.service.TransactionRecordService;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -16,19 +18,20 @@ import javax.annotation.Resource;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/transaction")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public class TransactionRecordController {
|
||||
|
||||
@Resource
|
||||
private TransactionRecordService transactionRecordService;
|
||||
|
||||
@PostMapping("/transfer")
|
||||
public GlobalResult transfer(@RequestBody TransactionRecord transactionRecord) {
|
||||
public GlobalResult<TransactionRecord> transfer(@RequestBody TransactionRecord transactionRecord) {
|
||||
transactionRecord = transactionRecordService.transfer(transactionRecord);
|
||||
return GlobalResultGenerator.genSuccessResult(transactionRecord);
|
||||
}
|
||||
|
||||
@PostMapping("/newbie-rewards")
|
||||
public GlobalResult newbieRewards(@RequestBody TransactionRecord transactionRecord) {
|
||||
public GlobalResult<TransactionRecord> newbieRewards(@RequestBody TransactionRecord transactionRecord) {
|
||||
transactionRecord = transactionRecordService.newbieRewards(transactionRecord);
|
||||
return GlobalResultGenerator.genSuccessResult(transactionRecord);
|
||||
}
|
||||
|
@ -49,7 +49,7 @@ public class WalletController {
|
||||
}
|
||||
PageHelper.startPage(page, rows);
|
||||
List<TransactionRecordDTO> list = bankAccountService.findUserTransactionRecords(bankAccount.getBankAccount(), startDate, endDate);
|
||||
PageInfo<TransactionRecordDTO> pageInfo = new PageInfo(list);
|
||||
PageInfo<TransactionRecordDTO> pageInfo = new PageInfo<>(list);
|
||||
return GlobalResultGenerator.genSuccessResult(pageInfo);
|
||||
}
|
||||
|
||||
|
@ -5,6 +5,7 @@ import com.rymcu.forest.core.result.GlobalResultGenerator;
|
||||
import com.rymcu.forest.entity.Comment;
|
||||
import com.rymcu.forest.service.CommentService;
|
||||
import com.rymcu.forest.util.UserUtils;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -18,6 +19,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/comment")
|
||||
@RequiresPermissions(value = "user")
|
||||
public class CommentController {
|
||||
|
||||
@Resource
|
||||
|
@ -15,6 +15,9 @@ import com.rymcu.forest.util.Utils;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.shiro.authz.UnauthorizedException;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
@ -40,6 +43,7 @@ import com.rymcu.forest.util.SSRFUtil;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/upload")
|
||||
@RequiresPermissions(value = "user")
|
||||
public class UploadController {
|
||||
|
||||
private final static String UPLOAD_SIMPLE_URL = "/api/upload/file";
|
||||
|
@ -1,6 +1,7 @@
|
||||
package com.rymcu.forest.web.api.common;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.messaging.handler.annotation.MessageMapping;
|
||||
import org.springframework.messaging.handler.annotation.SendTo;
|
||||
import org.springframework.messaging.simp.SimpMessagingTemplate;
|
||||
@ -14,6 +15,7 @@ import javax.annotation.Resource;
|
||||
* @author ronger
|
||||
*/
|
||||
@Controller
|
||||
@RequiresPermissions(value = "user")
|
||||
public class WebSocketController {
|
||||
|
||||
@Resource
|
||||
|
@ -6,6 +6,7 @@ import com.rymcu.forest.entity.Follow;
|
||||
import com.rymcu.forest.entity.User;
|
||||
import com.rymcu.forest.service.FollowService;
|
||||
import com.rymcu.forest.util.UserUtils;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -15,6 +16,7 @@ import javax.annotation.Resource;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/follow")
|
||||
@RequiresPermissions(value = "user")
|
||||
public class FollowController {
|
||||
|
||||
@Resource
|
||||
|
@ -9,6 +9,7 @@ import com.rymcu.forest.entity.Notification;
|
||||
import com.rymcu.forest.entity.User;
|
||||
import com.rymcu.forest.service.NotificationService;
|
||||
import com.rymcu.forest.util.UserUtils;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -22,6 +23,7 @@ import java.util.Objects;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/notification")
|
||||
@RequiresPermissions(value = "user")
|
||||
public class NotificationController {
|
||||
|
||||
@Resource
|
||||
|
@ -13,6 +13,7 @@ import com.rymcu.forest.enumerate.Module;
|
||||
import com.rymcu.forest.service.PortfolioService;
|
||||
import com.rymcu.forest.service.UserService;
|
||||
import com.rymcu.forest.util.UserUtils;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -38,6 +39,7 @@ public class PortfolioController {
|
||||
}
|
||||
|
||||
@PostMapping("/post")
|
||||
@RequiresPermissions(value = "user")
|
||||
public GlobalResult<Portfolio> add(@RequestBody Portfolio portfolio) {
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
portfolio.setPortfolioAuthorId(user.getIdUser());
|
||||
|
@ -11,6 +11,8 @@ import com.rymcu.forest.entity.User;
|
||||
import com.rymcu.forest.enumerate.Module;
|
||||
import com.rymcu.forest.service.ProductService;
|
||||
import com.rymcu.forest.util.UserUtils;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -36,12 +38,14 @@ public class ProductController {
|
||||
}
|
||||
|
||||
@PostMapping("/post")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public GlobalResult<Product> add(@RequestBody ProductDTO product) {
|
||||
Product newProduct = productService.postProduct(product);
|
||||
return GlobalResultGenerator.genSuccessResult(newProduct);
|
||||
}
|
||||
|
||||
@PutMapping("/post")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public GlobalResult<Product> update(@RequestBody ProductDTO product) {
|
||||
if (product.getIdProduct() == null || product.getIdProduct() == 0) {
|
||||
throw new IllegalArgumentException("产品主键参数异常!");
|
||||
@ -52,6 +56,7 @@ public class ProductController {
|
||||
|
||||
|
||||
@PatchMapping("/update-status")
|
||||
@RequiresRoles(value = {"blog_admin", "admin"}, logical = Logical.OR)
|
||||
public GlobalResult<Boolean> updateStatus(@RequestBody Product product) {
|
||||
boolean flag = productService.updateStatus(product.getIdProduct(), product.getStatus());
|
||||
return GlobalResultGenerator.genSuccessResult(flag);
|
||||
|
@ -36,7 +36,7 @@ public class UserController {
|
||||
|
||||
@GetMapping("/{account}")
|
||||
@VisitLogger
|
||||
public GlobalResult detail(@PathVariable String account) {
|
||||
public GlobalResult<UserDTO> detail(@PathVariable String account) {
|
||||
UserDTO userDTO = userService.findUserDTOByAccount(account);
|
||||
return GlobalResultGenerator.genSuccessResult(userDTO);
|
||||
}
|
||||
@ -49,7 +49,7 @@ public class UserController {
|
||||
}
|
||||
PageHelper.startPage(page, rows);
|
||||
List<ArticleDTO> list = articleService.findUserArticlesByIdUser(userDTO.getIdUser());
|
||||
PageInfo<ArticleDTO> pageInfo = new PageInfo(list);
|
||||
PageInfo<ArticleDTO> pageInfo = new PageInfo<>(list);
|
||||
return GlobalResultGenerator.genSuccessResult(pageInfo);
|
||||
}
|
||||
|
||||
@ -61,7 +61,7 @@ public class UserController {
|
||||
}
|
||||
PageHelper.startPage(page, rows);
|
||||
List<PortfolioDTO> list = portfolioService.findUserPortfoliosByUser(userDTO);
|
||||
PageInfo<PortfolioDTO> pageInfo = new PageInfo(list);
|
||||
PageInfo<PortfolioDTO> pageInfo = new PageInfo<>(list);
|
||||
return GlobalResultGenerator.genSuccessResult(pageInfo);
|
||||
}
|
||||
|
||||
@ -73,7 +73,7 @@ public class UserController {
|
||||
}
|
||||
PageHelper.startPage(page, rows);
|
||||
List<UserDTO> list = followService.findUserFollowersByUser(userDTO);
|
||||
PageInfo<UserDTO> pageInfo = new PageInfo(list);
|
||||
PageInfo<UserDTO> pageInfo = new PageInfo<>(list);
|
||||
return GlobalResultGenerator.genSuccessResult(pageInfo);
|
||||
}
|
||||
|
||||
@ -85,7 +85,7 @@ public class UserController {
|
||||
}
|
||||
PageHelper.startPage(page, rows);
|
||||
List<UserDTO> list = followService.findUserFollowingsByUser(userDTO);
|
||||
PageInfo<UserDTO> pageInfo = new PageInfo(list);
|
||||
PageInfo<UserDTO> pageInfo = new PageInfo<>(list);
|
||||
return GlobalResultGenerator.genSuccessResult(pageInfo);
|
||||
}
|
||||
|
||||
|
@ -13,6 +13,9 @@ import com.rymcu.forest.entity.LoginRecord;
|
||||
import com.rymcu.forest.entity.UserExtend;
|
||||
import com.rymcu.forest.service.LoginRecordService;
|
||||
import com.rymcu.forest.service.UserService;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@ -23,6 +26,7 @@ import java.util.List;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/user-info")
|
||||
@RequiresPermissions(value = "user")
|
||||
public class UserInfoController {
|
||||
|
||||
@Resource
|
||||
@ -45,8 +49,7 @@ public class UserInfoController {
|
||||
}
|
||||
|
||||
@GetMapping("/check-nickname")
|
||||
@SecurityInterceptor
|
||||
public GlobalResult checkNickname(@RequestParam Long idUser, @RequestParam String nickname) {
|
||||
public GlobalResult<Boolean> checkNickname(@RequestParam Long idUser, @RequestParam String nickname) {
|
||||
boolean flag = userService.checkNicknameByIdUser(idUser, nickname);
|
||||
return GlobalResultGenerator.genSuccessResult(flag);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user