From fe61bf1945707a8dea47f073296ad36f2ebd9052 Mon Sep 17 00:00:00 2001 From: ronger Date: Tue, 27 Apr 2021 21:47:07 +0800 Subject: [PATCH] =?UTF-8?q?:bug:=20=E4=BF=AE=E5=A4=8D=E4=BD=9C=E5=93=81?= =?UTF-8?q?=E9=9B=86=E9=89=B4=E6=9D=83=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/rymcu/forest/service/PortfolioService.java | 2 +- .../forest/service/impl/PortfolioServiceImpl.java | 13 ++++++++++++- .../web/api/portfolio/PortfolioController.java | 2 +- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/rymcu/forest/service/PortfolioService.java b/src/main/java/com/rymcu/forest/service/PortfolioService.java index df8d2e7..db6d67c 100644 --- a/src/main/java/com/rymcu/forest/service/PortfolioService.java +++ b/src/main/java/com/rymcu/forest/service/PortfolioService.java @@ -76,7 +76,7 @@ public interface PortfolioService extends Service { * @param idPortfolio * @return */ - Map deletePortfolio(Integer idPortfolio); + Map deletePortfolio(Integer idPortfolio) throws BaseApiException; /** * 获取作品集列表数据 diff --git a/src/main/java/com/rymcu/forest/service/impl/PortfolioServiceImpl.java b/src/main/java/com/rymcu/forest/service/impl/PortfolioServiceImpl.java index b843722..cbc480c 100644 --- a/src/main/java/com/rymcu/forest/service/impl/PortfolioServiceImpl.java +++ b/src/main/java/com/rymcu/forest/service/impl/PortfolioServiceImpl.java @@ -4,6 +4,7 @@ import com.github.pagehelper.PageHelper; import com.github.pagehelper.PageInfo; import com.rymcu.forest.core.service.AbstractService; import com.rymcu.forest.dto.*; +import com.rymcu.forest.entity.Article; import com.rymcu.forest.entity.Portfolio; import com.rymcu.forest.entity.User; import com.rymcu.forest.mapper.PortfolioMapper; @@ -152,11 +153,21 @@ public class PortfolioServiceImpl extends AbstractService implements } @Override - public Map deletePortfolio(Integer idPortfolio) { + public Map deletePortfolio(Integer idPortfolio) throws BaseApiException { Map map = new HashMap(1); if (idPortfolio == null || idPortfolio.equals(0)) { map.put("message", "作品集数据异常"); } + // 鉴权 + User user = UserUtils.getCurrentUserByToken(); + Integer roleWeights = userService.findRoleWeightsByUser(user.getIdUser()); + if (roleWeights > 2) { + Portfolio portfolio = portfolioMapper.selectByPrimaryKey(idPortfolio); + if (!user.getIdUser().equals(portfolio.getPortfolioAuthorId())) { + map.put("message", "非法访问!"); + return map; + } + } Integer articleNumber = portfolioMapper.selectCountArticleNumber(idPortfolio); if (articleNumber > 0) { diff --git a/src/main/java/com/rymcu/forest/web/api/portfolio/PortfolioController.java b/src/main/java/com/rymcu/forest/web/api/portfolio/PortfolioController.java index 66251cb..ffaaf73 100644 --- a/src/main/java/com/rymcu/forest/web/api/portfolio/PortfolioController.java +++ b/src/main/java/com/rymcu/forest/web/api/portfolio/PortfolioController.java @@ -68,7 +68,7 @@ public class PortfolioController { } @DeleteMapping("/delete") - public GlobalResult delete(Integer idPortfolio){ + public GlobalResult delete(Integer idPortfolio) throws BaseApiException { Map map = portfolioService.deletePortfolio(idPortfolio); return GlobalResultGenerator.genSuccessResult(map); }