添加项目权限校验方法
This commit is contained in:
@ -43,8 +43,8 @@ public class BusMachineryController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("machinery:machinery:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusMachineryVo> list(MachineryQueryReq req) {
|
||||
return busMachineryService.queryPageList(req);
|
||||
public R<Page<BusMachineryVo>> list(MachineryQueryReq req) {
|
||||
return R.ok(busMachineryService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -43,8 +43,8 @@ public class BusMachineryDetailController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("machinery:machineryDetail:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusMachineryDetailVo> list(MachineryDetailQueryReq req) {
|
||||
return busMachineryDetailService.queryPageList(req);
|
||||
public R<Page<BusMachineryDetailVo>> list(MachineryDetailQueryReq req) {
|
||||
return R.ok(busMachineryDetailService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -12,6 +12,7 @@ import org.dromara.common.core.exception.ServiceException;
|
||||
import org.dromara.common.core.utils.ObjectUtils;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.dromara.common.core.utils.sql.SqlUtil;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.machinery.domain.BusMachinery;
|
||||
import org.dromara.machinery.domain.req.machinery.MachineryCreateReq;
|
||||
import org.dromara.machinery.domain.req.machinery.MachineryQueryReq;
|
||||
@ -142,6 +143,9 @@ public class BusMachineryServiceImpl extends ServiceImpl<BusMachineryMapper, Bus
|
||||
if (StrUtil.isBlank(machineryName)) {
|
||||
throw new ServiceException("机械名称不能为空", HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
// 判断用户是否对项目下的内容有操作权限
|
||||
Long userId = LoginHelper.getUserId();
|
||||
projectService.validAuth(projectId, userId);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -45,8 +45,8 @@ public class BusCompanyController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("materials:company:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusCompanyVo> list(CompanyQueryReq req) {
|
||||
return busCompanyService.queryPageList(req);
|
||||
public R<Page<BusCompanyVo>> list(CompanyQueryReq req) {
|
||||
return R.ok(busCompanyService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -43,8 +43,8 @@ public class BusMaterialsController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("materials:materials:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusMaterialsVo> list(MaterialsQueryReq req) {
|
||||
return busMaterialsService.queryPageList(req);
|
||||
public R<Page<BusMaterialsVo>> list(MaterialsQueryReq req) {
|
||||
return R.ok(busMaterialsService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -43,8 +43,8 @@ public class BusMaterialsInventoryController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("materials:materialsInventory:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusMaterialsInventoryVo> list(MaterialsInventoryQueryReq req) {
|
||||
return busMaterialsInventoryService.queryPageList(req);
|
||||
public R<Page<BusMaterialsInventoryVo>> list(MaterialsInventoryQueryReq req) {
|
||||
return R.ok(busMaterialsInventoryService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -43,8 +43,8 @@ public class BusConstructionUserController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("project:constructionUser:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusConstructionUserVo> list(ConstructionUserQueryReq req) {
|
||||
return busConstructionUserService.queryPageList(req);
|
||||
public R<Page<BusConstructionUserVo>> list(ConstructionUserQueryReq req) {
|
||||
return R.ok(busConstructionUserService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -43,8 +43,8 @@ public class BusContractorController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("project:contractor:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusContractorVo> list(ContractorQueryReq req) {
|
||||
return busContractorService.queryPageList(req);
|
||||
public R<Page<BusContractorVo>> list(ContractorQueryReq req) {
|
||||
return R.ok(busContractorService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -45,8 +45,8 @@ public class BusProjectController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("project:project:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusProjectVo> list(ProjectQueryReq req) {
|
||||
return projectService.queryPageList(req);
|
||||
public R<Page<BusProjectVo>> list(ProjectQueryReq req) {
|
||||
return R.ok(projectService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -43,8 +43,8 @@ public class BusProjectTeamController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("project:projectTeam:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusProjectTeamVo> list(ProjectTeamQueryReq req) {
|
||||
return busProjectTeamService.queryPageList(req);
|
||||
public R<Page<BusProjectTeamVo>> list(ProjectTeamQueryReq req) {
|
||||
return R.ok(busProjectTeamService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -43,8 +43,8 @@ public class BusProjectTeamMemberController extends BaseController {
|
||||
*/
|
||||
@SaCheckPermission("project:projectTeamMember:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusProjectTeamMemberVo> list(ProjectTeamMemberQueryReq req) {
|
||||
return busProjectTeamMemberService.queryPageList(req);
|
||||
public R<Page<BusProjectTeamMemberVo>> list(ProjectTeamMemberQueryReq req) {
|
||||
return R.ok(busProjectTeamMemberService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -50,8 +50,8 @@ public class BusUserProjectRelevancyController extends BaseController {
|
||||
@Tag(name = "查询用户与项目关联列表")
|
||||
@SaCheckPermission("project:projectRelevancy:list")
|
||||
@GetMapping("/list")
|
||||
public Page<BusUserProjectRelevancyVo> list(UserProjectRelevancyQueryReq req) {
|
||||
return userProjectRelevancyService.queryPageList(req);
|
||||
public R<Page<BusUserProjectRelevancyVo>> list(UserProjectRelevancyQueryReq req) {
|
||||
return R.ok(userProjectRelevancyService.queryPageList(req));
|
||||
}
|
||||
|
||||
/**
|
||||
@ -97,7 +97,7 @@ public class BusUserProjectRelevancyController extends BaseController {
|
||||
@SaCheckPermission("project:projectRelevancy:query")
|
||||
@GetMapping("/{id}")
|
||||
public R<BusUserProjectRelevancyVo> getInfo(@NotNull(message = "主键不能为空")
|
||||
@PathVariable Long id) {
|
||||
@PathVariable Long id) {
|
||||
return R.ok(userProjectRelevancyService.queryById(id));
|
||||
}
|
||||
|
||||
|
||||
@ -93,4 +93,12 @@ public interface IBusProjectService extends IService<BusProject> {
|
||||
*/
|
||||
Page<BusProjectVo> getVoPage(Page<BusProject> projectPage);
|
||||
|
||||
/**
|
||||
* 校验用户是否拥有操作项目的权限
|
||||
*
|
||||
* @param projectId 项目id
|
||||
* @param userId 需要鉴权的用户id
|
||||
*/
|
||||
void validAuth(Long projectId, Long userId);
|
||||
|
||||
}
|
||||
|
||||
@ -273,4 +273,20 @@ public class BusProjectServiceImpl extends ServiceImpl<BusProjectMapper, BusProj
|
||||
return projectVoPage;
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验用户是否拥有操作项目的权限
|
||||
*
|
||||
* @param projectId 项目对象
|
||||
* @param userId 需要鉴权的用户id
|
||||
*/
|
||||
@Override
|
||||
public void validAuth(Long projectId, Long userId) {
|
||||
QueryWrapper<BusUserProjectRelevancy> queryWrapper = new QueryWrapper<>();
|
||||
queryWrapper.eq("project_id", projectId);
|
||||
queryWrapper.eq("user_id", userId);
|
||||
if (userProjectRelevancyService.count(queryWrapper) <= 0) {
|
||||
throw new ServiceException("当前用户无权限操作", HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -13,14 +13,15 @@ import org.dromara.common.core.exception.ServiceException;
|
||||
import org.dromara.common.core.utils.ObjectUtils;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.dromara.common.core.utils.sql.SqlUtil;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.project.domain.BusProjectTeam;
|
||||
import org.dromara.project.domain.req.projectteam.ProjectTeamCreateReq;
|
||||
import org.dromara.project.domain.req.projectteam.ProjectTeamQueryReq;
|
||||
import org.dromara.project.domain.req.projectteam.ProjectTeamUpdateReq;
|
||||
import org.dromara.project.domain.vo.BusProjectTeamVo;
|
||||
import org.dromara.project.mapper.BusProjectTeamMapper;
|
||||
import org.dromara.project.service.IBusProjectTeamService;
|
||||
import org.dromara.project.service.IBusProjectService;
|
||||
import org.dromara.project.service.IBusProjectTeamService;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
@ -100,7 +101,7 @@ public class BusProjectTeamServiceImpl extends ServiceImpl<BusProjectTeamMapper,
|
||||
// 操作数据库
|
||||
boolean save = this.save(projectTeam);
|
||||
if (!save) {
|
||||
throw new ServiceException("新增施工人员失败,数据库异常", HttpStatus.ERROR);
|
||||
throw new ServiceException("新增项目班组失败,数据库异常", HttpStatus.ERROR);
|
||||
}
|
||||
return projectTeam.getId();
|
||||
}
|
||||
@ -148,6 +149,9 @@ public class BusProjectTeamServiceImpl extends ServiceImpl<BusProjectTeamMapper,
|
||||
if (projectService.getById(projectId) == null) {
|
||||
throw new ServiceException("对应项目不存在", HttpStatus.NOT_FOUND);
|
||||
}
|
||||
// 判断用户是否对项目下的内容有操作权限
|
||||
Long userId = LoginHelper.getUserId();
|
||||
projectService.validAuth(projectId, userId);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user