From 8bff09fcbc2721887df005f4da68233701ba5efc Mon Sep 17 00:00:00 2001
From: chen-xin-zhi <3588068430@qq.com>
Date: Tue, 1 Apr 2025 13:21:18 +0800
Subject: [PATCH] first
---
.../promotion/aop/AuthInterceptor.java | 152 +++++++++---------
.../promotion/constant/UserConstant.java | 6 +
.../promotion/service/user/UserService.java | 7 +-
.../service/user/impl/UserServiceImpl.java | 31 ++++
4 files changed, 119 insertions(+), 77 deletions(-)
diff --git a/src/main/java/com/greenorange/promotion/aop/AuthInterceptor.java b/src/main/java/com/greenorange/promotion/aop/AuthInterceptor.java
index 0324391..f0023ad 100644
--- a/src/main/java/com/greenorange/promotion/aop/AuthInterceptor.java
+++ b/src/main/java/com/greenorange/promotion/aop/AuthInterceptor.java
@@ -1,75 +1,77 @@
-//package com.greenorange.promotion.aop;
-//
-//
-//import com.greenorange.promotion.annotation.AuthCheck;
-//import com.greenorange.promotion.common.ErrorCode;
-//import com.greenorange.promotion.constant.UserConstant;
-//import com.greenorange.promotion.exception.BusinessException;
-//import com.greenorange.promotion.model.enums.UserRoleEnum;
-//import jakarta.annotation.Resource;
-//import jakarta.servlet.http.HttpServletRequest;
-//import org.apache.commons.lang3.StringUtils;
-//import org.aspectj.lang.ProceedingJoinPoint;
-//import org.aspectj.lang.annotation.Around;
-//import org.aspectj.lang.annotation.Aspect;
-//import org.springframework.stereotype.Component;
-//import org.springframework.web.context.request.RequestAttributes;
-//import org.springframework.web.context.request.RequestContextHolder;
-//import org.springframework.web.context.request.ServletRequestAttributes;
-//
-///**
-// * 权限校验AOP
-// */
-//@Aspect
-//@Component
-//public class AuthInterceptor {
-//
-// @Resource
-// private UserService userService;
-//
-// /**
-// * 执行拦截
-// */
-// @Around("@annotation(authCheck)")
-// public Object doInterceptor(ProceedingJoinPoint joinPoint, AuthCheck authCheck) throws Throwable {
-// // 接口的权限
-// String mustRole = authCheck.mustRole();
-// RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
-// HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
-// //当前登录用户
-// User loginUser = userService.getLoginUser(request);
-// //必须有该权限才通过
-// if (StringUtils.isNotBlank(mustRole)) {
-// //mustUserRoleEnum是接口权限
-// UserRoleEnum mustUserRoleEnum = UserRoleEnum.getEnumByValues(mustRole);
-// if(mustUserRoleEnum == null) {
-// throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
-// }
-// //用户权限
-// String userRole = loginUser.getUserRole();
-// //根据用户角色获取封装后的枚举类对象
-// UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValues(userRole);
-//
-// //如果被封号,直接拒绝
-// if (UserRoleEnum.BAN.equals(userRoleEnum)) {
-// throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
-// }
-//
-// //如果接口需要Boss权限,则需要判断用户是否是boss管理员
-// if (UserRoleEnum.BOSS.equals(mustUserRoleEnum)) {
-// if (!mustRole.equals(userRole)) {
-// throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
-// }
-// }
-// //如果接口需要管理员权限,则需要判断用户是否是boss或者admin管理员
-// if (UserRoleEnum.ADMIN.equals(mustUserRoleEnum)) {
-// if (!mustRole.equals(userRole) && !userRole.equals(UserConstant.BOSS_ROLE)) {
-// throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
-// }
-// }
-// }
-// //通过权限校验,放行
-// return joinPoint.proceed();
-// }
-//
-//}
+package com.greenorange.promotion.aop;
+
+
+import com.greenorange.promotion.annotation.AuthCheck;
+import com.greenorange.promotion.common.ErrorCode;
+import com.greenorange.promotion.constant.UserConstant;
+import com.greenorange.promotion.exception.BusinessException;
+import com.greenorange.promotion.model.entity.User;
+import com.greenorange.promotion.model.enums.UserRoleEnum;
+import com.greenorange.promotion.service.user.UserService;
+import jakarta.annotation.Resource;
+import jakarta.servlet.http.HttpServletRequest;
+import org.apache.commons.lang3.StringUtils;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+/**
+ * 权限校验AOP
+ */
+@Aspect
+@Component
+public class AuthInterceptor {
+
+ @Resource
+ private UserService userService;
+
+ /**
+ * 执行拦截
+ */
+ @Around("@annotation(authCheck)")
+ public Object doInterceptor(ProceedingJoinPoint joinPoint, AuthCheck authCheck) throws Throwable {
+ // 接口的权限
+ String mustRole = authCheck.mustRole();
+ RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
+ HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
+ //当前登录用户
+ User loginUser = userService.getLoginUser(request);
+ //必须有该权限才通过
+ if (StringUtils.isNotBlank(mustRole)) {
+ //mustUserRoleEnum是接口权限
+ UserRoleEnum mustUserRoleEnum = UserRoleEnum.getEnumByValues(mustRole);
+ if(mustUserRoleEnum == null) {
+ throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
+ }
+ //用户权限
+ String userRole = loginUser.getUserRole();
+ //根据用户角色获取封装后的枚举类对象
+ UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValues(userRole);
+
+ //如果被封号,直接拒绝
+ if (UserRoleEnum.BAN.equals(userRoleEnum)) {
+ throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
+ }
+
+ //如果接口需要Boss权限,则需要判断用户是否是boss管理员
+ if (UserRoleEnum.BOSS.equals(mustUserRoleEnum)) {
+ if (!mustRole.equals(userRole)) {
+ throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
+ }
+ }
+ //如果接口需要管理员权限,则需要判断用户是否是boss或者admin管理员
+ if (UserRoleEnum.ADMIN.equals(mustUserRoleEnum)) {
+ if (!mustRole.equals(userRole) && !userRole.equals(UserConstant.BOSS_ROLE)) {
+ throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
+ }
+ }
+ }
+ //通过权限校验,放行
+ return joinPoint.proceed();
+ }
+
+}
diff --git a/src/main/java/com/greenorange/promotion/constant/UserConstant.java b/src/main/java/com/greenorange/promotion/constant/UserConstant.java
index 881ebb0..0cfc258 100644
--- a/src/main/java/com/greenorange/promotion/constant/UserConstant.java
+++ b/src/main/java/com/greenorange/promotion/constant/UserConstant.java
@@ -17,6 +17,12 @@ public interface UserConstant {
String USER_DEFAULT_AVATAR = "";
+ /**
+ * 用户登录键
+ */
+ String USER_LOGIN_STATE = "qingcheng";
+
+
/**
* 默认角色
*/
diff --git a/src/main/java/com/greenorange/promotion/service/user/UserService.java b/src/main/java/com/greenorange/promotion/service/user/UserService.java
index 6d275fe..737caf6 100644
--- a/src/main/java/com/greenorange/promotion/service/user/UserService.java
+++ b/src/main/java/com/greenorange/promotion/service/user/UserService.java
@@ -10,6 +10,7 @@ import com.greenorange.promotion.model.dto.user.UserUpdateRequest;
import com.greenorange.promotion.model.entity.User;
import com.baomidou.mybatisplus.extension.service.IService;
import com.greenorange.promotion.model.vo.user.UserVO;
+import jakarta.servlet.http.HttpServletRequest;
import java.util.List;
@@ -63,6 +64,8 @@ public interface UserService extends IService<User> {
boolean delBatchUser(CommonBatchRequest commonBatchRequest);
-
-
+ /**
+ * 校验用户是否登录
+ */
+ User getLoginUser(HttpServletRequest request);
}
diff --git a/src/main/java/com/greenorange/promotion/service/user/impl/UserServiceImpl.java b/src/main/java/com/greenorange/promotion/service/user/impl/UserServiceImpl.java
index 8998e1d..410e609 100644
--- a/src/main/java/com/greenorange/promotion/service/user/impl/UserServiceImpl.java
+++ b/src/main/java/com/greenorange/promotion/service/user/impl/UserServiceImpl.java
@@ -15,17 +15,22 @@ import com.greenorange.promotion.model.dto.user.UserAddRequest;
import com.greenorange.promotion.model.dto.user.UserQueryRequest;
import com.greenorange.promotion.model.dto.user.UserUpdateRequest;
import com.greenorange.promotion.model.entity.User;
+import com.greenorange.promotion.model.enums.UserRoleEnum;
import com.greenorange.promotion.model.vo.user.UserVO;
import com.greenorange.promotion.service.common.CommonService;
import com.greenorange.promotion.service.user.UserService;
import com.greenorange.promotion.mapper.UserMapper;
import com.greenorange.promotion.utils.SqlUtils;
import jakarta.annotation.Resource;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;
import java.util.List;
+import static com.greenorange.promotion.constant.UserConstant.USER_LOGIN_STATE;
+
/**
* @author 35880
* @description 针对表【user(用户表)】的数据库操作Service实现
@@ -149,6 +154,32 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
ThrowUtils.throwIf(!result, ErrorCode.OPERATION_ERROR, "用户批量删除失败");
return true;
}
+
+
+ /**
+ * 获取当前登录用户
+ */
+ @Override
+ public User getLoginUser(HttpServletRequest request) {
+ HttpSession session = request.getSession();
+ Object userObj = session.getAttribute(USER_LOGIN_STATE);
+ User currentUser = (User) userObj;
+ if (currentUser == null || currentUser.getId() == null) {
+ throw new BusinessException(ErrorCode.NOT_LOGIN_ERROR);
+ }
+ //根据id进行查询
+ Long userId = currentUser.getId();
+ currentUser = this.getById(userId);
+ if (currentUser == null) {
+ throw new BusinessException(ErrorCode.NOT_LOGIN_ERROR);
+ }
+ //被封号
+ if (UserRoleEnum.BAN.getValue().equals(currentUser.getUserRole())) {
+ throw new BusinessException(ErrorCode.FORBIDDEN_ERROR);
+ }
+ return currentUser;
+ }
+
}