From db5c643c01b5e997a95210fc349f2c172c249a6e Mon Sep 17 00:00:00 2001 From: daihh Date: Fri, 24 Feb 2023 12:20:34 +0800 Subject: [PATCH] =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E7=AE=A1=E7=90=86=EF=BC=8C?= =?UTF-8?q?=E8=AF=BE=E4=BB=B6=E7=AE=A1=E7=90=86=EF=BC=8C/org/manageOrgIds?= =?UTF-8?q?=20=E5=A2=9E=E5=8A=A0isSystemAdmin?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../data/outside/IOutSideDataService.java | 3 ++- .../data/outside/OutSideDataServiceImpl.java | 16 +++++++++++--- .../xboe/module/course/api/CourseFileApi.java | 22 ++++++++++++++----- .../module/course/api/CourseManageApi.java | 16 ++++++++++++-- .../module/course/dto/CourseQueryDto.java | 5 +++++ .../com/xboe/school/api/PortalLoginApi.java | 2 -- 6 files changed, 50 insertions(+), 14 deletions(-) diff --git a/servers/boe-server-all/src/main/java/com/xboe/data/outside/IOutSideDataService.java b/servers/boe-server-all/src/main/java/com/xboe/data/outside/IOutSideDataService.java index 7969da45..b1971f81 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/data/outside/IOutSideDataService.java +++ b/servers/boe-server-all/src/main/java/com/xboe/data/outside/IOutSideDataService.java @@ -4,6 +4,7 @@ import java.util.List; import com.xboe.data.dto.AudienceUser; import com.xboe.data.dto.UserData; +import com.xboe.data.dto.UserOrgIds; public interface IOutSideDataService { @@ -22,6 +23,6 @@ public interface IOutSideDataService { /** * 获取用户有权限的机构id * */ - List getOrgIds(); + UserOrgIds getOrgIds(); } diff --git a/servers/boe-server-all/src/main/java/com/xboe/data/outside/OutSideDataServiceImpl.java b/servers/boe-server-all/src/main/java/com/xboe/data/outside/OutSideDataServiceImpl.java index 561bf800..a9cf8f03 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/data/outside/OutSideDataServiceImpl.java +++ b/servers/boe-server-all/src/main/java/com/xboe/data/outside/OutSideDataServiceImpl.java @@ -15,6 +15,7 @@ import com.xboe.core.api.TokenProxy; import com.xboe.core.utils.OkHttpUtil; import com.xboe.data.dto.AudienceUser; import com.xboe.data.dto.UserData; +import com.xboe.data.dto.UserOrgIds; import lombok.extern.slf4j.Slf4j; @@ -162,8 +163,10 @@ public class OutSideDataServiceImpl implements IOutSideDataService { } @Override - public List getOrgIds() { + public UserOrgIds getOrgIds() { + UserOrgIds uids=new UserOrgIds(); List orgIds = new ArrayList<>(); + uids.setIds(orgIds); String token = TokenProxy.getToken(request); String type="application/json"; String[] headers=new String[] {"token",token,"Content-Type",type}; @@ -178,7 +181,14 @@ public class OutSideDataServiceImpl implements IOutSideDataService { log.error("获取当前用户拥有权限机构id错误:"+responseStr); return null; } - + //对权限进行检查 + if(rootNode.has("permissions")) { + JsonNode isAdminNode = rootNode.get("permissions").get("isSystemAdmin"); + if(isAdminNode!=null) { + uids.getPermissions().put(UserOrgIds.IsSystemAdminKey, isAdminNode.asBoolean()); + } + } + if(rootNode.get("result")!=null & rootNode.get("result").isArray()) { JsonNode result = rootNode.get("result"); Iterator elements = result.elements(); @@ -189,7 +199,7 @@ public class OutSideDataServiceImpl implements IOutSideDataService { }catch (Exception e){ log.error("获取当前用户有权限的机构id错误",e); } - return orgIds; + return uids; } diff --git a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java index 0f99924e..fc2787c4 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java +++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseFileApi.java @@ -37,6 +37,7 @@ import com.xboe.core.orm.FieldFilters; import com.xboe.core.orm.IFieldFilter; import com.xboe.core.orm.LikeMatchMode; import com.xboe.core.upload.XFileUploader; +import com.xboe.data.dto.UserOrgIds; import com.xboe.data.outside.IOutSideDataService; import com.xboe.module.course.entity.CourseFile; import com.xboe.module.course.service.ICourseFileService; @@ -106,14 +107,23 @@ public class CourseFileApi extends ApiBaseController { } //增加权限的过滤,只要看到自己或有权限的机构的 if(TempFilterConfig.Manager_CourseFile_ByOrgIds) { - List orgIds = outSideDataService.getOrgIds(); + UserOrgIds userOrgIds=outSideDataService.getOrgIds(); + List orgIds = userOrgIds.getIds(); String aid=getCurrent().getAccountId(); - if(!orgIds.isEmpty()){ - //filters.add(FieldFilters.in("orgId", orgIds)); - filters.add(FieldFilters.or(FieldFilters.eq("sysCreateAid", aid),FieldFilters.in("orgId", orgIds))); - }else { - filters.add(FieldFilters.eq("sysCreateAid", aid)); + //如果是超级管理员,就不按机构过滤了 + boolean isSystemAdmin=false; + if(userOrgIds.getPermissions().containsKey(UserOrgIds.IsSystemAdminKey)) { + isSystemAdmin=userOrgIds.getPermissions().get(UserOrgIds.IsSystemAdminKey); } + if(!isSystemAdmin) { + if(!orgIds.isEmpty()){ + //filters.add(FieldFilters.in("orgId", orgIds)); + filters.add(FieldFilters.or(FieldFilters.eq("sysCreateAid", aid),FieldFilters.in("orgId", orgIds))); + }else { + filters.add(FieldFilters.eq("sysCreateAid", aid)); + } + } + } //默认是查询自己的课件。 diff --git a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseManageApi.java b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseManageApi.java index d8670126..2c3c3b14 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseManageApi.java +++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseManageApi.java @@ -26,6 +26,7 @@ import com.xboe.core.CurrentUser; import com.xboe.core.JsonResponse; import com.xboe.core.api.ApiBaseController; import com.xboe.core.log.AutoLog; +import com.xboe.data.dto.UserOrgIds; import com.xboe.data.outside.IOutSideDataService; import com.xboe.externalinterface.system.service.IFwUserService; import com.xboe.module.assistance.service.IEmailService; @@ -112,9 +113,20 @@ public class CourseManageApi extends ApiBaseController{ public JsonResponse> findPage(Pagination pager,CourseQueryDto dto){ //增加权限的过滤,只要看到自己或有权限的机构的 + //getCurrent().get try { - List orgIds = outSideDataService.getOrgIds(); - String ids= StringUtils.join(orgIds,","); + UserOrgIds userOrgIds=outSideDataService.getOrgIds(); + List orgIds = userOrgIds.getIds(); + if(userOrgIds.getPermissions().containsKey(UserOrgIds.IsSystemAdminKey)) { + dto.setIsSystemAdmin(userOrgIds.getPermissions().get(UserOrgIds.IsSystemAdminKey)); + }else { + dto.setIsSystemAdmin(false); + } + String ids=""; + if(userOrgIds.getIds()!=null && !userOrgIds.getIds().isEmpty()) + { + ids= StringUtils.join(orgIds,","); + } //log.info("获取到的用户的组织机构权限ids",ids); String aid=getCurrent().getAccountId(); //如果前端查询当前人的,这里去掉 diff --git a/servers/boe-server-all/src/main/java/com/xboe/module/course/dto/CourseQueryDto.java b/servers/boe-server-all/src/main/java/com/xboe/module/course/dto/CourseQueryDto.java index 70019290..8c6cfd29 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/module/course/dto/CourseQueryDto.java +++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/dto/CourseQueryDto.java @@ -104,4 +104,9 @@ public class CourseQueryDto { /**用户权限的查询*/ private String orgAid; + + /** + * 是否是超级管理员 + */ + private Boolean isSystemAdmin; } diff --git a/servers/boe-server-all/src/main/java/com/xboe/school/api/PortalLoginApi.java b/servers/boe-server-all/src/main/java/com/xboe/school/api/PortalLoginApi.java index 09de3763..edd7a025 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/school/api/PortalLoginApi.java +++ b/servers/boe-server-all/src/main/java/com/xboe/school/api/PortalLoginApi.java @@ -10,7 +10,6 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.web.bind.annotation.GetMapping; @@ -38,7 +37,6 @@ import com.xboe.system.logs.entity.SysLogLogin; import com.xboe.system.logs.service.ISysLogLoginService; import com.xboe.system.user.entity.User; import com.xboe.system.user.service.IUserService; -import com.xboe.system.user.vo.UserVo; import lombok.extern.slf4j.Slf4j;