mirror of
https://codeup.aliyun.com/67762337eccfc218f6110e0e/per-boe/java-servers.git
synced 2025-12-12 04:16:51 +08:00
课程管理,课件管理,/org/manageOrgIds 增加isSystemAdmin
This commit is contained in:
daihh
@@ -4,6 +4,7 @@ import java.util.List;
|
|||||||
|
|
||||||
import com.xboe.data.dto.AudienceUser;
|
import com.xboe.data.dto.AudienceUser;
|
||||||
import com.xboe.data.dto.UserData;
|
import com.xboe.data.dto.UserData;
|
||||||
|
import com.xboe.data.dto.UserOrgIds;
|
||||||
|
|
||||||
public interface IOutSideDataService {
|
public interface IOutSideDataService {
|
||||||
|
|
||||||
@@ -22,6 +23,6 @@ public interface IOutSideDataService {
|
|||||||
/**
|
/**
|
||||||
* 获取用户有权限的机构id
|
* 获取用户有权限的机构id
|
||||||
* */
|
* */
|
||||||
List<String> getOrgIds();
|
UserOrgIds getOrgIds();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ import com.xboe.core.api.TokenProxy;
|
|||||||
import com.xboe.core.utils.OkHttpUtil;
|
import com.xboe.core.utils.OkHttpUtil;
|
||||||
import com.xboe.data.dto.AudienceUser;
|
import com.xboe.data.dto.AudienceUser;
|
||||||
import com.xboe.data.dto.UserData;
|
import com.xboe.data.dto.UserData;
|
||||||
|
import com.xboe.data.dto.UserOrgIds;
|
||||||
|
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
|
||||||
@@ -162,8 +163,10 @@ public class OutSideDataServiceImpl implements IOutSideDataService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<String> getOrgIds() {
|
public UserOrgIds getOrgIds() {
|
||||||
|
UserOrgIds uids=new UserOrgIds();
|
||||||
List<String> orgIds = new ArrayList<>();
|
List<String> orgIds = new ArrayList<>();
|
||||||
|
uids.setIds(orgIds);
|
||||||
String token = TokenProxy.getToken(request);
|
String token = TokenProxy.getToken(request);
|
||||||
String type="application/json";
|
String type="application/json";
|
||||||
String[] headers=new String[] {"token",token,"Content-Type",type};
|
String[] headers=new String[] {"token",token,"Content-Type",type};
|
||||||
@@ -178,7 +181,14 @@ public class OutSideDataServiceImpl implements IOutSideDataService {
|
|||||||
log.error("获取当前用户拥有权限机构id错误:"+responseStr);
|
log.error("获取当前用户拥有权限机构id错误:"+responseStr);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
//对权限进行检查
|
||||||
|
if(rootNode.has("permissions")) {
|
||||||
|
JsonNode isAdminNode = rootNode.get("permissions").get("isSystemAdmin");
|
||||||
|
if(isAdminNode!=null) {
|
||||||
|
uids.getPermissions().put(UserOrgIds.IsSystemAdminKey, isAdminNode.asBoolean());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if(rootNode.get("result")!=null & rootNode.get("result").isArray()) {
|
if(rootNode.get("result")!=null & rootNode.get("result").isArray()) {
|
||||||
JsonNode result = rootNode.get("result");
|
JsonNode result = rootNode.get("result");
|
||||||
Iterator<JsonNode> elements = result.elements();
|
Iterator<JsonNode> elements = result.elements();
|
||||||
@@ -189,7 +199,7 @@ public class OutSideDataServiceImpl implements IOutSideDataService {
|
|||||||
}catch (Exception e){
|
}catch (Exception e){
|
||||||
log.error("获取当前用户有权限的机构id错误",e);
|
log.error("获取当前用户有权限的机构id错误",e);
|
||||||
}
|
}
|
||||||
return orgIds;
|
return uids;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -37,6 +37,7 @@ import com.xboe.core.orm.FieldFilters;
|
|||||||
import com.xboe.core.orm.IFieldFilter;
|
import com.xboe.core.orm.IFieldFilter;
|
||||||
import com.xboe.core.orm.LikeMatchMode;
|
import com.xboe.core.orm.LikeMatchMode;
|
||||||
import com.xboe.core.upload.XFileUploader;
|
import com.xboe.core.upload.XFileUploader;
|
||||||
|
import com.xboe.data.dto.UserOrgIds;
|
||||||
import com.xboe.data.outside.IOutSideDataService;
|
import com.xboe.data.outside.IOutSideDataService;
|
||||||
import com.xboe.module.course.entity.CourseFile;
|
import com.xboe.module.course.entity.CourseFile;
|
||||||
import com.xboe.module.course.service.ICourseFileService;
|
import com.xboe.module.course.service.ICourseFileService;
|
||||||
@@ -106,14 +107,23 @@ public class CourseFileApi extends ApiBaseController {
|
|||||||
}
|
}
|
||||||
//增加权限的过滤,只要看到自己或有权限的机构的
|
//增加权限的过滤,只要看到自己或有权限的机构的
|
||||||
if(TempFilterConfig.Manager_CourseFile_ByOrgIds) {
|
if(TempFilterConfig.Manager_CourseFile_ByOrgIds) {
|
||||||
List<String> orgIds = outSideDataService.getOrgIds();
|
UserOrgIds userOrgIds=outSideDataService.getOrgIds();
|
||||||
|
List<String> orgIds = userOrgIds.getIds();
|
||||||
String aid=getCurrent().getAccountId();
|
String aid=getCurrent().getAccountId();
|
||||||
if(!orgIds.isEmpty()){
|
//如果是超级管理员,就不按机构过滤了
|
||||||
//filters.add(FieldFilters.in("orgId", orgIds));
|
boolean isSystemAdmin=false;
|
||||||
filters.add(FieldFilters.or(FieldFilters.eq("sysCreateAid", aid),FieldFilters.in("orgId", orgIds)));
|
if(userOrgIds.getPermissions().containsKey(UserOrgIds.IsSystemAdminKey)) {
|
||||||
}else {
|
isSystemAdmin=userOrgIds.getPermissions().get(UserOrgIds.IsSystemAdminKey);
|
||||||
filters.add(FieldFilters.eq("sysCreateAid", aid));
|
|
||||||
}
|
}
|
||||||
|
if(!isSystemAdmin) {
|
||||||
|
if(!orgIds.isEmpty()){
|
||||||
|
//filters.add(FieldFilters.in("orgId", orgIds));
|
||||||
|
filters.add(FieldFilters.or(FieldFilters.eq("sysCreateAid", aid),FieldFilters.in("orgId", orgIds)));
|
||||||
|
}else {
|
||||||
|
filters.add(FieldFilters.eq("sysCreateAid", aid));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
//默认是查询自己的课件。
|
//默认是查询自己的课件。
|
||||||
|
|||||||
@@ -26,6 +26,7 @@ import com.xboe.core.CurrentUser;
|
|||||||
import com.xboe.core.JsonResponse;
|
import com.xboe.core.JsonResponse;
|
||||||
import com.xboe.core.api.ApiBaseController;
|
import com.xboe.core.api.ApiBaseController;
|
||||||
import com.xboe.core.log.AutoLog;
|
import com.xboe.core.log.AutoLog;
|
||||||
|
import com.xboe.data.dto.UserOrgIds;
|
||||||
import com.xboe.data.outside.IOutSideDataService;
|
import com.xboe.data.outside.IOutSideDataService;
|
||||||
import com.xboe.externalinterface.system.service.IFwUserService;
|
import com.xboe.externalinterface.system.service.IFwUserService;
|
||||||
import com.xboe.module.assistance.service.IEmailService;
|
import com.xboe.module.assistance.service.IEmailService;
|
||||||
@@ -112,9 +113,20 @@ public class CourseManageApi extends ApiBaseController{
|
|||||||
public JsonResponse<PageList<Course>> findPage(Pagination pager,CourseQueryDto dto){
|
public JsonResponse<PageList<Course>> findPage(Pagination pager,CourseQueryDto dto){
|
||||||
|
|
||||||
//增加权限的过滤,只要看到自己或有权限的机构的
|
//增加权限的过滤,只要看到自己或有权限的机构的
|
||||||
|
//getCurrent().get
|
||||||
try {
|
try {
|
||||||
List<String> orgIds = outSideDataService.getOrgIds();
|
UserOrgIds userOrgIds=outSideDataService.getOrgIds();
|
||||||
String ids= StringUtils.join(orgIds,",");
|
List<String> orgIds = userOrgIds.getIds();
|
||||||
|
if(userOrgIds.getPermissions().containsKey(UserOrgIds.IsSystemAdminKey)) {
|
||||||
|
dto.setIsSystemAdmin(userOrgIds.getPermissions().get(UserOrgIds.IsSystemAdminKey));
|
||||||
|
}else {
|
||||||
|
dto.setIsSystemAdmin(false);
|
||||||
|
}
|
||||||
|
String ids="";
|
||||||
|
if(userOrgIds.getIds()!=null && !userOrgIds.getIds().isEmpty())
|
||||||
|
{
|
||||||
|
ids= StringUtils.join(orgIds,",");
|
||||||
|
}
|
||||||
//log.info("获取到的用户的组织机构权限ids",ids);
|
//log.info("获取到的用户的组织机构权限ids",ids);
|
||||||
String aid=getCurrent().getAccountId();
|
String aid=getCurrent().getAccountId();
|
||||||
//如果前端查询当前人的,这里去掉
|
//如果前端查询当前人的,这里去掉
|
||||||
|
|||||||
@@ -104,4 +104,9 @@ public class CourseQueryDto {
|
|||||||
|
|
||||||
/**用户权限的查询*/
|
/**用户权限的查询*/
|
||||||
private String orgAid;
|
private String orgAid;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 是否是超级管理员
|
||||||
|
*/
|
||||||
|
private Boolean isSystemAdmin;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -10,7 +10,6 @@ import javax.servlet.http.Cookie;
|
|||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
import org.apache.commons.lang3.StringUtils;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.data.redis.core.StringRedisTemplate;
|
import org.springframework.data.redis.core.StringRedisTemplate;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
@@ -38,7 +37,6 @@ import com.xboe.system.logs.entity.SysLogLogin;
|
|||||||
import com.xboe.system.logs.service.ISysLogLoginService;
|
import com.xboe.system.logs.service.ISysLogLoginService;
|
||||||
import com.xboe.system.user.entity.User;
|
import com.xboe.system.user.entity.User;
|
||||||
import com.xboe.system.user.service.IUserService;
|
import com.xboe.system.user.service.IUserService;
|
||||||
import com.xboe.system.user.vo.UserVo;
|
|
||||||
|
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user