2022-9-2 19:05:00 修改高亮关键字功能的权限 totalApi的权限做调整

PAS/src/main/java/cn/cslg/pas/common/utils/auth/AuthAop.java

@@ -33,9 +33,10 @@ public class AuthAop {
     @Value("${authorUrl}")
     private String url;
     @Autowired
-    private CacheUtils cacheUtils ;
+    private CacheUtils cacheUtils;
     @Autowired
-    private LoginUtils loginUtils ;
+    private LoginUtils loginUtils;
+
     /**
      * 定义切点
      */
@@ -43,6 +44,7 @@ public class AuthAop {
     public void annotationPointcut() {
 
     }
+
     @Before("annotationPointcut()")
     public void beforePointcut(JoinPoint joinPoint) {
         // 此处进入到方法前  可以实现一些业务逻辑
@@ -52,73 +54,74 @@ public class AuthAop {
 
     @Around("annotationPointcut()")
     public Object doAround(ProceedingJoinPoint joinPoint) throws Throwable {
-        Boolean isPass =true;
+        Boolean isPass = true;
         // 获得注解上的参数值
         MethodSignature ms = (MethodSignature) joinPoint.getSignature();
         Method method = ms.getMethod();
         checkAuth myAnnotation = method.getAnnotation(checkAuth.class);
-       String functionId =myAnnotation.FunId();
+        String functionId = myAnnotation.FunId();
         //RequestContextHolder：持有上下文的Request容器,获取到当前请求的request
         RequestAttributes ra = RequestContextHolder.getRequestAttributes();
         ServletRequestAttributes sra = (ServletRequestAttributes) ra;
         HttpServletRequest httpRequest = sra.getRequest();
-        String tem =httpRequest.getHeader("Cookie");//获得请求里的token
+        String tem = httpRequest.getHeader("Cookie");//获得请求里的token
         Object[] args = joinPoint.getArgs();
         //根据登录人的id以及功能id获得计算逻辑
-        RequestBody requestBody =  new FormBody.Builder()
+        RequestBody requestBody = new FormBody.Builder()
                 .add("loginId", loginUtils.getId().toString())
-                .add("functionId",functionId)
+                .add("functionId", functionId)
                 .build();
         OkHttpClient okHttpClient = new OkHttpClient();
 
         Request request = new Request.Builder()
-                .url(url+"/permission/api/data/queryDataRule")
-                .addHeader("Cookie",tem)
+                .url(url + "/permission/api/data/queryDataRule")
+                .addHeader("Cookie", tem)
                 .post(requestBody)
                 .build();
         String resBody = okHttpClient.newCall(request).execute().body().string();
         JSONArray jsonArray = JSONArray.parseArray(resBody);
-        if(jsonArray.get(0).toString().equals("-1")){
-         return Response.error("没有该功能");
+        if (jsonArray.get(0).toString().equals("-1")) {
+            return Response.error("没有该功能");
         }
         //判断是否含有功能并且是不做限制
-        else if(jsonArray.size()==1&&jsonArray.get(0).equals("0")){
+        else if (jsonArray.size() == 1 && jsonArray.get(0).equals("0")) {
             return joinPoint.proceed();
         }
-       if(jsonArray.size()>0){   // 如果查询结果的size大于0证明有限制逻辑
-           RequestBody reBodySource =  new FormBody.Builder()
-                   .add("tableName", "local")
-                   .build();
-           //处理jsonObject,变为（x==y）&&（z==t）的形式 ,并用js引擎进行boolean判断
-           //建立连接
-           OkHttpClient okHttpClientSou = new OkHttpClient();
-           Request requestSou = new Request.Builder()
-                   .url(url+"/permission/api/data/getDataSource")
-                   .post(reBodySource)
-                   .addHeader("Cookie",LoginUtils.getToken())
-                   .build();
-           //获得请求返回
-           String resSource = okHttpClientSou.newCall(requestSou).execute().body().string();
-
-           JSONArray jsonArray1 = JSON.parseArray(resSource);
-           // 获得字典
-           List<DataSource> dataSources=jsonArray1.toJavaList(DataSource.class);
-           PersonnelVO personnelVO =cacheUtils.getLoginUserPersonnel(loginUtils.getId());
-           String  sqls ="";
-           for(int i=0;i<jsonArray.size();i++){
-               String sql=TreeUtils.reCompute(JSONObject.parseObject(jsonArray.get(i).toString()),args,dataSources,personnelVO);
-               sqls += jsonArray.size()!=i+1 ?  sql+" || ":sql;
-           }
-           //js引擎进行判断
-           ScriptEngineManager manager = new ScriptEngineManager();
-           ScriptEngine engine = manager.getEngineByName("javascript");//根据名字获得引擎
-           Object result = engine.eval(sqls);//进行判断
-            isPass =(Boolean) result;
-       }
+        if (jsonArray.size() > 0) {   // 如果查询结果的size大于0证明有限制逻辑
+            RequestBody reBodySource = new FormBody.Builder()
+                    .add("tableName", "local")
+                    .build();
+            //处理jsonObject,变为（x==y）&&（z==t）的形式 ,并用js引擎进行boolean判断
+            //建立连接
+            OkHttpClient okHttpClientSou = new OkHttpClient();
+            Request requestSou = new Request.Builder()
+                    .url(url + "/permission/api/data/getDataSource")
+                    .post(reBodySource)
+                    .addHeader("Cookie", LoginUtils.getToken())
+                    .build();
+            //获得请求返回
+            String resSource = okHttpClientSou.newCall(requestSou).execute().body().string();
+
+            JSONArray jsonArray1 = JSON.parseArray(resSource);
+            // 获得字典
+            List<DataSource> dataSources = jsonArray1.toJavaList(DataSource.class);
+            PersonnelVO personnelVO = cacheUtils.getLoginUserPersonnel(loginUtils.getId());
+            String sqls = "";
+            for (int i = 0; i < jsonArray.size(); i++) {
+                String sql = TreeUtils.reCompute(JSONObject.parseObject(jsonArray.get(i).toString()), args, dataSources, personnelVO);
+                sqls += jsonArray.size() != i + 1 ? sql + " || " : sql;
+            }
+            //js引擎进行判断
+            ScriptEngineManager manager = new ScriptEngineManager();
+            ScriptEngine engine = manager.getEngineByName("javascript");//根据名字获得引擎
+            Object result = engine.eval(sqls);//进行判断
+            isPass = (Boolean) result;
+        }
 
         //判断不通过通过
-        if(!isPass){
-            return Response.error("没有权限进行该操作"); }
+        if (!isPass) {
+            return Response.error("没有权限进行该操作");
+        }
 
         //判断通过
         return joinPoint.proceed();
@@ -126,6 +129,7 @@ public class AuthAop {
 
     /**
      * 在切入点return内容之后切入内容（可以用来对处理返回值做一些加工处理）
+     *
      * @param joinPoint
      */
     @AfterReturning("annotationPointcut()")

PAS/src/main/java/cn/cslg/pas/controller/PatentKeywordsHighlightController.java

@@ -1,14 +1,12 @@
 package cn.cslg.pas.controller;
 
 
-import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
+import cn.cslg.pas.common.model.vo.PatentKeywordsHighlightVO;
 import cn.cslg.pas.common.utils.Response;
 import cn.cslg.pas.common.utils.SecurityUtils.LoginUtils;
 import cn.cslg.pas.domain.PatentKeywordsHighlight;
-import cn.cslg.pas.common.model.vo.PatentKeywordsHighlightVO;
 import cn.cslg.pas.service.PatentKeywordsHighlightService;
-import cn.dev33.satoken.stp.StpUtil;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
@@ -37,7 +35,6 @@ public class PatentKeywordsHighlightController {
         return Response.success(patentKeywordsHighlightService.getPatentKeywordsHighlight(params));
     }
 
-    @Permission(roles = {1, 2})
     @PostMapping("update")
     @Operation(summary = "更新模板")
     public String update(@RequestBody PatentKeywordsHighlight patentKeywordsHighlight) {
@@ -45,7 +42,6 @@ public class PatentKeywordsHighlightController {
         return Response.success(true);
     }
 
-    @Permission(roles = {1, 2})
     @PostMapping("default")
     @Operation(summary = "创建默认模板")
     public String getDefault(Integer projectId) {
@@ -54,7 +50,6 @@ public class PatentKeywordsHighlightController {
         return Response.success(patentKeywordsHighlight);
     }
 
-    @Permission(roles = {1, 2})
     @PostMapping("delete")
     @Operation(summary = "删除模板")
     public String delete(Integer id) {

PAS/src/main/java/cn/cslg/pas/controller/ProjectController.java

@@ -1,29 +1,24 @@
 package cn.cslg.pas.controller;
 
-import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
-import cn.cslg.pas.common.core.exception.PermissionException;
 import cn.cslg.pas.common.model.PersonnelVO;
-import cn.cslg.pas.common.model.vo.*;
-import cn.cslg.pas.common.utils.*;
+import cn.cslg.pas.common.model.vo.ProjectVO;
+import cn.cslg.pas.common.utils.CacheUtils;
+import cn.cslg.pas.common.utils.Response;
 import cn.cslg.pas.common.utils.SecurityUtils.LoginUtils;
+import cn.cslg.pas.common.utils.StringUtils;
 import cn.cslg.pas.common.utils.auth.checkAuth;
-import cn.cslg.pas.domain.ProjectExport;
-import cn.cslg.pas.domain.User;
 import cn.cslg.pas.domain.Project;
-import cn.cslg.pas.service.*;
-import cn.dev33.satoken.stp.StpUtil;
-import cn.hutool.core.util.IdUtil;
+import cn.cslg.pas.service.ProjectPatentLinkService;
+import cn.cslg.pas.service.ProjectService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
-import okhttp3.Request;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
 import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
 import java.util.List;
 
 /**
@@ -42,7 +37,6 @@ public class ProjectController {
 
     private final ProjectService projectService;
     private final CacheUtils cacheUtils;
-    private final ProjectExportService projectExportService;
     private final ProjectPatentLinkService projectPatentLinkService;
     private final LoginUtils loginUtils;
 
@@ -51,7 +45,6 @@ public class ProjectController {
     @checkAuth(FunId = "/workspace/project/check")
     @Operation(summary = "专题库列表")
     public String getPageList(@RequestBody ProjectVO params) {
-
         return Response.success(projectService.getPageList(params));
     }
 
@@ -60,9 +53,6 @@ public class ProjectController {
     @Operation(summary = "新增专题库")
     public String add(@RequestBody Project project) {
         PersonnelVO user = cacheUtils.getLoginUserPersonnel(loginUtils.getId());
-//        if (user.getUserType().equals(0)) {
-//            throw new PermissionException("用户创建专题库拦截");
-//        }
         return projectService.add(project);
     }
 
@@ -80,7 +70,7 @@ public class ProjectController {
         return projectService.delete(id);
     }
 
-    @checkAuth(FunId = "/project/patent/delete")
+    @checkAuth(FunId = "/workspace/project/delete")
     @PostMapping("/patent/delete")
     @Operation(summary = "删除专题库专利")
     public String deletePatent(Integer projectId, String ids) {
@@ -89,14 +79,12 @@ public class ProjectController {
         return Response.success(true);
     }
 
-    @checkAuth(FunId = "/project/total")
     @GetMapping("total")
     @Operation(summary = "专题库企业应用场景统计数据")
     public String getScenarioAndTypeTotal() {
         return Response.success(projectService.getScenarioAndTypeTotal());
     }
 
-    @checkAuth(FunId = "/project/status/total")
     @GetMapping("/status/total")
     @Operation(summary = "专题库状态统计数据")
     public String getProjectStatusTotal() {