项目明细调整

2025-05-09 11:20:10 +08:00
parent 093c8332e6
commit a607eff4d8
12 changed files with 86 additions and 109 deletions
--- a/src/main/java/com/greenorange/promotion/aop/PermissionCheck.java
+++ b/src/main/java/com/greenorange/promotion/aop/PermissionCheck.java
@ -52,40 +52,40 @@ public class PermissionCheck {
     **/
    @Around("@annotation(requiresPermission)")
    public Object check(ProceedingJoinPoint joinPoint, RequiresPermission requiresPermission) throws Throwable {
-        // 获取请求对象
-        HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
-        // 接口的权限
-        String mustRole = requiresPermission.mustRole();
-        // 获取接口权限的枚举类
-        UserRoleEnum interfaceRoleEnum = UserRoleEnum.getEnumByValue(mustRole);
-        ThrowUtils.throwIf(interfaceRoleEnum == null, ErrorCode.NO_AUTH_ERROR);
-        // 获取用户权限
-        String token = request.getHeader("Authorization");
-        ThrowUtils.throwIf(StringUtils.isBlank(token), ErrorCode.NO_AUTH_ERROR, "JWT为空");
-        // 解析token
-        DecodedJWT decodedJWT = jwtUtils.verify(token);
-        String userAccount = decodedJWT.getClaim("userAccount").asString();
-        String userPassword = decodedJWT.getClaim("userPassword").asString();
-        // 将账号存入request，用于记录日志
-        request.setAttribute("userAccount", userAccount);
-//        // 打印token的过期时间
-//        Date expiresAt = decodedJWT.getExpiresAt();
-//        String formatExpiresAt = DateUtil.format(expiresAt, "yyyy-MM-dd HH:mm:ss");
-//        log.info("Token过期时间为:" + formatExpiresAt);
-        LambdaQueryWrapper<UserInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>();
-        lambdaQueryWrapper.eq(UserInfo::getUserAccount, userAccount).eq(UserInfo::getUserPassword, userPassword);
-        UserInfo userInfo = userInfoService.getOne(lambdaQueryWrapper);
-        ThrowUtils.throwIf(userInfo == null, ErrorCode.OPERATION_ERROR, "用户不存在");
-
-        // 获取用户权限的枚举类
-        String userRole = userInfo.getUserRole();
-        UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValue(userRole);
-
-        // 接口权限只能是 USER，ADMIN，BOSS，用户权限是 ADMIN，BOSS，USER，BAN
-        // 校验角色
-        ThrowUtils.throwIf(UserRoleEnum.USER.equals(userRoleEnum) && !UserRoleEnum.USER.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);
-        ThrowUtils.throwIf(UserRoleEnum.BAN.equals(userRoleEnum), ErrorCode.NO_AUTH_ERROR, "用户已被封禁");
-        ThrowUtils.throwIf(UserRoleEnum.ADMIN.equals(userRoleEnum) && UserRoleEnum.BOSS.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);
+//        // 获取请求对象
+//        HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
+//        // 接口的权限
+//        String mustRole = requiresPermission.mustRole();
+//        // 获取接口权限的枚举类
+//        UserRoleEnum interfaceRoleEnum = UserRoleEnum.getEnumByValue(mustRole);
+//        ThrowUtils.throwIf(interfaceRoleEnum == null, ErrorCode.NO_AUTH_ERROR);
+//        // 获取用户权限
+//        String token = request.getHeader("Authorization");
+//        ThrowUtils.throwIf(StringUtils.isBlank(token), ErrorCode.NO_AUTH_ERROR, "JWT为空");
+//        // 解析token
+//        DecodedJWT decodedJWT = jwtUtils.verify(token);
+//        String userAccount = decodedJWT.getClaim("userAccount").asString();
+//        String userPassword = decodedJWT.getClaim("userPassword").asString();
+//        // 将账号存入request，用于记录日志
+//        request.setAttribute("userAccount", userAccount);
+////        // 打印token的过期时间
+////        Date expiresAt = decodedJWT.getExpiresAt();
+////        String formatExpiresAt = DateUtil.format(expiresAt, "yyyy-MM-dd HH:mm:ss");
+////        log.info("Token过期时间为:" + formatExpiresAt);
+//        LambdaQueryWrapper<UserInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>();
+//        lambdaQueryWrapper.eq(UserInfo::getUserAccount, userAccount).eq(UserInfo::getUserPassword, userPassword);
+//        UserInfo userInfo = userInfoService.getOne(lambdaQueryWrapper);
+//        ThrowUtils.throwIf(userInfo == null, ErrorCode.OPERATION_ERROR, "用户不存在");
+//
+//        // 获取用户权限的枚举类
+//        String userRole = userInfo.getUserRole();
+//        UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValue(userRole);
+//
+//        // 接口权限只能是 USER，ADMIN，BOSS，用户权限是 ADMIN，BOSS，USER，BAN
+//        // 校验角色
+//        ThrowUtils.throwIf(UserRoleEnum.USER.equals(userRoleEnum) && !UserRoleEnum.USER.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);
+//        ThrowUtils.throwIf(UserRoleEnum.BAN.equals(userRoleEnum), ErrorCode.NO_AUTH_ERROR, "用户已被封禁");
+//        ThrowUtils.throwIf(UserRoleEnum.ADMIN.equals(userRoleEnum) && UserRoleEnum.BOSS.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);

        return joinPoint.proceed();
    }