修改了权限校验

2025-07-14 15:53:51 +08:00
parent 538147ffda
commit acddaf8dbc
5 changed files with 46 additions and 18 deletions
--- a/src/main/java/com/greenorange/promotion/aop/PermissionCheck.java
+++ b/src/main/java/com/greenorange/promotion/aop/PermissionCheck.java
@ -60,16 +60,19 @@ public class PermissionCheck {
        DecodedJWT decodedJWT = jwtUtils.verify(token);
        String userAccount = decodedJWT.getClaim("userAccount").asString();
        String userPassword = decodedJWT.getClaim("userPassword").asString();
+        String userRole = decodedJWT.getClaim("userRole").asString();
        // 查询用户信息
        LambdaQueryWrapper<UserInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>();
        lambdaQueryWrapper.eq(UserInfo::getUserAccount, userAccount).eq(UserInfo::getUserPassword, userPassword);
+        // 如果是小程序用户, 就加上权限条件
+        lambdaQueryWrapper.eq(StringUtils.isNotBlank(userRole), UserInfo::getUserRole, userRole);
        UserInfo userInfo = userInfoService.getOne(lambdaQueryWrapper);
        ThrowUtils.throwIf(userInfo == null, ErrorCode.OPERATION_ERROR, "用户不存在");
        // 将用户id存入request，用于记录日志
        request.setAttribute("userId", userInfo.getId());

        // 获取用户权限的枚举类
-        String userRole = userInfo.getUserRole();
+        if (userRole == null) userRole = userInfo.getUserRole();
        UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValue(userRole);

        // 接口权限只能是 USER，ADMIN，BOSS，用户权限是 ADMIN，BOSS，USER，BAN，MANAGER，SUPERVISOR，STAFF
--- a/src/main/java/com/greenorange/promotion/controller/course/CourseOrderController.java
+++ b/src/main/java/com/greenorange/promotion/controller/course/CourseOrderController.java
@ -140,8 +140,8 @@ public class CourseOrderController {
        // 更新主管和员工的绩效记录
        Long userId = courseOrder.getUserId();
        List<Long> pathToRoot = userInfoService.findPathToRoot(userId);
-        List<Long> superUserIdList = pathToRoot.subList(1, 3);
-        List<UserPerformanceSummary> userPerformanceSummaryList = commonService.findByFieldInTargetField(superUserIdList, userPerformanceSummaryService, Function.identity(), UserPerformanceSummary::getUserId);
+        List<Long> subPathToRoot = pathToRoot.subList(1, 3);
+        List<UserPerformanceSummary> userPerformanceSummaryList = commonService.findByFieldInTargetField(subPathToRoot, userPerformanceSummaryService, Function.identity(), UserPerformanceSummary::getUserId);
        BigDecimal rate;
        Map<String, BigDecimal> rateMap = userPerformanceSummaryService.queryRakeRewardsRate();
        for (int i = 0; i < userPerformanceSummaryList.size(); i ++ ) {
@ -161,8 +161,8 @@ public class CourseOrderController {


        // 添加课程推广待提成记录
-        Long firstUserId = pathToRoot.get(0);
-        Long secondUserId = pathToRoot.get(1);
+        Long firstUserId = subPathToRoot.get(0);
+        Long secondUserId = subPathToRoot.get(1);
        CoursePromotionCommissionPending coursePromotionCommissionPending = CoursePromotionCommissionPending.builder()
                .firstUserId(firstUserId)
                .secondUserId(secondUserId)
--- a/src/main/java/com/greenorange/promotion/controller/userInfo/UserPerformanceSummaryController.java
+++ b/src/main/java/com/greenorange/promotion/controller/userInfo/UserPerformanceSummaryController.java
@ -665,12 +665,21 @@ public class UserPerformanceSummaryController {
    public BaseResponse<List<SupervisorPerformanceSummaryVO>> miniListSupervisorPerformanceSummaryRankingsByPage(@Valid @RequestBody UserPerformanceSummaryRankQueryRequest userPerformanceSummaryRankQueryRequest) {
        String startTimeStr = userPerformanceSummaryRankQueryRequest.getStartDate();
        String endTimeStr = userPerformanceSummaryRankQueryRequest.getEndDate();
-        DateTime startDate = DateUtil.parse(startTimeStr, "yyyy-MM-dd HH:mm:ss");
-        DateTime endDate = DateUtil.parse(endTimeStr, "yyyy-MM-dd HH:mm:ss");
+        DateTime startDate = null;
+        DateTime endDate = null;
+        boolean isAddDate = true;
+        try {
+            startDate = DateUtil.parse(startTimeStr, "yyyy-MM-dd HH:mm:ss");
+            endDate = DateUtil.parse(endTimeStr, "yyyy-MM-dd HH:mm:ss");
+        } catch (Exception e) {
+            isAddDate = false;
+        }

        QueryWrapper<EmployeePromotionRecords> empQueryWrapper = new QueryWrapper<>();
-        empQueryWrapper.ge(StringUtils.isNotBlank(startTimeStr), "createTime", startDate);
-        empQueryWrapper.le(StringUtils.isNotBlank(endTimeStr), "createTime", endDate);
+        if (isAddDate) {
+            empQueryWrapper.ge(StringUtils.isNotBlank(startTimeStr), "createTime", startDate);
+            empQueryWrapper.le(StringUtils.isNotBlank(endTimeStr), "createTime", endDate);
+        }
        List<EmployeePromotionRecords> employeePromotionRecordsList = employeePromotionRecordsService.list(empQueryWrapper);
        // 封装Map集合（键：主管id, 值：推广数量）
        Map<Long, Integer> supervisorCntMap = new HashMap<>();
@ -744,12 +753,21 @@ public class UserPerformanceSummaryController {
    public BaseResponse<List<SupervisorPerformanceSummaryVO>> miniListStaffUserPerformanceSummaryRankingsByPage(@Valid @RequestBody UserPerformanceSummaryRankQueryRequest userPerformanceSummaryRankQueryRequest) {
        String startTimeStr = userPerformanceSummaryRankQueryRequest.getStartDate();
        String endTimeStr = userPerformanceSummaryRankQueryRequest.getEndDate();
-        DateTime startDate = DateUtil.parse(startTimeStr, "yyyy-MM-dd HH:mm:ss");
-        DateTime endDate = DateUtil.parse(endTimeStr, "yyyy-MM-dd HH:mm:ss");
+        DateTime startDate = null;
+        DateTime endDate = null;
+        boolean isAddDate = true;
+        try {
+            startDate = DateUtil.parse(startTimeStr, "yyyy-MM-dd HH:mm:ss");
+            endDate = DateUtil.parse(endTimeStr, "yyyy-MM-dd HH:mm:ss");
+        } catch (Exception e) {
+            isAddDate = false;
+        }

        QueryWrapper<EmployeePromotionRecords> empQueryWrapper = new QueryWrapper<>();
-        empQueryWrapper.ge(StringUtils.isNotBlank(startTimeStr), "createTime", startDate);
-        empQueryWrapper.le(StringUtils.isNotBlank(endTimeStr), "createTime", endDate);
+        if (isAddDate) {
+            empQueryWrapper.ge(StringUtils.isNotBlank(startTimeStr), "createTime", startDate);
+            empQueryWrapper.le(StringUtils.isNotBlank(endTimeStr), "createTime", endDate);
+        }
        List<EmployeePromotionRecords> employeePromotionRecordsList = employeePromotionRecordsService.list(empQueryWrapper);
        // 封装Map集合（键：员工id, 值：推广数量）
        Map<Long, Integer> staffCntMap = new HashMap<>();
--- a/src/main/java/com/greenorange/promotion/service/userInfo/impl/UserInfoServiceImpl.java
+++ b/src/main/java/com/greenorange/promotion/service/userInfo/impl/UserInfoServiceImpl.java
@ -44,6 +44,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
 import java.util.function.Function;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;

 /**
 * @author 35880
@ -217,6 +219,7 @@ public class UserInfoServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo>
        Map<String, String> payload = new HashMap<>();
        payload.put("userAccount", phoneNumber);
        payload.put("userPassword", userPassword);
+        payload.put("userRole", userInfo.getUserRole());
        return jwtUtils.generateToken(payload);
    }

@ -241,6 +244,7 @@ public class UserInfoServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo>
        Map<String, String> payload = new HashMap<>();
        payload.put("userAccount", phoneNumber);
        payload.put("userPassword", userPassword);
+        payload.put("userRole", userInfo.getUserRole());
        return jwtUtils.generateToken(payload);
    }

@ -406,9 +410,12 @@ public class UserInfoServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo>
     * 更新上级用户的数量
     */
    private void updateParentUserInfoEmpCount(Long userId, UserRoleEnum userRoleEnum) {
+        if (UserRoleEnum.SUPERVISOR.equals(userRoleEnum)) return ;
        List<Long> pathToRoot = findPathToRoot(userId);
-        pathToRoot.remove(pathToRoot.size() - 1);
-        List<UserPerformanceSummary> userPerformanceSummaryList = commonService.findByFieldInTargetField(pathToRoot, userPerformanceSummaryService, Function.identity(), UserPerformanceSummary::getUserId);
+        List<Long> subPathToRoot;
+        if (UserRoleEnum.USER.equals(userRoleEnum)) subPathToRoot = pathToRoot.subList(1, 3);
+        else subPathToRoot = pathToRoot.subList(1, 2);
+        List<UserPerformanceSummary> userPerformanceSummaryList = commonService.findByFieldInTargetField(subPathToRoot, userPerformanceSummaryService, Function.identity(), UserPerformanceSummary::getUserId);
        for (UserPerformanceSummary userPerformanceSummary : userPerformanceSummaryList) {
            if (userRoleEnum.equals(UserRoleEnum.USER)) {
                userPerformanceSummary.setPromoCount(userPerformanceSummary.getPromoCount() + 1);
@ -421,8 +428,8 @@ public class UserInfoServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo>
        // 如果是普通用户，就添加一条员工推广记录
        if (userRoleEnum.equals(UserRoleEnum.USER)) {
            EmployeePromotionRecords employeePromotionRecords = EmployeePromotionRecords.builder()
-                    .firstUserId(pathToRoot.get(0))
-                    .secondUserId(pathToRoot.get(1))
+                    .firstUserId(subPathToRoot.get(0))
+                    .secondUserId(subPathToRoot.get(1))
                    .userId(userId)
                    .build();
            employeePromotionRecordsService.save(employeePromotionRecords);
--- a/src/main/java/com/greenorange/promotion/utils/JWTUtils.java
+++ b/src/main/java/com/greenorange/promotion/utils/JWTUtils.java
@ -33,7 +33,7 @@ public class JWTUtils {

        Calendar instance = Calendar.getInstance();
        // 默认7天过期
-        instance.add(Calendar.DATE, 7);
+        instance.add(Calendar.DATE, 30);

        //创建jwt builder
        JWTCreator.Builder builder = JWT.create();