用户模块

src/main/java/com/greenorange/promotion/aop/PermissionCheck.java

@@ -57,8 +57,8 @@ public class PermissionCheck {
         // 接口的权限
         String mustRole = requiresPermission.mustRole();
         // 获取接口权限的枚举类
-        UserRoleEnum mustUserRoleEnum = UserRoleEnum.getEnumByValue(mustRole);
-        ThrowUtils.throwIf(mustUserRoleEnum == null, ErrorCode.NO_AUTH_ERROR);
+        UserRoleEnum interfaceRoleEnum = UserRoleEnum.getEnumByValue(mustRole);
+        ThrowUtils.throwIf(interfaceRoleEnum == null, ErrorCode.NO_AUTH_ERROR);
         // 获取用户权限
         String token = request.getHeader("Authorization");
         ThrowUtils.throwIf(StringUtils.isBlank(token), ErrorCode.NO_AUTH_ERROR, "JWT为空");
@@ -81,11 +81,11 @@ public class PermissionCheck {
         String userRole = userInfo.getUserRole();
         UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValue(userRole);
 
-        // 接口权限只能是 ADMIN 或者 BOSS，用户权限是 ADMIN 或者 BOSS，USER，BAN
+        // 接口权限只能是 USER，ADMIN，BOSS，用户权限是 ADMIN，BOSS，USER，BAN
         // 校验角色
-        ThrowUtils.throwIf(UserRoleEnum.USER.equals(userRoleEnum), ErrorCode.NO_AUTH_ERROR);
+        ThrowUtils.throwIf(UserRoleEnum.USER.equals(userRoleEnum) && !UserRoleEnum.USER.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);
         ThrowUtils.throwIf(UserRoleEnum.BAN.equals(userRoleEnum), ErrorCode.NO_AUTH_ERROR, "用户已被封禁");
-        ThrowUtils.throwIf(UserRoleEnum.ADMIN.equals(userRoleEnum) && UserRoleEnum.BOSS.equals(mustUserRoleEnum), ErrorCode.NO_AUTH_ERROR);
+        ThrowUtils.throwIf(UserRoleEnum.ADMIN.equals(userRoleEnum) && UserRoleEnum.BOSS.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);
 
         return joinPoint.proceed();
     }