Merge branch 'backup'

# Conflicts: # manager-api/src/main/java/cn/lili/controller/member/MemberManagerController.java # manager-api/src/main/java/cn/lili/controller/other/PageDataManagerController.java # manager-api/src/main/java/cn/lili/controller/passport/AdminUserManagerController.java # manager-api/src/main/java/cn/lili/controller/permission/MenuManagerController.java # manager-api/src/main/java/cn/lili/controller/setting/RegionManagerController.java # manager-api/src/main/java/cn/lili/controller/store/StoreManagerController.java
2021-07-25 17:51:05 +08:00
parent f9d7e9324a 0514bec994
commit fe8523ca3f
17 changed files with 163 additions and 68 deletions
--- a/manager-api/src/main/java/cn/lili/controller/member/MemberManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/member/MemberManagerController.java
@@ -3,6 +3,7 @@ package cn.lili.controller.member;
 import cn.lili.common.enums.ResultUtil;
 import cn.lili.common.vo.PageVO;
 import cn.lili.common.vo.ResultMessage;
+import cn.lili.modules.system.aspect.annotation.DemoSite;
 import cn.lili.modules.member.entity.dos.Member;
 import cn.lili.modules.member.entity.dto.ManagerMemberEditDTO;
 import cn.lili.modules.member.entity.dto.MemberAddDTO;
--- a/manager-api/src/main/java/cn/lili/controller/other/PageDataManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/other/PageDataManagerController.java
@@ -3,6 +3,7 @@ package cn.lili.controller.other;
 import cn.lili.common.enums.ResultUtil;
 import cn.lili.common.vo.PageVO;
 import cn.lili.common.vo.ResultMessage;
+import cn.lili.modules.system.aspect.annotation.DemoSite;
 import cn.lili.modules.page.entity.dos.PageData;
 import cn.lili.modules.page.entity.dto.PageDataDTO;
 import cn.lili.modules.page.entity.vos.PageDataListVO;
--- a/manager-api/src/main/java/cn/lili/controller/passport/AdminUserManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/passport/AdminUserManagerController.java
@@ -10,6 +10,7 @@ import cn.lili.common.utils.StringUtils;
 import cn.lili.common.vo.PageVO;
 import cn.lili.common.vo.ResultMessage;
 import cn.lili.common.vo.SearchVO;
+import cn.lili.modules.system.aspect.annotation.DemoSite;
 import cn.lili.modules.permission.entity.dos.AdminUser;
 import cn.lili.modules.permission.entity.dto.AdminUserDTO;
 import cn.lili.modules.permission.entity.vo.AdminUserVO;
--- a/manager-api/src/main/java/cn/lili/controller/permission/MenuManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/permission/MenuManagerController.java
@@ -2,6 +2,7 @@ package cn.lili.controller.permission;

 import cn.lili.common.enums.ResultUtil;
 import cn.lili.common.vo.ResultMessage;
+import cn.lili.modules.system.aspect.annotation.DemoSite;
 import cn.lili.modules.permission.entity.dos.Menu;
 import cn.lili.modules.permission.entity.dto.MenuSearchParams;
 import cn.lili.modules.permission.entity.vo.MenuVO;
--- a/manager-api/src/main/java/cn/lili/controller/setting/HotWordsManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/setting/HotWordsManagerController.java
@@ -0,0 +1,47 @@
+package cn.lili.controller.setting;
+
+import cn.lili.common.enums.ResultUtil;
+import cn.lili.common.vo.ResultMessage;
+import cn.lili.modules.search.service.EsGoodsSearchService;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
+import io.swagger.annotations.ApiOperation;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * 管理端,app版本控制器
+ *
+ * @author Chopper
+ * @since 2018-07-04 21:50:52
+ */
+@RestController
+@Api(tags = "管理端,系统设置扩展接口")
+@RequestMapping("/manager/hotwords")
+public class HotWordsManagerController {
+
+    @Autowired
+    private EsGoodsSearchService esGoodsSearchService;
+
+    @ApiOperation(value = "获取热词")
+    @GetMapping
+    public ResultMessage getHotWords() {
+        return ResultUtil.data(esGoodsSearchService.getHotWords(0, 99));
+    }
+
+    @ApiOperation(value = "设置热词")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "keywords", value = "关键字"),
+            @ApiImplicitParam(name = "point", value = "权重值")
+    })
+    @PostMapping
+    public ResultMessage paymentForm(String keywords, Integer point) {
+        esGoodsSearchService.setHotWords(keywords, point);
+        return ResultUtil.success();
+    }
+
+}
--- a/manager-api/src/main/java/cn/lili/controller/setting/InstantDeliveryManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/setting/InstantDeliveryManagerController.java
@@ -39,7 +39,6 @@ public class InstantDeliveryManagerController {
        IPage<InstantDelivery> data = instantDeliveryService.page(PageUtil.initPage(page));
        //组织数据结构
        IPage<InstantDeliveryVO> newData = instantDeliveryService.getInstantDeliveryPage(data, page);
-        System.out.println();
        //返回数据
        return ResultUtil.data(newData);
    }
--- a/manager-api/src/main/java/cn/lili/controller/setting/RegionManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/setting/RegionManagerController.java
@@ -3,8 +3,8 @@ package cn.lili.controller.setting;
 import cn.lili.common.enums.ResultUtil;
 import cn.lili.common.vo.ResultMessage;
 import cn.lili.modules.system.aspect.annotation.DemoSite;
-import cn.lili.modules.system.entity.dos.Region;
 import cn.lili.modules.system.service.RegionService;
+import cn.lili.modules.system.entity.dos.Region;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiOperation;
--- a/manager-api/src/main/java/cn/lili/controller/store/StoreManagerController.java
+++ b/manager-api/src/main/java/cn/lili/controller/store/StoreManagerController.java
@@ -3,6 +3,7 @@ package cn.lili.controller.store;
 import cn.lili.common.enums.ResultUtil;
 import cn.lili.common.vo.PageVO;
 import cn.lili.common.vo.ResultMessage;
+import cn.lili.modules.system.aspect.annotation.DemoSite;
 import cn.lili.modules.goods.entity.vos.CategoryVO;
 import cn.lili.modules.store.entity.dos.Store;
 import cn.lili.modules.store.entity.dto.AdminStoreApplyDTO;
--- a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
+++ b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
@@ -4,6 +4,7 @@ import cn.hutool.core.util.StrUtil;
 import cn.lili.cache.Cache;
 import cn.lili.cache.CachePrefix;
 import cn.lili.common.security.AuthUser;
+import cn.lili.common.security.enums.PermissionEnum;
 import cn.lili.common.security.enums.SecurityEnum;
 import cn.lili.common.security.enums.UserEnums;
 import cn.lili.common.security.token.SecretKeyUtil;
@@ -20,6 +21,8 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.util.PatternMatchUtils;
+import org.springframework.web.bind.annotation.RequestMethod;

 import javax.naming.NoPermissionException;
 import javax.servlet.FilterChain;
@@ -71,27 +74,28 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter {
     */
    private void customAuthentication(HttpServletRequest request, HttpServletResponse response, UsernamePasswordAuthenticationToken authentication) throws NoPermissionException {
        AuthUser authUser = (AuthUser) authentication.getDetails();
+        String requestUrl = request.getRequestURI();
        Map<String, List<String>> permission = (Map<String, List<String>>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.MANAGER) + authUser.getId());
-        if (authUser.getIsSuper()) {
-            return;
-        } else {
-            //用户是否拥有权限判定œ
+        //如果不是超级管理员， 不做鉴权
+        if (!authUser.getIsSuper()) {
            //获取数据权限
-//           if (request.getMethod().equals(RequestMethod.GET.name())) {
-//               if (!PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER).toArray(new String[0]), request.getRequestURI()) ||
-//                       PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.QUERY).toArray(new String[0]), request.getRequestURI())) {
-//
-//                   ResponseUtil.output(response, ResponseUtil.resultMap(false, 401, "抱歉，您没有访问权限"));
-//                   throw new NoPermissionException("权限不足");
-//               }
-//           } else {
-//               if (!PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER).toArray(new String[0]), request.getRequestURI())) {
-//
-//                   ResponseUtil.output(response, ResponseUtil.resultMap(false, 401, "抱歉，您没有访问权限"));
-//                   throw new NoPermissionException("权限不足");
-//               }
-//           }
-            return;
+            if (request.getMethod().equals(RequestMethod.GET.name())) {
+                //如果用户的超级权限和查阅权限都不包含当前请求的api
+                if (!PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER.name()).toArray(new String[0]), requestUrl) &&
+                        !PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.QUERY.name()).toArray(new String[0]), requestUrl)) {
+
+                    ResponseUtil.output(response, ResponseUtil.resultMap(false, 401, "抱歉，您没有访问权限"));
+                    throw new NoPermissionException("权限不足");
+                }
+            }
+            //非get请求（数据操作） 判定
+            else {
+                if (!PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER.name()).toArray(new String[0]), request.getRequestURI())) {
+
+                    ResponseUtil.output(response, ResponseUtil.resultMap(false, 401, "抱歉，您没有访问权限"));
+                    throw new NoPermissionException("权限不足");
+                }
+            }
        }
    }