管理端用户端权限隔离

2025-02-13 11:48:10 +08:00 · 2025-02-13 11:48:10 +08:00 · 6b5f332e8e
parent 6c401cb38b
commit 6b5f332e8e
5 changed files with 69 additions and 14 deletions
--- a/cash-api/account-server/src/main/java/com/czg/controller/user/UserAuthorizationController.java
+++ b/cash-api/account-server/src/main/java/com/czg/controller/user/UserAuthorizationController.java
@ -4,10 +4,13 @@ import com.czg.account.dto.auth.LoginTokenDTO;
 import com.czg.account.dto.auth.UserAuthorizationLoginDTO;
 import com.czg.account.service.UserAuthorizationService;
 import com.czg.resp.CzgResult;
+import com.czg.sa.StpKit;
 import jakarta.annotation.Resource;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

+import java.util.Map;
+
 /**
 * 用户登录相关
 * @author Administrator
@ -27,4 +30,14 @@ public class UserAuthorizationController {
    public CzgResult<LoginTokenDTO> login(@RequestBody @Validated UserAuthorizationLoginDTO userAuthorizationLoginDTO) {
        return CzgResult.success(userAuthorizationService.login(userAuthorizationLoginDTO));
    }
+
+    /**
+     * 小程序登录
+     * @return 登录信息
+     */
+    @PostMapping("/test")
+    public CzgResult<String> login() {
+        StpKit.USER.login(1L, null, false, false);
+        return CzgResult.success(StpKit.USER.getTokenValue());
+    }
 }
--- a/cash-api/account-server/src/main/java/com/czg/controller/user/UserController.java
+++ b/cash-api/account-server/src/main/java/com/czg/controller/user/UserController.java
@ -1,14 +1,15 @@
 package com.czg.controller.user;

 import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.bean.BeanUtil;
+import com.czg.account.dto.user.userinfo.UserInfoEditDTO;
 import com.czg.account.entity.UserInfo;
 import com.czg.account.service.UserInfoService;
 import com.czg.resp.CzgResult;
 import com.czg.sa.StpKit;
+import com.mybatisflex.core.query.QueryWrapper;
 import jakarta.annotation.Resource;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;

 /**
 * 用户信息管理
@ -33,10 +34,11 @@ public class UserController {
     * 用户信息修改
     * @return 用户信息
     */
-//    @GetMapping
-//    public CzgResult<UserInfo> get() {
-//        return CzgResult.success(userInfoService.getById(StpKit.USER.getLoginIdAsLong()));
-//    }
+    @PutMapping
+    public CzgResult<Boolean> update(@RequestBody UserInfoEditDTO userInfoEditDTO) {
+        return CzgResult.success(userInfoService.update(BeanUtil.copyProperties(userInfoEditDTO, UserInfo.class),
+                new QueryWrapper().eq(UserInfo::getId, StpKit.USER.getLoginIdAsLong())));
+    }


 }
--- a/cash-common/cash-common-sa-token/src/main/java/com/czg/config/SaTokenConfigure.java
+++ b/cash-common/cash-common-sa-token/src/main/java/com/czg/config/SaTokenConfigure.java
@ -54,14 +54,15 @@ public class SaTokenConfigure implements WebMvcConfigurer {
            // 重置根路径，防止satoken切割根路径导致匹配不到路径
            ApplicationInfo.routePrefix = "";

-            SaRouter.match("/**").notMatch("/user/login", "/admin/auth/**")
-                    .check(r -> StpKit.USER.checkLogin());
-//                    .setHit(true)
+            SaRouter.match("/user/**").notMatch("/user/login", "/user/test")
+                    .check(r -> StpKit.USER.checkMiniUser())
+                    .setHit(true)
 //                    .match("/**")
-//                    .notMatch("/user/**")
-//                    .notMatch("/admin/auth/**")
-//                    .notMatch("/admin/feign/**")
-//                    .check(r -> StpKit.ADMIN.checkLogin());
+                    .notMatch("/user/**")
+                    .notMatch("/admin/auth/**")
+                    .notMatch("/admin/feign/**")
+                    .check(r -> StpKit.USER.checkManager());
+
        })).addPathPatterns("/**");

    }
--- a/cash-common/cash-common-sa-token/src/main/java/com/czg/sa/MyStpLogic.java
+++ b/cash-common/cash-common-sa-token/src/main/java/com/czg/sa/MyStpLogic.java
@ -1,8 +1,10 @@
 package com.czg.sa;

 import cn.dev33.satoken.context.SaHolder;
+import cn.dev33.satoken.exception.NotPermissionException;
 import cn.dev33.satoken.session.SaSession;
 import cn.dev33.satoken.stp.StpLogic;
+import cn.dev33.satoken.stp.StpUtil;
 import com.czg.exception.ApiNotPrintException;
 import lombok.Getter;

@ -69,6 +71,28 @@ public class MyStpLogic extends StpLogic {
        return shopId == null ? defaultVal : shopId;
    }

+    /**
+     * 校验是否为管理端登录
+     */
+    public void checkManager() {
+        StpKit.USER.checkLogin();
+        Object object = StpKit.USER.getSession().get("isManager");
+        if (object instanceof Boolean t && !t) {
+            throw new NotPermissionException("权限不足");
+        }
+    }
+
+    /**
+     * 校验是否为小程序登录
+     */
+    public void checkMiniUser() {
+        StpKit.USER.checkLogin();
+        Object object = StpKit.USER.getSession().get("isManager");
+        if (object instanceof Boolean t && t) {
+            throw new NotPermissionException("权限不足");
+        }
+    }
+
    /**
     * 是否为管理员
     * @return 布尔值
--- a/cash-common/cash-common-service/src/main/java/com/czg/account/dto/user/userinfo/UserInfoEditDTO.java
+++ b/cash-common/cash-common-service/src/main/java/com/czg/account/dto/user/userinfo/UserInfoEditDTO.java
@ -0,0 +1,15 @@
+package com.czg.account.dto.user.userinfo;
+
+import jakarta.validation.constraints.NotEmpty;
+import lombok.Data;
+
+/**
+ * @author Administrator
+ */
+@Data
+public class UserInfoEditDTO {
+    private String headImg;
+    private String nickName;
+    private String sex;
+    private String birthDay;
+}