鉴权修改

2025-11-08 11:43:18 +08:00
parent 69e54ec5a1
commit b10f9d24fb
2 changed files with 65 additions and 5 deletions
--- a/cash-common/cash-common-sa-token/src/main/java/com/czg/handler/SaAdminCheckRoleHandler.java
+++ b/cash-common/cash-common-sa-token/src/main/java/com/czg/handler/SaAdminCheckRoleHandler.java
@@ -0,0 +1,63 @@
+package com.czg.handler;
+
+import cn.dev33.satoken.annotation.handler.SaAnnotationHandlerInterface;
+import cn.hutool.core.util.StrUtil;
+import com.czg.annotation.SaAdminCheckRole;
+import com.czg.annotation.SaStaffCheckPermission;
+import com.czg.sa.StpKit;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+
+import java.lang.reflect.Method;
+
+/**
+ * 员工权限校验
+ * @author Administrator
+ */
+import cn.dev33.satoken.stp.StpUtil;
+import cn.dev33.satoken.annotation.SaMode;
+import cn.dev33.satoken.annotation.SaCheckRole;
+import cn.dev33.satoken.annotation.SaCheckLogin;
+import org.springframework.stereotype.Component;
+import lombok.extern.slf4j.Slf4j;
+
+import java.lang.reflect.Method;
+
+@Component
+@Slf4j
+public class SaAdminCheckRoleHandler implements SaAnnotationHandlerInterface<SaAdminCheckRole> {
+
+    @Override
+    public Class<SaAdminCheckRole> getHandlerAnnotationClass() {
+        return SaAdminCheckRole.class;
+    }
+
+    @Override
+    public void checkMethod(SaAdminCheckRole annotation, Method method) {
+
+        if (StpKit.USER.isAdmin()) {
+            log.debug("[SaAdminCheckRoleHandler] 管理员免校验: userId={}", StpUtil.getLoginId());
+            return;
+        }
+
+        // 3️⃣ 非管理员，执行原本注解校验逻辑
+        String[] roles = annotation.value();
+        SaMode mode = annotation.mode();
+
+        if (roles != null && roles.length > 0) {
+            if (mode == SaMode.AND) {
+                StpKit.USER.checkRoleAnd(roles);
+            } else {
+                // 有一个角色即可
+                StpKit.USER.checkRoleOr(roles);
+            }
+        } else {
+            // 如果注解没有指定角色，默认使用注解上 type 的值
+            // 你 @SaCheckRole(type = "admin") 默认角色
+            String typeRole = "admin";
+            StpKit.USER.checkRole(typeRole);
+        }
+
+        log.debug("[SaAdminCheckRoleHandler] 非管理员执行角色校验: userId={}", StpKit.USER.getLoginId());
+    }
+}
--- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/AuthorizationServiceImpl.java
+++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/AuthorizationServiceImpl.java
@@ -135,13 +135,10 @@ public class AuthorizationServiceImpl implements AuthorizationService {
            shopInfo = shopInfoService.getById(user.getId());
        }

-//        if (shopInfo == null) {
-//            throw new ApiNotPrintException("商户不存在");
-//        }
-        // 过期时间校验
        if (shopInfo == null) {
-            shopInfo = new ShopInfo().setId(-1L).setShopName(user.getNickName()).setPhone(user.getPhone());
+            throw new ApiNotPrintException("商户不存在");
        }
+        // 过期时间校验
        if (shopInfo.getExpireTime() != null) {
            if ((DateUtil.date().toLocalDateTime().isAfter(shopInfo.getExpireTime()))) {
                throw new ApiNotPrintException("店铺已到期，请联系区域经理续费");