Merge branch 'feature' into 'dev'

权限部分调整5

See merge request !282

src/main/java/com/zhiwei/brandkbs2/auth/AuthAspect.java

@@ -2,6 +2,7 @@ package com.zhiwei.brandkbs2.auth;
 
 import com.alibaba.fastjson.JSON;
 import com.zhiwei.brandkbs2.common.GenericAttribute;
+import com.zhiwei.brandkbs2.enmus.RoleEnum;
 import com.zhiwei.brandkbs2.model.CommonCodeEnum;
 import com.zhiwei.brandkbs2.model.ResponseResult;
 import com.zhiwei.brandkbs2.pojo.UserInfo;
@@ -55,6 +56,18 @@ public class AuthAspect {
     public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
         ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes());
         HttpServletRequest request = servletRequestAttributes.getRequest();
+        Signature signature = joinPoint.getSignature();
+        Method method = ((MethodSignature) signature).getMethod();
+        Class<?> classTarget = joinPoint.getTarget().getClass();
+        // 优先使用方法权限
+        Auth auth = method.getAnnotation(Auth.class);
+        if (null == auth) {
+            auth = classTarget.getAnnotation(Auth.class);
+        }
+        // 不需要验证权限
+        if (null == auth || RoleEnum.NO_AUTHORISE == auth.role()) {
+            return joinPoint.proceed();
+        }
         String token = request.getHeader(jwtKey);
         // 存在有效token
         if (null != token && !Tools.tokenEmpty(token)) {

src/main/java/com/zhiwei/brandkbs2/controller/LoginController.java

@@ -45,10 +45,17 @@ public class LoginController extends BaseController {
 
     @ApiOperation("用户登录")
     @PostMapping("/user/login")
+    @Auth(role = RoleEnum.CUSTOMER)
     public ResponseResult login() {
         return ResponseResult.success(userService.login().toMap());
     }
 
+    @ApiOperation("移动端用户登录")
+    @PostMapping("/mobile/login")
+    public ResponseResult mobileLogin(@RequestBody MobileLoginVO loginVO) {
+        return userService.mobileLogin(loginVO);
+    }
+
     @ApiOperation("用户信息获取")
     @GetMapping("/user/getLoginInfo")
     @Auth(role = RoleEnum.CUSTOMER)
@@ -56,20 +63,21 @@ public class LoginController extends BaseController {
         return ResponseResult.success(userService.getLoginInfo());
     }
 
-    @ApiOperation("重置绑定关系(本地测试)")
-    @ApiImplicitParams(
-            @ApiImplicitParam(name = "username", value = "用户名", required = false, paramType = "query", dataType = "string"))
-    @PostMapping("/user/bind/reset")
-    public ResponseResult resetBind(@RequestBody JSONObject json) {
-        userService.resetBind(json.getString("username"));
-        return ResponseResult.success();
-    }
+//    @ApiOperation("重置绑定关系(本地测试)")
+//    @ApiImplicitParams(
+//            @ApiImplicitParam(name = "username", value = "用户名", required = false, paramType = "query", dataType = "string"))
+//    @PostMapping("/user/bind/reset")
+//    public ResponseResult resetBind(@RequestBody JSONObject json) {
+//        userService.resetBind(json.getString("username"));
+//        return ResponseResult.success();
+//    }
 
     @ApiOperation("老用户账号绑定")
     @ApiImplicitParams({
             @ApiImplicitParam(name = "username", value = "用户名", required = false, paramType = "query", dataType = "string"),
             @ApiImplicitParam(name = "password", value = "密码", required = false, paramType = "query", dataType = "string")})
     @PostMapping("/user/bind")
+    @Auth(role = RoleEnum.CUSTOMER)
     public ResponseResult bindUser(@RequestBody JSONObject json) {
         String username = json.getString("username");
         String password = json.getString("password");
@@ -78,6 +86,7 @@ public class LoginController extends BaseController {
 
     @ApiOperation("跳过绑定(赋默认权限)")
     @PostMapping("/user/bind/skip")
+    @Auth(role = RoleEnum.NO_AUTHORISE_WITH_TOKEN)
     public ResponseResult skipBindUser() {
         return ResponseResult.success(userService.skipBindUser());
     }
@@ -85,12 +94,14 @@ public class LoginController extends BaseController {
     @ApiOperation("校验用户是否已有绑定关系")
     @LogRecord(description = "登录")
     @GetMapping("/user/login/checkBind")
+    @Auth(role = RoleEnum.NO_AUTHORISE_WITH_TOKEN)
     public ResponseResult checkBind() {
         return ResponseResult.success(userService.checkUserRoles());
     }
 
     @ApiOperation("获取当前用户拥有的所有项目(含过期)")
     @GetMapping("/user/login/getUserAllProjects")
+    @Auth(role = RoleEnum.NO_AUTHORISE_WITH_TOKEN)
     public ResponseResult getLoginUserAllProjects() {
         return ResponseResult.success(ProjectService.getLoginUserAllProjects());
     }
@@ -107,12 +118,6 @@ public class LoginController extends BaseController {
         return userCenterService.verifyTicket(ticket);
     }
 
-    @ApiOperation("移动端用户登录")
-    @PostMapping("/mobile/login")
-    public ResponseResult mobileLogin(@RequestBody MobileLoginVO loginVO) {
-        return userService.mobileLogin(loginVO);
-    }
-
     @ApiOperation("测试接口")
     @GetMapping("/test")
     public ResponseResult test() {

src/main/java/com/zhiwei/brandkbs2/enmus/RoleEnum.java

@@ -27,7 +27,12 @@ public enum RoleEnum {
     /**
      * 无需权限
      */
-    NO_AUTHORISE(-1, "无需权限");
+    NO_AUTHORISE(-1, "无需权限"),
+
+    /**
+     * 无需权限带解析token
+     */
+    NO_AUTHORISE_WITH_TOKEN(-2, "无需权限并解析token");
 
     private final int state;
     private final String name;

src/main/java/com/zhiwei/brandkbs2/interceptor/MainAuthInterceptor.java

@@ -47,7 +47,7 @@ public class MainAuthInterceptor implements HandlerInterceptor {
             }
         }
         // 不需要验证权限
-        if (null == auth || RoleEnum.NO_AUTHORISE == auth.role()) {
+        if (null == auth || RoleEnum.NO_AUTHORISE == auth.role() || RoleEnum.NO_AUTHORISE_WITH_TOKEN == auth.role()) {
             return true;
         }
         String token = request.getHeader("Token");