huorantech
/
IASF
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

定义返回http code,admin拦截

Browse Source
master
cheney 2 years ago
parent 2ebe0ee14c
commit 5f1da038eb
14 changed files with 96 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      src/main/java/com/huoran/iasf/common/aop/aspect/NoRepeatSubmitAop.java
  2. 4
      src/main/java/com/huoran/iasf/common/exception/code/BaseResponseCode.java
  3. 15
      src/main/java/com/huoran/iasf/common/exception/handler/RestExceptionHandler.java
  4. 11
      src/main/java/com/huoran/iasf/common/filter/AuthFilter.java
  5. 12
      src/main/java/com/huoran/iasf/common/shiro/CustomAccessControlFilter.java
  6. 3
      src/main/java/com/huoran/iasf/common/shiro/CustomHashedCredentialsMatcher.java
  7. 6
      src/main/java/com/huoran/iasf/common/shiro/CustomRealm.java
  8. 4
      src/main/java/com/huoran/iasf/controller/SysColumnController.java
  9. 2
      src/main/java/com/huoran/iasf/controller/SysContentController.java
  10. 3
      src/main/java/com/huoran/iasf/service/impl/SysColumnServiceImpl.java
  11. 3
      src/main/java/com/huoran/iasf/service/impl/SysContentServiceImpl.java
  12. 24
      src/main/java/com/huoran/iasf/vo/req/PageContentReqVO.java
  13. 5
      src/main/java/com/huoran/iasf/vo/req/PageReqVO.java
  14. 7
      src/main/java/com/huoran/iasf/vo/req/PaginationColumnReqVO.java

9
src/main/java/com/huoran/iasf/common/aop/aspect/NoRepeatSubmitAop.java
Unescape View File

@ -1,6 +1,7 @@
package com.huoran.iasf.common.aop.aspect; package com.huoran.iasf.common.aop.aspect;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit; import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
import com.huoran.iasf.common.exception.BusinessException; import com.huoran.iasf.common.exception.BusinessException;
@ -16,6 +17,7 @@ import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around; import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Aspect;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.RequestContextHolder;
@ -44,17 +46,24 @@ public class NoRepeatSubmitAop {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = attributes.getRequest(); HttpServletRequest request = attributes.getRequest();
HttpServletResponse response = attributes.getResponse();
String token = request.getHeader(Constant.ACCESS_TOKEN); String token = request.getHeader(Constant.ACCESS_TOKEN);
//如果header中不存在token,则从参数中获取token //如果header中不存在token,则从参数中获取token
if (StringUtils.isEmpty(token)) { if (StringUtils.isEmpty(token)) {
token = request.getParameter(Constant.ACCESS_TOKEN); token = request.getParameter(Constant.ACCESS_TOKEN);
} }
if (StringUtils.isEmpty(token)) { if (StringUtils.isEmpty(token)) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setCharacterEncoding("utf-8");
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
throw new BusinessException(BaseResponseCode.TOKEN_ERROR); throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
} }
// 校验并解析token,如果token过期或者篡改,则会返回null // 校验并解析token,如果token过期或者篡改,则会返回null
Claims claims = checkJWT(token); Claims claims = checkJWT(token);
if (null == claims) { if (null == claims) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setCharacterEncoding("utf-8");
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
throw new BusinessException(BaseResponseCode.TOKEN_ERROR); throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
} }
String key = token + "-" + request.getServletPath(); String key = token + "-" + request.getServletPath();

4
src/main/java/com/huoran/iasf/common/exception/code/BaseResponseCode.java
Unescape View File

@ -31,7 +31,7 @@ public enum BaseResponseCode implements ResponseCodeInterface {
EXCEL_FILE_INVALID(10004, "上传excel文件错误!"), EXCEL_FILE_INVALID(10004, "上传excel文件错误!"),
VALID_EXCEPTION(10003, "参数格式校验异常!"), VALID_EXCEPTION(10003, "参数格式校验异常!"),
OPERATION_ERROR(10002, "操作失败"), OPERATION_ERROR(10002, "操作失败"),
SYSTEM_BUSY(10001, "系统繁忙,请稍候再试"), SYSTEM_BUSY(500, "系统繁忙,请稍候再试"),
SUCCESS(200, "success"), SUCCESS(200, "success"),
EXCEL_FILE_FORMAT_ERROR(40007, "请根据模板使用说明录入正确的用户信息!"), EXCEL_FILE_FORMAT_ERROR(40007, "请根据模板使用说明录入正确的用户信息!"),
@ -40,7 +40,7 @@ public enum BaseResponseCode implements ResponseCodeInterface {
NOT_ACCOUNT(401004, "该用户不存在,请先注册"), NOT_ACCOUNT(401004, "该用户不存在,请先注册"),
USER_LOCK(401005, "该用户已被锁定,请联系运营人员"), USER_LOCK(401005, "该用户已被锁定,请联系运营人员"),
PASSWORD_ERROR(401006, "用户名或密码错误"), PASSWORD_ERROR(401006, "用户名或密码错误"),
METHOD_ARGUMENT_NOT_VALID_EXCEPTION(401007, "方法参数校验异常"), METHOD_ARGUMENT_NOT_VALID_EXCEPTION(400, "请求参数有误"),
UNAUTHORIZED_ERROR(401008, "权鉴校验不通过"), UNAUTHORIZED_ERROR(401008, "权鉴校验不通过"),
ROLE_PERMISSION_RELATION(401009, "该菜单权限存在子集关联,不允许删除"), ROLE_PERMISSION_RELATION(401009, "该菜单权限存在子集关联,不允许删除"),
OLD_PASSWORD_ERROR(401010, "旧密码不正确"), OLD_PASSWORD_ERROR(401010, "旧密码不正确"),

15
src/main/java/com/huoran/iasf/common/exception/handler/RestExceptionHandler.java
Unescape View File

@ -7,10 +7,12 @@ import com.huoran.iasf.common.utils.R;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authz.AuthorizationException; import org.apache.shiro.authz.AuthorizationException;
import org.springframework.http.HttpStatus;
import org.springframework.validation.BindingResult; import org.springframework.validation.BindingResult;
import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.bind.annotation.RestControllerAdvice;
import javax.validation.ConstraintViolation; import javax.validation.ConstraintViolation;
@ -34,12 +36,21 @@ public class RestExceptionHandler {
* 系统繁忙请稍候再试" * 系统繁忙请稍候再试"
*/ */
@ExceptionHandler(Exception.class) @ExceptionHandler(Exception.class)
@ResponseStatus(HttpStatus.NOT_FOUND)
public R handleException(Exception e) { public R handleException(Exception e) {
log.error("Exception,exception:{}", e, e); log.error("Exception,exception:{}", e, e);
return R.getResult(BaseResponseCode.SYSTEM_BUSY); return R.getResult(BaseResponseCode.SYSTEM_BUSY);
} }
@ExceptionHandler(IllegalArgumentException.class)
@ResponseStatus(HttpStatus.BAD_REQUEST)
public R illegalArgumentException(IllegalArgumentException e) {
log.error("Exception,exception:{}", e, e);
return R.getResult(BaseResponseCode.METHOD_ARGUMENT_NOT_VALID_EXCEPTION);
}
@ExceptionHandler(AuthenticationException.class) @ExceptionHandler(AuthenticationException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public R authenticationException(AuthenticationException e) { public R authenticationException(AuthenticationException e) {
log.error("Exception,exception:{}", e, e); log.error("Exception,exception:{}", e, e);
// throw new BusinessException(BaseResponseCode.TOKEN_ERROR); // throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
@ -50,6 +61,7 @@ public class RestExceptionHandler {
* 自定义全局异常处理 * 自定义全局异常处理
*/ */
@ExceptionHandler(value = BusinessException.class) @ExceptionHandler(value = BusinessException.class)
@ResponseStatus(HttpStatus.NOT_FOUND)
public R businessExceptionHandler(BusinessException e) { public R businessExceptionHandler(BusinessException e) {
log.error("Exception,exception:{}", e, e); log.error("Exception,exception:{}", e, e);
BaseResponseCode em = e.getBaseResponseCode(); BaseResponseCode em = e.getBaseResponseCode();
@ -60,6 +72,7 @@ public class RestExceptionHandler {
* 没有权限 返回403视图 * 没有权限 返回403视图
*/ */
@ExceptionHandler(value = AuthorizationException.class) @ExceptionHandler(value = AuthorizationException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public R errorPermission(AuthorizationException e) { public R errorPermission(AuthorizationException e) {
log.error("Exception,exception:{}", e, e); log.error("Exception,exception:{}", e, e);
return new R(BaseResponseCode.UNAUTHORIZED_ERROR); return new R(BaseResponseCode.UNAUTHORIZED_ERROR);
@ -70,6 +83,7 @@ public class RestExceptionHandler {
* 处理参数格式校验异常 * 处理参数格式校验异常
*/ */
@ExceptionHandler(value = MethodArgumentNotValidException.class) @ExceptionHandler(value = MethodArgumentNotValidException.class)
@ResponseStatus(HttpStatus.METHOD_NOT_ALLOWED)
public R handleValidException(MethodArgumentNotValidException e){ public R handleValidException(MethodArgumentNotValidException e){
log.error("参数格式校验异常"); log.error("参数格式校验异常");
BindingResult bindingResult = e.getBindingResult(); BindingResult bindingResult = e.getBindingResult();
@ -87,6 +101,7 @@ public class RestExceptionHandler {
* 处理Validated List<entity> 异常 * 处理Validated List<entity> 异常
*/ */
@ExceptionHandler @ExceptionHandler
@ResponseStatus(HttpStatus.BAD_REQUEST)
public R handle(ConstraintViolationException exception) { public R handle(ConstraintViolationException exception) {
log.error("methodArgumentNotValidExceptionHandler bindingResult.allErrors():{},exception:{}", exception, exception); log.error("methodArgumentNotValidExceptionHandler bindingResult.allErrors():{},exception:{}", exception, exception);
Set<ConstraintViolation<?>> violations = exception.getConstraintViolations(); Set<ConstraintViolation<?>> violations = exception.getConstraintViolations();

11
src/main/java/com/huoran/iasf/common/filter/AuthFilter.java
Unescape View File

@ -11,6 +11,7 @@ import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order; import org.springframework.core.annotation.Order;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import javax.servlet.*; import javax.servlet.*;
@ -75,16 +76,22 @@ public class AuthFilter implements Filter {
} }
//token为空返回 //token为空返回
if (StringUtils.isBlank(token)) { if (StringUtils.isBlank(token)) {
resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
resp.setCharacterEncoding("utf-8");
resp.setContentType(MediaType.APPLICATION_JSON_VALUE);
request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR)); request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
// 指定处理该请求的处理器 // 指定处理该请求的处理器
request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response); request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, resp);
} }
// 校验并解析token,如果token过期或者篡改,则会返回null // 校验并解析token,如果token过期或者篡改,则会返回null
Claims claims = checkJWT(token); Claims claims = checkJWT(token);
if (null == claims) { if (null == claims) {
resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
resp.setCharacterEncoding("utf-8");
resp.setContentType(MediaType.APPLICATION_JSON_VALUE);
request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR)); request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
// 指定处理该请求的处理器 // 指定处理该请求的处理器
request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response); request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, resp);
}else { }else {
// 校验通过后,设置用户信息到request里,在Controller中从Request域中获取用户信息 // 校验通过后,设置用户信息到request里,在Controller中从Request域中获取用户信息
request.setAttribute(USER_ID_KEY, claims.get(USER_ID_KEY)); request.setAttribute(USER_ID_KEY, claims.get(USER_ID_KEY));

12
src/main/java/com/huoran/iasf/common/shiro/CustomAccessControlFilter.java
Unescape View File

@ -15,6 +15,7 @@ import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter; import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils; import org.apache.shiro.web.util.WebUtils;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
@ -65,6 +66,7 @@ public class CustomAccessControlFilter extends AccessControlFilter {
protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException { protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletRequest request = (HttpServletRequest) servletRequest;
// try { // try {
HttpServletResponse response = (HttpServletResponse) servletResponse;
Subject subject = getSubject(servletRequest, servletResponse); Subject subject = getSubject(servletRequest, servletResponse);
System.out.println(subject.isAuthenticated() + ""); System.out.println(subject.isAuthenticated() + "");
System.out.println(HttpContextUtils.isAjaxRequest(request)); System.out.println(HttpContextUtils.isAjaxRequest(request));
@ -78,16 +80,22 @@ public class CustomAccessControlFilter extends AccessControlFilter {
token = request.getParameter(Constant.ACCESS_TOKEN); token = request.getParameter(Constant.ACCESS_TOKEN);
} }
if (StringUtils.isEmpty(token)) { if (StringUtils.isEmpty(token)) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setCharacterEncoding("utf-8");
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR)); request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
// 指定处理该请求的处理器 // 指定处理该请求的处理器
request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, servletResponse); request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response);
} }
// 校验并解析token,如果token过期或者篡改,则会返回null // 校验并解析token,如果token过期或者篡改,则会返回null
Claims claims = checkJWT(token); Claims claims = checkJWT(token);
if (null == claims) { if (null == claims) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setCharacterEncoding("utf-8");
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR)); request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
// 指定处理该请求的处理器 // 指定处理该请求的处理器
request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, servletResponse); request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response);
}else { }else {
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(token, token); UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(token, token);
getSubject(servletRequest, servletResponse).login(usernamePasswordToken); getSubject(servletRequest, servletResponse).login(usernamePasswordToken);

3
src/main/java/com/huoran/iasf/common/shiro/CustomHashedCredentialsMatcher.java
Unescape View File

@ -31,7 +31,8 @@ public class CustomHashedCredentialsMatcher extends SimpleCredentialsMatcher {
String accessToken = (String) token.getPrincipal(); String accessToken = (String) token.getPrincipal();
if (!redisDb.exists(userTokenPrefix + accessToken)) { if (!redisDb.exists(userTokenPrefix + accessToken)) {
SecurityUtils.getSubject().logout(); SecurityUtils.getSubject().logout();
throw new BusinessException(BaseResponseCode.TOKEN_ERROR); // throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
return false;
} }
return true; return true;
} }

6
src/main/java/com/huoran/iasf/common/shiro/CustomRealm.java
Unescape View File

@ -13,6 +13,7 @@ import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.realm.AuthorizingRealm;
@ -61,11 +62,12 @@ public class CustomRealm extends AuthorizingRealm {
String sessionInfoStr = redisDb.get(userTokenPrefix + principalCollection.getPrimaryPrincipal()); String sessionInfoStr = redisDb.get(userTokenPrefix + principalCollection.getPrimaryPrincipal());
if (StringUtils.isEmpty(sessionInfoStr)) { if (StringUtils.isEmpty(sessionInfoStr)) {
throw new BusinessException(BaseResponseCode.TOKEN_ERROR); // throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
throw new AuthorizationException();
} }
JSONObject redisSession = JSON.parseObject(sessionInfoStr); JSONObject redisSession = JSON.parseObject(sessionInfoStr);
if (redisSession == null) { if (redisSession == null) {
throw new BusinessException(BaseResponseCode.TOKEN_ERROR); throw new AuthorizationException();
} }
if (redisSession.get(Constant.ROLES_KEY) != null) { if (redisSession.get(Constant.ROLES_KEY) != null) {

4
src/main/java/com/huoran/iasf/controller/SysColumnController.java
Unescape View File

@ -60,13 +60,13 @@ public class SysColumnController {
@PostMapping("/listWithTree") @PostMapping("/listWithTree")
@ApiOperation(value = "栏目树结构", response = SysColumn.class) @ApiOperation(value = "栏目树结构", response = SysColumn.class)
public R listWithTree(@RequestBody @Validated PaginationColumnReqVO sysColumn) { public R listWithTree(@RequestBody @Valid PaginationColumnReqVO sysColumn) {
return R.success(service.listWithTree(sysColumn)); return R.success(service.listWithTree(sysColumn));
} }
@PostMapping("/listWithTreeMenuVisible") @PostMapping("/listWithTreeMenuVisible")
@ApiOperation(value = "栏目树结构(前台可见,只展示试单可见的栏目)", response = SysColumn.class) @ApiOperation(value = "栏目树结构(前台可见,只展示试单可见的栏目)", response = SysColumn.class)
public R listWithTreeMenuVisible(@RequestBody @Validated PaginationColumnReqVO sysColumn) { public R listWithTreeMenuVisible(@RequestBody @Valid PaginationColumnReqVO sysColumn) {
return R.success(service.listWithTreeMenuVisible(sysColumn)); return R.success(service.listWithTreeMenuVisible(sysColumn));
} }

2
src/main/java/com/huoran/iasf/controller/SysContentController.java
Unescape View File

@ -129,7 +129,7 @@ public class SysContentController {
@PostMapping("/newlyPublishedArticles") @PostMapping("/newlyPublishedArticles")
@ApiOperation(value = "站点最新发布的文章", response = PageContentReqVO.class) @ApiOperation(value = "站点最新发布的文章", response = PageContentReqVO.class)
public R newlyPublishedArticles(@RequestBody @Valid PageContentReqVO content) { public R newlyPublishedArticles(@Valid @RequestBody PageContentReqVO content) {
return service.newlyPublishedArticles(content); return service.newlyPublishedArticles(content);
} }

3
src/main/java/com/huoran/iasf/service/impl/SysColumnServiceImpl.java
Unescape View File

@ -91,6 +91,9 @@ public class SysColumnServiceImpl extends ServiceImpl<SysColumnMapper, SysColumn
@Override @Override
public List<SysColumn> listWithTreeMenuVisible(PaginationColumnReqVO column) { public List<SysColumn> listWithTreeMenuVisible(PaginationColumnReqVO column) {
if (column.getRole().equals("admin")||column.isIsadmin()){
throw new IllegalArgumentException("参数名不能包含admin");
}
//查询所有栏目 //查询所有栏目
List<SysColumn> columnList = baseMapper.filterMenuVisible(column); List<SysColumn> columnList = baseMapper.filterMenuVisible(column);

3
src/main/java/com/huoran/iasf/service/impl/SysContentServiceImpl.java
Unescape View File

@ -63,6 +63,9 @@ public class SysContentServiceImpl extends ServiceImpl<SysContentMapper, SysCont
@Override @Override
public R newlyPublishedArticles(PageContentReqVO reqVO) { public R newlyPublishedArticles(PageContentReqVO reqVO) {
if (reqVO.getRole().equals("admin")||reqVO.isIsadmin()){
throw new IllegalArgumentException("参数名不能包含admin");
}
Page<PageContentRespVO> page = new Page<PageContentRespVO>(reqVO.getPageNum(), reqVO.getPageSize()); Page<PageContentRespVO> page = new Page<PageContentRespVO>(reqVO.getPageNum(), reqVO.getPageSize());
IPage<PageContentRespVO> pageList = baseMapper.getPublishedArticles(page, reqVO); IPage<PageContentRespVO> pageList = baseMapper.getPublishedArticles(page, reqVO);
return R.success(pageList); return R.success(pageList);

24
src/main/java/com/huoran/iasf/vo/req/PageContentReqVO.java
Unescape View File

@ -1,10 +1,14 @@
package com.huoran.iasf.vo.req; package com.huoran.iasf.vo.req;
import com.fasterxml.jackson.annotation.JsonAnyGetter;
import com.fasterxml.jackson.annotation.JsonAnySetter;
import io.swagger.annotations.ApiModelProperty; import io.swagger.annotations.ApiModelProperty;
import lombok.Data; import lombok.Data;
import javax.validation.constraints.NotNull; import javax.validation.constraints.NotNull;
import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map;
/** /**
* @描述文章管理 * @描述文章管理
@ -49,4 +53,24 @@ public class PageContentReqVO extends PageReqVO {
@ApiModelProperty(value = "召开类型(1.即将召开 2.已经召开)") @ApiModelProperty(value = "召开类型(1.即将召开 2.已经召开)")
private Integer convokeType; private Integer convokeType;
private String role;
private boolean isadmin;
//多余参数处理,参数值不能出现admin,否则返回400
private Map<String, String> extraParams = new HashMap<>();
@JsonAnySetter
public void setExtraParam(String name, String value) {
// 在这里可以对额外参数进行验证或处理
if (name.contains("admin")||value.contains("admin")) {
throw new IllegalArgumentException("参数名不能包含admin");
}
this.extraParams.put(name, value);
}
@JsonAnyGetter
public Map<String, String> getExtraParams() {
return extraParams;
}
} }

5
src/main/java/com/huoran/iasf/vo/req/PageReqVO.java
Unescape View File

@ -1,8 +1,12 @@
package com.huoran.iasf.vo.req; package com.huoran.iasf.vo.req;
import com.fasterxml.jackson.annotation.JsonAnySetter;
import io.swagger.annotations.ApiModelProperty; import io.swagger.annotations.ApiModelProperty;
import lombok.Data; import lombok.Data;
import java.util.HashMap;
import java.util.Map;
/** /**
* @ProjectName: huorantech * @ProjectName: huorantech
* @Package: com.huoran.occupationlab.entity.req * @Package: com.huoran.occupationlab.entity.req
@ -21,4 +25,5 @@ public class PageReqVO {
@ApiModelProperty(value = "当前页需要显示的数量", name = "pageSize", example = "10", required = true) @ApiModelProperty(value = "当前页需要显示的数量", name = "pageSize", example = "10", required = true)
private Integer pageSize; private Integer pageSize;
} }

7
src/main/java/com/huoran/iasf/vo/req/PaginationColumnReqVO.java
Unescape View File

@ -1,9 +1,12 @@
package com.huoran.iasf.vo.req; package com.huoran.iasf.vo.req;
import com.fasterxml.jackson.annotation.JsonAnySetter;
import io.swagger.annotations.ApiModelProperty; import io.swagger.annotations.ApiModelProperty;
import lombok.Data; import lombok.Data;
import javax.validation.constraints.NotNull; import javax.validation.constraints.NotNull;
import java.util.HashMap;
import java.util.Map;
/** /**
* @ProjectName: huorantech * @ProjectName: huorantech
@ -34,4 +37,8 @@ public class PaginationColumnReqVO extends PageReqVO {
@ApiModelProperty(value = "判断是否为排序接口调用(1为排序接口调用 0我栏目管理列表调用)") @ApiModelProperty(value = "判断是否为排序接口调用(1为排序接口调用 0我栏目管理列表调用)")
private Integer isSort; private Integer isSort;
private String role;
private boolean isadmin;
} }

Write Preview
Loading…
Cancel
Save