添加权限控制

pom.xml

@@ -347,7 +347,11 @@
             <version>1.18.12</version>
             <scope>provided</scope>
         </dependency>
-
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-all</artifactId>
+            <version>5.8.4</version>
+        </dependency>
     </dependencies>
 
 

src/main/java/com/liang/common/advice/DataPermissionsAdvice.java

@@ -0,0 +1,93 @@
+package com.liang.common.advice;
+
+
+import cn.hutool.core.util.StrUtil;
+import com.liang.common.annotation.DataPermissions;
+import com.liang.common.base.BaseResult;
+import com.liang.common.enums.Logical;
+import com.liang.common.enums.ResultCode;
+import com.liang.common.enums.Validation;
+import com.liang.common.utils.SpringUtil;
+import com.liang.common.utils.Tools;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.stereotype.Component;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * 数据权限处理
+ *
+ * @author
+ */
+@Aspect
+@Component
+public class DataPermissionsAdvice {
+
+    /**
+     * 功能描述:
+     */
+    @Around(value = "@annotation(com.liang.common.annotation.DataPermissions)")
+    public Object validationPermissions(ProceedingJoinPoint pjp) throws Throwable {
+
+        MethodSignature methodSignature = (MethodSignature) pjp.getSignature();
+        DataPermissions dataPermissions = methodSignature.getMethod().getAnnotation(DataPermissions.class);
+
+        Validation validation;//
+        try {
+            validation = validation(dataPermissions, pjp.getArgs());
+        } catch (Exception e) {
+            //发现异常认为权限不足
+            validation = Validation.DENIED;
+        }
+
+        //校验成功执行方法,失败方法就不用执行了
+        if (Validation.ACCESS == validation) {
+            return pjp.proceed();
+        } else {
+            //返回失败的信息
+            return BaseResult.failure(ResultCode.FAIL);
+        }
+    }
+
+    private Validation validation(DataPermissions dataPermissions, Object[] args) {
+        String[] permissionsArr = dataPermissions.value();
+        if (Tools.isEmpty(permissionsArr)) {
+            return Validation.ACCESS;
+        }
+
+        //获取用户权限
+        List<String> permissionList = getPermissionList(args);
+        if (Tools.isEmpty(permissionList)) {
+            return Validation.DENIED;
+        }
+
+        Logical logical = dataPermissions.logical();
+        //有一个不满足 认为无权限
+        if (Logical.AND == logical) {
+            return Arrays.stream(permissionsArr).anyMatch(permission -> !permissionList.contains(permission)) ? Validation.DENIED : Validation.ACCESS;
+        }
+        //只要有一个满足 认为有权限
+        if (Logical.OR == logical) {
+            return Arrays.stream(permissionsArr).anyMatch(permissionList::contains) ? Validation.ACCESS : Validation.DENIED;
+        }
+        return Validation.DENIED;
+    }
+
+
+    private List<String> getPermissionList(Object[] args) {
+        List<String> permissionList = new ArrayList<>();
+//        PermissionDao permissionsDao = SpringUtil.getBean(PermissionDao.class);
+//        User user = UserUtil.getCurrentUserFromRedis();
+//
+//
+//        permissionList = permissionsDao.listPermissionByUserId(user.getId());
+
+
+        return permissionList;
+    }
+}

src/main/java/com/liang/common/annotation/DataPermissions.java

@@ -0,0 +1,24 @@
+package com.liang.common.annotation;
+
+
+
+import com.liang.common.enums.Logical;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 数据权限
+ *
+ * @author tangfei
+ *
+ */
+@Target({ ElementType.PARAMETER,ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+public @interface DataPermissions {
+	String[] value() default {};//权限标识
+	String type() default "";//方法分类
+	Logical logical() default Logical.AND;
+}

src/main/java/com/liang/common/base/BaseResult.java

@@ -126,6 +126,10 @@ public class BaseResult implements Serializable {
         return new BaseResult(code.code(), message, NOOP);
     }
 
+    public static BaseResult failure(ResultCode result) {
+        return new BaseResult(result.code(), result.msg(), NOOP);
+    }
+
     /**
      * 处理失败
      *

src/main/java/com/liang/common/enums/Logical.java

@@ -0,0 +1,5 @@
+package com.liang.common.enums;
+
+public enum Logical {
+    AND, OR
+}

src/main/java/com/liang/common/enums/Validation.java

@@ -0,0 +1,5 @@
+package com.liang.common.enums;
+
+public enum Validation {
+     DENIED, ACCESS
+}

src/main/java/com/liang/common/utils/Tools.java

@@ -0,0 +1,395 @@
+package com.liang.common.utils;
+
+import cn.hutool.core.date.DateTime;
+import cn.hutool.core.date.DateUtil;
+import cn.hutool.core.exceptions.ValidateException;
+import cn.hutool.core.lang.Validator;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.http.HttpException;
+import cn.hutool.http.HttpRequest;
+import cn.hutool.json.JSONObject;
+import cn.hutool.json.JSONUtil;
+import lombok.extern.slf4j.Slf4j;
+
+import java.io.*;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.*;
+import java.util.stream.Collectors;
+
+/**
+ * 说明：常用工具
+ */
+@Slf4j
+public class Tools {
+
+
+    private static Random rand;  // SecureRandom is preferred to Random
+
+    static {
+        try {
+            rand = SecureRandom.getInstanceStrong();
+        } catch (NoSuchAlgorithmException e) {
+            log.error("init error", e);
+        }
+
+    }
+
+
+    private Tools() {
+    }
+
+    /**
+     * 随机生成六位数验证码
+     *
+     * @return
+     */
+    public static int getRandomNum() {
+//        Random r = new Random();
+
+        return rand.nextInt(900000);//(Math.random()*(999999-100000)+100000)
+    }
+
+    /**
+     * 随机生成四位数验证码
+     *
+     * @return
+     */
+    public static int getRandomNum4() {
+//        Random r = new Random();
+        return rand.nextInt(9000) + 1000;
+    }
+
+
+    /**
+     * 随机生成四位数验证码
+     *
+     * @return
+     */
+    public static int getRandomNumLen(int bound) {
+//        Random r = new Random();
+        return rand.nextInt(bound);
+    }
+
+    public static Random getRandom() {
+        return rand;
+    }
+
+    /**
+     * 往文件里的内容
+     *
+     * @param fileP   文件路径
+     * @param content 写入的内容
+     */
+    public static void writeFile(String fileP, String content) throws IOException {
+        String filePath = (Thread.currentThread().getContextClassLoader().getResource("")) + "../../";    //项目路径
+        filePath = filePath.replace("file:/", "");
+        filePath = filePath.replace("%20", " ");
+        filePath = filePath.trim() + fileP.trim();
+        if (filePath.indexOf(":") != 1) {
+            filePath = File.separator + filePath;
+        }
+        try (OutputStreamWriter write = new OutputStreamWriter(new FileOutputStream(filePath), "utf-8");
+             BufferedWriter writer = new BufferedWriter(write);) {
+            writer.write(content);
+        } catch (IOException e) {
+            throw e;
+        }
+    }
+
+    public static String getString(Map map, String key) {
+        if (map == null || key == null) {
+            return "";
+        }
+        Object v = map.get(key);
+        return v == null ? "" : v.toString();
+    }
+
+    /**
+     * 检测字符串是否不为空(null,"","null")
+     *
+     * @param s
+     * @return 不为空则返回true，否则返回false
+     */
+    public static boolean notEmpty(String s) {
+        return !isEmpty(s);
+    }
+
+
+    /**
+     * 集合是否为非空
+     *
+     * @param collection 集合
+     * @return 是否为非空
+     */
+    public static boolean notEmpty(Collection<?> collection) {
+        return !isEmpty(collection);
+    }
+
+
+    /**
+     * 检测字符串是否不为空(null,"")
+     *
+     * @param obj
+     * @return 不为空则返回true，否则返回false
+     */
+    public static boolean notEmpty(Object obj) {
+        return !isEmpty(obj);
+    }
+
+
+    /**
+     * 数组是否为非空
+     *
+     * @param <T>   数组元素类型
+     * @param array 数组
+     * @return 是否为非空
+     */
+    public static <T> boolean notEmpty(T[] array) {
+        return !isEmpty(array);
+    }
+
+    /**
+     * 检测字符串是否为空(null,"","null")
+     *
+     * @param s
+     * @return 为空则返回true，不否则返回false
+     */
+    public static boolean isEmpty(String s) {
+        return s == null || "".equals(s) || "null".equals(s);
+    }
+
+
+    /**
+     * 集合是否为空
+     *
+     * @param collection 集合
+     * @return 是否为空
+     */
+    public static boolean isEmpty(Collection<?> collection) {
+        return collection == null || collection.isEmpty();
+    }
+
+    /**
+     * 检测字符串是否为空(null,"","null")
+     *
+     * @param obj
+     * @return 为空则返回true，不否则返回false
+     */
+    public static boolean isEmpty(Object obj) {
+        if (obj instanceof String) {
+            return isEmpty((String) obj);//TODO
+        } else {
+            return null == obj;
+        }
+    }
+
+    /**
+     * 数组是否为空
+     *
+     * @param <T>   数组元素类型
+     * @param array 数组
+     * @return 是否为空
+     */
+    public static <T> boolean isEmpty(T[] array) {
+        return array == null || array.length == 0;
+    }
+
+    /**
+     * 字符串转换为字符串数组
+     *
+     * @param str        字符串
+     * @param splitRegex 分隔符
+     * @return
+     */
+    public static String[] str2StrArray(String str, String splitRegex) {
+        if (isEmpty(str)) {
+            return null;
+        }
+        return str.split(splitRegex);
+    }
+
+    /**
+     * 用默认的分隔符(,)将字符串转换为字符串数组
+     *
+     * @param str 字符串
+     * @return
+     */
+    public static String[] str2StrArray(String str) {
+        return str2StrArray(str, ",\\s*");
+    }
+
+    /**
+     * 按照yyyy-MM-dd HH:mm:ss的格式，日期转字符串
+     *
+     * @param date
+     * @return yyyy-MM-dd HH:mm:ss
+     */
+    public static String date2Str(Date date) {
+        return date2Str(date, "yyyy-MM-dd HH:mm:ss");
+    }
+
+    /**
+     * 按照yyyy-MM-dd HH:mm:ss的格式，字符串转日期
+     *
+     * @param date
+     * @return
+     */
+    public static Date str2Date(String date) {
+        if (notEmpty(date)) {
+            SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+            try {
+                return sdf.parse(date);
+            } catch (ParseException e) {
+                log.error("", e);
+            }
+            return new Date();
+        } else {
+            return null;
+        }
+    }
+
+    /**
+     * 按照参数format的格式，日期转字符串
+     *
+     * @param date
+     * @param format
+     * @return
+     */
+    public static String date2Str(Date date, String format) {
+        if (date != null) {
+            SimpleDateFormat sdf = new SimpleDateFormat(format);
+            return sdf.format(date);
+        } else {
+            return "";
+        }
+    }
+
+    /**
+     * 把时间根据时、分、秒转换为时间段
+     *
+     * @param StrDate
+     */
+    public static String getTimes(String StrDate) {
+        String resultTimes = "";
+
+        SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+        java.util.Date now;
+
+        try {
+            now = new Date();
+            java.util.Date date = df.parse(StrDate);
+            long times = now.getTime() - date.getTime();
+            long day = times / (24 * 60 * 60 * 1000);
+            long hour = (times / (60 * 60 * 1000) - day * 24);
+            long min = ((times / (60 * 1000)) - day * 24 * 60 - hour * 60);
+            long sec = (times / 1000 - day * 24 * 60 * 60 - hour * 60 * 60 - min * 60);
+
+            StringBuffer sb = new StringBuffer();
+            //sb.append("发表于：");
+            if (hour > 0) {
+                sb.append(hour + "小时前");
+            } else if (min > 0) {
+                sb.append(min + "分钟前");
+            } else {
+                sb.append(sec + "秒前");
+            }
+
+            resultTimes = sb.toString();
+        } catch (ParseException e) {
+            log.error("", e);
+        }
+
+        return resultTimes;
+    }
+
+
+    /**
+     * 读取txt里的全部内容
+     *
+     * @param fileP    文件路径
+     * @param encoding 编码
+     * @return
+     */
+    public static String readTxtFileAll(String fileP, String encoding) throws IOException {
+        StringBuffer fileContent = new StringBuffer();
+        try {
+            String filePath = String.valueOf(Thread.currentThread().getContextClassLoader().getResource("")) + "../../";    //项目路径
+            filePath = filePath.replaceAll("file:/", "");
+            filePath = filePath.replaceAll("%20", " ");
+            filePath = filePath.trim() + fileP.trim();
+            if (filePath.indexOf(":") != 1) {
+                filePath = File.separator + filePath;
+            }
+            File file = new File(filePath);
+            if (file.isFile() && file.exists()) {        // 判断文件是否存在
+                try (InputStreamReader read = new InputStreamReader(
+                        new FileInputStream(file), encoding);    // 考虑到编码格式
+                     BufferedReader bufferedReader = new BufferedReader(read);) {
+                    String lineTxt;
+                    while ((lineTxt = bufferedReader.readLine()) != null) {
+                        fileContent.append(lineTxt);
+                        fileContent.append("\n");
+                    }
+                }
+            } else {
+                throw new FileNotFoundException("找不到指定的文件,查看此路径是否正确:" + filePath);
+            }
+        } catch (IOException e) {
+            throw new IOException("读取文件内容出错" + e.getMessage());
+        }
+        return fileContent.toString();
+    }
+
+
+    public static boolean isEmail(String email) {
+        return Validator.isMatchRegex("^[A-Za-z0-9+_-]+@[a-zA-Z0-9_-]+(.[a-zA-Z0-9_-]+)+$", email);
+    }
+
+    public static boolean isMobile(String phone) {
+        return Validator.isMobile(phone);
+    }
+
+
+    /**
+     * 获取周末  月从0开始
+     *
+     * @param year
+     * @param mouth
+     * @return
+     */
+    public static Set<String> getMonthWekDay(int year, int mouth) {
+        Set<String> dateList = new HashSet<>();
+        SimpleDateFormat simdf = new SimpleDateFormat("yyyy-MM-dd");
+        Calendar calendar = new GregorianCalendar(year, mouth, 1);
+        Calendar endCalendar = new GregorianCalendar(year, mouth, 1);
+        endCalendar.add(Calendar.MONTH, 1);
+        while (true) {
+            int weekday = calendar.get(Calendar.DAY_OF_WEEK);
+            if (weekday == 1 || weekday == 7) {
+                dateList.add(simdf.format(calendar.getTime()));
+            }
+            calendar.add(Calendar.DATE, 1);
+            if (calendar.getTimeInMillis() >= endCalendar.getTimeInMillis()) {
+                break;
+            }
+        }
+        return dateList;
+    }
+
+
+    /**
+     * @param obj 实体
+     * @return 全部不为空并且全部不为null, 则返回true;否则返回false
+     */
+    public static boolean allNotEmpty(Object... obj) {
+        for (Object o : obj) {
+            if (Tools.isEmpty(o)) {
+                return false;
+            }
+        }
+        return true;
+    }
+}

src/main/resources/templates/prjproject/list_myproject.html

@@ -245,8 +245,6 @@
                     Message.warning("请选择要编辑的任务书！", 1500);
                 } else if (data.length > 1) {
                     Message.warning("请选择一条记录进行编辑操作！", 1500);
-                } else if (data[0].spzt == "审批结束") {
-                    Message.warning("该任务书已审批结束，不能修改！", 1500);
                 } else if (data[0].spzt != null && data[0].spzt.indexOf("未提交") < 0) {
                     Message.warning("该任务书审批中，不能修改！", 2000);
                 } else {