修改获取用户方案

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/service/core/api/CourseApi.java

@@ -30,7 +30,6 @@ import com.google.common.collect.Lists;
 
 import cn.com.qmth.examcloud.commons.base.util.ErrorMsg;
 import cn.com.qmth.examcloud.commons.base.util.excel.ExcelError;
-import cn.com.qmth.examcloud.commons.web.security.bean.User;
 import cn.com.qmth.examcloud.commons.web.security.entity.AccessUser;
 import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
 import cn.com.qmth.examcloud.core.basic.dao.CourseRepo;
@@ -47,7 +46,7 @@ import io.swagger.annotations.ApiOperation;
  */
 @RestController
 @RequestMapping("${app.api.root}/course")
-public class CourseApi extends ControllerSupport {
+public class CourseApi extends ControllerSupport{
 
     @Autowired
     CourseRepo courseRepo;
@@ -63,10 +62,9 @@ public class CourseApi extends ControllerSupport {
                                     @PathVariable Integer curPage,
                                     @PathVariable Integer pageSize,
                                     HttpServletRequest request){
-        //AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
-    	User user = getAccessUser();
-        if(user != null){
-            course.setOrgId(user.getRootOrgId());
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
+        if(accessUser != null){
+            course.setOrgId(accessUser.getRootOrgId());
         }else{
             return new ResponseEntity(HttpStatus.NOT_FOUND);
         }
@@ -76,10 +74,9 @@ public class CourseApi extends ControllerSupport {
     @ApiOperation(value="按代码或名称查询课程",notes = "代码或名称查询")
     @GetMapping("/codeOrName")
     public ResponseEntity getByCodeName(@RequestParam String codeName,HttpServletRequest request){
-        //AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
-    	User user = getAccessUser();
-        if(user != null){
-            return new ResponseEntity(courseRepo.findByCodeName(user.getRootOrgId(),codeName), HttpStatus.OK);
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
+        if(accessUser != null){
+            return new ResponseEntity(courseRepo.findByCodeName(accessUser.getRootOrgId(),codeName), HttpStatus.OK);
         }else{
             return new ResponseEntity(HttpStatus.NOT_FOUND);
         }
@@ -88,10 +85,9 @@ public class CourseApi extends ControllerSupport {
     @ApiOperation(value="查询课程不分页带查询",notes = "不分页带查询")
     @GetMapping("/all")
     public ResponseEntity getEnableExam(@ModelAttribute Course course,HttpServletRequest request){
-    	User user = getAccessUser();
-        //AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
-        if(user != null){
-            course.setOrgId(user.getRootOrgId());
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
+        if(accessUser != null){
+            course.setOrgId(accessUser.getRootOrgId());
         }
         course.setEnable(true);
         return new ResponseEntity(courseService.findAll(course), HttpStatus.OK);
@@ -100,10 +96,9 @@ public class CourseApi extends ControllerSupport {
     @ApiOperation(value="查询课程不分页带查询",notes = "不分页带查询")
     @GetMapping("/all/both")
     public ResponseEntity getAllExam(@ModelAttribute Course course,HttpServletRequest request){
-    	User user = getAccessUser();
-        //AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
-        if(user != null){
-            course.setOrgId(user.getRootOrgId());
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
+        if(accessUser != null){
+            course.setOrgId(accessUser.getRootOrgId());
         }
         return new ResponseEntity(courseService.findAll(course), HttpStatus.OK);
     }
@@ -143,10 +138,9 @@ public class CourseApi extends ControllerSupport {
     @PostMapping
     public ResponseEntity addCourse(@RequestBody Course course,HttpServletRequest request){
     	course.setCreateTime(new Date());
-    	User user = getAccessUser();
-        //AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
-        if(user != null){
-            course.setOrgId(user.getRootOrgId());
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
+        if(accessUser != null){
+            course.setOrgId(accessUser.getRootOrgId());
         }else{
             return new ResponseEntity(HttpStatus.NOT_FOUND);
         }
@@ -161,10 +155,9 @@ public class CourseApi extends ControllerSupport {
     @ApiOperation(value="更新课程",notes="更新")
     @PutMapping
     public ResponseEntity updateCourse(@RequestBody Course course,HttpServletRequest request){
-    	User user = getAccessUser();
-        //AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
-        if(user != null){
-            course.setOrgId(user.getRootOrgId());
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
+        if(accessUser != null){
+            course.setOrgId(accessUser.getRootOrgId());
         }else{
             return new ResponseEntity(HttpStatus.NOT_FOUND);
         }
@@ -186,11 +179,10 @@ public class CourseApi extends ControllerSupport {
     @PostMapping("/import")
     public ResponseEntity importCourse(HttpServletRequest request,
                                        @RequestParam CommonsMultipartFile file){
-    	User user = getAccessUser();
-    	//AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         Long orgId = null;
-        if(user != null){
-            orgId = user.getRootOrgId();
+        if(accessUser != null){
+            orgId = accessUser.getRootOrgId();
         }else{
             return new ResponseEntity(new ErrorMsg("用户token不存在或已失效"),HttpStatus.NOT_FOUND);
         }

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/service/core/api/CourseSpeciatlyApi.java

@@ -19,6 +19,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import cn.com.qmth.examcloud.commons.web.security.entity.AccessUser;
+import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
 import cn.com.qmth.examcloud.core.basic.dao.CourseRepo;
 import cn.com.qmth.examcloud.core.basic.dao.SpecialtyRepo;
 import cn.com.qmth.examcloud.core.basic.dao.entity.Course;
@@ -32,7 +33,7 @@ import cn.com.qmth.examcloud.core.basic.service.impl.CourseSpeciatlyService;
  */
 @RestController
 @RequestMapping("${app.api.root}/CourseSpeciatly")
-public class CourseSpeciatlyApi {
+public class CourseSpeciatlyApi extends ControllerSupport{
 
 	@Autowired
 	CourseSpeciatlyService courseSpeciatlyService;
@@ -51,7 +52,7 @@ public class CourseSpeciatlyApi {
 	@ApiOperation(value="根据专业ID取课程",notes="根据专业ID取课程")
 	@GetMapping("/allCourses/{speciatlyId}")
 	public ResponseEntity getAllCoursesBySpeciatly(@PathVariable String speciatlyId,HttpServletRequest request){
-		AccessUser  accessUser = (AccessUser)request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		List<Course> courses = courseSpeciatlyService.getAllCoursesBySpeciatlyId(speciatlyId);
 		//List<Course> list = courseSpeciatlyService.getCoursesNotInSpeciatly(courses);
 		List<Course> list = courseRepo.findByOrgId(accessUser.getRootOrgId());
@@ -64,7 +65,7 @@ public class CourseSpeciatlyApi {
 	@ApiOperation(value="新增关联课程专业",notes="新增关联课程专业")
 	@PostMapping("/addCourse/{speciallyId}")
 	public ResponseEntity addCourseSpeciatly(@RequestBody List<String> list,@PathVariable String speciallyId,HttpServletRequest request){
-		AccessUser  accessUser = (AccessUser)request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		courseSpeciatlyService.addCourseSpecialty(accessUser.getUserId(), list, speciallyId);
 		return new ResponseEntity(HttpStatus.OK);
 	}
@@ -72,7 +73,7 @@ public class CourseSpeciatlyApi {
 	@ApiOperation(value="根据课程ID取专业",notes="根据课程ID取专业")
 	@GetMapping("/allSpecialty/{courseId}")
 	public ResponseEntity getAllSpeciatly(@PathVariable Long courseId,HttpServletRequest request){
-		AccessUser  accessUser = (AccessUser)request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		List<Specialty> specialtys = courseSpeciatlyService.getAllSpecialtyByCourseId(courseId);
 		List<Specialty> list = specialtyRepo.findByOrgId(accessUser.getRootOrgId());
 		Map map = new HashMap();
@@ -84,7 +85,7 @@ public class CourseSpeciatlyApi {
 	@ApiOperation(value="新增关联课程专业",notes="新增关联课程专业")
 	@PostMapping("/addSpeciatly/{courseId}")
 	public ResponseEntity addSpeciatly(@RequestBody List<String> list,@PathVariable Long courseId,HttpServletRequest request){
-		AccessUser  accessUser = (AccessUser)request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		courseSpeciatlyService.addCourse(accessUser.getUserId(), list, courseId);
 		return new ResponseEntity(HttpStatus.OK);
 	}

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/service/core/api/ExamSiteApi.java

@@ -26,6 +26,7 @@ import org.springframework.web.bind.annotation.RestController;
 
 import cn.com.qmth.examcloud.commons.base.util.ErrorMsg;
 import cn.com.qmth.examcloud.commons.web.security.entity.AccessUser;
+import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
 import cn.com.qmth.examcloud.core.basic.dao.ExamSiteRepo;
 import cn.com.qmth.examcloud.core.basic.dao.entity.ExamSite;
 import cn.com.qmth.examcloud.core.basic.service.impl.ExamSiteService;
@@ -37,7 +38,7 @@ import io.swagger.annotations.ApiOperation;
  */
 @RestController
 @RequestMapping("${app.api.root}/examsite")
-public class ExamSiteApi {
+public class ExamSiteApi extends ControllerSupport{
 
     private static final Logger LOG = LoggerFactory.getLogger(ExamSiteApi.class);
 
@@ -61,7 +62,7 @@ public class ExamSiteApi {
     @GetMapping("/all")
     public ResponseEntity getAllExam(@ModelAttribute ExamSite examSiteCriteria,
                                      HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
             return new ResponseEntity(examSiteRepo.findByOrgId(accessUser.getOrgId()), HttpStatus.OK);
         }

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/service/core/api/OrgApi.java

@@ -89,7 +89,7 @@ public class OrgApi extends ControllerSupport{
     @GetMapping("/alls/{type}")
     public ResponseEntity getAllExam(@PathVariable String type,
                                      HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
         	if(type.equals("school")){
         		return new ResponseEntity(orgRepo.findAllSchoolByParentId(accessUser.getRootOrgId()), HttpStatus.OK);
@@ -109,7 +109,7 @@ public class OrgApi extends ControllerSupport{
     @ApiOperation(value = "查询下属机构不带分页", notes = "不分页")
     @GetMapping("/sub/{parentId}")
     public ResponseEntity getOrgByParentId(@PathVariable Long parentId,HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if(accessUser != null){
             if(accessUser.getRootOrgId().longValue() != accessUser.getOrgId().longValue()){
                 return new ResponseEntity(orgRepo.findById(parentId), HttpStatus.OK);
@@ -121,7 +121,7 @@ public class OrgApi extends ControllerSupport{
     @ApiOperation(value = "查询下属机构不带分页", notes = "不分页")
     @GetMapping("/sub/both/{parentId}")
     public ResponseEntity getBothOrg(@PathVariable Long parentId,HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if(accessUser != null){
             if(accessUser.getRootOrgId().longValue() != accessUser.getOrgId().longValue()){
                 return new ResponseEntity(orgRepo.findById(parentId), HttpStatus.OK);
@@ -151,7 +151,7 @@ public class OrgApi extends ControllerSupport{
     @PostMapping
     public ResponseEntity addSchool(@RequestBody Org org, HttpServletRequest request) {
         org.setCreateTime(new Date());
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
             org.setParentId(accessUser.getOrgId());
             org.setRootId(accessUser.getRootOrgId());
@@ -167,7 +167,7 @@ public class OrgApi extends ControllerSupport{
     @ApiOperation(value = "更新机构", notes = "更新")
     @PutMapping
     public ResponseEntity updateSchool(@RequestBody Org org, HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
             org.setParentId(accessUser.getOrgId());
             org.setRootId(accessUser.getRootOrgId());
@@ -190,7 +190,7 @@ public class OrgApi extends ControllerSupport{
     @PostMapping("/import")
     public ResponseEntity<?> importLearnCenter(HttpServletRequest request,
                                             @RequestParam CommonsMultipartFile file) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         Long orgId = null;
         if(accessUser != null){
             orgId = accessUser.getRootOrgId();
@@ -262,7 +262,7 @@ public class OrgApi extends ControllerSupport{
     @GetMapping("/all")
     public ResponseEntity getAllExam(@ModelAttribute Org orgCriteria,
                                      HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
             return new ResponseEntity(orgRepo.findAllSchoolByParentId(accessUser.getRootOrgId()), HttpStatus.OK);
         }

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/service/core/api/SpecialtyApi.java

@@ -27,6 +27,7 @@ import org.springframework.web.multipart.commons.CommonsMultipartFile;
 import cn.com.qmth.examcloud.commons.base.util.ErrorMsg;
 import cn.com.qmth.examcloud.commons.base.util.excel.ExcelError;
 import cn.com.qmth.examcloud.commons.web.security.entity.AccessUser;
+import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
 import cn.com.qmth.examcloud.core.basic.dao.SpecialtyRepo;
 import cn.com.qmth.examcloud.core.basic.dao.entity.Specialty;
 import cn.com.qmth.examcloud.core.basic.service.bean.SpecialtyDto;
@@ -41,7 +42,7 @@ import io.swagger.annotations.ApiOperation;
  */
 @RestController
 @RequestMapping("${app.api.root}/specialty")
-public class SpecialtyApi {
+public class SpecialtyApi extends ControllerSupport{
 
 	@Autowired
 	SpecialtyService specialtyService;
@@ -64,7 +65,7 @@ public class SpecialtyApi {
 									@PathVariable Integer curPage,
 									@PathVariable Integer pageSize,
 									HttpServletRequest request){
-		AccessUser accessUser = (AccessUser)request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		if(accessUser != null){
 			specialty.setOrgId(accessUser.getRootOrgId());
 		}else {
@@ -94,7 +95,7 @@ public class SpecialtyApi {
 	@ApiOperation(value="查询专业不带分页",notes="查询专业不带分页")
 	@GetMapping("/all")
 	public ResponseEntity getAll(@ModelAttribute Specialty specialty,HttpServletRequest request){
-		AccessUser accessUser = (AccessUser)request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		if(accessUser != null){
 			specialty.setOrgId(accessUser.getRootOrgId());
 		}
@@ -112,7 +113,7 @@ public class SpecialtyApi {
 	@PostMapping("/addSpecialty")
 	public ResponseEntity addSpecialty(@RequestBody Specialty specialty,HttpServletRequest request){
 		specialty.setCreateTime(new Date());
-		AccessUser accessUser = (AccessUser)request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		if(accessUser != null){
 			specialty.setOrgId(accessUser.getRootOrgId());
 		}else {
@@ -136,7 +137,7 @@ public class SpecialtyApi {
 	@ApiOperation(value="更新专业",notes="更新专业")
 	@PutMapping("/updateSpecialty")
 	public ResponseEntity updateSpecialty(@RequestBody Specialty specialty,HttpServletRequest request){
-		AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		if(accessUser != null){
 			specialty.setOrgId(accessUser.getRootOrgId());
 		}else {
@@ -181,7 +182,7 @@ public class SpecialtyApi {
 	@PostMapping("/import")
 	public ResponseEntity importCourse(HttpServletRequest request,
 									   @RequestParam CommonsMultipartFile file){
-		AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+		cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
 		Long orgId = null;
 		if(accessUser != null){
 			orgId = accessUser.getRootOrgId();

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/service/core/api/StudentApi.java

@@ -2,6 +2,7 @@ package cn.com.qmth.examcloud.service.core.api;
 
 import cn.com.qmth.examcloud.commons.base.util.ErrorMsg;
 import cn.com.qmth.examcloud.commons.web.security.entity.AccessUser;
+import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
 import io.swagger.annotations.ApiOperation;
 
 import java.io.File;
@@ -39,7 +40,7 @@ import javax.servlet.http.HttpServletRequest;
  */
 @RestController
 @RequestMapping("${app.api.root}/student")
-public class StudentApi {
+public class StudentApi extends ControllerSupport{
 
     @Autowired
     StudentRepo studentRepo;
@@ -56,7 +57,7 @@ public class StudentApi {
                                         @ModelAttribute Student studentCriteria,
                                         @PathVariable Integer curPage,
                                         @PathVariable Integer pageSize){
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if(accessUser != null){
             if(accessUser.getRootOrgId().longValue() == accessUser.getOrgId().longValue()){
                 studentCriteria.setRootOrgId(accessUser.getRootOrgId());
@@ -71,7 +72,7 @@ public class StudentApi {
     @GetMapping
     public ResponseEntity getAllStudent(HttpServletRequest request,
                                         @ModelAttribute Student studentCriteria){
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if(accessUser != null){
             if(accessUser.getRootOrgId().longValue() == accessUser.getOrgId().longValue()){
                 studentCriteria.setRootOrgId(accessUser.getRootOrgId());

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/service/core/api/UserApi.java

@@ -34,6 +34,7 @@ import cn.com.qmth.examcloud.commons.web.security.annotation.Uac;
 import cn.com.qmth.examcloud.commons.web.security.entity.AccessUser;
 import cn.com.qmth.examcloud.commons.web.security.enums.RoleMeta;
 import cn.com.qmth.examcloud.commons.web.security.enums.UacPolicy;
+import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
 import cn.com.qmth.examcloud.core.basic.dao.UserRepo;
 import cn.com.qmth.examcloud.core.basic.dao.entity.User;
 import cn.com.qmth.examcloud.core.basic.dao.enums.UserType;
@@ -46,7 +47,7 @@ import cn.com.qmth.examcloud.core.basic.service.impl.UserServiceImpl;
  */
 @RestController
 @RequestMapping("${app.api.root}/user")
-public class UserApi {
+public class UserApi extends ControllerSupport{
 
     @Autowired
     UserServiceImpl userService;
@@ -61,7 +62,7 @@ public class UserApi {
                                      @PathVariable Integer curPage,
                                      @PathVariable Integer pageSize,
                                      HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
             if (accessUser.getRootOrgId() == 0) {
                 return new ResponseEntity(userService.findOrgUser(userCriteria,
@@ -99,7 +100,7 @@ public class UserApi {
     @ApiOperation(value = "新增用户", notes = "新增")
     @PostMapping
     public ResponseEntity addUser(@RequestBody User user, HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
             if (accessUser.getRootOrgId() != 0) {
                 user.setRootOrgId(accessUser.getRootOrgId());
@@ -119,7 +120,7 @@ public class UserApi {
     @ApiOperation(value = "更新用户", notes = "更新")
     @PutMapping
     public ResponseEntity updateUser(@RequestBody User user, HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (accessUser != null) {
             if (accessUser.getRootOrgId() != 0) {
                 user.setRootOrgId(accessUser.getRootOrgId());
@@ -189,7 +190,7 @@ public class UserApi {
     public ResponseEntity stuPassword(@RequestParam("oldPassword") String oldPassword,
                                       @RequestParam("newPassword") String newPassword,
                                       HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         if (StringUtils.isEmpty(oldPassword) || StringUtils.isEmpty(newPassword)) {
             return new ResponseEntity(new ErrorMsg("原密码不正确"), HttpStatus.BAD_REQUEST);
         } else {
@@ -255,8 +256,9 @@ public class UserApi {
 
     @ApiOperation(value = "登出", notes = "登出")
     @PostMapping("/logout")
+    @Deprecated
     public ResponseEntity logout(HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+    	AccessUser accessUser=null;
         userService.logout(accessUser);
         return new ResponseEntity(HttpStatus.OK);
     }
@@ -264,14 +266,14 @@ public class UserApi {
     @ApiOperation(value = "查询评卷员", notes = "查询")
     @GetMapping("/marker")
     public ResponseEntity getMarker(HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         return new ResponseEntity(userService.getMarker(accessUser.getRootOrgId()), HttpStatus.OK);
     }
     
     @ApiOperation(value = "新增评卷员", notes = "新增")
     @PostMapping("/marker")
     public ResponseEntity saveMarker(@RequestParam String loginName,@RequestParam String name,HttpServletRequest request) {
-        AccessUser accessUser = (AccessUser) request.getAttribute("accessUser");
+        cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
         return new ResponseEntity(userService.saveMarker(accessUser.getRootOrgId(),loginName,name), HttpStatus.OK);
     }
 
@@ -281,7 +283,7 @@ public class UserApi {
     								 @PathVariable Integer curPage,
     								 @PathVariable Integer pageSize,
     								 HttpServletRequest request){
-    	AccessUser accessUser = (AccessUser)request.getAttribute("accessUser");
+    	cn.com.qmth.examcloud.commons.web.security.bean.User accessUser = getAccessUser();
     	if(accessUser != null){
     		user.setRootOrgId(accessUser.getRootOrgId());
     		return new ResponseEntity(userService.getAllMaker(user,new PageRequest(curPage-1, pageSize)),HttpStatus.OK);