Startsida Utforska Hjälp
Logga in
luoshi
/
stmms-ft
1
0
Fork 0
Filer
Bläddra i källkod

Merge branch 'stmms_ft_dev' of http://git.qmth.com.cn/luoshi/stmms-ft into stmms_ft_dev

luoshi 6 år sedan
förälder
35bd6d6683 2ca235adae
incheckning
ddb9ee44bb
12 ändrade filer med 352 tillägg och 66 borttagningar
Delad Vy Visa Diff Statistik
  1. 26 0
      stmms-biz/src/main/java/cn/com/qmth/stmms/biz/api/auth/exception/ApiException.java
  2. 9 1
      stmms-biz/src/main/java/cn/com/qmth/stmms/biz/api/auth/service/validator/AdminUserValidator.java
  3. 10 4
      stmms-biz/src/main/java/cn/com/qmth/stmms/biz/api/auth/service/validator/DefaultValidator.java
  4. 14 0
      stmms-biz/src/main/java/cn/com/qmth/stmms/biz/exam/model/ExamStudent.java
  5. 27 0
      stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/BaseApiController.java
  6. 9 4
      stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamInfoController.java
  7. 109 0
      stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamPackageController.java
  8. 1 1
      stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamQuestionController.java
  9. 135 41
      stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamStudentController.java
  10. 1 1
      stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/LoginController.java
  11. 9 14
      stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ScanController.java
  12. 2 0
      stmms-web/src/main/java/cn/com/qmth/stmms/api/utils/AuthInfoUtils.java

+ 26 - 0
stmms-biz/src/main/java/cn/com/qmth/stmms/biz/api/auth/exception/ApiException.java
Visa fil 

@@ -0,0 +1,26 @@
 
+package cn.com.qmth.stmms.biz.api.auth.exception;
 
+
 
+public class ApiException extends RuntimeException {
 
+
 
+	private static final long serialVersionUID = -5671666616240173459L;
 
+
 
+    private int code;
 
+
 
+    private ApiException(int code, String message) {
 
+        super(message);
 
+        this.code = code;
 
+    }
 
+
 
+    public int getCode() {
 
+        return code;
 
+    }
 
+
 
+    public static final ApiException USER_UNEXISTS = new ApiException(401, "user unexists");
 
+
 
+    public static final ApiException USER_PASSWORD_ERROR = new ApiException(401, "user password error");
 
+
 
+    public static final ApiException USER_NOT_ADMIN = new ApiException(401, "user is not admin");
 
+
 
+    public static final ApiException EXAM_NOT_ACCESSIBLED = new ApiException(401, "user cannot access specified exam");
 
+
 
+}

+ 9 - 1
stmms-biz/src/main/java/cn/com/qmth/stmms/biz/api/auth/service/validator/AdminUserValidator.java
Visa fil 

@@ -5,6 +5,7 @@ import javax.annotation.PostConstruct;
 
 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.stereotype.Component;

 

+import cn.com.qmth.stmms.biz.api.auth.exception.ApiException;

 import cn.com.qmth.stmms.biz.api.auth.interfaces.AuthValidator;

 import cn.com.qmth.stmms.biz.api.auth.model.AuthInfo;

 import cn.com.qmth.stmms.biz.user.model.User;

@@ -24,7 +25,14 @@ public class AdminUserValidator implements AuthValidator {
 
     @Override

     public boolean validate(AuthInfo auth) {

         User user = auth.getLoginUser();

-        return user != null && user.isEnable() && user.getRole() == Role.SCHOOL_ADMIN;

+        if (user == null) {

+            throw ApiException.USER_UNEXISTS;

+        }

+        if(user.isEnable() && user.getRole() == Role.SCHOOL_ADMIN){;

+        	return true;

+        } else {

+            throw ApiException.USER_NOT_ADMIN;

+        }

     }

 

     @Override

+ 10 - 4
stmms-biz/src/main/java/cn/com/qmth/stmms/biz/api/auth/service/validator/DefaultValidator.java
Visa fil 

@@ -5,6 +5,7 @@ import javax.annotation.PostConstruct;
 
 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.stereotype.Component;

 

+import cn.com.qmth.stmms.biz.api.auth.exception.ApiException;

 import cn.com.qmth.stmms.biz.api.auth.interfaces.AuthValidator;

 import cn.com.qmth.stmms.biz.api.auth.model.AuthInfo;

 import cn.com.qmth.stmms.biz.api.auth.model.BasicAuthInfo;

@@ -35,11 +36,16 @@ public class DefaultValidator implements AuthValidator {
 
     public boolean validate(AuthInfo auth) {

         BasicAuthInfo info = (BasicAuthInfo) auth;

         User user = userService.findByLoginName(info.getLoginName());

-        if (user != null && user.isEnable() && user.getPassword().equals(Md5EncryptUtils.md5(info.getPassword()))) {

-            info.setLoginUser(user);

-            return true;

+        if (user != null) {

+        	if (user.isEnable() && user.getPassword().equals(Md5EncryptUtils.md5(info.getPassword()))) {

+        		info.setLoginUser(user);

+        		return true;

+        	}else{

+        		throw ApiException.USER_PASSWORD_ERROR;

+        	}

+        }else{

+        	throw ApiException.USER_UNEXISTS;

         }

-        return false;

     }

 

 }

+ 14 - 0
stmms-biz/src/main/java/cn/com/qmth/stmms/biz/exam/model/ExamStudent.java
Visa fil 

@@ -157,6 +157,12 @@ public class ExamStudent implements Serializable {
 
      */

     @Column(name = "is_absent")

     private boolean absent;

+    

+    /**

+     * 是否人工指定缺考

+     */

+    @Column(name = "is_manual_absent")

+    private boolean manualAbsent;

 

     @Column(name = "is_breach")

     private boolean breach;

@@ -657,4 +663,12 @@ public class ExamStudent implements Serializable {
 
 		this.tagValue = tagValue;

 	}

 

+	public boolean isManualAbsent() {

+		return manualAbsent;

+	}

+

+	public void setManualAbsent(boolean manualAbsent) {

+		this.manualAbsent = manualAbsent;

+	}

+

 }

+ 27 - 0
stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/BaseApiController.java
Visa fil 

@@ -0,0 +1,27 @@
 
+package cn.com.qmth.stmms.api.controller;
 
+
 
+import java.io.IOException;
 
+
 
+import javax.servlet.http.HttpServletResponse;
 
+
 
+import org.apache.commons.lang.StringUtils;
 
+import org.springframework.http.HttpStatus;
 
+import org.springframework.web.bind.annotation.ExceptionHandler;
 
+
 
+import cn.com.qmth.stmms.api.utils.AuthInfoUtils;
 
+import cn.com.qmth.stmms.biz.api.auth.exception.ApiException;
 
+import cn.com.qmth.stmms.common.controller.BaseController;
 
+
 
+public class BaseApiController extends BaseController {
 
+
 
+    @ExceptionHandler
 
+    public void exception(HttpServletResponse response, Exception ex) throws IOException {
 
+        response.addHeader(AuthInfoUtils.ERROR_MESSAGE_HEADER_KEY, StringUtils.trimToEmpty(ex.getMessage()));
 
+        if (ex instanceof ApiException) {
 
+            ApiException e = (ApiException) ex;
 
+            response.sendError(e.getCode());
 
+        } else {
 
+            response.sendError(HttpStatus.INTERNAL_SERVER_ERROR.value());
 
+        }
 
+    }
 
+}

+ 9 - 4
stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamInfoController.java
Visa fil 

@@ -5,6 +5,9 @@ import java.util.List;
 
 

 import javax.servlet.http.HttpServletRequest;

 

+import net.sf.json.JSONArray;

+import net.sf.json.JSONObject;

+

 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.stereotype.Controller;

 import org.springframework.web.bind.annotation.PathVariable;

@@ -15,6 +18,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
 
 

 import cn.com.qmth.stmms.admin.vo.ExamSubjectVO;

 import cn.com.qmth.stmms.biz.api.auth.annotation.AuthValidate;

+import cn.com.qmth.stmms.biz.api.auth.exception.ApiException;

 import cn.com.qmth.stmms.biz.campus.model.Campus;

 import cn.com.qmth.stmms.biz.campus.service.CampusService;

 import cn.com.qmth.stmms.biz.exam.model.Exam;

@@ -26,12 +30,10 @@ import cn.com.qmth.stmms.biz.user.model.User;
 
 import cn.com.qmth.stmms.common.enums.ExamStatus;

 import cn.com.qmth.stmms.common.utils.DateUtils;

 import cn.com.qmth.stmms.common.utils.RequestUtils;

-import net.sf.json.JSONArray;

-import net.sf.json.JSONObject;

 

 @Controller("examInfoApiController")

 @RequestMapping("/api")

-public class ExamInfoController {

+public class ExamInfoController extends BaseApiController {

 

     @Autowired

     private ExamService examService;

@@ -128,9 +130,12 @@ public class ExamInfoController {
 
                 subjectService.save(es);

                 result.accumulate("code", subject.getCode());

                 return result;

+            }else{

+            	result.accumulate("code", "");

             }

+        }else{

+        	throw ApiException.EXAM_NOT_ACCESSIBLED;

         }

-        result.accumulate("code", "");

         return result;

     }

 }

+ 109 - 0
stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamPackageController.java
Visa fil 

@@ -0,0 +1,109 @@
 
+package cn.com.qmth.stmms.api.controller;

+

+import java.util.List;

+

+import javax.servlet.http.HttpServletRequest;

+import javax.servlet.http.HttpServletResponse;

+

+import net.sf.json.JSONArray;

+import net.sf.json.JSONObject;

+

+import org.slf4j.Logger;

+import org.slf4j.LoggerFactory;

+import org.springframework.beans.factory.annotation.Autowired;

+import org.springframework.stereotype.Controller;

+import org.springframework.web.bind.annotation.PathVariable;

+import org.springframework.web.bind.annotation.RequestBody;

+import org.springframework.web.bind.annotation.RequestMapping;

+import org.springframework.web.bind.annotation.RequestMethod;

+import org.springframework.web.bind.annotation.RequestParam;

+import org.springframework.web.bind.annotation.ResponseBody;

+

+import cn.com.qmth.stmms.biz.api.auth.annotation.AuthValidate;

+import cn.com.qmth.stmms.biz.api.auth.exception.ApiException;

+import cn.com.qmth.stmms.biz.exam.model.Exam;

+import cn.com.qmth.stmms.biz.exam.model.ExamPackage;

+import cn.com.qmth.stmms.biz.exam.service.ExamPackageService;

+import cn.com.qmth.stmms.biz.exam.service.ExamService;

+import cn.com.qmth.stmms.biz.exam.service.ExamStudentService;

+import cn.com.qmth.stmms.biz.user.model.User;

+import cn.com.qmth.stmms.common.utils.RequestUtils;

+

+@Controller("examPackageApiController")

+@RequestMapping("/api")

+public class ExamPackageController extends BaseApiController {

+

+    protected static Logger logger = LoggerFactory.getLogger(ExamPackageController.class);

+

+    @Autowired

+    private ExamStudentService examStudentService;

+

+    @Autowired

+    private ExamService examService;

+

+    @Autowired

+    private ExamPackageService packageService;

+    

+    @RequestMapping(value = "/package/{examId}", method = RequestMethod.GET)

+    @ResponseBody

+    public JSONArray getPackageCode(HttpServletRequest request, @PathVariable Integer examId) {

+        User user = RequestUtils.getApiUser(request);

+        JSONArray array = new JSONArray();

+        Exam exam = examService.findById(examId);

+        if (exam != null && exam.getSchoolId().equals(user.getSchoolId())) {

+            List<String> list = examStudentService.findDistinctPackageCode(examId);

+            if (list != null) {

+                for (String code : list) {

+                    array.add(code);

+                }

+            }

+        } else {

+            throw ApiException.EXAM_NOT_ACCESSIBLED;

+        }

+        return array;

+    }

+

+    @AuthValidate({ "adminUser", "scanner" })

+    @RequestMapping(value = "/package/{examId}", method = RequestMethod.POST)

+    @ResponseBody

+    public int updatePackage(HttpServletRequest request, @PathVariable Integer examId,

+            @RequestBody ExamPackage examPackage) {

+        Exam exam = examService.findById(examId);

+        if (exam != null) {

+            ExamPackage obj = packageService.find(examId, examPackage.getCode());

+            if (obj != null && examPackage.getPicCount() != null) {

+                obj.setPicCount(examPackage.getPicCount());

+                obj = packageService.save(obj);

+                return obj.getPicCount();

+            }

+        }else{

+        	throw ApiException.EXAM_NOT_ACCESSIBLED;

+        }

+        return -1;

+    }

+

+    @AuthValidate("adminUser")

+    @RequestMapping(value = "/package/count/{examId}", method = RequestMethod.GET)

+    @ResponseBody

+    public JSONArray getPackageCount(HttpServletRequest request, HttpServletResponse response,

+            @PathVariable Integer examId, @RequestParam(required = false) Boolean upload) {

+        User user = RequestUtils.getApiUser(request);

+        JSONArray array = new JSONArray();

+        Exam exam = examService.findById(examId);

+        if (exam != null && exam.getSchoolId().equals(user.getSchoolId())) {

+            List<ExamPackage> list = upload != null ? packageService.list(examId, upload) : packageService.list(examId);

+            if (list != null) {

+                for (ExamPackage ep : list) {

+                    JSONObject obj = new JSONObject();

+                    obj.accumulate("code", ep.getCode());

+                    obj.accumulate("picCount", ep.getPicCount());

+                    array.add(obj);

+                }

+            }

+        }else{

+        	throw ApiException.EXAM_NOT_ACCESSIBLED;

+        }

+        return array;

+    }

+

+}

+ 1 - 1
stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamQuestionController.java
Visa fil 

@@ -20,7 +20,7 @@ import net.sf.json.JSONObject;
 
 

 @Controller("examQuestionApiController")

 @RequestMapping("/api")

-public class ExamQuestionController {

+public class ExamQuestionController extends BaseApiController {

 

     @Autowired

     private ExamQuestionService questionService;

+ 135 - 41
stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ExamStudentController.java
Visa fil 

@@ -6,6 +6,10 @@ import java.util.List;
 
 

 import javax.servlet.http.HttpServletRequest;

 

+import net.sf.json.JSONArray;

+import net.sf.json.JSONObject;

+

+import org.apache.commons.lang.StringUtils;

 import org.slf4j.Logger;

 import org.slf4j.LoggerFactory;

 import org.springframework.beans.factory.annotation.Autowired;

@@ -17,25 +21,27 @@ import org.springframework.web.bind.annotation.RequestMethod;
 
 import org.springframework.web.bind.annotation.RequestParam;

 import org.springframework.web.bind.annotation.ResponseBody;

 

-import com.google.common.base.Strings;

-

 import cn.com.qmth.stmms.api.utils.AESUtil;

 import cn.com.qmth.stmms.biz.api.auth.annotation.AuthValidate;

 import cn.com.qmth.stmms.biz.campus.model.Campus;

 import cn.com.qmth.stmms.biz.campus.service.CampusService;

 import cn.com.qmth.stmms.biz.exam.model.Exam;

-import cn.com.qmth.stmms.biz.exam.model.ExamPackage;

+import cn.com.qmth.stmms.biz.exam.model.ExamQuestion;

 import cn.com.qmth.stmms.biz.exam.model.ExamStudent;

 import cn.com.qmth.stmms.biz.exam.query.ExamStudentSearchQuery;

 import cn.com.qmth.stmms.biz.exam.service.ExamPackageService;

+import cn.com.qmth.stmms.biz.exam.service.ExamQuestionService;

 import cn.com.qmth.stmms.biz.exam.service.ExamService;

 import cn.com.qmth.stmms.biz.exam.service.ExamStudentService;

-import net.sf.json.JSONArray;

-import net.sf.json.JSONObject;

+import cn.com.qmth.stmms.biz.user.model.User;

+import cn.com.qmth.stmms.biz.utils.ScoreItem;

+import cn.com.qmth.stmms.common.utils.RequestUtils;

+

+import com.google.common.base.Strings;

 

 @Controller("examStudentApiController")

 @RequestMapping("/api")

-public class ExamStudentController {

+public class ExamStudentController extends BaseApiController {

 

     protected static Logger logger = LoggerFactory.getLogger(ExamStudentController.class);

 

@@ -50,41 +56,9 @@ public class ExamStudentController {
 
 

     @Autowired

     private ExamPackageService packageService;

-

-    @RequestMapping(value = "/package/{examId}", method = RequestMethod.GET)

-    @ResponseBody

-    public JSONArray getPackageCode(HttpServletRequest request, @PathVariable Integer examId) {

-        JSONArray array = new JSONArray();

-        Exam exam = examService.findById(examId);

-        if (exam == null) {

-            return array;

-        }

-

-        List<String> list = examStudentService.findDistinctPackageCode(examId);

-        if (list != null) {

-            for (String code : list) {

-                array.add(code);

-            }

-        }

-        return array;

-    }

-

-    @AuthValidate({ "adminUser", "scanner" })

-    @RequestMapping(value = "/package/{examId}", method = RequestMethod.POST)

-    @ResponseBody

-    public int updatePackage(HttpServletRequest request, @PathVariable Integer examId,

-            @RequestBody ExamPackage examPackage) {

-        Exam exam = examService.findById(examId);

-        if (exam != null) {

-            ExamPackage obj = packageService.find(examId, examPackage.getCode());

-            if (obj != null && examPackage.getPicCount() != null) {

-                obj.setPicCount(examPackage.getPicCount());

-                obj = packageService.save(obj);

-                return obj.getPicCount();

-            }

-        }

-        return -1;

-    }

+    

+    @Autowired

+    private ExamQuestionService questionService;

 

     @AuthValidate({ "adminUser", "scanner" })

     @RequestMapping(value = "/exam/students/{examId}", method = RequestMethod.GET)

@@ -185,6 +159,124 @@ public class ExamStudentController {
 
         }

         return obj;

     }

+    

+    @AuthValidate("adminUser")

+    @RequestMapping("/students/count/{examId}")

+    @ResponseBody

+    public long getStudentCount(HttpServletRequest request, @PathVariable Integer examId,

+            @RequestParam(required = false) Boolean upload, @RequestParam(required = false) Boolean absent) {

+        User user = RequestUtils.getApiUser(request);

+        Exam exam = examService.findById(examId);

+        if (exam != null && exam.getSchoolId().equals(user.getSchoolId())) {

+            ExamStudentSearchQuery query = new ExamStudentSearchQuery();

+            query.setExamId(examId);

+            query.setUpload(upload);

+            query.setAbsent(absent);

+            return examStudentService.countByQuery(query);

+        }

+        return 0;

+    }

+    

+    @AuthValidate("adminUser")

+    @RequestMapping("/exam/students")

+    @ResponseBody

+    public JSONArray getStudent(HttpServletRequest request, ExamStudentSearchQuery query,

+            @RequestParam(required = false) Boolean withScoreDetail) {

+        User user = RequestUtils.getApiUser(request);

+        JSONArray array = new JSONArray();

+        if (query.getExamId() == null) {

+            return array;

+        }

+        Exam exam = examService.findById(query.getExamId());

+        if (exam != null && exam.getSchoolId().equals(user.getSchoolId())) {

+            DecimalFormat format = new DecimalFormat("####.##");

+            examStudentService.findByQuery(query);

+            for (ExamStudent student : query.getResult()) {

+                JSONObject obj = new JSONObject();

+                obj.accumulate("id", student.getId());

+                obj.accumulate("schoolId", student.getSchoolId());

+                obj.accumulate("examNumber", student.getExamNumber());

+                obj.accumulate("campusName", student.getCampusName());

+                obj.accumulate("subjectCode", student.getSubjectCode());

+                obj.accumulate("subjectName", student.getSubjectName());

+                obj.accumulate("name", student.getName());

+                obj.accumulate("studentCode", student.getStudentCode());

+                obj.accumulate("packageCode", student.getPackageCode());

+                obj.accumulate("batchCode", student.getBatchCode() == null ? "" : student.getBatchCode());

+                obj.accumulate("sheetCount", student.getSheetCount() != null ? student.getSheetCount() : 0);

+                obj.accumulate("sliceCount", student.getSliceCount() != null ? student.getSliceCount() : 0);

+                obj.accumulate("answers", StringUtils.trimToEmpty(student.getAnswers()));

+                obj.accumulate("upload", student.isUpload());

+                obj.accumulate("absent", student.isAbsent());

+                obj.accumulate("manualAbsent", student.isManualAbsent());

+                obj.accumulate("breach", student.isBreach());

+                obj.accumulate("objectiveScore",

+                        student.getObjectiveScore() == null ? "" : format.format(student.getObjectiveScore()));

+                obj.accumulate("subjectiveScore",

+                        student.getSubjectiveScore() == null ? "" : format.format(student.getSubjectiveScore()));

+                obj.accumulate("examSite", StringUtils.trimToEmpty(student.getExamSite()));

+                obj.accumulate("examRoom", StringUtils.trimToEmpty(student.getExamRoom()));

+                obj.accumulate("remark", StringUtils.trimToEmpty(student.getRemark()));

+                Campus campus = campusService.findBySchoolAndName(student.getSchoolId(), student.getCampusName());

+                obj.accumulate("campusCode", campus != null ? campus.getId().toString() : "");

+

+                try {

+                    if (withScoreDetail != null && withScoreDetail.booleanValue()) {

+                        // 构造客观题得分明细

+                        JSONArray objective = new JSONArray();

+                        List<ScoreItem> scoreList = student.getScoreList(true);

+                        List<ExamQuestion> questionList = questionService

+                                .findByExamAndSubjectAndObjective(student.getExamId(), student.getSubjectCode(), true);

+                        int i = 0;

+                        for (ScoreItem item : scoreList) {

+                            i++;

+                            if (questionList.size() < i) {

+                                break;

+                            }

+                            ExamQuestion question = questionList.get(i - 1);

+                            if (question.getTotalScore() == null || question.getTotalScore() == 0) {

+                                continue;

+                            }

+                            JSONObject detail = new JSONObject();

+                            detail.accumulate("mainNumber", question.getMainNumber());

+                            detail.accumulate("subNumber", question.getSubNumber());

+                            detail.accumulate("score", item.getScore());

+                            detail.accumulate("answer", item.getAnswer());

+                            objective.add(detail);

+                        }

+                        obj.accumulate("objectiveScoreDetail", objective);

+

+                        // 构造主观题得分明细

+                        JSONArray subjective = new JSONArray();

+                        scoreList = student.getScoreList(false);

+                        questionList = questionService.findByExamAndSubjectAndObjective(student.getExamId(),

+                                student.getSubjectCode(), false);

+                        i = 0;

+                        for (ScoreItem item : scoreList) {

+                            i++;

+                            if (questionList.size() < i) {

+                                break;

+                            }

+                            ExamQuestion question = questionList.get(i - 1);

+                            if (question.getTotalScore() == null || question.getTotalScore() == 0) {

+                                continue;

+                            }

+                            JSONObject detail = new JSONObject();

+                            detail.accumulate("mainNumber", question.getMainNumber());

+                            detail.accumulate("subNumber", question.getSubNumber());

+                            detail.accumulate("score", item.getScore());

+                            subjective.add(detail);

+                        }

+                        obj.accumulate("subjectiveScoreDetail", subjective);

+                    }

+                    array.add(obj);

+                } catch (Exception e) {

+                    logger.error("student api error", e);

+                }

+            }

+        }

+        return array;

+    }

 

     /**

      * 

@@ -279,4 +371,6 @@ public class ExamStudentController {
 
         String result = obj.toString();

         return encrypt ? AESUtil.encrypt(result) : result;

     }

+    

+    

 }

+ 1 - 1
stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/LoginController.java
Visa fil 

@@ -17,7 +17,7 @@ import net.sf.json.JSONObject;
 
 

 @Controller("loginApiController")

 @RequestMapping("/api")

-public class LoginController {

+public class LoginController extends BaseApiController {

 

     @AuthValidate({ "adminUser", "scanner" })

     @RequestMapping(value = "/user/login", method = RequestMethod.GET)

+ 9 - 14
stmms-web/src/main/java/cn/com/qmth/stmms/api/controller/ScanController.java
Visa fil 

@@ -4,6 +4,9 @@ import java.util.Date;
 
 

 import javax.servlet.http.HttpServletRequest;

 

+import net.sf.json.JSONArray;

+import net.sf.json.JSONObject;

+

 import org.slf4j.Logger;

 import org.slf4j.LoggerFactory;

 import org.springframework.beans.factory.annotation.Autowired;

@@ -17,21 +20,18 @@ import org.springframework.web.bind.annotation.ResponseBody;
 
 

 import cn.com.qmth.stmms.api.utils.ScanStudentParameter;

 import cn.com.qmth.stmms.biz.api.auth.annotation.AuthValidate;

+import cn.com.qmth.stmms.biz.api.auth.exception.ApiException;

 import cn.com.qmth.stmms.biz.exam.model.Exam;

 import cn.com.qmth.stmms.biz.exam.model.ExamStudent;

 import cn.com.qmth.stmms.biz.exam.service.ExamService;

 import cn.com.qmth.stmms.biz.exam.service.ExamStudentService;

 import cn.com.qmth.stmms.biz.user.model.User;

-import cn.com.qmth.stmms.common.controller.BaseController;

-import cn.com.qmth.stmms.common.enums.ExamStatus;

 import cn.com.qmth.stmms.common.utils.DateUtils;

 import cn.com.qmth.stmms.common.utils.RequestUtils;

-import net.sf.json.JSONArray;

-import net.sf.json.JSONObject;

 

 @Controller

 @RequestMapping("/api/scan")

-public class ScanController extends BaseController {

+public class ScanController extends BaseApiController {

 

     protected static Logger log = LoggerFactory.getLogger(ScanController.class);

 

@@ -60,7 +60,10 @@ public class ScanController extends BaseController {
 
         Exam exam = examService.findById(examId);

         JSONArray array = new JSONArray();

         // 判断上传权限

-        if (canSaveScan(exam, user) && scStudentParameter != null && scStudentParameter.length > 0) {

+        if (exam == null || exam.getSchoolId().equals(user.getSchoolId())) {

+            throw ApiException.EXAM_NOT_ACCESSIBLED;

+        }

+        if (scStudentParameter != null && scStudentParameter.length > 0) {

             for (ScanStudentParameter sc : scStudentParameter) {

                 ExamStudent student = studentService.findByExamIdAndExamNumber(examId, sc.getExamNumber());

                 if (student != null) {

@@ -84,12 +87,4 @@ public class ScanController extends BaseController {
 
         return array;

     }

 

-    private boolean canSaveScan(Exam exam, User user) {

-        boolean flag = false;

-        if (exam != null && exam.getStatus() == ExamStatus.START) {

-            flag = exam.getSchoolId().equals(user.getSchoolId());

-        }

-        return flag;

-    }

-

 }

+ 2 - 0
stmms-web/src/main/java/cn/com/qmth/stmms/api/utils/AuthInfoUtils.java
Visa fil 

@@ -7,6 +7,8 @@ import org.apache.commons.lang.StringUtils;
 
 public class AuthInfoUtils {

 

     public static final String AUTH_INFO_HEADER_KEY = "auth-info";

+    

+    public static final String ERROR_MESSAGE_HEADER_KEY = "error-info";

 

     public static String getAuthInfoValue(HttpServletRequest request) {

         return StringUtils.trimToNull(request.getHeader(AUTH_INFO_HEADER_KEY));