角色修改

distributed-print/src/main/java/com/qmth/distributed/print/interceptor/AuthInterceptor.java

@@ -25,7 +25,7 @@ public class AuthInterceptor extends ExtendInterceptor {
         if (request.getServletPath().contains(endpoint)) {
             return true;
         } else {
-            return AuthUtil.adminAuthInterceptor(request, response);
+            return AuthUtil.adminAuthInterceptor(request, response, handler);
         }
     }
 

distributed-print/src/main/resources/processes/GdykdxPaperApprove.bpmn

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <definitions xmlns="http://www.omg.org/spec/BPMN/20100524/MODEL" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:activiti="http://activiti.org/bpmn" xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI" xmlns:omgdc="http://www.omg.org/spec/DD/20100524/DC" xmlns:omgdi="http://www.omg.org/spec/DD/20100524/DI" typeLanguage="http://www.w3.org/2001/XMLSchema" expressionLanguage="http://www.w3.org/1999/XPath" targetNamespace="http://www.activiti.org/test">
-  <process id="myProcess" name="My process" isExecutable="true">
+  <process id="GdykdxPaperApprove" name="GdykdxPaperApprove" isExecutable="true">
     <startEvent id="startevent1" name="Start"></startEvent>
     <userTask id="usertask1" name="提交试卷(命题老师)"></userTask>
     <sequenceFlow id="flow1" sourceRef="startevent1" targetRef="usertask1"></sequenceFlow>
@@ -36,8 +36,8 @@
       <conditionExpression xsi:type="tFormalExpression"><![CDATA[${approve == 0}]]></conditionExpression>
     </sequenceFlow>
   </process>
-  <bpmndi:BPMNDiagram id="BPMNDiagram_myProcess">
-    <bpmndi:BPMNPlane bpmnElement="myProcess" id="BPMNPlane_myProcess">
+  <bpmndi:BPMNDiagram id="BPMNDiagram_GdykdxPaperApprove">
+    <bpmndi:BPMNPlane bpmnElement="GdykdxPaperApprove" id="BPMNPlane_GdykdxPaperApprove">
       <bpmndi:BPMNShape bpmnElement="startevent1" id="BPMNShape_startevent1">
         <omgdc:Bounds height="35.0" width="35.0" x="43.0" y="46.0"></omgdc:Bounds>
       </bpmndi:BPMNShape>

teachcloud-common/src/main/java/com/qmth/teachcloud/common/util/AuthUtil.java

@@ -1,5 +1,7 @@
 package com.qmth.teachcloud.common.util;
 
+import com.qmth.boot.api.annotation.Aac;
+import com.qmth.boot.api.annotation.BOOL;
 import com.qmth.boot.core.enums.Platform;
 import com.qmth.boot.tools.signature.SignatureType;
 import com.qmth.teachcloud.common.SignatureEntityTest;
@@ -16,9 +18,11 @@ import com.qmth.teachcloud.common.service.CacheService;
 import org.apache.catalina.Role;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.web.method.HandlerMethod;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.lang.annotation.Annotation;
 import java.util.*;
 
 /**
@@ -38,9 +42,10 @@ public class AuthUtil {
      *
      * @param request
      * @param response
+     * @param handler
      * @return
      */
-    public static boolean adminAuthInterceptor(HttpServletRequest request, HttpServletResponse response) {
+    public static boolean adminAuthInterceptor(HttpServletRequest request, HttpServletResponse response, Object handler) {
         String url = request.getServletPath();
         cacheService = SpringContextHolder.getBean(CacheService.class);
         List<String> privilegeUrl = cacheService.privilegeUrlCache(PrivilegePropertyEnum.NO_AUTH);
@@ -65,7 +70,7 @@ public class AuthUtil {
         SysUser sysUser = cacheService.userCache(userId);
         request.setAttribute(SystemConstant.SESSION, tbSession);
         request.setAttribute(SystemConstant.USER, sysUser);
-        return authFootCommon(userId, SystemConstant.USER_OAUTH_CACHE, request, response);
+        return authFootCommon(userId, SystemConstant.USER_OAUTH_CACHE, request, response, handler);
     }
 
     /**
@@ -133,12 +138,14 @@ public class AuthUtil {
      * @param type
      * @param request
      * @param response
+     * @param handler
      * @return
      */
     static boolean authFootCommon(long userId,
                                   String type,
                                   HttpServletRequest request,
-                                  HttpServletResponse response) {
+                                  HttpServletResponse response,
+                                  Object handler) {
         String url = request.getServletPath();
         //验证权限
         AuthBean authBean = type.contains(SystemConstant.USER_OAUTH_CACHE) ? authBean = cacheService.userAuthCache(userId) : null;
@@ -159,6 +166,16 @@ public class AuthUtil {
         if (sysCount > 0) {
             return true;
         }
+        HandlerMethod handlerMethod = (HandlerMethod) handler;
+        Map<String, Boolean> map = new HashMap<>();
+        Aac beanTypeAac = handlerMethod.getBeanType().getAnnotation(Aac.class);
+        Aac classAac = handlerMethod.getMethodAnnotation(Aac.class);
+        map.computeIfAbsent("auth", v -> beanTypeAac.auth() == BOOL.TRUE ? true : false);
+        map.computeIfAbsent("auth", v -> classAac.auth() == BOOL.TRUE ? true : false);
+
+        if (Objects.nonNull(map.get("auth")) && !map.get("auth")) {
+            return true;
+        }
         Set<String> urls = authBean.getUrls();
         int privilegeCount = Objects.nonNull(urls) ? (int) urls.stream().filter(s -> s.equalsIgnoreCase(url)).count() : 0;
         if (privilegeCount == 0) {