添加非超管角色访问权限

bb7a69bd · 罗承锋 · 0cd3bd4c · bb7a69bd · bb7a69bd · bb7a69bd
Commit bb7a69bd authored Feb 05, 2021 by 罗承锋
9 changed files
--- a/apply-net/src/main/java/com/winsun/controller/DankuanController.java
+++ b/apply-net/src/main/java/com/winsun/controller/DankuanController.java
@@ -482,7 +482,7 @@ public class DankuanController {
            //支付成功回调的页面
            // String MERCHANTURL = Constant.TOMCATURL + "/dankuan/toPaymentSuccessPage?id=" + userId +"orderId="+id;
            // 正式地址
-            String MERCHANTURL = "https://dx.dianyuanjiangli.com/#/mobile/hhr/dkSuccessful?id="+userId+"&"+"orderId="+id;
+            String MERCHANTURL = "https://dx.dianyuanjiangli.com/mobile/#/hhr/dkSuccessful?id="+userId+"&"+"orderId="+id;
            map.put("MERCHANTURL", MERCHANTURL);
 //        }
        //单宽回调后端接口地址

--- a/apply-net/src/main/java/com/winsun/controller/RongHeController.java
+++ b/apply-net/src/main/java/com/winsun/controller/RongHeController.java
@@ -468,7 +468,7 @@ public class RongHeController {
                /* String MERCHANTURL = Constant.TOMCATURL + "/dankuan/toSubmisOrderPreser?id=" + userId +"orderId="+id;*/
                /*  String MERCHANTURL =  "http://167460x6b0.51mypc.cn/ciop/rongHe/toSubmisOrderPreser?id=" + userId +"orderId="+id;*/
                // 正式地址
-                String MERCHANTURL = "https://dx.dianyuanjiangli.com/#/mobile/hhr/dkSuccessful?id="+userId+"&"+"orderId="+id;
+                String MERCHANTURL = "https://dx.dianyuanjiangli.com/mobile/#/hhr/dkSuccessful?id="+userId+"&"+"orderId="+id;
 //                String MERCHANTURL = "http://chengfengluo.ngrok2.xiaomiqiu.cn/#/hhr/dkSuccessful?id="+userId+"&"+"orderId="+id;
                map.put("MERCHANTURL", MERCHANTURL);
 //           }

--- a/service-manager/src/main/java/com/winsun/controller/OrderController.java
+++ b/service-manager/src/main/java/com/winsun/controller/OrderController.java
@@ -399,11 +399,13 @@ public class OrderController extends BaseController {
        Map<String,Object> map = new HashMap<>();
        ShiroUser user = getShiroUser();
-        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员"))) {
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "县分管理员（订单）"))) {
            map.put("error","无数据权限");
            return map;
        }
+        // 添加权限
        Wrapper<Order> wrapper = new EntityWrapper();
        wrapper.isNull("kd_order_id");
        wrapper.notIn("user_type",3,5,9,10);
@@ -447,6 +449,11 @@ public class OrderController extends BaseController {
    @Permission(menuname = "查询订单信息", value = "broadBandOrder", method = RequestMethod.POST)
    public ResponseData<Page<BroadBandOrder>> getBroadBandOrder(BroadBandOrder broadBandOrder) {
+        ShiroUser user = getShiroUser();
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "县分管理员（订单）", "修改身份证"))) {
+            ResponseData.error("无权限查询订单");
+        }
        Page<BroadBandOrder> page = new Page<>(broadBandOrder.getPageNo(), broadBandOrder.getPageSize());
        broadBandOrder.setPageStart((broadBandOrder.getPageNo() - 1) * broadBandOrder.getPageSize());
        List<BroadBandOrder> broadBandOrders = orderMapper.selectBroadBandOrderList(page, broadBandOrder);

--- a/service-manager/src/main/java/com/winsun/controller/OrderViewController.java
+++ b/service-manager/src/main/java/com/winsun/controller/OrderViewController.java
@@ -62,7 +62,7 @@ public class OrderViewController extends BaseController {
                                                            @RequestParam("status") String status, @RequestParam("ordername") String ordername,
                                                            @RequestParam(name = "pageNo") int pageIndex, @RequestParam(name = "pageSize") int pageSize) {
        ShiroUser user = getShiroUser();
-        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员"))) {
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员","县分管理员（订单）", "修改身份证"))) {
            return ResponseData.error("无数据权限");
        }
        String dateFormat = "YYYY-MM-DD";

--- a/service-manager/src/main/java/com/winsun/controller/PackageController.java
+++ b/service-manager/src/main/java/com/winsun/controller/PackageController.java
@@ -7,6 +7,7 @@ import com.baomidou.mybatisplus.plugins.Page;
 import com.winsun.auth.core.annotion.Permission;
 import com.winsun.auth.core.base.controller.BaseController;
 import com.winsun.auth.core.common.model.ResponseData;
+import com.winsun.auth.core.shiro.ShiroUser;
 import com.winsun.bean.Package;
 import com.winsun.bean.SchoolPackage;
 import com.winsun.constant.FilePath;
@@ -168,6 +169,12 @@ public class PackageController extends BaseController {
                                                   @RequestParam("voice") String voice,
                                                   @RequestParam(name = "pageNo", required = false) int pageIndex,
                                                   @RequestParam(name = "pageSize", required = false) int pageSize) {
+        ShiroUser user = getShiroUser();
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "系统管理员"))) {
+            return ResponseData.error("无数据权限");
+        }
        Wrapper<Package> wrapper = new EntityWrapper();
        wrapper.like(StringUtils.isNotBlank(name), "package_name", name, SqlLike.DEFAULT);
        wrapper.like(StringUtils.isNotBlank(monthFee), "month_fee", monthFee, SqlLike.DEFAULT);

--- a/service-manager/src/main/java/com/winsun/controller/ProductController.java
+++ b/service-manager/src/main/java/com/winsun/controller/ProductController.java
@@ -130,7 +130,7 @@ public class ProductController extends BaseController {
    public ResponseData<Map<String,Object>> listProduct(@RequestParam(name = "productUniversity", required = false) String productUniversity, @RequestParam(name = "productRegion", required = false) String productRegion,
                                                   @RequestParam(name = "pageNo") int pageNo, @RequestParam(name = "pageSize") int pageSize) {
        ShiroUser user = getShiroUser();
-        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员"))) {
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "系统管理员"))) {
            return ResponseData.error("无数据权限");
        }
        Wrapper<Product> wrapper = new EntityWrapper();

--- a/service-manager/src/main/java/com/winsun/controller/SchoolManagementController.java
+++ b/service-manager/src/main/java/com/winsun/controller/SchoolManagementController.java
@@ -181,7 +181,7 @@ public class SchoolManagementController extends BaseController {
                                                 @RequestParam(name = "pageSize", required = false) int pageSize,
                                                 @RequestParam("networkName") String networkName) {
        ShiroUser user = getShiroUser();
-        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员"))) {
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "系统管理员"))) {
            return ResponseData.error("无数据权限");
        }
        Wrapper<School> wrapper = new EntityWrapper();

--- a/service-manager/src/main/java/com/winsun/controller/StudentCardVerifyController.java
+++ b/service-manager/src/main/java/com/winsun/controller/StudentCardVerifyController.java
@@ -172,7 +172,7 @@ public class StudentCardVerifyController extends BaseController {
    @Permission(menuname = "修改学生不限量证件信息", value = "update", method = RequestMethod.POST)
    public ResponseData<String> updateProduct(@RequestParam("ids") String ids,@RequestParam("state") Integer state) {
        ShiroUser user = getShiroUser();
-        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员"))) {
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "业务稽核","稽核员"))) {
            return ResponseData.error("无数据权限");
        }
        List<String> list1 = Arrays.asList(ids.split(",")); //[a, b, c]

--- a/service-manager/src/main/java/com/winsun/controller/UniversityInfoController.java
+++ b/service-manager/src/main/java/com/winsun/controller/UniversityInfoController.java
@@ -131,7 +131,7 @@ public class UniversityInfoController extends BaseController {
    public ResponseData<Page<UniversityInfo>> listUniversityInfo(@RequestParam("universityName") String universityName, @RequestParam("universityRegion") String universityRegion,
                                                         @RequestParam(name = "pageNo") int pageIndex, @RequestParam(name = "pageSize") int pageSize) {
        ShiroUser user = getShiroUser();
-        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员"))) {
+        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "系统管理员"))) {
            return ResponseData.error("无数据权限");
        }
        Wrapper<UniversityInfo> wrapper = new EntityWrapper();