Merge pull request #97 from yanyanho/main

add aspect for authority

README.md

@@ -38,6 +38,7 @@ https://dlh-1257682033.cos.ap-hongkong.myqcloud.com/{uuid}
 
 ## 参考链接
 - Cors: https://cloud.tencent.com/developer/article/1924258
+- session: https://www.cnblogs.com/RudeCrab/p/14251154.html
 - upload pic: https://juejin.cn/post/6844903630416379918  
 - JPA query: https://spring.io/blog/2011/04/26/advanced-spring-data-jpa-specifications-and-querydsl
 -  JPA :  https://www.baeldung.com/hibernate-criteria-queries

src/main/java/com/dl/officialsite/common/exception/UnauthorizedException.java

@@ -0,0 +1,9 @@
+package com.dl.officialsite.common.exception;
+
+public class UnauthorizedException extends Throwable {
+
+    private String msg;
+    public UnauthorizedException(String unauthorizedAccess) {
+        this.msg = unauthorizedAccess;
+    }
+}

src/main/java/com/dl/officialsite/hiring/HireService.java

@@ -51,39 +51,44 @@ public HiringVO add(HiringVO hiringVO) {
         hireRepository.save(hiring);
 
         // optimise todo saveall
+        ArrayList<HiringSkill> hiringSkillList = new ArrayList<>();
         hiringVO.getMainSkills().forEach(mainSkill -> {
             HiringSkill hiringSkill = new HiringSkill();
             BeanUtils.copyProperties(mainSkill, hiringSkill);
             hiringSkill.setType(Constants.HIRING_MAIN_SKILL);
             hiringSkill.setHiringId(hiring.getId());
-            hiringSkillRepository.save(hiringSkill);
+            hiringSkillList.add(hiringSkill);
         });
 
-        // delete todo
+
         hiringVO.getOtherSkills().forEach(otherSkill -> {
             HiringSkill hiringSkill = new HiringSkill();
             BeanUtils.copyProperties(otherSkill, hiringSkill);
             hiringSkill.setType(Constants.HIRING_OTHER_SKILL);
             hiringSkill.setHiringId(hiring.getId());
-            hiringSkillRepository.save(hiringSkill);
+            hiringSkillList.add(hiringSkill);
         });
+
+        hiringSkillRepository.saveAll(hiringSkillList);
         hiringVO.setId(hiring.getId());
         return hiringVO;
     }
 
     public Page<HiringVO> all(Pageable pageable) {
         List<HiringVO> hiringVOList = new ArrayList<>();;
         Page<Hiring> hiringPage = hireRepository.findAll(pageable);
+
+        //find HiringId in []  query one time !
         hiringPage.getContent().forEach(hiring -> {
             List<HiringSkillVO> mainSkills = hiringSkillRepository.findByHiringId(hiring.getId())
                 .stream()
-                .filter(hiringSkill -> hiringSkill.getType() == Constants.HIRING_MAIN_SKILL)
                 .map(hiringSkill -> {
                     HiringSkillVO hiringSkillVO = new HiringSkillVO();
                     BeanUtils.copyProperties(hiringSkill, hiringSkillVO);
                     return hiringSkillVO;
                 })
                 .collect(Collectors.toList());
+
             List<HiringSkillVO> otherSkills = hiringSkillRepository.findByHiringId(hiring.getId())
                 .stream()
                 .filter(hiringSkill -> hiringSkill.getType() == Constants.HIRING_OTHER_SKILL)

src/main/java/com/dl/officialsite/hiring/Hiring.java

@@ -22,6 +22,7 @@ public class Hiring {
 
     private String position;
 
+    @Column(columnDefinition = "TEXT")
     private String description;
 
     private String  location;

src/main/java/com/dl/officialsite/login/Auth.java

@@ -0,0 +1,12 @@
+package com.dl.officialsite.login;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Auth {
+    String value();
+}

src/main/java/com/dl/officialsite/login/AuthAspect.java

@@ -0,0 +1,45 @@
+package com.dl.officialsite.login;
+
+import com.dl.officialsite.common.exception.UnauthorizedException;
+import com.dl.officialsite.common.utils.UserSecurityUtils;
+import com.dl.officialsite.login.model.UserPrincipleData;
+import com.dl.officialsite.member.MemberController;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.annotation.Pointcut;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+@Component
+@Aspect
+public class AuthAspect {
+//    @Autowired
+//    private UserSecurityUtils authService;
+
+    @Pointcut("@annotation(com.dl.officialsite.login.Auth)")
+    public void authPointcut() {}
+
+    public static final Logger logger = LoggerFactory.getLogger(MemberController.class);
+
+    @Before("authPointcut() && @annotation(auth)")
+    public void authBefore(JoinPoint joinPoint, Auth auth) throws UnauthorizedException {
+        String permission = auth.value();
+        UserPrincipleData userPrincipleData =  UserSecurityUtils.getUserLogin();
+        logger.info("userPrincipleData address "+ userPrincipleData.getAddress());
+        logger.info("userPrincipleData team "+ userPrincipleData.getTeams());
+       if(permission.equals("admin")) {
+
+           List team =  userPrincipleData.getTeams().stream().filter(x-> x.getTeamId()==1).collect(Collectors.toList());
+            if(team == null || team.size()==0){
+                throw new UnauthorizedException("Unauthorized access");
+            }
+
+
+       }
+    }
+}

src/main/java/com/dl/officialsite/login/enums/UserRoleEnum.java

@@ -5,6 +5,8 @@
 @Getter
 public enum UserRoleEnum {
 
+    SUPERADMIN(2),
+
     ADMIN(1),
 
     NORMAL(0);

src/main/java/com/dl/officialsite/member/MemberController.java

@@ -73,7 +73,6 @@ BaseResponse getAllMemberByCriteria(@RequestParam String address,
                                         @RequestParam(defaultValue = "10") Integer pageSize) {
 
         Pageable pageable = PageRequest.of(pageNumber - 1, pageSize);
-        logger.info("member:" + member);
         Specification<Member> queryParam = new Specification<Member>() {
             @Override
             public Predicate toPredicate(Root<Member> root, CriteriaQuery<?> criteriaQuery,
@@ -116,41 +115,12 @@ public Predicate toPredicate(Root<Member> root, CriteriaQuery<?> criteriaQuery,
 
     @PostMapping("/create")
     public BaseResponse createMember(@Valid @RequestBody Member member, @RequestParam String address) {
-        try {
-            Member _member = memberRepository
-                    .save(member);
+
+            Member _member = memberService.save(member);
             return BaseResponse.successWithData(_member);
-        } catch (DataIntegrityViolationException e) {
-            //todo
-            String mostSpecificCauseMessage = e.getMostSpecificCause().getMessage();
-            if (e.getCause() instanceof ConstraintViolationException) {
-                String name = ((ConstraintViolationException) e.getCause()).getConstraintName();
-                logger.info("Encountered ConstraintViolationException, details: " + mostSpecificCauseMessage + "constraintName: "+ name);
-            }
-            return BaseResponse.failWithReason("1000", mostSpecificCauseMessage);
-        }
     }
 
 
-    //ignore
-//    @PostMapping("/avatar/update")
-//    public BaseResponse uploadAvatar(@RequestParam String address, @RequestParam("file") MultipartFile file) {
-//        try {
-//            String hash = ipfsService.upload(file.getBytes());
-//            Optional<Member> memberData = memberRepository.findByAddress(address);
-//            if (memberData.isPresent()) {
-//                Member _member = memberData.get();
-//                _member.setAvatar(hash);
-//                memberRepository.save(_member);
-//            }
-//            return BaseResponse.successWithData(null);
-//        } catch (Exception e) {
-//            return BaseResponse.failWithReason(CodeEnums.FAIL_UPLOAD_FAIL.getCode(),
-//                CodeEnums.FAIL_UPLOAD_FAIL.getMsg());
-//        }
-//    }
-
-
     @PutMapping("/update")
     public BaseResponse updateMemberByAddress(@RequestParam String address, @RequestBody MemberVo member) {
         Optional<Member> memberData = memberRepository.findByAddress(address);
@@ -193,7 +163,9 @@ public BaseResponse updateMemberByAddress(@RequestParam String address, @Request
             if (member.getResume()!= null) {
                 _member.setResume(member.getResume());
             }
-
+            if (member.getWorkStatus()!= null) {
+                _member.setWorkStatus(member.getWorkStatus());
+            }
             return BaseResponse.successWithData(memberRepository.save(_member));
         } else {
             return BaseResponse.failWithReason("1001","no user found");

src/main/java/com/dl/officialsite/member/MemberService.java

@@ -1,12 +1,17 @@
 package com.dl.officialsite.member;
 
+import com.dl.officialsite.common.base.BaseResponse;
 import com.dl.officialsite.team.Team;
 import com.dl.officialsite.team.TeamRepository;
 import com.dl.officialsite.team.teammember.TeamMember;
 import com.dl.officialsite.team.teammember.TeamMemberRepository;
 import com.dl.officialsite.team.vo.TeamVO;
+import org.hibernate.exception.ConstraintViolationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.stereotype.Service;
 
 import java.util.ArrayList;
@@ -24,13 +29,15 @@ public class MemberService {
     @Autowired
     private TeamRepository teamRepository;
 
-    public Member getMemberByAddress(String address) {
-        Optional<Member> member = memberRepository.findByAddress(address);
-        if(member.isPresent()) {
-            return member.get();
+    public static final Logger logger = LoggerFactory.getLogger(MemberController.class);
+
+        public Member getMemberByAddress(String address) {
+            Optional<Member> member = memberRepository.findByAddress(address);
+            if(member.isPresent()) {
+                return member.get();
+            }
+            return null;
         }
-        return null;
-    }
 
 
     public MemberWithTeam getMemberWithTeamInfoByAddress(String address) {
@@ -54,4 +61,18 @@ public MemberWithTeam getMemberWithTeamInfoByAddress(String address) {
         }
         return null;
     }
+
+    public Member save(Member member) {
+        return memberRepository.save(member);
+    }
+//            } catch (DataIntegrityViolationException e) {
+//
+//                String mostSpecificCauseMessage = e.getMostSpecificCause().getMessage();
+//                if (e.getCause() instanceof ConstraintViolationException) {
+//                    String name = ((ConstraintViolationException) e.getCause()).getConstraintName();
+//                    logger.info("Encountered ConstraintViolationException, details: " + mostSpecificCauseMessage + "constraintName: "+ name);
+//                }
+//                return BaseResponse.failWithReason("1000", mostSpecificCauseMessage);
+//              }
+
 }

src/main/java/com/dl/officialsite/member/MemberVo.java

@@ -33,4 +33,5 @@ public class MemberVo {
     private String city;
     private int shareCount;
     private String resume;
+    private Long workStatus;
 }

src/main/java/com/dl/officialsite/redpacket/RedPacketController.java

@@ -1,6 +1,7 @@
 package com.dl.officialsite.redpacket;
 
 import com.dl.officialsite.common.base.BaseResponse;
+import com.dl.officialsite.login.Auth;
 import com.dl.officialsite.member.Member;
 import com.dl.officialsite.member.MemberController;
 import com.dl.officialsite.member.MemberRepository;
@@ -39,6 +40,7 @@ public class RedPacketController {
 
 
     @PostMapping("/create")
+    @Auth("admin")
     public BaseResponse createRedPacket(@Valid @RequestBody RedPacket redPacket, @RequestParam String address) {
         redPacket.setCreator(address);
         RedPacket redPacket1 = redPacketRepository.save(redPacket);

src/main/java/com/dl/officialsite/sharing/Share.java

@@ -103,6 +103,9 @@ public class Share {
     @Column(name = "meeting_link")
     private String meetingLink;
 
+    @Column
+    private int rewardAmount;
+
     @CreatedDate
     @Column(updatable = false)
     private Long createTime;

src/main/java/com/dl/officialsite/team/TeamController.java

@@ -3,6 +3,7 @@
 import com.dl.officialsite.common.base.BaseResponse;
 import com.dl.officialsite.common.enums.CodeEnums;
 import com.dl.officialsite.common.exception.BizException;
+import com.dl.officialsite.login.Auth;
 import com.dl.officialsite.member.Member;
 import com.dl.officialsite.team.vo.TeamMemberApproveVO;
 import com.dl.officialsite.team.vo.TeamMemberBatchJoinVO;
@@ -27,6 +28,7 @@ public class TeamController {
     @Autowired
     private TeamService teamService;
 
+
     @GetMapping("/admin/list")
     BaseResponse list(@RequestParam String address) {
         List<String> list = new ArrayList<>();
@@ -38,6 +40,7 @@ BaseResponse list(@RequestParam String address) {
      * 新增团队
      */
     @PutMapping
+    @Auth("admin")
     BaseResponse create(@RequestBody TeamVO team, @RequestParam String address) {
         if (teamService.checkMemberIsAdmin(address)) {
             throw new BizException(CodeEnums.NOT_THE_ADMIN.getCode(), CodeEnums.NOT_THE_ADMIN.getMsg());