Browse Source

double check role and node matching

dengjia 3 tháng trước cách đây
mục cha
commit
89447aa291

+ 24 - 0
hnqz-upms/hnqz-upms-biz/src/main/java/com/qunzhixinxi/hnqz/admin/manager/TaskManager.java

@@ -39,6 +39,8 @@ import com.qunzhixinxi.hnqz.common.core.constant.CacheConstants;
 import com.qunzhixinxi.hnqz.common.core.constant.CommonConstants;
 import com.qunzhixinxi.hnqz.common.core.exception.BizException;
 import com.qunzhixinxi.hnqz.common.security.service.HnqzUser;
+import com.qunzhixinxi.hnqz.common.security.util.SecurityUtils;
+
 import java.time.LocalDate;
 import java.time.LocalDateTime;
 import java.time.LocalTime;
@@ -58,6 +60,7 @@ import java.util.stream.Collectors;
 import java.util.stream.Stream;
 import javax.annotation.Resource;
 import javax.validation.Valid;
+
 import org.springframework.data.redis.core.ListOperations;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
@@ -117,6 +120,16 @@ public class TaskManager {
               1723012356)
           .collect(Collectors.toList());
 
+  private static final Map<Integer, List<Integer>> NODE2ROLEs = Map.of(
+    1, Arrays.asList(37),
+    2, Arrays.asList(43),
+    3, Arrays.asList(4),
+    9, Arrays.asList(40), // 商务
+    8, Arrays.asList(42), // 市场
+    5, Arrays.asList(41, 39),
+    6, Arrays.asList(39)
+  );
+
   /**
    * 平铺审核分页
    *
@@ -570,6 +583,7 @@ public class TaskManager {
   // 任务单一审核
   @Transactional(rollbackFor = Exception.class)
   public void doSingleCheck(@Valid TaskReqVO.OnSingleCheck checkReq, HnqzUser user) {
+    validateRoleNode(SecurityUtils.getRoles(), checkReq.getNodeId());
 
     Boolean checkResult = checkReq.getCheckResult();
     String checkMessage = checkReq.getCheckMessage();
@@ -753,6 +767,7 @@ public class TaskManager {
   // 批量审核
   @Transactional(rollbackFor = Exception.class)
   public void doBatchCheck(@Valid TaskReqVO.OnBatchCheck checkReq, HnqzUser user) {
+    validateRoleNode(SecurityUtils.getRoles(), checkReq.getNodeId());
 
     Boolean checkResult = checkReq.getCheckResult();
     String checkMessage = checkReq.getCheckMessage();
@@ -895,6 +910,15 @@ public class TaskManager {
     }
   }
 
+  private void validateRoleNode(List<Integer> roleIds, Integer nodeId) {
+      List<Integer> allowedRoles = NODE2ROLEs.get(nodeId);
+      if (allowedRoles == null || !CollUtil.containsAny(allowedRoles, roleIds)) {
+        throw new BizException(String.format("当前角色%s被设置成不能在节点%d审核", 
+          roleIds.stream().map(String::valueOf).collect(Collectors.joining(",")), 
+          nodeId));
+    }
+  }
+
   private void validateTaskDetails1(List<WmTask> tasks, List<String> targetIds) {
 
     if (CollUtil.isEmpty(tasks) || (tasks.size() != targetIds.size())) {