Skip to content

Y
yd-backend
Commit dd22a5ee by hongzhong
Options

等保调整,增加部分接口鉴权,防止水平越权

parent 03a98fb7
Showing with 198 additions and 3 deletions
yd-api/src/main/java/com/yd/api/agms/service/impl/AgmsPractitionerServiceImpl.java
......@@ -4,8 +4,10 @@ import com.github.pagehelper.PageInfo;
import com.yd.api.agms.service.AgmsPractitionerService;
import com.yd.api.agms.vo.practitioner.*;
import com.yd.api.result.CommonResult;
import com.yd.dal.entity.customer.AclCustomer;
import com.yd.dal.entity.customer.AclPractitionerFileSharing;
import com.yd.dal.service.agms.AgmsPractitionerDALService;
import com.yd.dal.service.customer.AclPractitionerDALService;
import com.yd.dal.service.customer.AclPractitionerFileSharingDALService;
import com.yd.util.CommonUtil;
import com.yd.util.config.ZHBErrorConfig;
......@@ -14,6 +16,8 @@ import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* @author xxy
*/
......@@ -24,7 +28,8 @@ public class AgmsPractitionerServiceImpl implements AgmsPractitionerService {
private AclPractitionerFileSharingDALService aclPractitionerFileSharingDalService;
@Autowired
private AgmsPractitionerDALService agmsPractitionerDALService;
@Autowired
private AclPractitionerDALService aclPractitionerDALService;
@Override
public PractitionerFileSharingSaveResponseVO practitionerFileSharingSave(PractitionerFileSharingSaveRequestVO requestVO) {
PractitionerFileSharingSaveResponseVO responseVO = new PractitionerFileSharingSaveResponseVO();
......@@ -44,6 +49,13 @@ public class AgmsPractitionerServiceImpl implements AgmsPractitionerService {
if (!CommonUtil.isNullOrBlank(requestVO.getMdDropOptionId())){
mdDropOptionIds=(Long[]) ConvertUtils.convert(requestVO.getMdDropOptionId().split(","),Long.class);
}
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(requestVO.getPractitionerId());
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
PageInfo<PractitionerFileSharing> practitionerFileShares = agmsPractitionerDALService.practitionerFileSharingList(requestVO.getId(),
requestVO.getPractitionerId(),
requestVO.getShareCode(),
......
yd-api/src/main/java/com/yd/api/market/service/impl/MarketServiceImpl.java
......@@ -7,6 +7,7 @@ import com.yd.api.market.vo.announcement.AnnouncementQueryResponseVO;
import com.yd.api.market.vo.poster.PosterQueryRequestVO;
import com.yd.api.market.vo.poster.PosterQueryResponseVO;
import com.yd.api.result.CommonResult;
import com.yd.dal.entity.customer.AclCustomer;
import com.yd.dal.entity.customer.AclPractitioner;
import com.yd.dal.entity.marketing.MktAnnouncement;
import com.yd.dal.entity.marketing.PosterInfo;
......@@ -35,7 +36,6 @@ public class MarketServiceImpl implements MarketService {
private AclPractitionerDALService aclPractitionerDALService;
@Autowired
private MarketDALService marketDALService;
@Override
public AnnouncementQueryResponseVO announcementQuery(AnnouncementQueryRequestVO requestVO) {
AnnouncementQueryResponseVO responseVO = new AnnouncementQueryResponseVO();
......@@ -83,6 +83,12 @@ public class MarketServiceImpl implements MarketService {
public PosterQueryResponseVO posterQuery(PosterQueryRequestVO requestVO) {
PosterQueryResponseVO responseVO = new PosterQueryResponseVO();
Long practitionerId = requestVO.getPractitionerId();
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
AclPractitioner practitioner = aclPractitionerDALService.findPractitionerById(practitionerId);
responseVO.setIsNameShow(practitioner.getIsNameShow());
responseVO.setIsMobileShow(practitioner.getIsMobileShow());
......
yd-api/src/main/java/com/yd/api/practitioner/service/impl/PractitionerBasicInfoServiceImpl.java
......@@ -18,6 +18,7 @@ import com.yd.api.practitioner.vo.subordinate.TeamMemberDetail;
import com.yd.api.result.CommonResult;
import com.yd.dal.entity.agms.fortune.WithdrawLabelInfo;
import com.yd.dal.entity.agms.fortune.WithdrawQueryInfo;
import com.yd.dal.entity.customer.AclCustomer;
import com.yd.dal.entity.customer.AclFileUpload;
import com.yd.dal.entity.customer.AclPractitioner;
import com.yd.dal.entity.customer.practitioner.PractitionerBasicInfo;
......@@ -115,7 +116,6 @@ public class PractitionerBasicInfoServiceImpl implements PractitionerBasicInfoSe
private AgmsFortuneDALService agmsFortuneDalService;
@Autowired
private AgAclSalaryMapper agAclSalaryMapper;
@Override
public PolicyListQueryResponseVO policyListQuery(PolicyListQueryRequestVO requestVO) {
PolicyListQueryResponseVO responseVO = new PolicyListQueryResponseVO();
......@@ -123,6 +123,13 @@ public class PractitionerBasicInfoServiceImpl implements PractitionerBasicInfoSe
Integer platform = requestVO.getPlatform();
if (practitionerId != null) {
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
String mobileNo = aclPractitionerDALService.findMobileNoByPractitionerId(practitionerId);
if (!Strings.isNullOrEmpty(mobileNo) && mobileNo.length() == 11) {
List<PolicyInfo> policyInfoList = new ArrayList<>();
......@@ -379,6 +386,13 @@ public class PractitionerBasicInfoServiceImpl implements PractitionerBasicInfoSe
String isHistory = requestVO.getIsHistory();
List<PayScaleInfo> resultList = new ArrayList<>();
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(requestVO.getPractitionerId());
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
try {
if ("0".equals(isHistory)) {
// 查询本年
......@@ -755,6 +769,12 @@ public class PractitionerBasicInfoServiceImpl implements PractitionerBasicInfoSe
Long practitionerId = requestVO.getPractitionerId();
String systemType = requestVO.getSystemType();
try {
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
resp.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return resp;
}
// 获取团队成员或被辅导人的practitionerId
List<Long> practitionerIdList = new ArrayList<>();
if(null != requestVO.getSId()){
......
yd-api/src/main/java/com/yd/api/practitioner/service/impl/PractitionerHiringServiceImpl.java
......@@ -10,6 +10,7 @@ import com.yd.dal.entity.customer.*;
import com.yd.dal.entity.meta.MdPractitionerHiringApproveSteps;
import com.yd.dal.entity.practitioner.hiring.*;
import com.yd.dal.mapper.customer.*;
import com.yd.dal.service.customer.AclPractitionerDALService;
import com.yd.dal.service.customer.AclPractitionerHiringApproveRecordsDALService;
import com.yd.dal.service.practitioner.PractitionerHiringDALService;
import com.yd.rmi.ali.oss.service.OssService;
......@@ -57,6 +58,8 @@ public class PractitionerHiringServiceImpl implements PractitionerHiringService
private AclPractitionerMapper aclPractitionerMapper;
@Autowired
private SendService sendService;
@Autowired
private AclPractitionerDALService aclPractitionerDALService;
private PractitionerHiringDALService practitionerHiringDalService;
private SystemConfigService systemConfigService;
......@@ -417,6 +420,12 @@ public class PractitionerHiringServiceImpl implements PractitionerHiringService
Long practitionerId = requestVO.getPractitionerId();
Long approvingStatus = requestVO.getApprovingStatus();
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
List<HiringListInfo> hiringListInfoList;
if (Long.valueOf("0").equals(approvingStatus)) {
// 当前经纪人的待审批记录
......@@ -840,6 +849,12 @@ public class PractitionerHiringServiceImpl implements PractitionerHiringService
if (practitionerId == null) {
resp.setCommonResult(new CommonResult(false, "practitionerId不能为空"));
} else {
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
resp.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return resp;
}
AclPractitioner practitioner = aclPractitionerMapper.selectByPrimaryKey(practitionerId);
resp.setCommonResult(new CommonResult(true, ZHBErrorConfig.getErrorInfo("800000")));
......
yd-api/src/main/java/com/yd/api/practitioner/service/impl/PractitionerServiceImpl.java
......@@ -613,6 +613,12 @@ public class PractitionerServiceImpl implements com.yd.api.practitioner.service.
public SettingQueryResponseVO settingQuery(SettingQueryRequestVO requestVO) {
SettingQueryResponseVO responseVO = new SettingQueryResponseVO();
Long practitionerId = requestVO.getPractitionerId();//入参经纪人id
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
//需要查询的信息 1.自我介绍 2.我的设置 3.头像 4.个人微信二位码 5.生活照
//1.2均在ag_acl_practitioner表中查询
AclPractitioner practitioner = aclPractitionerDALService.findPractitionerById(practitionerId);
......@@ -776,6 +782,12 @@ public class PractitionerServiceImpl implements com.yd.api.practitioner.service.
//查询自己的商机列表
OwnOpportunityQueryResponseVO responseVO = new OwnOpportunityQueryResponseVO();
Long practitionerId = requestVO.getPractitionerId();
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
//经纪人查询通过自己分享成为自己商机的客户
AclPractitioner practitioner = aclPractitionerDALService.findPractitionerById(practitionerId);
Long customerId = practitioner.getCustomerId();
......@@ -1348,6 +1360,12 @@ public class PractitionerServiceImpl implements com.yd.api.practitioner.service.
RecruitListResponseVO responseVO = new RecruitListResponseVO();
Long practitionerId = requestVO.getPractitionerId();
if(practitionerId != null){
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
Integer status = requestVO.getStatus();
//1、获取用户数据
List<PractitionerPotentialInfo> practitionerPotentialInfoList = aclPractitionerPotentialDALService.findByPractitionerIdAndLasted(practitionerId);
......@@ -1873,6 +1891,12 @@ public class PractitionerServiceImpl implements com.yd.api.practitioner.service.
SalesTargetQueryResponseVO responseVO = new SalesTargetQueryResponseVO();
//经纪人id
Long practitionerId = requestVO.getPractitionerId();
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
//当前年份
Calendar cal = Calendar.getInstance();
int year = cal.get(Calendar.YEAR);
......@@ -2278,6 +2302,12 @@ public class PractitionerServiceImpl implements com.yd.api.practitioner.service.
List<SalesPerformanceForecastInfo> infos = new ArrayList<>();
//通过团队长经纪人id,查询此团队所有经纪人id
Long practitionerId = requestVO.getPractitionerId();
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
List<AclPractitioner> practitioners = aclPractitionerDALService.findByIds(this.getPractitionerIdList(practitionerId,1));
if (practitioners.isEmpty()){
responseVO.setCommonResult(new CommonResult(true, ZHBErrorConfig.getErrorInfo("800000")));
......@@ -2686,6 +2716,12 @@ public class PractitionerServiceImpl implements com.yd.api.practitioner.service.
SubordinateSystemMemberQueryResponseVO responseVO = new SubordinateSystemMemberQueryResponseVO();
Long practitionerId = requestVO.getPractitionerId();
if(practitionerId != null){
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
responseVO.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return responseVO;
}
Integer time = requestVO.getTime();
time = (time == null) ? 1 : time;
PageHelper.clearPage();//偶然遇到了这个问题,同一个查询结果一会是10个(预期),一会是真实个数(刷新/重启应用就又变成真实个数) 查看日志,发现了问题:结果为10个时查询SQL自动加上了Limit 10
......
yd-api/src/main/java/com/yd/api/practitioner/service/impl/ScheduleTrackServiceImpl.java
......@@ -4,6 +4,7 @@ import com.yd.api.practitioner.service.PractitionerService;
import com.yd.api.practitioner.service.ScheduleTrackService;
import com.yd.api.practitioner.vo.sechedule.*;
import com.yd.api.result.CommonResult;
import com.yd.dal.entity.customer.AclCustomer;
import com.yd.dal.entity.customer.AclPractitionerPotential;
import com.yd.dal.entity.customer.AclPractitionerPotentialAssignedTrack;
import com.yd.dal.entity.customer.practitioner.PractitionerRankInfo;
......@@ -13,6 +14,7 @@ import com.yd.dal.entity.practitioner.*;
import com.yd.dal.mapper.customer.AclPractitionerPotentialMapper;
import com.yd.dal.mapper.marketing.ScheduleTrackMapper;
import com.yd.dal.service.agms.AgmsDashboardDALService;
import com.yd.dal.service.customer.AclPractitionerDALService;
import com.yd.dal.service.customer.AclPractitionerPotentialAssignedTrackDALService;
import com.yd.dal.service.marketing.MktLeadsAssignedTrackDALService;
import com.yd.dal.service.meta.MdDropOptionsDALService;
......@@ -44,6 +46,8 @@ public class ScheduleTrackServiceImpl implements ScheduleTrackService {
private AclPractitionerPotentialMapper aclPractitionerPotentialMapper;
@Autowired
private PractitionerService practitionerService;
@Autowired
private AclPractitionerDALService aclPractitionerDALService;
@Override
public AddScheduleTrackResponseVO insert(AddScheduleTrackRequestVO requestVO) {
......@@ -207,6 +211,12 @@ public class ScheduleTrackServiceImpl implements ScheduleTrackService {
}
List<ScheduleTrackVO> showList = new ArrayList<>();
try {
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
resp.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return resp;
}
List<ScheduleTrack> dataList = scheduleTrackMapper.queryScheduleTrackList(practitionerId, trackDate);
Map<Long, MdDropOptions> taskTypeMap = this.getScheduleTaskTypeMap();
String optionName = null;
......@@ -279,6 +289,12 @@ public class ScheduleTrackServiceImpl implements ScheduleTrackService {
QueryPEPScoreResponseVO resp = new QueryPEPScoreResponseVO();
Long practitionerId = requestVO.getPractitionerId();
try {
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
resp.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return resp;
}
// 获取本月第一天
Calendar cal = Calendar.getInstance();
cal.add(Calendar.MONTH, 0);
......@@ -377,6 +393,12 @@ public class ScheduleTrackServiceImpl implements ScheduleTrackService {
Long practitionerId = requestVO.getPractitionerId();
String time = requestVO.getTime();
//等保调整
List<AclCustomer> findByObjSortable = aclPractitionerDALService.getAclCustomers(practitionerId);
if(null == findByObjSortable ){
resp.setCommonResult(new CommonResult(false,ZHBErrorConfig.getErrorInfo("630028")));
return resp;
}
// 根据time获取查询起始日期和结束日期,默认当天
Date startDate = new Date();
Date endDate = new Date();
......
yd-api/src/main/java/com/yd/dal/service/customer/AclPractitionerDALService.java
......@@ -2,6 +2,7 @@ package com.yd.dal.service.customer;
import com.yd.api.practitioner.vo.payscale.PayScaleInfo;
import com.yd.api.practitioner.vo.subordinate.TeamMemberDetail;
import com.yd.dal.entity.customer.AclCustomer;
import com.yd.dal.entity.practitioner.opportunity.PlayerSalesActivityInfo;
import com.yd.dal.entity.practitioner.opportunity.OwnOpportunityInfo;
import com.yd.dal.entity.customer.AclPractitioner;
......@@ -209,4 +210,9 @@ public interface AclPractitionerDALService {
List<PractitionerInfo> findPractitionerInfoByMobileList(List<String> mobileList);
List<PayScaleInfo> queryEGHistorySalaryPDFByPractitionerId(Long practitionerId);
/**
水平越权处理,从token中获取当前用户(手机号),然后根据客户id查看是否有权限,查不到数据则说明没有权限
*/
List<AclCustomer> getAclCustomers(Long practitionerId);
}
yd-api/src/main/java/com/yd/dal/service/customer/impl/AclPractitionerDALServiceImpl.java
......@@ -3,6 +3,7 @@ package com.yd.dal.service.customer.impl;
import com.google.common.base.Strings;
import com.yd.api.practitioner.vo.payscale.PayScaleInfo;
import com.yd.api.practitioner.vo.subordinate.TeamMemberDetail;
import com.yd.dal.entity.customer.AclCustomer;
import com.yd.dal.entity.practitioner.opportunity.PlayerSalesActivityInfo;
import com.yd.dal.entity.practitioner.opportunity.OwnOpportunityInfo;
import com.yd.dal.entity.customer.AclPractitioner;
......@@ -10,15 +11,23 @@ import com.yd.dal.entity.customer.practitioner.PractitionerBasicInfo;
import com.yd.dal.entity.customer.practitioner.PractitionerInfo;
import com.yd.dal.entity.customer.practitioner.PractitionerRankInfo;
import com.yd.dal.entity.practitioner.payscale.PayScaleBasicInfo;
import com.yd.dal.mapper.customer.AclCustomerMapper;
import com.yd.dal.mapper.customer.AclPractitionerMapper;
import com.yd.dal.service.customer.AclPractitionerDALService;
import com.yd.util.CommonUtil;
import com.yd.util.auth.setting.AudienceSetting;
import com.yd.util.auth.setting.JwtTokenUtil;
import com.yd.util.deshandler.DESTypeHandler;
import com.yd.util.intercept.annotation.TargetDataSource;
import com.yd.util.intercept.commons.DataSourceKey;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;
@Service("aclPractitionerDALService")
......@@ -26,6 +35,12 @@ public class AclPractitionerDALServiceImpl implements AclPractitionerDALService
private static final Logger LOG = Logger.getLogger(AclPractitionerDALServiceImpl.class);
@Resource
private AclPractitionerMapper aclPractitionerMapper;
@Autowired
private AudienceSetting audienceSetting;
@Autowired
private JwtTokenUtil jwtTokenUtil;
@Autowired
private AclCustomerMapper aclCustomerMapper;
@Override
public AclPractitioner findByCustomerIdIsActive(Long customerId, int isActive) {
return aclPractitionerMapper.findByCustomerIdIsActive(customerId,isActive);
......@@ -231,4 +246,39 @@ public class AclPractitionerDALServiceImpl implements AclPractitionerDALService
public List<PayScaleInfo> queryEGHistorySalaryPDFByPractitionerId(Long practitionerId) {
return aclPractitionerMapper.queryEGHistorySalaryPDFByPractitionerId(practitionerId);
}
@Override
public List<AclCustomer> getAclCustomers(Long practitionerId) {
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
HttpServletRequest request = (HttpServletRequest) requestAttributes.resolveReference(RequestAttributes.REFERENCE_REQUEST);
String userId = "";
int issuerLength = audienceSetting.issuer.length();
String token = request.getHeader(audienceSetting.header);
if(!CommonUtil.isNullOrBlank(token) && token.length() > issuerLength){
String headStr = token.substring(0, issuerLength).toLowerCase();
if (headStr.compareTo(audienceSetting.issuer) == 0){
token = token.substring(issuerLength, token.length());
//token格式合法并且没有失效
if (jwtTokenUtil.validateToken(token) && !jwtTokenUtil.isTokenExpired(token)){
userId = jwtTokenUtil.getUserIdToken(token);
}
}
}
LOG.info("等保调整,token中的userId: "+userId);
if(CommonUtil.isNullOrBlank(userId)){
return null;
}
AclPractitioner practitioner = aclPractitionerMapper.selectByPrimaryKey(practitionerId);
if(null != practitioner){
AclCustomer aclCustomer = new AclCustomer();
aclCustomer.setId(practitioner.getCustomerId());
aclCustomer.setMobileNo(userId);
List<AclCustomer> findByObjSortable = aclCustomerMapper.findByObj(aclCustomer);
if(findByObjSortable == null || findByObjSortable.size() == 0){
return null;
}
return findByObjSortable;
}
return null;
}
}
yd-api/src/main/java/com/yd/util/auth/setting/JwtTokenUtil.java
......@@ -30,6 +30,8 @@ public class JwtTokenUtil {
private static final String CLAIM_KEY_CREATED = "created";
// private static final String CLAIM_KEY_BIRTHDAY = "birthDay";
// private static final String CLAIM_KEY_ADDRESS = "address";
private static final String CLAIM_KEY_USERID = "UserId";
@Autowired
private AudienceSetting audienceSetting;
......@@ -252,4 +254,22 @@ public class JwtTokenUtil {
map.put("claims", claims);
return map;
}
/**
* 获取登录用户
* @param token
* @return
*/
public String getUserIdToken(String token) {
String userId = null ;
Map<String,Object> map = getClaimsFromToken(token);
String resultCode = (String)map.get("resultCode");
if("SUCCESS".equals(resultCode)){
Object obj = map.get("claims");
if(obj != null){
Claims claims = (Claims)obj;
userId = (String)claims.get(CLAIM_KEY_USERID);
}
}
return userId;
}
}
yd-api/src/main/resources/i18n/messages.properties
......@@ -7,3 +7,5 @@
800000=执行成功!
##系统提示信息
810001=token无效或者错误!
##等保水平越权错误信息
630028=该账户无权限访问此接口!
yd-api/src/main/resources/i18n/messages_zh_CN.properties
......@@ -53,3 +53,5 @@
830036=标签名称有值时标签级别不能为空!
830037=该标签类别已经有一级标签!
830038=该标签类别已存在相同的标签名称!
##等保水平越权错误信息
630028=该账户无权限访问此接口!
yd-api/src/main/resources/mapper/customer/AclCustomerMapper.xml
......@@ -793,5 +793,9 @@
<if test="email != null">
and email = #{email,jdbcType=VARCHAR}
</if>
<if test="id != null">
and id = #{id,jdbcType=BIGINT}
</if>
</select>
</mapper>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment