组织bug

jiangping

2023-09-14 352d337c355f60909d9dd24bd613c12ea92f8015

 server/src/main/java/doumeemes/config/shiro/ShiroRealm.java

@@ -90,76 +90,82 @@
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // 获取用户名
        ShiroToken authenticationToken =(ShiroToken) token;
        String username = authenticationToken.getPrincipal().toString();
        boolean isDdLogin = authenticationToken.getDdLogin();
        // 根据用户名查询用户对象
        SystemUser queryDto = new SystemUser();
        queryDto.setUsername(username);
        queryDto.setDeleted(Boolean.FALSE);
        SystemUser user = systemUserService.findOne(queryDto);
        if (user == null) {
            return null;
        }
        SystemRole role = new SystemRole();
        SystemPermission per = new SystemPermission();
        DepartmentExtListVO rootDepart = null,comDepart=null, depart = null;
        List<Integer> dpList = null;
        CompanyExtListVO com = null;
        CompanyUserExtListVO cu =null;
        if(Constants.equalsInteger(user.getType(),Constants.PlatType.admin)){
            //如果是平台用户
            role.setType(Constants.ROLETYPE.plat);
            per.setType(Constants.PlatType.admin);
        if(authenticationToken .getUpdateFlag() == 1){
            //如果是更新session
            return new SimpleAuthenticationInfo(authenticationToken.getUpdateUser(), authenticationToken.getPassword(), this.getName());
        }else{
            if(authenticationToken.getCompanyId() == null){
                throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起，该账户删除！");
            String username = authenticationToken.getPrincipal().toString();
            boolean isDdLogin = authenticationToken.getDdLogin();
            // 根据用户名查询用户对象
            SystemUser queryDto = new SystemUser();
            queryDto.setUsername(username);
            queryDto.setDeleted(Boolean.FALSE);
            SystemUser user = systemUserService.findOne(queryDto);
            if (user == null) {
                return null;
            }
            com = companyExtService.getModelById(authenticationToken.getCompanyId());
            if(com == null || Constants.equalsInteger( com.getDeleted(),Constants.ONE)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该账户删除！请联系管理员");
            }
            if(Constants.equalsInteger( com.getStatus(),Constants.ZERO) ){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业已禁用！");
            }
            if(com.getOepnValidDate() != null && com.getOepnValidDate().before(new Date())){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业已过使用有效期！");
            }
            //如果是企业用户
            QueryCompanyUserExtDTO c =new QueryCompanyUserExtDTO();
            c.setUserId(user.getId());
            c.setDeleted(Constants.ZERO);
            c.setCompanyId(authenticationToken.getCompanyId());
            cu = companyUserExtService.selectOne(c);
            if(cu == null){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业用户不存在！");
            }
            if(Constants.equalsInteger(cu.getStatus(),Constants.ONE)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业用户已禁用！");
            }
            rootDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getRootDepartId());
            comDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getComDepartId());
            depart = departmentExtService.getModelById(c.getCompanyId(),cu.getDepartmentId());
            if(rootDepart == null || comDepart == null || depart==null){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业用户账户异常！");
            }
            role.setCompanyId(authenticationToken.getCompanyId());
            role.setType(Constants.ROLETYPE.com);
            per.setType(Constants.PlatType.company);
            per.setRoleType(Constants.ROLETYPE.com);
            per.setCompanyId(authenticationToken.getCompanyId());
            SystemRole rt = new SystemRole();
            rt.setType(Constants.ROLETYPE.com);
            rt.setCompanyId(c.getCompanyId());
            //数据部门权限集合
            dpList =systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user,depart);
            SystemRole role = new SystemRole();
            SystemPermission per = new SystemPermission();
            DepartmentExtListVO rootDepart = null,comDepart=null, depart = null;
            List<Integer> dpList = null;
            CompanyExtListVO com = null;
            CompanyUserExtListVO cu =null;
            if(Constants.equalsInteger(user.getType(),Constants.PlatType.admin)){
                //如果是平台用户
                role.setType(Constants.ROLETYPE.plat);
                per.setType(Constants.PlatType.admin);
            }else{
                if(authenticationToken.getCompanyId() == null){
                    throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起，该账户删除！");
                }
                com = companyExtService.getModelById(authenticationToken.getCompanyId());
                if(com == null || Constants.equalsInteger( com.getDeleted(),Constants.ONE)){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该账户删除！请联系管理员");
                }
                if(Constants.equalsInteger( com.getStatus(),Constants.ZERO) ){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业已禁用！");
                }
                if(com.getOepnValidDate() != null && com.getOepnValidDate().before(new Date())){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业已过使用有效期！");
                }
                //如果是企业用户
                QueryCompanyUserExtDTO c =new QueryCompanyUserExtDTO();
                c.setUserId(user.getId());
                c.setDeleted(Constants.ZERO);
                c.setCompanyId(authenticationToken.getCompanyId());
                cu = companyUserExtService.selectOne(c);
                if(cu == null){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业用户不存在！");
                }
                if(Constants.equalsInteger(cu.getStatus(),Constants.ONE)){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业用户已禁用！");
                }
                rootDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getRootDepartId());
                comDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getComDepartId());
                depart = departmentExtService.getModelById(c.getCompanyId(),cu.getDepartmentId());
                if(rootDepart == null || comDepart == null || depart==null){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，该企业用户账户异常！");
                }
                role.setCompanyId(authenticationToken.getCompanyId());
                role.setType(Constants.ROLETYPE.com);
                per.setType(Constants.PlatType.company);
                per.setRoleType(Constants.ROLETYPE.com);
                per.setCompanyId(authenticationToken.getCompanyId());
                SystemRole rt = new SystemRole();
                rt.setType(Constants.ROLETYPE.com);
                rt.setCompanyId(c.getCompanyId());
                //数据部门权限集合
                dpList =systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user,depart);

            }
            // 获取登录用户信息
            List<SystemRole> roles = systemRoleService.findByUserModel(user.getId(),role);
            List<SystemPermission> permissions = systemPermissionService.findByUserModel(user.getId(),per);
            LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,com,rootDepart,comDepart,depart,dpList,cu);
            // 验证用户
            return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());
        }
        // 获取登录用户信息
        List<SystemRole> roles = systemRoleService.findByUserModel(user.getId(),role);
        List<SystemPermission> permissions = systemPermissionService.findByUserModel(user.getId(),per);
        LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,com,rootDepart,comDepart,depart,dpList,cu);
        // 验证用户
        return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());

    }

}