Example 1 with AdminRank
use of org.neusoft.neubbs.controller.annotation.AdminRank in project neubbs by nuitcoder.
the class TopicController method removeTopicReply.
/**
* 删除回复
*
* @param requestBodyParamsMap request-body 内 JSON 数据
* @return ApiJsonDTO 接口 JSON 传输对象
*/
@LoginAuthorization
@AccountActivation
@AdminRank
@RequestMapping(value = "/topic/reply-remove", method = RequestMethod.POST, consumes = "application/json")
public ApiJsonDTO removeTopicReply(@RequestBody Map<String, Object> requestBodyParamsMap) {
Integer replyId = (Integer) requestBodyParamsMap.get(ParamConst.REPLY_ID);
validationService.check(ParamConst.ID, String.valueOf(replyId));
topicService.removeReply(replyId);
return new ApiJsonDTO().success();
}
Also used :
ApiJsonDTO(org.neusoft.neubbs.dto.ApiJsonDTO)
AccountActivation(org.neusoft.neubbs.controller.annotation.AccountActivation)
AdminRank(org.neusoft.neubbs.controller.annotation.AdminRank)
LoginAuthorization(org.neusoft.neubbs.controller.annotation.LoginAuthorization)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 2 with AdminRank
use of org.neusoft.neubbs.controller.annotation.AdminRank in project neubbs by nuitcoder.
the class TopicController method removeTopic.
/**
* 删除话题
*
* @param requestBodyParamsMap request-body 内 JSON 数据
* @return ApiJsonDTO 接口 Json 传输对象
*/
@LoginAuthorization
@AccountActivation
@AdminRank
@RequestMapping(value = "/topic-remove", method = RequestMethod.POST, consumes = "application/json")
public ApiJsonDTO removeTopic(@RequestBody Map<String, Object> requestBodyParamsMap) {
Integer topicId = (Integer) requestBodyParamsMap.get(ParamConst.TOPIC_ID);
validationService.check(ParamConst.ID, String.valueOf(topicId));
topicService.removeTopic(topicId);
return new ApiJsonDTO().success();
}
Also used :
ApiJsonDTO(org.neusoft.neubbs.dto.ApiJsonDTO)
AccountActivation(org.neusoft.neubbs.controller.annotation.AccountActivation)
AdminRank(org.neusoft.neubbs.controller.annotation.AdminRank)
LoginAuthorization(org.neusoft.neubbs.controller.annotation.LoginAuthorization)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 3 with AdminRank
use of org.neusoft.neubbs.controller.annotation.AdminRank in project neubbs by nuitcoder.
the class ApiInterceptor method doAdminRank.
/**
* 执行管理员权限验证
* - 判断 api 函数是否标识 @AdminRank
* - 判断是否存在 authentication Cookie(不存在表明未登陆, 未登录无权操作)
* - 判断 authentication Cookie 是否解密成功(解密失败,表示认认证信息已经过期)
* - 从认证信息内获取用户信息,判断用户权限
*
* @param request http 请求
* @param handler 方法对象
*/
private void doAdminRank(HttpServletRequest request, Object handler) throws ServiceException {
HandlerMethod handlerMethod = (HandlerMethod) handler;
if (handlerMethod.getMethodAnnotation(AdminRank.class) != null) {
String authentication = CookieUtil.getCookieValue(request, ParamConst.AUTHENTICATION);
UserDO currentUser = this.judgeAuthentication(authentication);
// judge user rank
if (!SetConst.RANK_ADMIN.equals(currentUser.getRank())) {
throw new PermissionException(ApiMessage.NO_PERMISSION).log(LogWarnEnum.AT3);
}
}
}
Also used :
PermissionException(org.neusoft.neubbs.exception.PermissionException)
AdminRank(org.neusoft.neubbs.controller.annotation.AdminRank)
UserDO(org.neusoft.neubbs.entity.UserDO)
HandlerMethod(org.springframework.web.method.HandlerMethod)
Aggregations
AdminRank (org.neusoft.neubbs.controller.annotation.AdminRank)3
AccountActivation (org.neusoft.neubbs.controller.annotation.AccountActivation)2
LoginAuthorization (org.neusoft.neubbs.controller.annotation.LoginAuthorization)2
ApiJsonDTO (org.neusoft.neubbs.dto.ApiJsonDTO)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
UserDO (org.neusoft.neubbs.entity.UserDO)1
PermissionException (org.neusoft.neubbs.exception.PermissionException)1
HandlerMethod (org.springframework.web.method.HandlerMethod)1
