bugfix

sckw-common/sckw-common-core/src/main/java/com/sckw/core/filter/RequestCheckFilter.java

@@ -32,11 +32,20 @@ import java.util.*;
  * @date: 2023/6/14
  */
 public class RequestCheckFilter implements Filter {
+
     @Autowired
     CustomConfig customConfig;
 
+    /**
+     * 直接放行不需要校验token的请求
+     */
     private static final List<String> EXCLUDEPATH = new ArrayList<>();
 
+    /**
+     * 需要校验token但不用接口权限校验的请求
+     */
+    private static final List<String> WITHOUTPATH = new ArrayList<>();
+
     private static final String REGISTER = "/kwsEnt/register";
 
     /**
@@ -49,6 +58,10 @@ public class RequestCheckFilter implements Filter {
         if (StringUtils.isNotBlank(links)) {
             EXCLUDEPATH.addAll(Arrays.asList(links.split(Global.COMMA)));
         }
+//        String withoutLinks = customConfig.getWithoutLinks();
+//        if (StringUtils.isNotBlank(withoutLinks)) {
+//            WITHOUTPATH.addAll(Arrays.asList(withoutLinks.split(Global.COMMA)));
+//        }
     }
 
     @Override
@@ -153,12 +166,12 @@ public class RequestCheckFilter implements Filter {
 
         /*5、请求权限校验*/
         //非管理员有接口权限才放行
-        if (loginUserInfo.getIsMain() != Global.YES
-                && NumberUtils.parseInt(systemType) == SystemTypeEnum.MANAGE.getCode()
-                && !checkMenu(clientType, loginUserInfo.getId(), requestUri)) {
-            ResponseUtil.writer(response, HttpResult.error(HttpStatus.AUTHORITY_NO_CODE, HttpStatus.ACCESS_FIAL));
-            return;
-        }
+//        if (loginUserInfo.getIsMain() == Global.NO
+//                && !WITHOUTPATH.contains(requestUri)
+//                && !checkMenu(clientType, loginUserInfo.getId(), requestUri)) {
+//            ResponseUtil.writer(response, HttpResult.error(HttpStatus.AUTHORITY_NO_CODE, HttpStatus.ACCESS_FIAL));
+//            return;
+//        }
 
         LoginUserHolder.set(loginUserInfo);
         LoginEntHolder.set(loginEntInfo);

sckw-common/sckw-common-core/src/main/java/com/sckw/core/web/config/CustomConfig.java

@@ -19,10 +19,16 @@ public class CustomConfig {
     @Value("${links}")
     private String links;
 
-    /**
-     * 是否允许一个账号绑定多个角色
-     */
-    @Value("${isBindManyRole}")
-    private Integer isBindManyRole;
+//    /**
+//     * 是否允许一个账号绑定多个角色
+//     */
+//    @Value("${isBindManyRole}")
+//    private Integer isBindManyRole;
+
+//    /**
+//     * 需要token校验但不需要接口权限校验的请求链接
+//     */
+//    @Value("${withoutLinks}")
+//    private String withoutLinks;
 
 }

sckw-modules/sckw-system/src/main/java/com/sckw/system/controller/KwsUserController.java

@@ -89,7 +89,9 @@ public class KwsUserController {
      */
     @PostMapping("/add")
     @RepeatSubmit(interval = 3000,message ="两次请求间隔未超过3秒")
-    public HttpResult add(@Valid @RequestBody UserAddReqVo reqVo) {
+    public HttpResult add(@Valid @RequestBody UserAddReqVo reqVo,
+                          @RequestHeader(name = "System-Type", required = true) int systemType) {
+        reqVo.setSystemType(systemType);
         kwsUserService.add(reqVo);
         return HttpResult.ok(HttpStatus.MSG_003);
     }

sckw-modules/sckw-system/src/main/java/com/sckw/system/service/KwsRoleService.java

@@ -33,6 +33,7 @@ import com.sckw.system.model.vo.res.KwsMenuResVo;
 import com.sckw.system.model.vo.res.RoleResVo;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -78,6 +79,9 @@ public class KwsRoleService {
     @Autowired
     CustomConfig customConfig;
 
+    @Value("${isBindManyRole}")
+    private Integer isBindManyRole;
+
     /**
      * @param params KwsRole
      * @desc: 单表插入
@@ -397,8 +401,8 @@ public class KwsRoleService {
     @Transactional(rollbackFor = Exception.class)
     public void userBindRole(UserBindRoleReqVo reqVo) {
         //特殊校验，之前说用户和角色是一对多，后来产品改成一对一
-        String[] roleIdArr = reqVo.getRoleIds().split(",");
-        if (customConfig.getIsBindManyRole() == Global.NO && roleIdArr.length > 1) {
+        String[] roleIdArr = reqVo.getRoleIds().split(Global.COMMA);
+        if (isBindManyRole.equals(Global.NO) && roleIdArr.length > 1) {
             throw new SystemException(HttpStatus.CRUD_FAIL_CODE, HttpStatus.MSG_006);
         }