bugfix

sckw-auth/src/main/java/com/sckw/auth/service/impl/AuthServiceImpl.java

@@ -399,6 +399,7 @@ public class AuthServiceImpl implements IAuthService {
     public HttpResult commonAuth(LoginBase loginBase) {
         /**查询用户信息**/
         KwsUserResDto user = systemService.queryUserDetails(loginBase.getAccount(), loginBase.getSystemType());
+
         /**信息校验**/
         if (user == null) {
             return HttpResult.error(HttpStatus.QUERY_FAIL_CODE, "账号不存在，请检查并重新输入！");
@@ -407,9 +408,19 @@ public class AuthServiceImpl implements IAuthService {
                 && !PasswordUtils.validatePassword(loginBase.getPassword(), user.getPassword())) {
             return HttpResult.error(HttpStatus.CODE_10301, "密码不正确，请检查并重新输入！");
         }
+
+        if (loginBase.getLoginMethod() == LoginMethodEnum.SMS.getValue()) {
+            String key = StringUtils.format(RedisConstant.MESSAGE_SMS_VERIFY_CODE_VALUE_KEY, DictEnum.SMS_LOGIN.getValue(), loginBase.getAccount());
+            String sms = RedissonUtils.getString(key);
+            if (!loginBase.getCaptcha().equals(sms)) {
+                throw new SystemException(HttpStatus.CODE_10301, HttpStatus.CAPTCHA_ERROR);
+            }
+        }
+
         if (user.getStatus() == Global.YES) {
             return HttpResult.error(HttpStatus.CODE_10301, "您的账号已冻结，如需帮助，请致电平台客服！");
         }
+
         //企业信息
         EntCacheResDto enterprise = systemService.queryEntDetails(user.getEntId());
         if (loginBase.getSystemType() == SystemTypeEnum.COMPANY.getCode() && enterprise == null) {

sckw-modules/sckw-system/src/main/java/com/sckw/system/service/KwsMenuService.java

@@ -266,15 +266,15 @@ public class KwsMenuService {
         BeanUtils.copyProperties(reqVo, findMenuTreePojo);
 
         //填充用户参数
-        extracted(reqVo.getUserId(), findMenuTreePojo);
+        extracted(reqVo.getUserId(), reqVo.getClientType(), findMenuTreePojo);
 
         List<KwsMenuResVo> menuList = kwsMenuDao.findList(findMenuTreePojo);
         if (CollectionUtils.isEmpty(menuList)) {
             return Collections.emptyList();
         }
 
-        List<KwsMenuResVo> finalList = new ArrayList<>();
         //app菜单特殊处理
+        List<KwsMenuResVo> finalList = new ArrayList<>();
         if (SystemTypeEnum.COMPANY.getCode().equals(LoginUserHolder.getSystemType()) &&
                 ClientTypeEnum.app.getValue().equals(LoginUserHolder.getClientType()) &&
                 Objects.equals(LoginUserHolder.getIsMain(), Global.NO)) {
@@ -318,12 +318,13 @@ public class KwsMenuService {
         return kwsMenuDao.findList(findMenuTreePojo);
     }
 
-    private void extracted(Long userId, FindMenuTreePojo findMenuTreePojo) {
+    private void extracted(Long userId, String clientType, FindMenuTreePojo findMenuTreePojo) {
         findMenuTreePojo.setSystemType(LoginUserHolder.getSystemType());
         //运营端的管理员不做过滤
-        if (Objects.equals(LoginUserHolder.getSystemType(), SystemTypeEnum.MANAGE.getCode())) {
+        if (Objects.equals(LoginUserHolder.getSystemType(), SystemTypeEnum.MANAGE.getCode()) && Objects.equals(LoginUserHolder.getIsMain(), Global.YES)) {
             return;
         }
+
         if (Objects.equals(LoginUserHolder.getIsMain(), Global.YES)) {
             Long entId = LoginUserHolder.getEntId();
             List<KwsEntType> listByEntId = kwsEntTypeDao.findListByEntId(entId);
@@ -344,8 +345,9 @@ public class KwsMenuService {
         if (CollectionUtils.isEmpty(allByUserId)) {
             throw new SystemException(HttpStatus.QUERY_FAIL_CODE, HttpStatus.ROLE_NOT_EXISTS);
         }
+
         //特殊处理，员工账号先查pc端的菜单，后面会做菜单关联
-        findMenuTreePojo.setClientType(SystemTypeEnum.COMPANY.getCode());
+        findMenuTreePojo.setClientType(Integer.valueOf(clientType));
         findMenuTreePojo.setRoleIds(allByUserId.stream().map(KwsUserRole::getRoleId).toList());
     }