Browse Source

question_submit处理脱敏并测试

westt 1 năm trước cách đây
mục cha
commit
f0004b064b

+ 3 - 4
src/main/java/com/example/onlinejudge/controller/QuestionSubmitController.java

@@ -77,10 +77,9 @@ public class QuestionSubmitController {
         // 从数据库中查询原始的题目提交分页信息
         Page<QuestionSubmit> questionSubmitPage = questionSubmitService.page(new Page<>(current, size),
                 questionSubmitService.getQueryWrapper(questionSubmitQueryRequest));
-//        final User loginUser = userService.getLoginUser(request);
-        // TODO 返回脱敏信息
-//        return ResultUtils.success(questionSubmitService.getQuestionSubmitVOPage(questionSubmitPage, loginUser));
-        return null;
+        final long logInId = StpUtil.getLoginIdAsLong();
+        // TODO 返回脱敏信息 DONE
+        return Result.success(questionSubmitService.getQuestionSubmitVOPage(questionSubmitPage, logInId));
     }
 
 

+ 2 - 0
src/main/java/com/example/onlinejudge/model/entity/User.java

@@ -29,4 +29,6 @@ public class User {
 
     @ApiModelProperty("密码")
     private String password;
+    @ApiModelProperty("用户权限")
+    private String role;
 }

+ 4 - 4
src/main/java/com/example/onlinejudge/service/QuestionSubmitService.java

@@ -33,17 +33,17 @@ public interface QuestionSubmitService extends IService<QuestionSubmit> {
      * 获取题目封装
      *
      * @param questionSubmit
-     * @param loginUser
+     * @param loginUserId
      * @return
      */
-    QuestionSubmitVO getQuestionSubmitVO(QuestionSubmit questionSubmit, User loginUser);
+    QuestionSubmitVO getQuestionSubmitVO(QuestionSubmit questionSubmit, Long loginUserId);
 
     /**
      * 分页获取题目封装
      *
      * @param questionSubmitPage
-     * @param loginUser
+     * @param loginUserId
      * @return
      */
-    Page<QuestionSubmitVO> getQuestionSubmitVOPage(Page<QuestionSubmit> questionSubmitPage, User loginUser);
+    Page<QuestionSubmitVO> getQuestionSubmitVOPage(Page<QuestionSubmit> questionSubmitPage, Long loginUserId);
 }

+ 2 - 0
src/main/java/com/example/onlinejudge/service/UserService.java

@@ -10,4 +10,6 @@ public interface UserService {
     Result login(String username, String password);
 
     User getLoginUser(HttpServletRequest request);
+
+    Boolean isAdmin(Long userId);
 }

+ 10 - 11
src/main/java/com/example/onlinejudge/service/impl/QuestionSubmitServiceImpl.java

@@ -48,7 +48,7 @@ public class QuestionSubmitServiceImpl extends ServiceImpl<QuestionSubmitMapper,
      * 提交题目
      *
      * @param questionSubmitAddRequest
-     * @param loginUser
+     * @param loginUserId
      * @return
      */
     @Override
@@ -110,37 +110,36 @@ public class QuestionSubmitServiceImpl extends ServiceImpl<QuestionSubmitMapper,
 
         // 拼接查询条件
         queryWrapper.eq(StringUtils.isNotBlank(language), "language", language);
-        queryWrapper.eq(ObjectUtils.isNotEmpty(userId), "userId", userId);
-        queryWrapper.eq(ObjectUtils.isNotEmpty(questionId), "questionId", questionId);
+        queryWrapper.eq(ObjectUtils.isNotEmpty(userId), "user_id", userId);
+        queryWrapper.eq(ObjectUtils.isNotEmpty(questionId), "question_id", questionId);
         queryWrapper.eq(QuestionSubmitStatusEnum.getEnumByValue(status) != null, "status", status);
-        queryWrapper.eq("isDelete", false);
+        queryWrapper.eq("is_delete", 0);
         queryWrapper.orderBy(SqlUtils.validSortField(sortField), sortOrder.equals(CommonConstant.SORT_ORDER_ASC),
                 sortField);
         return queryWrapper;
     }
 
     @Override
-    public QuestionSubmitVO getQuestionSubmitVO(QuestionSubmit questionSubmit, User loginUser) {
+    public QuestionSubmitVO getQuestionSubmitVO(QuestionSubmit questionSubmit, Long userId) {
         QuestionSubmitVO questionSubmitVO = QuestionSubmitVO.objToVo(questionSubmit);
         // 脱敏:仅本人和管理员能看见自己(提交 userId 和登录用户 id 不同)提交的代码
-        long userId = loginUser.getId();
-        // 处理脱敏
-        //TODO  && !userService.isAdmin(loginUser)
-        if (userId != questionSubmit.getUserId() ) {
+
+        //TODO 处理脱敏 DONE
+        if (userId != questionSubmit.getUserId() && !userService.isAdmin(userId)) {
             questionSubmitVO.setCode(null);
         }
         return questionSubmitVO;
     }
 
     @Override
-    public Page<QuestionSubmitVO> getQuestionSubmitVOPage(Page<QuestionSubmit> questionSubmitPage, User loginUser) {
+    public Page<QuestionSubmitVO> getQuestionSubmitVOPage(Page<QuestionSubmit> questionSubmitPage, Long loginUserId) {
         List<QuestionSubmit> questionSubmitList = questionSubmitPage.getRecords();
         Page<QuestionSubmitVO> questionSubmitVOPage = new Page<>(questionSubmitPage.getCurrent(), questionSubmitPage.getSize(), questionSubmitPage.getTotal());
         if (CollectionUtils.isEmpty(questionSubmitList)) {
             return questionSubmitVOPage;
         }
         List<QuestionSubmitVO> questionSubmitVOList = questionSubmitList.stream()
-                .map(questionSubmit -> getQuestionSubmitVO(questionSubmit, loginUser))
+                .map(questionSubmit -> getQuestionSubmitVO(questionSubmit, loginUserId))
                 .collect(Collectors.toList());
         questionSubmitVOPage.setRecords(questionSubmitVOList);
         return questionSubmitVOPage;

+ 44 - 0
src/main/java/com/example/onlinejudge/service/impl/StpInterfaceImpl.java

@@ -0,0 +1,44 @@
+package com.example.onlinejudge.service.impl;
+
+import cn.dev33.satoken.stp.StpInterface;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.example.onlinejudge.mapper.UserMapper;
+import com.example.onlinejudge.model.entity.User;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * 自定义权限加载接口实现类
+ */
+@Component    // 保证此类被 SpringBoot 扫描,完成 Sa-Token 的自定义权限验证扩展
+@Slf4j
+public class StpInterfaceImpl implements StpInterface {
+    @Autowired
+    private UserMapper userMapper;
+
+    /**
+     * 返回一个账号所拥有的权限码集合
+     */
+    @Override
+    public List<String> getPermissionList(Object loginId, String loginType) {
+        return null;
+    }
+
+    /**
+     * 返回一个账号所拥有的角色标识集合 (权限与角色可分开校验)
+     */
+    @Override
+    public List<String> getRoleList(Object loginId, String loginType) {
+        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq("id", loginId);
+        User user = userMapper.selectOne(queryWrapper);
+        List<String> list = new ArrayList<>();
+        list.add(user.getRole());
+        return list;
+    }
+
+}

+ 6 - 0
src/main/java/com/example/onlinejudge/service/impl/UserServiceImpl.java

@@ -1,5 +1,6 @@
 package com.example.onlinejudge.service.impl;
 
+import cn.dev33.satoken.exception.NotRoleException;
 import cn.dev33.satoken.stp.SaTokenInfo;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.dev33.satoken.util.SaResult;
@@ -25,6 +26,11 @@ public class UserServiceImpl implements UserService {
     @Autowired
     private UserMapper userMapper;
 
+    @Override
+    public Boolean isAdmin(Long userId) {
+        return StpUtil.hasRole("admin");
+    }
+
     /**
      * 用户登录服务
      *