Merge branch 'master' of http://gitlab.tangguo.ren/2300064869/safe-campus-bbs

safe-campus-admin/src/main/java/com/tangguo/web/controller/system/SysLoginController.java

@@ -5,6 +5,7 @@ import com.alibaba.fastjson2.JSON;
 import com.tangguo.common.constant.Constants;
 import com.tangguo.common.core.domain.AjaxResult;
 import com.tangguo.common.core.domain.entity.SysMenu;
+import com.tangguo.common.core.domain.entity.SysRole;
 import com.tangguo.common.core.domain.entity.SysUser;
 import com.tangguo.common.core.domain.model.LoginBody;
 import com.tangguo.common.core.domain.model.LoginUser;
@@ -125,7 +126,7 @@ public class SysLoginController {
 		// 企微登录认证链接
 		String authCode = bo.getCode();
 		String baseUrl = this.serverConfig.getUrl();
-		String redirectUrl = "http://test.tangguo.ren" + "/bbs/h5/pages/login/login/";
+		String redirectUrl = baseUrl + "/bbs/h5/pages/login/login/";
 		WxCpOAuth2Service oauth2Service = this.wxCpService.getOauth2Service();
 		if (Objects.isNull(loginUser) && StrUtil.isBlank(authCode)) {
 			String oauth2Url = oauth2Service.buildAuthorizationUrl(redirectUrl, null);
@@ -156,7 +157,11 @@ public class SysLoginController {
 	 */
 	@GetMapping("/bbs/mobile/user/profile")
 	public AjaxResult getUserProfile() {
+		final String bbsAdmin = "bbs_admin";
 		SysUser sysUser = SecurityUtils.getLoginUser().getUser();
+		List<SysRole> roles = SecurityUtils.getLoginUser().getUser().getRoles();
+		boolean anyMatch = roles.stream().anyMatch(r -> bbsAdmin.equals(r.getRoleKey()));
+		sysUser.setBbsAdmin(anyMatch);
 		return AjaxResult.success(sysUser);
 	}
 

safe-campus-bbs-ui/src/views/pointsExchange/index.vue

@@ -7,7 +7,7 @@
                         style="width: 240px;" value-format="yyyy-MM-dd" @change="dateChange"></el-date-picker>
                 </el-form-item>
                 <el-form-item label="兑换人">
-                    <el-input placeholder="请输入" v-model="queryParams.userName" style="width: 220px;"></el-input>
+                    <el-input placeholder="请输入" v-model="queryParams.nickName" style="width: 220px;"></el-input>
                 </el-form-item>
                 <el-form-item label="兑换商品">
                     <el-input placeholder="请输入"  v-model="queryParams.goodsName" style="width: 220px;"></el-input>

safe-campus-bbs-ui/src/views/topic/index.vue

@@ -6,10 +6,7 @@
                     <el-input v-model="queryParams.name" placeholder="请输入"></el-input>
                 </el-form-item>
                 <el-form-item label="话题来源">
-                    <el-select v-model="queryParams.source" placeholder="请选择">
-                        <el-option label="轻享广场" value="轻享广场"></el-option>
-                        <el-option label="后台管理" value="后台管理"></el-option>
-                    </el-select>
+                  <el-input v-model="queryParams.source" placeholder="请输入"></el-input>
                 </el-form-item>
                 <el-form-item>
                     <el-button type="primary" @click="handleQuery">查询</el-button>
@@ -146,4 +143,4 @@ export default {
         overflow: auto;
     }
 }
-</style>
\ No newline at end of file
+</style>

safe-campus-common/src/main/java/com/tangguo/common/core/domain/entity/SysUser.java

@@ -127,6 +127,11 @@ public class SysUser extends BaseEntity {
 	 */
 	private Long roleId;
 
+	/**
+	 * 是否论坛管理员
+	 */
+	private Boolean isBbsAdmin = Boolean.FALSE;
+
 	public SysUser() {
 
 	}
@@ -139,6 +144,15 @@ public class SysUser extends BaseEntity {
 		return userId != null && 1L == userId;
 	}
 
+
+	public boolean isBbsAdmin() {
+		return isBbsAdmin;
+	}
+
+	public void setBbsAdmin(Boolean bbsAdmin) {
+		isBbsAdmin = bbsAdmin;
+	}
+
 	public Long getUserId() {
 		return userId;
 	}

safe-campus-common/src/main/java/com/tangguo/common/utils/SecurityUtils.java

 package com.tangguo.common.utils;
 
 import com.tangguo.common.constant.HttpStatus;
+import com.tangguo.common.core.domain.entity.SysRole;
+import com.tangguo.common.core.domain.entity.SysUser;
 import com.tangguo.common.core.domain.model.LoginUser;
 import com.tangguo.common.exception.ServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
+import java.util.List;
+
 /**
  * 安全服务工具类
  *
@@ -108,4 +112,17 @@ public class SecurityUtils {
 	public static boolean isAdmin(Long userId) {
 		return userId != null && 1L == userId;
 	}
+
+
+	/**
+	 * 是否为移动端管理员
+	 *
+	 * @return
+	 */
+	public static boolean isBbsAdmin() {
+		final String bbsAdmin = "bbs_admin";
+		List<SysRole> roles = getLoginUser().getUser().getRoles();
+		return roles.stream().anyMatch(r -> bbsAdmin.equals(r.getRoleKey()));
+	}
+
 }

safe-campus-framework/src/main/java/com/tangguo/framework/security/handle/AuthenticationEntryPointImpl.java

 package com.tangguo.framework.security.handle;
 
+import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson2.JSON;
 import com.tangguo.common.constant.HttpStatus;
 import com.tangguo.common.core.domain.AjaxResult;
 import com.tangguo.common.utils.ServletUtils;
 import com.tangguo.common.utils.StringUtils;
+import com.tangguo.framework.config.ServerConfig;
+import me.chanjar.weixin.cp.api.WxCpOAuth2Service;
+import me.chanjar.weixin.cp.api.WxCpService;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.stereotype.Component;
@@ -13,6 +18,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.Serializable;
+import java.util.Objects;
 
 /**
  * 认证失败处理类 返回未授权
@@ -23,11 +29,28 @@ import java.io.Serializable;
 public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, Serializable {
 	private static final long serialVersionUID = -8970718410437077606L;
 
+	@Autowired
+	private WxCpService wxCpService;
+
+	@Autowired
+	private ServerConfig serverConfig;
+
 	@Override
 	public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
 			throws IOException {
+
+
+		String uri = request.getRequestURI();
 		int code = HttpStatus.UNAUTHORIZED;
-		String msg = StringUtils.format("请求访问：{}，认证失败，无法访问系统资源", request.getRequestURI());
-		ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.error(code, msg)));
+		if (uri.startsWith("/bbs/mobile")) {
+			String baseUrl = this.serverConfig.getUrl();
+			String redirectUrl = baseUrl + "/bbs/h5/pages/login/login/";
+			WxCpOAuth2Service oauth2Service = this.wxCpService.getOauth2Service();
+			String oauth2Url = oauth2Service.buildAuthorizationUrl(redirectUrl, null);
+			ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.error(401, "身份认证失败", oauth2Url)));
+		} else {
+			String msg = StringUtils.format("请求访问：{}，认证失败，无法访问系统资源", uri);
+			ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.error(code, msg)));
+		}
 	}
 }

safe-campus-moment/src/main/java/com/tangguo/controller/pc/BbsMomentController.java

@@ -50,7 +50,7 @@ public class BbsMomentController extends BaseController {
      * 导出动态列表
      */
     @ApiOperation("导出动态列表")
-    @PreAuthorize("@ss.hasPermi('points:points:export')")
+    @PreAuthorize("@ss.hasPermi('bbs:moment:export')")
     @Log(title = "导出动态列表", businessType = BusinessType.EXPORT)
     @PostMapping("/list/export")
     public void export(HttpServletResponse response, BbsMoment bbsMoment) {

safe-campus-moment/src/main/java/com/tangguo/controller/pc/BbsSensitiveWordController.java

@@ -99,7 +99,7 @@ public class BbsSensitiveWordController extends BaseController {
 	 * 导入敏感词库
 	 */
 	@ApiOperation("导入敏感词库")
-	@PreAuthorize("@ss.hasPermi('bbs:word:edit')")
+	@PreAuthorize("@ss.hasPermi('bbs:word:import')")
 	@Log(title = "敏感词库", businessType = BusinessType.IMPORT)
 	@PostMapping("/import")
 	public AjaxResult importWords(MultipartFile file) {

safe-campus-moment/src/main/java/com/tangguo/domain/BbsMoment.java

@@ -94,12 +94,12 @@ public class BbsMoment extends BaseEntity {
 	private Date voteEndTime;
 
 	/** 动态点赞人数 */
-	@Excel(name = "点赞人数", sort = 6)
+	@Excel(name = "点赞数", sort = 6)
 	@ApiModelProperty("动态点赞人数")
 	private Integer likeCount;
 
 	/** 动态评论人数 */
-	@Excel(name = "评论人数", sort = 7)
+	@Excel(name = "评论数", sort = 7)
 	@ApiModelProperty("动态评论人数")
 	private Integer commentCount;
 

safe-campus-moment/src/main/java/com/tangguo/service/impl/BbsMomentServiceImpl.java

@@ -223,7 +223,9 @@ public class BbsMomentServiceImpl extends ServiceImpl<BbsMomentMapper, BbsMoment
         if (Objects.isNull(dbMoment)) {
             throw new ServiceException("删除失败，未查询到当前动态数据。");
         }
-        if (!dbMoment.getUserName().equals(username)) {
+
+        boolean isBbsAdmin = SecurityUtils.isBbsAdmin();
+        if (!dbMoment.getUserName().equals(username) && !isBbsAdmin) {
             throw new ServiceException("删除失败，没有对当前动态数据的操作权限。");
         }
 
@@ -407,14 +409,15 @@ public class BbsMomentServiceImpl extends ServiceImpl<BbsMomentMapper, BbsMoment
         }
 
         String userName = SecurityUtils.getUsername();
-        if (!dbComment.getUserName().equals(userName)) {
+        boolean isBbsAdmin = SecurityUtils.isBbsAdmin();
+        if (!dbComment.getUserName().equals(userName) && !isBbsAdmin) {
             throw new ServiceException("删除失败，没有对当前动态评论的操作权限。");
         }
 
         this.commentService.removeById(dbComment.getId());
 
         // 更新动态评论人数
-        this.baseMapper.incrMomentCommentCount(dbComment.getMomentId(), 1);
+        this.baseMapper.decrMomentLikeCount(dbComment.getMomentId(), 1);
     }
 
 

safe-campus-points/src/main/java/com/tangguo/controller/BbsPointsSettingController.java

@@ -48,7 +48,7 @@ public class BbsPointsSettingController extends BaseController {
 	 * 获取积分规则配置详细信息
 	 */
 	@ApiOperation("获取积分规则配置详细信息")
-	@PreAuthorize("@ss.hasPermi('points:points:query')")
+	@PreAuthorize("@ss.hasPermi('points:points:list')")
 	@GetMapping(value = "/{id}")
 	public AjaxResult getInfo(@PathVariable("id") Long id) {
 		return success(bbsPointsSettingService.getById(id));
@@ -59,7 +59,7 @@ public class BbsPointsSettingController extends BaseController {
 	 * 新增积分规则配置
 	 */
 	@ApiOperation("新增积分规则配置")
-	@PreAuthorize("@ss.hasPermi('points:points:add')")
+	@PreAuthorize("@ss.hasPermi('points:points:list')")
 	@Log(title = "积分规则配置", businessType = BusinessType.INSERT)
 	@PostMapping
 	public AjaxResult add(@RequestBody BbsPointsSetting setting) {
@@ -72,7 +72,7 @@ public class BbsPointsSettingController extends BaseController {
 	 * 修改积分规则配置
 	 */
 	@ApiOperation("修改积分规则配置")
-	@PreAuthorize("@ss.hasPermi('points:points:edit')")
+	@PreAuthorize("@ss.hasPermi('points:points:list')")
 	@Log(title = "积分规则配置", businessType = BusinessType.UPDATE)
 	@PutMapping
 	public AjaxResult edit(@RequestBody BbsPointsSetting setting) {
@@ -85,7 +85,7 @@ public class BbsPointsSettingController extends BaseController {
 	 * 修改积分规则配置
 	 */
 	@ApiOperation("修改积分规则配置")
-	@PreAuthorize("@ss.hasPermi('points:points:edit')")
+	@PreAuthorize("@ss.hasPermi('points:points:list')")
 	@Log(title = "积分规则配置", businessType = BusinessType.UPDATE)
 	@PutMapping("/batch")
 	public AjaxResult batchEdit(@RequestBody Map<String, List<BbsPointsSetting>> pointMap) {
@@ -104,7 +104,7 @@ public class BbsPointsSettingController extends BaseController {
 	 * 删除积分规则配置
 	 */
 	@ApiOperation("删除积分规则配置")
-	@PreAuthorize("@ss.hasPermi('points:points:remove')")
+	@PreAuthorize("@ss.hasPermi('points:points:list')")
 	@Log(title = "积分规则配置", businessType = BusinessType.DELETE)
 	@DeleteMapping("/{id}")
 	public AjaxResult remove(@PathVariable Long id) {

safe-campus-points/src/main/java/com/tangguo/controller/BbsUserPointsExchangeController.java

@@ -37,7 +37,7 @@ public class BbsUserPointsExchangeController extends BaseController {
 	 * 查询用户积分兑换列表
 	 */
 	@ApiOperation("查询用户积分兑换列表")
-	@PreAuthorize("@ss.hasPermi('points:points:list')")
+	@PreAuthorize("@ss.hasPermi('points:exchange:list')")
 	@GetMapping("/list")
 	public TableDataInfo list(BbsUserPointsExchange exchange) {
 		startPage();
@@ -50,7 +50,7 @@ public class BbsUserPointsExchangeController extends BaseController {
 	 * 导出用户积分列表
 	 */
 	@ApiOperation("导出用户积分列表")
-	@PreAuthorize("@ss.hasPermi('points:points:export')")
+	@PreAuthorize("@ss.hasPermi('points:exchange:export')")
 	@Log(title = "用户积分", businessType = BusinessType.EXPORT)
 	@PostMapping("/export")
 	public void export(HttpServletResponse response, BbsUserPointsExchange exchange) {
@@ -65,7 +65,7 @@ public class BbsUserPointsExchangeController extends BaseController {
 	 */
 	@RepeatSubmit(interval = 1000)
 	@ApiOperation("用户积分兑换")
-	@PreAuthorize("@ss.hasPermi('points:points:exchange')")
+	@PreAuthorize("@ss.hasPermi('points:exchange:exchange')")
 	@Log(title = "用户积分兑换", businessType = BusinessType.INSERT)
 	@PostMapping("/exchange")
 	public AjaxResult exchange(@RequestBody BbsUserPointsExchange exchange) {