From f2b8a2fc1b360eb757cf9f8e2ed9f5d19f1f7f4c Mon Sep 17 00:00:00 2001
From: zhanzhiqin <895896009@qq.com>
Date: 星期四, 12 五月 2022 16:02:46 +0800
Subject: [PATCH] fix

---
 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java |   16 ++++++++++++++--
 1 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
index c73e926..2ffec97 100644
--- a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
+++ b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
@@ -23,6 +23,7 @@
 import com.sandu.ximon.admin.security.PermissionConfig;
 import com.sandu.ximon.admin.security.SecurityUtils;
 import com.sandu.ximon.admin.service.*;
+import com.sandu.ximon.admin.utils.RedisUtils;
 import com.sandu.ximon.dao.bo.MenuNode;
 import com.sandu.ximon.dao.domain.*;
 import com.sandu.ximon.dao.enums.AdministratorEnums;
@@ -73,10 +74,12 @@
         if (admin == null) {
             return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
         }
-        String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey());
-        if (!StrUtil.equalsIgnoreCase(session_vcode, loginParam.getVlue())) {
+        String s = RedisUtils.getBean().get(loginParam.getKey());
+        if (!loginParam.getVlue().equals(s)) {
+            log.error(loginParam.getVlue() + "楠岃瘉鐮�");
             return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage());
         }
+        RedisUtils.getBean().delete(loginParam.getKey());
         if (!passwordEncoder.matches(loginParam.getPassword(), admin.getPassword())) {
             return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
         }
@@ -221,6 +224,9 @@
     @Log("鍚庡彴鐢ㄦ埛娉ㄥ唽")
     @PostMapping("/register")
     public ResponseVO<Object> register(@Validated @RequestBody AdminParam param) {
+        if (!permissionConfig.check(MenuEnum.ADMIN_ADD.getCode())) {
+            return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+        }
         boolean result = adminService.register(param);
         if (result) {
             return ResponseUtil.success("娉ㄥ唽鐢ㄦ埛鎴愬姛");
@@ -237,6 +243,9 @@
     @Log("鍚庡彴鐢ㄦ埛淇敼淇℃伅")
     @PostMapping("/update/{adminId}")
     public ResponseVO<Object> updateAdmin(@RequestBody AdminParam param, @PathVariable Long adminId) {
+        if (!permissionConfig.check(MenuEnum.ADMIN_INFO_UPDATE.getCode())) {
+            return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+        }
         boolean result = adminService.updateAdmin(adminId, param);
         if (result) {
             return ResponseUtil.success("淇敼鎴愬姛");
@@ -297,6 +306,9 @@
     @Log("鍚庡彴鐢ㄦ埛鍒犻櫎")
     @PostMapping("/del/{adminId}")
     public ResponseVO<Object> deleteAdmin(@PathVariable Long adminId) {
+        if (!permissionConfig.check(MenuEnum.ADMIN_DELETE.getCode())) {
+            return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+        }
         boolean result = adminService.deleteAdmin(adminId);
         if (result) {
             return ResponseUtil.success("淇敼鎴愬姛");

--
Gitblit v1.9.3