fix: 部分接口放行; admin -> sysMgtAcc

src/main/java/com/szwl/aspect/MyWebMvcConfigurer.java

@@ -66,10 +66,9 @@ public class MyWebMvcConfigurer extends WebMvcConfigurationSupport {
 
         // 特别包含需要进行TOKEN检查的路径
         for (String path : new String[]{
-                "/tAdmin/getAdminList", "/tAdmin/getRelation", "/tAdmin/getAdmin",
+                "/tAdmin/getAdminList", "/tAdmin/getRelation",
                 "/tJoinpayMch/getOne",
-                "/tEquipment/findList", "/tEquipment/listEquipment", "/tEquipment/getMachineNum",
-                "/tHuifuMch/getHuifuMchCheck"
+                "/tEquipment/findList"
         }) {
             registry.addInterceptor(headTokenInterceptor)
                     .addPathPatterns(path);

src/main/java/com/szwl/controller/TAdminController.java

@@ -707,11 +707,8 @@ public class TAdminController {
     @ApiOperation(value = "获取账号信息")
     @GetMapping("/getAdmin")
     public ResponseModel<TAdmin> getAdmin(@RequestParam String id) {
-        UserDetailBO userDetailBO = Optional.ofNullable(tokenManager.getLoginUserDetails())
-                .orElseThrow(() -> new BizException(ResponseCodesEnum.L0001));
-        String adminId = userDetailBO.getId().toString();
         LambdaQueryWrapper<TAdmin> query = Wrappers.lambdaQuery();
-        query.eq(TAdmin::getId, adminId);
+        query.eq(TAdmin::getId, id);
         TAdmin tAdmin = Optional.ofNullable(tAdminService.getOnly(query))
                 .orElseThrow(() -> new BizException(ResponseCodesEnum.L0002));
         if (StringUtils.isEmpty(tAdmin.getManagerId())) {
@@ -719,8 +716,8 @@ public class TAdminController {
             tAdmin.setManagerId(managerId);
             tAdminService.getById(tAdmin);
         }
-        UserDetailBO userDetail = BeanUtil.copyProperties(tAdmin, UserDetailBO.class, "password");
-        return R.ok(userDetail);
+        UserDetailBO userDetailBO = BeanUtil.copyProperties(tAdmin, UserDetailBO.class, "password");
+        return R.ok(userDetailBO);
     }
 
     @ApiOperation(value = "获取账号列表 分页")

src/main/java/com/szwl/controller/TEquipmentController.java

@@ -195,7 +195,7 @@ public class TEquipmentController {
         if (StringUtils.isNotEmpty(clientId)) {
             query.like(TEquipment::getClientId, clientId);
         }
-        if (StringUtils.isNotEmpty(adminName) && !"admin".equals(adminName)) {
+        if (StringUtils.isNotEmpty(adminName) && !"sysMgtAcc".equals(adminName)) {
             LambdaQueryWrapper<TAdmin> adminQuery = Wrappers.lambdaQuery();
             adminQuery.eq(TAdmin::getUsername, adminName);
             List<TAdmin> list = tAdminService.list(adminQuery);
@@ -428,18 +428,14 @@ public class TEquipmentController {
     @ApiOperation(value = "adminId查找设备")
     @GetMapping("/listEquipment")
     public ResponseModel<?> listEquipment(String adminId) {
-        UserDetailBO userDetailBO = Optional.ofNullable(tokenManager.getLoginUserDetails())
-                .orElseThrow(() -> new BizException(ResponseCodesEnum.L0001));
-        String authId = userDetailBO.getId().toString();
-
         LambdaQueryWrapper<TEquipment> query = Wrappers.lambdaQuery();
-        TAdmin admin = tAdminService.getById(authId);
+        TAdmin admin = tAdminService.getById(adminId);
         Integer type = admin.getType();
         if (type < 2) {
             query.eq(TEquipment::getAdminId, 238);
         }
         if (type == 2) {
-            query.eq(TEquipment::getAdminId, authId);
+            query.eq(TEquipment::getAdminId, adminId);
         }
 
         if (type == 3) {
@@ -632,7 +628,7 @@ public class TEquipmentController {
 
         List<TAdminDTO> resultList = new ArrayList<>();
 
-        if ("admin".equals(param.getUsername())) { // 管理员查所有商家
+        if ("sysMgtAcc".equals(param.getUsername())) { // 管理员查所有商家
             List<TAdmin> adminList = tAdminService.list();
             List<TEquipment> equipmentList = tEquipmentService.list();
             List<TAlarmRecord> alarmRecordList = tAlarmRecordService.list();
@@ -907,16 +903,10 @@ public class TEquipmentController {
     @ApiOperation(value = "获取机器数量")
     @PostMapping("/getMachineNum")
     public ResponseModel<?> getMachineNum(@RequestBody StatisticsParam param) {
-        UserDetailBO userDetailBO = Optional.ofNullable(tokenManager.getLoginUserDetails())
-                .orElseThrow(() -> new BizException(ResponseCodesEnum.L0001));
-
         String machineTotalNum;
         String machineUseNum;
         String equipmentId = param.getEquipmentId();
-
-        String paramAdminId = userDetailBO.getId().toString();
-//        String paramAdminId = param.getAdminId();
-
+        String paramAdminId = param.getAdminId();
         TAdmin admin = tAdminService.getById(paramAdminId);
         Integer type = admin.getType();
         if (type < 2) {
@@ -1197,7 +1187,7 @@ public class TEquipmentController {
         Long id = Long.valueOf(equipmentId);
         TEquipment equipment = tEquipmentService.getById(id);
         if (equipment == null) {
-            return R.fail(F0002,"设备不存在");
+            return R.fail(F0002, "设备不存在");
         }
         tEquipmentService.sentMessage(equipment.getClientId(), PushUtils.buildJson("machineReset", "machineReset").toString());
         return R.ok();
@@ -1248,7 +1238,7 @@ public class TEquipmentController {
     @PostMapping("/getEquipmentListByProvince")
     public ResponseEntity<?> getEquipmentListByProvince(@RequestBody TAdmin param) {
         List<TAdminDTO> resultList = new ArrayList<>();
-        if ("admin".equals(param.getUsername())) { // 管理员查所有商家
+        if ("sysMgtAcc".equals(param.getUsername())) { // 管理员查所有商家
             //获取有多少个省份
             List<TArea> list1 = tAreaService.getProvinceList();
             Map<Long, String> map1 = new HashMap<>();
@@ -1593,8 +1583,8 @@ public class TEquipmentController {
      * 下载日志
      *
      * @param equipmentId 设备id
-     * @param day 日期
-     * @param response 响应
+     * @param day         日期
+     * @param response    响应
      */
     @ApiOperation(value = "下载日志")
     @GetMapping("/downloadLog")

src/main/java/com/szwl/controller/THuifuMchController.java

@@ -51,8 +51,8 @@ public class THuifuMchController {
     @Autowired
     private THuifuMchCheckService tHuifuMchCheckService;
 
-    @Autowired
-    private TokenManager tokenManager;
+//    @Autowired
+//    private TokenManager tokenManager;
 
     @ApiOperation(value = "商户入驻申请")
     @PostMapping("/addApplication")
@@ -321,12 +321,11 @@ public class THuifuMchController {
     @ApiOperation(value = "获取审核信息")
     @GetMapping("/getHuifuMchCheck")
     public ResponseModel<THuifuMchCheck> getHuifuMchCheck(@RequestParam Long adminId) {
-        UserDetailBO userDetailBO = Optional.ofNullable(tokenManager.getLoginUserDetails())
-                .orElseThrow(() -> new BizException(ResponseCodesEnum.L0001));
-        String authId = userDetailBO.getId().toString();
-
+        if(adminId == null) {
+            return R.fail(ResponseCodesEnum.A0001);
+        }
         LambdaQueryWrapper<THuifuMchCheck> queryWrapper = new LambdaQueryWrapper<>();
-        queryWrapper.eq(THuifuMchCheck::getAdminId,authId);
+        queryWrapper.eq(THuifuMchCheck::getAdminId,adminId);
         THuifuMchCheck huifuMchCheck = tHuifuMchCheckService.getOne(queryWrapper);
         return R.ok(huifuMchCheck);
     }

src/main/java/com/szwl/controller/TLocationCheckController.java

@@ -121,10 +121,8 @@ public class TLocationCheckController {
 
         // 售后部同事修改的信息：姓名，电话，username，clientId，国家
         String modUsername = locationCheck.getModUsername();
-//        if (!("shouhoumi".equals(modUsername)) && !("admin".equals(modUsername)) && !("chenfanghao".equals(modUsername)) && !("ethan".equals(modUsername))) {
-//            return R.fail("该账号无权修改");
-//        }
-        Set<String> allowedUsernames = new HashSet<>(Arrays.asList("shouhoumi", "admin", "jiang123", "ethan"));
+
+        Set<String> allowedUsernames = new HashSet<>(Arrays.asList("shouhoumi", "sysMgtAcc", "jiang123", "ethan"));
         if (!allowedUsernames.contains(modUsername)) {
             return R.fail("该账号无权修改");
         }
@@ -186,7 +184,7 @@ public class TLocationCheckController {
             return R.fail("此设备信息已录入");
         }
 
-        Set<String> allowedUsers = new HashSet<>(Arrays.asList("admin", "jiang123", "shouhou121", "shouhou369", "shouhou397", "shouhoumi", "zhl123", "ethan"));
+        Set<String> allowedUsers = new HashSet<>(Arrays.asList("sysMgtAcc", "jiang123", "shouhou121", "shouhou369", "shouhou397", "shouhoumi", "zhl123", "ethan"));
         if (!allowedUsers.contains(username)) {
             return R.fail("该账号无权操作");
         }