diff --git a/timeline-component-common/src/main/java/com/timeline/common/constants/CommonConstants.java b/timeline-component-common/src/main/java/com/timeline/common/constants/CommonConstants.java index 553970c..aacc1b0 100644 --- a/timeline-component-common/src/main/java/com/timeline/common/constants/CommonConstants.java +++ b/timeline-component-common/src/main/java/com/timeline/common/constants/CommonConstants.java @@ -37,7 +37,7 @@ public class CommonConstants { /** * 仅查看权限 */ - public static final int STORY_PERMISSION_TYPE_READ = 2; + public static final int STORY_PERMISSION_TYPE_READ = 4; /** * 可编辑权限 */ @@ -45,7 +45,7 @@ public class CommonConstants { /** * 管理权限 */ - public static final int STORY_PERMISSION_TYPE_ADMIN = 4; + public static final int STORY_PERMISSION_TYPE_ADMIN = 2; /** * 好友状态 diff --git a/timeline-story-service/src/main/java/com/timeline/story/dao/StoryMapper.java b/timeline-story-service/src/main/java/com/timeline/story/dao/StoryMapper.java index 5be096d..2614dde 100644 --- a/timeline-story-service/src/main/java/com/timeline/story/dao/StoryMapper.java +++ b/timeline-story-service/src/main/java/com/timeline/story/dao/StoryMapper.java @@ -1,6 +1,7 @@ package com.timeline.story.dao; import com.timeline.story.entity.Story; +import com.timeline.story.vo.StoryDetailVo; import org.apache.ibatis.annotations.Mapper; import java.util.List; @@ -10,7 +11,7 @@ public interface StoryMapper { void insert(Story story); void update(Story story); void deleteByInstanceId(String instanceId); - Story selectByInstanceId(String instanceId); - List selectByOwnerId(String ownerId); + StoryDetailVo selectByInstanceId(String instanceId, String userId); + List selectByOwnerId(String ownerId); void touchUpdate(String instanceId, String updateId); } diff --git a/timeline-story-service/src/main/java/com/timeline/story/entity/Story.java b/timeline-story-service/src/main/java/com/timeline/story/entity/Story.java index 5de9c68..0c4488c 100644 --- a/timeline-story-service/src/main/java/com/timeline/story/entity/Story.java +++ b/timeline-story-service/src/main/java/com/timeline/story/entity/Story.java @@ -3,6 +3,7 @@ package com.timeline.story.entity; import com.fasterxml.jackson.annotation.JsonFormat; import lombok.Data; +import java.time.LocalDate; import java.time.LocalDateTime; @Data @@ -13,7 +14,7 @@ public class Story { @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss") private LocalDateTime createTime; @JsonFormat(pattern = "yyyy-MM-dd") - private LocalDateTime storyTime; + private LocalDate storyTime; @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss") private LocalDateTime updateTime; private String updateId; @@ -21,9 +22,4 @@ public class Story { private String ownerId; private String status; private String logo; - // 新增字段:创建人名称和修改人名称 - private String ownerName; - private String updateName; - // 新增字段:故事项数量 - private Integer itemCount; } diff --git a/timeline-story-service/src/main/java/com/timeline/story/service/StoryService.java b/timeline-story-service/src/main/java/com/timeline/story/service/StoryService.java index 82b189f..d96807a 100644 --- a/timeline-story-service/src/main/java/com/timeline/story/service/StoryService.java +++ b/timeline-story-service/src/main/java/com/timeline/story/service/StoryService.java @@ -1,6 +1,7 @@ package com.timeline.story.service; import com.timeline.story.entity.Story; +import com.timeline.story.vo.StoryDetailVo; import com.timeline.story.vo.StoryVo; import java.util.List; @@ -10,7 +11,7 @@ public interface StoryService { void updateStory(StoryVo storyVo, String storyId); void deleteStory(String storyId); Story getStoryByInstanceId(String storyId); - List getStoriesByOwnerId(String ownerId); - List getStories(StoryVo storyVo); + List getStoriesByOwnerId(String ownerId); + List getStories(StoryVo storyVo); } diff --git a/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryPermissionServiceImpl.java b/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryPermissionServiceImpl.java index 53ef01c..6f05a7f 100644 --- a/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryPermissionServiceImpl.java +++ b/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryPermissionServiceImpl.java @@ -138,8 +138,8 @@ public class StoryPermissionServiceImpl implements StoryPermissionService { return false; } - // 权限类型数字越大权限越高 - return permission.getPermissionType() >= requiredPermissionType; + // 权限类型数字越小权限越高 + return permission.getPermissionType() <= requiredPermissionType; } @Override diff --git a/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryServiceImpl.java b/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryServiceImpl.java index 96a08d6..15316fe 100644 --- a/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryServiceImpl.java +++ b/timeline-story-service/src/main/java/com/timeline/story/service/impl/StoryServiceImpl.java @@ -9,12 +9,14 @@ import com.timeline.story.dao.StoryMapper; import com.timeline.story.service.StoryPermissionService; import com.timeline.story.service.StoryService; import com.timeline.story.service.StoryActivityService; +import com.timeline.story.vo.StoryDetailVo; import com.timeline.story.vo.StoryPermissionVo; import com.timeline.story.vo.StoryVo; import com.timeline.common.utils.IdUtils; import com.timeline.common.utils.UserContextUtils; import lombok.extern.slf4j.Slf4j; +import lombok.val; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -85,10 +87,13 @@ public class StoryServiceImpl implements StoryService { public void updateStory(StoryVo storyVo, String storyId) { String currentUserId = getCurrentUserId(); - Story story = storyMapper.selectByInstanceId(storyId); + Story story = storyMapper.selectByInstanceId(storyId, currentUserId); if (story == null) { throw new CustomException(ResponseEnum.NOT_FOUND); } + if (!storyPermissionService.checkUserPermission(storyId, currentUserId, CommonConstants.STORY_PERMISSION_TYPE_WRITE)) { + throw new CustomException(ResponseEnum.FORBIDDEN, "无权限修改故事"); + } story.setTitle(storyVo.getTitle()); story.setDescription(storyVo.getDescription()); story.setStatus(storyVo.getStatus()); @@ -110,10 +115,13 @@ public class StoryServiceImpl implements StoryService { @Override public void deleteStory(String storyId) { String currentUserId = getCurrentUserId(); - Story story = storyMapper.selectByInstanceId(storyId); + Story story = storyMapper.selectByInstanceId(storyId, currentUserId); if (story == null) { throw new CustomException(ResponseEnum.NOT_FOUND); } + if (!storyPermissionService.checkUserPermission(storyId, currentUserId, CommonConstants.STORY_PERMISSION_TYPE_ADMIN)) { + throw new CustomException(ResponseEnum.FORBIDDEN, "无权限删除故事"); + } // delete story storyMapper.deleteByInstanceId(storyId); // delete permission @@ -129,7 +137,8 @@ public class StoryServiceImpl implements StoryService { @Override public Story getStoryByInstanceId(String storyId) { - Story story = storyMapper.selectByInstanceId(storyId); + val userId = getCurrentUserId(); + Story story = storyMapper.selectByInstanceId(storyId, userId); if (story == null) { throw new CustomException(ResponseEnum.NOT_FOUND); } @@ -137,7 +146,7 @@ public class StoryServiceImpl implements StoryService { } @Override - public List getStoriesByOwnerId(String ownerId) { + public List getStoriesByOwnerId(String ownerId) { try { return storyMapper.selectByOwnerId(ownerId); } catch (Exception e) { @@ -147,7 +156,7 @@ public class StoryServiceImpl implements StoryService { } @Override - public List getStories(StoryVo storyVo) { + public List getStories(StoryVo storyVo) { try { String currentUserId = getCurrentUserId(); return storyMapper.selectByOwnerId(currentUserId); diff --git a/timeline-story-service/src/main/java/com/timeline/story/vo/StoryDetailVo.java b/timeline-story-service/src/main/java/com/timeline/story/vo/StoryDetailVo.java new file mode 100644 index 0000000..f68acf2 --- /dev/null +++ b/timeline-story-service/src/main/java/com/timeline/story/vo/StoryDetailVo.java @@ -0,0 +1,16 @@ +package com.timeline.story.vo; + +import com.timeline.story.entity.Story; +import lombok.Data; +import lombok.EqualsAndHashCode; + +@EqualsAndHashCode(callSuper = true) +@Data +public class StoryDetailVo extends Story { + // 新增字段:创建人名称和修改人名称 + private String ownerName; + private String updateName; + // 新增字段:故事项数量 + private Integer itemCount; + private Integer permissionType; +} diff --git a/timeline-story-service/src/main/java/com/timeline/story/vo/StoryVo.java b/timeline-story-service/src/main/java/com/timeline/story/vo/StoryVo.java index e75c77e..08b7441 100644 --- a/timeline-story-service/src/main/java/com/timeline/story/vo/StoryVo.java +++ b/timeline-story-service/src/main/java/com/timeline/story/vo/StoryVo.java @@ -3,7 +3,7 @@ package com.timeline.story.vo; import com.fasterxml.jackson.annotation.JsonFormat; import lombok.Data; -import java.time.LocalDateTime; +import java.time.LocalDate; @Data public class StoryVo { @@ -15,5 +15,5 @@ public class StoryVo { private String status; private String logo; @JsonFormat(pattern = "yyyy-MM-dd") - private LocalDateTime storyTime; + private LocalDate storyTime; } diff --git a/timeline-story-service/src/main/resources/application.properties b/timeline-story-service/src/main/resources/application.properties index d1271c4..024207d 100644 --- a/timeline-story-service/src/main/resources/application.properties +++ b/timeline-story-service/src/main/resources/application.properties @@ -22,8 +22,8 @@ file.service.url=http://localhost:30002/file/ user.service.url=http://localhost:30003/user/ spring.servlet.multipart.enabled=true -spring.servlet.multipart.max-file-size=10MB -spring.servlet.multipart.max-request-size=10MB +spring.servlet.multipart.max-file-size=1000MB +spring.servlet.multipart.max-request-size=1000MB spring.data.redis.host=127.0.0.1 spring.data.redis.port=36379 diff --git a/timeline-story-service/src/main/resources/com/timeline/story/dao/StoryMapper.xml b/timeline-story-service/src/main/resources/com/timeline/story/dao/StoryMapper.xml index d059b56..b412b36 100644 --- a/timeline-story-service/src/main/resources/com/timeline/story/dao/StoryMapper.xml +++ b/timeline-story-service/src/main/resources/com/timeline/story/dao/StoryMapper.xml @@ -25,17 +25,20 @@ UPDATE story SET story.is_delete = 1, update_time = NOW() WHERE instance_id = #{instanceId} - SELECT s.*, u1.username as owner_name, u2.username as update_name, + sp.permission_type as permission_type, (SELECT COUNT(*) FROM story_item si WHERE si.story_instance_id = s.instance_id AND si.is_delete = 0) as item_count FROM story s LEFT JOIN user u1 ON s.owner_id = u1.user_id AND u1.is_deleted = 0 - LEFT JOIN user u2 ON s.update_id = u2.user_id AND u2.is_deleted = 0 + LEFT JOIN user u2 ON s.update_id = u2.user_id AND u2.is_deleted = 0 + LEFT JOIN story_permission sp on sp.story_instance_id = s.instance_id and sp.user_id = #{userId} + WHERE s.instance_id = #{instanceId}