From f667099f4ff6e57dde9d9a9fdbdf53c0d8da7367 Mon Sep 17 00:00:00 2001 From: xupei Date: Tue, 9 Sep 2025 17:31:51 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=AE=A1=E7=90=86=E5=91=98?= =?UTF-8?q?=E9=A1=B5=E9=9D=A2=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../impl/ConvenientInquiryServiceImpl.java | 145 ++++++++++++++++-- 1 file changed, 135 insertions(+), 10 deletions(-) diff --git a/src/main/java/com/ai/da/service/impl/ConvenientInquiryServiceImpl.java b/src/main/java/com/ai/da/service/impl/ConvenientInquiryServiceImpl.java index 8dec1178..2513c7f8 100644 --- a/src/main/java/com/ai/da/service/impl/ConvenientInquiryServiceImpl.java +++ b/src/main/java/com/ai/da/service/impl/ConvenientInquiryServiceImpl.java @@ -77,9 +77,17 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl ADMIN_IDS = Arrays.asList(4L, 6L, 31L, 73L, 83L, 87L); - private static final List ADMIN_IDS_READ_ONLY = Arrays.asList(12592L, 12201L); + private static final List ADMIN_IDS_READ_ONLY = Arrays.asList(12592L, 23534L, 23705L); public IPage getTrial(QueryUserConditionsVO queryUserConditionsVO) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } log.info("getTrial parameter : {},page:{}, size:{}", queryUserConditionsVO, queryUserConditionsVO.getPage(), queryUserConditionsVO.getSize()); /* 添加按条件查询试用用户 */ // 按用户邮箱/用户名/用户id查指定用户 @@ -170,6 +178,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl questionnaires = queryByTitle(title); List ageValue = new ArrayList<>(Collections.nCopies(4, 0)); @@ -269,6 +285,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl getAllQuestionnaire() { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } String title = "AiDA_3.0 Feedback Survey--06/2024"; List questionnaires = queryByTitle(title); ArrayList questionnaireVOS = new ArrayList<>(); @@ -286,6 +310,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl recentNewUser(QueryUserConditionsVO queryUserConditionsVO) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } log.info("recentActiveUser parameter : {}, page:{}, size:{}", queryUserConditionsVO, queryUserConditionsVO.getPage(), queryUserConditionsVO.getSize()); if (StringUtil.isNullOrEmpty(queryUserConditionsVO.getStartTime()) && StringUtil.isNullOrEmpty(queryUserConditionsVO.getEndTime())) { return null; @@ -308,6 +340,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl recentNewUserChart(String startTime, String endTime, Integer userType) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } log.info("recentNewUserChart startTime : {},endTime : {},userType:{}", startTime, endTime, userType); if (StringUtil.isNullOrEmpty(startTime) && StringUtil.isNullOrEmpty(endTime)) { return null; @@ -336,6 +376,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl recentActiveUser(QueryUserConditionsVO queryUserConditionsVO) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } log.info("recentActiveUser parameter : {}, page:{}, size:{}", queryUserConditionsVO, queryUserConditionsVO.getPage(), queryUserConditionsVO.getSize()); if (!StringUtil.isNullOrEmpty(queryUserConditionsVO.getStartTime()) && StringUtil.isNullOrEmpty(queryUserConditionsVO.getEndTime())) { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"); @@ -347,6 +395,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl> getActiveUserFunc(String startTime, String endTime, List ids) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } log.info("getActiveUserFunc ==> startTime:{}, endTime:{}, accountList:{}", startTime, endTime, ids); // 必须指定时间区间 @@ -411,7 +475,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl conversionRate(String startTime, String endTime) { - + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } QueryWrapper queryWrapper = new QueryWrapper<>(); if (!StringUtils.isNullOrEmpty(startTime)){ queryWrapper.gt("create_time", startTime); @@ -452,6 +523,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl> trialUserCountry(String startTime, String endTime) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } QueryWrapper queryWrapper = new QueryWrapper<>(); if (!StringUtils.isNullOrEmpty(startTime)){ queryWrapper.gt("create_time", startTime); @@ -609,6 +688,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl getUserInfo(QueryUserConditionsVO queryUserConditionsVO) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } log.info("getUserInfo parameter : {},page:{}, size:{}", queryUserConditionsVO, queryUserConditionsVO.getPage(), queryUserConditionsVO.getSize()); // 按用户邮箱/用户名/用户id查指定用户 QueryWrapper queryWrapper = new QueryWrapper<>(); @@ -663,15 +750,23 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl> getAllUserIdList() { Long accountId = UserContext.getUserHolder().getId(); Account account = accountMapper.selectById(accountId); - - QueryWrapper queryWrapper = new QueryWrapper<>(); - queryWrapper.select("id as value, user_name as label"); - if ((account.getSystemUser().equals(7) || account.getSystemUser().equals(5)) - && !StringUtil.isNullOrEmpty(account.getOrganizationName())) { - queryWrapper.lambda().eq(Account::getOrganizationName, account.getOrganizationName()); + // 允许查看数据的用户id + if (Objects.nonNull(account.getSystemUser()) + && (account.getSystemUser().equals(5) + || account.getSystemUser().equals(7) + || ADMIN_IDS.contains(account.getId()) + || ADMIN_IDS_READ_ONLY.contains(account.getId()) + )){ + QueryWrapper queryWrapper = new QueryWrapper<>(); + queryWrapper.select("id as value, user_name as label"); + if ((account.getSystemUser().equals(7) || account.getSystemUser().equals(5)) + && !StringUtil.isNullOrEmpty(account.getOrganizationName())) { + queryWrapper.lambda().eq(Account::getOrganizationName, account.getOrganizationName()); + } + return accountMapper.selectMaps(queryWrapper); + } else { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); } - - return accountMapper.selectMaps(queryWrapper); // return maps.stream().map(map -> (Long)map.get("id")).collect(Collectors.toList()); } @@ -680,6 +775,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl queryTransactionRecords(QueryPaymentInfoDTO queryPaymentInfoDTO) { + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } Integer size = queryPaymentInfoDTO.getSize(); int offset = (queryPaymentInfoDTO.getPage() - 1) * size; String order = "DESC"; @@ -715,6 +818,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl> getCities(){ + Long accountId = UserContext.getUserHolder().getId(); + Account account = accountService.getById(accountId); + // 允许查看数据的用户id + if (!ADMIN_IDS.contains(account.getId()) + && !ADMIN_IDS_READ_ONLY.contains(account.getId()) + ) { + throw new BusinessException("have.no.permission", ResultEnum.PROMPT.getCode()); + } List> cities = paymentInfoMapper.getCities(); List> countries = paymentInfoMapper.getCountries(); List cityCollect = cities.stream() @@ -733,6 +844,14 @@ public class ConvenientInquiryServiceImpl extends ServiceImpl