From daf7acb4f107a427e4a83ba1eb26e5e6012cbdaf Mon Sep 17 00:00:00 2001 From: kongzy <kongzy> Date: 星期三, 26 六月 2024 17:04:52 +0800 Subject: [PATCH] update --- exam-system/src/main/java/com/gkhy/exam/system/service/impl/ExQuestionServiceImpl.java | 49 ++++++++++++++++++++++++++++++++++++++++++++----- 1 files changed, 44 insertions(+), 5 deletions(-) diff --git a/exam-system/src/main/java/com/gkhy/exam/system/service/impl/ExQuestionServiceImpl.java b/exam-system/src/main/java/com/gkhy/exam/system/service/impl/ExQuestionServiceImpl.java index 7c6cd3e..809eabf 100644 --- a/exam-system/src/main/java/com/gkhy/exam/system/service/impl/ExQuestionServiceImpl.java +++ b/exam-system/src/main/java/com/gkhy/exam/system/service/impl/ExQuestionServiceImpl.java @@ -16,8 +16,10 @@ import com.gkhy.exam.system.domain.ExExamPaper; import com.gkhy.exam.system.domain.ExPaperStudent; import com.gkhy.exam.system.domain.ExQuestion; +import com.gkhy.exam.system.domain.ExQuestionBank; import com.gkhy.exam.system.mapper.ExExamPaperMapper; import com.gkhy.exam.system.mapper.ExPaperStudentMapper; +import com.gkhy.exam.system.mapper.ExQuestionBankMapper; import com.gkhy.exam.system.mapper.ExQuestionMapper; import com.gkhy.exam.system.service.ExQuestionService; import org.springframework.beans.factory.annotation.Autowired; @@ -41,11 +43,22 @@ private ExPaperStudentMapper paperStudentMapper; @Autowired private ExExamPaperMapper examPaperMapper; + @Autowired + private ExQuestionBankMapper questionBankMapper; @Override public CommonPage selectQuestionList(ExQuestion question) { if(question.getBankId()==null){ throw new ApiException("题库id不能为空"); + } + ExQuestionBank questionBank=questionBankMapper.selectById(question.getBankId()); + if(!questionBank.getPrivatize().equals(PrivatizeEnum.PUBLIC.getCode())){ + SysUser currentUser=SecurityUtils.getLoginUser().getUser(); + if(!currentUser.getUserType().equals(UserTypeEnum.SYSTEM_USER.getCode())){ + if(!question.getCompanyId().equals(currentUser.getCompanyId())){ + throw new ApiException("无权限查看其它企业题目"); + } + } } PageUtils.startPage(); List<ExQuestion> questionList=baseMapper.selectQuestionList(question); @@ -54,18 +67,29 @@ @Override public ExQuestion selectQuestionById(Long questionId) { - return baseMapper.selectById(questionId); + ExQuestion question= baseMapper.selectById(questionId); + if(question.getPrivatize().equals(PrivatizeEnum.PUBLIC.getCode())){ + return question; + } + SysUser currentUser=SecurityUtils.getLoginUser().getUser(); + if(currentUser.getUserType().equals(UserTypeEnum.SYSTEM_USER.getCode())){ + return question; + } + if(!question.getCompanyId().equals(currentUser.getCompanyId())){ + throw new ApiException("无权限查看其它企业题目"); + } + return question; } @Override public int insertQuestion(ExQuestion question) { + checkUserAllowed(question); SysUser user= SecurityUtils.getLoginUser().getUser(); - if(user.getUserType().equals(UserTypeEnum.SYSTEM_USER.getCode())){ + //公开的题库新增题目,题目也是公开 + ExQuestionBank questionBank=questionBankMapper.selectById(question.getBankId()); + if(user.getUserType().equals(UserTypeEnum.SYSTEM_USER.getCode())||questionBank.getPrivatize().equals(PrivatizeEnum.PUBLIC.getCode())){ question.setPrivatize(PrivatizeEnum.PUBLIC.getCode()); }else{ - if(user.getCompanyId()==null){ - throw new ApiException("获取用户公司id失败"); - } question.setCompanyId(user.getCompanyId()); question.setPrivatize(PrivatizeEnum.PRIVATE.getCode()); } @@ -80,6 +104,7 @@ @Override public int updateQuestion(ExQuestion question) { validData(question); + checkUserAllowed(question); int row=baseMapper.updateById(question); if(row<1){ throw new ApiException("编辑题目失败"); @@ -108,8 +133,22 @@ } + public void checkUserAllowed(ExQuestion question) { + SysUser currentUser= SecurityUtils.getLoginUser().getUser(); + if(currentUser.getUserType().equals(UserTypeEnum.SYSTEM_USER.getCode())){ + return; + } + if(currentUser.getUserType().equals(UserTypeEnum.STUDENT.getCode())){ + throw new ApiException("没有权限操作"); + } + if(!currentUser.getCompanyId().equals(question.getCompanyId())){ + throw new ApiException("没有权限操作其他企业题目"); + } + } + @Override public int deleteQuestionById(Long questionId) { + checkUserAllowed(baseMapper.selectById(questionId)); return baseMapper.deleteById(questionId); } -- Gitblit v1.9.2