diff --git a/tool-tech-admin/src/main/java/com/rzdata/web/controller/document/DocumentController.java b/tool-tech-admin/src/main/java/com/rzdata/web/controller/document/DocumentController.java index f9cdbb2..789ed60 100644 --- a/tool-tech-admin/src/main/java/com/rzdata/web/controller/document/DocumentController.java +++ b/tool-tech-admin/src/main/java/com/rzdata/web/controller/document/DocumentController.java @@ -32,7 +32,6 @@ public class DocumentController extends BaseController /** * 查询【文档资源信息】列表 */ - @PreAuthorize("@ss.hasPermi('system:document:list')") @GetMapping("/list") public TableDataInfo list(Document Document) { @@ -44,7 +43,6 @@ public class DocumentController extends BaseController /** * 导出【文档资源信息】列表 */ - @PreAuthorize("@ss.hasPermi('system:document:export')") @Log(title = "【文档资源信息】", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, Document Document) @@ -57,7 +55,6 @@ public class DocumentController extends BaseController /** * 获取【文档资源信息】详细信息 */ - @PreAuthorize("@ss.hasPermi('system:document:query')") @GetMapping(value = "/{docId}") public AjaxResult getInfo(@PathVariable("docId") String docId) { @@ -67,7 +64,6 @@ public class DocumentController extends BaseController /** * 新增【文档资源信息】 */ - @PreAuthorize("@ss.hasPermi('system:document:add')") @Log(title = "【请填写功能名称】", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody Document Document) @@ -82,7 +78,6 @@ public class DocumentController extends BaseController /** * 修改【文档资源信息】 */ - @PreAuthorize("@ss.hasPermi('system:document:edit')") @Log(title = "【请填写功能名称】", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody Document Document) @@ -93,7 +88,6 @@ public class DocumentController extends BaseController /** * 删除【文档资源信息】 */ - @PreAuthorize("@ss.hasPermi('system:document:remove')") @Log(title = "【请填写功能名称】", businessType = BusinessType.DELETE) @DeleteMapping("/{ids}") public AjaxResult remove(@PathVariable String[] ids) diff --git a/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/ToolController.java b/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/ToolController.java index b3e730f..7d51e56 100644 --- a/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/ToolController.java +++ b/tool-tech-admin/src/main/java/com/rzdata/web/controller/tool/ToolController.java @@ -33,7 +33,6 @@ public class ToolController extends BaseController /** * 查询工具信息列表 */ - @PreAuthorize("@ss.hasPermi('system:tool:list')") @GetMapping("/list") public TableDataInfo list(Tool tool) { @@ -45,7 +44,6 @@ public class ToolController extends BaseController /** * 导出工具信息列表 */ - @PreAuthorize("@ss.hasPermi('system:tool:export')") @Log(title = "工具信息", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, Tool tTool) @@ -58,7 +56,6 @@ public class ToolController extends BaseController /** * 获取工具信息详细信息 */ - @PreAuthorize("@ss.hasPermi('system:tool:query')") @GetMapping(value = "/{toolId}") public AjaxResult getInfo(@PathVariable("toolId") String toolId) { @@ -68,7 +65,6 @@ public class ToolController extends BaseController /** * 新增工具信息 */ - @PreAuthorize("@ss.hasPermi('system:tool:add')") @Log(title = "工具信息", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody Tool tTool) @@ -82,7 +78,6 @@ public class ToolController extends BaseController /** * 修改工具信息 */ - @PreAuthorize("@ss.hasPermi('system:tool:edit')") @Log(title = "工具信息", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody Tool tTool) @@ -93,7 +88,6 @@ public class ToolController extends BaseController /** * 删除工具信息 */ - @PreAuthorize("@ss.hasPermi('system:tool:remove')") @Log(title = "工具信息", businessType = BusinessType.DELETE) @DeleteMapping("/{toolIds}") public AjaxResult remove(@PathVariable String[] toolIds) diff --git a/tool-tech-admin/src/main/resources/application-druid.yml b/tool-tech-admin/src/main/resources/application-druid.yml index fa05699..d426f47 100644 --- a/tool-tech-admin/src/main/resources/application-druid.yml +++ b/tool-tech-admin/src/main/resources/application-druid.yml @@ -6,9 +6,9 @@ spring: druid: # 主库数据源 master: - url: jdbc:mysql://localhost:3306/ja-vue-3.8.8?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8 - username: root - password: 123456 + url: jdbc:mysql://192.168.1.168:3307/tool_tech?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8 + username: tool_tech + password: Tooltech@123 # 从库数据源 slave: # 从数据源开关/默认关闭 diff --git a/tool-tech-framework/src/main/java/com/rzdata/framework/web/exception/GlobalExceptionHandler.java b/tool-tech-framework/src/main/java/com/rzdata/framework/web/exception/GlobalExceptionHandler.java index ca0e45d..b441d0d 100644 --- a/tool-tech-framework/src/main/java/com/rzdata/framework/web/exception/GlobalExceptionHandler.java +++ b/tool-tech-framework/src/main/java/com/rzdata/framework/web/exception/GlobalExceptionHandler.java @@ -1,20 +1,30 @@ package com.rzdata.framework.web.exception; import cn.hutool.core.util.StrUtil; +import com.rzdata.common.core.domain.AjaxResult; +import com.rzdata.common.core.text.Convert; import com.rzdata.common.exception.ErrorInfo; import com.rzdata.common.exception.RestException; +import com.rzdata.common.exception.ServiceException; +import com.rzdata.common.utils.StringUtils; +import com.rzdata.common.utils.html.EscapeUtil; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.TypeMismatchException; import org.springframework.http.HttpStatus; +import org.springframework.security.access.AccessDeniedException; import org.springframework.validation.BindException; import org.springframework.validation.FieldError; +import org.springframework.web.HttpRequestMethodNotSupportedException; import org.springframework.web.bind.MethodArgumentNotValidException; +import org.springframework.web.bind.MissingPathVariableException; import org.springframework.web.bind.MissingRequestHeaderException; import org.springframework.web.bind.MissingServletRequestParameterException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestControllerAdvice; +import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException; +import javax.servlet.http.HttpServletRequest; import javax.validation.ConstraintViolation; import javax.validation.ConstraintViolationException; import java.util.Objects; @@ -104,4 +114,65 @@ public class GlobalExceptionHandler { return ErrorInfo.result(e.getErrCode(), e.getMessage(), e.getMessage(), e.getDetail()); } + /** + * 权限校验异常 + */ + @ExceptionHandler(AccessDeniedException.class) + public AjaxResult handleAccessDeniedException(AccessDeniedException e, HttpServletRequest request) + { + String requestURI = request.getRequestURI(); + log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage()); + return AjaxResult.error(com.rzdata.common.constant.HttpStatus.FORBIDDEN, "没有权限,请联系管理员授权"); + } + + /** + * 请求方式不支持 + */ + @ExceptionHandler(HttpRequestMethodNotSupportedException.class) + public AjaxResult handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e, + HttpServletRequest request) + { + String requestURI = request.getRequestURI(); + log.error("请求地址'{}',不支持'{}'请求", requestURI, e.getMethod()); + return AjaxResult.error(e.getMessage()); + } + + /** + * 业务异常 + */ + @ExceptionHandler(ServiceException.class) + public AjaxResult handleServiceException(ServiceException e, HttpServletRequest request) + { + log.error(e.getMessage(), e); + Integer code = e.getCode(); + return StringUtils.isNotNull(code) ? AjaxResult.error(code, e.getMessage()) : AjaxResult.error(e.getMessage()); + } + + /** + * 请求路径中缺少必需的路径变量 + */ + @ExceptionHandler(MissingPathVariableException.class) + public AjaxResult handleMissingPathVariableException(MissingPathVariableException e, HttpServletRequest request) + { + String requestURI = request.getRequestURI(); + log.error("请求路径中缺少必需的路径变量'{}',发生系统异常.", requestURI, e); + return AjaxResult.error(String.format("请求路径中缺少必需的路径变量[%s]", e.getVariableName())); + } + + /** + * 请求参数类型不匹配 + */ + @ExceptionHandler(MethodArgumentTypeMismatchException.class) + public AjaxResult handleMethodArgumentTypeMismatchException(MethodArgumentTypeMismatchException e, HttpServletRequest request) + { + String requestURI = request.getRequestURI(); + String value = Convert.toStr(e.getValue()); + if (StringUtils.isNotEmpty(value)) + { + value = EscapeUtil.clean(value); + } + log.error("请求参数类型不匹配'{}',发生系统异常.", requestURI, e); + return AjaxResult.error(String.format("请求参数类型不匹配,参数[%s]要求类型为:'%s',但输入值为:'%s'", e.getName(), e.getRequiredType().getName(), value)); + } + } diff --git a/tool-tech-framework/src/main/java/com/rzdata/framework/web/service/SysLoginService.java b/tool-tech-framework/src/main/java/com/rzdata/framework/web/service/SysLoginService.java index da67bfd..00ab29f 100644 --- a/tool-tech-framework/src/main/java/com/rzdata/framework/web/service/SysLoginService.java +++ b/tool-tech-framework/src/main/java/com/rzdata/framework/web/service/SysLoginService.java @@ -64,7 +64,7 @@ public class SysLoginService public String login(String username, String password, String code, String uuid) { // 验证码校验 - validateCaptcha(username, code, uuid); + //validateCaptcha(username, code, uuid); // 登录前置校验 loginPreCheck(username, password); // 用户验证