修正模板编辑保存失败，调整内容管理页面权限校验规则

2025-12-06 16:38:24 +08:00 · 2024-02-26 10:04:18 +08:00 · 2024-02-26 10:04:18 +08:00 · 820bc47ff6
commit 820bc47ff6
parent 214b02a739
11 changed files with 19 additions and 15 deletions
--- a/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/controller/CatalogController.java
+++ b/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/controller/CatalogController.java
@ -47,6 +47,7 @@ import com.chestnut.contentcore.service.ICatalogService;
 import com.chestnut.contentcore.service.IPublishPipeService;
 import com.chestnut.contentcore.service.IPublishService;
 import com.chestnut.contentcore.service.ISiteService;
+import com.chestnut.contentcore.util.CmsPrivUtils;
 import com.chestnut.contentcore.util.ConfigPropertyUtils;
 import com.chestnut.contentcore.util.InternalUrlUtils;
 import com.chestnut.contentcore.util.SiteUtils;
@ -70,7 +71,6 @@ import java.util.Map;
 * @author 兮玥
 * @email 190785909@qq.com
 */
-@Priv(type = AdminUserType.TYPE, value = ContentCorePriv.CatalogView)
@RequiredArgsConstructor
@RestController
@RequestMapping("/cms/catalog")
@ -93,6 +93,7 @@ public class CatalogController extends BaseRestController {
 	/**
 	 * 查询栏目数据列表
 	 */
+	@Priv(type = AdminUserType.TYPE, value = ContentCorePriv.CatalogView)
 	@GetMapping
 	public R<?> list() {
 		LoginUser loginUser = StpAdminUtil.getLoginUser();
@ -185,6 +186,7 @@ public class CatalogController extends BaseRestController {
 	/**
 	 * 栏目树结构数据
 	 */
+	@Priv(type = AdminUserType.TYPE, value = CmsPrivUtils.PRIV_SITE_VIEW_PLACEHOLDER)
 	@GetMapping("/treeData")
 	public R<?> treeData() {
 		CmsSite site = this.siteService.getCurrentSite(ServletUtils.getRequest());
--- a/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/controller/ContentController.java
+++ b/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/controller/ContentController.java
@ -15,7 +15,6 @@
 */
 package com.chestnut.contentcore.controller;

-import cn.dev33.satoken.annotation.SaMode;
 import com.baomidou.mybatisplus.core.toolkit.support.SFunction;
 import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
@ -43,7 +42,6 @@ import com.chestnut.contentcore.domain.vo.ListContentVO;
 import com.chestnut.contentcore.fixed.dict.ContentAttribute;
 import com.chestnut.contentcore.listener.event.AfterContentEditorInitEvent;
 import com.chestnut.contentcore.perms.CatalogPermissionType.CatalogPrivItem;
-import com.chestnut.contentcore.perms.ContentCorePriv;
 import com.chestnut.contentcore.service.ICatalogService;
 import com.chestnut.contentcore.service.IContentService;
 import com.chestnut.contentcore.service.IPublishService;
@ -79,11 +77,7 @@ import java.util.Objects;
 * @author 兮玥
 * @email 190785909@qq.com
 */
-@Priv(
-	type = AdminUserType.TYPE,
-	value = { ContentCorePriv.CatalogView, CmsPrivUtils.PRIV_SITE_VIEW_PLACEHOLDER},
-	mode = SaMode.AND
-)
+@Priv(type = AdminUserType.TYPE, value = CmsPrivUtils.PRIV_SITE_VIEW_PLACEHOLDER)
@RequiredArgsConstructor
@RestController
@RequestMapping("/cms/content")
--- a/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/service/impl/TemplateServiceImpl.java
+++ b/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/service/impl/TemplateServiceImpl.java
@ -187,7 +187,7 @@ public class TemplateServiceImpl extends ServiceImpl<CmsTemplateMapper, CmsTempl
 		template.setRemark(dto.getRemark());
 		// 变更文件内容
 		File file = this.getTemplateFile(template);
-		Files.createDirectory(file.getParentFile().toPath());
+		FileExUtils.mkdirs(file.getParentFile().getAbsolutePath());

 		FileUtils.writeStringToFile(file, dto.getContent(), StandardCharsets.UTF_8);

--- a/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/template/tag/CmsContentRelaTag.java
+++ b/chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/template/tag/CmsContentRelaTag.java
@ -67,7 +67,7 @@ public class CmsContentRelaTag extends AbstractListTag {
 		TemplateContext context = FreeMarkerUtils.getTemplateContext(env);
 		Page<CmsContentRela> pageResult = contentRelaMapper.selectPage(new Page<>(pageIndex, size, page),
 				new LambdaQueryWrapper<CmsContentRela>().eq(CmsContentRela::getContentId, contentId));
-		if (pageResult.getRecords().size() > 0) {
+		if (!pageResult.getRecords().isEmpty()) {
 			List<Long> contentIds = pageResult.getRecords().stream().map(CmsContentRela::getRelaContentId).toList();
 			List<CmsContent> contents = this.contentService.lambdaQuery().in(CmsContent::getContentId, contentIds).list();
 			List<ContentDTO> result = contents.stream().map(c -> {
--- a/chestnut-cms/chestnut-cms-search/src/main/java/com/chestnut/cms/search/controller/front/SearchApiController.java
+++ b/chestnut-cms/chestnut-cms-search/src/main/java/com/chestnut/cms/search/controller/front/SearchApiController.java
@ -225,4 +225,11 @@ public class SearchApiController extends BaseRestController {
 		});
 		return this.bindDataTable(list, Objects.isNull(sr.hits().total()) ? 0 : sr.hits().total().value());
 	}
+
+	@GetMapping("/suggest")
+	public R<?> getSuggestWords() {
+
+
+		return R.ok();
+	}
 }
--- a/chestnut-common/chestnut-common-security/src/main/java/com/chestnut/common/security/exception/SecurityErrorCode.java
+++ b/chestnut-common/chestnut-common-security/src/main/java/com/chestnut/common/security/exception/SecurityErrorCode.java
@ -25,7 +25,7 @@ public enum SecurityErrorCode implements ErrorCode {
 	NOT_LOGIN,
 	
 	/**
-	 * 无访问权限
+	 * 无访问权限：{0}
 	 */
 	NOT_PERMISSION,
 	
--- a/chestnut-common/chestnut-common-security/src/main/java/com/chestnut/common/security/exception/handler/GlobalExceptionHandler.java
+++ b/chestnut-common/chestnut-common-security/src/main/java/com/chestnut/common/security/exception/handler/GlobalExceptionHandler.java
@ -73,7 +73,7 @@ public class GlobalExceptionHandler {
 	public R<?> handleSecurityPermissionException(NotPermissionException e, HttpServletRequest request) {
 		String requestURI = request.getRequestURI();
 		log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
-		return R.fail(HttpStatus.FORBIDDEN.value(), I18nUtils.get(SecurityErrorCode.NOT_PERMISSION.value()));
+		return R.fail(HttpStatus.FORBIDDEN.value(), I18nUtils.get(SecurityErrorCode.NOT_PERMISSION.value(), e.getPermission()));
 	}

 	/**
--- a/chestnut-common/chestnut-common-security/src/main/resources/i18n/messages.properties
+++ b/chestnut-common/chestnut-common-security/src/main/resources/i18n/messages.properties
@ -1,5 +1,5 @@
 #错误消息
 ERRCODE.SECURITY.NOT_LOGIN=未登录
-ERRCODE.SECURITY.NOT_PERMISSION=无访问权限
+ERRCODE.SECURITY.NOT_PERMISSION=无访问权限：{0}
 ERRCODE.SECURITY.DEMO_EXCEPTION=演示模式不允许操作
 ERRCODE.SECURITY.UNKNOWN_USER_TYPE=位置用户类型
--- a/chestnut-common/chestnut-common-security/src/main/resources/i18n/messages_en.properties
+++ b/chestnut-common/chestnut-common-security/src/main/resources/i18n/messages_en.properties
@ -1,5 +1,5 @@
 #错误消息
 ERRCODE.SECURITY.NOT_LOGIN=Not login.
-ERRCODE.SECURITY.NOT_PERMISSION=Access denied.
+ERRCODE.SECURITY.NOT_PERMISSION=Access denied for `{0}`.
 ERRCODE.SECURITY.DEMO_EXCEPTION=The operation not allowed in demo mode.
 ERRCODE.SECURITY.UNKNOWN_USER_TYPE=Unknown user type: {0}
--- a/chestnut-common/chestnut-common-security/src/main/resources/i18n/messages_zh_TW.properties
+++ b/chestnut-common/chestnut-common-security/src/main/resources/i18n/messages_zh_TW.properties
@ -1,5 +1,5 @@
 #錯誤消息
 ERRCODE.SECURITY.NOT_LOGIN=未登錄
-ERRCODE.SECURITY.NOT_PERMISSION=無訪問許可權
+ERRCODE.SECURITY.NOT_PERMISSION=無訪問許可權：{0}
 ERRCODE.SECURITY.DEMO_EXCEPTION=演示模式不允許操作
 ERRCODE.SECURITY.UNKNOWN_USER_TYPE=位置用戶類型
--- a/chestnut-ui/src/utils/request.js
+++ b/chestnut-ui/src/utils/request.js
@ -103,6 +103,7 @@ service.interceptors.response.use(res => {
      Message({ message: msg, type: 'warning' })
      return Promise.reject('error')
    } else if (code !== 200) {
+      console.log(res.data)
      Notification.error({ title: msg })
      return Promise.reject('error')
    } else {