admin/ChestnutCMS
1
0
Fork 0
mirror of https://gitee.com/liweiyi/ChestnutCMS.git synced 2025-12-07 00:48:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

修正模板编辑保存失败,调整内容管理页面权限校验规则

Browse Source
This commit is contained in:
liweiyi 2024-02-26 10:04:18 +08:00
parent 214b02a739
commit 820bc47ff6
11 changed files with 19 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/controller/CatalogController.java
View File

@ -47,6 +47,7 @@ import com.chestnut.contentcore.service.ICatalogService;
import com.chestnut.contentcore.service.IPublishPipeService; import com.chestnut.contentcore.service.IPublishPipeService;
import com.chestnut.contentcore.service.IPublishService; import com.chestnut.contentcore.service.IPublishService;
import com.chestnut.contentcore.service.ISiteService; import com.chestnut.contentcore.service.ISiteService;
import com.chestnut.contentcore.util.CmsPrivUtils;
import com.chestnut.contentcore.util.ConfigPropertyUtils; import com.chestnut.contentcore.util.ConfigPropertyUtils;
import com.chestnut.contentcore.util.InternalUrlUtils; import com.chestnut.contentcore.util.InternalUrlUtils;
import com.chestnut.contentcore.util.SiteUtils; import com.chestnut.contentcore.util.SiteUtils;
@ -70,7 +71,6 @@ import java.util.Map;
* @author 兮玥 * @author 兮玥
* @email 190785909@qq.com * @email 190785909@qq.com
*/ */
@Priv(type = AdminUserType.TYPE, value = ContentCorePriv.CatalogView)
@RequiredArgsConstructor @RequiredArgsConstructor
@RestController @RestController
@RequestMapping("/cms/catalog") @RequestMapping("/cms/catalog")
@ -93,6 +93,7 @@ public class CatalogController extends BaseRestController {
/** /**
* 查询栏目数据列表 * 查询栏目数据列表
*/ */
@Priv(type = AdminUserType.TYPE, value = ContentCorePriv.CatalogView)
@GetMapping @GetMapping
public R<?> list() { public R<?> list() {
LoginUser loginUser = StpAdminUtil.getLoginUser(); LoginUser loginUser = StpAdminUtil.getLoginUser();
@ -185,6 +186,7 @@ public class CatalogController extends BaseRestController {
/** /**
* 栏目树结构数据 * 栏目树结构数据
*/ */
@Priv(type = AdminUserType.TYPE, value = CmsPrivUtils.PRIV_SITE_VIEW_PLACEHOLDER)
@GetMapping("/treeData") @GetMapping("/treeData")
public R<?> treeData() { public R<?> treeData() {
CmsSite site = this.siteService.getCurrentSite(ServletUtils.getRequest()); CmsSite site = this.siteService.getCurrentSite(ServletUtils.getRequest());

8
chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/controller/ContentController.java
View File

@ -15,7 +15,6 @@
*/ */
package com.chestnut.contentcore.controller; package com.chestnut.contentcore.controller;
import cn.dev33.satoken.annotation.SaMode;
import com.baomidou.mybatisplus.core.toolkit.support.SFunction; import com.baomidou.mybatisplus.core.toolkit.support.SFunction;
import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper; import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
@ -43,7 +42,6 @@ import com.chestnut.contentcore.domain.vo.ListContentVO;
import com.chestnut.contentcore.fixed.dict.ContentAttribute; import com.chestnut.contentcore.fixed.dict.ContentAttribute;
import com.chestnut.contentcore.listener.event.AfterContentEditorInitEvent; import com.chestnut.contentcore.listener.event.AfterContentEditorInitEvent;
import com.chestnut.contentcore.perms.CatalogPermissionType.CatalogPrivItem; import com.chestnut.contentcore.perms.CatalogPermissionType.CatalogPrivItem;
import com.chestnut.contentcore.perms.ContentCorePriv;
import com.chestnut.contentcore.service.ICatalogService; import com.chestnut.contentcore.service.ICatalogService;
import com.chestnut.contentcore.service.IContentService; import com.chestnut.contentcore.service.IContentService;
import com.chestnut.contentcore.service.IPublishService; import com.chestnut.contentcore.service.IPublishService;
@ -79,11 +77,7 @@ import java.util.Objects;
* @author 兮玥 * @author 兮玥
* @email 190785909@qq.com * @email 190785909@qq.com
*/ */
@Priv( @Priv(type = AdminUserType.TYPE, value = CmsPrivUtils.PRIV_SITE_VIEW_PLACEHOLDER)
type = AdminUserType.TYPE,
value = { ContentCorePriv.CatalogView, CmsPrivUtils.PRIV_SITE_VIEW_PLACEHOLDER},
mode = SaMode.AND
)
@RequiredArgsConstructor @RequiredArgsConstructor
@RestController @RestController
@RequestMapping("/cms/content") @RequestMapping("/cms/content")

2
chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/service/impl/TemplateServiceImpl.java
View File

@ -187,7 +187,7 @@ public class TemplateServiceImpl extends ServiceImpl<CmsTemplateMapper, CmsTempl
template.setRemark(dto.getRemark()); template.setRemark(dto.getRemark());
// 变更文件内容 // 变更文件内容
File file = this.getTemplateFile(template); File file = this.getTemplateFile(template);
Files.createDirectory(file.getParentFile().toPath()); FileExUtils.mkdirs(file.getParentFile().getAbsolutePath());
FileUtils.writeStringToFile(file, dto.getContent(), StandardCharsets.UTF_8); FileUtils.writeStringToFile(file, dto.getContent(), StandardCharsets.UTF_8);

2
chestnut-cms/chestnut-cms-contentcore/src/main/java/com/chestnut/contentcore/template/tag/CmsContentRelaTag.java
View File

@ -67,7 +67,7 @@ public class CmsContentRelaTag extends AbstractListTag {
TemplateContext context = FreeMarkerUtils.getTemplateContext(env); TemplateContext context = FreeMarkerUtils.getTemplateContext(env);
Page<CmsContentRela> pageResult = contentRelaMapper.selectPage(new Page<>(pageIndex, size, page), Page<CmsContentRela> pageResult = contentRelaMapper.selectPage(new Page<>(pageIndex, size, page),
new LambdaQueryWrapper<CmsContentRela>().eq(CmsContentRela::getContentId, contentId)); new LambdaQueryWrapper<CmsContentRela>().eq(CmsContentRela::getContentId, contentId));
if (pageResult.getRecords().size() > 0) { if (!pageResult.getRecords().isEmpty()) {
List<Long> contentIds = pageResult.getRecords().stream().map(CmsContentRela::getRelaContentId).toList(); List<Long> contentIds = pageResult.getRecords().stream().map(CmsContentRela::getRelaContentId).toList();
List<CmsContent> contents = this.contentService.lambdaQuery().in(CmsContent::getContentId, contentIds).list(); List<CmsContent> contents = this.contentService.lambdaQuery().in(CmsContent::getContentId, contentIds).list();
List<ContentDTO> result = contents.stream().map(c -> { List<ContentDTO> result = contents.stream().map(c -> {

7
chestnut-cms/chestnut-cms-search/src/main/java/com/chestnut/cms/search/controller/front/SearchApiController.java
View File

@ -225,4 +225,11 @@ public class SearchApiController extends BaseRestController {
}); });
return this.bindDataTable(list, Objects.isNull(sr.hits().total()) ? 0 : sr.hits().total().value()); return this.bindDataTable(list, Objects.isNull(sr.hits().total()) ? 0 : sr.hits().total().value());
} }
@GetMapping("/suggest")
public R<?> getSuggestWords() {
return R.ok();
}
} }

2
chestnut-common/chestnut-common-security/src/main/java/com/chestnut/common/security/exception/SecurityErrorCode.java
View File

@ -25,7 +25,7 @@ public enum SecurityErrorCode implements ErrorCode {
NOT_LOGIN, NOT_LOGIN,
/** /**
* 无访问权限 * 无访问权限{0}
*/ */
NOT_PERMISSION, NOT_PERMISSION,

2
chestnut-common/chestnut-common-security/src/main/java/com/chestnut/common/security/exception/handler/GlobalExceptionHandler.java
View File

@ -73,7 +73,7 @@ public class GlobalExceptionHandler {
public R<?> handleSecurityPermissionException(NotPermissionException e, HttpServletRequest request) { public R<?> handleSecurityPermissionException(NotPermissionException e, HttpServletRequest request) {
String requestURI = request.getRequestURI(); String requestURI = request.getRequestURI();
log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage()); log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
return R.fail(HttpStatus.FORBIDDEN.value(), I18nUtils.get(SecurityErrorCode.NOT_PERMISSION.value())); return R.fail(HttpStatus.FORBIDDEN.value(), I18nUtils.get(SecurityErrorCode.NOT_PERMISSION.value(), e.getPermission()));
} }
/** /**

2
chestnut-common/chestnut-common-security/src/main/resources/i18n/messages.properties
View File

@ -1,5 +1,5 @@
#错误消息 #错误消息
ERRCODE.SECURITY.NOT_LOGIN=未登录 ERRCODE.SECURITY.NOT_LOGIN=未登录
ERRCODE.SECURITY.NOT_PERMISSION=无访问权限 ERRCODE.SECURITY.NOT_PERMISSION=无访问权限{0}
ERRCODE.SECURITY.DEMO_EXCEPTION=演示模式不允许操作 ERRCODE.SECURITY.DEMO_EXCEPTION=演示模式不允许操作
ERRCODE.SECURITY.UNKNOWN_USER_TYPE=位置用户类型 ERRCODE.SECURITY.UNKNOWN_USER_TYPE=位置用户类型

2
chestnut-common/chestnut-common-security/src/main/resources/i18n/messages_en.properties
View File

@ -1,5 +1,5 @@
#错误消息 #错误消息
ERRCODE.SECURITY.NOT_LOGIN=Not login. ERRCODE.SECURITY.NOT_LOGIN=Not login.
ERRCODE.SECURITY.NOT_PERMISSION=Access denied. ERRCODE.SECURITY.NOT_PERMISSION=Access denied for `{0}`.
ERRCODE.SECURITY.DEMO_EXCEPTION=The operation not allowed in demo mode. ERRCODE.SECURITY.DEMO_EXCEPTION=The operation not allowed in demo mode.
ERRCODE.SECURITY.UNKNOWN_USER_TYPE=Unknown user type: {0} ERRCODE.SECURITY.UNKNOWN_USER_TYPE=Unknown user type: {0}

2
chestnut-common/chestnut-common-security/src/main/resources/i18n/messages_zh_TW.properties
View File

@ -1,5 +1,5 @@
#錯誤消息 #錯誤消息
ERRCODE.SECURITY.NOT_LOGIN=未登錄 ERRCODE.SECURITY.NOT_LOGIN=未登錄
ERRCODE.SECURITY.NOT_PERMISSION=無訪問許可權 ERRCODE.SECURITY.NOT_PERMISSION=無訪問許可權{0}
ERRCODE.SECURITY.DEMO_EXCEPTION=演示模式不允許操作 ERRCODE.SECURITY.DEMO_EXCEPTION=演示模式不允許操作
ERRCODE.SECURITY.UNKNOWN_USER_TYPE=位置用戶類型 ERRCODE.SECURITY.UNKNOWN_USER_TYPE=位置用戶類型

1
chestnut-ui/src/utils/request.js
View File

@ -103,6 +103,7 @@ service.interceptors.response.use(res => {
Message({ message: msg, type: 'warning' }) Message({ message: msg, type: 'warning' })
return Promise.reject('error') return Promise.reject('error')
} else if (code !== 200) { } else if (code !== 200) {
console.log(res.data)
Notification.error({ title: msg }) Notification.error({ title: msg })
return Promise.reject('error') return Promise.reject('error')
} else { } else {