From f1e20b08fcc05d78e3d25921494f92f5b9ca49cf Mon Sep 17 00:00:00 2001
From: xiangpei <xiangpei@timesnew.cn>
Date: 星期四, 16 五月 2024 17:19:40 +0800
Subject: [PATCH] 部门管理员权限

---
 src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationProvider.java       |    2 +-
 src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java               |    2 +-
 src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationSuccessHandler.java |    1 +
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationProvider.java b/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationProvider.java
index 305b486..c6c39f9 100644
--- a/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationProvider.java
+++ b/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationProvider.java
@@ -61,7 +61,7 @@
 
         ArrayList<GrantedAuthority> grantedAuthorities = new ArrayList<>();
         // 璧嬩簣閮ㄩ棬绠＄悊鍛樿鑹�
-        if (DeptAdminEnum.YES.getValue().equals(user.getDeptAdmin())) {
+        if (new Integer(-1).equals(user.getRole())) {
             grantedAuthorities.add(new SimpleGrantedAuthority(RoleEnum.DEPT_ADMIN.getRoleName()));
         }
         grantedAuthorities.add(new SimpleGrantedAuthority(RoleEnum.fromCode(user.getRole()).getRoleName()));
diff --git a/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationSuccessHandler.java b/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationSuccessHandler.java
index 30f79c6..3a996ca 100644
--- a/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationSuccessHandler.java
+++ b/src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationSuccessHandler.java
@@ -4,6 +4,7 @@
 import com.mindskip.xzs.domain.UserEventLog;
 import com.mindskip.xzs.event.UserEvent;
 import com.mindskip.xzs.service.UserService;
+import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.security.core.Authentication;
diff --git a/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java b/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java
index c2de944..da5b491 100644
--- a/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java
+++ b/src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java
@@ -92,7 +92,7 @@
                     // 闈欐�佽祫婧愶紝鍙尶鍚嶈闂�
                     // todo 璁剧疆閮ㄩ棬绠＄悊鍛樺彲浠ョ湅鐨勮姹�
                     .antMatchers("/api/admin/**").hasAnyRole(RoleEnum.ADMIN.getName(), RoleEnum.DEPT_ADMIN.getName())
-                    .antMatchers("/api/student/**").hasRole(RoleEnum.STUDENT.getName())
+                    .antMatchers("/api/student/**").hasAnyRole(RoleEnum.STUDENT.getName(), RoleEnum.DEPT_ADMIN.getName())
                     .anyRequest().permitAll()
                     .and().exceptionHandling().accessDeniedHandler(restAccessDeniedHandler)
                     .and().formLogin().successHandler(restAuthenticationSuccessHandler).failureHandler(restAuthenticationFailureHandler)

--
Gitblit v1.8.0