22
33import net .liuxuan .SprKi .entity .CMSCategoryEditor ;
44import net .liuxuan .SprKi .entity .CMSComment ;
5+ import net .liuxuan .SprKi .entity .CMSContent ;
56import net .liuxuan .SprKi .entity .CMSContentTags ;
67import net .liuxuan .SprKi .entity .DTO .FAQSearchDTO ;
78import net .liuxuan .SprKi .entity .labthink .Department ;
@@ -153,12 +154,18 @@ public String getFAQID(@PathVariable Long id, HttpServletRequest request, HttpSe
153154 FAQContent faq = faqContentService .findById (id );
154155
155156 //TODO 无权限时 显示内容
156- if (!hasAccessRight (faq )) {
157+ if (!faqContentService . hasAccessRight (faq )) {
157158 faq = createNoAccessRightFaqContent ("您无权编辑该条信息" );
158159 faq .setId (id );
159160 model .put ("faq" , faq );
160161 return "faq/faq_show" ;
161162 }
163+ if (faq .isDisabled ()==true ){
164+ faq = createNoAccessRightFaqContent ("该条信息已删除" );
165+ faq .setId (id );
166+ model .put ("faq" , faq );
167+ return "faq/faq_show" ;
168+ }
162169
163170
164171 log .trace ("faq to show publish_date is:{}" , faq .getPublishDate ());
@@ -190,12 +197,22 @@ public String showFAQID(@PathVariable Long id, HttpServletRequest request, HttpS
190197 if (faq == null ) {
191198 throw new ContentNotFoundException ("" , id );
192199 }
193- if (!hasAccessRight (faq )) {
200+ if (!faqContentService . hasAccessRight (faq )) {
194201 faq = createNoAccessRightFaqContent ("您无权查看该条信息" );
195202 faq .setId (id );
196203 model .put ("faq" , faq );
197204 return "faq/faq_show" ;
198205 }
206+ if (faq .isDisabled ()==true ){
207+ faq = createNoAccessRightFaqContent ("该条信息已删除" );
208+ faq .setId (id );
209+ model .put ("faq" , faq );
210+ return "faq/faq_show" ;
211+ }
212+ boolean isAdmin = SystemHelper .isCurrentUserAdmin ();
213+ //将是否可修改comment设定到每个comment的 canedit属性中(临时属性,不计入数据库的)
214+ faq .getComments ().stream ().forEach (e ->e .judgeCanEdit (isAdmin ));
215+
199216 model .put ("faq" , faq );
200217// devicesRepository.findAll();
201218// List<Devices> devicesAll = devicesRepository.findAll();
@@ -222,7 +239,7 @@ public String deleteFAQID(@PathVariable Long id, HttpServletRequest request, Htt
222239 if (faq == null ) {
223240 return "redirect:/faq/list" ;
224241 }
225- if (!hasAccessRight (faq )) {
242+ if (!faqContentService . hasAccessRight (faq )) {
226243 faq = createNoAccessRightFaqContent ("您无权删除该条信息" );
227244 faq .setId (id );
228245 model .put ("faq" , faq );
@@ -253,109 +270,6 @@ public FAQContent createNoAccessRightFaqContent(String accessErrorText) {
253270 return faq ;
254271 }
255272
256- /**
257- * Judge if the User has role to access the FAQContent.
258- *
259- * @param rolenames the rolenames
260- * @param dept the faq
261- * @return the boolean
262- */
263- public boolean hasRole (Set <String > rolenames , Department dept ) {
264- String deparmentRoleName = departmentService .getDeparmentRoleName (dept );
265- if (rolenames .contains (deparmentRoleName )) {
266- return true ;
267- } else {
268- return false ;
269- }
270- }
271-
272- /**
273- * Judge if the User has role to access the FAQContent.
274- *
275- * @param rolenames the rolenames
276- * @param faq the faq
277- * @return the boolean
278- */
279- public boolean hasRole (Set <String > rolenames , FAQContent faq ) {
280- return hasRole (rolenames , faq .getDepartment ());
281- }
282-
283- /**
284- * Judge if the User has role to access the FAQContent.
285- *
286- * @param faq the faq
287- * @return the boolean
288- */
289- public boolean hasRole (FAQContent faq ) {
290- List <Role > currentUserRoles = SystemHelper .getCurrentUserRoles ();
291- Set <String > rolenames = currentUserRoles .stream ().map (e -> e .getRolename ()).collect (Collectors .toSet ());
292- return hasRole (rolenames , faq );
293- }
294-
295- /**
296- * Is admin boolean.
297- *
298- * @param rolenames the rolenames
299- * @return the boolean
300- */
301- public boolean isAdmin (Set <String > rolenames ) {
302- // if (rolenames.contains("ROLE_ADMIN")) {
303- // return true;
304- // }
305- // return false;
306- return rolenames .contains ("ROLE_ADMIN" );
307- }
308-
309- /**
310- * Is admin boolean.
311- *
312- * @return the boolean
313- */
314- public boolean isAdmin () {
315- List <Role > currentUserRoles = SystemHelper .getCurrentUserRoles ();
316- Set <String > rolenames = currentUserRoles .stream ().map (e -> e .getRolename ()).collect (Collectors .toSet ());
317- return isAdmin (rolenames );
318- }
319-
320- /**
321- * Is author boolean.
322- *
323- * @param faq the faq
324- * @return the boolean
325- */
326- public boolean isAuthor (FAQContent faq ) {
327- DbUser currentUser = SystemHelper .getCurrentUser ();
328- if (faq .getAuthor ().getUsername ().equals (currentUser .getUsername ())) {
329- return true ;
330- } else {
331- return false ;
332- }
333- }
334-
335- /**
336- * Has access right boolean.
337- *
338- * @param rolenames the rolenames
339- * @param faq the faq
340- * @return the boolean
341- */
342- public boolean hasAccessRight (Set <String > rolenames , FAQContent faq ) {
343- boolean rtn = isAdmin (rolenames ) || isAuthor (faq ) || hasRole (rolenames , faq );
344- return rtn ;
345- }
346-
347- /**
348- * Has access right boolean.
349- *
350- * @param faq the faq
351- * @return the boolean
352- */
353- public boolean hasAccessRight (FAQContent faq ) {
354- List <Role > currentUserRoles = SystemHelper .getCurrentUserRoles ();
355- Set <String > rolenames = currentUserRoles .stream ().map (e -> e .getRolename ()).collect (Collectors .toSet ());
356- return hasAccessRight (rolenames , faq );
357- }
358-
359273 /**
360274 * Gets faq list.
361275 *
@@ -386,10 +300,11 @@ public String getFAQList(FAQSearchDTO dto, HttpServletRequest request, HttpServl
386300 /*
387301 处理按照权限查询
388302 */
389- List <FAQContent > filteredFAQContents = allFAQContents
390- .stream ()
391- .filter (faq -> hasAccessRight (rolenames , faq ))
392- .collect (Collectors .toList ());
303+ List <FAQContent > filteredFAQContents = faqContentService .filterListByAccessRight (allFAQContents ,rolenames );
304+ // List<FAQContent> filteredFAQContents = allFAQContents
305+ // .stream()
306+ // .filter(faq -> hasAccessRight(rolenames, faq))
307+ // .collect(Collectors.toList());
393308 log .debug ("faq list size is {}" , filteredFAQContents .size ());
394309 model .put ("allfaqlist" , filteredFAQContents );
395310 model .put ("dto" , dto );
@@ -454,14 +369,20 @@ public String postFAQ(FAQContent faq, HttpServletRequest request, Map<String, Ob
454369 @ RequestMapping (value = "/faq/comment" , method = RequestMethod .POST )
455370// @PreAuthorize("hasRole('ROLE_USER')")
456371 public void postComment (CMSComment comment , HttpServletRequest request , HttpServletResponse response , Map <String , Object > model ) throws IOException {
457- System .out .println (comment .getId ());
372+ // System.out.println(comment.getId());
458373 FAQContent faq = faqContentService .findById (comment .getId ());
459374 comment .setContent (faq );
460375 comment .setId (null );
461376 comment = cmsCommentService .saveCMSComment (comment );
462377 ResponseHelper .writeObjectToResponseAsJson (response ,comment );
463-
464-
378+ }
379+ @ RequestMapping (value = "/faq/comment/delete" , method = RequestMethod .POST )
380+ public void deleteComment (CMSComment comment , HttpServletRequest request , HttpServletResponse response , Map <String , Object > model ) throws IOException {
381+ System .out .println (comment .getId ());
382+ comment = cmsCommentService .findCMSCommentById (comment .getId ());
383+ faqContentService .refreshCache (comment .getContent ().getId ());
384+ boolean b = cmsCommentService .deleteCMSCommentById (comment .getId ());
385+ ResponseHelper .writeObjectToResponseAsJson (response ,b );
465386 }
466387
467388 /**
0 commit comments