1

src/main/java/com/fdkankan/tk/common/ResultCode.java

@@ -35,6 +35,7 @@ public enum ResultCode {
     TENCENT_YUN_EMPTY(9001,"音视频未配置！"),
     TENCENT_YUN_ERROR(9002,"音视频有多配置！"),
     AGO_ROLE_ERROR(9003,"声网角色Id错误！"),
+    NOT_PER(9004,"没有权限"),
 
 
     ;

src/main/java/com/fdkankan/tk/config/WebAppConfig.java

@@ -18,8 +18,13 @@ public class WebAppConfig implements WebMvcConfigurer {
 	@Override
 	public void addInterceptors(InterceptorRegistry registry) {
 		registry.addInterceptor(tokenInterceptor).addPathPatterns("/**")
-				.excludePathPatterns("/test/**","/roomList/**",
-						"/_inner/**","/wxApi/**","/upload/**","/webApi/**",
+				.excludePathPatterns(
+						"/test/**",
+						"/roomList/**",
+						"/_inner/**",
+						"/wxApi/**",
+						"/upload/**",
+						"/webApi/**",
 						"/checkRoomVisitPassword/**",
 						"/roomVisitData/**",
 						"/roomDataList/**",

src/main/java/com/fdkankan/tk/controller/RoomController.java

@@ -44,6 +44,9 @@ public class RoomController extends BaseController{
      */
     @GetMapping("/roomInfo")
     public ResultData roomInfo(@RequestParam(required = false) String roomId){
+        if(StringUtils.isBlank(roomId)){
+            throw new BusinessException(ResultCode.PARAM_MISS);
+        }
         return ResultData.ok(roomService.getRoomInfo(roomId,getToken(),getWxToken(),request.getSession().getId()));
     }
     /**

src/main/java/com/fdkankan/tk/controller/SceneController.java

@@ -6,7 +6,6 @@ import com.fdkankan.tk.httpClient.client.FdKKClient;
 import com.fdkankan.tk.request.SceneParam;
 import com.fdkankan.tk.service.ISceneService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;

src/main/java/com/fdkankan/tk/httpClient/FdKKService.java

@@ -51,4 +51,36 @@ public class FdKKService {
             throw new BusinessException(ResultCode.USER_NOT_LOGIN);
         }
     }
+
+    public  Boolean checkNum(String num,String pageType,String token) {
+        if(StringUtils.isBlank(pageType)  || StringUtils.isBlank(token) || (StringUtils.isBlank(num) )){
+            return false;
+        }
+
+        Boolean viewAuth = false;
+        Boolean editAuth = false;
+        try {
+            JSONObject jsonObject = fdKKClient.checkCaseAuth(num,"scene",token);
+            Integer code = jsonObject.getInteger("code");
+            if(code != 0){
+                return false;
+            }
+            JSONObject data = jsonObject.getJSONObject("data");
+            viewAuth = data.getBoolean("viewAuth");
+            editAuth = data.getBoolean("editAuth");
+        }catch (Exception e){
+            log.info("checkCaseAuth-error:",e);
+        }
+
+        if(!viewAuth && !editAuth){
+            return false;
+        }
+        if(pageType.equals("edit") && !editAuth){
+            return false;
+        }
+        if(pageType.equals("view") && !viewAuth){
+            return false;
+        }
+        return true;
+    }
 }

src/main/java/com/fdkankan/tk/httpClient/client/FdKKClient.java

@@ -1,10 +1,7 @@
 package com.fdkankan.tk.httpClient.client;
 
 import com.alibaba.fastjson.JSONObject;
-import com.dtflys.forest.annotation.Address;
-import com.dtflys.forest.annotation.Header;
-import com.dtflys.forest.annotation.JSONBody;
-import com.dtflys.forest.annotation.Post;
+import com.dtflys.forest.annotation.*;
 import com.fdkankan.tk.httpClient.address.FdkkAddressSource;
 import com.fdkankan.tk.httpClient.request.FdkkLoginRequest;
 import com.fdkankan.tk.httpClient.response.FdkkLoginVo;
@@ -55,4 +52,7 @@ public interface FdKKClient {
     @Post("/api/fusion/scene/list")
     FdkkResponse sceneList(@JSONBody SceneParam param);
 
+    @Get("/service/manage/inner/checkCaseAuth/{num}/{sourceType}")
+    JSONObject checkCaseAuth( @Var("num")String num,@Var("sourceType")String sourceType,@Header("token") String token);
+
 }

src/main/java/com/fdkankan/tk/interceptor/TokenInterceptor.java

@@ -28,9 +28,6 @@ public class TokenInterceptor implements HandlerInterceptor {
 	@Override
 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
 		response.setContentType("text/html;charset=UTF-8");
-		if( request.getMethod().equals("GET")){
-			return true;
-		}
 		String token = request.getHeader("token");
 		if(StringUtils.isEmpty(token)){
 			this.needLogin(request,response);

src/main/java/com/fdkankan/tk/service/impl/RoomServiceImpl.java

@@ -250,6 +250,13 @@ public class RoomServiceImpl extends ServiceImpl<IRoomMapper, Room> implements I
             }
         }
         List<String> numList = roomNumService.getListByRoomId(roomId);
+        for (String num : numList) {
+            Boolean b = fdKKService.checkNum(num, "view", token);
+            if(!b){
+                throw new BusinessException(ResultCode.NOT_PER);
+            }
+
+        }
         List<SceneVo> list = new ArrayList<>();
         if(numList.size() >0){
             list = sceneService.getListByNumList(numList);