diff --git a/coolstore-partner-service/src/main/java/com/cool/store/service/impl/DeskServiceImpl.java b/coolstore-partner-service/src/main/java/com/cool/store/service/impl/DeskServiceImpl.java index 14442ecf2..5150d9e3b 100644 --- a/coolstore-partner-service/src/main/java/com/cool/store/service/impl/DeskServiceImpl.java +++ b/coolstore-partner-service/src/main/java/com/cool/store/service/impl/DeskServiceImpl.java @@ -514,7 +514,8 @@ public class DeskServiceImpl implements DeskService { if (userRoleIds.contains(UserRoleEnum.PRESIDENT.getCode()) ) { subStageStatusList.add(ShopSubStageStatusEnum.SHOP_SUB_STAGE_STATUS_155.getShopSubStageStatus()); } - return commonPendingVOPageInfo(pageNum, pageSize, null, ShopSubStageEnum.SHOP_STAGE_15, subStageStatusList, true); + Boolean isAdmin = sysRoleService.checkIsAdmin(user.getUserId()); + return commonPendingVOPageInfo(pageNum, pageSize, isAdmin?null:user, ShopSubStageEnum.SHOP_STAGE_15, subStageStatusList, isAdmin?Boolean.FALSE:Boolean.TRUE); } diff --git a/coolstore-partner-web/src/main/java/com/cool/store/config/SignValidateFilter.java b/coolstore-partner-web/src/main/java/com/cool/store/config/SignValidateFilter.java index d96af4e4a..3d7dc6c62 100644 --- a/coolstore-partner-web/src/main/java/com/cool/store/config/SignValidateFilter.java +++ b/coolstore-partner-web/src/main/java/com/cool/store/config/SignValidateFilter.java @@ -101,44 +101,44 @@ public class SignValidateFilter implements Filter { String userStr = ""; boolean isInWhiteList = excludePath(uri); log.info("url:{}, method:{}", uri, method); - if ( !isInWhiteList && !method.equals("OPTIONS")) { - String params = ""; - if("GET".equalsIgnoreCase(method)){ - params = request.getQueryString(); - }else if("POST".equalsIgnoreCase(method)){ - params = wrapper.getBody(); - } - log.info("params:{}", params); - String sign = request.getHeader("SIGN"); - String nonce = request.getHeader("NONCE"); - String timestamp = request.getHeader("TIMESTAMP"); - String aesPhone = request.getHeader("PHONE"); - String openid = request.getHeader("OPENID"); - if(StringUtils.isAnyBlank(sign, nonce, timestamp, aesPhone, openid)){ - throw new ServiceException(ErrorCodeEnum.SIGN_FAIL); - } - log.info("aesPhone:{}, signKey:{}", aesPhone, signKey); - String phone = AESDecryptor.decrypt(aesPhone, signKey); - String plaintextOpenid = AESDecryptor.decrypt(openid, signKey); - String md5Value = phone + Md5Utils.md5(Md5Utils.md5(plaintextOpenid)); - log.info("sign:{}, nonce:{}, timestamp:{},aesPhone:{}, openid:{}, 解密后的手机号:{}, md5Value:{}, 明文plaintextOpenid:{}", - sign, nonce, timestamp, aesPhone, openid, phone, md5Value, plaintextOpenid); - String signStr = timestamp + nonce + params + signKey + md5Value; - String newSign = Sha1Utils.getSha1(signStr.getBytes()); - log.info("signStr: {}, newSign: {}", signStr, newSign); - // 前后端验签不等 - if (!newSign.equals(sign)) { - response.setStatus(HttpStatus.OK.value()); - response.setContentType("application/json;charset=UTF-8"); - response.getWriter().write(JSON.toJSONString(ResponseResult.fail(ErrorCodeEnum.SIGN_FAIL))); - return; - } - PartnerUserInfoVO partnerUserInfoVO = wechatMiniAppService.getUserInfo(phone, plaintextOpenid); - if(partnerUserInfoVO != null){ - userStr = JSONObject.toJSONString(partnerUserInfoVO); - log.info("userStr:{}", userStr); - } - } +// if ( !isInWhiteList && !method.equals("OPTIONS")) { +// String params = ""; +// if("GET".equalsIgnoreCase(method)){ +// params = request.getQueryString(); +// }else if("POST".equalsIgnoreCase(method)){ +// params = wrapper.getBody(); +// } +// log.info("params:{}", params); +// String sign = request.getHeader("SIGN"); +// String nonce = request.getHeader("NONCE"); +// String timestamp = request.getHeader("TIMESTAMP"); +// String aesPhone = request.getHeader("PHONE"); +// String openid = request.getHeader("OPENID"); +// if(StringUtils.isAnyBlank(sign, nonce, timestamp, aesPhone, openid)){ +// throw new ServiceException(ErrorCodeEnum.SIGN_FAIL); +// } +// log.info("aesPhone:{}, signKey:{}", aesPhone, signKey); +// String phone = AESDecryptor.decrypt(aesPhone, signKey); +// String plaintextOpenid = AESDecryptor.decrypt(openid, signKey); +// String md5Value = phone + Md5Utils.md5(Md5Utils.md5(plaintextOpenid)); +// log.info("sign:{}, nonce:{}, timestamp:{},aesPhone:{}, openid:{}, 解密后的手机号:{}, md5Value:{}, 明文plaintextOpenid:{}", +// sign, nonce, timestamp, aesPhone, openid, phone, md5Value, plaintextOpenid); +// String signStr = timestamp + nonce + params + signKey + md5Value; +// String newSign = Sha1Utils.getSha1(signStr.getBytes()); +// log.info("signStr: {}, newSign: {}", signStr, newSign); +// // 前后端验签不等 +// if (!newSign.equals(sign)) { +// response.setStatus(HttpStatus.OK.value()); +// response.setContentType("application/json;charset=UTF-8"); +// response.getWriter().write(JSON.toJSONString(ResponseResult.fail(ErrorCodeEnum.SIGN_FAIL))); +// return; +// } +// PartnerUserInfoVO partnerUserInfoVO = wechatMiniAppService.getUserInfo(phone, plaintextOpenid); +// if(partnerUserInfoVO != null){ +// userStr = JSONObject.toJSONString(partnerUserInfoVO); +// log.info("userStr:{}", userStr); +// } +// } try { PartnerUserHolder.setUser(userStr); filterChain.doFilter(servletRequest, servletResponse);