преди 1 година · 4ab9ae9284
--- a/src/main/java/com/smcic/api/admin/aspect/AclAspect.java
+++ b/src/main/java/com/smcic/api/admin/aspect/AclAspect.java
@@ -13,6 +13,8 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 
				 
			
 
				 import javax.annotation.Resource;
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				+import java.util.Arrays;
			
 
				+import java.util.List;
			
 
				 
			
 
				 @Aspect
			
 
				 @Component
			
@@ -30,10 +32,11 @@ public class AclAspect {
 
				         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
			
 
				         String path = request.getServletPath();
			
 
				 
			
 
				-        if (path.contains("login") || path.contains("check")) {
			
 
				+        List<String> allowPath = Arrays.asList("/login","/check", "/admin/leaders/upload");
			
 
				+        String prefix = path.substring(0, path.replaceAll("\\/\\d+$", "").lastIndexOf("/"));
			
 
				+        if (allowPath.contains(path)) {
			
 
				             return;
			
 
				         }
			
 
				-        String prefix = path.substring(0, path.replaceAll("\\/\\d+$", "").lastIndexOf("/"));
			
 
				 
			
 
				         if(HttpContextUtil.getToken().isPresent() && !roleAclModuleService.getCurrAllowPath().contains(prefix)){
			
 
				             throw new APIException("没有权限");
			
--- a/src/main/java/com/smcic/api/admin/controller/UsersController.java
+++ b/src/main/java/com/smcic/api/admin/controller/UsersController.java
@@ -50,7 +50,7 @@ public class UsersController {
 
				         usersService.modify(users);
			
 
				     }
			
 
				 
			
 
				-    @PostMapping("/pwd/reset")
			
 
				+    @PostMapping("/pwd-reset")
			
 
				     @LoginRequired
			
 
				     public void pwdReset(@RequestBody PwdResetDTO pwdResetDTO){
			
 
				         usersService.resetPwd(pwdResetDTO);
			
--- a/src/test/java/neican.http
+++ b/src/test/java/neican.http
@@ -257,6 +257,33 @@ Authorization: {{token}}
 
				   "pageSize": 10
			
 
				 }
			
 
				 
			
 
				+### 客户修改
			
 
				+POST {{ip}}/admin/custom/update
			
 
				+Content-Type: application/json
			
 
				+Authorization: {{token}}
			
 
				+
			
 
				+{
			
 
				+        "userId": 2,
			
 
				+        "regionId": 100,
			
 
				+        "organId": 1,
			
 
				+        "name": "姓名xx",
			
 
				+        "phone": "18439106376",
			
 
				+        "info": "简介",
			
 
				+        "photo": "https://cxzx.smcic.net/neican/img/leader/20231225115031/985358431-天气-雷电天气.png",
			
 
				+        "position": "1",
			
 
				+        "resume": "3",
			
 
				+        "level": "2",
			
 
				+        "roleId": 3
			
 
				+      }
			
 
				+
			
 
				+### 客户删除
			
 
				+DELETE {{ip}}/admin/custom/delete/2
			
 
				+Authorization: {{token}}
			
 
				+
			
 
				+### 客户重置密码
			
 
				+POST {{ip}}/admin/custom/pwd-reset
			
 
				+
			
 
				+
			
 
				 ### 领导管理,头像上传
			
 
				 POST {{ip}}/admin/leaders/upload
			
 
				 Content-Type: multipart/form-data; boundary=WebAppBoundary