hai 1 ano · 8f05702509
--- a/ibps-basis-root/modules/basis-zuul/src/main/java/com/lc/ibps/cloud/gateway/filter/SignFilter.java
+++ b/ibps-basis-root/modules/basis-zuul/src/main/java/com/lc/ibps/cloud/gateway/filter/SignFilter.java
@@ -70,6 +70,7 @@ public class SignFilter extends ZuulFilter {
 
				     @Override
			
 
				     public Object run() {
			
 
				 
			
 
				+
			
 
				         // 获取到request
			
 
				         RequestContext ctx = RequestContext.getCurrentContext();
			
 
				         HttpServletRequest request = ctx.getRequest();
			
@@ -93,10 +94,35 @@ public class SignFilter extends ZuulFilter {
 
				 
			
 
				             // get方法和post、put方法处理方式不同
			
 
				             if ("GET".equals(method)) {
			
 
				-
			
 
				+                boolean flag = false;
			
 
				+                String ua= request.getHeader("device");
			
 
				+                if ("mobile".equalsIgnoreCase(ua)) {
			
 
				+                    flag = true;
			
 
				+                }
			
 
				+                Enumeration paramNames = request.getParameterNames();
			
 
				+                if(flag  && paramNames != null ){
			
 
				+                    while(paramNames.hasMoreElements()){
			
 
				+                        String paramName = (String) paramNames.nextElement();
			
 
				+                        if(!paramName.equals("_t") && !paramName.equals("_p")){
			
 
				+                            ctx.setSendZuulResponse(false);
			
 
				+                            ctx.setResponseStatusCode(401);
			
 
				+
			
 
				+                            APIResult<Void> result = new APIResult<Void>();
			
 
				+                            result.setState(StateEnum.ILLEGAL_REQUEST.getCode());
			
 
				+                            result.setCause("Illegal request parameter!");
			
 
				+                            ctx.getResponse().setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
			
 
				+                            ctx.setResponseBody(result.toString());
			
 
				+                            ctx.set("isSuccess", false);
			
 
				+                            return null;
			
 
				+                        }
			
 
				+                    }
			
 
				+                }
			
 
				                 // 获取请求参数name
			
 
				                 name = request.getParameter("_p");
			
 
				 
			
 
				+
			
 
				+
			
 
				+
			
 
				                 if (name != null) {
			
 
				                     // 关键步骤，一定要get一下,下面才能取到值requestQueryParams
			
 
				                     request.getParameterMap();
			
--- a/ibps-provider-root/modules/provider-platform-default/src/main/java/com/lc/ibps/common/provider/NewsProvider.java
+++ b/ibps-provider-root/modules/provider-platform-default/src/main/java/com/lc/ibps/common/provider/NewsProvider.java
@@ -4,6 +4,7 @@ import java.util.List;
 
				 
			
 
				 import javax.annotation.Resource;
			
 
				 
			
 
				+import org.apache.commons.lang3.StringUtils;
			
 
				 import org.springframework.stereotype.Service;
			
 
				 import org.springframework.web.bind.annotation.RequestBody;
			
 
				 import org.springframework.web.bind.annotation.RequestParam;
			
@@ -122,6 +123,16 @@ public class NewsProvider extends GenericProvider implements INewsService, INews
 
				 			@RequestBody(required = true) NewsPo newsPo) {
			
 
				 		APIResult<Void> result = new APIResult<>();
			
 
				 		try {
			
 
				+
			
 
				+			if(StringUtils.isNotEmpty(newsPo.getId())){
			
 
				+				APIResult<NewsPo> newsPoAPIResult = get(newsPo.getId());
			
 
				+				NewsPo data = newsPoAPIResult.getData();
			
 
				+				if(data != null){
			
 
				+					if(!data.getUserId().equalsIgnoreCase(ContextUtil.getCurrentUserId())){
			
 
				+						throw new Exception("不能修改其他人的公告！");
			
 
				+					}
			
 
				+				}
			
 
				+			}
			
 
				 			//构造领域对象和保存数据
			
 
				 			News news = newsRepository.newInstance(newsPo);
			
 
				 			news.save();