10 лет назад · 6b479d5e70
--- a/src/main/java/com/uas/platform/b2b/filter/SecurityInterceptor.java
+++ b/src/main/java/com/uas/platform/b2b/filter/SecurityInterceptor.java
@@ -70,7 +70,6 @@ public class SecurityInterceptor extends AbstractSecurityInterceptor implements
 
				 

			
 
				 	private final static String tokenParam = "access_token";

			
 
				 	private final static String typeParam = "client_type";

			
 
				-	private final static String enParam = "en_uu";

			
 
				 

			
 
				 	@Autowired

			
 
				 	@Qualifier("org.springframework.security.authenticationManager")

			
@@ -314,23 +313,25 @@ public class SecurityInterceptor extends AbstractSecurityInterceptor implements
 
				 				user = (User) sUser;

			
 
				 			}

			
 
				 			String type = request.getParameter(typeParam);

			
 
				-			String enUU = request.getParameter(enParam);

			
 
				-			if ("manage".equals(type) && enUU != null) {

			
 
				-				if (user != null && UserCreater.isVirtual(user) && enUU.equals(String.valueOf(user.getEnterprise().getUu())))

			
 
				+			if ("manage".equals(type)) {

			
 
				+				if (user != null && UserCreater.isVirtual(user))

			
 
				 					return;

			
 
				-				Enterprise enterprise = enterpriseService.findById(Long.parseLong(enUU));

			
 
				-				if (enterprise != null) {

			
 
				-					Map<String, Object> data = accessTokenService.validFormManage(token);

			
 
				-					List<Role> roles = roleService.findByEnterprise(enterprise.getUu());

			
 
				-					// 虚拟用户

			
 
				-					user = UserCreater.createVirtual(String.valueOf(data.get("user")), enterprise, roles);

			
 
				-					user.setIp(AgentUtils.getIp(request));

			
 
				-					Collection<GrantedAuthority> array = getGrantedAuthorities(user);

			
 
				-					TrustedAuthenticationToken authenticate = new TrustedAuthenticationToken(user.getUserUU(), array);

			
 
				-					SecurityContextHolder.getContext().setAuthentication(authenticate);

			
 
				-					request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,

			
 
				-							SecurityContextHolder.getContext());

			
 
				-					request.getSession().setAttribute("user", user);

			
 
				+				Map<String, Object> data = accessTokenService.validFormManage(token);

			
 
				+				if (data.containsKey("user") && data.containsKey("bind")) {

			
 
				+					long enUU = Long.parseLong(data.get("bind").toString());

			
 
				+					Enterprise enterprise = enterpriseService.findById(enUU);

			
 
				+					if (enterprise != null) {

			
 
				+						List<Role> roles = roleService.findByEnterprise(enUU);

			
 
				+						// 虚拟用户

			
 
				+						user = UserCreater.createVirtual(String.valueOf(data.get("user")), enterprise, roles);

			
 
				+						user.setIp(AgentUtils.getIp(request));

			
 
				+						Collection<GrantedAuthority> array = getGrantedAuthorities(user);

			
 
				+						TrustedAuthenticationToken authenticate = new TrustedAuthenticationToken(user.getUserUU(), array);

			
 
				+						SecurityContextHolder.getContext().setAuthentication(authenticate);

			
 
				+						request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,

			
 
				+								SecurityContextHolder.getContext());

			
 
				+						request.getSession().setAttribute("user", user);

			
 
				+					}

			
 
				 				}

			
 
				 			}

			
 
				 		}