代码修改

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/dao/common/BaseLoginLogDao.java

@@ -0,0 +1,21 @@
package com.yihu.jw.care.dao.common;
import com.yihu.jw.entity.base.login.BaseLoginLogDO;
import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.PagingAndSortingRepository;
import java.util.List;
public interface BaseLoginLogDao extends PagingAndSortingRepository<BaseLoginLogDO, String>, JpaSpecificationExecutor<BaseLoginLogDO> {
    @Query("from BaseLoginLogDO l where l.openid=?1 order by l.createTime desc")
    List<BaseLoginLogDO> findByOpenId(String openid);
    @Query("from BaseLoginLogDO l where l.userId=?1 order by l.createTime desc")
    List<BaseLoginLogDO> findByUserId(String openid);
    @Query(value = "SELECT a.* from base_login_log a WHERE a.token=?1 ORDER BY a.create_time desc LIMIT 1",nativeQuery = true)
    BaseLoginLogDO findByToken(String token);
}

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/endpoint/apply/PatientBedApplyEndPoint.java

@@ -3,6 +3,7 @@ package com.yihu.jw.care.endpoint.apply;
import com.alibaba.fastjson.JSONObject;
import com.yihu.jw.care.aop.ObserverRequired;
import com.yihu.jw.care.service.apply.PatientBedApplyService;
import com.yihu.jw.care.service.common.PermissionService;
import com.yihu.jw.restmodel.ResponseContant;
import com.yihu.jw.restmodel.web.ListEnvelop;
import com.yihu.jw.restmodel.web.ObjEnvelop;
@@ -23,6 +24,8 @@ public class PatientBedApplyEndPoint extends EnvelopRestEndpoint {
    @Autowired
    private PatientBedApplyService patientBedApplyService;
    @Autowired
    private PermissionService permissionService;
    @PostMapping("/apply")
    @ApiOperation("居民申请机构床位")
@@ -47,6 +50,11 @@ public class PatientBedApplyEndPoint extends EnvelopRestEndpoint {
    public ListEnvelop getApplyList(@ApiParam(name = "doctor", value = "doctor", required = true)
                                    @RequestParam(value = "doctor") String doctor) {
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ListEnvelop.getError("该操作没有权限");
            }
            return ListEnvelop.getSuccess("查询成功", patientBedApplyService.getApplyList(doctor));
        } catch (Exception e) {
            return failedListEnvelopException2(e);

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/endpoint/assistance/EmergencyAssistanceEndpoint.java

@@ -4,6 +4,7 @@ import com.alibaba.fastjson.JSONObject;
import com.yihu.jw.care.aop.ObserverRequired;
import com.yihu.jw.care.aop.ServicesAuth;
import com.yihu.jw.care.service.assistance.EmergencyAssistanceService;
import com.yihu.jw.care.service.common.PermissionService;
import com.yihu.jw.care.service.security.SecurityMonitoringOrderService;
import com.yihu.jw.restmodel.ResponseContant;
import com.yihu.jw.restmodel.web.ListEnvelop;
@@ -28,6 +29,8 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
    private EmergencyAssistanceService assistanceService;
    @Autowired
    private SecurityMonitoringOrderService securityMonitoringOrderService;
    @Autowired
    private PermissionService permissionService;
    @PostMapping(value = "newOrder")
    @ApiOperation(value = "居民发起新的紧急救助")
@@ -59,6 +62,11 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
                                     @RequestParam(value = "doctor") String doctor
    ){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            JSONObject result = assistanceService.doctorGetOrderDetail(orderId,doctor);
            if (result.getIntValue(ResponseContant.resultFlag) == ResponseContant.fail) {
                return ObjEnvelop.getError(result.getString(ResponseContant.resultMsg));
@@ -102,6 +110,13 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
            if (StringUtils.isNotBlank(patient)&&StringUtils.isNotBlank(doctor)){
                return ObjEnvelop.getError("请求参数错误");
            }
            if(StringUtils.isNotBlank(doctor)){
                JSONObject param = new JSONObject();
                param.put("doctorId",doctor);
                if(permissionService.noPermission(1,param)){
                    return ObjEnvelop.getError("该操作没有权限");
                }
            }
            JSONObject result = assistanceService.getTabStatusCounts(patient,doctor);
            if (result.getIntValue(ResponseContant.resultFlag) == ResponseContant.fail) {
                return ObjEnvelop.getError(result.getString(ResponseContant.resultMsg));
@@ -147,6 +162,13 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
            if (StringUtils.isBlank(patientId)&&StringUtils.isBlank(doctor)){
                return ListEnvelop.getError("请求参数错误");
            }
            if(StringUtils.isNotBlank(doctor)){
                JSONObject param = new JSONObject();
                param.put("doctorId",doctor);
                if(permissionService.noPermission(1,param)){
                    return ListEnvelop.getError("该操作没有权限");
                }
            }
            return ListEnvelop.getSuccess( "查询成功",assistanceService.getOrderList(patientId,patientName,doctor,status,page,pageSize,"desc"));
        }catch (Exception e){
            return failedListEnvelopException2(e);
@@ -169,6 +191,13 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
            if (StringUtils.isBlank(patientId)&&StringUtils.isBlank(doctor)){
                return ListEnvelop.getError("请求参数错误");
            }
            if(StringUtils.isNotBlank(doctor)){
                JSONObject param = new JSONObject();
                param.put("doctorId",doctor);
                if(permissionService.noPermission(1,param)){
                    return ListEnvelop.getError("该操作没有权限");
                }
            }
            return ListEnvelop.getSuccess( "查询成功",assistanceService.doctorGetOrderList(patientId,doctor,"1",page,pageSize,"asc"));
        }catch (Exception e){
            return failedListEnvelopException2(e);
@@ -207,7 +236,8 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
                                       @ApiParam(value = "服务小结", name = "conclusion_img")
                                       @RequestParam(value = "conclusion_img", required = false) String conclusion_img){
        try {
            JSONObject result = assistanceService.updateConclusion(emergency_reason,treatment_status, orderId,conclusion,conclusion_img,getUID());
            String uid = permissionService.getUID();
            JSONObject result = assistanceService.updateConclusion(emergency_reason,treatment_status, orderId,conclusion,conclusion_img,uid);
            if (result.getIntValue(ResponseContant.resultFlag) == ResponseContant.fail) {
                return ObjEnvelop.getError(result.getString(ResponseContant.resultMsg));
            }
@@ -231,6 +261,11 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
                                       @ApiParam(name="doctorLon",value = "医生当前定位经度")
                                       @RequestParam(value = "doctorLon") String doctorLon){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            JSONObject result = assistanceService.updateDoctorLocation(doctor,orderId,doctorAddress,doctorLat,doctorLon);
            if (result.getIntValue(ResponseContant.resultFlag) == ResponseContant.fail) {
                return ObjEnvelop.getError(result.getString(ResponseContant.resultMsg));
@@ -293,6 +328,11 @@ public class EmergencyAssistanceEndpoint extends EnvelopRestEndpoint {
            @ApiParam(value = "doctor", name = "doctor")
            @RequestParam(value = "doctor", required = false) String doctor) {
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            JSONObject result = assistanceService.responseOrder(orderId, doctor);
            if (result.getIntValue("resultFlag") == 0) {
                return ObjEnvelop.getError(result.getString("resultMsg"));

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/endpoint/doctor/DoctorBirthdayWishesEndpoint.java

@@ -5,11 +5,15 @@ import com.alibaba.fastjson.serializer.SerializerFeature;
import com.yihu.jw.care.aop.ObserverRequired;
import com.yihu.jw.care.endpoint.BaseController;
import com.yihu.jw.care.service.birthday.BirthdayWishesService;
import com.yihu.jw.care.service.common.PermissionService;
import com.yihu.jw.care.util.MessageUtil;
import com.yihu.jw.entity.base.doctor.BaseDoctorDO;
import com.yihu.jw.entity.care.birthday.BirthDayWishesToPatient;
import com.yihu.jw.entity.care.birthday.BirthdayWishesTemplate;
import com.yihu.jw.entity.hospital.message.SystemMessageDO;
import com.yihu.jw.hospital.message.dao.SystemMessageDao;
import com.yihu.jw.im.util.ImUtil;
import com.yihu.jw.restmodel.web.ObjEnvelop;
import com.yihu.jw.util.date.DateUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
@@ -50,6 +54,8 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
    private SystemMessageDao systemMessageDao;
    @Autowired
    private ImUtil imUtil;
    @Autowired
    private PermissionService permissionService;
    @RequestMapping(value = "/createTemplate", method = RequestMethod.POST)
    @ApiOperation(value = "创建模板")
@@ -63,7 +69,8 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
                                 @ApiParam(name = "isDefault", value = "是否是默认模板")
                                 @RequestParam(required = false) Integer isDefault) {
        try {
            return write(200, "更新成功！", "data", birthdayWishesService.create(getUID(), content, applicableRange, id, isDefault));
            String uid = permissionService.getUID();
            return write(200, "更新成功！", "data", birthdayWishesService.create(uid, content, applicableRange, id, isDefault));
        } catch (Exception e) {
            return errorResult(e);
        }
@@ -75,7 +82,12 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
                                      @RequestParam(required = false) String doctor) {
        try {
            if(StringUtils.isBlank(doctor)){
                doctor = getUID();
                doctor = permissionService.getUID();
            }
            com.alibaba.fastjson.JSONObject param = new com.alibaba.fastjson.JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return error(-1,"该操作没有权限");
            }
            return write(200, "查询成功！", "data", birthdayWishesService.getTemplateByDoctor(doctor));
        } catch (Exception e) {
@@ -88,7 +100,13 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
    public String getTemplateById(@ApiParam(name = "id", value = "模板id")
                                  @RequestParam(required = true) Long id) {
        try {
            return write(200, "查询成功！", "data", birthdayWishesService.getTemplateById(id));
            String isAdmin = permissionService.isAdmin();
            BirthdayWishesTemplate template = birthdayWishesService.getTemplateById(id);
            if(!"0".equals(isAdmin)&& org.apache.commons.lang.StringUtils.isNotBlank(template.getCreateUser())&&!isAdmin.equals(template.getCreateUser())){
                return error(-1,"没有权限");
            }
            return write(200, "查询成功！", "data", template);
        } catch (Exception e) {
            return errorResult(e);
        }
@@ -100,6 +118,12 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
    public String deleteTemplateById(@ApiParam(name = "id", value = "模板id")
                                     @RequestParam(required = true) Long id) {
        try {
            String isAdmin = permissionService.isAdmin();
            BirthdayWishesTemplate template = birthdayWishesService.getTemplateById(id);
            if(!"0".equals(isAdmin)&&!isAdmin.equals(template.getCreateUser())){
                return error(-1,"没有权限");
            }
            birthdayWishesService.deleteTemplateById(id);
            return write(200, "删除成功！");
        } catch (Exception e) {
@@ -114,7 +138,16 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
            @ApiParam(name = "id", value = "模板ID",required = true)
            @RequestParam Long id) {
        try {
            return write(200, "设置成功！", "data", birthdayWishesService.setDefalutTemplateById(getUID(), id));
            String isAdmin = permissionService.isAdmin();
            BirthdayWishesTemplate template = birthdayWishesService.getTemplateById(id);
            if(!"0".equals(isAdmin)&&!isAdmin.equals(template.getCreateUser())){
                return error(-1,"没有权限");
            }
            String uid = permissionService.getUID();
            return write(200, "设置成功！", "data", birthdayWishesService.setDefalutTemplateById(uid, template));
        } catch (Exception e) {
            return errorResult(e);
        }
@@ -124,7 +157,8 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
    @RequestMapping(value = "getPatientByDoctor", method = RequestMethod.GET)
    public String getPatientByDoctor(){
        try {
            return write(200, "查询成功", "data", birthdayWishesService.getPatientByDoctor(getUID()));
            String uid = permissionService.getUID();
            return write(200, "查询成功", "data", birthdayWishesService.getPatientByDoctor(uid));
        } catch (Exception e) {
            return errorResult(e);
        }
@@ -134,7 +168,8 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
    @RequestMapping(value = "getPatientByDoctorCount", method = RequestMethod.GET)
    public String getPatientByDoctorCount(){
        try {
            return write(200, "查询成功", "data", birthdayWishesService.getPatientByDoctorCount(getUID()));
            String uid = permissionService.getUID();
            return write(200, "查询成功", "data", birthdayWishesService.getPatientByDoctorCount(uid));
        } catch (Exception e) {
            return errorResult(e);
        }
@@ -167,7 +202,8 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
                                         @ApiParam(name = "pageSize", value = "页面大小")
                                         @RequestParam Integer pageSize){
        try {
            return write(200, "查询成功", "data", birthdayWishesService.getBirthdayPatientList(getUID(), patientName, signYear, startDate, endDate, status, currentUserRole, currentUserRoleLevel, roleType, page, pageSize, teamId, isLeader));
            String uid = permissionService.getUID();
            return write(200, "查询成功", "data", birthdayWishesService.getBirthdayPatientList(uid, patientName, signYear, startDate, endDate, status, currentUserRole, currentUserRoleLevel, roleType, page, pageSize, teamId, isLeader));
        } catch (Exception e) {
            return errorResult(e);
        }
@@ -199,10 +235,10 @@ public class DoctorBirthdayWishesEndpoint extends BaseController {
            if(StringUtils.isEmpty(currentUserRoleLevel)){
                currentUserRoleLevel = getCurrentRoleLevel();
            }
            String uid = permissionService.getUID();
            JSONObject json = new JSONObject();
            json.put("patient", patient);
            json.put("doctorCode", getUID());
            json.put("doctorCode", uid);
            json.put("sendType", 1);
            json.put("birthday", dateString);
            json.put("currentUserRole", currentUserRole);

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/endpoint/doctor/DoctorEndpoint.java

@@ -2,6 +2,7 @@ package com.yihu.jw.care.endpoint.doctor;
import com.alibaba.fastjson.JSONObject;
import com.yihu.jw.care.aop.ObserverRequired;
import com.yihu.jw.care.service.common.PermissionService;
import com.yihu.jw.care.service.consult.ConsultTeamService;
import com.yihu.jw.care.service.doctor.CareDoctorService;
import com.yihu.jw.care.service.doctor.DoctorServicePermissionsService;
@@ -17,8 +18,10 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.Map;
@@ -42,6 +45,9 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
    private EntranceUtil entranceUtil;
    @Autowired
    private DoctorServicePermissionsService doctorServicePermissionsService;
    @Autowired
    private PermissionService permissionService;
    @PostMapping(value = "updOnline")
    @ApiOperation(value = "更新在线状态")
@@ -52,6 +58,12 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
                             @RequestParam(value = "online", required = true)String online){
        try{
            JSONObject param = new JSONObject();
            param.put("doctorId",doctorId);
            if(permissionService.noPermission(1,param)){
                return Envelop.getError("该操作没有权限");
            }
            doctorService.updOnline(doctorId,online);
            return success("成功");
        }catch (Exception e){
@@ -85,6 +97,12 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @ApiParam(name = "isRole", value = "是否返回角色（1是 0否）", required = false)
            @RequestParam(value = "isRole",required = false) String isRole){
        try{
            JSONObject param = new JSONObject();
            param.put("doctorId",doctorId);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorService.doctorInfo(doctorId,isRole));
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -97,6 +115,12 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @ApiParam(name = "doctorId", value = "医生id", required = true)
            @RequestParam(value = "doctorId",required = true) String doctorId) {
        try{
            JSONObject param = new JSONObject();
            param.put("doctorId",doctorId);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorServicePermissionsService.findByDoctor(doctorId));
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -109,6 +133,11 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @ApiParam(name = "doctorId", value = "医生id", required = true)
            @RequestParam(value = "doctorId",required = true) String doctorId){
        try{
            JSONObject param = new JSONObject();
            param.put("doctorId",doctorId);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",capacityAssessmentRecordService.getPatientNum(doctorId));
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -123,6 +152,13 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @RequestParam(value = "baseDoctorVo") String baseDoctorVo){
        try {
            JSONObject jsonObject = JSONObject.parseObject(baseDoctorVo);
            JSONObject param = new JSONObject();
            param.put("doctorId",jsonObject.get("doctorId").toString());
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            Boolean update = doctorService.update(jsonObject);
            if (!update){
                return failed("保存失败，参数不可为空");
@@ -144,7 +180,11 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @RequestParam(value = "orgType",defaultValue = "1,2") String orgType
    ){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctorId);
            if(permissionService.noPermission(1,param)){
                return ListEnvelop.getError("该操作没有权限");
            }
            return ListEnvelop.getSuccess("查询成功", doctorService.getOrgList(doctorId,orgType));
        }catch (Exception e){
            return failedListEnvelopException2(e);
@@ -205,6 +245,12 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @RequestParam(value = "size") int size
    ){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return PageEnvelop.getError("该操作没有权限");
            }
            return doctorService.getTeacherChildren(doctor,searchType,name,page,size);
        }catch (Exception e){
            return failedPageEnvelopException2(e);
@@ -217,6 +263,11 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @ApiParam(name = "doctor", value = "doctor")
            @RequestParam(value = "doctor",required = true) String doctor){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorService.getTeacherChildrenCount(doctor));
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -230,6 +281,11 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
//            ,@ApiParam(name = "type", value = "type", defaultValue = "0") @RequestParam(value = "type",required = false) Integer type
    ){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorService.getNotificationCount(doctor));//,type
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -249,6 +305,9 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
                                      @ApiParam(name = "size")
                                      @RequestParam(value = "size",required = true)Integer size){
        try {
            if(permissionService.noPermission(0,null)){
                return PageEnvelop.getError("该操作没有权限");
            }
            return doctorService.getArchiveList(type, signStatus,name,page, size);
        }catch (Exception e){
            return failedPageEnvelopException2(e);
@@ -259,6 +318,9 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
    @ApiOperation(value = "管理员获取居民tab数量")
    public ObjEnvelop getArchiveNum(){
        try {
            if(permissionService.noPermission(0,null)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorService.getArchiveNum()) ;
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -269,6 +331,11 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
    @ApiOperation(value = "首页养老服务数量获取")
    public ObjEnvelop baseInfoCount(@ApiParam(name="doctor")@RequestParam(value = "doctor")String doctor){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorService.baseInfoCount(doctor)) ;
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -303,6 +370,11 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
    @ApiOperation(value = "首页养老服务数量获取")
    public ObjEnvelop baseHelperInfoCount(@ApiParam(name="doctor")@RequestParam(value = "doctor")String doctor){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorService.baseHelperInfoCount(doctor)) ;
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -315,6 +387,11 @@ public class DoctorEndpoint extends EnvelopRestEndpoint {
            @ApiParam(name = "doctorId", value = "医生id", required = true)
            @RequestParam(value = "doctorId",required = true) String doctorId){
        try{
            JSONObject param = new JSONObject();
            param.put("doctorId",doctorId);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",capacityAssessmentRecordService.getHelperPatientNum(doctorId));
        }catch (Exception e){
            return failedObjEnvelopException2(e);

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/endpoint/doctor/DoctorToDoWorkEndpoint.java

@@ -1,5 +1,7 @@
package com.yihu.jw.care.endpoint.doctor;
import com.alibaba.fastjson.JSONObject;
import com.yihu.jw.care.service.common.PermissionService;
import com.yihu.jw.care.service.message.DoctorMessageService;
import com.yihu.jw.restmodel.web.ObjEnvelop;
import com.yihu.jw.restmodel.web.PageEnvelop;
@@ -26,6 +28,8 @@ public class DoctorToDoWorkEndpoint extends EnvelopRestEndpoint {
    @Autowired
    private DoctorMessageService doctorMessageService;
    @Autowired
    private PermissionService permissionService;
    @GetMapping(value = "todowork")
    @ApiOperation("待办工作")
@@ -36,6 +40,11 @@ public class DoctorToDoWorkEndpoint extends EnvelopRestEndpoint {
                               @ApiParam(name = "doctor", value = "doctor")
                               @RequestParam(value = "doctor", required = true) String doctor){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorMessageService.getPreventLost(doctor,id,serviceSype));
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -47,6 +56,11 @@ public class DoctorToDoWorkEndpoint extends EnvelopRestEndpoint {
    public ObjEnvelop  todoworkTotal(@ApiParam(name = "doctor", value = "doctor")
                                         @RequestParam(value = "doctor", required = true) String doctor){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorMessageService.todoworkTotal(doctor));
        }catch (Exception e){
            return failedObjEnvelopException2(e);
@@ -79,6 +93,11 @@ public class DoctorToDoWorkEndpoint extends EnvelopRestEndpoint {
                               @ApiParam(name = "doctor", value = "doctor")
                               @RequestParam(value = "doctor", required = true) String doctor){
        try {
            JSONObject param = new JSONObject();
            param.put("doctorId",doctor);
            if(permissionService.noPermission(1,param)){
                return ObjEnvelop.getError("该操作没有权限");
            }
            return ObjEnvelop.getSuccess("查询成功",doctorMessageService.getHelperPreventLost(doctor,id,serviceSype));
        }catch (Exception e){
            return failedObjEnvelopException2(e);

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/service/assistance/EmergencyAssistanceService.java

@@ -14,6 +14,7 @@ import com.yihu.jw.care.dao.security.EmergencyWarnDoctorResponseDao;
import com.yihu.jw.care.dao.sign.ServicePackageSignRecordDao;
import com.yihu.jw.care.dao.team.BaseTeamMemberDao;
import com.yihu.jw.care.service.common.DictService;
import com.yihu.jw.care.service.common.PermissionService;
import com.yihu.jw.care.service.consult.ConsultTeamService;
import com.yihu.jw.care.service.contacts.ContactsService;
import com.yihu.jw.care.service.device.PatientDeviceService;
@@ -131,6 +132,8 @@ public class EmergencyAssistanceService extends BaseJpaService<EmergencyAssistan
    private BaseOrgDao orgDao;
    @Autowired
    private DeviceDetailDao deviceDetailDao;
    @Autowired
    private PermissionService permissionService;
    /**
     * 获取百度天气
@@ -621,6 +624,13 @@ public class EmergencyAssistanceService extends BaseJpaService<EmergencyAssistan
            result.put(ResponseContant.resultMsg,failMsg);
            return result;
        }
        String orgCode = permissionService.getDoctorOrg(doctor);
        if (!orgCode.equals(assistanceDO.getOrgCode())){
            String failMsg = "该操作无权限";
            result.put(ResponseContant.resultFlag, ResponseContant.fail);
            result.put(ResponseContant.resultMsg,failMsg);
            return result;
        }
        return getOrderDetail(orderID,doctor);
    }
@@ -891,6 +901,12 @@ public class EmergencyAssistanceService extends BaseJpaService<EmergencyAssistan
            result.put(ResponseContant.resultMsg,failMsg);
            return result;
        }
        if(!doctor.equals(assistanceDO.getDoctor())){
            String failMsg = "该操作没有权限";
            result.put(ResponseContant.resultFlag, ResponseContant.fail);
            result.put(ResponseContant.resultMsg,failMsg);
            return result;
        }
        EmergencyWarnConclusionDO doorConclusion =  emergencyWarnConclusionDao.findByOrderId(orderId);
        BaseDoctorDO doctorDO = doctorDao.findById(doctor);
        if (doctorDO==null){
@@ -1040,6 +1056,14 @@ public class EmergencyAssistanceService extends BaseJpaService<EmergencyAssistan
            result.put("resultMsg", failMsg);
            return result;
        }
        String orgCode = permissionService.getDoctorOrg(doctor);
        if(!orgCode.equals(one.getOrgCode())){
            String failMsg = "该操作没权限" ;
            result.put("resultFlag", 0);
            result.put("resultMsg", failMsg);
            return result;
        }
        if (emergencyWarnDoctorResponseDao.findByDoctorAndOrderId(doctor,orderId)==null){
            EmergencyWarnDoctorResponseDO responseDO = new EmergencyWarnDoctorResponseDO();
            responseDO.setOrderId(orderId);

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/service/birthday/BirthdayWishesService.java

@@ -2,6 +2,7 @@ package com.yihu.jw.care.service.birthday;
import com.yihu.jw.care.dao.birthday.BirthDayWishesToPatientDao;
import com.yihu.jw.care.dao.birthday.BirthdayWishesTemplateDao;
import com.yihu.jw.care.service.common.PermissionService;
import com.yihu.jw.doctor.dao.BaseDoctorDao;
import com.yihu.jw.doctor.dao.BaseDoctorHospitalDao;
import com.yihu.jw.entity.base.doctor.BaseDoctorDO;
@@ -10,6 +11,7 @@ import com.yihu.jw.entity.base.patient.BasePatientDO;
import com.yihu.jw.entity.care.birthday.BirthDayWishesToPatient;
import com.yihu.jw.entity.care.birthday.BirthdayWishesTemplate;
import com.yihu.jw.patient.dao.BasePatientDao;
import com.yihu.jw.restmodel.web.Envelop;
import com.yihu.jw.util.common.IdCardUtil;
import com.yihu.jw.util.date.DateUtil;
import org.apache.commons.lang.StringUtils;
@@ -49,6 +51,8 @@ public class BirthdayWishesService {
    private BaseDoctorHospitalDao hospitalDao;
    @Autowired
    private RedisTemplate redisTemplate;
    @Autowired
    private PermissionService permissionService;
//    /**
//     * 发送到mq
@@ -77,12 +81,21 @@ public class BirthdayWishesService {
     * @param isDefault
     */
    public Long create(String doctor, String content, Integer applicableRange, Long id, Integer isDefault) {
        String isAdmin = permissionService.isAdmin();
        BaseDoctorDO doctorDO = doctorDao.findById(doctor);
        BirthdayWishesTemplate template = null;
        //判断是编辑还是创建
        if(id != null){
            template = bwTemplateDao.findOne(id);
            if(!"0".equals(isAdmin)&&StringUtils.isNotBlank(template.getCreateUser())&&!isAdmin.equals(template.getCreateUser())){
                return null;
            }
        }else {
            if(!"0".equals(isAdmin)&&!doctor.equals(isAdmin)){
                return null;
            }
            template = new BirthdayWishesTemplate();
            template.setCode(UUID.randomUUID().toString().replace("-",""));
            template.setType(2);
@@ -135,12 +148,11 @@ public class BirthdayWishesService {
     * 根据ID设置为默认模板
     *
     * @param doctor
     * @param id
     * @param template
     * @return
     */
    @Transactional
    public BirthdayWishesTemplate setDefalutTemplateById(String doctor, Long id) {
        BirthdayWishesTemplate template = bwTemplateDao.findOne(id);
    public BirthdayWishesTemplate setDefalutTemplateById(String doctor, BirthdayWishesTemplate template) {
        //先取消该医生自创的默认模板
        BirthdayWishesTemplate docTemplate = bwTemplateDao.findByCreateUserAndApplicableRangeAndIsDefault(doctor, template.getApplicableRange(), 1);
        if(docTemplate != null){
@@ -148,7 +160,7 @@ public class BirthdayWishesService {
        }
        //如果不是系统模板，就添加默认模板标识
        if(template.getType() != 1){
            bwTemplateDao.setDefalutTemplateById(id, 1);
            bwTemplateDao.setDefalutTemplateById(template.getId(), 1);
        }
        return template;
    }

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/service/common/PermissionService.java

@@ -0,0 +1,162 @@
package com.yihu.jw.care.service.common;
import com.alibaba.fastjson.JSONObject;
import com.yihu.jw.care.dao.common.BaseLoginLogDao;
import com.yihu.jw.care.dao.role.DoctorRoleDao;
import com.yihu.jw.care.endpoint.consult.PatientConsultEndpoint;
import com.yihu.jw.doctor.dao.BaseDoctorDao;
import com.yihu.jw.doctor.dao.BaseDoctorHospitalDao;
import com.yihu.jw.entity.base.doctor.BaseDoctorDO;
import com.yihu.jw.entity.base.doctor.BaseDoctorHospitalDO;
import com.yihu.jw.entity.base.login.BaseLoginLogDO;
import com.yihu.jw.entity.care.role.DoctorRole;
import com.yihu.jw.entity.hospital.consult.WlyyHospitalSysDictDO;
import com.yihu.jw.sms.dao.HospitalSysDictDao;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
/**
 * Created by yeshijie on 2022/3/14.
 */
@Service
public class PermissionService {
    private static final Logger logger = LoggerFactory.getLogger(PermissionService.class);
    @Autowired
    private JdbcTemplate jdbcTemplate;
    @Autowired
    private BaseLoginLogDao baseLoginLogDao;
    @Autowired
    private DoctorRoleDao doctorRoleDao;
    @Autowired
    private BaseDoctorDao doctorDao;
    @Autowired
    private HospitalSysDictDao hospitalSysDictDao;
    @Autowired
    private BaseDoctorHospitalDao doctorHospitalDao;
    /**
     * 获取医生机构
     * @param doctor
     * @return
     */
    public String getDoctorOrg(String doctor){
        List<BaseDoctorHospitalDO> doctorHospitalDOs = doctorHospitalDao.findByDoctorCode(doctor);
        if(doctorHospitalDOs.size()>0){
            return doctorHospitalDOs.get(0).getOrgCode();
        }
        return "";
    }
    /**
     * 是否管理员
     * @return 0没开启验证或是管理员(或非医生) 1没权限 userId实际登录者id
     */
    public String isAdmin(){
        WlyyHospitalSysDictDO wlyyHospitalSysDictDO = hospitalSysDictDao.findById("noPermission");
        if(wlyyHospitalSysDictDO==null||"0".equals(wlyyHospitalSysDictDO.getDictCode())){
            return "0";
        }
        BaseLoginLogDO loginLogDO = getLoginLog();
        if(loginLogDO == null){
            //该操作没有权限"
            return "1";
        }
        String userId = loginLogDO.getUserId();
        //目前只判断医生端
        if("3".equals(loginLogDO.getLoginType())){
            //是否管理员
            List<DoctorRole> roleList = doctorRoleDao.findUserRole(userId);
            if(roleList.size()>0){
                //管理员不做权限验证
                return "0";
            }
            return userId;
        }
        return "0";
    }
    /**
     * 判断是否有权限
     *  loginType 1user 登录 2医生登录 3居民登录 4第三方同步患者账号 5支付宝登录 6第三方登录-医联康护 7家人登录
     *  type 类型 0只能管理员访问,1doctor相关 2生日祝福模板
     *  param 参数 不同类型参数不一样
     * @return true表示没权限
     */
    public boolean noPermission(int type, JSONObject param){
        WlyyHospitalSysDictDO wlyyHospitalSysDictDO = hospitalSysDictDao.findById("noPermission");
        if(wlyyHospitalSysDictDO==null||"0".equals(wlyyHospitalSysDictDO.getDictCode())){
            return false;
        }
        BaseLoginLogDO loginLogDO = getLoginLog();
        if(loginLogDO == null){
            logger.info("loginLogDO=null,该操作没有权限");
            return true;
        }
        String userId = loginLogDO.getUserId();
        //目前只判断医生端
        if("3".equals(loginLogDO.getLoginType())){
            //是否管理员
            List<DoctorRole> roleList = doctorRoleDao.findUserRole(userId);
            if(roleList.size()>0){
                //管理员不做权限验证
                return false;
            }
            if(type == 0){
                return true;
            }
            if(type == 1){
                String doctorId = param.getString("doctorId");
                if(!"doctorId".equals(doctorId)){
                    return true;
                }
            }
//            BaseDoctorDO doctorDO = doctorDao.findById(userId);
            //判断角色 1社区医生，2社工, 3教师,4助老员
        }
        return false;
    }
    public String getUID(){
        BaseLoginLogDO loginLogDO = getLoginLog();
        if(loginLogDO != null){
            return loginLogDO.getUserId();
        }
        return null;
    }
    private BaseLoginLogDO getLoginLog(){
        String accessToken = this.extractToken(getRequest());
        BaseLoginLogDO loginLogDO = baseLoginLogDao.findByToken(accessToken);
        return loginLogDO;
    }
    private String extractToken(HttpServletRequest request) {
        String accessToken = request.getHeader("token");
        if (null == accessToken) {
            accessToken = request.getParameter("token");
        }
        return accessToken;
    }
    public HttpServletRequest getRequest(){
        return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
    }
}