考生不允许登录管理系统

system/system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java

@@ -4,12 +4,14 @@ import cn.hutool.core.util.RandomUtil;
 import com.alibaba.fastjson.JSONObject;
 import com.aliyuncs.exceptions.ClientException;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.toolkit.CollectionUtils;
 import com.baomidou.mybatisplus.core.toolkit.IdWorker;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authz.annotation.RequiresRoles;
+import org.jeecg.common.api.CommonAPI;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
 import org.jeecg.common.constant.CommonConstant;
@@ -24,12 +26,14 @@ import org.jeecg.modules.system.entity.SysDepart;
 import org.jeecg.modules.system.entity.SysRoleIndex;
 import org.jeecg.modules.system.entity.SysTenant;
 import org.jeecg.modules.system.entity.SysUser;
+import org.jeecg.modules.system.enums.UserType;
 import org.jeecg.modules.system.model.SysLoginModel;
 import org.jeecg.modules.system.service.*;
 import org.jeecg.modules.system.service.impl.SysBaseApiImpl;
 import org.jeecg.modules.system.util.RandImageUtil;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.*;
 
@@ -69,6 +73,10 @@ public class LoginController {
 	@Autowired
 	private JeecgBaseConfig jeecgBaseConfig;
 
+	@Lazy
+	@Resource
+	private CommonAPI commonApi;
+
 	private final String BASE_CHECK_CODES = "qwertyuiplkjhgfdsazxcvbnmQWERTYUPLKJHGFDSAZXCVBNM1234567890";
 
 	@ApiOperation("登录接口")
@@ -115,6 +123,16 @@ public class LoginController {
 		LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>();
 		queryWrapper.eq(SysUser::getUsername,username);
 		SysUser sysUser = sysUserService.getOne(queryWrapper);
+
+		//管理端登录需要校验
+		if(UserType.ADMIN.getCode().equals(sysLoginModel.getLoginType())){
+			//查询用户拥有的角色
+			Set<String> roleSet = commonApi.queryUserRoles(username);
+			if(!CollectionUtils.isEmpty(roleSet) && roleSet.contains(UserType.STUDENT.getValue()) ){
+				return Result.error("考生不允许登录管理系统");
+			}
+		}
+
 		//update-end-author:wangshuai date:20200601 for: 登录代码验证用户是否注销bug，if条件永远为false
 		result = sysUserService.checkUserIsEffective(sysUser);
 		if(!result.isSuccess()) {

system/system-biz/src/main/java/org/jeecg/modules/system/enums/UserType.java

@@ -0,0 +1,48 @@
+package org.jeecg.modules.system.enums;
+
+
+/**
+ * 用户类型
+ */
+public enum UserType {
+    //管理员
+    ADMIN(1, "admin"),
+
+    //考生
+    STUDENT(2, "student");
+
+    private Integer code;
+
+    private String value;
+
+    UserType(Integer code, String value) {
+        this.code = code;
+        this.value = value;
+    }
+
+    public Integer getCode() {
+        return code;
+    }
+
+    public void setCode(Integer code) {
+        this.code = code;
+    }
+
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    public static UserType getByCode(Integer code) {
+        for (UserType userType : values()) {
+            if (userType.getCode().equals(code)) {
+                return userType;
+            }
+        }
+        return null;
+    }
+
+}

system/system-biz/src/main/java/org/jeecg/modules/system/model/SysLoginModel.java

@@ -2,54 +2,31 @@ package org.jeecg.modules.system.model;
 
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
 
 /**
  * 登录表单
  *
  * @Author scott
- * @since  2019-01-18
+ * @since 2019-01-18
  */
-@ApiModel(value="登录对象", description="登录对象")
+@Data
+@ApiModel(value = "登录对象", description = "登录对象")
 public class SysLoginModel {
-	@ApiModelProperty(value = "账号")
-    private String username;
-	@ApiModelProperty(value = "密码")
-    private String password;
-	@ApiModelProperty(value = "验证码")
-    private String captcha;
-	@ApiModelProperty(value = "验证码key")
-    private String checkKey;
-
-    public String getUsername() {
-        return username;
-    }
 
-    public void setUsername(String username) {
-        this.username = username;
-    }
-
-    public String getPassword() {
-        return password;
-    }
+    @ApiModelProperty(value = "账号")
+    private String username;
 
-    public void setPassword(String password) {
-        this.password = password;
-    }
+    @ApiModelProperty(value = "密码")
+    private String password;
 
-    public String getCaptcha() {
-        return captcha;
-    }
+    @ApiModelProperty(value = "验证码")
+    private String captcha;
 
-    public void setCaptcha(String captcha) {
-        this.captcha = captcha;
-    }
+    @ApiModelProperty(value = "验证码key")
+    private String checkKey;
 
-	public String getCheckKey() {
-		return checkKey;
-	}
+    @ApiModelProperty(value = "登录类型 1：管理端登录，2：学生端登录")
+    private Integer loginType;
 
-	public void setCheckKey(String checkKey) {
-		this.checkKey = checkKey;
-	}
-    
 }