1.文章评论接口,2.对文章评论进行回复 接口权限卡控优化

ruoyi-generator/src/main/java/com/ruoyi/generator/controller/CommunityArticleController.java

@@ -156,11 +156,9 @@ public class CommunityArticleController extends BaseController {
         if (null == communityArticleComment.getArticleId()) {
             return AjaxResult.error("文章不存在或异常!");
         }
-
-
-
+        Long userId = SecurityUtils.getUserId();
         //调用方法去判断当前评论的用户 是不是文章作者的关注列表
-        Boolean aBoolean = communityArticleService.checkCommentPermission(communityArticleComment);
+        Boolean aBoolean = communityArticleService.checkCommentPermission(userId,null,communityArticleComment.getArticleId());
         communityArticleComment.setUserId(SecurityUtils.getUserId());
         if (!aBoolean) {  // 当 aBoolean 为 false 时，进入这个条件
             return AjaxResult.success("您没有权限评论此文章，因为只允许关注的人评论您!");

ruoyi-generator/src/main/java/com/ruoyi/generator/controller/CommunityCommentController.java

@@ -12,6 +12,7 @@ import com.ruoyi.generator.domain.Community.CommunityCommentLike;
 import com.ruoyi.generator.domain.Community.CommunityCommentReply;
 import com.ruoyi.generator.mapper.community.CommunityCommentLikeMapper;
 import com.ruoyi.generator.service.ICommunityArticleCommentService;
+import com.ruoyi.generator.service.ICommunityArticleService;
 import com.ruoyi.generator.service.ICommunityCommentReplyService;
 import com.ruoyi.generator.vo.CommunityArticleCommentVo;
 import com.ruoyi.generator.vo.CommunityCommentReplyVo;
@@ -24,6 +25,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.bind.annotation.*;
 
+import java.text.ParseException;
 import java.util.*;
 import java.util.stream.Collectors;
 
@@ -55,6 +57,9 @@ public class CommunityCommentController extends BaseController {
     @Autowired
     private SysUserServiceImpl sysUserService;
 
+    @Autowired
+    private ICommunityArticleService communityArticleService;
+
 
     /**
      * 获取文章评论
@@ -171,12 +176,15 @@ public class CommunityCommentController extends BaseController {
     @PostMapping("/reply")
     @Transactional
     //@Anonymous
-    public AjaxResult reply(@RequestBody CommunityCommentReply communityCommentReply) {
+    public AjaxResult reply(@RequestBody CommunityCommentReply communityCommentReply) throws ParseException {
         if (Objects.isNull(communityCommentReply.getCommentId()) || Objects.isNull(communityCommentReply.getContent())) {
             return AjaxResult.error("参数异常!");
         }
-
         Long userId = SecurityUtils.getUserId();
+        Boolean aBoolean = communityArticleService.checkCommentPermission(userId, communityCommentReply.getCommentId(), null);
+        if (!aBoolean) {  // 当 aBoolean 为 false 时，进入这个条件
+            return AjaxResult.success("您没有权限评论此文章，因为只允许关注的人评论您!");
+        }
         communityCommentReply.setUserId(userId);
         communityCommentReply.setDelete(false);
         communityCommentReply.setCreateBy(userId);

ruoyi-generator/src/main/java/com/ruoyi/generator/service/CommunityArticleServiceImpl.java

@@ -610,30 +610,43 @@ public class CommunityArticleServiceImpl extends ServiceImpl<CommunityArticleMap
     }
 
     /**
-     *
-     * @param communityArticleComment
+     * 判断评论的人 是否在文章作者的关注列表中
+     * @param userId    必填
+     * @param commentId 可选  评论的评论接口
+     * @param articleId 可选  文章评论接口
+     * @return true or false
      * @throws ParseException
      */
     @Override
-    public Boolean checkCommentPermission(CommunityArticleComment communityArticleComment) throws ParseException {
+    public Boolean checkCommentPermission(Long userId,Long commentId,Long articleId) throws ParseException {
         /**
-         * 1.获取文章创建人ID
-         * 2.通过文章创建人ID 查询隐私设置表 communityPrivacyService.selectUserPrivacy
-         * 3.查询权限表有没有开权限
-         * 4.获取用户关注列表
-         * 5.是否是关注的人评论我 有则评论成功，没有则返回失败
+         * 1.传commentId 说明是 评论的评论接口
+         * 2.传articleId 说明是文章评论接口
+         * 3.询隐私设置表 communityPrivacyService.selectUserPrivacy 权限有没有开启
+         * 4.没有开启 直接结束
+         * 5.开启 查询作者关注列表
+         * 6。是否是关注的人评论我 有则评论成功，没有则返回失败
          */
+        //假设传的评论ID 根据 评论ID要找到文章ID
+        if (articleId == null) {
+            List<CommunityArticleComment> communityArticleComments
+                    = communityArticleCommentMapper
+                    .selectList(new QueryWrapper<CommunityArticleComment>().eq("id", commentId));
+            CommunityArticleComment communityArticleComment = communityArticleComments.get(0);
+            articleId = communityArticleComment.getArticleId();
+        };
+
         //获取文章信息 找到文章创建人
         List<CommunityArticle> communityArticles
                 = communityArticleMapper
-                .selectList(new QueryWrapper<CommunityArticle>().eq("id", communityArticleComment.getArticleId()));
+                .selectList(new QueryWrapper<CommunityArticle>().eq("id", articleId));
 
         // 提取用户ID
-        Long articleId = null; // 初始化用户ID
+        Long articleUserId = null; // 初始化用户ID
 
         if (!communityArticles.isEmpty()) { // 检查列表是否为空
             CommunityArticle article = communityArticles.get(0); // 获取第一个文章
-            articleId = article.getUserId(); // 假设CommunityArticle有getUserId()方法
+            articleUserId = article.getUserId(); // 假设CommunityArticle有getUserId()方法
         } else {
             // 处理未找到文章的情况
             // 例如，可以抛出异常或记录日志
@@ -641,15 +654,15 @@ public class CommunityArticleServiceImpl extends ServiceImpl<CommunityArticleMap
         }
 
         // 直接允许作者评论
-        if (articleId.equals(SecurityUtils.getLoginUser().getUserId())) {
+        if (articleUserId.equals(userId)) {
            /* // 如果评论者是文章作者，直接进行评论
             communityArticleService.sendComment(communityArticleComment);*/
             return true;
         }
 
-        // 1. 查询隐私设置
-        List<CommunityUserPrivacyVo> communityUserPrivacyVos = communityPrivacyService.selectUserPrivacy(articleId);
-        // 2. 检查隐私设置 只允许我关注的人评论我
+        // 查询隐私设置
+        List<CommunityUserPrivacyVo> communityUserPrivacyVos = communityPrivacyService.selectUserPrivacy(articleUserId);
+        // 检查隐私设置 只允许我关注的人评论我
         boolean IsComment = false;
         for (CommunityUserPrivacyVo privacyVo : communityUserPrivacyVos) {
             if (privacyVo.getIsComment() != null && privacyVo.getIsComment()) {
@@ -659,11 +672,11 @@ public class CommunityArticleServiceImpl extends ServiceImpl<CommunityArticleMap
         }
         // 如果评论受限，则查询用户关注列表
         if (IsComment) {
-            List<CommunityUserLikeVo> communityUserLikeVos = communityArticleService.selectCommunityUserLikeList(articleId);
+            List<CommunityUserLikeVo> communityUserLikeVos = communityArticleService.selectCommunityUserLikeList(articleUserId);
             // 3. 检查评论者是否在关注列表中
             boolean isFollower = communityUserLikeVos.stream()
-                    .anyMatch(like -> like.getLikeUserId().equals(SecurityUtils.getLoginUser().getUserId()));
-            System.out.println(SecurityUtils.getLoginUser().getUserId());
+                    .anyMatch(like -> like.getLikeUserId().equals(userId));
+            System.out.println(userId);
             // 如果不是关注者，返回失败
             if (!isFollower) {
                 //return AjaxResult.error("您没有权限评论此文章，因为只允许关注的人评论您!");
@@ -673,6 +686,10 @@ public class CommunityArticleServiceImpl extends ServiceImpl<CommunityArticleMap
         return true;
     }
 
+    /**
+     *
+     */
+
 
     /**
      * 判断是否是视频文件

ruoyi-generator/src/main/java/com/ruoyi/generator/service/ICommunityArticleService.java

@@ -147,12 +147,16 @@ public interface ICommunityArticleService extends IService<CommunityArticle> {
     List<CommunityUserLikeVo> selectMutualAttention(Long userId);
 
 
+
     /**
      * 判断评论的人 是否在文章作者的关注列表中
-     * @param communityArticleComment
+     * @param userId    必填   用户ID
+     * @param commentId 可选   评论ID
+     * @param articleId 可选   文章ID
+     * @return true or false
      * @throws ParseException
      */
-    Boolean checkCommentPermission(CommunityArticleComment communityArticleComment) throws ParseException;
+    Boolean checkCommentPermission(Long userId,Long commentId,Long articleId) throws ParseException;
 
 
 }