增减商品权限过滤

src/main/java/com/miekir/shibei/controller/api/GoodsController.java

@@ -4,6 +4,7 @@ import com.alibaba.fastjson.JSON;
 import com.miekir.shibei.bean.*;
 import com.miekir.shibei.repository.GoodsRepository;
 import com.miekir.shibei.repository.UserRepository;
+import com.miekir.shibei.tool.RequestTool;
 import com.miekir.shibei.tool.TextUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpHeaders;
@@ -32,24 +33,7 @@ public class GoodsController {
         ResponseResult<String> responseResult = new ResponseResult<String>();
         responseResult.setMessage("操作失败");
 
-        String token = header.getFirst("token");
-        String email = header.getFirst("email");
-
-        if (goodsBean == null || TextUtils.isEmpty(token) || TextUtils.isEmpty(email)) {
-            return JSON.toJSONString(responseResult);
-        }
-
-        // 根据email查找用户，查询用户的token是否相同
-        User dbUserBean;
-        try {
-            dbUserBean = userRepository.findUserByEmail(email);
-        } catch (Exception e) {
-            e.printStackTrace();
-            return JSON.toJSONString(responseResult);
-        }
-
-        // 用户token不一致
-        if (dbUserBean == null || !TextUtils.equals(token, dbUserBean.getToken())) {
+        if (goodsBean == null || !RequestTool.isRequestAdminValid(header, userRepository)) {
             return JSON.toJSONString(responseResult);
         }
 
@@ -75,24 +59,7 @@ public class GoodsController {
         ResponseResult<String> responseResult = new ResponseResult<String>();
         responseResult.setMessage("删除失败");
 
-        String token = header.getFirst("token");
-        String email = header.getFirst("email");
-
-        if (TextUtils.isEmpty(token) || TextUtils.isEmpty(email)) {
-            return JSON.toJSONString(responseResult);
-        }
-
-        // 根据email查找用户，查询用户的token是否相同
-        User dbUserBean;
-        try {
-            dbUserBean = userRepository.findUserByEmail(email);
-        } catch (Exception e) {
-            e.printStackTrace();
-            return JSON.toJSONString(responseResult);
-        }
-
-        // 用户token不一致
-        if (dbUserBean == null || !TextUtils.equals(token, dbUserBean.getToken())) {
+        if (!RequestTool.isRequestAdminValid(header, userRepository)) {
             return JSON.toJSONString(responseResult);
         }
 

src/main/java/com/miekir/shibei/tool/RequestTool.java

@@ -0,0 +1,42 @@
+package com.miekir.shibei.tool;
+
+import com.alibaba.fastjson.JSON;
+import com.miekir.shibei.bean.User;
+import com.miekir.shibei.repository.UserRepository;
+import org.springframework.http.HttpHeaders;
+
+public class RequestTool {
+    private RequestTool() {}
+
+    public static boolean isRequestValid(HttpHeaders header, UserRepository userRepository) {
+        String token = header.getFirst("token");
+        String email = header.getFirst("email");
+
+        if (TextUtils.isEmpty(token) || TextUtils.isEmpty(email)) {
+            return false;
+        }
+
+        // 根据email查找用户，查询用户的token是否相同
+        User dbUserBean;
+        try {
+            dbUserBean = userRepository.findUserByEmail(email);
+        } catch (Exception e) {
+            e.printStackTrace();
+            return false;
+        }
+
+        // 用户token不一致
+        if (dbUserBean == null || !TextUtils.equals(token, dbUserBean.getToken())) {
+            return false;
+        }
+        return true;
+    }
+
+    public static boolean isRequestAdminValid(HttpHeaders header, UserRepository userRepository) {
+        String email = header.getFirst("email");
+        if (!TextUtils.equals(email, "[email protected]")) {
+            return false;
+        }
+        return isRequestValid(header, userRepository);
+    }
+}