blame | history | raw
xin
2025-06-06 24e84dca4ffd61cc92338263c3825e0944542f2e 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168

package com.oying.modules.system.rest;


 


import com.baomidou.mybatisplus.extension.plugins.pagination.Page;


import com.oying.modules.system.domain.Role;


import com.oying.modules.system.domain.User;


import com.oying.modules.system.domain.dto.UserPassVo;


import com.oying.utils.*;


import io.swagger.annotations.Api;


import io.swagger.annotations.ApiOperation;


import lombok.RequiredArgsConstructor;


import com.oying.annotation.Log;


import com.oying.config.properties.RsaProperties;


import com.oying.exception.BadRequestException;


import com.oying.modules.system.service.RoleService;


import com.oying.modules.system.domain.dto.UserQueryCriteria;


import com.oying.modules.system.service.VerifyService;


import com.oying.modules.system.service.UserService;


import com.oying.utils.enums.CodeEnum;


import org.springframework.http.HttpStatus;


import org.springframework.http.ResponseEntity;


import org.springframework.security.access.prepost.PreAuthorize;


import org.springframework.security.crypto.password.PasswordEncoder;


import org.springframework.validation.annotation.Validated;


import org.springframework.web.bind.annotation.*;


import org.springframework.web.multipart.MultipartFile;


 


import javax.servlet.http.HttpServletResponse;


import java.io.IOException;


import java.util.*;


import java.util.stream.Collectors;


 


/**


 * @author Z


 * @date 2018-11-23


 */


@Api(tags = "系统:用户管理")


@RestController


@RequestMapping("/api/users")


@RequiredArgsConstructor


public class UserController {


 


    private final PasswordEncoder passwordEncoder;


    private final UserService userService;


    private final RoleService roleService;


    private final VerifyService verificationCodeService;


 


    @ApiOperation("导出用户数据")


    @GetMapping(value = "/download")


    @PreAuthorize("@el.check('user:list')")


    public void exportUser(HttpServletResponse response, UserQueryCriteria criteria) throws IOException {


        userService.download(userService.queryAll(criteria), response);


    }


 


    @ApiOperation("查询用户")


    @GetMapping


    @PreAuthorize("@el.check('user:list')")


    public ResponseEntity<Object> queryUser(UserQueryCriteria criteria) {


        Page<Object> page = new Page<>(criteria.getPage(), criteria.getSize());


        // 数据权限


        return new ResponseEntity<>(R.success(userService.queryAll(criteria, page)), HttpStatus.OK);


    }


 


    @Log("新增用户")


    @ApiOperation("新增用户")


    @PostMapping


    @PreAuthorize("@el.check('user:add')")


    public ResponseEntity<Object> createUser(@Validated @RequestBody User resources) {


        checkLevel(resources);


        // 默认密码 123456


        resources.setPassword(passwordEncoder.encode("123456"));


        userService.create(resources);


        return new ResponseEntity<>(R.success(), HttpStatus.CREATED);


    }


 


    @Log("修改用户")


    @ApiOperation("修改用户")


    @PutMapping


    @PreAuthorize("@el.check('user:edit')")


    public ResponseEntity<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception {


        checkLevel(resources);


        userService.update(resources);


        return new ResponseEntity<>(R.success(), HttpStatus.NO_CONTENT);


    }


 


    @Log("修改用户:个人中心")


    @ApiOperation("修改用户:个人中心")


    @PutMapping(value = "center")


    public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources) {


        if (!resources.getId().equals(SecurityUtils.getCurrentUserId())) {


            throw new BadRequestException("不能修改他人资料");


        }


        userService.updateCenter(resources);


        return new ResponseEntity<>(R.success(), HttpStatus.NO_CONTENT);


    }


 


    @Log("删除用户")


    @ApiOperation("删除用户")


    @DeleteMapping


    @PreAuthorize("@el.check('user:del')")


    public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids) {


        for (Long id : ids) {


            Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(Role::getLevel).collect(Collectors.toList()));


            Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(Role::getLevel).collect(Collectors.toList()));


            if (currentLevel > optLevel) {


                throw new BadRequestException("角色权限不足,不能删除:" + userService.findById(id).getUsername());


            }


        }


        userService.delete(ids);


        return new ResponseEntity<>(R.success(), HttpStatus.OK);


    }


 


    @ApiOperation("修改密码")


    @PostMapping(value = "/updatePass")


    public ResponseEntity<Object> updateUserPass(@RequestBody UserPassVo passVo) throws Exception {


        String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, passVo.getOldPass());


        String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, passVo.getNewPass());


        User user = userService.findByName(SecurityUtils.getCurrentUsername());


        if (!passwordEncoder.matches(oldPass, user.getPassword())) {


            throw new BadRequestException("修改失败,旧密码错误");


        }


        if (passwordEncoder.matches(newPass, user.getPassword())) {


            throw new BadRequestException("新密码不能与旧密码相同");


        }


        userService.updatePass(user.getUsername(), passwordEncoder.encode(newPass));


        return new ResponseEntity<>(R.success(), HttpStatus.OK);


    }


 


    @ApiOperation("重置密码")


    @PutMapping(value = "/resetPwd")


    public ResponseEntity<Object> resetPwd(@RequestBody Set<Long> ids) {


        String pwd = passwordEncoder.encode("123456");


        userService.resetPwd(ids, pwd);


        return new ResponseEntity<>(R.success(), HttpStatus.OK);


    }


 


    @ApiOperation("修改头像")


    @PostMapping(value = "/updateAvatar")


    public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar) {


        return new ResponseEntity<>(R.success(userService.updateAvatar(avatar)), HttpStatus.OK);


    }


 


    @Log("修改邮箱")


    @ApiOperation("修改邮箱")


    @PostMapping(value = "/updateEmail/{code}")


    public ResponseEntity<Object> updateUserEmail(@PathVariable String code, @RequestBody User resources) throws Exception {


        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, resources.getPassword());


        User user = userService.findByName(SecurityUtils.getCurrentUsername());


        if (!passwordEncoder.matches(password, user.getPassword())) {


            throw new BadRequestException("密码错误");


        }


        verificationCodeService.validated(CodeEnum.EMAIL_RESET_EMAIL_CODE.getKey() + resources.getEmail(), code);


        userService.updateEmail(user.getUsername(), resources.getEmail());


        return new ResponseEntity<>(R.success(), HttpStatus.OK);


    }


 


    /**


     * 如果当前用户的角色级别低于创建用户的角色级别,则抛出权限不足的错误


     *


     * @param resources /


     */


    private void checkLevel(User resources) {


        Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(Role::getLevel).collect(Collectors.toList()));


        Integer optLevel = roleService.findByRoles(resources.getRoles());


        if (currentLevel > optLevel) {


            throw new BadRequestException("角色权限不足");


        }


    }


}