From c1d20b425b10e8ba59f102dd1ab413055883eed0 Mon Sep 17 00:00:00 2001
From: 彭雪彬 <1724387007@qq.com>
Date: Mon, 14 Jul 2025 16:57:11 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/xin' into pxb
---
oying-system/src/main/java/com/oying/modules/system/rest/UserController.java | 87 ++++++++++++++-----------------------------
1 files changed, 29 insertions(+), 58 deletions(-)
diff --git a/oying-system/src/main/java/com/oying/modules/system/rest/UserController.java b/oying-system/src/main/java/com/oying/modules/system/rest/UserController.java
index a1ce620..21c859d 100644
--- a/oying-system/src/main/java/com/oying/modules/system/rest/UserController.java
+++ b/oying-system/src/main/java/com/oying/modules/system/rest/UserController.java
@@ -1,23 +1,16 @@
package com.oying.modules.system.rest;
-import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
-import com.oying.modules.system.domain.Dept;
import com.oying.modules.system.domain.Role;
import com.oying.modules.system.domain.User;
import com.oying.modules.system.domain.dto.UserPassVo;
+import com.oying.utils.*;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
-import com.oying.utils.PageResult;
-import com.oying.utils.PageUtil;
-import com.oying.utils.RsaUtils;
-import com.oying.utils.SecurityUtils;
import com.oying.annotation.Log;
import com.oying.config.properties.RsaProperties;
-import com.oying.modules.system.service.DataService;
import com.oying.exception.BadRequestException;
-import com.oying.modules.system.service.DeptService;
import com.oying.modules.system.service.RoleService;
import com.oying.modules.system.domain.dto.UserQueryCriteria;
import com.oying.modules.system.service.VerifyService;
@@ -27,11 +20,10 @@
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.util.CollectionUtils;
-import org.springframework.util.ObjectUtils;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
+
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
@@ -49,8 +41,6 @@
private final PasswordEncoder passwordEncoder;
private final UserService userService;
- private final DataService dataService;
- private final DeptService deptService;
private final RoleService roleService;
private final VerifyService verificationCodeService;
@@ -64,42 +54,22 @@
@ApiOperation("查询用户")
@GetMapping
@PreAuthorize("@el.check('user:list')")
- public ResponseEntity<PageResult<User>> queryUser(UserQueryCriteria criteria){
+ public ResponseEntity<Object> queryUser(UserQueryCriteria criteria) {
Page<Object> page = new Page<>(criteria.getPage(), criteria.getSize());
- if (!ObjectUtils.isEmpty(criteria.getDeptId())) {
- criteria.getDeptIds().add(criteria.getDeptId());
- // 先查找是否存在子节点
- List<Dept> data = deptService.findByPid(criteria.getDeptId());
- // 然后把子节点的ID都加入到集合中
- criteria.getDeptIds().addAll(deptService.getDeptChildren(data));
- }
// 数据权限
- List<Long> dataScopes = dataService.getDeptIds(userService.findByName(SecurityUtils.getCurrentUsername()));
- // criteria.getDeptIds() 不为空并且数据权限不为空则取交集
- if (!CollectionUtils.isEmpty(criteria.getDeptIds()) && !CollectionUtils.isEmpty(dataScopes)){
- // 取交集
- criteria.getDeptIds().retainAll(dataScopes);
- if(!CollectionUtil.isEmpty(criteria.getDeptIds())){
- return new ResponseEntity<>(userService.queryAll(criteria,page),HttpStatus.OK);
- }
- } else {
- // 否则取并集
- criteria.getDeptIds().addAll(dataScopes);
- return new ResponseEntity<>(userService.queryAll(criteria,page),HttpStatus.OK);
- }
- return new ResponseEntity<>(PageUtil.noData(),HttpStatus.OK);
+ return new ResponseEntity<>(R.success(userService.queryAll(criteria, page)), HttpStatus.OK);
}
@Log("新增用户")
@ApiOperation("新增用户")
@PostMapping
@PreAuthorize("@el.check('user:add')")
- public ResponseEntity<Object> createUser(@Validated @RequestBody User resources){
+ public ResponseEntity<Object> createUser(@Validated @RequestBody User resources) {
checkLevel(resources);
// 默认密码 123456
resources.setPassword(passwordEncoder.encode("123456"));
userService.create(resources);
- return new ResponseEntity<>(HttpStatus.CREATED);
+ return new ResponseEntity<>(R.success(), HttpStatus.CREATED);
}
@Log("修改用户")
@@ -109,50 +79,50 @@
public ResponseEntity<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception {
checkLevel(resources);
userService.update(resources);
- return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+ return new ResponseEntity<>(R.success(), HttpStatus.NO_CONTENT);
}
@Log("修改用户:个人中心")
@ApiOperation("修改用户:个人中心")
@PutMapping(value = "center")
- public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources){
- if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
+ public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources) {
+ if (!resources.getId().equals(SecurityUtils.getCurrentUserId())) {
throw new BadRequestException("不能修改他人资料");
}
userService.updateCenter(resources);
- return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+ return new ResponseEntity<>(R.success(), HttpStatus.NO_CONTENT);
}
@Log("删除用户")
@ApiOperation("删除用户")
@DeleteMapping
@PreAuthorize("@el.check('user:del')")
- public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids){
+ public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids) {
for (Long id : ids) {
- Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(Role::getLevel).collect(Collectors.toList()));
- Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(Role::getLevel).collect(Collectors.toList()));
+ Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(Role::getLevel).collect(Collectors.toList()));
+ Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(Role::getLevel).collect(Collectors.toList()));
if (currentLevel > optLevel) {
throw new BadRequestException("角色权限不足,不能删除:" + userService.findById(id).getUsername());
}
}
userService.delete(ids);
- return new ResponseEntity<>(HttpStatus.OK);
+ return new ResponseEntity<>(R.success(), HttpStatus.OK);
}
@ApiOperation("修改密码")
@PostMapping(value = "/updatePass")
public ResponseEntity<Object> updateUserPass(@RequestBody UserPassVo passVo) throws Exception {
- String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
- String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
+ String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, passVo.getOldPass());
+ String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, passVo.getNewPass());
User user = userService.findByName(SecurityUtils.getCurrentUsername());
- if(!passwordEncoder.matches(oldPass, user.getPassword())){
+ if (!passwordEncoder.matches(oldPass, user.getPassword())) {
throw new BadRequestException("修改失败,旧密码错误");
}
- if(passwordEncoder.matches(newPass, user.getPassword())){
+ if (passwordEncoder.matches(newPass, user.getPassword())) {
throw new BadRequestException("新密码不能与旧密码相同");
}
- userService.updatePass(user.getUsername(),passwordEncoder.encode(newPass));
- return new ResponseEntity<>(HttpStatus.OK);
+ userService.updatePass(user.getUsername(), passwordEncoder.encode(newPass));
+ return new ResponseEntity<>(R.success(), HttpStatus.OK);
}
@ApiOperation("重置密码")
@@ -160,35 +130,36 @@
public ResponseEntity<Object> resetPwd(@RequestBody Set<Long> ids) {
String pwd = passwordEncoder.encode("123456");
userService.resetPwd(ids, pwd);
- return new ResponseEntity<>(HttpStatus.OK);
+ return new ResponseEntity<>(R.success(), HttpStatus.OK);
}
@ApiOperation("修改头像")
@PostMapping(value = "/updateAvatar")
- public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar){
- return new ResponseEntity<>(userService.updateAvatar(avatar), HttpStatus.OK);
+ public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar) {
+ return new ResponseEntity<>(R.success(userService.updateAvatar(avatar)), HttpStatus.OK);
}
@Log("修改邮箱")
@ApiOperation("修改邮箱")
@PostMapping(value = "/updateEmail/{code}")
public ResponseEntity<Object> updateUserEmail(@PathVariable String code, @RequestBody User resources) throws Exception {
- String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,resources.getPassword());
+ String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, resources.getPassword());
User user = userService.findByName(SecurityUtils.getCurrentUsername());
- if(!passwordEncoder.matches(password, user.getPassword())){
+ if (!passwordEncoder.matches(password, user.getPassword())) {
throw new BadRequestException("密码错误");
}
verificationCodeService.validated(CodeEnum.EMAIL_RESET_EMAIL_CODE.getKey() + resources.getEmail(), code);
- userService.updateEmail(user.getUsername(),resources.getEmail());
- return new ResponseEntity<>(HttpStatus.OK);
+ userService.updateEmail(user.getUsername(), resources.getEmail());
+ return new ResponseEntity<>(R.success(), HttpStatus.OK);
}
/**
* 如果当前用户的角色级别低于创建用户的角色级别,则抛出权限不足的错误
+ *
* @param resources /
*/
private void checkLevel(User resources) {
- Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(Role::getLevel).collect(Collectors.toList()));
+ Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(Role::getLevel).collect(Collectors.toList()));
Integer optLevel = roleService.findByRoles(resources.getRoles());
if (currentLevel > optLevel) {
throw new BadRequestException("角色权限不足");
--
Gitblit v1.9.3