Dev

src/main/java/com/backendsys/modules/system/controller/SysUserV2Controller.java

@@ -6,17 +6,19 @@ import com.backendsys.modules.common.config.security.enums.SecurityEnum;
 import com.backendsys.modules.common.config.security.utils.SecurityUtil;
 import com.backendsys.modules.common.enums.MatchType;
 import com.backendsys.modules.common.utils.Result;
+import com.backendsys.modules.system.entity.SysUser.SysUserInfo;
 import com.backendsys.modules.system.service.SysUserV2Service;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.validation.Valid;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
 
-import java.util.Arrays;
 
+@Validated
 @RestController
 @Tag(name = "系统用户")
 public class SysUserV2Controller {
@@ -34,10 +36,10 @@ public class SysUserV2Controller {
     @GetMapping("/api/v2/system/user/getUserDetail")
     public Result getUserDetail(@Parameter(description = "用户ID") Long user_id) {
 
-        // 如果不传参数，则查询自身的用户信息
+        // 查询自身的用户信息 (不传参数)
         user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id;
 
-        // 如果是查询他人的用户信息，需要具备权限
+        // 查询他人的用户信息，需要具备权限 (非管理员，非当前用户，不具备权限)
         if (!SecurityUtil.isSuper() && user_id != SecurityUtil.getUserId() && !SecurityUtil.hasPermission("3.2.1.2")) {
             throw new CustomException(SecurityEnum.NOAUTH);
         }
@@ -45,4 +47,19 @@ public class SysUserV2Controller {
         return Result.success().put("data", sysUserV2Service.selectUserInfo(user_id));
     }
 
+
+    @Operation(summary = "获得系统用户权限")
+//    @PreAuthorize("@sr.hasPermission('3.2.1')")
+    @GetMapping("/api/v2/system/user/getUserPermission")
+    public Result getUserPermission(@Validated(SysUserInfo.Primarys.class) @ModelAttribute SysUserInfo userInfo) {
+
+        // GetMapping 识别不了 @Validated ?
+
+    // public Result getUserPermission(@NotBlank(message = "user_id 不能为空") String user_id) {
+
+        System.out.println(userInfo);
+
+        return Result.success().put("data", null);
+    }
+
 }

src/main/java/com/backendsys/modules/system/entity/SysUser/SysUser.java

@@ -8,6 +8,7 @@ import lombok.Data;
 @Data
 @TableName("sys_user")
 public class SysUser {
+
     @TableId(type = IdType.AUTO)
     private Long id;
     private String username;

src/main/java/com/backendsys/modules/system/entity/SysUser/SysUserInfo.java

@@ -6,13 +6,19 @@ import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
 import lombok.Data;
 
+import javax.validation.constraints.NotNull;
 import java.util.List;
 
 @Data
 @TableName("sys_user_info")
 public class SysUserInfo {
+
+    public static interface Primarys{}
+
     @TableId(type = IdType.AUTO)
     private Long id;
+
+    @NotNull(message = "user_id 不能为空")
     private Long user_id;
 
     @TableField(exist = false)

src/main/resources/application.yml

@@ -99,7 +99,6 @@ whitelist:
     /api/test/**,
     /ws/**,
     /wss/**
-# /api/v2/system/user/getUserDetail,
 
 
 ## 全局静态变量 ##