重构接口(SysUser)

db/sys_user_role_module_relation.sql

@@ -10,7 +10,8 @@ CREATE TABLE `sys_user_role_module_relation` (
     PRIMARY KEY (`id`),
     `id` BIGINT(10) NOT NULL AUTO_INCREMENT COMMENT 'ID',
     `role_id` BIGINT(10) NOT NULL COMMENT '角色ID',
-    `module_id` VARCHAR(10) NOT NULL COMMENT '模块ID'
+    `module_id` VARCHAR(10) NOT NULL COMMENT '模块ID',
+    INDEX `idx_role_id` (`role_id`)
 ) ENGINE=INNODB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COMMENT='系统角色模块关系表';
 
 

db/sys_user_role_relation.sql

@@ -10,7 +10,9 @@ CREATE TABLE `sys_user_role_relation` (
     PRIMARY KEY (`id`),
     `id` BIGINT(10) NOT NULL AUTO_INCREMENT COMMENT 'ID',
     `user_id` BIGINT(10) NOT NULL COMMENT '用户ID',
-    `role_id` BIGINT(10) NOT NULL COMMENT '角色ID'
+    `role_id` BIGINT(10) NOT NULL COMMENT '角色ID',
+    INDEX `idx_user_id` (`user_id`),
+    INDEX `idx_role_id` (`role_id`)
 ) ENGINE=INNODB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COMMENT='系统用户角色关系表';
 
 INSERT INTO sys_user_role_relation(user_id, role_id) VALUES

src/main/java/com/backendsys/modules/system/controller/SysUserV2Controller.java

@@ -1,6 +1,9 @@
 package com.backendsys.modules.system.controller;
 
+import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.ClassUtil;
+import com.backendsys.aspect.QueryNullCheck;
 import com.backendsys.exception.CustException;
 import com.backendsys.modules.common.config.security.enums.SecurityEnum;
 import com.backendsys.modules.common.config.security.utils.SecurityUtil;
@@ -17,13 +20,18 @@ import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+
 @Validated
 @RestController
 @Tag(name = "系统用户")
 public class SysUserV2Controller {
 
-    @Autowired
-    private SysUserService sysUserService;
+
+    /**
+     * TODO 1.手机号码字段，需要经过验证码校验，不能用 updateUserInfo 改 (待修改)
+     * TODO 2.审核用户，需要单独的表做审核记录，不能直接改字段
+     */
     @Autowired
     private SysUserV2Service sysUserV2Service;
 
@@ -33,7 +41,6 @@ public class SysUserV2Controller {
     public Result getUserList(SysUserDTO sysUserDTO) {
         return Result.success().put("data", sysUserV2Service.selectUserList(sysUserDTO));
     }
-
     @Operation(summary = "获得系统用户列表 (在线的)")
     @PreAuthorize("@ss.hasPermi('3.1')")
     @GetMapping("/api/v2/system/user/getUserOnlineList")
@@ -60,9 +67,7 @@ public class SysUserV2Controller {
         if (user_id != SecurityUtil.getUserId() && !SecurityUtil.hasPermission("3.2.1.2") && !SecurityUtil.isSuper()) {
             throw new CustException(SecurityEnum.NOAUTH);
         }
-
         return Result.success().put("data", sysUserV2Service.selectUserInfo(user_id));
-//        return Result.success().put("data", sysUserV2Service.selectUserDetail(user_id));
     }
 
     /**
@@ -94,11 +99,6 @@ public class SysUserV2Controller {
         return Result.success().put("data", sysUserV2Service.insertUser(sysUserDTO));
     }
 
-
-    /**
-     * TODO 1.手机号码字段，需要经过验证码校验，不能用 updateUserInfo 改 (待修改)
-     * TODO 2.审核用户，需要单独的表做审核记录，不能直接改字段
-     */
     /**
      * 权限：
      * - 编辑用户信息权限 (3.2.3)
@@ -110,12 +110,17 @@ public class SysUserV2Controller {
     public Result updateUserInfo(@Validated(SysUserDTO.Update.class) @RequestBody SysUserDTO sysUserDTO) {
 
         // - 不传 user_id 时，修改目标为 当前用户
-        if (ObjectUtil.isEmpty(sysUserDTO.getUser_id())) sysUserDTO.setUser_id(SecurityUtil.getUserId());
+        Long user_id = sysUserDTO.getUser_id();
+        if (ObjectUtil.isEmpty(user_id)) {
+            user_id = SecurityUtil.getUserId();
+            sysUserDTO.setUser_id(user_id);
+        } else if (!SecurityUtil.getUserId().equals(1L) && user_id.equals(1L)) {
+            throw new CustException("不能编辑超管账号");
+        }
 
         // 编辑他人的用户信息
         // - 编辑自己 (无需权限)
         // - 编辑他人 (需要子权限或超级管理员)
-        Long user_id = sysUserDTO.getUser_id();
         if (user_id != SecurityUtil.getUserId() && !SecurityUtil.hasPermission("3.2.3.2") && !SecurityUtil.isSuper()) {
             throw new CustException(SecurityEnum.NOAUTH);
         }
@@ -127,18 +132,26 @@ public class SysUserV2Controller {
         return Result.success().put("data", sysUserV2Service.updateUserInfo(sysUserDTO));
     }
 
+    /**
+     * 权限：(同上)
+     */
     @Operation(summary = "编辑系统用户密码")
     @PreAuthorize("@ss.hasPermi('3.2.3')")
     @PutMapping("/api/v2/system/user/updateUserPassword")
     public Result updateUserPassword(@Validated(SysUserDTO.UpdatePassword.class) @RequestBody SysUserDTO sysUserDTO) {
 
         // - 不传 user_id 时，修改目标为 当前用户
-        if (ObjectUtil.isEmpty(sysUserDTO.getUser_id())) sysUserDTO.setUser_id(SecurityUtil.getUserId());
+        Long user_id = sysUserDTO.getUser_id();
+        if (ObjectUtil.isEmpty(user_id)) {
+            user_id = SecurityUtil.getUserId();
+            sysUserDTO.setUser_id(user_id);
+        } else if (!SecurityUtil.getUserId().equals(1L) && user_id.equals(1L)) {
+            throw new CustException("不能编辑超管账号");
+        }
 
         // 编辑他人的用户信息
         // - 编辑自己 (无需权限)
         // - 编辑他人 (需要子权限或超级管理员)
-        Long user_id = sysUserDTO.getUser_id();
         if (user_id != SecurityUtil.getUserId() && !SecurityUtil.hasPermission("3.2.3.2") && !SecurityUtil.isSuper()) {
             throw new CustException(SecurityEnum.NOAUTH);
         }
@@ -146,6 +159,17 @@ public class SysUserV2Controller {
         return Result.success().put("data", sysUserV2Service.updateUserPassword(sysUserDTO));
     }
 
+    @Operation(summary = "删除系统用户")
+    @PreAuthorize("@ss.hasPermi('3.2.4')")
+    @DeleteMapping("/api/v2/system/user/deleteUser")
+    public Result deleteUser(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) {
+
+        List<Long> user_ids = sysUserDTO.getUser_ids();
+        Long my_user_id = SecurityUtil.getUserId();
+        if (user_ids.contains(my_user_id)) throw new CustException("不能删除自己的账号");
+        if (user_ids.contains(1L)) throw new CustException("不能删除超管账号");
 
+        return Result.success().put("data", sysUserV2Service.deleteUser(user_ids));
+    }
 
 }

src/main/java/com/backendsys/modules/system/dao/SysUserDao.java

@@ -5,10 +5,10 @@ import com.backendsys.modules.system.entity.SysUser.SysUserDTO;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import org.apache.ibatis.annotations.Mapper;
 
+import java.util.List;
+
 @Mapper
 public interface SysUserDao extends BaseMapper<SysUser> {
-
     int insertUser(SysUserDTO sysUserDTO);
     int updateUserInfo(SysUserDTO sysUserDTO);
-
 }

src/main/java/com/backendsys/modules/system/entity/SysUser/SysUserDTO.java

@@ -19,22 +19,18 @@ public class SysUserDTO {
   public static interface Update{}
   public static interface UpdatePassword{}
   public static interface Audit{}
-  public static interface ResetPassword{}
   public static interface Delete{}
 
   /**
    * sys_user
    */
   private Long id;
-
   @NotEmpty(message="用户名不能为空", groups = { Login.class, Create.class, Register.class })
   @Size(min = 2, max = 20, message = "用户名长度在 {min}-{max} 字符", groups = { Login.class, Create.class, Register.class })
   private String username;
   @NotEmpty(message="密码不能为空", groups = { Login.class, Create.class, Register.class, UpdatePassword.class, ForgotPassword.class })
   private String password;
-
   private Boolean is_remember;
-
   @NotEmpty(message="原密码不能为空", groups = { UpdatePassword.class })
   private String old_password;
   @NotEmpty(message="验证码不能为空", groups = { Login.class, Register.class })
@@ -43,9 +39,11 @@ public class SysUserDTO {
   /**
    * sys_user_info
    */
-  @NotNull(message="user_id 不能为空", groups = { Detail.class, Audit.class, ResetPassword.class })
-  //@Min(value = 1, message = "user_id 必须大于等于 0", groups = {Update.class, Delete.class})
+  @NotNull(message="user_id 不能为空", groups = { Detail.class, Audit.class })
   private Long user_id;
+
+  @NotNull(message="user_ids 不能为空", groups = { Delete.class })
+  @Size(min = 1, message = "user_ids 至少包含一个值", groups = { Delete.class })
   private List<Long> user_ids;
 
   

src/main/java/com/backendsys/modules/system/service/SysUserV2Service.java

@@ -19,10 +19,14 @@ public interface SysUserV2Service extends IService<SysUser> {
     SysUserInfo selectUserInfo(Long user_id);
     // 获得系统用户权限
     List<String> selectUserModule(Long user_id);
-
     // 创建系统用户
     Map<String, Object> insertUser(SysUserDTO sysUserDTO);
+    // 编辑系统用户信息
     Map<String, Object> updateUserInfo(SysUserDTO sysUserDTO);
+    // 编辑系统用户密码
     Map<String, Object> updateUserPassword(SysUserDTO sysUserDTO);
 
+    // 删除系统用户
+    Map<String, Object> deleteUser(List<Long> user_ids);
+
 }

src/main/java/com/backendsys/modules/system/service/impl/SysUserV2ServiceImpl.java

@@ -4,10 +4,7 @@ import com.backendsys.exception.CustException;
 import com.backendsys.modules.common.config.redis.utils.RedisUtil;
 import com.backendsys.modules.common.utils.MybatisUtil;
 import com.backendsys.modules.system.dao.*;
-import com.backendsys.modules.system.entity.SysUser.SysUser;
-import com.backendsys.modules.system.entity.SysUser.SysUserDTO;
-import com.backendsys.modules.system.entity.SysUser.SysUserInfo;
-import com.backendsys.modules.system.entity.SysUser.SysUserRole;
+import com.backendsys.modules.system.entity.SysUser.*;
 import com.backendsys.modules.system.service.SysUserV2Service;
 import com.backendsys.utils.response.PageEntity;
 import com.backendsys.utils.response.PageInfoResult;
@@ -209,4 +206,23 @@ public class SysUserV2ServiceImpl extends ServiceImpl<SysUserDao, SysUser> imple
         } catch (InterruptedException e) { throw new RuntimeException(e);
         } finally { lock.unlock(); }
     }
+
+    /**
+     * 删除系统用户 (以及部分关联表)
+     */
+    @Override
+    @Transactional
+    public Map<String, Object> deleteUser(List<Long> user_ids) {
+        RLock lock = redissonClient.getLock("deleteUser");
+        try { lock.tryLock(3, TimeUnit.SECONDS);
+
+            sysUserDao.delete(new QueryWrapper<SysUser>().in("id", user_ids));
+            sysUserInfoDao.delete(new QueryWrapper<SysUserInfo>().in("user_id", user_ids));
+            sysUserRoleRelationDao.delete(new QueryWrapper<SysUserRoleRelation>().in("user_id", user_ids));
+
+            return Map.of("user_ids", user_ids);
+
+        } catch (InterruptedException e) { throw new RuntimeException(e);
+        } finally { lock.unlock(); }
+    }
 }

src/main/resources/mapper/system/SysUserDao.xml

@@ -347,30 +347,4 @@
         )
     </insert>
 
-    <!-- 删除用户 (物理) -->
-    <delete id="deleteUser" parameterType="java.lang.Long">
-        DELETE u, ui
-        FROM sys_user u
-        LEFT JOIN sys_user_info ui ON u.id = ui.user_id
-        WHERE u.id = #{id}
-    </delete>
-
-    <!-- 删除用户 (批量) -->
-    <delete id="deleteUserBatch" parameterType="java.lang.Long">
-        DELETE u, ui
-        FROM sys_user u
-        LEFT JOIN sys_user_info ui ON u.id = ui.user_id
-        WHERE u.id IN
-        <foreach collection="ids" item="id" open="(" separator="," close=")">
-            #{id}
-        </foreach>
-    </delete>
-
-    <!-- 删除用户 (逻辑) -->
-    <update id="deactivateUser" parameterType="java.lang.Long">
-        UPDATE sys_user_info
-        SET del_flag = 1
-        WHERE user_id = #{id}
-    </update>
-
 </mapper>