package com.backendsys.modules.system.controller; import cn.hutool.core.util.ObjectUtil; import com.backendsys.exception.CustException; import com.backendsys.modules.common.aspect.SysLog; import com.backendsys.modules.common.config.security.enums.SecurityEnum; import com.backendsys.modules.common.config.security.utils.SecurityUtil; import com.backendsys.modules.common.utils.Result; import com.backendsys.modules.system.entity.SysUserDTO; import com.backendsys.modules.system.service.SysUserV2Service; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.tags.Tag; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import java.util.List; @Validated @RestController @Tag(name = "系统用户") public class SysUserController { /** * TODO 1.手机号码字段,需要经过验证码校验,不能用 updateUserInfo 改 (待修改) * TODO 2.审核用户,需要单独的表做审核记录,不能直接改字段 */ @Autowired private SysUserV2Service sysUserV2Service; @Operation(summary = "获取系统用户列表") @PreAuthorize("@sr.hasPermission('3.2')") @GetMapping("/api/system/user/getUserList") public Result getUserList(SysUserDTO sysUserDTO) { return Result.success().put("data", sysUserV2Service.selectUserList(sysUserDTO)); } @Operation(summary = "获取系统用户列表 (在线的)") @PreAuthorize("@sr.hasPermission('3.1')") @GetMapping("/api/system/user/getUserOnlineList") public Result getUserOnlineList(SysUserDTO sysUserDTO) { return Result.success().put("data", sysUserV2Service.selectUserOnlineList(sysUserDTO)); } /** * 权限: * - 查询用户信息 (3.2.1) * - 查询他人用户信息 (3.2.1.2) */ @Operation(summary = "获取系统用户详情") @PreAuthorize("@sr.hasPermission('3.2.1')") @GetMapping("/api/system/user/getUserDetail") public Result getUserDetail(@Parameter(description = "用户ID") Long user_id) { // 查询自身的用户信息 (不传参数) user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id; // 查询他人的用户信息 // - 查询自己 (无需权限) // - 查询他人 (需要权限或超级管理员) if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.2.1.2") && !SecurityUtil.isSuper()) { throw new CustException(SecurityEnum.NOAUTH); } return Result.success().put("data", sysUserV2Service.selectUserInfoSimple(user_id)); } @SysLog("创建系统用户") @Operation(summary = "创建系统用户") @PreAuthorize("@sr.hasPermission('3.2.2')") @PostMapping("/api/system/user/createUser") public Result createUser(@Validated(SysUserDTO.Create.class) @RequestBody SysUserDTO sysUserDTO) { return Result.success().put("data", sysUserV2Service.insertUser(sysUserDTO)); } /** * 权限: * - 编辑用户信息权限 (3.2.3) * - 编辑他人用户信息权限 (3.2.3.2) */ @Operation(summary = "编辑系统用户信息") @PreAuthorize("@sr.hasPermission('3.2.3')") @PutMapping("/api/system/user/updateUserInfo") public Result updateUserInfo(@Validated(SysUserDTO.Update.class) @RequestBody SysUserDTO sysUserDTO) { // - 不传 user_id 时,修改目标为 当前用户 Long user_id = sysUserDTO.getUser_id(); if (ObjectUtil.isEmpty(user_id)) { user_id = SecurityUtil.getUserId(); sysUserDTO.setUser_id(user_id); } else if (!SecurityUtil.getUserId().equals(1L) && user_id.equals(1L)) { throw new CustException("不能编辑超管账号"); } // 编辑他人的用户信息 // - 编辑自己 (无需权限) // - 编辑他人 (需要子权限或超级管理员) if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.2.3.2") && !SecurityUtil.isSuper()) { throw new CustException(SecurityEnum.NOAUTH); } // 防止手动更新字段 sysUserDTO.setLast_login_time(null); sysUserDTO.setLast_login_ip(null); return Result.success().put("data", sysUserV2Service.updateUserInfo(sysUserDTO)); } @Operation(summary = "编辑系统用户密码") @PreAuthorize("@sr.hasPermission('3.2.3.3')") @PutMapping("/api/system/user/updateUserPassword") public Result updateUserPassword(@Validated(SysUserDTO.UpdatePassword.class) @RequestBody SysUserDTO sysUserDTO) { // - 不传 user_id 时,修改目标为 当前用户 Long user_id = sysUserDTO.getUser_id(); if (ObjectUtil.isEmpty(user_id)) { user_id = SecurityUtil.getUserId(); sysUserDTO.setUser_id(user_id); } else if (!SecurityUtil.getUserId().equals(1L) && user_id.equals(1L)) { throw new CustException("不能编辑超管账号"); } // 编辑他人的用户信息 // - 编辑自己 (无需权限) // - 编辑他人 (需要子权限或超级管理员) if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.2.3.2") && !SecurityUtil.isSuper()) { throw new CustException(SecurityEnum.NOAUTH); } return Result.success().put("data", sysUserV2Service.updateUserPassword(sysUserDTO)); } @Operation(summary = "重置系统用户密码") @PreAuthorize("@sr.hasPermission('3.2.3.4')") @PutMapping("/api/system/user/resetUserPassword") public Result resetUserPassword(@Validated(SysUserDTO.ResetPassword.class) @RequestBody SysUserDTO sysUserDTO) { // 判断不可为超级管理员(首位) Long user_id = sysUserDTO.getUser_id(); if (user_id.equals(1L)) { throw new CustException("不能重置超管账号密码"); } // 判断是否为自身重置,自身密码不能重置,只能修改 Long self_user_id = SecurityUtil.getUserId(); Long request_user_id = sysUserDTO.getUser_id(); if (self_user_id.equals(request_user_id)) { throw new CustException("不能重置自身密码,请自行修改密码"); } return Result.success().put("data", sysUserV2Service.resetUserPassword(sysUserDTO)); } @Operation(summary = "删除系统用户") @PreAuthorize("@sr.hasPermission('3.2.4')") @DeleteMapping("/api/system/user/deleteUser") public Result deleteUser(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) { Long user_id = sysUserDTO.getUser_id(); List user_ids = sysUserDTO.getUser_ids(); if (user_id == null && (user_ids == null || user_ids.size() == 0)) throw new CustException("user_id 或 user_ids 必填"); if (user_ids != null && user_ids.contains(SecurityUtil.getUserId()) && !user_id.equals(SecurityUtil.getUserId())) throw new CustException("不能删除自己的账号"); if (user_ids != null && user_ids.contains(1L) && !user_id.equals(1L)) throw new CustException("不能删除超管账号"); return Result.success().put("data", sysUserV2Service.deleteUser(sysUserDTO)); } @Operation(summary = "踢出系统用户") @PreAuthorize("@sr.hasPermission('3.2.7')") @PostMapping("/api/system/user/kickUser") public Result kickUser(@Validated(SysUserDTO.Kick.class) @RequestBody SysUserDTO sysUserDTO) { Long user_id = sysUserDTO.getUser_id(); if (user_id.equals(1L)) throw new CustException("不能踢出超管账号"); if (user_id.equals(SecurityUtil.getUserId())) throw new CustException("不能踢出自己的账号"); return Result.success().put("data", sysUserV2Service.kickUser(user_id)); } /** * 权限: * - 查询用户权限 (3.4.1) * - 查询他人用户权限 (3.4.1.2) */ @Operation(summary = "获取系统用户权限") @PreAuthorize("@sr.hasPermission('3.4.1')") @GetMapping("/api/system/user/getUserPermission") public Result getUserPermission(@Parameter(description = "用户ID") Long user_id) { // 查询自身的用户信息 (不传参数) user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id; // 查询他人的用户信息 // - 查询自己 (无需权限) // - 查询他人 (需要子权限或超级管理员) if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.4.1.2") && !SecurityUtil.isSuper()) { throw new CustException(SecurityEnum.NOAUTH); } return Result.success().put("data", sysUserV2Service.selectUserPermission(user_id)); } /** * 权限: * - 查询用户菜单 (3.5.1) * - 查询他人用户菜单 (3.5.1.2) */ @Operation(summary = "获取系统用户菜单") @PreAuthorize("@sr.hasPermission('3.5.1')") @GetMapping("/api/system/user/getUserMenu") public Result getUserMenu(@Parameter(description = "用户ID") Long user_id) { // 查询自身的用户信息 (不传参数) user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id; // 查询他人的用户信息 // - 查询自己 (无需权限) // - 查询他人 (需要子权限或超级管理员) if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.4.1.2") && !SecurityUtil.isSuper()) { throw new CustException(SecurityEnum.NOAUTH); } return Result.success().put("data", sysUserV2Service.selectUserMenu(user_id)); } }