//package com.backendsys.controller.Systems; // //import com.backendsys.aspect.HttpRequestAspect; //import com.backendsys.aspect.QueryNullCheck; //import com.backendsys.modules.common.config.security.utils.PermissionUtil; //import com.backendsys.modules.common.config.security.utils.TokenUtil; //import com.backendsys.entity.PageDTO; //import com.backendsys.entity.System.SysUserDTO; //import com.backendsys.utils.response.Result; //import com.backendsys.service.System.SysUserService; //import com.backendsys.utils.response.ResultEnum; // //import io.jsonwebtoken.Claims; //import jakarta.servlet.http.HttpServletRequest; //import org.springframework.beans.factory.annotation.Autowired; //import org.springframework.security.access.prepost.PreAuthorize; //import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; //import org.springframework.validation.annotation.Validated; //import org.springframework.web.bind.annotation.*; // //import java.security.NoSuchAlgorithmException; //import java.util.Arrays; //import java.util.List; //import java.util.Map; // ///** // * 系统用户 // */ //@Validated //@RestController //public class SysUserController { // // @Autowired // private HttpRequestAspect httpRequestAspect; // // @Autowired // private PermissionUtil permissionUtil; // // @Autowired // private SysUserService sysUserService; // // @Autowired // private TokenUtil tokenUtil; // // // // 判断是否 超级管理员(首位)(id:1),仅首位可查看自己的信息 // private Boolean OnlySuperAdmin(SysUserDTO sysUserDTO) { // Long user_id = sysUserDTO.getUser_id(); // if (user_id == 1) { // Claims loginUserInfo = tokenUtil.getRedisTokenInfo(); // Boolean bool = (Integer) loginUserInfo.get("user_id") == 1; // return bool; // } // return true; // } // //// @PreAuthorize("@sr.hasPermission('3.1')") //// @GetMapping("/api/system/user/getUserLogined") //// public Result getUserLogined(@Validated PageDTO pageDTO, @Validated SysUserDTO sysUserDTO) { //// return Result.success(sysUserService.queryUserWithLogined(pageDTO.getPage_num(), pageDTO.getPage_size(), sysUserDTO)); //// } // //// @PreAuthorize("@sr.hasPermission('3.2')") //// @GetMapping("/api/system/user/getUser") //// public Result getUser(@Validated PageDTO pageDTO, @Validated SysUserDTO sysUserDTO) { //// return Result.success(sysUserService.queryUserList(pageDTO.getPage_num(), pageDTO.getPage_size(), sysUserDTO)); //// } // //// /** //// * 查看用户详情 //// * - 1.如果不传 user_id 则查看自己的用户信息 //// * - 2.如果传 user_id,需要具备权限才能查看他人用户信息 //// * - 3.除了超管自己其他人不可以查看超管信息 //// */ //// @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在") //// @GetMapping("/api/system/user/getUserDetail") //// public Result getUserDetail(@Validated(SysUserDTO.Detail.class) SysUserDTO sysUserDTO) { //// //// // [查询] 自身 UserId //// Long user_id = httpRequestAspect.getUserId(); //// //// // 1.如果 user_id 为空,则查看自己 //// if (sysUserDTO.getUser_id() == null) sysUserDTO.setUser_id(user_id); //// // 2.判断是否匹配当前 {用户ID} 与 {用户权限},不是则抛出错误 //// permissionUtil.checkUserIdAndPermission(sysUserDTO.getUser_id(), Arrays.asList("3.2.1")); //// // 3.判断是否 首位超级管理员 (id:1),不是则抛出错误 //// permissionUtil.checkSuperAdminOfFirst(sysUserDTO.getUser_id()); //// //// return Result.success(sysUserService.queryUserById(sysUserDTO.getUser_id())); //// } // //// @PreAuthorize("@sr.hasPermission('3.2.2')") //// @PostMapping("/api/system/user/createUser") //// public Result createUser(@Validated(SysUserDTO.Create.class) @RequestBody SysUserDTO sysUserDTO) { //// return Result.success(sysUserService.insertUser(sysUserDTO), "创建成功"); //// } // //// @PreAuthorize("@sr.hasPermission('3.2.3')") //// @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在") //// @PutMapping("/api/system/user/updateUserInfo") //// public Result updateUser(@Validated(SysUserDTO.Update.class) @RequestBody SysUserDTO sysUserDTO) { //// //// // 判断不可为超级管理员(首位) //// Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO); //// if (!isOnlySuperAdmin) { //// return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage()); //// } //// //// sysUserDTO.setLast_login_time(null); //// sysUserDTO.setLast_login_ip(null); //// //// return Result.success(sysUserService.updateUserInfo(sysUserDTO), "更新成功"); //// } // //// @PreAuthorize("@sr.hasPermission('3.2.6')") //// @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在") //// @PutMapping("/api/system/user/auditUser") //// public Result auditUser(@Validated(SysUserDTO.Audit.class) @RequestBody SysUserDTO sysUserDTO) { //// //// // 判断不可为超级管理员(首位) //// Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO); //// if (!isOnlySuperAdmin) { //// return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage()); //// } //// //// return Result.success(sysUserService.auditUser(sysUserDTO), "审核成功"); //// } // //// @PreAuthorize("@sr.hasPermission('3.2.3')") //// @PutMapping("/api/system/user/updateUserPasswordSelf") //// public Result updateUserPassword(@Validated(SysUserDTO.UpdatePasswordSelf.class) @RequestBody SysUserDTO sysUserDTO, HttpServletRequest request) { //// //// // [查询] 自身 UserId //// Long user_id = httpRequestAspect.getUserId(); //// sysUserDTO.setUser_id(user_id); //// //// // [查询] 原密码 //// Map queryUserPassword = sysUserService.queryUserPassword(user_id); //// if (queryUserPassword == null) { //// return Result.error(ResultEnum.INTERNAL_ERROR.getCode(), ResultEnum.INTERNAL_ERROR.getMessage()); //// } //// //// // [判断] 原密码是否正确 //// String old_password_request = sysUserDTO.getOld_password(); //// String old_password = (String) queryUserPassword.get("password"); //// BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); //// if (!encoder.matches(old_password_request, old_password)) { //// return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "原密码不正确"); //// } //// // 更新操作 //// return Result.success(sysUserService.updateUserPasswordSelf(sysUserDTO), "更新成功"); //// } // //// @PreAuthorize("@sr.hasPermission('3.2.3') && @ss.isSuper()") //// @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在") //// @PutMapping("/api/system/user/resetUserPassword") //// public Result resetUserPassword(@Validated(SysUserDTO.ResetPassword.class) @RequestBody SysUserDTO sysUserDTO, HttpServletRequest request) throws NoSuchAlgorithmException { //// //// // 判断不可为超级管理员(首位) //// Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO); //// if (!isOnlySuperAdmin) { //// return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage()); //// } //// //// // 判断是否为自身重置,自身密码不能重置,只能修改 //// Long self_user_id = httpRequestAspect.getUserId(); //// Long request_user_id = sysUserDTO.getUser_id(); //// if (self_user_id.longValue() == request_user_id) { //// return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "不能重置自身密码,请在个人设置中修改密码"); //// } //// return Result.success(sysUserService.resetUserPassword(sysUserDTO), "重置成功"); //// } // // //// @PreAuthorize("@sr.hasPermission('3.2.4')") //// @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在") //// @DeleteMapping("/api/system/user/deleteUser") //// public Result deleteUser(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) { //// //// // 判断不可为超级管理员(首位) //// Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO); //// if (!isOnlySuperAdmin) { //// return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage()); //// } //// //// // 判断是否为自身账号 //// Long self_user_id = httpRequestAspect.getUserId(); //// Long request_user_id = sysUserDTO.getUser_id(); //// if (self_user_id.longValue() == request_user_id) { //// return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "不能删除自身账号"); //// } //// // 删除操作 (物理删除) //// return Result.success(sysUserService.deleteUser(sysUserDTO.getUser_id()), "删除成功"); //// // 删除用户 (逻辑删除) //// // return Result.success(sysUserService.deactivateUser(user_id), "删除成功 (flag)"); //// } // //// @PreAuthorize("@sr.hasPermission('3.2.5')") //// @DeleteMapping("/api/system/user/deleteUserBatch") //// public Result deleteUserBatch(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) { //// //// // 判断用户ID集合不能出现自身账号 (及超级管理员首位的账号) //// Long super_user_id = 1L; //// Long self_user_id = httpRequestAspect.getUserId(); //// List user_ids = sysUserDTO.getUser_ids(); //// if (user_ids.contains(self_user_id)) { //// return Result.error(ResultEnum.INTERNAL_ERROR.getCode(), "删除的用户ID中存在自身用户,不可删除,请重新选择"); //// } //// if (user_ids.contains(super_user_id)) { //// return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage()); //// } //// //// // 删除操作 (批量) //// return Result.success(sysUserService.deleteUserBatch(sysUserDTO.getUser_ids()), "删除成功 (批量)"); //// } // //// @PreAuthorize("@sr.hasPermission('3.2.7')") //// @PostMapping("/api/system/user/kickUser") //// public Result kickUser(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) { //// //// // 判断不可为超级管理员(首位) //// Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO); //// if (!isOnlySuperAdmin) { //// return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage()); //// } //// //// // 判断是否为自身账号 //// Long self_user_id = httpRequestAspect.getUserId(); //// Long request_user_id = sysUserDTO.getUser_id(); //// if (self_user_id.longValue() == request_user_id) { //// return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "不能踢除自身账号"); //// } //// //// return Result.success(sysUserService.kickUser(sysUserDTO.getUser_id()), "操作成功"); //// } // //}