lzz
/
yvjia


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224
							package com.backendsys.modules.system.controller;

import cn.hutool.core.util.ObjectUtil;
import com.backendsys.exception.CustException;
import com.backendsys.modules.common.aspect.SysLog;
import com.backendsys.modules.common.config.security.enums.SecurityEnum;
import com.backendsys.modules.common.config.security.utils.SecurityUtil;
import com.backendsys.modules.common.utils.Result;
import com.backendsys.modules.system.entity.SysUserDTO;
import com.backendsys.modules.system.service.SysUserV2Service;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@Validated
@RestController
@Tag(name = "系统用户")
public class SysUserController {

    /**
     * TODO 1.手机号码字段，需要经过验证码校验，不能用 updateUserInfo 改 (待修改)
     * TODO 2.审核用户，需要单独的表做审核记录，不能直接改字段
     */

    @Autowired
    private SysUserV2Service sysUserV2Service;

    @Operation(summary = "获取系统用户列表")
    @PreAuthorize("@sr.hasPermission('3.2')")
    @GetMapping("/api/system/user/getUserList")
    public Result getUserList(SysUserDTO sysUserDTO) {
        return Result.success().put("data", sysUserV2Service.selectUserList(sysUserDTO));
    }

    @Operation(summary = "获取系统用户列表 (在线的)")
    @PreAuthorize("@sr.hasPermission('3.1')")
    @GetMapping("/api/system/user/getUserOnlineList")
    public Result getUserOnlineList(SysUserDTO sysUserDTO) {
        return Result.success().put("data", sysUserV2Service.selectUserOnlineList(sysUserDTO));
    }

    /**
     * 权限：
     * - 查询用户信息 (3.2.1)
     * - 查询他人用户信息 (3.2.1.2)
     */
    @Operation(summary = "获取系统用户详情")
    @PreAuthorize("@sr.hasPermission('3.2.1')")
    @GetMapping("/api/system/user/getUserDetail")
    public Result getUserDetail(@Parameter(description = "用户ID") Long user_id) {

        // 查询自身的用户信息 (不传参数)
        user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id;

        // 查询他人的用户信息
        // - 查询自己 (无需权限)
        // - 查询他人 (需要权限或超级管理员)
        if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.2.1.2") && !SecurityUtil.isSuper()) {
            throw new CustException(SecurityEnum.NOAUTH);
        }
        return Result.success().put("data", sysUserV2Service.selectUserInfoSimple(user_id));
    }

    @SysLog("创建系统用户")
    @Operation(summary = "创建系统用户")
    @PreAuthorize("@sr.hasPermission('3.2.2')")
    @PostMapping("/api/system/user/createUser")
    public Result createUser(@Validated(SysUserDTO.Create.class) @RequestBody SysUserDTO sysUserDTO) {
        return Result.success().put("data", sysUserV2Service.insertUser(sysUserDTO));
    }

    /**
     * 权限：
     * - 编辑用户信息权限 (3.2.3)
     * - 编辑他人用户信息权限 (3.2.3.2)
     */
    @Operation(summary = "编辑系统用户信息")
    @PreAuthorize("@sr.hasPermission('3.2.3')")
    @PutMapping("/api/system/user/updateUserInfo")
    public Result updateUserInfo(@Validated(SysUserDTO.Update.class) @RequestBody SysUserDTO sysUserDTO) {

        // - 不传 user_id 时，修改目标为 当前用户
        Long user_id = sysUserDTO.getUser_id();
        if (ObjectUtil.isEmpty(user_id)) {
            user_id = SecurityUtil.getUserId();
            sysUserDTO.setUser_id(user_id);
        } else if (!SecurityUtil.getUserId().equals(1L) && user_id.equals(1L)) {
            throw new CustException("不能编辑超管账号");
        }
        // 编辑他人的用户信息
        // - 编辑自己 (无需权限)
        // - 编辑他人 (需要子权限或超级管理员)
        if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.2.3.2") && !SecurityUtil.isSuper()) {
            throw new CustException(SecurityEnum.NOAUTH);
        }
        // 防止手动更新字段
        sysUserDTO.setLast_login_time(null);
        sysUserDTO.setLast_login_ip(null);

        return Result.success().put("data", sysUserV2Service.updateUserInfo(sysUserDTO));
    }

    @Operation(summary = "编辑系统用户密码")
    @PreAuthorize("@sr.hasPermission('3.2.3.3')")
    @PutMapping("/api/system/user/updateUserPassword")
    public Result updateUserPassword(@Validated(SysUserDTO.UpdatePassword.class) @RequestBody SysUserDTO sysUserDTO) {

        // - 不传 user_id 时，修改目标为 当前用户
        Long user_id = sysUserDTO.getUser_id();
        if (ObjectUtil.isEmpty(user_id)) {
            user_id = SecurityUtil.getUserId();
            sysUserDTO.setUser_id(user_id);
        } else if (!SecurityUtil.getUserId().equals(1L) && user_id.equals(1L)) {
            throw new CustException("不能编辑超管账号");
        }
        // 编辑他人的用户信息
        // - 编辑自己 (无需权限)
        // - 编辑他人 (需要子权限或超级管理员)
        if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.2.3.2") && !SecurityUtil.isSuper()) {
            throw new CustException(SecurityEnum.NOAUTH);
        }

        return Result.success().put("data", sysUserV2Service.updateUserPassword(sysUserDTO));
    }

    @Operation(summary = "重置系统用户密码")
    @PreAuthorize("@sr.hasPermission('3.2.3.4')")
    @PutMapping("/api/system/user/resetUserPassword")
    public Result resetUserPassword(@Validated(SysUserDTO.ResetPassword.class) @RequestBody SysUserDTO sysUserDTO) {

        // 判断不可为超级管理员(首位)
        Long user_id = sysUserDTO.getUser_id();
        if (user_id.equals(1L)) {
            throw new CustException("不能重置超管账号密码");
        }

        // 判断是否为自身重置，自身密码不能重置，只能修改
        Long self_user_id = SecurityUtil.getUserId();
        Long request_user_id = sysUserDTO.getUser_id();
        if (self_user_id.equals(request_user_id)) {
            throw new CustException("不能重置自身密码，请自行修改密码");
        }

        return Result.success().put("data", sysUserV2Service.resetUserPassword(sysUserDTO));
    }

    @Operation(summary = "删除系统用户")
    @PreAuthorize("@sr.hasPermission('3.2.4')")
    @DeleteMapping("/api/system/user/deleteUser")
    public Result deleteUser(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) {

        Long user_id = sysUserDTO.getUser_id();
        List<Long> user_ids = sysUserDTO.getUser_ids();
        if (user_id == null && (user_ids == null || user_ids.size() == 0)) throw new CustException("user_id 或 user_ids 必填");
        if (user_ids != null && user_ids.contains(SecurityUtil.getUserId()) && !user_id.equals(SecurityUtil.getUserId())) throw new CustException("不能删除自己的账号");
        if (user_ids != null && user_ids.contains(1L) && !user_id.equals(1L)) throw new CustException("不能删除超管账号");

        return Result.success().put("data", sysUserV2Service.deleteUser(sysUserDTO));
    }

    @Operation(summary = "踢出系统用户")
    @PreAuthorize("@sr.hasPermission('3.2.7')")
    @PostMapping("/api/system/user/kickUser")
    public Result kickUser(@Validated(SysUserDTO.Kick.class) @RequestBody SysUserDTO sysUserDTO) {

        Long user_id = sysUserDTO.getUser_id();
        if (user_id.equals(1L)) throw new CustException("不能踢出超管账号");
        if (user_id.equals(SecurityUtil.getUserId())) throw new CustException("不能踢出自己的账号");

        return Result.success().put("data", sysUserV2Service.kickUser(user_id));
    }


    /**
     * 权限：
     * - 查询用户权限 (3.4.1)
     * - 查询他人用户权限 (3.4.1.2)
     */
    @Operation(summary = "获取系统用户权限")
    @PreAuthorize("@sr.hasPermission('3.4.1')")
    @GetMapping("/api/system/user/getUserPermission")
    public Result getUserPermission(@Parameter(description = "用户ID") Long user_id) {

        // 查询自身的用户信息 (不传参数)
        user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id;
        // 查询他人的用户信息
        // - 查询自己 (无需权限)
        // - 查询他人 (需要子权限或超级管理员)
        if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.4.1.2") && !SecurityUtil.isSuper()) {
            throw new CustException(SecurityEnum.NOAUTH);
        }

        return Result.success().put("data", sysUserV2Service.selectUserPermission(user_id));
    }

    /**
     * 权限：
     * - 查询用户菜单 (3.5.1)
     * - 查询他人用户菜单 (3.5.1.2)
     */
    @Operation(summary = "获取系统用户菜单")
    @PreAuthorize("@sr.hasPermission('3.5.1')")
    @GetMapping("/api/system/user/getUserMenu")
    public Result getUserMenu(@Parameter(description = "用户ID") Long user_id) {

        // 查询自身的用户信息 (不传参数)
        user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id;
        // 查询他人的用户信息
        // - 查询自己 (无需权限)
        // - 查询他人 (需要子权限或超级管理员)
        if (!user_id.equals(SecurityUtil.getUserId()) && !SecurityUtil.hasPermission("3.4.1.2") && !SecurityUtil.isSuper()) {
            throw new CustException(SecurityEnum.NOAUTH);
        }

        return Result.success().put("data", sysUserV2Service.selectUserMenu(user_id));
    }

}