lzz
/
yvjia


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237
							//package com.backendsys.controller.Systems;
//
//import com.backendsys.aspect.HttpRequestAspect;
//import com.backendsys.aspect.QueryNullCheck;
//import com.backendsys.modules.common.config.security.utils.PermissionUtil;
//import com.backendsys.modules.common.config.security.utils.TokenUtil;
//import com.backendsys.entity.PageDTO;
//import com.backendsys.entity.System.SysUserDTO;
//import com.backendsys.utils.response.Result;
//import com.backendsys.service.System.SysUserService;
//import com.backendsys.utils.response.ResultEnum;
//
//import io.jsonwebtoken.Claims;
//import jakarta.servlet.http.HttpServletRequest;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.security.access.prepost.PreAuthorize;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.validation.annotation.Validated;
//import org.springframework.web.bind.annotation.*;
//
//import java.security.NoSuchAlgorithmException;
//import java.util.Arrays;
//import java.util.List;
//import java.util.Map;
//
///**
// * 系统用户
// */
//@Validated
//@RestController
//public class SysUserController {
//
//    @Autowired
//    private HttpRequestAspect httpRequestAspect;
//
//    @Autowired
//    private PermissionUtil permissionUtil;
//
//    @Autowired
//    private SysUserService sysUserService;
//
//    @Autowired
//    private TokenUtil tokenUtil;
//
//
//    // 判断是否 超级管理员(首位)(id:1)，仅首位可查看自己的信息
//    private Boolean OnlySuperAdmin(SysUserDTO sysUserDTO) {
//        Long user_id = sysUserDTO.getUser_id();
//        if (user_id == 1) {
//            Claims loginUserInfo = tokenUtil.getRedisTokenInfo();
//            Boolean bool = (Integer) loginUserInfo.get("user_id") == 1;
//            return bool;
//        }
//        return true;
//    }
//
////    @PreAuthorize("@sr.hasPermission('3.1')")
////    @GetMapping("/api/system/user/getUserLogined")
////    public Result getUserLogined(@Validated PageDTO pageDTO, @Validated SysUserDTO sysUserDTO) {
////        return Result.success(sysUserService.queryUserWithLogined(pageDTO.getPage_num(), pageDTO.getPage_size(), sysUserDTO));
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2')")
////    @GetMapping("/api/system/user/getUser")
////    public Result getUser(@Validated PageDTO pageDTO, @Validated SysUserDTO sysUserDTO) {
////        return Result.success(sysUserService.queryUserList(pageDTO.getPage_num(), pageDTO.getPage_size(), sysUserDTO));
////    }
//
////    /**
////     * 查看用户详情
////     * - 1.如果不传 user_id 则查看自己的用户信息
////     * - 2.如果传 user_id，需要具备权限才能查看他人用户信息
////     * - 3.除了超管自己其他人不可以查看超管信息
////     */
////    @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在")
////    @GetMapping("/api/system/user/getUserDetail")
////    public Result getUserDetail(@Validated(SysUserDTO.Detail.class) SysUserDTO sysUserDTO) {
////
////        // [查询] 自身 UserId
////        Long user_id = httpRequestAspect.getUserId();
////
////        // 1.如果 user_id 为空，则查看自己
////        if (sysUserDTO.getUser_id() == null) sysUserDTO.setUser_id(user_id);
////        // 2.判断是否匹配当前 {用户ID} 与 {用户权限}，不是则抛出错误
////        permissionUtil.checkUserIdAndPermission(sysUserDTO.getUser_id(), Arrays.asList("3.2.1"));
////        // 3.判断是否 首位超级管理员 (id:1)，不是则抛出错误
////        permissionUtil.checkSuperAdminOfFirst(sysUserDTO.getUser_id());
////
////        return Result.success(sysUserService.queryUserById(sysUserDTO.getUser_id()));
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2.2')")
////    @PostMapping("/api/system/user/createUser")
////    public Result createUser(@Validated(SysUserDTO.Create.class) @RequestBody SysUserDTO sysUserDTO) {
////        return Result.success(sysUserService.insertUser(sysUserDTO), "创建成功");
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2.3')")
////    @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在")
////    @PutMapping("/api/system/user/updateUserInfo")
////    public Result updateUser(@Validated(SysUserDTO.Update.class) @RequestBody SysUserDTO sysUserDTO) {
////
////        // 判断不可为超级管理员(首位)
////        Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO);
////        if (!isOnlySuperAdmin) {
////            return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage());
////        }
////
////        sysUserDTO.setLast_login_time(null);
////        sysUserDTO.setLast_login_ip(null);
////
////        return Result.success(sysUserService.updateUserInfo(sysUserDTO), "更新成功");
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2.6')")
////    @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在")
////    @PutMapping("/api/system/user/auditUser")
////    public Result auditUser(@Validated(SysUserDTO.Audit.class) @RequestBody SysUserDTO sysUserDTO) {
////
////        // 判断不可为超级管理员(首位)
////        Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO);
////        if (!isOnlySuperAdmin) {
////            return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage());
////        }
////
////        return Result.success(sysUserService.auditUser(sysUserDTO), "审核成功");
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2.3')")
////    @PutMapping("/api/system/user/updateUserPasswordSelf")
////    public Result updateUserPassword(@Validated(SysUserDTO.UpdatePasswordSelf.class) @RequestBody SysUserDTO sysUserDTO, HttpServletRequest request) {
////
////        // [查询] 自身 UserId
////        Long user_id = httpRequestAspect.getUserId();
////        sysUserDTO.setUser_id(user_id);
////
////        // [查询] 原密码
////        Map<String, Object> queryUserPassword = sysUserService.queryUserPassword(user_id);
////        if (queryUserPassword == null) {
////            return Result.error(ResultEnum.INTERNAL_ERROR.getCode(), ResultEnum.INTERNAL_ERROR.getMessage());
////        }
////
////        // [判断] 原密码是否正确
////        String old_password_request = sysUserDTO.getOld_password();
////        String old_password = (String) queryUserPassword.get("password");
////        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
////        if (!encoder.matches(old_password_request, old_password)) {
////            return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "原密码不正确");
////        }
////        // 更新操作
////        return Result.success(sysUserService.updateUserPasswordSelf(sysUserDTO), "更新成功");
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2.3') && @ss.isSuper()")
////    @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在")
////    @PutMapping("/api/system/user/resetUserPassword")
////    public Result resetUserPassword(@Validated(SysUserDTO.ResetPassword.class) @RequestBody SysUserDTO sysUserDTO, HttpServletRequest request) throws NoSuchAlgorithmException {
////
////        // 判断不可为超级管理员(首位)
////        Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO);
////        if (!isOnlySuperAdmin) {
////            return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage());
////        }
////
////        // 判断是否为自身重置，自身密码不能重置，只能修改
////        Long self_user_id = httpRequestAspect.getUserId();
////        Long request_user_id = sysUserDTO.getUser_id();
////        if (self_user_id.longValue() == request_user_id) {
////            return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "不能重置自身密码，请在个人设置中修改密码");
////        }
////        return Result.success(sysUserService.resetUserPassword(sysUserDTO), "重置成功");
////    }
//
//
////    @PreAuthorize("@sr.hasPermission('3.2.4')")
////    @QueryNullCheck(serviceClass = SysUserService.class, serviceMethod = "queryUserById", argField = "user_id", message = "用户不存在")
////    @DeleteMapping("/api/system/user/deleteUser")
////    public Result deleteUser(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) {
////
////        // 判断不可为超级管理员(首位)
////        Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO);
////        if (!isOnlySuperAdmin) {
////            return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage());
////        }
////
////        // 判断是否为自身账号
////        Long self_user_id = httpRequestAspect.getUserId();
////        Long request_user_id = sysUserDTO.getUser_id();
////        if (self_user_id.longValue() == request_user_id) {
////            return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "不能删除自身账号");
////        }
////        // 删除操作 (物理删除)
////        return Result.success(sysUserService.deleteUser(sysUserDTO.getUser_id()), "删除成功");
////        // 删除用户 (逻辑删除)
////        // return Result.success(sysUserService.deactivateUser(user_id), "删除成功 (flag)");
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2.5')")
////    @DeleteMapping("/api/system/user/deleteUserBatch")
////    public Result deleteUserBatch(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) {
////
////        // 判断用户ID集合不能出现自身账号 (及超级管理员首位的账号)
////        Long super_user_id = 1L;
////        Long self_user_id = httpRequestAspect.getUserId();
////        List<Long> user_ids = sysUserDTO.getUser_ids();
////        if (user_ids.contains(self_user_id)) {
////            return Result.error(ResultEnum.INTERNAL_ERROR.getCode(), "删除的用户ID中存在自身用户，不可删除，请重新选择");
////        }
////        if (user_ids.contains(super_user_id)) {
////            return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage());
////        }
////
////        // 删除操作 (批量)
////        return Result.success(sysUserService.deleteUserBatch(sysUserDTO.getUser_ids()), "删除成功 (批量)");
////    }
//
////    @PreAuthorize("@sr.hasPermission('3.2.7')")
////    @PostMapping("/api/system/user/kickUser")
////    public Result kickUser(@Validated(SysUserDTO.Delete.class) @RequestBody SysUserDTO sysUserDTO) {
////
////        // 判断不可为超级管理员(首位)
////        Boolean isOnlySuperAdmin = OnlySuperAdmin(sysUserDTO);
////        if (!isOnlySuperAdmin) {
////            return Result.error(ResultEnum.AUTH_USER_ERROR.getCode(), ResultEnum.AUTH_USER_ERROR.getMessage());
////        }
////
////        // 判断是否为自身账号
////        Long self_user_id = httpRequestAspect.getUserId();
////        Long request_user_id = sysUserDTO.getUser_id();
////        if (self_user_id.longValue() == request_user_id) {
////            return Result.error(ResultEnum.DATABASE_OPERATION_FAILED.getCode(), "不能踢除自身账号");
////        }
////
////        return Result.success(sysUserService.kickUser(sysUserDTO.getUser_id()), "操作成功");
////    }
//
//}