/** * Copyright (c) 2016-2019 人人开源 All rights reserved. * * https://www.renren.io * * 版权所有,侵权必究! */ package com.peanut.modules.sys.controller; import com.peanut.common.annotation.SysLog; import com.peanut.common.utils.Constant; import com.peanut.common.utils.PageUtils; import com.peanut.common.utils.R; import com.peanut.common.validator.Assert; import com.peanut.common.validator.ValidatorUtils; import com.peanut.common.validator.group.AddGroup; import com.peanut.common.validator.group.UpdateGroup; import com.peanut.modules.sys.entity.SysUserEntity; import com.peanut.modules.sys.form.PasswordForm; import com.peanut.modules.sys.service.SysUserRoleService; import com.peanut.modules.sys.service.SysUserService; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.ArrayUtils; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.crypto.hash.Sha256Hash; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; import java.util.List; import java.util.Map; /** * 系统用户 * * @author Mark sunlightcs@gmail.com */ @Slf4j @RestController @RequestMapping("/sys/user") public class SysUserController extends AbstractController { @Autowired private SysUserService sysUserService; @Autowired private SysUserRoleService sysUserRoleService; /** * 所有用户列表 */ @GetMapping("/list") @RequiresPermissions("sys:user:list") public R list(@RequestParam Map params){ //只有超级管理员,才能查看所有管理员列表 // if(getUserId() != Constant.SUPER_ADMIN){ // params.put("createUserId", getUserId()); // } List longs = this.sysUserRoleService.queryRoleIdList(getUserId()); if(!longs.contains(1L)){ params.put("createUserId", getUserId()); } PageUtils page = sysUserService.queryPage(params); return R.ok().put("page", page); } /** * 获取登录的用户信息 */ @GetMapping("/info") public R info(){ return R.ok().put("user", getUser()); } /** * 修改登录用户密码 */ @SysLog("修改密码") @PostMapping("/password") public R password(@RequestBody PasswordForm form){ Assert.isBlank(form.getNewPassword(), "新密码不为能空"); //sha256加密 String password = new Sha256Hash(form.getPassword(), getUser().getSalt()).toHex(); //sha256加密 String newPassword = new Sha256Hash(form.getNewPassword(), getUser().getSalt()).toHex(); //更新密码 boolean flag = sysUserService.updatePassword(getUserId(), password, newPassword); if(!flag){ return R.error("原密码不正确"); } return R.ok(); } /** * 用户信息 */ @GetMapping("/info/{userId}") @RequiresPermissions("sys:user:info") public R info(@PathVariable("userId") Long userId){ SysUserEntity user = sysUserService.getById(userId); //获取用户所属的角色列表 List roleIdList = sysUserRoleService.queryRoleIdList(userId); user.setRoleIdList(roleIdList); return R.ok().put("user", user); } /** * 保存用户 */ @SysLog("保存用户") @PostMapping("/save") @RequiresPermissions("sys:user:save") public R save(@RequestBody SysUserEntity user){ ValidatorUtils.validateEntity(user, AddGroup.class); user.setCreateUserId(getUserId()); sysUserService.saveUser(user); return R.ok(); } /** * 修改用户 */ @SysLog("修改用户") @PostMapping("/update") @RequiresPermissions("sys:user:update") public R update(@RequestBody SysUserEntity user){ ValidatorUtils.validateEntity(user, UpdateGroup.class); user.setCreateUserId(getUserId()); sysUserService.update(user); return R.ok(); } /** * 删除用户 */ @SysLog("删除用户") @PostMapping("/delete") @RequiresPermissions("sys:user:delete") public R delete(@RequestBody Long[] userIds){ if(ArrayUtils.contains(userIds, 1L)){ return R.error("系统管理员不能删除"); } if(ArrayUtils.contains(userIds, getUserId())){ return R.error("当前用户不能删除"); } sysUserService.deleteBatch(userIds); return R.ok(); } }