From 09dfb25d735d26e08b81307515ec32708016da33 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期二, 07 十二月 2021 12:20:21 +0800
Subject: [PATCH] update 修改 健康检查权限 改为用户放行 提高安全性
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java | 37 +++++++++++++++++--------------------
1 files changed, 17 insertions(+), 20 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
index 77c8e36..c517b5d 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@@ -7,23 +7,23 @@
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.PageQuery;
import com.ruoyi.common.core.domain.entity.SysDept;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
+import com.ruoyi.common.excel.ExcelResult;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.system.domain.vo.SysUserExportVo;
import com.ruoyi.system.domain.vo.SysUserImportVo;
+import com.ruoyi.system.listener.SysUserImportListener;
import com.ruoyi.system.service.ISysPostService;
import com.ruoyi.system.service.ISysRoleService;
import com.ruoyi.system.service.ISysUserService;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiImplicitParam;
-import io.swagger.annotations.ApiImplicitParams;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.*;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
@@ -60,14 +60,14 @@
@ApiOperation("鑾峰彇鐢ㄦ埛鍒楄〃")
@PreAuthorize("@ss.hasPermi('system:user:list')")
@GetMapping("/list")
- public TableDataInfo<SysUser> list(SysUser user) {
- return userService.selectPageUserList(user);
+ public TableDataInfo<SysUser> list(SysUser user, PageQuery pageQuery) {
+ return userService.selectPageUserList(user, pageQuery);
}
@ApiOperation("瀵煎嚭鐢ㄦ埛鍒楄〃")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.EXPORT)
@PreAuthorize("@ss.hasPermi('system:user:export')")
- @GetMapping("/export")
+ @PostMapping("/export")
public void export(SysUser user, HttpServletResponse response) {
List<SysUser> list = userService.selectUserList(user);
List<SysUserExportVo> listVo = BeanUtil.copyToList(list, SysUserExportVo.class);
@@ -90,15 +90,12 @@
@PreAuthorize("@ss.hasPermi('system:user:import')")
@PostMapping("/importData")
public AjaxResult<Void> importData(@RequestPart("file") MultipartFile file, boolean updateSupport) throws Exception {
- List<SysUserImportVo> userListVo = ExcelUtil.importExcel(file.getInputStream(), SysUserImportVo.class);
- List<SysUser> userList = BeanUtil.copyToList(userListVo, SysUser.class);
- String operName = getUsername();
- String message = userService.importUser(userList, updateSupport, operName);
- return AjaxResult.success(message);
+ ExcelResult<SysUserImportVo> result = ExcelUtil.importExcel(file.getInputStream(), SysUserImportVo.class, new SysUserImportListener(updateSupport));
+ return AjaxResult.success(result.getAnalysis());
}
@ApiOperation("涓嬭浇瀵煎叆妯℃澘")
- @GetMapping("/importTemplate")
+ @PostMapping("/importTemplate")
public void importTemplate(HttpServletResponse response) {
ExcelUtil.exportExcel(new ArrayList<>(), "鐢ㄦ埛鏁版嵁", SysUserImportVo.class, response);
}
@@ -109,7 +106,7 @@
@ApiOperation("鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇璇︾粏淇℃伅")
@PreAuthorize("@ss.hasPermi('system:user:query')")
@GetMapping(value = {"/", "/{userId}"})
- public AjaxResult<Map<String, Object>> getInfo(@PathVariable(value = "userId", required = false) Long userId) {
+ public AjaxResult<Map<String, Object>> getInfo(@ApiParam("鐢ㄦ埛ID") @PathVariable(value = "userId", required = false) Long userId) {
userService.checkUserDataScope(userId);
Map<String, Object> ajax = new HashMap<>();
List<SysRole> roles = roleService.selectRoleAll();
@@ -140,7 +137,6 @@
&& UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
- user.setCreateBy(getUsername());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
return toAjax(userService.insertUser(user));
}
@@ -161,7 +157,6 @@
&& UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
- user.setUpdateBy(getUsername());
return toAjax(userService.updateUser(user));
}
@@ -172,7 +167,7 @@
@PreAuthorize("@ss.hasPermi('system:user:remove')")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.DELETE)
@DeleteMapping("/{userIds}")
- public AjaxResult<Void> remove(@PathVariable Long[] userIds) {
+ public AjaxResult<Void> remove(@ApiParam("瑙掕壊ID涓�") @PathVariable Long[] userIds) {
if (ArrayUtil.contains(userIds, getUserId())) {
return error("褰撳墠鐢ㄦ埛涓嶈兘鍒犻櫎");
}
@@ -189,7 +184,6 @@
public AjaxResult<Void> resetPwd(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
- user.setUpdateBy(getUsername());
return toAjax(userService.resetPwd(user));
}
@@ -202,7 +196,6 @@
@PutMapping("/changeStatus")
public AjaxResult<Void> changeStatus(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
- user.setUpdateBy(getUsername());
return toAjax(userService.updateUserStatus(user));
}
@@ -212,7 +205,7 @@
@ApiOperation("鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇鎺堟潈瑙掕壊")
@PreAuthorize("@ss.hasPermi('system:user:query')")
@GetMapping("/authRole/{userId}")
- public AjaxResult<Map<String, Object>> authRole(@PathVariable("userId") Long userId) {
+ public AjaxResult<Map<String, Object>> authRole(@ApiParam("鐢ㄦ埛ID") @PathVariable("userId") Long userId) {
SysUser user = userService.selectUserById(userId);
List<SysRole> roles = roleService.selectRolesByUserId(userId);
Map<String, Object> ajax = new HashMap<>();
@@ -225,6 +218,10 @@
* 鐢ㄦ埛鎺堟潈瑙掕壊
*/
@ApiOperation("鐢ㄦ埛鎺堟潈瑙掕壊")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "userId", value = "鐢ㄦ埛Id", paramType = "query", dataTypeClass = String.class),
+ @ApiImplicitParam(name = "roleIds", value = "瑙掕壊ID涓�", paramType = "query", dataTypeClass = String.class)
+ })
@PreAuthorize("@ss.hasPermi('system:user:edit')")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.GRANT)
@PutMapping("/authRole")
--
Gitblit v1.9.3