From 4e6f47d50abff5d33f622a641b4534ca3dc28b20 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期日, 22 五月 2022 14:13:53 +0800
Subject: [PATCH] update springboot 2.6.7 => 2.6.8
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java | 94 ++++++++++++++++++++++++----------------------
1 files changed, 49 insertions(+), 45 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
index 5471baa..07553d7 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@@ -1,20 +1,22 @@
package com.ruoyi.web.controller.system;
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.secure.BCrypt;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.ObjectUtil;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.PageQuery;
+import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.domain.entity.SysDept;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.excel.ExcelResult;
-import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.helper.LoginHelper;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.system.domain.vo.SysUserExportVo;
@@ -25,8 +27,6 @@
import com.ruoyi.system.service.ISysUserService;
import io.swagger.annotations.*;
import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@@ -45,7 +45,7 @@
*/
@Validated
@Api(value = "鐢ㄦ埛淇℃伅鎺у埗鍣�", tags = {"鐢ㄦ埛淇℃伅绠$悊"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/user")
public class SysUserController extends BaseController {
@@ -58,7 +58,7 @@
* 鑾峰彇鐢ㄦ埛鍒楄〃
*/
@ApiOperation("鑾峰彇鐢ㄦ埛鍒楄〃")
- @PreAuthorize("@ss.hasPermi('system:user:list')")
+ @SaCheckPermission("system:user:list")
@GetMapping("/list")
public TableDataInfo<SysUser> list(SysUser user, PageQuery pageQuery) {
return userService.selectPageUserList(user, pageQuery);
@@ -66,7 +66,7 @@
@ApiOperation("瀵煎嚭鐢ㄦ埛鍒楄〃")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.EXPORT)
- @PreAuthorize("@ss.hasPermi('system:user:export')")
+ @SaCheckPermission("system:user:export")
@PostMapping("/export")
public void export(SysUser user, HttpServletResponse response) {
List<SysUser> list = userService.selectUserList(user);
@@ -84,14 +84,14 @@
@ApiOperation("瀵煎叆鐢ㄦ埛鍒楄〃")
@ApiImplicitParams({
- @ApiImplicitParam(name = "file", value = "瀵煎叆鏂囦欢", dataType = "java.io.File", required = true),
+ @ApiImplicitParam(name = "file", value = "瀵煎叆鏂囦欢", dataType = "java.io.File", required = true),
})
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.IMPORT)
- @PreAuthorize("@ss.hasPermi('system:user:import')")
+ @SaCheckPermission("system:user:import")
@PostMapping("/importData")
- public AjaxResult<Void> importData(@RequestPart("file") MultipartFile file, boolean updateSupport) throws Exception {
+ public R<Void> importData(@RequestPart("file") MultipartFile file, boolean updateSupport) throws Exception {
ExcelResult<SysUserImportVo> result = ExcelUtil.importExcel(file.getInputStream(), SysUserImportVo.class, new SysUserImportListener(updateSupport));
- return AjaxResult.success(result.getAnalysis());
+ return R.ok(result.getAnalysis());
}
@ApiOperation("涓嬭浇瀵煎叆妯℃澘")
@@ -104,41 +104,41 @@
* 鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇璇︾粏淇℃伅
*/
@ApiOperation("鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇璇︾粏淇℃伅")
- @PreAuthorize("@ss.hasPermi('system:user:query')")
+ @SaCheckPermission("system:user:query")
@GetMapping(value = {"/", "/{userId}"})
- public AjaxResult<Map<String, Object>> getInfo(@ApiParam("鐢ㄦ埛ID") @PathVariable(value = "userId", required = false) Long userId) {
+ public R<Map<String, Object>> getInfo(@ApiParam("鐢ㄦ埛ID") @PathVariable(value = "userId", required = false) Long userId) {
userService.checkUserDataScope(userId);
Map<String, Object> ajax = new HashMap<>();
List<SysRole> roles = roleService.selectRoleAll();
- ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+ ajax.put("roles", LoginHelper.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
ajax.put("posts", postService.selectPostAll());
- if (StringUtils.isNotNull(userId)) {
+ if (ObjectUtil.isNotNull(userId)) {
SysUser sysUser = userService.selectUserById(userId);
ajax.put("user", sysUser);
ajax.put("postIds", postService.selectPostListByUserId(userId));
ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
}
- return AjaxResult.success(ajax);
+ return R.ok(ajax);
}
/**
* 鏂板鐢ㄦ埛
*/
@ApiOperation("鏂板鐢ㄦ埛")
- @PreAuthorize("@ss.hasPermi('system:user:add')")
+ @SaCheckPermission("system:user:add")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.INSERT)
@PostMapping
- public AjaxResult<Void> add(@Validated @RequestBody SysUser user) {
+ public R<Void> add(@Validated @RequestBody SysUser user) {
if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName()))) {
- return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岀櫥褰曡处鍙峰凡瀛樺湪");
+ return R.fail("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岀櫥褰曡处鍙峰凡瀛樺湪");
} else if (StringUtils.isNotEmpty(user.getPhonenumber())
- && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
- return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
+ && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
+ return R.fail("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
} else if (StringUtils.isNotEmpty(user.getEmail())
- && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
- return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
+ && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
+ return R.fail("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
- user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
+ user.setPassword(BCrypt.hashpw(user.getPassword()));
return toAjax(userService.insertUser(user));
}
@@ -146,17 +146,18 @@
* 淇敼鐢ㄦ埛
*/
@ApiOperation("淇敼鐢ㄦ埛")
- @PreAuthorize("@ss.hasPermi('system:user:edit')")
+ @SaCheckPermission("system:user:edit")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.UPDATE)
@PutMapping
- public AjaxResult<Void> edit(@Validated @RequestBody SysUser user) {
+ public R<Void> edit(@Validated @RequestBody SysUser user) {
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
if (StringUtils.isNotEmpty(user.getPhonenumber())
- && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
- return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
+ && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
+ return R.fail("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
} else if (StringUtils.isNotEmpty(user.getEmail())
- && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
- return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
+ && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
+ return R.fail("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
return toAjax(userService.updateUser(user));
}
@@ -165,12 +166,12 @@
* 鍒犻櫎鐢ㄦ埛
*/
@ApiOperation("鍒犻櫎鐢ㄦ埛")
- @PreAuthorize("@ss.hasPermi('system:user:remove')")
+ @SaCheckPermission("system:user:remove")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.DELETE)
@DeleteMapping("/{userIds}")
- public AjaxResult<Void> remove(@ApiParam("瑙掕壊ID涓�") @PathVariable Long[] userIds) {
+ public R<Void> remove(@ApiParam("瑙掕壊ID涓�") @PathVariable Long[] userIds) {
if (ArrayUtil.contains(userIds, getUserId())) {
- return error("褰撳墠鐢ㄦ埛涓嶈兘鍒犻櫎");
+ return R.fail("褰撳墠鐢ㄦ埛涓嶈兘鍒犻櫎");
}
return toAjax(userService.deleteUserByIds(userIds));
}
@@ -179,12 +180,13 @@
* 閲嶇疆瀵嗙爜
*/
@ApiOperation("閲嶇疆瀵嗙爜")
- @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
+ @SaCheckPermission("system:user:resetPwd")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.UPDATE)
@PutMapping("/resetPwd")
- public AjaxResult<Void> resetPwd(@RequestBody SysUser user) {
+ public R<Void> resetPwd(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
- user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
+ userService.checkUserDataScope(user.getUserId());
+ user.setPassword(BCrypt.hashpw(user.getPassword()));
return toAjax(userService.resetPwd(user));
}
@@ -192,11 +194,12 @@
* 鐘舵�佷慨鏀�
*/
@ApiOperation("鐘舵�佷慨鏀�")
- @PreAuthorize("@ss.hasPermi('system:user:edit')")
+ @SaCheckPermission("system:user:edit")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.UPDATE)
@PutMapping("/changeStatus")
- public AjaxResult<Void> changeStatus(@RequestBody SysUser user) {
+ public R<Void> changeStatus(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
return toAjax(userService.updateUserStatus(user));
}
@@ -204,15 +207,15 @@
* 鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇鎺堟潈瑙掕壊
*/
@ApiOperation("鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇鎺堟潈瑙掕壊")
- @PreAuthorize("@ss.hasPermi('system:user:query')")
+ @SaCheckPermission("system:user:query")
@GetMapping("/authRole/{userId}")
- public AjaxResult<Map<String, Object>> authRole(@ApiParam("鐢ㄦ埛ID") @PathVariable("userId") Long userId) {
+ public R<Map<String, Object>> authRole(@ApiParam("鐢ㄦ埛ID") @PathVariable("userId") Long userId) {
SysUser user = userService.selectUserById(userId);
List<SysRole> roles = roleService.selectRolesByUserId(userId);
Map<String, Object> ajax = new HashMap<>();
ajax.put("user", user);
- ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
- return AjaxResult.success(ajax);
+ ajax.put("roles", LoginHelper.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+ return R.ok(ajax);
}
/**
@@ -223,11 +226,12 @@
@ApiImplicitParam(name = "userId", value = "鐢ㄦ埛Id", paramType = "query", dataTypeClass = String.class),
@ApiImplicitParam(name = "roleIds", value = "瑙掕壊ID涓�", paramType = "query", dataTypeClass = String.class)
})
- @PreAuthorize("@ss.hasPermi('system:user:edit')")
+ @SaCheckPermission("system:user:edit")
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.GRANT)
@PutMapping("/authRole")
- public AjaxResult<Void> insertAuthRole(Long userId, Long[] roleIds) {
+ public R<Void> insertAuthRole(Long userId, Long[] roleIds) {
+ userService.checkUserDataScope(userId);
userService.insertUserAuth(userId, roleIds);
- return success();
+ return R.ok();
}
}
--
Gitblit v1.9.3