From 9639c096baaac61e28b23b43e6df0e3993a218ab Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期五, 27 五月 2022 17:50:49 +0800
Subject: [PATCH] 用户列表查询不显示密码字段
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java | 84 ++++++++++++++++++++++++++++++------------
1 files changed, 60 insertions(+), 24 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
index 37d6a4d..60d9de0 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@@ -2,6 +2,8 @@
import java.util.List;
import java.util.stream.Collectors;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
@@ -20,14 +22,11 @@
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
-import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.system.service.ISysPostService;
import com.ruoyi.system.service.ISysRoleService;
import com.ruoyi.system.service.ISysUserService;
@@ -50,9 +49,6 @@
@Autowired
private ISysPostService postService;
- @Autowired
- private TokenService tokenService;
-
/**
* 鑾峰彇鐢ㄦ埛鍒楄〃
*/
@@ -67,12 +63,12 @@
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.EXPORT)
@PreAuthorize("@ss.hasPermi('system:user:export')")
- @GetMapping("/export")
- public AjaxResult export(SysUser user)
+ @PostMapping("/export")
+ public void export(HttpServletResponse response, SysUser user)
{
List<SysUser> list = userService.selectUserList(user);
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
- return util.exportExcel(list, "鐢ㄦ埛鏁版嵁");
+ util.exportExcel(response, list, "鐢ㄦ埛鏁版嵁");
}
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.IMPORT)
@@ -82,17 +78,16 @@
{
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
List<SysUser> userList = util.importExcel(file.getInputStream());
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- String operName = loginUser.getUsername();
+ String operName = getUsername();
String message = userService.importUser(userList, updateSupport, operName);
return AjaxResult.success(message);
}
- @GetMapping("/importTemplate")
- public AjaxResult importTemplate()
+ @PostMapping("/importTemplate")
+ public void importTemplate(HttpServletResponse response)
{
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
- return util.importTemplateExcel("鐢ㄦ埛鏁版嵁");
+ util.importTemplateExcel(response, "鐢ㄦ埛鏁版嵁");
}
/**
@@ -102,15 +97,17 @@
@GetMapping(value = { "/", "/{userId}" })
public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
{
+ userService.checkUserDataScope(userId);
AjaxResult ajax = AjaxResult.success();
List<SysRole> roles = roleService.selectRoleAll();
ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
ajax.put("posts", postService.selectPostAll());
if (StringUtils.isNotNull(userId))
{
- ajax.put(AjaxResult.DATA_TAG, userService.selectUserById(userId));
+ SysUser sysUser = userService.selectUserById(userId);
+ ajax.put(AjaxResult.DATA_TAG, sysUser);
ajax.put("postIds", postService.selectPostListByUserId(userId));
- ajax.put("roleIds", roleService.selectRoleListByUserId(userId));
+ ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
}
return ajax;
}
@@ -127,15 +124,17 @@
{
return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岀櫥褰曡处鍙峰凡瀛樺湪");
}
- else if (UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
+ else if (StringUtils.isNotEmpty(user.getPhonenumber())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{
return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
}
- else if (UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
+ else if (StringUtils.isNotEmpty(user.getEmail())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
{
return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
- user.setCreateBy(SecurityUtils.getUsername());
+ user.setCreateBy(getUsername());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
return toAjax(userService.insertUser(user));
}
@@ -149,15 +148,18 @@
public AjaxResult edit(@Validated @RequestBody SysUser user)
{
userService.checkUserAllowed(user);
- if (UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
+ userService.checkUserDataScope(user.getUserId());
+ if (StringUtils.isNotEmpty(user.getPhonenumber())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{
return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
}
- else if (UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
+ else if (StringUtils.isNotEmpty(user.getEmail())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
{
return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
- user.setUpdateBy(SecurityUtils.getUsername());
+ user.setUpdateBy(getUsername());
return toAjax(userService.updateUser(user));
}
@@ -169,6 +171,10 @@
@DeleteMapping("/{userIds}")
public AjaxResult remove(@PathVariable Long[] userIds)
{
+ if (ArrayUtils.contains(userIds, getUserId()))
+ {
+ return error("褰撳墠鐢ㄦ埛涓嶈兘鍒犻櫎");
+ }
return toAjax(userService.deleteUserByIds(userIds));
}
@@ -181,8 +187,9 @@
public AjaxResult resetPwd(@RequestBody SysUser user)
{
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
- user.setUpdateBy(SecurityUtils.getUsername());
+ user.setUpdateBy(getUsername());
return toAjax(userService.resetPwd(user));
}
@@ -195,7 +202,36 @@
public AjaxResult changeStatus(@RequestBody SysUser user)
{
userService.checkUserAllowed(user);
- user.setUpdateBy(SecurityUtils.getUsername());
+ userService.checkUserDataScope(user.getUserId());
+ user.setUpdateBy(getUsername());
return toAjax(userService.updateUserStatus(user));
}
+
+ /**
+ * 鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇鎺堟潈瑙掕壊
+ */
+ @PreAuthorize("@ss.hasPermi('system:user:query')")
+ @GetMapping("/authRole/{userId}")
+ public AjaxResult authRole(@PathVariable("userId") Long userId)
+ {
+ AjaxResult ajax = AjaxResult.success();
+ SysUser user = userService.selectUserById(userId);
+ List<SysRole> roles = roleService.selectRolesByUserId(userId);
+ ajax.put("user", user);
+ ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+ return ajax;
+ }
+
+ /**
+ * 鐢ㄦ埛鎺堟潈瑙掕壊
+ */
+ @PreAuthorize("@ss.hasPermi('system:user:edit')")
+ @Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.GRANT)
+ @PutMapping("/authRole")
+ public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
+ {
+ userService.checkUserDataScope(userId);
+ userService.insertUserAuth(userId, roleIds);
+ return success();
+ }
}
--
Gitblit v1.9.3