新增菜单，部门 工作 角色控制器接口

system/src/main/java/com/storeroom/modules/system/controller/DeptController.java

@@ -0,0 +1,100 @@
+package com.storeroom.modules.system.controller;
+
+
+import cn.hutool.core.collection.CollectionUtil;
+import com.storeroom.exception.BaseException;
+import com.storeroom.exception.constant.ResponseStatus;
+import com.storeroom.modules.system.domain.Dept;
+import com.storeroom.modules.system.service.DeptService;
+import com.storeroom.modules.system.service.dto.DeptDto;
+import com.storeroom.modules.system.service.dto.DeptQueryCriteria;
+import com.storeroom.utils.ApiResponse;
+import com.storeroom.utils.PageUtil;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletResponse;
+import java.util.*;
+
+@RestController
+@RequiredArgsConstructor
+@Api(tags = "系统：部门管理")
+@RequestMapping("/api/dept")
+public class DeptController {
+
+    private final DeptService deptService;
+    private static final String ENTITY_NAME = "dept";
+
+    @ApiOperation("导出部门数据")
+    @GetMapping(value = "/download")
+    //@PreAuthorize("@el.check('dept:list')")
+    public void exportDept(HttpServletResponse response, DeptQueryCriteria criteria) throws Exception {
+        deptService.download(deptService.queryAll(criteria, false), response);
+    }
+
+    @ApiOperation("查询部门")
+    @GetMapping
+    //@PreAuthorize("@el.check('user:list','dept:list')")
+    public ApiResponse<Object> queryDept(DeptQueryCriteria criteria) throws Exception {
+        List<DeptDto> deptDtos = deptService.queryAll(criteria, true);
+        return ApiResponse.success(PageUtil.toPage(deptDtos, deptDtos.size()));
+    }
+
+    @ApiOperation("查询部门:根据ID获取同级与上级数据")
+    @PostMapping("/superior")
+    //@PreAuthorize("@el.check('user:list','dept:list')")
+    public ApiResponse<Object> getDeptSuperior(@RequestBody List<Long> ids) {
+        Set<DeptDto> deptDtos  = new LinkedHashSet<>();
+        for (Long id : ids) {
+            DeptDto deptDto = deptService.findById(id);
+            List<DeptDto> depts = deptService.getSuperior(deptDto, new ArrayList<>());
+            deptDtos.addAll(depts);
+        }
+        return ApiResponse.success(deptService.buildTree(new ArrayList<>(deptDtos)));
+    }
+
+    //@Log("新增部门")
+    @ApiOperation("新增部门")
+    @PostMapping
+    //@PreAuthorize("@el.check('dept:add')")
+    public ApiResponse<Object> createDept(@Validated @RequestBody Dept resources){
+        if (resources.getId() != null) {
+            throw new  BaseException("A new "+ ENTITY_NAME +" cannot already have an ID");
+        }
+        deptService.create(resources);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+
+    //@Log("修改部门")
+    @ApiOperation("修改部门")
+    @PutMapping
+    //@PreAuthorize("@el.check('dept:edit')")
+    public ApiResponse<Object> updateDept(@Validated(Dept.Update.class) @RequestBody Dept resources){
+        deptService.update(resources);
+        return ApiResponse.success(HttpStatus.NO_CONTENT);
+    }
+
+    //@Log("删除部门")
+    @ApiOperation("删除部门")
+    @DeleteMapping
+    //@PreAuthorize("@el.check('dept:del')")
+    public ApiResponse<Object> deleteDept(@RequestBody Set<Long> ids){
+        Set<DeptDto> deptDtos = new HashSet<>();
+        for (Long id : ids) {
+            List<Dept> deptList = deptService.findByPid(id);
+            deptDtos.add(deptService.findById(id));
+            if(CollectionUtil.isNotEmpty(deptList)){
+                deptDtos = deptService.getDeleteDepts(deptList, deptDtos);
+            }
+        }
+        // 验证是否被角色或用户关联
+        deptService.verification(deptDtos);
+        deptService.delete(deptDtos);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+}

system/src/main/java/com/storeroom/modules/system/controller/DictController.java

@@ -0,0 +1,81 @@
+package com.storeroom.modules.system.controller;
+
+
+import com.storeroom.exception.BaseException;
+import com.storeroom.exception.constant.ResponseStatus;
+import com.storeroom.modules.system.domain.Dict;
+import com.storeroom.modules.system.service.DictService;
+import com.storeroom.modules.system.service.dto.DictQueryCriteria;
+import com.storeroom.utils.ApiResponse;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.RequiredArgsConstructor;
+import org.springframework.data.domain.Pageable;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Set;
+
+@RestController
+@RequiredArgsConstructor
+@Api(tags = "系统：字典管理")
+@RequestMapping("/api/dict")
+public class DictController {
+
+    private final DictService dictService;
+    private static final String ENTITY_NAME = "dict";
+
+    @ApiOperation("导出字典数据")
+    @GetMapping(value = "/download")
+    //@PreAuthorize("@el.check('dict:list')")
+    public void exportDict(HttpServletResponse response, DictQueryCriteria criteria) throws IOException {
+        dictService.download(dictService.queryAll(criteria), response);
+    }
+
+    @ApiOperation("查询字典")
+    @GetMapping(value = "/all")
+    //@PreAuthorize("@el.check('dict:list')")
+    public ApiResponse<Object> queryAllDict(){
+        return ApiResponse.success(dictService.queryAll(new DictQueryCriteria()));
+    }
+
+    @ApiOperation("查询字典")
+    @GetMapping
+    //@PreAuthorize("@el.check('dict:list')")
+    public ApiResponse<Object> queryDict(DictQueryCriteria resources, Pageable pageable){
+        return ApiResponse.success(dictService.queryAll(resources,pageable));
+    }
+
+    //@Log("新增字典")
+    @ApiOperation("新增字典")
+    @PostMapping
+    //@PreAuthorize("@el.check('dict:add')")
+    public ApiResponse<Object> createDict(@Validated @RequestBody Dict resources){
+        if (resources.getId() != null) {
+            throw new BaseException("A new "+ ENTITY_NAME +" cannot already have an ID");
+        }
+        dictService.create(resources);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+
+    //@Log("修改字典")
+    @ApiOperation("修改字典")
+    @PutMapping
+    //@PreAuthorize("@el.check('dict:edit')")
+    public ApiResponse<Object> updateDict(@Validated(Dict.Update.class) @RequestBody Dict resources){
+        dictService.update(resources);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+
+    //@Log("删除字典")
+    @ApiOperation("删除字典")
+    @DeleteMapping
+    //@PreAuthorize("@el.check('dict:del')")
+    public ApiResponse<Object> deleteDict(@RequestBody Set<Long> ids){
+        dictService.delete(ids);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+}

system/src/main/java/com/storeroom/modules/system/controller/DictDetailController.java

@@ -0,0 +1,83 @@
+package com.storeroom.modules.system.controller;
+
+
+import com.storeroom.exception.BaseException;
+import com.storeroom.exception.constant.ResponseStatus;
+import com.storeroom.modules.system.domain.DictDetail;
+import com.storeroom.modules.system.service.DictDetailService;
+import com.storeroom.modules.system.service.dto.DictDetailDto;
+import com.storeroom.modules.system.service.dto.DictDetailQueryCriteria;
+import com.storeroom.utils.ApiResponse;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.RequiredArgsConstructor;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Sort;
+import org.springframework.data.web.PageableDefault;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@RestController
+@RequiredArgsConstructor
+@Api(tags = "系统：字典详情管理")
+@RequestMapping("/api/dictDetail")
+public class DictDetailController {
+
+    private final DictDetailService dictDetailService;
+    private static final String ENTITY_NAME = "dictDetail";
+
+    @ApiOperation("查询字典详情")
+    @GetMapping
+    public ResponseEntity<Object> queryDictDetail(DictDetailQueryCriteria criteria,
+                                                  @PageableDefault(sort = {"dictSort"}, direction = Sort.Direction.ASC) Pageable pageable){
+        return new ResponseEntity<>(dictDetailService.queryAll(criteria,pageable), HttpStatus.OK);
+    }
+
+    @ApiOperation("查询多个字典详情")
+    @GetMapping(value = "/map")
+    public ResponseEntity<Object> getDictDetailMaps(@RequestParam String dictName){
+        String[] names = dictName.split("[,，]");
+        Map<String, List<DictDetailDto>> dictMap = new HashMap<>(16);
+        for (String name : names) {
+            dictMap.put(name, dictDetailService.getDictByName(name));
+        }
+        return new ResponseEntity<>(dictMap, HttpStatus.OK);
+    }
+
+   // @Log("新增字典详情")
+    @ApiOperation("新增字典详情")
+    @PostMapping
+    //@PreAuthorize("@el.check('dict:add')")
+    public ApiResponse<Object> createDictDetail(@Validated @RequestBody DictDetail resources){
+        if (resources.getId() != null) {
+            throw new BaseException("A new "+ ENTITY_NAME +" cannot already have an ID");
+        }
+        dictDetailService.create(resources);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+
+    //@Log("修改字典详情")
+    @ApiOperation("修改字典详情")
+    @PutMapping
+    //@PreAuthorize("@el.check('dict:edit')")
+    public ApiResponse<Object> updateDictDetail(@Validated(DictDetail.Update.class) @RequestBody DictDetail resources){
+        dictDetailService.update(resources);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+
+   // @Log("删除字典详情")
+    @ApiOperation("删除字典详情")
+    @DeleteMapping(value = "/{id}")
+   // @PreAuthorize("@el.check('dict:del')")
+    public ApiResponse<Object> deleteDictDetail(@PathVariable Long id){
+        dictDetailService.delete(id);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+}

system/src/main/java/com/storeroom/modules/system/controller/MenuController.java

@@ -0,0 +1,129 @@
+package com.storeroom.modules.system.controller;
+
+
+import cn.hutool.core.collection.CollectionUtil;
+import com.storeroom.exception.BaseException;
+import com.storeroom.exception.constant.ResponseStatus;
+import com.storeroom.modules.system.domain.Menu;
+import com.storeroom.modules.system.service.MenuService;
+import com.storeroom.modules.system.service.dto.MenuDto;
+import com.storeroom.modules.system.service.dto.MenuQueryCriteria;
+import com.storeroom.modules.system.service.mapstruct.MenuMapper;
+import com.storeroom.utils.ApiResponse;
+import com.storeroom.utils.PageUtil;
+import com.storeroom.utils.SecurityUtils;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletResponse;
+import java.util.*;
+import java.util.stream.Collectors;
+
+@RestController
+@RequiredArgsConstructor
+@Api(tags = "系统：菜单管理")
+@RequestMapping("/api/menus")
+public class MenuController {
+
+    private final MenuService menuService;
+    private final MenuMapper menuMapper;
+    private static final String ENTITY_NAME = "menu";
+
+    @ApiOperation("导出菜单数据")
+    @GetMapping(value = "/download")
+    //@PreAuthorize("@el.check('menu:list')")
+    public void exportMenu(HttpServletResponse response, MenuQueryCriteria criteria) throws Exception {
+        menuService.download(menuService.queryAll(criteria, false), response);
+    }
+
+    @GetMapping(value = "/build")
+    @ApiOperation("获取前端所需菜单")
+    public ApiResponse<Object> buildMenus(){
+        List<MenuDto> menuDtoList = menuService.findByUser(SecurityUtils.getCurrentUserId());
+        List<MenuDto> menuDtos = menuService.buildTree(menuDtoList);
+        return ApiResponse.success(menuService.buildMenus(menuDtos));
+    }
+
+    @ApiOperation("返回全部的菜单")
+    @GetMapping(value = "/lazy")
+    //@PreAuthorize("@el.check('menu:list','roles:list')")
+    public ApiResponse<Object> queryAllMenu(@RequestParam Long pid){
+        return ApiResponse.success(menuService.getMenus(pid));
+    }
+
+    @ApiOperation("根据菜单ID返回所有子节点ID，包含自身ID")
+    @GetMapping(value = "/child")
+   // @PreAuthorize("@el.check('menu:list','roles:list')")
+    public ApiResponse<Object> childMenu(@RequestParam Long id){
+        Set<Menu> menuSet = new HashSet<>();
+        List<MenuDto> menuList = menuService.getMenus(id);
+        menuSet.add(menuService.findOne(id));
+        menuSet = menuService.getChildMenus(menuMapper.toEntity(menuList), menuSet);
+        Set<Long> ids = menuSet.stream().map(Menu::getId).collect(Collectors.toSet());
+        return ApiResponse.success(ids);
+    }
+
+    @GetMapping
+    @ApiOperation("查询菜单")
+    //@PreAuthorize("@el.check('menu:list')")
+    public ApiResponse<Object> queryMenu(MenuQueryCriteria criteria) throws Exception {
+        List<MenuDto> menuDtoList = menuService.queryAll(criteria, true);
+        return ApiResponse.success(PageUtil.toPage(menuDtoList, menuDtoList.size()));
+    }
+
+    @ApiOperation("查询菜单:根据ID获取同级与上级数据")
+    @PostMapping("/superior")
+   // @PreAuthorize("@el.check('menu:list')")
+    public ApiResponse<Object> getMenuSuperior(@RequestBody List<Long> ids) {
+        Set<MenuDto> menuDtos = new LinkedHashSet<>();
+        if(CollectionUtil.isNotEmpty(ids)){
+            for (Long id : ids) {
+                MenuDto menuDto = menuService.findById(id);
+                menuDtos.addAll(menuService.getSuperior(menuDto, new ArrayList<>()));
+            }
+            return ApiResponse.success(menuService.buildTree(new ArrayList<>(menuDtos)));
+        }
+        return ApiResponse.success(menuService.getMenus(null));
+    }
+
+    //@Log("新增菜单")
+    @ApiOperation("新增菜单")
+    @PostMapping
+   // @PreAuthorize("@el.check('menu:add')")
+    public ApiResponse<Object> createMenu(@Validated @RequestBody Menu resources){
+        if (resources.getId() != null) {
+            throw new BaseException("A new "+ ENTITY_NAME +" cannot already have an ID");
+        }
+        menuService.create(resources);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+
+    //@Log("修改菜单")
+    @ApiOperation("修改菜单")
+    @PutMapping
+    //@PreAuthorize("@el.check('menu:edit')")
+    public ApiResponse<Object> updateMenu(@Validated(Menu.Update.class) @RequestBody Menu resources){
+        menuService.update(resources);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
+    }
+
+   // @Log("删除菜单")
+    @ApiOperation("删除菜单")
+    @DeleteMapping
+    //@PreAuthorize("@el.check('menu:del')")
+    public ApiResponse<Object> deleteMenu(@RequestBody Set<Long> ids){
+        Set<Menu> menuSet = new HashSet<>();
+        for (Long id : ids) {
+            List<MenuDto> menuList = menuService.getMenus(id);
+            menuSet.add(menuService.findOne(id));
+            menuSet = menuService.getChildMenus(menuMapper.toEntity(menuList), menuSet);
+        }
+        menuService.delete(menuSet);
+        return ApiResponse.success(HttpStatus.OK);
+    }
+}

system/src/main/java/com/storeroom/modules/system/controller/RoleController.java

@@ -0,0 +1,138 @@
+package com.storeroom.modules.system.controller;
+
+
+import cn.hutool.core.lang.Dict;
+import com.storeroom.exception.BaseException;
+import com.storeroom.modules.system.domain.Role;
+import com.storeroom.modules.system.service.RoleService;
+import com.storeroom.modules.system.service.dto.RoleDto;
+import com.storeroom.modules.system.service.dto.RoleQueryCriteria;
+import com.storeroom.modules.system.service.dto.RoleSmallDto;
+import com.storeroom.utils.ApiResponse;
+import com.storeroom.utils.SecurityUtils;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.RequiredArgsConstructor;
+import org.springframework.data.domain.Pageable;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+
+@RestController
+@RequiredArgsConstructor
+@Api(tags = "系统：角色管理")
+@RequestMapping("/api/roles")
+public class RoleController {
+
+    private final RoleService roleService;
+
+    private static final String ENTITY_NAME="role";
+
+    @ApiOperation("获取单个role")
+    @GetMapping(value = "/{id}")
+    @PreAuthorize("@el.check('roles:list')")
+    public ApiResponse<Object> findRoleById(@PathVariable Long id){
+        return ApiResponse.success(roleService.findById(id));
+    }
+
+    @ApiOperation("导出角色数据")
+    @GetMapping(value = "/download")
+    //@PreAuthorize("@el.check('role:list')")
+    public void exportRole(HttpServletResponse response, RoleQueryCriteria criteria) throws IOException {
+        roleService.download(roleService.queryAll(criteria), response);
+    }
+
+    @ApiOperation("返回全部的角色")
+    @GetMapping(value = "/all")
+    //@PreAuthorize("@el.check('roles:list','user:add','user:edit')")
+    public ApiResponse<Object> queryAllRole(){
+        return ApiResponse.success(roleService.queryAll());
+    }
+
+    @ApiOperation("查询角色")
+    @GetMapping
+    //@PreAuthorize("@el.check('roles:list')")
+    public ApiResponse<Object> queryRole(RoleQueryCriteria criteria, Pageable pageable){
+        return ApiResponse.success(roleService.queryAll(criteria,pageable));
+    }
+
+    @ApiOperation("获取用户级别")
+    @GetMapping(value = "/level")
+    public ApiResponse<Object> getRoleLevel(){
+        return ApiResponse.success(Dict.create().set("level", getLevels(null)));
+    }
+
+   // @Log("新增角色")
+    @ApiOperation("新增角色")
+    @PostMapping
+   // @PreAuthorize("@el.check('roles:add')")
+    public ResponseEntity<Object> createRole(@Validated @RequestBody Role resources){
+        if (resources.getId() != null) {
+            throw new BaseException("A new "+ ENTITY_NAME +" cannot already have an ID");
+        }
+        getLevels(resources.getLevel());
+        roleService.create(resources);
+        return new ResponseEntity<>(HttpStatus.CREATED);
+    }
+
+    //@Log("修改角色")
+    @ApiOperation("修改角色")
+    @PutMapping
+    //@PreAuthorize("@el.check('roles:edit')")
+    public ApiResponse<Object> updateRole(@Validated(Role.Update.class) @RequestBody Role resources){
+        getLevels(resources.getLevel());
+        roleService.update(resources);
+        return ApiResponse.success(HttpStatus.NO_CONTENT);
+    }
+
+    //@Log("修改角色菜单")
+    @ApiOperation("修改角色菜单")
+    @PutMapping(value = "/menu")
+    //@PreAuthorize("@el.check('roles:edit')")
+    public ApiResponse<Object> updateRoleMenu(@RequestBody Role resources){
+        RoleDto role = roleService.findById(resources.getId());
+        getLevels(role.getLevel());
+        roleService.updateMenu(resources,role);
+        return ApiResponse.success(HttpStatus.NO_CONTENT);
+    }
+
+    //@Log("删除角色")
+    @ApiOperation("删除角色")
+    @DeleteMapping
+    //@PreAuthorize("@el.check('roles:del')")
+    public ApiResponse<Object> deleteRole(@RequestBody Set<Long> ids){
+        for (Long id : ids) {
+            RoleDto role = roleService.findById(id);
+            getLevels(role.getLevel());
+        }
+        // 验证是否被用户关联
+        roleService.verification(ids);
+        roleService.delete(ids);
+        return ApiResponse.success(HttpStatus.OK);
+    }
+
+    /**
+     * 获取用户的角色级别
+     * @return /
+     */
+    private int getLevels(Integer level){
+        List<Integer> levels = roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList());
+        int min = Collections.min(levels);
+        if(level != null){
+            if(level < min){
+                throw new BaseException("权限不足，你的角色级别：" + min + "，低于操作的角色级别：" + level);
+            }
+        }
+        return min;
+    }
+}

system/src/main/java/com/storeroom/modules/system/controller/UserController.java

@@ -4,6 +4,7 @@ package com.storeroom.modules.system.controller;
 import cn.hutool.core.collection.CollectionUtil;
 import com.storeroom.config.RsaProperties;
 import com.storeroom.exception.BaseException;
+import com.storeroom.exception.constant.ResponseStatus;
 import com.storeroom.modules.system.domain.Dept;
 import com.storeroom.modules.system.domain.User;
 import com.storeroom.modules.system.domain.vo.UserPassVo;
@@ -14,6 +15,7 @@ import com.storeroom.modules.system.service.UserService;
 import com.storeroom.modules.system.service.dto.RoleSmallDto;
 import com.storeroom.modules.system.service.dto.UserDto;
 import com.storeroom.modules.system.service.dto.UserQueryCriteria;
+import com.storeroom.utils.ApiResponse;
 import com.storeroom.utils.PageUtil;
 import com.storeroom.utils.RsaUtils;
 import com.storeroom.utils.SecurityUtils;
@@ -21,8 +23,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.data.domain.Pageable;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.util.CollectionUtils;
@@ -55,15 +55,15 @@ public class UserController {
 
     @ApiOperation("导出用户数据")
     @GetMapping(value = "/download")
-    @PreAuthorize("@el.check('user:list')")
+   // @PreAuthorize("@el.check('user:list')")
     public void exportUser(HttpServletResponse response, UserQueryCriteria criteria) throws IOException {
         userService.download(userService.queryAll(criteria), response);
     }
 
     @ApiOperation("查询用户")
     @GetMapping
-    @PreAuthorize("@el.check('user:list')")
-    public ResponseEntity<Object> queryUser(UserQueryCriteria criteria, Pageable pageable){
+   // @PreAuthorize("@el.check('user:list')")
+    public ApiResponse<Object> queryUser(UserQueryCriteria criteria, Pageable pageable){
         if (!ObjectUtils.isEmpty(criteria.getDeptId())) {
             criteria.getDeptIds().add(criteria.getDeptId());
             // 先查找是否存在子节点
@@ -78,54 +78,54 @@ public class UserController {
             // 取交集
             criteria.getDeptIds().retainAll(dataScopes);
             if(!CollectionUtil.isEmpty(criteria.getDeptIds())){
-                return new ResponseEntity<>(userService.queryAll(criteria,pageable), HttpStatus.OK);
+                return ApiResponse.success(userService.queryAll(criteria,pageable));
             }
         } else {
             // 否则取并集
             criteria.getDeptIds().addAll(dataScopes);
-            return new ResponseEntity<>(userService.queryAll(criteria,pageable),HttpStatus.OK);
+            return ApiResponse.success(userService.queryAll(criteria,pageable));
         }
-        return new ResponseEntity<>(PageUtil.toPage(null,0),HttpStatus.OK);
+        return ApiResponse.success(PageUtil.toPage(null,0));
     }
 
     //@Log("新增用户")
     @ApiOperation("新增用户")
     @PostMapping
-    @PreAuthorize("@el.check('user:add')")
-    public ResponseEntity<Object> createUser(@Validated @RequestBody User resources){
+    //@PreAuthorize("@el.check('user:add')")
+    public ApiResponse<Object> createUser(@Validated @RequestBody User resources){
         checkLevel(resources);
         // 默认密码 123456
         resources.setPassword(passwordEncoder.encode("123456"));
         userService.create(resources);
-        return new ResponseEntity<>(HttpStatus.CREATED);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
     }
 
     //@Log("修改用户")
     @ApiOperation("修改用户")
     @PutMapping
-    @PreAuthorize("@el.check('user:edit')")
-    public ResponseEntity<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception {
+    //@PreAuthorize("@el.check('user:edit')")
+    public ApiResponse<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception {
         checkLevel(resources);
         userService.update(resources);
-        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
     }
 
     //@Log("修改用户：个人中心")
     @ApiOperation("修改用户：个人中心")
     @PutMapping(value = "center")
-    public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources){
+    public ApiResponse<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources){
         if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
             throw new BaseException("不能修改他人资料");
         }
         userService.updateCenter(resources);
-        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
     }
 
     //@Log("删除用户")
     @ApiOperation("删除用户")
     @DeleteMapping
-    @PreAuthorize("@el.check('user:del')")
-    public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids){
+    //@PreAuthorize("@el.check('user:del')")
+    public ApiResponse<Object> deleteUser(@RequestBody Set<Long> ids){
         for (Long id : ids) {
             Integer currentLevel =  Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
             Integer optLevel =  Collections.min(roleService.findByUsersId(id).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
@@ -134,12 +134,12 @@ public class UserController {
             }
         }
         userService.delete(ids);
-        return new ResponseEntity<>(HttpStatus.OK);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
     }
 
     @ApiOperation("修改密码")
     @PostMapping(value = "/updatePass")
-    public ResponseEntity<Object> updateUserPass(@RequestBody UserPassVo passVo) throws Exception {
+    public ApiResponse<Object> updateUserPass(@RequestBody UserPassVo passVo) throws Exception {
         String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
         String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
         UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
@@ -150,13 +150,13 @@ public class UserController {
             throw new BaseException("新密码不能与旧密码相同");
         }
         userService.updatePass(user.getUsername(),passwordEncoder.encode(newPass));
-        return new ResponseEntity<>(HttpStatus.OK);
+        return ApiResponse.success(ResponseStatus.SUCCESS);
     }
 
     @ApiOperation("修改头像")
     @PostMapping(value = "/updateAvatar")
-    public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar){
-        return new ResponseEntity<>(userService.updateAvatar(avatar), HttpStatus.OK);
+    public ApiResponse<Object> updateUserAvatar(@RequestParam MultipartFile avatar){
+        return ApiResponse.success(userService.updateAvatar(avatar));
     }
 
     //@Log("修改邮箱")