diff --git a/common/src/main/java/com/canvas/web/annotation/Limit.java b/common/src/main/java/com/canvas/web/annotation/Limit.java new file mode 100644 index 0000000..80239db --- /dev/null +++ b/common/src/main/java/com/canvas/web/annotation/Limit.java @@ -0,0 +1,32 @@ +package com.canvas.web.annotation; + + +import com.canvas.web.aspect.LimitType; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +@Target(ElementType.METHOD) +@Retention(RetentionPolicy.RUNTIME) +public @interface Limit { + + //资源名称,用于描述资源接口功能 + String name() default ""; + + // 资源 key + String key() default ""; + + // key prefix + String prefix() default ""; + + // 时间的,单位秒 + int period(); + + // 限制访问次数 + int count(); + + // 限制类型 + LimitType limitType() default LimitType.CUSTOMER; +} diff --git a/common/src/main/java/com/canvas/web/aspect/LimitType.java b/common/src/main/java/com/canvas/web/aspect/LimitType.java new file mode 100644 index 0000000..8002e9a --- /dev/null +++ b/common/src/main/java/com/canvas/web/aspect/LimitType.java @@ -0,0 +1,9 @@ +package com.canvas.web.aspect; + +public enum LimitType { + + // 默认 + CUSTOMER, + // by ip addr + IP +} diff --git a/system/src/main/java/com/canvas/web/modules/security/service/UserDetailsServiceImpl.java b/system/src/main/java/com/canvas/web/modules/security/service/UserDetailsServiceImpl.java index 2bc6564..edf9581 100644 --- a/system/src/main/java/com/canvas/web/modules/security/service/UserDetailsServiceImpl.java +++ b/system/src/main/java/com/canvas/web/modules/security/service/UserDetailsServiceImpl.java @@ -66,7 +66,7 @@ public class UserDetailsServiceImpl implements UserDetailsService { } jwtUserDto = new JwtUserDto( user, - dataService.getDeptIds(user), + dataService.getOrgIds(user), roleService.mapToGrantedAuthorities(user) ); userDtoCache.put(phone, jwtUserDto); diff --git a/system/src/main/java/com/canvas/web/modules/system/controller/UserController.java b/system/src/main/java/com/canvas/web/modules/system/controller/UserController.java index 96b52ca..fbf7f1e 100644 --- a/system/src/main/java/com/canvas/web/modules/system/controller/UserController.java +++ b/system/src/main/java/com/canvas/web/modules/system/controller/UserController.java @@ -3,6 +3,7 @@ package com.canvas.web.modules.system.controller; import cn.hutool.core.collection.CollectionUtil; import com.canvas.web.annotation.rest.AnonymousPostMapping; +import com.canvas.web.base.BaseEntity; import com.canvas.web.enums.ResponseEnum; import com.canvas.web.exception.BaseException; import com.canvas.web.modules.system.domain.User; @@ -13,6 +14,7 @@ import com.canvas.web.modules.system.service.dto.OrgDto; import com.canvas.web.modules.system.service.dto.RoleSmallDto; import com.canvas.web.modules.system.service.dto.UserDto; import com.canvas.web.modules.system.service.dto.UserQueryCriteria; +import com.canvas.web.modules.system.service.mapstruct.UserMapper; import com.canvas.web.utils.PageUtil; import com.canvas.web.utils.RedisUtils; import com.canvas.web.utils.Response; @@ -42,6 +44,7 @@ public class UserController { private final RoleService roleService; private final OrgService orgService; private final PasswordEncoder passwordEncoder; + private final UserMapper userMapper; @ApiOperation("新增用户") @PostMapping @@ -58,27 +61,38 @@ public class UserController { public Response query(UserQueryCriteria criteria, Pageable pageable) { //获取当前登录组织机构id Long id = SecurityUtils.getCurrentOrgId(); - if (id != null) { - //加入到查询条件 - criteria.getOrgId().add(id); - return Response.success(userService.queryAll(criteria,pageable)); - } - //判断查询条件是否为空 - if (!ObjectUtils.isEmpty(criteria.getBlurry())) { + //如果当前用户机构不是超级管理员 + if (id != 1L) { + //加入到机构查询条件 + criteria.getOrgIds().add(id); + //如果查询条件不为空就把查询条件带入查询 + if (!ObjectUtils.isEmpty(criteria.getBlurry())) { + return Response.success(userService.queryAll(criteria, pageable)); + } + //返回本机构用户列表 return Response.success(userService.queryAll(criteria, pageable)); } + //返回所有列表 + return Response.success(userService.queryAll(criteria, pageable)); + } - return Response.success(PageUtil.toPage(null, 0)); + @ApiOperation("修改用户") + @PostMapping("edit") + public Response updateUser(@Validated(User.Update.class) @RequestBody UserDto userDto) throws Exception { + User user = userMapper.toEntity(userDto); + checkLevel(user); + userService.update(user); + return Response.success("修改成功"); } //如果当前用户角色级别低于创建用户的角色级别,抛出权限不足 - private void checkLevel() { + private void checkLevel(User user) { Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList())); - //Integer optLevel = roleService.findByRoles(resources.getRoles()); - // if (currentLevel > optLevel){ - throw new BaseException("权限不足"); - // } + Integer optLevel = roleService.findByRoles(user.getRoles()); + if (currentLevel > optLevel) { + throw new BaseException("权限不足"); + } } diff --git a/system/src/main/java/com/canvas/web/modules/system/repository/OrgRepository.java b/system/src/main/java/com/canvas/web/modules/system/repository/OrgRepository.java index 964be33..0b5ac30 100644 --- a/system/src/main/java/com/canvas/web/modules/system/repository/OrgRepository.java +++ b/system/src/main/java/com/canvas/web/modules/system/repository/OrgRepository.java @@ -3,6 +3,13 @@ package com.canvas.web.modules.system.repository; import com.canvas.web.modules.system.domain.Org; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaSpecificationExecutor; +import org.springframework.data.jpa.repository.Query; + +import java.util.Set; public interface OrgRepository extends JpaRepository, JpaSpecificationExecutor { + + @Query(value = "select d.* from sys_org d, sys_roles_org r where " + + "d.id = r.org_id and r.role_id = ?1", nativeQuery = true) + Set findByRoleId(Long roleId); } diff --git a/system/src/main/java/com/canvas/web/modules/system/repository/UserRepository.java b/system/src/main/java/com/canvas/web/modules/system/repository/UserRepository.java index 0b5dc7f..9e2e93d 100644 --- a/system/src/main/java/com/canvas/web/modules/system/repository/UserRepository.java +++ b/system/src/main/java/com/canvas/web/modules/system/repository/UserRepository.java @@ -1,10 +1,13 @@ package com.canvas.web.modules.system.repository; import com.canvas.web.modules.system.domain.User; +import org.springframework.data.domain.Page; +import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaSpecificationExecutor; import org.springframework.data.jpa.repository.Modifying; import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import java.util.Date; import java.util.List; @@ -32,6 +35,13 @@ public interface UserRepository extends JpaRepository, JpaSpecificat void updatePass(String phone, String pass, Date lastPasswordResetTime); + + + //TODO:此方法没有使用,仅限于测试 + @Query(value = "select * from sys_user where org_id=(:orgid)",nativeQuery = true) + Page findByOrgId(@Param("orgid") Long orgid, Pageable pageable); + + /** * 根据角色查询用户 * @param roleId / @@ -42,6 +52,11 @@ public interface UserRepository extends JpaRepository, JpaSpecificat List findByRoleId(Long roleId); + //根据机构id查询 + @Query(value = "select * FROM sys_user WHERE org_id =1 " , nativeQuery = true) + List findByOrgId(Long orgid); + + /** * 根据菜单查询 diff --git a/system/src/main/java/com/canvas/web/modules/system/service/DataService.java b/system/src/main/java/com/canvas/web/modules/system/service/DataService.java index b350995..e09bf9d 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/DataService.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/DataService.java @@ -11,5 +11,5 @@ public interface DataService { * @param user / * @return / */ - List getDeptIds(UserDto user); + List getOrgIds(UserDto user); } diff --git a/system/src/main/java/com/canvas/web/modules/system/service/OrgService.java b/system/src/main/java/com/canvas/web/modules/system/service/OrgService.java index b4662d5..c61f42f 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/OrgService.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/OrgService.java @@ -1,5 +1,6 @@ package com.canvas.web.modules.system.service; +import com.canvas.web.modules.system.domain.Org; import com.canvas.web.modules.system.service.dto.OrgDto; import java.util.Set; @@ -22,7 +23,7 @@ public interface OrgService { void delete(Set orgDtos); //根据角色id查询 - Set findByRoleId(Long id); + Set findByRoleId(Long id); //验证是否被角色或用户关联 void verification(Set orgDtos); diff --git a/system/src/main/java/com/canvas/web/modules/system/service/RoleService.java b/system/src/main/java/com/canvas/web/modules/system/service/RoleService.java index 8d61a6e..5c43a52 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/RoleService.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/RoleService.java @@ -1,5 +1,6 @@ package com.canvas.web.modules.system.service; +import com.canvas.web.modules.system.domain.Org; import com.canvas.web.modules.system.domain.Role; import com.canvas.web.modules.system.service.dto.RoleDto; import com.canvas.web.modules.system.service.dto.RoleQueryCriteria; diff --git a/system/src/main/java/com/canvas/web/modules/system/service/UserService.java b/system/src/main/java/com/canvas/web/modules/system/service/UserService.java index 23dd475..70bedf3 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/UserService.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/UserService.java @@ -16,6 +16,7 @@ public interface UserService { /** * 根据ID查询 + * * @param id ID * @return / */ @@ -23,24 +24,28 @@ public interface UserService { /** * 新增用户 + * * @param resources / */ void create(User resources); /** * 编辑用户 + * * @param resources / */ - // void update(User resources); + void update(User resources) throws Exception; /** * 删除用户 + * * @param ids / */ void delete(Set ids); /** * 根据用户名查询 + * * @param userName / * @return / */ @@ -50,33 +55,38 @@ public interface UserService { UserDto findByPhone(String phone); - /** * 修改密码 - * @param username 用户名 + * + * @param username 用户名 * @param encryptPassword 密码 */ void updatePass(String username, String encryptPassword); /** * 修改头像 + * * @param file 文件 * @return / */ Map updateAvatar(MultipartFile file); - /** * 查询全部 + * * @param criteria 条件 * @param pageable 分页参数 * @return / */ Object queryAll(UserQueryCriteria criteria, Pageable pageable); + //根据机构id查询 + Object queryAll(Long orgid, Pageable pageable); + /** * 查询全部不分页 + * * @param criteria 条件 * @return / */ @@ -84,15 +94,12 @@ public interface UserService { /** * 导出数据 + * * @param queryAll 待导出的数据 * @param response / * @throws IOException / */ void download(List queryAll, HttpServletResponse response) throws IOException; - /** - * 用户自助修改资料 - * @param resources / - */ - // void updateCenter(User resources); + } diff --git a/system/src/main/java/com/canvas/web/modules/system/service/dto/OrgQueryCriteria.java b/system/src/main/java/com/canvas/web/modules/system/service/dto/OrgQueryCriteria.java new file mode 100644 index 0000000..3b818d3 --- /dev/null +++ b/system/src/main/java/com/canvas/web/modules/system/service/dto/OrgQueryCriteria.java @@ -0,0 +1,27 @@ +package com.canvas.web.modules.system.service.dto; + + +import com.canvas.web.annotation.DataPermission; +import com.canvas.web.annotation.Query; +import lombok.Data; + +import java.sql.Timestamp; +import java.util.List; + +@Data +@DataPermission(fieldName = "id") +public class OrgQueryCriteria { + + @Query(type = Query.Type.INNER_LIKE) + private String name; + + @Query + private Boolean enabled; + + @Query + private Long pid; + + + @Query(type = Query.Type.BETWEEN) + private List createTime; +} diff --git a/system/src/main/java/com/canvas/web/modules/system/service/dto/RoleDto.java b/system/src/main/java/com/canvas/web/modules/system/service/dto/RoleDto.java index 9ae4648..e4b6f50 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/dto/RoleDto.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/dto/RoleDto.java @@ -24,7 +24,6 @@ public class RoleDto extends BaseDTO implements Serializable { @NotBlank(message = "角色名称不能为空") private String name; - @JsonProperty("data_scope") private String dataScope; private Integer level; diff --git a/system/src/main/java/com/canvas/web/modules/system/service/dto/UserQueryCriteria.java b/system/src/main/java/com/canvas/web/modules/system/service/dto/UserQueryCriteria.java index e596b8c..aabe988 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/dto/UserQueryCriteria.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/dto/UserQueryCriteria.java @@ -22,8 +22,10 @@ public class UserQueryCriteria implements Serializable { @Query private Boolean enabled; - @Query(propName = "id",type = Query.Type.IN,joinName = "org") - private Set OrgId =new HashSet<>(); + @Query(propName = "id", type = Query.Type.IN, joinName = "org") + private Set OrgIds = new HashSet<>(); + + private Long orgId; @Query(type = Query.Type.BETWEEN) private List createTime; diff --git a/system/src/main/java/com/canvas/web/modules/system/service/impl/DataServiceImpl.java b/system/src/main/java/com/canvas/web/modules/system/service/impl/DataServiceImpl.java index 3e24501..61250ae 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/impl/DataServiceImpl.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/impl/DataServiceImpl.java @@ -1,20 +1,56 @@ package com.canvas.web.modules.system.service.impl; +import com.canvas.web.enums.DataScopeEnum; +import com.canvas.web.modules.system.domain.Org; import com.canvas.web.modules.system.service.DataService; +import com.canvas.web.modules.system.service.RoleService; +import com.canvas.web.modules.system.service.dto.OrgDto; +import com.canvas.web.modules.system.service.dto.RoleSmallDto; import com.canvas.web.modules.system.service.dto.UserDto; import lombok.RequiredArgsConstructor; import org.springframework.cache.annotation.CacheConfig; import org.springframework.stereotype.Service; -import java.util.List; +import java.util.*; @Service @RequiredArgsConstructor @CacheConfig(cacheNames = "data") public class DataServiceImpl implements DataService { + + private final RoleService roleService; + private final OrgServiceImpl orgService; + @Override - public List getDeptIds(UserDto user) { - return null; + public List getOrgIds(UserDto user) { + //用于存储机构id + Set orgIds = new HashSet<>(); + //查询用户角色 + List roleSmallDtos = roleService.findByUsersId(user.getId()); + for (RoleSmallDto role : roleSmallDtos) { + DataScopeEnum dataScopeEnum = DataScopeEnum.find(role.getDataScope()); + switch (Objects.requireNonNull(dataScopeEnum)){ + case THIS_LEVEL: + orgIds.add(user.getOrg().getId()); + break; + case CUSTOMIZE: + orgIds.addAll(getCustomize(orgIds,role)); + break; + default: + return new ArrayList<>(orgIds); + } + } + return new ArrayList<>(orgIds); + } + + public Set getCustomize(Set orgIds,RoleSmallDto role){ + + Set orgs=orgService.findByRoleId(role.getId()); + for (Org org : orgs){ + orgIds.add(org.getId()); + } + return orgIds; } + } diff --git a/system/src/main/java/com/canvas/web/modules/system/service/impl/OrgServiceImpl.java b/system/src/main/java/com/canvas/web/modules/system/service/impl/OrgServiceImpl.java index b180b71..1249b81 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/impl/OrgServiceImpl.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/impl/OrgServiceImpl.java @@ -1,5 +1,6 @@ package com.canvas.web.modules.system.service.impl; +import com.canvas.web.modules.system.domain.Org; import com.canvas.web.modules.system.repository.OrgRepository; import com.canvas.web.modules.system.repository.RoleRepository; import com.canvas.web.modules.system.repository.UserRepository; @@ -47,10 +48,11 @@ public class OrgServiceImpl implements OrgService { } @Override - public Set findByRoleId(Long id) { - return null; + public Set findByRoleId(Long id) { + return orgRepository.findByRoleId(id); } + @Override public void verification(Set orgDtos) { diff --git a/system/src/main/java/com/canvas/web/modules/system/service/impl/UserServiceImpl.java b/system/src/main/java/com/canvas/web/modules/system/service/impl/UserServiceImpl.java index 81722d5..c37f986 100644 --- a/system/src/main/java/com/canvas/web/modules/system/service/impl/UserServiceImpl.java +++ b/system/src/main/java/com/canvas/web/modules/system/service/impl/UserServiceImpl.java @@ -19,6 +19,7 @@ import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import org.springframework.validation.annotation.Validated; import org.springframework.web.multipart.MultipartFile; import javax.persistence.EntityExistsException; @@ -30,7 +31,7 @@ import java.util.stream.Collectors; @Service @RequiredArgsConstructor @CacheConfig(cacheNames = "user") -public class UserServiceImpl implements UserService{ +public class UserServiceImpl implements UserService { private final UserRepository userRepository; @@ -41,7 +42,6 @@ public class UserServiceImpl implements UserService{ private final RoleService roleService; - @Override public UserDto findById(long id) { User user = userRepository.findById(id).orElseGet(User::new); @@ -50,7 +50,6 @@ public class UserServiceImpl implements UserService{ } - //创建用户 @Override public void create(User resources) { if (userRepository.findByUsername(resources.getUsername()) != null) { @@ -62,6 +61,38 @@ public class UserServiceImpl implements UserService{ userRepository.save(resources); } + @Override + public void update(User resources) throws Exception { + User user = userRepository.findById(resources.getId()).orElseGet(User::new); + ValidationUtil.isNull(user.getId(), "User", "id", resources.getId()); + User user1 = userRepository.findByUsername(resources.getUsername()); + User user2 = userRepository.findByPhone(resources.getPhone()); + if (user1 != null && user.getId().equals(user1.getId())) { + throw new BaseException("username", resources.getUsername()); + } + if (user2 != null && !user.getId().equals(user2.getId())) { + throw new BaseException("phone", resources.getPhone()); + } + //如果用户的角色改变 + if (!resources.getRoles().equals(user.getRoles())){ + redisUtils.del(CacheKey.DATA_USER +resources.getId()); + redisUtils.del(CacheKey.MENU_USER + resources.getId()); + redisUtils.del(CacheKey.ROLE_AUTH + resources.getId()); + } + + user.setUsername(resources.getUsername()); + user.setPassword(resources.getPassword()); + user.setEmail(resources.getEmail()); + user.setAvatarName(resources.getAvatarName()); + user.setGender(resources.getGender()); + user.setNickName(resources.getNickName()); + user.setRoles(resources.getRoles()); + user.setOrg(resources.getOrg()); + userRepository.save(user); + //清除缓存 + delCaches(user.getId(),user.getUsername()); + } + @Override public void delete(Set ids) { @@ -81,10 +112,10 @@ public class UserServiceImpl implements UserService{ @Override public UserDto findByPhone(String phone) { - User user=userRepository.findByPhone(phone); - if (user ==null){ - return null; - }else { + User user = userRepository.findByPhone(phone); + if (user == null) { + return null; + } else { return userMapper.toDto(user); } } @@ -92,7 +123,7 @@ public class UserServiceImpl implements UserService{ @Override @Transactional(rollbackFor = Exception.class) public void updatePass(String phone, String encryptPassword) { - userRepository.updatePass(phone,encryptPassword,new Date()); + userRepository.updatePass(phone, encryptPassword, new Date()); } @Override @@ -106,6 +137,12 @@ public class UserServiceImpl implements UserService{ public Object queryAll(UserQueryCriteria criteria, Pageable pageable) { Page page = userRepository.findAll((root, criteriaQuery, criteriaBuilder) -> QueryHelp.getPredicate(root, criteria, criteriaBuilder), pageable); return PageUtil.toPage(page.map(userMapper::toDto)); + + } + + @Override + public Object queryAll(Long orgid, Pageable pageable) { + return userRepository.findByOrgId(orgid); } @Override @@ -119,17 +156,15 @@ public class UserServiceImpl implements UserService{ } - /** - * 如果当前用户的角色级别低于创建用户的角色级别,则抛出权限错误 - * @param resources - */ - private void checkLevel(User resources) { - Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList())); - Integer optLevel = roleService.findByRoles(resources.getRoles()); - if (currentLevel > optLevel) { - throw new BaseException("角色权限不足"); - } + //清理缓存 + public void delCaches(Long id, String username) { + redisUtils.del(CacheKey.USER_ID + id); + flushCache(username); } + //清理登录时用户缓存信息 + public void flushCache(String username) { + userCacheClean.cleanUserCache(username); + } }