package com.sandu.ximon.admin.controller;
|
|
import cn.hutool.core.collection.CollectionUtil;
|
import cn.hutool.core.map.MapBuilder;
|
import cn.hutool.core.map.MapUtil;
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
import com.github.pagehelper.PageHelper;
|
import com.sandu.common.domain.ResponseVO;
|
import com.sandu.common.enums.ResponseStatusEnums;
|
import com.sandu.common.execption.BusinessException;
|
import com.sandu.common.object.BaseConditionVO;
|
import com.sandu.common.security.LoginUserInfo;
|
import com.sandu.common.security.annotation.AnonymousAccess;
|
import com.sandu.common.security.config.SecurityProperties;
|
import com.sandu.common.security.token.TokenProvider;
|
import com.sandu.common.util.IpUtil;
|
import com.sandu.common.util.ResponseUtil;
|
import com.sandu.ximon.admin.dto.AdminJwtUser;
|
import com.sandu.ximon.admin.param.AdminLoginParam;
|
import com.sandu.ximon.admin.security.SecurityUtils;
|
import com.sandu.ximon.admin.service.AdminService;
|
import com.sandu.ximon.admin.service.MenuService;
|
import com.sandu.ximon.admin.service.RoleService;
|
import com.sandu.ximon.dao.domain.Admin;
|
import com.sandu.ximon.dao.domain.Menu;
|
import com.sandu.ximon.dao.domain.Role;
|
import com.sandu.ximon.dao.enums.AdministratorEnums;
|
import lombok.AllArgsConstructor;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.web.bind.annotation.*;
|
|
import java.time.LocalDateTime;
|
import java.util.Collections;
|
import java.util.HashMap;
|
import java.util.List;
|
import java.util.Map;
|
import java.util.stream.Collectors;
|
|
/**
|
* @author hupeng
|
* @date 2018-11-23
|
* 授权、根据token获取用户详细信息
|
*/
|
@Slf4j
|
@RestController
|
@AllArgsConstructor
|
@RequestMapping("/v1/admin")
|
public class AdminController {
|
|
private final SecurityProperties properties;
|
private final MenuService menuService;
|
private final PasswordEncoder passwordEncoder;
|
private final AdminService adminService;
|
private final RoleService roleService;
|
private final TokenProvider tokenProvider;
|
|
|
@AnonymousAccess
|
@PostMapping(value = "/login")
|
public ResponseVO<Object> login(@RequestBody AdminLoginParam loginParam) {
|
Admin admin = adminService.getOne(Wrappers.lambdaQuery(Admin.class).eq(Admin::getUsername, loginParam.getUsername()).last("limit 1"));
|
if (admin == null) {
|
return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
|
}
|
if (!passwordEncoder.matches(loginParam.getPassword(), admin.getPassword())) {
|
return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
|
}
|
UserDetails userJwtUser = new AdminJwtUser(admin, roleService.mapToGrantedAuthorities(admin.getId()));
|
if (!userJwtUser.isEnabled()) {
|
return ResponseUtil.error(ResponseStatusEnums.DISABLE_ACCOUNT.getCode(), ResponseStatusEnums.DISABLE_ACCOUNT.getMessage());
|
}
|
|
LoginUserInfo loginUserInfo = new LoginUserInfo();
|
loginUserInfo.setUserId(admin.getId());
|
loginUserInfo.setName(admin.getNickName());
|
loginUserInfo.setAccount(admin.getUsername());
|
loginUserInfo.setStatus(admin.getStatus());
|
loginUserInfo.setIp(IpUtil.getRealIp());
|
loginUserInfo.setAdministratorType(AdministratorEnums.ADMIN.getCode());
|
loginUserInfo.setPermission("tenant");
|
|
|
// 生成令牌
|
String token = tokenProvider.createToken(loginUserInfo);
|
|
// 更新最后登录时间
|
Admin update = new Admin();
|
update.setId(admin.getId());
|
update.setLoginTime(LocalDateTime.now());
|
adminService.updateById(update);
|
|
// 返回 token 与 用户信息
|
Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
|
put("token", properties.getTokenStartWith() + token);
|
put("user", admin);
|
}};
|
return ResponseUtil.success(authInfo);
|
}
|
|
@GetMapping(value = "/info")
|
public ResponseVO<Object> getUserInfo() {
|
Long userId = SecurityUtils.getUserId();
|
Admin admin = adminService.getById(userId);
|
List<Role> roles = roleService.listByAdminId(admin.getId());
|
if(CollectionUtil.isEmpty(roles)){
|
return ResponseUtil.fail("用户没有角色,无法获取数据");
|
}
|
List<Menu> menus = menuService.listByRoleIds(roles.stream().map(Role::getId).collect(Collectors.toList()));
|
MapBuilder<Object, Object> builder = MapUtil.builder().put("admin", admin);
|
if (CollectionUtil.isNotEmpty(menus)) {
|
List<Menu> collect = menus.stream().filter(menu -> menu.getType() == 0 || menu.getType() == 1).collect(Collectors.toList());
|
builder.put("menus", collect);
|
}
|
return ResponseUtil.success(builder.build());
|
}
|
|
@GetMapping(value = "/list")
|
public ResponseVO<Object> listAdmin(BaseConditionVO baseConditionVO, @RequestParam(value = "keyword", required = false) String keyword) {
|
PageHelper.startPage(baseConditionVO.getPageNo(), baseConditionVO.getPageSize());
|
LambdaQueryWrapper<Admin> wrapper = Wrappers.lambdaQuery(Admin.class);
|
if (keyword != null) {
|
wrapper.like(Admin::getNickName, keyword)
|
.or(adminLambdaQueryWrapper -> {
|
adminLambdaQueryWrapper.like(Admin::getUsername, keyword);
|
});
|
}
|
List<Admin> list = adminService.list(wrapper);
|
return ResponseUtil.successPage(list);
|
}
|
|
// @PreAuthorize("@el.check('admin:add')")
|
// @PostMapping("/register")
|
// public ResponseVO<Object> register(@Validated @RequestBody AdminParam adminParam) {
|
// Admin admin = adminService.register(adminParam);
|
// return ResponseUtil.success(admin);
|
// }
|
|
// /**
|
// * 修改管理员信息
|
// *
|
// * @param resources
|
// * @return
|
// */
|
// @PutMapping("/{id}")
|
// @PreAuthorize("@el.check('admin:edit')")
|
// public ResponseVO<Object> update(@RequestBody AdminParam resources, @PathVariable Long id) {
|
// checkLevel(id);
|
// adminService.updateAdmin(id, resources);
|
// return ResponseUtil.success(null);
|
// }
|
//
|
// @PutMapping("/updatePassword")
|
// public ResponseVO<Object> updatePassword(@Validated @RequestBody PwdParam param) {
|
// Long userId = SecurityUtils.getUserId();
|
// adminService.updatePassword(userId, param);
|
// return ResponseUtil.success(null);
|
// }
|
|
// @PutMapping("/updateStatus/{id}")
|
// public ResponseVO<Object> updateStatus(@PathVariable Long id, @RequestParam(value = "status") Integer status) {
|
// checkLevel(id);
|
// Admin update = new Admin();
|
// update.setId(id);
|
// update.setStatus(status);
|
// adminService.updateById(update);
|
// return ResponseUtil.success(null);
|
// }
|
|
// @DeleteMapping("/{id}")
|
// @PreAuthorize("@el.check('admin:del')")
|
// public ResponseVO<Object> delete(@PathVariable Long id) {
|
// checkLevel(id);
|
// adminService.deleteAdmin(id);
|
// return ResponseUtil.success(null);
|
// }
|
|
// /**
|
// * 给管理员分配角色
|
// *
|
// * @return
|
// */
|
// @PostMapping("/updateAdminRole")
|
// @PreAuthorize("@el.check('admin:edit')")
|
// public ResponseVO<Object> updateAdminRole(@RequestParam("adminId") Long adminId,
|
// @RequestParam("roleIds") List<Long> roleIds) {
|
// checkLevel(adminId);
|
// adminsRolesService.updateAdminRole(adminId, roleIds);
|
// return ResponseUtil.success("");
|
// }
|
|
/**
|
* 如果当前用户的角色级别低于创建用户的角色级别,则抛出权限不足的错误
|
*
|
* @param updateId 被操作人的id
|
*/
|
private void checkLevel(Long updateId) {
|
Admin admin = adminService.findByUserName(SecurityUtils.getUsername());
|
// 获取操作者最大权限
|
Integer currentLevel = Collections.min(roleService.listByAdminId(admin.getId()).stream().map(Role::getLevel).collect(Collectors.toList()));
|
// 获取被编辑人的最大权限
|
List<Integer> optList = roleService.listByAdminId(updateId).stream().map(Role::getLevel).collect(Collectors.toList());
|
// 没权限 随便操作
|
if (CollectionUtil.isEmpty(optList)) {
|
return;
|
}
|
Integer optLevel = Collections.min(optList);
|
if (optLevel != null) {
|
if (currentLevel > optLevel) {
|
throw new BusinessException("权限不足,你的角色级别:" + currentLevel + ",低于操作的角色级别:" + optLevel);
|
}
|
}
|
}
|
|
// /**
|
// * 编辑我的信息
|
// *
|
// * @param resources
|
// * @return
|
// */
|
// @PutMapping("/editUserInfo")
|
// public ResponseVO<Object> editUserInfo(@RequestBody AdminParam resources) {
|
// Long userId = SecurityUtils.getUserId();
|
// Admin admin = new Admin();
|
// admin.setId(userId);
|
// admin.setMobile(resources.getMobile());
|
// admin.setEmail(resources.getEmail());
|
// admin.setNickName(resources.getNickName());
|
// adminService.updateById(admin);
|
// return ResponseUtil.success(null);
|
// }
|
|
}
|
