fix

zhanzhiqin

2022-08-29 bcd9fda2a06e49195b038c18307511caf78bf615

 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java

@@ -1,65 +1,214 @@
package com.sandu.ximon.admin.controller;

import cn.hutool.core.bean.BeanUtil;
import cn.hutool.extra.servlet.ServletUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.github.pagehelper.PageHelper;
import com.sandu.common.domain.ResponseVO;
import com.sandu.common.enums.ResponseStatusEnums;
import com.sandu.common.execption.BusinessException;
import com.sandu.common.log.Log;
import com.sandu.common.object.BaseConditionVO;
import com.sandu.common.security.LoginUserInfo;
import com.sandu.common.security.annotation.AnonymousAccess;
import com.sandu.common.security.config.SecurityProperties;
import com.sandu.common.security.token.TokenProvider;
import com.sandu.common.util.IpUtil;
import com.sandu.common.util.ResponseUtil;
import com.sandu.ximon.admin.context.CustomerInspectContextHolder;
import com.sandu.ximon.admin.param.ClientPrarm;
import com.sandu.ximon.admin.dto.ClientDto;
import com.sandu.ximon.admin.dto.ClientDtoNode;
import com.sandu.ximon.admin.param.AddClientPrarm;
import com.sandu.ximon.admin.param.AdminLoginParam;
import com.sandu.ximon.admin.param.UpdateClientPrarm;
import com.sandu.ximon.admin.param.UserPwsParm;
import com.sandu.ximon.admin.security.PermissionConfig;
import com.sandu.ximon.admin.security.SecurityUtils;
import com.sandu.ximon.admin.service.ClientRoleRelationService;
import com.sandu.ximon.admin.service.ClientService;
import com.sandu.ximon.admin.service.RoleService;
import com.sandu.ximon.admin.utils.RedisUtils;
import com.sandu.ximon.admin.utils.StoreOperationRecordsUtils;
import com.sandu.ximon.dao.domain.Client;
import com.sandu.ximon.dao.domain.ClientRoleRelation;
import com.sandu.ximon.dao.enums.AdministratorEnums;
import com.sandu.ximon.dao.enums.MenuEnum;
import com.sandu.ximon.dao.enums.OrderByEnums;
import eu.bitwalker.useragentutils.Browser;
import eu.bitwalker.useragentutils.OperatingSystem;
import eu.bitwalker.useragentutils.UserAgent;
import lombok.AllArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.util.*;
import java.util.stream.Collectors;

/**
 *客户模块
 * 客户模块
 */
@RestController
@AllArgsConstructor
@RequestMapping("v1/client")
public class ClientController {

    private final SecurityProperties properties;
    private final ClientService clientService;
    private final PasswordEncoder passwordEncoder;
    private final RoleService roleService;
    private final ClientRoleRelationService clientRoleRelationService;
    private final TokenProvider tokenProvider;
    private PermissionConfig permissionConfig;

    @PostMapping("/add")
    public ResponseVO<Object> addClient(@RequestBody ClientPrarm clientPrarm){
        boolean b = clientService.addClient(clientPrarm);
        if(b){
    public ResponseVO<Object> addClient(@RequestBody @Validated AddClientPrarm addClientPrarm) {
        if (!permissionConfig.check(MenuEnum.CLIENT_ADD.getCode())) {
            return ResponseUtil.fail("缺少对应用户权限");
        }
        boolean b = clientService.addClient(addClientPrarm);
        if (b) {
            return ResponseUtil.success("添加成功");
        }else {
        } else {
            return ResponseUtil.fail("添加失败");
        }
    }


    @PostMapping ("/update/{id}")
    public ResponseVO<Object> updateClient(@PathVariable Long id,@RequestBody ClientPrarm clientPrarm){
        boolean b = clientService.updateClient(id,clientPrarm);
        if(b){
    @PostMapping("/update/{id}")
    public ResponseVO<Object> updateClient(@PathVariable Long id, @RequestBody @Validated UpdateClientPrarm updateClientPrarm) {
        if (!permissionConfig.check(MenuEnum.CLIENT_INFO_UPDATE.getCode())) {
            return ResponseUtil.fail("缺少对应用户权限");
        }
        boolean b = clientService.updateClient(id, updateClientPrarm);
        if (b) {
            return ResponseUtil.success("更新成功");
        }else {
        } else {
            return ResponseUtil.fail("更新失败");
        }
    }

    /**
     * 修改普通用户的密码
     */
    @Log("修改普通用户的密码")
    @PostMapping("/updateClientPassword")
    public ResponseVO<Object> updateClientPassword(@Validated @RequestBody UserPwsParm param) {
        boolean result;

        //超管直接修改
        if (SecurityUtils.getUserDetails().getAdministratorType().equals(AdministratorEnums.ADMIN.getCode())) {
            result = clientService.updateAdminPassword(param);
        } else {
            //当前登录账号ID
            Long userId = SecurityUtils.getUserId();
            //要修要密码的用户的上级ID
            Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getId, param.getUserid()));
            //为其下属才能修改
            if (client != null && userId.equals(client.getSuperiorId())) {
                result = clientService.updateAdminPassword(param);
            } else {
                throw new BusinessException("非超级管理员或该用户不是您下属用户，无法修改密码！");
            }
        }

        if (result) {
            return ResponseUtil.success("修改成功");
        } else {
            return ResponseUtil.fail("修改失败");
        }

    }

    @PostMapping("/delete/{id}")
    public ResponseVO<Object> deleteClient(@PathVariable Long id){
    public ResponseVO<Object> deleteClient(@PathVariable Long id) {
        if (!permissionConfig.check(MenuEnum.CLIENT_DELETE.getCode())) {
            return ResponseUtil.fail("缺少对应用户权限");
        }
        boolean b = clientService.deleteClient(id);
        if(b){
        if (b) {
            return ResponseUtil.success("删除成功");
        }else {
        } else {
            return ResponseUtil.fail("删除失败");
        }
    }


    @GetMapping("/list")
    public ResponseVO<Object> listClient(){
        if(AdministratorEnums.CUSTOMER.getCode().equals(SecurityUtils.getAdministratorIdentity())) {
            return ResponseUtil.success(clientService.clientList(SecurityUtils.getUserId()));
            //   }else if("0".equals(SecurityUtils.getAdministratorIdentity())){
        }else {
            return ResponseUtil.success(clientService.list());
    public ResponseVO<Object> listLikeClient(@RequestParam(value = "keyword", required = false) String keyword,
                                             @RequestParam(value = "order", required = false) Integer order,
                                             @RequestParam(value = "seq", required = false) Integer seq) {
        if (!permissionConfig.check(MenuEnum.CLIENT_LIST.getCode())) {
            return ResponseUtil.fail("缺少对应用户权限");
        }
        List<ClientDtoNode> clientDtoNodes = clientService.listLikeClient(keyword, order, seq);

        return ResponseUtil.successPage(clientDtoNodes);
    }

    @AnonymousAccess
    @PostMapping(value = "/login")
    public ResponseVO<Object> longin(HttpServletRequest request, @RequestBody @Validated AdminLoginParam loginParam) {
        Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getClientName, loginParam.getUsername()).last("limit 1"));
        if (client == null) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
        }
        String s = RedisUtils.getBean().get(loginParam.getKey());
        System.out.println(s + "===========================");
        if (!loginParam.getVlue().equals(s)) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage());
        }
        RedisUtils.getBean().delete(loginParam.getKey());
        if (!passwordEncoder.matches(loginParam.getPassword(), client.getPassword())) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
        }

        Collection<GrantedAuthority> grantedAuthorities = roleService.mapToGrantedAuthorities(client.getId(), false);

        LoginUserInfo loginUserInfo = new LoginUserInfo();
        loginUserInfo.setUserId(client.getId());
        loginUserInfo.setAccount(client.getClientName());
        loginUserInfo.setIp(IpUtil.getRealIp());
        loginUserInfo.setAdministratorType(AdministratorEnums.NORMAL.getCode());
        loginUserInfo.setPermission(grantedAuthorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.joining(",")));

        // 生成令牌
        String token = tokenProvider.createToken(loginUserInfo);

        // 更新最后登录时间
        Client update = new Client();
        update.setId(client.getId());
        update.setLoginTime(LocalDateTime.now());
        clientService.updateById(update);

        // 返回 token 与 用户信息
        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
            put("token", properties.getTokenStartWith() + token);
            put("user", client);
        }};

        /**
         * 登录信息日志记录开始
         */
        UserAgent userAgent = UserAgent.parseUserAgentString(request.getHeader("User-Agent"));
        Browser browser = userAgent.getBrowser();
        OperatingSystem os = userAgent.getOperatingSystem();
        String content = "用户ID：" + client.getId()
                + "，用户名：" + client.getClientName()
                + "，用户类型：管理员"
                + "，登录IP地址：" + ServletUtil.getClientIP(request)
                + "，操作系统：" + os
                + "，浏览器：" + browser;
        StoreOperationRecordsUtils.storeOperationLoginData(client.getId(), client.getClientName(), "用户登录", content);
        return ResponseUtil.success(authInfo);
    }

    @AnonymousAccess
    @GetMapping("/getTokenByKey")
    public ResponseVO<Object> getLonginKey(@RequestParam(required = false, value = "keyValue") String keyValue) {

        return ResponseUtil.success(clientService.creatKeyByLogin(keyValue));
    }
}