ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
@@ -9,7 +9,6 @@ import com.sandu.common.domain.ResponseVO; import com.sandu.common.enums.AdminStatusStatus; import com.sandu.common.enums.ResponseStatusEnums; import com.sandu.common.execption.BusinessException; import com.sandu.common.object.BaseConditionVO; import com.sandu.common.security.LoginUserInfo; import com.sandu.common.security.annotation.AnonymousAccess; @@ -36,7 +35,10 @@ import org.springframework.web.bind.annotation.*; import java.time.LocalDateTime; import java.util.*; import java.util.Collection; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.stream.Collectors; /** @@ -142,9 +144,9 @@ } // @PreAuthorize("@el.check('admin:edit')") /** * 修改管理员信息 * */ @PostMapping("/update/{adminId}") public ResponseVO<Object> updateAdmin(@RequestBody AdminParam param, @PathVariable Long adminId) { @@ -158,8 +160,6 @@ /** * 修改我的密码 * @param param * @return */ @PutMapping("/updateMyPassword") public ResponseVO<Object> updateMyPassword(@Validated @RequestBody PwdParam param) { @@ -181,13 +181,15 @@ // return ResponseUtil.success(null); // } // @DeleteMapping("/{id}") // @PreAuthorize("@el.check('admin:del')") // public ResponseVO<Object> delete(@PathVariable Long id) { // checkLevel(id); // adminService.deleteAdmin(id); // return ResponseUtil.success(null); // } @PostMapping("/del/{adminId}") public ResponseVO<Object> deleteAdmin(@PathVariable Long adminId) { boolean result = adminService.deleteAdmin(adminId); if (result) { return ResponseUtil.success("修改成功"); } else { return ResponseUtil.fail("修改失败"); } } // /** // * 给管理员分配角色 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/MenuController.java
@@ -41,13 +41,24 @@ boolean result = menuService.updateMenu(menuId,param); if (result) { return ResponseUtil.success("添加成功"); return ResponseUtil.success("编辑成功"); } else { return ResponseUtil.fail("添加失败"); return ResponseUtil.fail("编辑失败"); } } @PostMapping @PostMapping("/del/{menuId}") public ResponseVO<Object> delMenu(@PathVariable Long menuId) { boolean result = menuService.delMenu(menuId); if (result) { return ResponseUtil.success("删除成功"); } else { return ResponseUtil.fail("删除失败"); } } @PostMapping("/add") public ResponseVO<Object> addMenu(@Validated @RequestBody MenuParam param) { boolean result = menuService.addMenu(param); ximon-admin/src/main/java/com/sandu/ximon/admin/service/AdminService.java
@@ -71,29 +71,43 @@ return true; } @Transactional(rollbackFor = Exception.class) public boolean updateAdmin(Long adminId, AdminParam param) { Admin admin = getById(adminId); if(admin == null){ if (admin == null) { throw new BusinessException("找不到管理员"); } List<Role> roles = roleService.listByAdminId(admin.getId()); if(CollectionUtil.isEmpty(roles)){ if (CollectionUtil.isEmpty(roles)) { throw new BusinessException("当前用户没有角色"); } List<Integer> levels = roles.stream().map(Role::getLevel).collect(Collectors.toList()); int min = Collections.min(levels); roleService.assertLevels(min); Admin update = new Admin(); update.setId(adminId); update.setPassword(passwordEncoder.encode(param.getPassword())); update.setNickName(param.getNickName()); update.setMobile(param.getMobile()); update.setNote(param.getNote()); return updateById(update); if (!updateById(update)) { throw new BusinessException("编辑管理员失败"); } adminRoleRelationService.remove(Wrappers.lambdaQuery(AdminRoleRelation.class).eq(AdminRoleRelation::getAdminId,admin)); AdminRoleRelation adminRoleRelation = new AdminRoleRelation(); adminRoleRelation.setAdminId(adminId); adminRoleRelation.setRoleId(param.getRoleId()); if (!adminRoleRelationService.save(adminRoleRelation)) { throw new BusinessException("添加管理员角色失败"); } return true; } public boolean updateMyPassword(PwdParam param) { if(!StrUtil.equals(param.getNewPass(),param.getConfirmPass())){ if (!StrUtil.equals(param.getNewPass(), param.getConfirmPass())) { throw new BusinessException("两次密码不一致"); } Long userId = SecurityUtils.getUserId(); @@ -101,7 +115,7 @@ if (admin == null) { throw new BusinessException("用户不存在"); } if(!passwordEncoder.matches(param.getOldPass(),admin.getPassword())){ if (!passwordEncoder.matches(param.getOldPass(), admin.getPassword())) { throw new BusinessException("旧密码不正确"); } Admin update = new Admin(); @@ -109,4 +123,23 @@ update.setPassword(passwordEncoder.encode(param.getNewPass())); return updateById(update); } public boolean deleteAdmin(Long adminId) { Admin admin = getById(adminId); if (admin == null) { throw new BusinessException("找不到管理员"); } List<Role> roles = roleService.listByAdminId(admin.getId()); if (CollectionUtil.isEmpty(roles)) { throw new BusinessException("当前用户没有角色"); } List<Integer> levels = roles.stream().map(Role::getLevel).collect(Collectors.toList()); int min = Collections.min(levels); int maxLevel = roleService.assertLevels(min); if(!RoleLevelStatus.SUPER.getCode().equals(maxLevel)){ throw new BusinessException("只有超级管理员才能删除用户"); } return removeById(adminId); } } ximon-admin/src/main/java/com/sandu/ximon/admin/service/MenuService.java
@@ -3,13 +3,17 @@ import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.sandu.common.enums.RoleLevelStatus; import com.sandu.common.execption.BusinessException; import com.sandu.common.execption.EntityExistException; import com.sandu.common.service.impl.BaseServiceImpl; import com.sandu.common.util.SpringContextHolder; import com.sandu.ximon.admin.param.MenuParam; import com.sandu.ximon.admin.security.SecurityUtils; import com.sandu.ximon.dao.bo.MenuNode; import com.sandu.ximon.dao.domain.AdminRoleRelation; import com.sandu.ximon.dao.domain.Menu; import com.sandu.ximon.dao.domain.Role; import com.sandu.ximon.dao.domain.RoleMenuRelation; import com.sandu.ximon.dao.mapper.AdminRoleRelationMapper; import com.sandu.ximon.dao.mapper.MenuMapper; @@ -17,6 +21,7 @@ import org.springframework.beans.BeanUtils; import org.springframework.stereotype.Service; import java.util.Collections; import java.util.List; import java.util.Set; import java.util.stream.Collectors; @@ -79,6 +84,12 @@ throw new BusinessException("找不到菜单信息"); } List<Role> roles = SpringContextHolder.getBean(RoleService.class).listByAdminId(SecurityUtils.getUserId()); Integer roleLevel = roles.stream().map(Role::getLevel).min(Integer::compareTo).orElse(RoleLevelStatus.COMMON.getCode()); if(!RoleLevelStatus.SUPER.getCode().equals(roleLevel)){ throw new BusinessException("超级管理员才可以编辑菜单"); } Menu menu = new Menu(); BeanUtils.copyProperties(param,menu); menu.setId(menuId); @@ -91,4 +102,18 @@ .filter(menu -> menu.getPid().equals(0L)) .map(menu -> covertMenuNode(menu, list)).collect(Collectors.toList()); } public boolean delMenu(Long menuId) { Menu one = getById(menuId); if (one == null) { throw new BusinessException("找不到菜单信息"); } List<Role> roles = SpringContextHolder.getBean(RoleService.class).listByAdminId(SecurityUtils.getUserId()); Integer roleLevel = roles.stream().map(Role::getLevel).min(Integer::compareTo).orElse(RoleLevelStatus.COMMON.getCode()); if(!RoleLevelStatus.SUPER.getCode().equals(roleLevel)){ throw new BusinessException("超级管理员才可以删除菜单"); } return removeById(menuId); } } ximon-admin/src/main/java/com/sandu/ximon/admin/service/RoleService.java
@@ -117,8 +117,8 @@ /** * 判断当前角色能不能操作目标用户 不行的话直接抛出异常 * @param roleLevel 目标用户的最大角色 * @return * @param roleLevel 目标用户的最高角色等级 * @return 操作人的最高角色等级 */ public int assertLevels(Integer roleLevel) { Long userId = SecurityUtils.getUserId();
