saas_entrepot/zhongzheng-admin-business/src/main/java/com/zhongzheng/controller/system/BsSysUserController.java

package com.zhongzheng.controller.system;

import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.lang.Validator;
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
import com.zhongzheng.common.annotation.Log;
import com.zhongzheng.common.constant.UserConstants;
import com.zhongzheng.common.core.bo.SysUserEditBo;
import com.zhongzheng.common.core.controller.BaseController;
import com.zhongzheng.common.core.domain.AjaxResult;
import com.zhongzheng.common.core.domain.entity.SysRole;
import com.zhongzheng.common.core.domain.entity.SysUser;
import com.zhongzheng.common.core.domain.model.LoginUser;
import com.zhongzheng.common.core.page.TableDataInfo;
import com.zhongzheng.common.enums.BusinessType;
import com.zhongzheng.common.exception.CustomException;
import com.zhongzheng.common.utils.DateUtils;
import com.zhongzheng.common.utils.SecurityUtils;
import com.zhongzheng.common.utils.ServletUtils;
import com.zhongzheng.common.utils.ToolsUtils;
import com.zhongzheng.common.utils.poi.ExcelUtil;
import com.zhongzheng.framework.web.service.BsTokenService;
import com.zhongzheng.framework.web.service.TokenService;
import com.zhongzheng.modules.bs.company.entity.ClientBsLoginUser;
import com.zhongzheng.modules.bs.system.domain.BsSysRole;
import com.zhongzheng.modules.bs.system.domain.BsSysUser;
import com.zhongzheng.modules.bs.system.service.IBsSysPostService;
import com.zhongzheng.modules.bs.system.service.IBsSysRoleService;
import com.zhongzheng.modules.bs.system.service.IBsSysUserService;
import com.zhongzheng.modules.course.bo.CourseBusinessQueryBo;
import com.zhongzheng.modules.system.service.ISysPostService;
import com.zhongzheng.modules.system.service.ISysRoleService;
import com.zhongzheng.modules.system.service.ISysUserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.HttpRequestHandler;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.stream.Collectors;

/**
 * 用户信息
 *
 * @author zhongzheng
 */
@Api(tags ="用户信息管理")
@RestController
@RequestMapping("/bs/system/user")
public class BsSysUserController extends BaseController
{
    @Autowired
    private IBsSysUserService userService;

    @Autowired
    private IBsSysRoleService roleService;

    @Autowired
    private BsTokenService bsTokenService;

    @Resource
    private AuthenticationManager authenticationManager;

    /**
     * 获取用户列表
     */
    @ApiOperation("获取用户列表")
    @PreAuthorize("@ss.hasPermi('system:user:list')")
    @GetMapping("/list")
    public TableDataInfo list(BsSysUser user)
    {
        startPage();
        List<BsSysUser> list = userService.selectUserList(user);
        return getDataTable(list);
    }

    /**
     * 根据用户编号获取详细信息
     */
    @ApiOperation("获取用户详细")
    @PreAuthorize("@ss.hasPermi('system:user:query')")
    @GetMapping(value = {  "/getInfo" })
    public AjaxResult getInfo( Long userId)
    {
        AjaxResult ajax = AjaxResult.success();
        List<BsSysRole> roles = roleService.selectRoleAll();
        BsSysUser sysUser = userService.selectUserById(userId);
        if (!sysUser.isAdmin()){
           roles=roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList());
        }
        if (Validator.isNotNull(userId))
        {
            BsSysUser bsSysUser = userService.selectUserById(userId);
            bsSysUser.setRoles(roles);
            ajax.put(AjaxResult.DATA_TAG, bsSysUser);
            ajax.put("roleIds", roleService.selectRoleListByUserId(userId));
        }
        return ajax;
    }

    /**
     * 新增用户
     */
    @ApiOperation("新增用户")
    @ApiOperationSupport(ignoreParameters = {"id","orderDate.id"})
    @PreAuthorize("@ss.hasPermi('system:user:add')")
    @Log(title = "用户管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody BsSysUser user)
    {
        if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName())))
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
        }
        else if (Validator.isNotEmpty(user.getPhonenumber())
                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，手机号码已存在");
        }
        else if (Validator.isNotEmpty(user.getEmail())
                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        user.setCreateBy(bsTokenService.getLoginUser(ServletUtils.getRequest()).getUsername());
        if(!ToolsUtils.verifEasyPwd(user.getPassword())){
            throw new CustomException("密码应由8-16位数字、大小写字母、符号组成");
        }
        user.setCompanyId(bsTokenService.getLoginUser(ServletUtils.getRequest()).getUser().getCompanyId());
        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
        user.setCreateTime(DateUtils.getNowTime());
        user.setUpdateTime(DateUtils.getNowTime());
        return toAjax(userService.insertUser(user));
    }

    /**
     * 修改用户
     */
    @ApiOperation("更新用户")
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PostMapping("/edit")
    public AjaxResult edit(@Validated @RequestBody SysUserEditBo bo)
    {
        if (Validator.isNotEmpty(bo.getStatus())&&bo.getStatus().equals(-1)){
            BsSysUser user = BeanUtil.toBean(bo, BsSysUser.class);
            int result = userService.updateUser(user);
            return toAjax(result);
        }
        BsSysUser user = BeanUtil.toBean(bo, BsSysUser.class);
        userService.checkUserAllowed(user);
        ClientBsLoginUser loginUser = bsTokenService.getLoginUser(ServletUtils.getRequest());
        if(!loginUser.getUser().isAdmin()&&loginUser.getUser().getUserId()!=user.getUserId()){
            return AjaxResult.error("您无权限修改本信息");
        }

        if (Validator.isNotEmpty(user.getPhonenumber())
                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
        {
            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
        }
        else if (Validator.isNotEmpty(user.getEmail())
                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
        {
            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        if(Validator.isNotEmpty(user.getPassword())){
            //重置密码
            if(!loginUser.getUser().isAdmin()){
                //普通用户需传入旧密码修改
                // 旧密码用户验证
                Authentication authentication = null;
                try
                {
                    // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
                    authentication = authenticationManager
                            .authenticate(new UsernamePasswordAuthenticationToken(loginUser.getUser().getUserName(), bo.getOldPassword()));
                }
                catch (Exception e)
                {
                    return AjaxResult.error("旧密码错误");
                }

            }
            if(!ToolsUtils.verifEasyPwd(user.getPassword())){
                throw new CustomException("密码应由8-16位数字、大小写字母、符号组成");
            }
            user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
            user.setPwdTime(DateUtils.getNowTime());
        }
        user.setUpdateBy(bsTokenService.getLoginUser(ServletUtils.getRequest()).getUsername());
        int result = userService.updateUser(user);
        if(result>0){
            BsSysUser bsSysUser = userService.selectUserByUserName(loginUser.getUser().getUserName());
            //同个用户ID则更新用户信息,admin操作其他用户则不更新
            if(bsSysUser.getUserId()==loginUser.getUser().getUserId()){
                // 更新缓存用户
                loginUser.setUser(bsSysUser);
            }
            bsTokenService.setLoginUser(loginUser);
        }
        return toAjax(result);
    }

    /**
     * 状态修改
     */
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PostMapping("/changeStatus")
    public AjaxResult changeStatus(@RequestBody BsSysUser user)
    {
        userService.checkUserAllowed(user);
        user.setUpdateBy(bsTokenService.getLoginUser(ServletUtils.getRequest()).getUsername());
        user.setUpdateTime(DateUtils.getNowTime());
        return toAjax(userService.updateUserStatus(user));
    }


//    @ApiOperation("检查密码修改时间")
//    @PreAuthorize("@ss.hasPermi('system:user:list')")
//    @GetMapping("/checkPwdTime")
//    public AjaxResult<Boolean> checkPwdTime()
//    {
//        ClientBsLoginUser loginUser = bsTokenService.getLoginUser(ServletUtils.getRequest());
//        BsSysUser user = userService.selectUserById(loginUser.getUser().getUserId());
//        boolean needUpdate = false;
//       if(Validator.isNotEmpty(user.getPwdTime())&&(DateUtils.getNowTime().longValue()-user.getPwdTime().longValue())>90*24*3600){
//            needUpdate = true;
//        }
//        return AjaxResult.success(needUpdate);
//    }
}