完成系统用户管理功能

pom.xml

@@ -286,6 +286,8 @@
                 <configuration>
                     <layout>ZIP</layout>
                     <classifier>all</classifier>
+                    <!-- 引入devtools后fork为false才能断点,但热部署失败，fork为true时热部署正常，debug失败 -->
+                    <fork>false</fork>
                 </configuration>
                 <executions>
                     <execution>

src/main/java/com/qkdata/biz/sys/controller/SysLoginController.java

 package com.qkdata.biz.sys.controller;
 
+import cn.hutool.core.collection.CollUtil;
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.qkdata.biz.common.BizConstants;
 import com.qkdata.biz.sys.service.ShiroService;
 import com.qkdata.biz.sys.vo.LoginModel;
 import com.qkdata.biz.sys.vo.LoginUserInfo;
+import com.qkdata.biz.sys.vo.SysRoleModel;
 import com.qkdata.common.annotation.SysLog;
+import com.qkdata.common.base.exception.BusinessException;
 import com.qkdata.common.base.model.Result;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@@ -13,6 +17,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
 import javax.validation.Valid;
+import java.util.List;
 
 @Api(tags = "系统登陆")
 @RestController
@@ -26,7 +31,26 @@ public class SysLoginController {
     @SysLog("登陆")
     @PostMapping("/login")
     public Result<LoginUserInfo> login(@RequestBody @Valid LoginModel loginModel) throws JsonProcessingException {
-        return Result.succeed(shiroService.login(loginModel.getUsername(),loginModel.getPassword()));
+        LoginUserInfo loginUserInfo = shiroService.login(loginModel.getUsername(),loginModel.getPassword());
+        hasPermission(loginUserInfo);
+        return Result.succeed(loginUserInfo);
+    }
+
+    private void hasPermission(LoginUserInfo loginUserInfo) {
+        List<SysRoleModel> roles = loginUserInfo.getRoles();
+        if (CollUtil.isEmpty(roles)){
+            throw new BusinessException("对不起，您没有权限");
+        }
+        boolean hasPermission = false;
+        for (SysRoleModel role : roles){
+            if (role.getCode().equals(BizConstants.ROLE_ADMIN) || role.getCode().equals(BizConstants.ROLE_OPERATOR)){
+                hasPermission = true;
+                break;
+            }
+        }
+        if (!hasPermission){
+            throw new BusinessException("对不起，您没有权限");
+        }
     }
 
     @ApiOperation("登出")

src/main/java/com/qkdata/biz/sys/controller/SysUserController.java

@@ -6,6 +6,7 @@ import com.qkdata.biz.sys.entity.SysUserPO;
 import com.qkdata.biz.sys.service.SysUserService;
 import com.qkdata.biz.sys.vo.PasswordModel;
 import com.qkdata.biz.sys.vo.QueryUserModel;
+import com.qkdata.biz.sys.vo.SysUserListModel;
 import com.qkdata.biz.sys.vo.SysUserModel;
 import com.qkdata.common.annotation.SysLog;
 import com.qkdata.common.base.exception.BusinessException;
@@ -17,6 +18,7 @@ import com.qkdata.common.util.UserContext;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.ArrayUtils;
+import org.apache.shiro.authz.annotation.Logical;
 import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -35,13 +37,14 @@ public class SysUserController {
 
     @ApiOperation("查询用户列表")
     @PostMapping("/list")
-    @RequiresRoles(value = {"ADMIN"})
-    public PageResult<SysUserModel> list(@RequestBody QueryUserModel queryUserModel){
+    @RequiresRoles(value = {BizConstants.ROLE_ADMIN,BizConstants.ROLE_OPERATOR},logical = Logical.OR)
+    public PageResult<SysUserListModel> list(@RequestBody QueryUserModel queryUserModel){
         return sysUserService.queryPageList(queryUserModel);
     }
 
     @ApiOperation("获取当前用户信息")
     @GetMapping("/info")
+    @RequiresRoles(value = {BizConstants.ROLE_ADMIN,BizConstants.ROLE_OPERATOR},logical = Logical.OR)
     public Result<SysUserModel> info(){
         SysUserPO userPO =  UserContext.getUser();
         SysUserModel dto = new SysUserModel();
@@ -51,7 +54,7 @@ public class SysUserController {
     }
     @ApiOperation("获取某个用户信息")
     @GetMapping("/info/{id}")
-    @RequiresRoles(value = {"ADMIN"})
+    @RequiresRoles(value = {BizConstants.ROLE_ADMIN})
     public Result<SysUserModel> infoById(@PathVariable Long id){
         SysUserPO sysUserPO = sysUserService.getById(id);
         SysUserModel dto = new SysUserModel();
@@ -62,7 +65,7 @@ public class SysUserController {
     @ApiOperation("保存用户信息")
     @SysLog("保存用户信息")
     @PostMapping("/save")
-    @RequiresRoles(value = {"ADMIN"})
+    @RequiresRoles(value = {BizConstants.ROLE_ADMIN})
     public Result<String> save(@RequestBody @Validated(AddGroup.class) SysUserModel sysUserModel){
         sysUserService.saveUser(sysUserModel);
         return Result.succeed("ok");
@@ -95,7 +98,7 @@ public class SysUserController {
     @ApiOperation("删除用户")
     @SysLog("删除用户")
     @PostMapping("/delete")
-    @RequiresRoles(value = {"ADMIN"})
+    @RequiresRoles(value = {BizConstants.ROLE_ADMIN})
     public Result<String> delete(@RequestBody Long[] userIds){
         if(ArrayUtils.contains(userIds, 1L)){
             throw new BusinessException("系统管理员不能删除");

src/main/java/com/qkdata/biz/sys/entity/SysUserPO.java

@@ -7,6 +7,7 @@ import com.qkdata.common.base.entity.BasePO;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 
+import java.time.LocalDateTime;
 import java.util.Date;
 
 
@@ -19,8 +20,8 @@ public class SysUserPO extends BasePO {
     private String password;
     private String salt;
     private String nickName;
-    private Date lastLoginTime;
-    private Date activateTime;
+    private LocalDateTime lastLoginTime;
+    private LocalDateTime activateTime;
     private AccountStatusEnum status;
     @TableLogic
     private Boolean isDel;

src/main/java/com/qkdata/biz/sys/mapper/SysUserMapper.java

@@ -4,7 +4,7 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.qkdata.biz.sys.entity.SysUserPO;
 import com.qkdata.biz.sys.vo.QueryUserModel;
-import com.qkdata.biz.sys.vo.SysUserModel;
+import com.qkdata.biz.sys.vo.SysUserListModel;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;
 
@@ -14,7 +14,7 @@ import java.util.List;
 public interface SysUserMapper extends BaseMapper<SysUserPO> {
     List<String> queryAllPerms(Long userId);
 
-    List<SysUserModel> queryPageList(Page<SysUserModel> page, @Param("p") QueryUserModel queryUserModel);
+    List<SysUserListModel> queryPageList(Page<SysUserListModel> page, @Param("p") QueryUserModel queryUserModel);
 
     List<Long> queryAllMenuId(Long userId);
 }

src/main/java/com/qkdata/biz/sys/service/ShiroService.java

@@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.StringUtils;
 
+import java.time.LocalDateTime;
 import java.util.*;
 import java.util.stream.Collectors;
 
@@ -67,7 +68,7 @@ public class ShiroService {
             throw new BusinessException("帐号已禁用");
         }
         if (userPO.getStatus() == AccountStatusEnum.UNACTIVATE){
-            userPO.setActivateTime(DateUtil.date());
+            userPO.setActivateTime(LocalDateTime.now());
             sysUserService.updateById(userPO);
         }
         String token = generatorToken(userPO);

src/main/java/com/qkdata/biz/sys/service/SysRoleService.java

@@ -35,7 +35,7 @@ public class SysRoleService extends BaseServiceImpl<SysRoleMapper, SysRolePO> {
         List<Long> menuIds = sysRoleMenuService.queryMenuIdList(po.getId());
         SysRoleModel model = new SysRoleModel();
         BeanUtils.copyProperties(po,model);
-        model.setMenuIdList(menuIds);
+//        model.setMenuIdList(menuIds);
         return model;
     }
 
@@ -44,7 +44,7 @@ public class SysRoleService extends BaseServiceImpl<SysRoleMapper, SysRolePO> {
         SysRolePO po = new SysRolePO();
         BeanUtils.copyProperties(sysRoleModel,po);
         save(po);
-        sysRoleMenuService.saveOrUpdateRoleMenu(po.getId(),sysRoleModel.getMenuIdList());
+//        sysRoleMenuService.saveOrUpdateRoleMenu(po.getId(),sysRoleModel.getMenuIdList());
     }
 
     @Transactional
@@ -57,7 +57,7 @@ public class SysRoleService extends BaseServiceImpl<SysRoleMapper, SysRolePO> {
         po.setCode(sysRoleModel.getCode());
         updateById(po);
 
-        sysRoleMenuService.saveOrUpdateRoleMenu(po.getId(),sysRoleModel.getMenuIdList());
+//        sysRoleMenuService.saveOrUpdateRoleMenu(po.getId(),sysRoleModel.getMenuIdList());
     }
 
     public List<SysRoleModel> getUserRoles(Long userId) {

src/main/java/com/qkdata/biz/sys/service/SysUserService.java

@@ -2,9 +2,13 @@ package com.qkdata.biz.sys.service;
 
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.google.common.collect.Lists;
+import com.qkdata.biz.enums.AccountStatusEnum;
 import com.qkdata.biz.sys.entity.SysUserPO;
 import com.qkdata.biz.sys.mapper.SysUserMapper;
 import com.qkdata.biz.sys.vo.QueryUserModel;
+import com.qkdata.biz.sys.vo.SysRoleModel;
+import com.qkdata.biz.sys.vo.SysUserListModel;
 import com.qkdata.biz.sys.vo.SysUserModel;
 import com.qkdata.common.base.enums.CodeEnum;
 import com.qkdata.common.base.exception.BusinessException;
@@ -13,18 +17,23 @@ import com.qkdata.common.base.service.impl.BaseServiceImpl;
 import com.qkdata.common.util.UserContext;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.shiro.crypto.hash.Sha256Hash;
+import org.apache.tomcat.jni.Local;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.StringUtils;
 
+import java.time.LocalDateTime;
 import java.util.List;
 
 @Service
 public class SysUserService extends BaseServiceImpl<SysUserMapper, SysUserPO> {
     @Autowired
     private SysUserRoleService sysUserRoleService;
+    @Autowired
+    private SysRoleService sysRoleService;
+
     public SysUserPO getByUsername(String username) {
         return baseMapper.selectOne(Wrappers.<SysUserPO>lambdaQuery().eq(SysUserPO::getUsername,username));
     }
@@ -33,10 +42,14 @@ public class SysUserService extends BaseServiceImpl<SysUserMapper, SysUserPO> {
         return baseMapper.queryAllPerms(userId);
     }
 
-    public PageResult<SysUserModel> queryPageList(QueryUserModel queryUserModel) {
-        Page<SysUserModel> page = new Page<>(queryUserModel.getPageIndex(),queryUserModel.getPageSize());
-        List<SysUserModel> pageList = baseMapper.queryPageList(page,queryUserModel);
-        return PageResult.<SysUserModel>builder().code(CodeEnum.SUCCESS.getCode()).count(page.getTotal()).data(pageList).build();
+    public PageResult<SysUserListModel> queryPageList(QueryUserModel queryUserModel) {
+        Page<SysUserListModel> page = new Page<>(queryUserModel.getPageIndex(),queryUserModel.getPageSize());
+        List<SysUserListModel> pageList = baseMapper.queryPageList(page,queryUserModel);
+        for (SysUserListModel sysUser : pageList){
+            List<SysRoleModel> roles = sysRoleService.getUserRoles(sysUser.getId());
+            sysUser.setRoleIdList(roles);
+        }
+        return PageResult.<SysUserListModel>builder().code(CodeEnum.SUCCESS.getCode()).count(page.getTotal()).data(pageList).build();
     }
 
     public List<Long> queryRoleIdList(Long userId) {
@@ -53,8 +66,12 @@ public class SysUserService extends BaseServiceImpl<SysUserMapper, SysUserPO> {
         BeanUtils.copyProperties(sysUserModel,po);
         po.setSalt(RandomStringUtils.randomAlphanumeric(20));
         po.setPassword(new Sha256Hash(sysUserModel.getPassword(), po.getSalt()).toHex());
+        po.setLastLoginTime(LocalDateTime.now());
+        po.setStatus(AccountStatusEnum.ENABLE);
         save(po);
-        sysUserRoleService.saveOrUpdateUserRole(po.getId(),sysUserModel.getRoleIdList());
+        //默认为运营人员
+        List<Long> roleIds = Lists.newArrayList(2L);
+        sysUserRoleService.saveOrUpdateUserRole(po.getId(),roleIds);
     }
 
     @Transactional
@@ -63,21 +80,18 @@ public class SysUserService extends BaseServiceImpl<SysUserMapper, SysUserPO> {
         if (po == null){
             throw new BusinessException("请求错误，用户不存在");
         }
-        po.setUsername(sysUserModel.getUsername());
-        if (!StringUtils.isEmpty(sysUserModel.getPassword())){
-            po.setPassword(new Sha256Hash(sysUserModel.getPassword(),po.getSalt()).toHex());
-        }
         po.setStatus(sysUserModel.getStatus());
+        po.setNickName(sysUserModel.getNickName());
         updateById(po);
 
-        sysUserRoleService.saveOrUpdateUserRole(po.getId(),sysUserModel.getRoleIdList());
+//        sysUserRoleService.saveOrUpdateUserRole(po.getId(),sysUserModel.getRoleIdList());
     }
 
     public void updatePassword(SysUserPO user, String password, String newPassword) {
         //sha256加密
         String pwd = new Sha256Hash(password, UserContext.getUser().getSalt()).toHex();
         if (!user.getPassword().equals(pwd)){
-            throw new BusinessException("密码错误");
+            throw new BusinessException("原密码错误");
         }
         //sha256加密
         String newPwd = new Sha256Hash(newPassword, UserContext.getUser().getSalt()).toHex();

src/main/java/com/qkdata/biz/sys/vo/SysRoleModel.java

@@ -12,5 +12,5 @@ public class SysRoleModel {
     private String name;
     @NotBlank(message = "角色代码不能为空")
     private String code;
-    private List<Long> menuIdList;
+//    private List<Long> menuIdList;
 }

src/main/java/com/qkdata/biz/sys/vo/SysUserListModel.java

+package com.qkdata.biz.sys.vo;
+
+import com.qkdata.biz.enums.AccountStatusEnum;
+import lombok.Data;
+
+import java.time.LocalDateTime;
+import java.util.List;
+
+@Data
+public class SysUserListModel {
+    private Long id;
+    private String username;
+    private String nickName;
+    private AccountStatusEnum status;
+    private LocalDateTime createTime;
+    private LocalDateTime lastLoginTime;
+    private List<SysRoleModel> roleIdList;
+}

src/main/java/com/qkdata/biz/sys/vo/SysUserModel.java

@@ -15,6 +15,7 @@ public class SysUserModel {
     private String username;
     @NotBlank(message = "密码不能为空",groups = AddGroup.class)
     private String password;
+    private String nickName;
     private AccountStatusEnum status;
     private List<Long> roleIdList;
 }

src/main/java/com/qkdata/common/config/GlobalExceptionHandle.java

@@ -3,6 +3,7 @@ package com.qkdata.common.config;
 import com.qkdata.common.base.exception.BusinessException;
 import com.qkdata.common.base.model.Result;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authz.UnauthorizedException;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.http.converter.HttpMessageNotReadableException;
@@ -91,6 +92,11 @@ public class GlobalExceptionHandle {
         log.warn("no handler found: {}", e.getMessage());
         return ResponseEntity.status(HttpStatus.NOT_FOUND).body(Result.failed(e.getMessage()));
     }
+    @ExceptionHandler(value = UnauthorizedException.class)
+    public ResponseEntity<Result> unauthorizedExceptionHandler(UnauthorizedException e) {
+        log.warn("no permission found: {}", e.getMessage());
+        return ResponseEntity.status(HttpStatus.FORBIDDEN).body(Result.failed("无权限"));
+    }
 
 
 }

src/main/resources/db/migration/V1.0.0__init.sql

@@ -351,7 +351,7 @@ CREATE TABLE `sys_config` (
   `id` bigint(20) NOT NULL AUTO_INCREMENT,
   `param_key` varchar(50) COLLATE utf8mb4_bin DEFAULT NULL COMMENT 'key',
   `param_value` varchar(2000) COLLATE utf8mb4_bin DEFAULT NULL COMMENT 'value',
-  `status` tinyint(4) DEFAULT '1' COMMENT '状态   0：隐藏   1：显示',
+  `status` int(4) DEFAULT '1' COMMENT '状态   0：隐藏   1：显示',
   `remark` varchar(500) COLLATE utf8mb4_bin DEFAULT NULL COMMENT '备注',
   `create_time` datetime DEFAULT NULL,
   `update_time` datetime DEFAULT NULL,
@@ -369,7 +369,7 @@ CREATE TABLE `sys_user` (
   `password` varchar(100) DEFAULT NULL COMMENT '密码',
   `salt` varchar(20) DEFAULT NULL COMMENT '盐',
   `nick_name` varchar(50) DEFAULT NULL COMMENT '昵称',
-  `status` tinyint(1) DEFAULT NULL COMMENT '状态',
+  `status` int(1) DEFAULT NULL COMMENT '状态',
   `create_time` datetime DEFAULT NULL COMMENT '注册时间',
   `last_login_time` datetime DEFAULT NULL COMMENT '最后登录时间',
   `activate_time` datetime DEFAULT NULL COMMENT '激活时间',
@@ -381,7 +381,7 @@ CREATE TABLE `sys_user` (
 -- ----------------------------
 -- Records of sys_user
 -- ----------------------------
-INSERT INTO `sys_user` VALUES (1, '13100000000', 'cdac762d0ba79875489f6a8b430fa8b5dfe0cdd81da38b80f02f33328af7fd4a', 'YzcmCZNvbXocrsz9dm8e', '系管理员', 1, '2021-04-25 16:10:06', NULL, NULL, '2021-04-25 16:10:06', 0);
+INSERT INTO `sys_user` VALUES (1, 'admin', 'cdac762d0ba79875489f6a8b430fa8b5dfe0cdd81da38b80f02f33328af7fd4a', 'YzcmCZNvbXocrsz9dm8e', '系管理员', 1, '2021-04-25 16:10:06', NULL, NULL, '2021-04-25 16:10:06', 0);
 
 -- ----------------------------
 -- Table structure for sys_user_role
@@ -435,11 +435,6 @@ CREATE TABLE `user_ext` (
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 COMMENT='用户扩展表';
 
--- ----------------------------
--- Records of user_ext
--- ----------------------------
-INSERT INTO `user_ext` VALUES (1, 1, '系统管理员', NULL, NULL, NULL, NULL, NULL, NULL, NULL, '2021-04-25 16:10:06', '2021-04-25 16:10:06');
-
 
 -- ----------------------------
 -- Table structure for user_favorites

src/main/resources/mappers/sys/SysUserMapper.xml

@@ -7,8 +7,8 @@
         LEFT JOIN sys_menu m on rm.menu_id = m.id
         where ur.user_id = #{userId}
     </select>
-    <select id="queryPageList" resultType="com.qkdata.biz.sys.vo.SysUserModel">
-        select id,username,status
+    <select id="queryPageList" resultType="com.qkdata.biz.sys.vo.SysUserListModel">
+        select *
         from sys_user
         where is_del=0
         <if test="p.username != null and p.username != ''">