package com.ruoyi.system.controller; import cn.hutool.json.JSONArray; import cn.hutool.json.JSONUtil; import com.alibaba.fastjson.JSONObject; import com.ruoyi.common.core.constant.UserConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.utils.PassUtil; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.utils.poi.ExcelUtil; import com.ruoyi.common.core.web.controller.BaseController; import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; import com.ruoyi.common.security.annotation.InnerAuth; import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.api.RemoteConfigService; import com.ruoyi.system.api.domain.SysDept; import com.ruoyi.system.api.domain.SysDeptParty; import com.ruoyi.system.api.domain.SysRole; import com.ruoyi.system.api.domain.SysUser; import com.ruoyi.system.api.model.LoginUser; import com.ruoyi.system.domain.PunchCardDto; import com.ruoyi.system.domain.PushMessageVO; import com.ruoyi.system.domain.SysMenuVisu; import com.ruoyi.system.service.*; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.ObjectUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.net.MalformedURLException; import java.net.URL; import java.util.*; import java.util.stream.Collectors; import static org.springframework.web.bind.annotation.RequestMethod.GET; import static org.springframework.web.bind.annotation.RequestMethod.POST; /** * 用户信息 * * @author ruoyi */ @Api(tags = "用户信息控制器") @RestController @RequestMapping("/user") public class SysUserController extends BaseController { private final ISysUserService userService; private final ISysRoleService roleService; private final ISysPostService postService; private final ISysPermissionService permissionService; private final ISysConfigService configService; private final ISysMenuVisuService menuVisuService; @Resource private RemoteConfigService remoteConfigService; public SysUserController(ISysUserService userService, ISysRoleService roleService, ISysPostService postService, ISysPermissionService permissionService, ISysConfigService configService, ISysMenuVisuService menuVisuService) { this.userService = userService; this.roleService = roleService; this.postService = postService; this.permissionService = permissionService; this.configService = configService; this.menuVisuService = menuVisuService; } /** * 获取用户列表 */ @ApiOperation(value = "获取用户列表", notes = "获取用户列表") @RequiresPermissions("system:user:list") @GetMapping("/list") public TableDataInfo list(SysUser user) { startPage(); List list = userService.selectUserList(user); return getDataTable(list); } /** * 根据条件分页查询用户列表-只查询部门本级 */ @ApiOperation(value = "根据条件分页查询用户列表-只查询部门本级", notes = "根据条件分页查询用户列表-只查询部门本级") @GetMapping("/listUserOnlyThisLevel") public TableDataInfo listUserOnlyThisLevel(SysUser user) { startPage(); List list = userService.listUserOnlyThisLevel(user); return getDataTable(list); } /** * 获取用户列表 */ @ApiOperation(value = "远程获取用户列表", notes = "远程获取用户列表") @PostMapping("/userFeginlist") public R> userFeginlist(@RequestBody SysUser user) { List list = userService.selectUserList(user); return R.ok(list); } /** * 获取用户列表(分页) */ @ApiOperation(value = "远程获取用户列表", notes = "远程获取用户列表") @PostMapping("/userFeginlistWithPage") public List userFeginlistWithPage(@RequestBody SysUser user) { List list = userService.selectUserListAll(user); return list; } /** * 获取用户部门列表 */ @ApiOperation(value = "远程获取用户部门列表", notes = "远程获取用户列表") @GetMapping("/selectUserWithPostByDeptId") public R> selectUserWithPostByDeptId(SysUser user) { List list = userService.selectUserWithPostByDeptId(user); return R.ok(list); } /** * 导出获取用户列表 */ @ApiOperation(value = "导出获取用户列表", notes = "导出获取用户列表") @Log(title = "用户管理", businessType = BusinessType.EXPORT) @RequiresPermissions("system:user:export") @PostMapping("/export") public void export(HttpServletResponse response, SysUser user) { List list = userService.selectUserList(user); ExcelUtil util = new ExcelUtil<>(SysUser.class); util.exportExcel(response, list, "用户数据"); } /** * 导入获取用户数据 */ @ApiOperation(value = "导入获取用户数据", notes = "导入获取用户数据") @Log(title = "用户管理", businessType = BusinessType.IMPORT) @RequiresPermissions("system:user:import") @PostMapping("/importData") public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception { ExcelUtil util = new ExcelUtil<>(SysUser.class); List userList = util.importExcel(file.getInputStream()); String operName = SecurityUtils.getUsername(); String message = userService.importUser(userList, updateSupport, operName); return AjaxResult.success(message); } /** * 导入模板 */ @ApiOperation(value = "导入模板", notes = "导入模板") @PostMapping("/importTemplate") public void importTemplate(HttpServletResponse response){ ExcelUtil util = new ExcelUtil<>(SysUser.class); util.importTemplateExcel(response, "用户数据"); } /** * 获取当前用户信息 */ @ApiOperation(value = "获取当前用户信息", notes = "获取当前用户信息") @InnerAuth @GetMapping("/info/{username}") public R info(@PathVariable("username") String username) { SysUser sysUser = userService.selectUserByUserName(username); if (StringUtils.isNull(sysUser)) { return R.fail("用户名或密码错误"); } // 角色集合 Set roles = permissionService.getRolePermission(sysUser.getUserId()); // 权限集合 Set permissions = permissionService.getMenuPermission(sysUser.getUserId()); LoginUser sysUserVo = new LoginUser(); sysUserVo.setSysUser(sysUser); sysUserVo.setRoles(roles); sysUserVo.setPermissions(permissions); sysUserVo.setUservisuList(userService.selectUservisu(sysUser.getRoles())); sysUserVo.setUserappList(userService.selectUserapp(sysUser.getRoles())); return R.ok(sysUserVo); } /** * 获取可视化菜单信息 * * @return 用户信息 */ @ApiOperation(value = "获取可视化菜单信息", notes = "获取可视化菜单信息") @GetMapping("selectRoleMenuVisuTreest") public AjaxResult selectRoleMenuVisuTreest() { // String userName = SecurityUtils.getLoginUser().getUsername(); // if (userName.equals("admin")) { if (SysUser.isAdmin(SecurityUtils.getUserId())) { List list = userService.selectAll(); AjaxResult ajax = AjaxResult.success(); ajax.put("list", list); return ajax; } List sysRoleList = SecurityUtils.getLoginUser().getSysUser().getRoles(); AjaxResult ajax = AjaxResult.success(); List loginUserList = new ArrayList<>(); if (sysRoleList != null && sysRoleList.size() > 0) { loginUserList = userService.selectRoleMenuVisuTreest(sysRoleList); } ajax.put("list", loginUserList); return ajax; } /** * 注册用户信息 */ @ApiOperation(value = "注册用户信息", notes = "注册用户信息") @InnerAuth @PostMapping("/register") public R register(@RequestBody SysUser sysUser) { String username = sysUser.getUserName(); if (!("true".equals(configService.selectConfigByKey("sys.account.registerUser")))) { return R.fail("当前系统没有开启注册功能!"); } if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(username))) { return R.fail("保存用户'" + username + "'失败,注册账号已存在"); } return R.ok(userService.registerUser(sysUser)); } /** * 获取用户信息 * * @return 用户信息 */ @ApiOperation(value = "获取用户信息详细", notes = "获取用户信息详细") @GetMapping("getInfo") public AjaxResult getInfo(HttpServletRequest request) { Long userId = SecurityUtils.getUserId(); // 角色集合 Set roles = permissionService.getRolePermission(userId); // 权限集合 Set permissions = permissionService.getMenuPermission(userId); AjaxResult ajax = AjaxResult.success(); SysUser user = userService.selectUserById(userId); /**图片前缀**/ String uri = configService.selectConfigByKey("fileUrl"); if(StringUtils.isNotEmpty(user.getAvatar())){ user.setAvatar(uri+user.getAvatar()); } ajax.put("user", user); ajax.put("roles", roles); ajax.put("permissions", permissions); ajax.put("release",release(request, user)); return ajax; } /** * 判断用户是否具有该可视化权限 * 如果有则放行,没有返回false * * */ public JSONObject release(HttpServletRequest request, SysUser user){ JSONObject result = new JSONObject(); String referer = request.getHeader("Referer"); //全部可视化菜单 List allVisu = menuVisuService.selectSysMenuVisuList(new SysMenuVisu()); //用户拥有的可视化菜单 List userHasVisu = userService.selectUservisu(user.getRoles()); JSONArray allArray = JSONUtil.parseArray(allVisu); JSONArray userHasArray = JSONUtil.parseArray(userHasVisu); //如果访问的是可视化菜单内的 并且用户没有这个菜单 返回false boolean isRefererInAll = contains(allArray,referer); boolean isRefererInUserHas = contains(userHasArray,referer); logger.info("访问路径 ==>{}, 访问路径是否在系统菜单里 ==>{}, 用户是否具有该路径权限 ==>{}",referer, isRefererInAll, isRefererInUserHas); if(isRefererInAll){ if (!isRefererInUserHas) { result.put("flag", false); result.put("url", configService.selectConfigByKey("backToMainPage")); return result; } } result.put("flag",true); return result; } public boolean contains(JSONArray jsonArray, String referer){ boolean flag = false; String url = ""; for (Object o : jsonArray) { String type = JSONUtil.parseObj(o).get("menuType").toString(); switch (type) { case "P": url = JSONUtil.parseObj(o).getStr("pageServerUrl"); break; case "ZC": case "FC": url = JSONUtil.parseObj(o).getStr("pageRouterUrl"); break; case "ZM": case "FM": url = JSONUtil.parseObj(o).getStr("componentUrl"); break; } if (StringUtils.isNotEmpty(url) && compareUrlIpPort(referer, url)) { logger.info("Referer ==>{}, PageRouterUrl ==>{}", referer, url); flag = true; } } return flag; } public boolean compareUrlIpPort(String url1, String url2){ try { URL u1 = new URL(url1); URL u2 = new URL(url2); // 获取 host(IP 或域名) String host1 = u1.getHost(); String host2 = u2.getHost(); // 获取端口(如果没有显式指定,返回 -1) int port1 = u1.getPort(); int port2 = u2.getPort(); // 如果未指定端口,使用默认端口(HTTP=80, HTTPS=443) if (port1 == -1) port1 = u1.getDefaultPort(); if (port2 == -1) port2 = u2.getDefaultPort(); // 比对 host 和 port return host1.equals(host2) && (port1 == port2); } catch (MalformedURLException e) { logger.error("URL 格式错误: " + e.getMessage()); } return false; } /** * 根据用户编号获取详细信息 */ @ApiOperation(value = "根据用户编号获取详细信息", notes = "根据用户编号获取详细信息") @RequiresPermissions("system:user:query") @GetMapping(value = {"/", "/{userId}"}) public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) { userService.checkUserDataScope(userId); AjaxResult ajax = AjaxResult.success(); List roles = roleService.selectRoleAll(); ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList())); ajax.put("posts", postService.selectPostAll()); if (StringUtils.isNotNull(userId)) { SysUser sysUser = userService.selectUserById(userId); ajax.put(AjaxResult.DATA_TAG, sysUser); ajax.put("postIds", postService.selectPostListByUserId(userId)); ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList())); ajax.put("deptIds", sysUser.getDepts().stream().map(SysDept::getDeptId).collect(Collectors.toList())); ajax.put("partyIds", sysUser.getDeptParties().stream().map(SysDeptParty::getDeptId).collect(Collectors.toList())); } return ajax; } @ApiOperation(value = "根据用户编号获取详细信息远程接口", notes = "根据用户编号获取详细信息远程接口") @RequestMapping(value = "/selectById/{userId}",method = GET) public R selectById(@PathVariable("userId") Long userId) { return R.ok(userService.selectUserById(userId)); } /** * 修改用户jg远程调用 */ @ApiOperation(value = "修改用户jg远程调用", notes = "修改用户jg远程调用") @RequestMapping(value = "/updateUserJg/{userName}/{deviceid}",method = GET) public R updateUserJg(@PathVariable("userName") String userName,@PathVariable("deviceid") String deviceid) { return R.ok(userService.updateUserJg(userName,deviceid)); } /** * 新增用户 */ @ApiOperation(value = "新增用户", notes = "新增用户") @RequiresPermissions("system:user:add") @Log(title = "用户管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysUser user) { if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName()))) { return AjaxResult.error("新增用户'" + user.getUserName() + "'失败,登录账号已存在"); } else if (StringUtils.isNotEmpty(user.getPhonenumber()) && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { return AjaxResult.error("新增用户'" + user.getUserName() + "'失败,手机号码已存在"); } else if (StringUtils.isNotEmpty(user.getEmail()) && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) { return AjaxResult.error("新增用户'" + user.getUserName() + "'失败,邮箱账号已存在"); } else if (PassUtil.isStringPwd(user.getPassword()).equals("0")) { return AjaxResult.error("新增用户'" + user.getUserName() + "'失败,密码必须大于等于8位,包含特殊字符,数字,大小写字母"); } user.setCreateBy(SecurityUtils.getUsername()); user.setPassword(SecurityUtils.encryptPassword(user.getPassword())); return toAjax(userService.insertUser(user)); } /** * 修改用户 */ @ApiOperation(value = "修改用户", notes = "修改用户") @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysUser user) { userService.checkUserAllowed(user); userService.checkUserDataScope(user.getUserId()); if (StringUtils.isNotEmpty(user.getPhonenumber()) && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { return AjaxResult.error("修改用户'" + user.getUserName() + "'失败,手机号码已存在"); } else if (StringUtils.isNotEmpty(user.getEmail()) && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) { return AjaxResult.error("修改用户'" + user.getUserName() + "'失败,邮箱账号已存在"); } user.setUpdateBy(SecurityUtils.getUsername()); return toAjax(userService.updateUser(user)); } /** * 删除用户 */ @ApiOperation(value = "删除用户", notes = "删除用户") @RequiresPermissions("system:user:remove") @Log(title = "用户管理", businessType = BusinessType.DELETE) @DeleteMapping("/{userIds}") public AjaxResult remove(@PathVariable Long[] userIds) { if (ArrayUtils.contains(userIds, SecurityUtils.getUserId())) { return AjaxResult.error("当前用户不能删除"); } return toAjax(userService.deleteUserByIds(userIds)); } /** * 重置密码 */ @ApiOperation(value = "重置密码", notes = "重置密码") @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping("/resetPwd") public AjaxResult resetPwd(@RequestBody SysUser user) { userService.checkUserAllowed(user); userService.checkUserDataScope(user.getUserId()); user.setPassword(SecurityUtils.encryptPassword(user.getPassword())); user.setUpdateBy(SecurityUtils.getUsername()); return toAjax(userService.resetPwd(user)); } /** * 状态修改 */ @ApiOperation(value = "状态修改", notes = "状态修改") @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping("/changeStatus") public AjaxResult changeStatus(@RequestBody SysUser user) { userService.checkUserAllowed(user); userService.checkUserDataScope(user.getUserId()); user.setUpdateBy(SecurityUtils.getUsername()); return toAjax(userService.updateUserStatus(user)); } /** * 根据用户编号获取授权角色 */ @ApiOperation(value = "根据用户编号获取授权角色", notes = "根据用户编号获取授权角色") @RequiresPermissions("system:user:query") @GetMapping("/authRole/{userId}") public AjaxResult authRole(@PathVariable("userId") Long userId) { AjaxResult ajax = AjaxResult.success(); SysUser user = userService.selectUserById(userId); List roles = roleService.selectRolesByUserId(userId); ajax.put("user", user); ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList())); return ajax; } /** * 用户授权角色 */ @ApiOperation(value = "用户授权角色", notes = "用户授权角色") @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.GRANT) @PutMapping("/authRole") public AjaxResult insertAuthRole(Long userId, Long[] roleIds) { userService.checkUserDataScope(userId); userService.insertUserAuth(userId, roleIds); return success(); } /** * 获取全部用户列表 */ @ApiOperation(value = "获取全部用户列表", notes = "获取全部用户列表") @RequestMapping(value = "/userListAll",method = POST) public R> userListAll(@RequestBody List message) { Map map = new HashMap<>(); List userList = new ArrayList<>(); for (PushMessageVO vo : message) { SysUser user = new SysUser(); user.setUserId(vo.getUserId()); List list = userService.selectUserList(user); userList.addAll(list); } map.put("list", userList); return R.ok(map); } /** * 获取应急巡检人员列表 */ @ApiOperation(value = "获取应急巡检人员列表", notes = "获取应急巡检人员列表") @GetMapping(value = "/findEmergencyUserByPost") public AjaxResult findEmergencyUserByPost() { return userService.findEmergencyUserByPost(); } /** * 根据部门获取接收短信人员 */ @ApiOperation(value = "根据部门获取接收短信人员", notes = "根据部门获取接收短信人员") @PostMapping("/selectDeptAndUsersByIsShortmsg") public R selectDeptAndUsersByIsShortmsg(@RequestBody SysUser user) { if(user.getDeptIds() == null || user.getDeptIds().length == 0){ return R.fail("缺少必要参数"); } List users = userService.selectDeptAndUsersByIsShortmsg(user); return R.ok(users); } /** * 根据部门获取接收推送人员 */ @ApiOperation(value = "根据部门获取接收推送人员", notes = "根据部门获取接收推送人员") @PostMapping("/selectDeptAndUsersByIsPushmsg") public R selectDeptAndUsersByIsPushmsg(@RequestBody SysUser user) { if(user.getDeptIds() == null || user.getDeptIds().length == 0){ return R.fail("缺少必要参数"); } List users = userService.selectDeptAndUsersByIsPushmsg(user); return R.ok(users); } /** * * 维护中心首页-右上角五个数 * **/ @GetMapping("/selectMaintenanceCenter") @ApiOperation(value = "维护中心首页-右上角五个数", notes = "查询全部账号的数量") public AjaxResult selectMaintenanceCenter(SysUser sysUser) { List list = userService.selectMaintenanceCenter(sysUser); return AjaxResult.success(list); } /** * * 维护中心首页列表 * **/ @GetMapping("/selectMaintenanceCenterHomepageList") @ApiOperation(value = "维护中心首页列表", notes = "查询全部部门下注册活跃用户") public TableDataInfo selectMaintenanceCenterHomepageList(SysUser sysUser) { List list = userService.selectMaintenanceCenterHomepageList(sysUser); return getDataTable(list); } /** * * 维护中心首页总数与活跃数对比 * **/ @GetMapping("/selectMaintenanceCenterTotalanDactive") @ApiOperation(value = "维护中心首页总数与活跃数对比", notes = "维护中心首页总数与活跃数对比") public AjaxResult selectMaintenanceCenterTotalanDactive(SysUser sysUser) { List list = userService.selectMaintenanceCenterTotalanDactive(sysUser); return AjaxResult.success(list); } /** * * 维护中心首页市直部门,三县两区注册数和活跃数对比 * **/ @GetMapping("/selectCountyanddistrictDactive") @ApiOperation(value = "维护中心首页市直部门,三县两区注册数和活跃数对比", notes = "维护中心首页市直部门,三县两区注册数和活跃数对比") public AjaxResult selectCountyanddistrictDactive(SysUser sysUser) { List list = userService.selectCountyanddistrictDactive(sysUser); return AjaxResult.success(list); } /** * 强制用户修改密码判断 */ @ApiOperation(value = "强制用户修改密码判断", notes = "强制用户修改密码判断") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @GetMapping("/forceUpdatePwd/{username}") public AjaxResult forceUpdatePwd(@PathVariable("username") String username) { Date currentTime = new Date(); SysUser sysUser = userService.selectUserByUserName(username); if(sysUser.getUpdatePwdTime() == null){ return AjaxResult.success(true); } R forceUpdatePwdTime = remoteConfigService.remotegetConfigKey("force_update_pwd_time"); if (ObjectUtils.isNotEmpty(sysUser)) { // 获取当前日期 Calendar calendar = Calendar.getInstance(); calendar.setTime(sysUser.getUpdatePwdTime()); // 将当前日期加上forceUpdatePwdTime天 calendar.add(Calendar.DAY_OF_YEAR, Integer.parseInt(forceUpdatePwdTime.getData())); Date futureDate = calendar.getTime(); return AjaxResult.success(currentTime.compareTo(futureDate) >= 0); } else { return AjaxResult.error("未查询到用户信息"); } } @GetMapping("/punchCard") public List getPunchCardStatistics() { List punchCardStatistics = userService.getPunchCardStatistics(); return punchCardStatistics; } }