package com.zy.asrs.common.web; import com.alibaba.fastjson.JSON; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.zy.asrs.common.domain.CodeRes; import com.zy.asrs.common.domain.dto.PowerDto; import com.zy.asrs.common.domain.entity.Parameter; import com.zy.asrs.common.domain.enums.HtmlNavIconType; import com.zy.asrs.common.domain.enums.LoginSystemType; import com.zy.asrs.common.sys.entity.*; import com.zy.asrs.common.sys.service.*; import com.zy.asrs.common.utils.RandomValidateCodeUtil; import com.zy.asrs.framework.annotations.ManagerAuth; import com.zy.asrs.framework.common.Cools; import com.zy.asrs.framework.common.R; import com.zy.asrs.framework.exception.CoolException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.transaction.annotation.Transactional; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletResponse; import java.util.*; /** * Created by vincent on 2019-07-30 */ @RestController public class AuthController extends BaseController { @Value("${super.pwd}") private String superPwd; @Autowired private UserService userService; @Autowired private RoleService roleService; @Autowired private UserLoginService userLoginService; @Autowired private ResourceService resourceService; @Autowired private RoleResourceService roleResourceService; @Autowired private HostService hostService; @Autowired private ConfigService configService; @RequestMapping("/login.action") @ManagerAuth(value = ManagerAuth.Auth.NONE, memo = "登录") public R loginAction(String username, String password, Boolean wms) { if (username.equals("super") && password.equals(Cools.md5(superPwd))) { Map res = new HashMap<>(); res.put("username", username); res.put("token", Cools.enToken(System.currentTimeMillis() + username, superPwd)); return R.ok(res); } LambdaQueryWrapper userWrapper = new LambdaQueryWrapper<>(); userWrapper.eq(User::getUsername, username); User user = userService.getOne(userWrapper); if (Cools.isEmpty(user)) { return R.parse(CodeRes.USER_10001); } if (user.getStatus() != 1) { return R.parse(CodeRes.USER_10002); } if (!user.getPassword().equals(password)) { return R.parse(CodeRes.USER_10003); } String system = null;//登陆系统 if (wms) { system = String.valueOf(LoginSystemType.WMS); }else { system = String.valueOf(LoginSystemType.WCS); } String token = Cools.enToken(System.currentTimeMillis() + username, user.getPassword()); userLoginService.remove(new LambdaQueryWrapper().eq(UserLogin::getUserId, user.getId()).eq(UserLogin::getSystem, system)); UserLogin userLogin = new UserLogin(); userLogin.setUserId(user.getId()); userLogin.setToken(token); userLogin.setCreateTime(new Date()); userLogin.setSystem(system); if (user.getRoleId() == 2) { userLogin.setHostId(hostService.getTop1().getId()); } userLoginService.save(userLogin); Map res = new HashMap<>(); res.put("username", user.getUsername()); res.put("token", token); return R.ok(res); } @RequestMapping("/show/host.action") @ManagerAuth public R showHosts() { Long hostId = getHostId(); String hostName = null; if (hostId != null) { Host host = hostService.getById(hostId); if (host != null) { hostName = host.getName(); } } return R.ok().add(Cools .add("root", getUser().getRoleId() == 2) .add("host", getHostId() == null) .add("hostName", hostName) ); } @RequestMapping(value = "/root/change/host/auth") @ManagerAuth public R rootChangeHost(@RequestParam Long hostId) { UserLogin userLogin = userLoginService.getOne(new LambdaQueryWrapper().eq(UserLogin::getUserId, getUserId()).eq(UserLogin::getSystem, String.valueOf(LoginSystemType.WMS))); if (userLogin != null) { userLogin.setHostId(hostId); if (!userLoginService.updateById(userLogin)) { throw new CoolException("修改商户失败"); } return R.ok(); } else { return R.error(); } } @RequestMapping("/code/switch.action") public R code() { return R.ok().add(Parameter.get().getCodeSwitch()); } @RequestMapping("/code.action") public void code(@RequestParam String sd, HttpServletResponse response) { RandomValidateCodeUtil.getRandcode(sd, response); } @RequestMapping("/code.do") public String codeDo(@RequestParam String sd) throws Exception { String code = null; int time = 0; while (time < 3000) { code = RandomValidateCodeUtil.code.get(sd); if (!Cools.isEmpty(code)){ break; } else { Thread.sleep(10); time = time + 100; } } RandomValidateCodeUtil.code.remove(sd); return code; } @RequestMapping("/user/detail/auth") @ManagerAuth public R userDetail(){ return R.ok(userService.getById(getUserId())); } @RequestMapping("/menu/auth") @ManagerAuth public R menu(){ // 获取所有一级菜单 List oneLevel; User user = null; LambdaQueryWrapper resourceWrapper; if (getUserId() == 9527) { oneLevel = resourceService.list(new LambdaQueryWrapper().eq(Resource::getLevel, 1).orderByAsc(Resource::getSort)); resourceWrapper = new LambdaQueryWrapper().eq(Resource::getLevel, 2).eq(Resource::getStatus, 1).orderByAsc(Resource::getSort); } else { oneLevel = resourceService.list(new LambdaQueryWrapper().eq(Resource::getLevel, 1).eq(Resource::getStatus, 1).orderByAsc(Resource::getSort)); // 获取当前用户的所有二级菜单 user = userService.getById(getUserId()); List roleResources = roleResourceService.list(new LambdaQueryWrapper().eq(RoleResource::getRoleId, user.getRoleId())); List resourceIds = new ArrayList<>(); roleResources.forEach(roleResource -> resourceIds.add(roleResource.getResourceId())); if (resourceIds.isEmpty()){ return R.ok(); } resourceWrapper = new LambdaQueryWrapper().in(Resource::getId, resourceIds).eq(Resource::getLevel, 2).eq(Resource::getStatus, 1).orderByAsc(Resource::getSort); } List twoLevel = resourceService.list(resourceWrapper); List> result = new ArrayList<>(); for (Resource menu : oneLevel) { Map map = new HashMap<>(); List subMenu = new ArrayList<>(); Iterator iterator = twoLevel.iterator(); while (iterator.hasNext()) { Resource resource = iterator.next(); if (resource.getResourceId() != null && resource.getResourceId().equals(menu.getId())) { // 是否拥有查看权限 if (getUserId() != 9527) { Resource view = resourceService.getOne(new LambdaQueryWrapper().eq(Resource::getResourceId, resource.getId()).like(Resource::getCode, "#view")); if (!Cools.isEmpty(view)) { RoleResource param = new RoleResource(); param.setResourceId(view.getId()); param.setRoleId(user.getRoleId()); if (null == roleResourceService.getOne(new LambdaQueryWrapper<>(param))) { continue; } } } subMenu.add(resource); iterator.remove(); } } if (subMenu.isEmpty()) { continue; } map.put("menuId", menu.getId()); map.put("menuCode", menu.getCode()); map.put("menuIcon", HtmlNavIconType.get(menu.getCode())); map.put("menu", menu.getName()); map.put("subMenu", subMenu); result.add(map); } return R.ok(result); } @RequestMapping("/power/list/auth") @ManagerAuth public R powerList(){ List oneLevels = resourceService.list(new LambdaQueryWrapper().eq(Resource::getLevel, 1).eq(Resource::getStatus, 1).orderByAsc(Resource::getSort)); List result = new ArrayList<>(); // 一级 for (Resource oneLevel : oneLevels){ List twoLevelsList = new ArrayList<>(); Map oneLevelMap = new HashMap<>(); oneLevelMap.put("title", oneLevel.getName()); oneLevelMap.put("id", oneLevel.getId()); oneLevelMap.put("spread", true); oneLevelMap.put("children", twoLevelsList); List twoLevels = resourceService.list(new LambdaQueryWrapper().eq(Resource::getResourceId, oneLevel.getId()).eq(Resource::getLevel, 2).eq(Resource::getStatus, 1).orderByAsc(Resource::getSort)); // 二级 for (Resource twoLevel : twoLevels){ Map twoLevelMap = new HashMap<>(); twoLevelMap.put("title", twoLevel.getName()); twoLevelMap.put("id", twoLevel.getId()); twoLevelMap.put("spread", false); List threeLevelsList = new ArrayList<>(); twoLevelMap.put("children", threeLevelsList); // 三级 List threeLevels = resourceService.list(new LambdaQueryWrapper().eq(Resource::getResourceId, twoLevel.getId()).eq(Resource::getLevel, 3).eq(Resource::getStatus, 1).orderByAsc(Resource::getSort)); for (Resource threeLevel : threeLevels){ Map threeLevelMap = new HashMap<>(); threeLevelMap.put("title", threeLevel.getName()); threeLevelMap.put("id", threeLevel.getId()); threeLevelMap.put("checked", false); threeLevelsList.add(threeLevelMap); } twoLevelsList.add(twoLevelMap); } result.add(oneLevelMap); } return R.ok(result); } @RequestMapping(value = "/power/{roleId}/auth") @ManagerAuth public R get(@PathVariable("roleId") Long roleId) { List result = new ArrayList<>(); // 菜单 List roleResources = roleResourceService.list(new LambdaQueryWrapper().eq(RoleResource::getRoleId, roleId)); for (RoleResource roleResource : roleResources){ Resource resource = resourceService.getById(roleResource.getResourceId()); if (!Cools.isEmpty(resource)){ if (resource.getLevel() == 3){ result.add(resource.getId()); } } } return R.ok(result); } @RequestMapping("/power/auth") @ManagerAuth(memo = "授权") @Transactional public R power(Long roleId, String powers){ Role role = roleService.getById(roleId); Long leaderId = role.getLeader(); roleResourceService.remove(new LambdaQueryWrapper().eq(RoleResource::getRoleId, roleId)); if (!Cools.isEmpty(powers)){ List dtos = JSON.parseArray(powers, PowerDto.class); for (PowerDto dto : dtos) { Resource resource = resourceService.getOne(new LambdaQueryWrapper().eq(Resource::getId, dto.getTwo()).eq(Resource::getLevel, 2)); if (!Cools.isEmpty(resource)) { // 校验上级权限 if (leaderId != null) { RoleResource roleResource = roleResourceService.getOne(new LambdaQueryWrapper().eq(RoleResource::getRoleId, leaderId).eq(RoleResource::getResourceId, resource.getId())); if (null == roleResource) { throw new CoolException(resource.getName().concat("无法授权给").concat(role.getName())); } } RoleResource roleResource = new RoleResource(); roleResource.setRoleId(roleId); roleResource.setResourceId(resource.getId()); roleResourceService.save(roleResource); } for (String three : dto.getThree()){ Resource resource1 = resourceService.getOne(new LambdaQueryWrapper().eq(Resource::getId, three).eq(Resource::getLevel, 3)); if (!Cools.isEmpty(resource1)) { // 校验上级权限 if (leaderId != null) { RoleResource roleResource = roleResourceService.getOne(new LambdaQueryWrapper().eq(RoleResource::getRoleId, leaderId).eq(RoleResource::getResourceId, resource1.getId())); if (null == roleResource) { throw new CoolException(resource.getName().concat("的").concat(resource1.getName().concat("无法授权给").concat(role.getName()))); } } RoleResource roleResource = new RoleResource(); roleResource.setRoleId(roleId); roleResource.setResourceId(resource1.getId()); roleResourceService.save(roleResource); } } } } return R.ok(); } @RequestMapping(value = "/power/menu/{resourceId}/auth") @ManagerAuth public R buttonResource(@PathVariable("resourceId") Long resourceId) { List resources; if (getUserId() == 9527) { resources = resourceService.list(new LambdaQueryWrapper().eq(Resource::getLevel, 3).eq(Resource::getResourceId, resourceId)); } else { resources = roleResourceService.getMenuButtomResource(resourceId, getUserId()); } for (Resource resource : resources) { resource.setCode(resource.getCode().split("#")[1]); } return R.ok(resources); } @RequestMapping("/loginInformation") public R getLoginPageInformation() { Config loginLogo = configService.selectByCode("loginLogo"); Config loginCopyrightText = configService.selectByCode("loginCopyrightText"); Config loginCopyrightImg1 = configService.selectByCode("loginCopyrightImg1"); HashMap map = new HashMap<>(); map.put("loginLogo", loginLogo.getValue()); map.put("loginCopyrightText", loginCopyrightText.getValue()); map.put("loginCopyrightImg1", loginCopyrightImg1.getStatus() == 1 ? loginCopyrightImg1.getValue() : ""); return R.ok().add(map); } }