diff --git a/modules/core/src/main/java/com/jeesite/modules/file/web/FileUploadController.java b/modules/core/src/main/java/com/jeesite/modules/file/web/FileUploadController.java new file mode 100644 index 00000000..5de6bb09 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/file/web/FileUploadController.java @@ -0,0 +1,86 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.file.web; + +import com.jeesite.common.collect.MapUtils; +import com.jeesite.common.config.Global; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.file.entity.FileUpload; +import com.jeesite.modules.file.entity.FileUploadParams; +import com.jeesite.modules.file.service.FileUploadService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.Map; + +/** + * 文件管理Controller + * @author ThinkGem + * @version 2019-12-23 + */ +@Controller +@RequestMapping(value = "${adminPath}/file") +@ConditionalOnProperty(name={"file.enabled","web.core.enabled"}, havingValue="true", matchIfMissing=true) +public class FileUploadController extends BaseController { + + @Autowired + private FileUploadService fileUploadService; + + /** + * 上传文件参数 + */ + @RequestMapping(value = "params") + @ResponseBody + public Map params() { + Map model = MapUtils.newHashMap(); + model.put("imageAllowSuffixes", Global.getConfig("file.imageAllowSuffixes", FileUploadParams.DEFAULT_IMAGE_ALLOW_SUFFIXES)); + model.put("mediaAllowSuffixes", Global.getConfig("file.mediaAllowSuffixes", FileUploadParams.DEFAULT_MEDIA_ALLOW_SUFFIXES)); + model.put("fileAllowSuffixes", Global.getConfig("file.fileAllowSuffixes", FileUploadParams.DEFAULT_FILE_ALLOW_SUFFIXES)); + model.put("chunked", Global.getConfig("file.chunked", "true")); + model.put("chunkSize", Global.getConfigToInteger("file.chunkSize", "10*1024*1024")); + model.put("threads", Global.getConfigToInteger("file.threads", "3")); + model.put("imageMaxWidth", Global.getConfigToInteger("file.imageMaxWidth", "1024")); + model.put("imageMaxHeight", Global.getConfigToInteger("file.imageMaxHeight", "768")); + return model; + } + + /** + * 上传文件 + */ + @RequestMapping(value = "upload") + @ResponseBody + public Map uploadFile(FileUploadParams params) { + return fileUploadService.uploadFile(new FileUpload(), params); + } + + /** + * 下载文件 + */ + @RequestMapping(value = "/download/{fileUploadId}") + public String downloadFile(@PathVariable("fileUploadId") String fileUploadId, String preview, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + FileUpload fileUpload = fileUploadService.getFile(new FileUpload(fileUploadId)); + return fileUploadService.downloadFile(fileUpload, preview, request, response); + } + + /** + * 获取文件列表 + * @param fileUpload bizKey 和 bizType 为必填参数 + * @param bizKeyIsLike 是否对 bizKey 使用 RightLike 右模糊查询 + */ + @RequestMapping(value = "fileList") + @ResponseBody + public String getFileList(FileUpload fileUpload, Boolean bizKeyIsLike) { + return fileUploadService.getFileList(fileUpload, bizKeyIsLike); + } + +} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/file/web/UserfilesController.java b/modules/core/src/main/java/com/jeesite/modules/file/web/UserfilesController.java new file mode 100644 index 00000000..03bf014d --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/file/web/UserfilesController.java @@ -0,0 +1,108 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.file.web; + +import com.jeesite.common.codec.EncodeUtils; +import com.jeesite.common.config.Global; +import com.jeesite.common.io.FileUtils; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.web.BaseController; +import org.apache.commons.lang3.math.NumberUtils; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import springfox.documentation.annotations.ApiIgnore; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.File; +import java.io.IOException; + +/** + * 用户文件下载 + * @author ThinkGem + * @version 2022-09-27 + */ +@Controller +@ConditionalOnProperty(name="file.isFileStreamDown", havingValue="true", matchIfMissing=true) +@ApiIgnore +public class UserfilesController extends BaseController { + + @RequestMapping(value="/userfiles/**") + public String fileStreamDown(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + + // 获取相对文件地址 + String fileUri = request.getRequestURI(); + String filePath = StringUtils.substringAfter(fileUri, Global.USERFILES_BASE_URL); + String fileName = request.getParameter("fileName"); + + // 如果开启了文件预览,则跳转到具体的文件预览组件地址。 + String preview = request.getParameter("preview"); + if (StringUtils.isNotBlank(preview)){ + String fileUrl = request.getRequestURL() + "?source=preview"; + String url = request.getParameter("url"); + String uid = request.getParameter("uid"); + if (StringUtils.isNotBlank(url) && StringUtils.isNotBlank(uid)){ + fileUrl = url; //EncodeUtils.decodeUrl(url); 不用解码,否则腾讯云存储的时候预览不能显示 + fileUri = Global.getCtxPath() + Global.getAdminPath() + "/file/download/" + uid; + filePath = fileName; + } else if (StringUtils.isNotBlank(fileName)){ + fileUri += "?fileName=" + EncodeUtils.encodeUrl(fileName); + } + String previewUrl = "/file/" + preview + "/preview"; + request.setAttribute("fileUrl", fileUrl); // 文件访问地址 + request.setAttribute("fileUri", fileUri); // 文件下载地址(fileDown) + request.setAttribute("filePath", filePath); // 文件相对路径或文件名 + request.setAttribute("fileUrls", request.getParameter("urls")); // 前后照片列表 + request.setAttribute(RequestDispatcher.FORWARD_REQUEST_URI, previewUrl); + request.getRequestDispatcher(previewUrl).forward(request, response); + return null; + } + + // 获取文件实际路径 + filePath = Global.getUserfilesBaseDir(filePath); + + // 根据实际路径获取文件对象 + File file = new File(EncodeUtils.decodeUrl(filePath)); + + // 如果文件不存在,尝试下gbk编码 + if (!file.exists()){ + File gbkFile = new File(EncodeUtils.decodeUrl(filePath, "GBK")); + if (gbkFile.exists()){ + file = gbkFile; + } + } + + // 下载文件,发送到客户浏览器 + String range = request.getHeader("Range"); + if (StringUtils.isNotBlank(range)){ + logger.debug("File: {} Range: {}", file, range); + }else{ + logger.debug("File: {}", file); + } + if (StringUtils.isBlank(fileName)){ + fileName = file.getName(); + } + // 替换到百度编辑器上传的日期时间后缀 + String filenameTimeSuffix = StringUtils.substringAfterLast(FileUtils.getFileNameWithoutExtension(fileName), "_$"); + if (NumberUtils.isCreatable(filenameTimeSuffix)){ + fileName = StringUtils.replace(fileName, "_$" + filenameTimeSuffix, ""); + } + if (file.exists()){ + FileUtils.downFile(file, request, response, fileName); + return null; + } + + // 找不到下载文件,提示文件丢失或不存在 + request.setAttribute("responseStatus", 200); + request.setAttribute("message", text("sys.file.downloadFileNotExist")); + request.getRequestDispatcher("/error/404").forward(request, response); + return null; + } + +} diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/AreaController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/AreaController.java index 7fd815e3..3a2eeb14 100644 --- a/modules/core/src/main/java/com/jeesite/modules/sys/web/AreaController.java +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/AreaController.java @@ -14,7 +14,6 @@ import com.jeesite.common.web.BaseController; import com.jeesite.modules.sys.entity.Area; import com.jeesite.modules.sys.service.AreaService; import com.jeesite.modules.sys.utils.AreaUtils; -import com.jeesite.modules.sys.utils.UserUtils; import io.swagger.annotations.Api; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; @@ -257,8 +256,8 @@ public class AreaController extends BaseController { @RequiresPermissions("sys:area:edit") @RequestMapping(value = "fixTreeData") @ResponseBody - public String fixTreeData(){ - if (!UserUtils.getUser().isAdmin()){ + public String fixTreeData(Area area){ + if (!area.currentUser().isAdmin()){ return renderResult(Global.FALSE, text("操作失败,只有管理员才能进行修复!")); } areaService.fixTreeData(); diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/AuditController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/AuditController.java new file mode 100644 index 00000000..02be4381 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/AuditController.java @@ -0,0 +1,148 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + +import com.jeesite.common.collect.ListUtils; +import com.jeesite.common.collect.MapUtils; +import com.jeesite.common.entity.Page; +import com.jeesite.common.lang.DateUtils; +import com.jeesite.common.lang.ObjectUtils; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.utils.excel.ExcelExport; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.sys.entity.Menu; +import com.jeesite.modules.sys.entity.Audit; +import com.jeesite.modules.sys.service.AuditService; + +import springfox.documentation.annotations.ApiIgnore; + +/** + * 安全审计Controller + * @author ThinkGem + * @version 2020-3-12 + */ +@Controller +@RequestMapping(value = "${adminPath}/sys/audit") +@ConditionalOnProperty(name={"user.enabled","web.core.enabled"}, havingValue="true", matchIfMissing=true) +@ApiIgnore +public class AuditController extends BaseController { + + @Autowired + private AuditService auditService; + + /** + * 安全审计列表 + */ + @RequiresPermissions("sys:audit:pwd") + @RequestMapping(value = "list") + public String auditList(Audit audit, Model model) { + model.addAttribute("audit", audit); + return "modules/sys/auditList"; + } + + /** + * 安全审计列表数据 + */ + @RequiresPermissions("sys:audit:pwd") + @ResponseBody + @RequestMapping(value = "listData") + public Page auditListData(Audit audit, HttpServletRequest request, HttpServletResponse response) { + audit.setPage(new Page<>(request, response)); + Page page = auditService.findAuditPage(audit); + return page; + } + + /** + * 安全审计数据导出 + */ + @RequiresPermissions("sys:audit:pwd") + @RequestMapping(value = "exportData") + public void auditExportData(Audit audit, HttpServletRequest request, HttpServletResponse response) { + String fileName = "安全审计数据" + DateUtils.getDate("yyyyMMdd") + ".xlsx"; + audit.setPage(new Page<>(1, Page.PAGE_SIZE_NOT_PAGING, Page.COUNT_NOT_COUNT)); + List list = auditService.findAuditPage(audit).getList(); + try (ExcelExport ee = new ExcelExport("安全审计数据", Audit.class)) { + ee.setDataList(list).write(response, fileName); + } + } + + /** + * 根据权限查用户 + */ + @RequiresPermissions("sys:audit:user") + @RequestMapping(value = "userList") + public String userList(Audit audit, Model model) { + model.addAttribute("audit", audit); + return "modules/sys/auditUserList"; + } + + /** + * 根据权限查用户数据 + */ + @RequiresPermissions("sys:audit:user") + @RequestMapping(value = "userListData") + @ResponseBody + public Page userListData(Audit audit, HttpServletRequest request, HttpServletResponse response) { + audit.setPage(new Page<>(request, response)); + Page page = auditService.findUserPage(audit); + return page; + } + + /** + * 根据用户查权限 + */ + @RequiresPermissions("sys:audit:menu") + @RequestMapping(value = "menuList") + public String menuList(Audit audit, Model model) { + model.addAttribute("audit", audit); + return "modules/sys/auditMenuList"; + } + + /** + * 根据用户查权限数据 + */ + @RequiresPermissions("sys:audit:menu") + @ResponseBody + @RequestMapping(value = "menuTreeData") + public Map menuListData(Audit audit) { + Map model = MapUtils.newHashMap(); + List menuList = auditService.findMenuList(audit); + Map>> map = MapUtils.newLinkedHashMap(); + for (Menu menu : menuList){ + List> list = map.get(menu.getSysCode()); + if (list == null){ + list = ListUtils.newArrayList(); + map.put(menu.getSysCode(), list); + } + Map m = MapUtils.newHashMap(); + m.put("id", menu.getMenuCode()); + m.put("pId", menu.getParentCode()); + m.put("name", menu.getMenuName() + "     " + + StringUtils.abbr(ObjectUtils.toString(menu.getPermission()) + "   " + + ObjectUtils.toString(menu.getMenuHref()), 50) + ""); + m.put("title", menu.getMenuName() + " " + + ObjectUtils.toString(menu.getPermission()) + "\n" + + ObjectUtils.toString(menu.getMenuHref())); + list.add(m); + } + model.put("menuMap", map); + return model; + } + +} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/CompanyController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/CompanyController.java index ddfca632..4bbfa13c 100644 --- a/modules/core/src/main/java/com/jeesite/modules/sys/web/CompanyController.java +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/CompanyController.java @@ -14,7 +14,6 @@ import com.jeesite.modules.sys.entity.Company; import com.jeesite.modules.sys.entity.Office; import com.jeesite.modules.sys.service.CompanyService; import com.jeesite.modules.sys.service.OfficeService; -import com.jeesite.modules.sys.utils.UserUtils; import io.swagger.annotations.Api; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; @@ -271,8 +270,8 @@ public class CompanyController extends BaseController { @RequiresPermissions("sys:company:edit") @RequestMapping(value = "fixTreeData") @ResponseBody - public String fixTreeData() { - if (!UserUtils.getUser().isAdmin()){ + public String fixTreeData(Company company) { + if (!company.currentUser().isAdmin()){ return renderResult(Global.FALSE, text("操作失败,只有管理员才能进行修复!")); } companyService.fixTreeData(); diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/ConfigController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/ConfigController.java new file mode 100644 index 00000000..018d29d5 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/ConfigController.java @@ -0,0 +1,158 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + +import com.jeesite.common.config.Global; +import com.jeesite.common.entity.Page; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.sys.entity.Config; +import com.jeesite.modules.sys.service.ConfigService; + +import springfox.documentation.annotations.ApiIgnore; + +/** + * 参数设置Controller + * @author ThinkGem + * @version 2014-07-31 + */ +@Controller +@RequestMapping(value = "${adminPath}/sys/config") +@ConditionalOnProperty(name="web.core.enabled", havingValue="true", matchIfMissing=true) +@ApiIgnore +public class ConfigController extends BaseController { + + @Autowired + private ConfigService configService; + + /** + * 获取数据 + * @param id + * @return + */ + @ModelAttribute + public Config get(String id, boolean isNewRecord) { + return configService.get(id, isNewRecord); + } + + /** + * 查询列表 + * @param config + * @param model + * @return + */ + @RequiresPermissions("sys:config:view") + @RequestMapping(value = "list") + public String list(Config config, Model model) { + model.addAttribute("config", config); + return "modules/sys/configList"; + } + + /** + * 查询列表 + * @param config + * @param request + * @param response + * @return + */ + @RequiresPermissions("sys:config:view") + @RequestMapping(value = "listData") + @ResponseBody + public Page listData(Config config, HttpServletRequest request, HttpServletResponse response) { + config.setPage(new Page<>(request, response)); + Page page = configService.findPage(config); + return page; + } + + /** + * 查看编辑表单 + * @param config + * @param model + * @return + */ + @RequiresPermissions("sys:config:view") + @RequestMapping(value = "form") + public String form(Config config, Model model) { + model.addAttribute("config", config); + return "modules/sys/configForm"; + } + + /** + * 保存数据 + * @param config + * @return + */ + @RequiresPermissions("sys:config:edit") + @PostMapping(value = "save") + @ResponseBody + public String save(@Validated Config config, HttpServletRequest request) { + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + Config old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !config.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + // 不是超级管理员,不能修改Name和Key + if (!config.currentUser().isSuperAdmin()){ + config.setConfigName(old.getConfigName()); + config.setConfigKey(old.getConfigKey()); + config.setIsSys(Global.NO); + } + configService.save(config); + return renderResult(Global.TRUE, text("保存参数成功")); + } + + /** + * 验证Key是否有效 + */ + @RequiresPermissions("sys:config:edit") + @RequestMapping(value = "checkConfigKey") + @ResponseBody + public String checkConfigKey(String oldConfigKey, String configKey) { + Config where = new Config(); + where.setConfigKey(configKey); + if (configKey != null && configKey.equals(oldConfigKey)) { + return Global.TRUE; + } else if (configKey != null && configService.findCount(where) == 0) { + return Global.TRUE; + } + return Global.FALSE; + } + + /** + * 删除数据 + * @param config + * @return + */ + @RequiresPermissions("sys:config:edit") + @RequestMapping(value = "delete") + @ResponseBody + public String delete(Config config, HttpServletRequest request) { + if (StringUtils.isNotBlank(request.getParameter("isSys"))){ + return renderResult(Global.FALSE, text("越权操作,isSys非法参数")); + } + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + Config old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !config.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + configService.delete(config); + return renderResult(Global.TRUE, text("删除参数成功")); + } + +} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/DictDataController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/DictDataController.java new file mode 100644 index 00000000..04a9ae05 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/DictDataController.java @@ -0,0 +1,295 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import com.jeesite.common.collect.ListUtils; +import com.jeesite.common.collect.MapUtils; +import com.jeesite.common.config.Global; +import com.jeesite.common.idgen.IdGen; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.sys.entity.DictData; +import com.jeesite.modules.sys.entity.DictType; +import com.jeesite.modules.sys.service.DictDataService; +import com.jeesite.modules.sys.service.DictTypeService; +import com.jeesite.modules.sys.utils.DictUtils; +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; +import springfox.documentation.annotations.ApiIgnore; + +import javax.servlet.http.HttpServletRequest; +import java.util.List; +import java.util.Map; + +/** + * 字典管理Controller + * @author ThinkGem + * @version 2019-07-27 + */ +@Controller +@RequestMapping(value = "${adminPath}/sys/dictData") +@ConditionalOnProperty(name="web.core.enabled", havingValue="true", matchIfMissing=true) +@ApiIgnore +public class DictDataController extends BaseController { + + @Autowired + private DictDataService dictDataService; + @Autowired + private DictTypeService dictTypeService; + + /** + * 获取数据 + */ + @ModelAttribute + public DictData get(String dictCode, boolean isNewRecord) { + return dictDataService.get(dictCode, isNewRecord); + } + + /** + * 查询列表 + */ + @RequiresPermissions("sys:dictData:view") + @RequestMapping(value = "list") + public String list(DictData dictData, Model model) { + model.addAttribute("dictData", dictData); + return "modules/sys/dictDataList"; + } + + /** + * 查询列表数据 + */ + @RequiresPermissions("sys:dictData:view") + @RequestMapping(value = "listData") + @ResponseBody + public List listData(DictData dictData) { + if (StringUtils.isBlank(dictData.getParentCode())) { + dictData.setParentCode(DictData.ROOT_CODE); + } + List list = dictDataService.findList(dictData); + return list; + } + + /** + * 查看编辑表单 + */ + @RequiresPermissions("sys:dictData:view") + @RequestMapping(value = "form") + public String form(DictData dictData, Model model) { + // 创建并初始化下一个节点信息 + dictData = createNextNode(dictData); + model.addAttribute("dictData", dictData); + return "modules/sys/dictDataForm"; + } + + /** + * 创建并初始化下一个节点信息,如:排序号、默认值 + */ + @RequiresPermissions("sys:dictData:edit") + @RequestMapping(value = "createNextNode") + @ResponseBody + public DictData createNextNode(DictData dictData) { + if (StringUtils.isNotBlank(dictData.getParentCode())) { + dictData.setParent(dictDataService.get(dictData.getParentCode())); + } + if (dictData.getIsNewRecord()) { + DictData where = new DictData(); + where.setDictType(dictData.getDictType()); + where.setParentCode(dictData.getParentCode()); + DictData last = dictDataService.getLastByParentCode(where); + // 获取到下级最后一个节点 + if (last != null){ + dictData.setTreeSort(last.getTreeSort() + 30); + dictData.setDictValue(IdGen.nextCode(last.getDictValue())); + // 默认设置是否系统 + if (dictData.getIsSys() == null){ + dictData.setIsSys(last.getIsSys()); + } + }else if(dictData.getParent() != null){ + dictData.setDictValue(dictData.getParent().getDictValue() + "001"); + // 默认设置是否系统 + if (dictData.getIsSys() == null){ + // 验证字典类型是否设置正确,如果没有找到这个字典类型则不可保存 + DictType dictType = new DictType(); + dictType.setDictType(dictData.getDictType()); + dictType = dictTypeService.get(dictType); + if (dictType != null){ + dictData.setIsSys(dictType.getIsSys()); + } + } + } + } + // 以下设置表单默认数据 + if (dictData.getTreeSort() == null){ + dictData.setTreeSort(DictData.DEFAULT_TREE_SORT); + } + return dictData; + } + + /** + * 保存数据 + */ + @RequiresPermissions("sys:dictData:edit") + @PostMapping(value = "save") + @ResponseBody + public String save(@Validated DictData dictData, HttpServletRequest request) { + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + DictData old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !dictData.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + // 只有系统管理员才能保存为系统字典! + if (!dictData.currentUser().isSuperAdmin() && Global.YES.equals(dictData.getIsSys())){ + return renderResult(Global.FALSE, text("保存失败,只有系统管理员才能保存为系统字典!")); + } + // 验证字典类型是否设置正确,如果没有找到这个字典类型则不可保存 + DictType dictType = new DictType(); + dictType.setDictType(dictData.getDictType()); + dictType = dictTypeService.get(dictType); + if (dictType == null){ + return renderResult(Global.FALSE, text("保存失败,没有找到''{0}''字典类型!", dictData.getDictType())); + } + // 如果字段类型是系统字典类型,则它的字段数据也是系统的 + if (Global.YES.equals(dictType.getIsSys()) && !Global.YES.equals(dictData.getIsSys())){ + return renderResult(Global.FALSE, text("保存失败,字典类型是系统的,字典数据也必须是系统字典!")); + } + // 如果字典类型不是系统字典,则默认情况下字典数据的isSys使用字典类型的 + if (StringUtils.isBlank(dictData.getIsSys())){ + dictData.setIsSys(dictType.getIsSys()); + } + dictDataService.save(dictData); + return renderResult(Global.TRUE, text("保存字典成功")); + } + + /** + * 停用字典 + * @param dictData + */ + @RequiresPermissions("sys:dictData:edit") + @RequestMapping(value = "disable") + @ResponseBody + public String disable(DictData dictData, HttpServletRequest request) { + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + DictData old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !dictData.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } +// DictData where = new DictData(); +// where.setStatus(DictData.STATUS_NORMAL); +// where.setParentCodes("," + dictData.getId() + ","); +// long count = dictDataService.findCount(where); +// if (count > 0) { +// return renderResult(Global.FALSE, text("该字典包含未停用的子字典!")); +// } + dictData.setStatus(DictData.STATUS_DISABLE); + dictDataService.updateStatus(dictData); + return renderResult(Global.TRUE, text("停用字典成功")); + } + + /** + * 启用字典 + * @param dictData + */ + @RequiresPermissions("sys:dictData:edit") + @RequestMapping(value = "enable") + @ResponseBody + public String enable(DictData dictData, HttpServletRequest request) { + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + DictData old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !dictData.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + dictData.setStatus(DictData.STATUS_NORMAL); + dictDataService.updateStatus(dictData); + return renderResult(Global.TRUE, text("启用字典成功")); + } + + /** + * 删除数据 + */ + @RequiresPermissions("sys:dictData:edit") + @RequestMapping(value = "delete") + @ResponseBody + public String delete(DictData dictData, HttpServletRequest request) { + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + DictData old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !dictData.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + dictDataService.delete(dictData); + return renderResult(Global.TRUE, text("删除字典成功")); + } + + /** + * 获取树结构数据。 + * @param dictType 字典类型,加 __all(双下划线+all) 后缀,则返回停用的字典 v4.2.0 + * @param excludeCode 排除的ID + * @param isShowCode 是否显示值(true or 1:显示在左侧;2:显示在右侧;false or null:不显示) + * @param isShowRawName 是否显示原文(默认false) + */ + @RequestMapping(value = "treeData") + @ResponseBody + public List> treeData(String dictType, String excludeCode, + String isShowCode, boolean isShowRawName) { + List> mapList = ListUtils.newArrayList(); + List list = DictUtils.getDictList(dictType); + for (int i=0; i map = MapUtils.newHashMap(); + map.put("id", e.getId()); + map.put("pId", e.getParentCode()); + map.put("name", StringUtils.getTreeNodeName(isShowCode, e.getDictValue(), + isShowRawName ? e.getDictLabelRaw() : e.getDictLabel())); + map.put("value", e.getDictValue()); + if (StringUtils.isNotBlank(e.getDictIcon())) { + map.put("icon", e.getDictIcon()); + } + if (StringUtils.isNotBlank(e.getCssClass())) { + map.put("cssClass", e.getCssClass()); + } + if (StringUtils.isNotBlank(e.getCssStyle())) { + map.put("cssStyle", e.getCssStyle()); + } + mapList.add(map); + } + return mapList; + } + + /** + * 树结构数据修复 + * @return + */ + @RequiresPermissions("sys:dictData:edit") + @RequestMapping(value = "fixTreeData") + @ResponseBody + public String fixTreeData(DictData dictData){ + if (!dictData.currentUser().isAdmin()){ + return renderResult(Global.FALSE, text("操作失败,只有管理员才能进行修复!")); + } + dictDataService.fixTreeData(); + return renderResult(Global.TRUE, text("数据修复成功")); + } + +} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/DictTypeController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/DictTypeController.java new file mode 100644 index 00000000..9d5ca4d5 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/DictTypeController.java @@ -0,0 +1,205 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; + +import com.jeesite.common.collect.ListUtils; +import com.jeesite.common.collect.MapUtils; +import com.jeesite.common.config.Global; +import com.jeesite.common.entity.Page; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.sys.entity.DictType; +import com.jeesite.modules.sys.service.DictTypeService; + +import springfox.documentation.annotations.ApiIgnore; + +/** + * 字典分类管理Controller + * @author ThinkGem + * @version 2017-3-24 + */ +@Controller +@RequestMapping(value = "${adminPath}/sys/dictType") +@ConditionalOnProperty(name="web.core.enabled", havingValue="true", matchIfMissing=true) +@ApiIgnore +public class DictTypeController extends BaseController { + + @Autowired + private DictTypeService dictTypeService; + + /** + * 获取数据 + */ + @ModelAttribute + public DictType get(String id, boolean isNewRecord) { + return dictTypeService.get(id, isNewRecord); + } + + /** + * 查询列表 + */ + @RequiresPermissions("sys:dictType:view") + @RequestMapping(value = "list") + public String list(DictType dictType, Model model) { + if (!dictType.currentUser().isSuperAdmin()){ + dictType.setIsSys(Global.NO); + } + model.addAttribute("dictType", dictType); + return "modules/sys/dictTypeList"; + } + + /** + * 查询列表数据 + */ + @RequiresPermissions("sys:dictType:view") + @RequestMapping(value = "listData") + @ResponseBody + public Page listData(DictType dictType, HttpServletRequest request, HttpServletResponse response) { + dictType.setPage(new Page<>(request, response)); + Page page = dictTypeService.findPage(dictType); + return page; + } + + /** + * 查看编辑表单 + */ + @RequiresPermissions("sys:dictType:view") + @RequestMapping(value = "form") + public String form(DictType dictType, Model model) { + if (StringUtils.isBlank(dictType.getIsSys())){ + dictType.setIsSys(Global.YES); + } + model.addAttribute("dictType", dictType); + return "modules/sys/dictTypeForm"; + } + + /** + * 保存数据 + */ + @RequiresPermissions("sys:dictType:edit") + @PostMapping(value = "save") + @ResponseBody + public String save(@Validated DictType dictType, HttpServletRequest request) { + // 获取老字典类型的isSys状态,如果是系统字典,则必须超级管理员编辑 + DictType old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !dictType.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + dictTypeService.save(dictType, old); + return renderResult(Global.TRUE, text("保存字典类型成功")); + } + + /** + * 验证字段类型是否有效 + * @return + */ + @RequiresPermissions("sys:dictType:edit") + @RequestMapping(value = "checkDictType") + @ResponseBody + public String checkDictType(String oldDictType, String dictType) { + DictType where = new DictType(); + where.setDictType(dictType); + if (dictType != null && dictType.equals(oldDictType)) { + return Global.TRUE; + } else if (dictType != null && dictTypeService.findCount(where) == 0) { + return Global.TRUE; + } + return Global.FALSE; + } + + /** + * 停用字典类型 + */ + @RequiresPermissions("sys:dictType:edit") + @RequestMapping(value = "disable") + @ResponseBody + public String disable(DictType dictType) { + dictType.setStatus(DictType.STATUS_DISABLE); + dictTypeService.updateStatus(dictType); + return renderResult(Global.TRUE, text("停用字典类型成功")); + } + + /** + * 启用字典类型 + */ + @RequiresPermissions("sys:dictType:edit") + @RequestMapping(value = "enable") + @ResponseBody + public String enable(DictType dictType) { + dictType.setStatus(DictType.STATUS_NORMAL); + dictTypeService.updateStatus(dictType); + return renderResult(Global.TRUE, text("启用字典类型成功")); + } + + /** + * 删除数据 + */ + @RequiresPermissions("sys:dictType:edit") + @RequestMapping(value = "delete") + @ResponseBody + public String delete(DictType dictType, HttpServletRequest request) { + // 获取老字典类型的isSys状态,如果是系统字典,则必须超级管理员编辑 + DictType old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !dictType.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + dictTypeService.delete(dictType); + return renderResult(Global.TRUE, text("删除字典类型成功")); + } + + /** + * 获取树结构数据。 + * @param dictType 字典类型 + * @param excludeCode 排除的ID + * @param isShowCode 是否显示值(true or 1:显示在左侧;2:显示在右侧;false or null:不显示) + */ + @RequiresPermissions("sys:dictType:view") + @RequestMapping(value = "treeData") + @ResponseBody + public List> treeData(String dictType, String excludeCode, + @RequestParam(defaultValue="1") String isShowCode) { + List> mapList = ListUtils.newArrayList(); + List list = dictTypeService.findList(new DictType()); + for (int i=0; i map = MapUtils.newHashMap(); + map.put("id", e.getId()); + map.put("pId", "0"); + map.put("name", StringUtils.getTreeNodeName(isShowCode, e.getDictType(), e.getDictName())); + map.put("value", e.getDictType()); + mapList.add(map); + } + return mapList; + } + +} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/MenuController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/MenuController.java new file mode 100644 index 00000000..5eeea310 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/MenuController.java @@ -0,0 +1,282 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import com.jeesite.common.collect.ListUtils; +import com.jeesite.common.collect.MapUtils; +import com.jeesite.common.config.Global; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.sys.entity.Menu; +import com.jeesite.modules.sys.entity.Module; +import com.jeesite.modules.sys.service.MenuService; +import com.jeesite.modules.sys.service.ModuleService; +import com.jeesite.modules.sys.utils.UserUtils; +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; +import springfox.documentation.annotations.ApiIgnore; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.List; +import java.util.Map; + +/** + * 菜单管理Controller + * @author ThinkGem + * @version 2019-8-19 + */ +@Controller +@RequestMapping(value = "${adminPath}/sys/menu") +@ConditionalOnProperty(name={"user.enabled","web.core.enabled"}, havingValue="true", matchIfMissing=true) +@ApiIgnore +public class MenuController extends BaseController { + + @Autowired + private MenuService menuService; + @Autowired + private ModuleService moduleService; + + @ModelAttribute + public Menu get(String menuCode, boolean isNewRecord) { + return menuService.get(menuCode, isNewRecord); + } + + @RequiresPermissions("sys:menu:view") + @RequestMapping(value = "index") + public String index(Menu menu, Model model) { + if (StringUtils.isBlank(menu.getSysCode())){ + menu.setSysCode(Menu.SYS_CODE_DEFAULT); + } + model.addAttribute("menu", menu); + return "modules/sys/menuIndex"; + } + + @RequiresPermissions("sys:menu:view") + @RequestMapping(value = "list") + public String list(Menu menu, Model model) { + if (StringUtils.isBlank(menu.getSysCode())){ + menu.setSysCode(Menu.SYS_CODE_DEFAULT); + } + model.addAttribute("menu", menu); + return "modules/sys/menuList"; + } + + @RequiresPermissions("sys:menu:view") + @RequestMapping(value = "listData") + @ResponseBody + public List listData(Menu menu) { + if (StringUtils.isBlank(menu.getParentCode())) { + menu.setParentCode(Menu.ROOT_CODE); + } + if (StringUtils.isNotBlank(menu.getMenuNameRaw())){ + menu.setParentCode(null); + } + if (StringUtils.isNotBlank(menu.getMenuHref())){ + menu.setParentCode(null); + } + if (StringUtils.isNotBlank(menu.getPermission())){ + menu.setParentCode(null); + } + List list = menuService.findList(menu); + return list; + } + + @RequiresPermissions("sys:menu:view") + @RequestMapping(value = "form") + public String form(Menu menu, Model model) { + // 创建并初始化下一个节点信息 + menu = createNextNode(menu); + model.addAttribute("menu", menu); + // 获取所有模块列表 + Module module = new Module(); + List moduleList = moduleService.findList(module); + model.addAttribute("moduleList", moduleList); + return "modules/sys/menuForm"; + } + + /** + * 创建并初始化下一个节点信息,如:排序号、默认值 + */ + @RequiresPermissions("sys:menu:edit") + @RequestMapping(value = "createNextNode") + @ResponseBody + public Menu createNextNode(Menu menu) { + if (StringUtils.isNotBlank(menu.getParentCode())) { + menu.setParent(menuService.get(menu.getParentCode())); + } + if (menu.getIsNewRecord()) { + Menu where = new Menu(); + where.setParentCode(menu.getParentCode()); + Menu last = menuService.getLastByParentCode(where); + // 获取到下级最后一个节点 + if (last != null){ + menu.setTreeSort(last.getTreeSort() + 30); + menu.setMenuType(last.getMenuType()); + if (last.getIsRoot()) { + menu.setModuleCodes(Module.MODULE_CORE); + }else{ + menu.setModuleCodes(last.getModuleCodes()); + } + }else if(menu.getParent() != null){ + menu.setMenuType(menu.getParent().getMenuType()); + menu.setModuleCodes(menu.getParent().getModuleCodes()); + } + } + // 以下设置表单默认数据 + if (menu.getTreeSort() == null){ + menu.setTreeSort(Menu.DEFAULT_TREE_SORT); + } + if (menu.getWeight() == null) { + menu.setWeight(Menu.WEIGHT_SEC_ADMIN); + } + if (StringUtils.isBlank(menu.getSysCode())){ + menu.setSysCode(Menu.SYS_CODE_DEFAULT); + } + if (StringUtils.isBlank(menu.getMenuType())){ + menu.setMenuType(Menu.TYPE_MENU); + } + if (StringUtils.isBlank(menu.getIsShow())){ + menu.setIsShow(Global.YES); + } + return menu; + } + + @RequiresPermissions("sys:menu:edit") + @PostMapping(value = "save") + @ResponseBody + public String save(@Validated Menu menu) { + if (!menu.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + menuService.save(menu); + return renderResult(Global.TRUE, text("保存菜单''{0}''成功", menu.getMenuNameRaw()), menu); + } + + @RequiresPermissions("sys:menu:edit") + @RequestMapping(value = "disable") + @ResponseBody + public String disable(Menu menu, HttpServletRequest request){ + if (!menu.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + menu.setStatus(Menu.STATUS_DISABLE); + menuService.updateStatus(menu); + return renderResult(Global.TRUE, text("停用菜单''{0}''成功", menu.getMenuName())); + } + + @RequiresPermissions("sys:menu:edit") + @RequestMapping(value = "enable") + @ResponseBody + public String enable(Menu menu, HttpServletRequest request){ + if (!menu.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + menu.setStatus(Menu.STATUS_NORMAL); + menuService.updateStatus(menu); + return renderResult(Global.TRUE, text("启用菜单''{0}''成功", menu.getMenuName())); + } + + @RequiresPermissions("sys:menu:edit") + @RequestMapping(value = "delete") + @ResponseBody + public String delete(Menu menu) { + if (!menu.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + menuService.delete(menu); + return renderResult(Global.TRUE, text("删除菜单''{0}''成功", menu.getMenuNameRaw())); + } + + /** + * 返回树结构数据 + * @param excludeCode 排除的编码 + * @param isShowRawName 是否显示原文(默认false) + * @return + */ + @RequiresPermissions("sys:menu:view") + @RequestMapping(value = "treeData") + @ResponseBody + public List> treeData(String excludeCode, String parentCode, String isShowHide, + String sysCode, boolean isShowRawName, HttpServletResponse response) { + List> mapList = ListUtils.newArrayList(); + Menu where = new Menu(); + where.setStatus(Menu.STATUS_NORMAL); + if (StringUtils.isNotBlank(parentCode)){ + where.setParentCode(parentCode); + } + List list = menuService.findList(where); + for (int i = 0; i < list.size(); i++) { + Menu e = list.get(i); + // 过滤非正常的数据 + if (!Menu.STATUS_NORMAL.equals(e.getStatus())){ + continue; + } + // 过滤被排除的编码(包括所有子级) + if (StringUtils.isNotBlank(excludeCode)){ + if (e.getId().equals(excludeCode)){ + continue; + } + if (e.getParentCodes().contains("," + excludeCode + ",")){ + continue; + } + } + // 是否隐藏(0:隐藏的不查询;1:查询隐藏的) + if (StringUtils.isNotBlank(isShowHide) && isShowHide.equals(Global.HIDE) + && e.getIsShow().equals(Global.HIDE)) { + continue; + } + // 只查询该归属系统下的菜单 + if (StringUtils.isNotBlank(sysCode) && !sysCode.equals(e.getSysCode())){ + continue; + } + Map map = MapUtils.newHashMap(); + map.put("id", e.getId()); + map.put("pId", e.getParentCode()); + map.put("name", isShowRawName ? e.getMenuNameRaw() : e.getMenuName()); + map.put("isParent", !e.getIsTreeLeaf()); + mapList.add(map); + } + return mapList; + } + + /** + * 批量修改菜单排序 + */ + @RequiresPermissions("sys:menu:edit") + @RequestMapping(value = "updateTreeSort") + @ResponseBody + public String updateTreeSort(String[] ids, Integer[] sorts) { + if (!UserUtils.getUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + for (int i = 0; i < ids.length; i++) { + Menu menu = new Menu(ids[i]); + menu.setTreeSort(sorts[i]); + menuService.updateTreeSort(menu); + } + return renderResult(Global.TRUE, text("保存菜单排序成功")); + } + + @RequiresPermissions("sys:menu:edit") + @RequestMapping(value = "fixTreeData") + @ResponseBody + public String fixTreeData(Menu menu){ + if (!menu.currentUser().isAdmin()){ + return renderResult(Global.FALSE, text("操作失败,只有管理员才能进行修复!")); + } + menuService.fixTreeData(); + return renderResult(Global.TRUE, text("数据修复成功")); + } + +} diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/ModuleController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/ModuleController.java new file mode 100644 index 00000000..e425dc60 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/ModuleController.java @@ -0,0 +1,234 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import com.jeesite.common.config.Global; +import com.jeesite.common.entity.Page; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.utils.SpringUtils; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.gen.entity.config.GenConfig; +import com.jeesite.modules.gen.utils.GenModuleUtils; +import com.jeesite.modules.gen.utils.GenUtils; +import com.jeesite.modules.sys.entity.Module; +import com.jeesite.modules.sys.service.ModuleService; +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; +import springfox.documentation.annotations.ApiIgnore; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +/** + * 模块管理Controller + * @author ThinkGem + * @version 2020-3-21 + */ +@Controller +@RequestMapping(value = "${adminPath}/sys/module") +@ConditionalOnProperty(name="web.core.enabled", havingValue="true", matchIfMissing=true) +@ApiIgnore +public class ModuleController extends BaseController { + + @Autowired + private ModuleService moduleService; + + /** + * 获取数据 + * @param moduleCode + * @return + */ + @ModelAttribute + public Module get(String moduleCode, boolean isNewRecord) { + return moduleService.get(moduleCode, isNewRecord); + } + + /** + * 查询列表 + * @param module + * @param model + * @return + */ + @RequiresPermissions("sys:module:view") + @RequestMapping(value = "list") + public String list(Module module, Model model) { + module.setStatus(StringUtils.EMPTY); + model.addAttribute("module", module); + return "modules/sys/moduleList"; + } + + /** + * 查询列表 + * @param module + * @param request + * @param response + * @return + */ + @RequiresPermissions("sys:module:view") + @RequestMapping(value = "listData") + @ResponseBody + public Page listData(Module module, HttpServletRequest request, HttpServletResponse response) { + module.setPage(new Page<>(request, response)); + Page page = moduleService.findPage(module); + return page; + } + + /** + * 仅用来测试使用 + */ + @RequiresPermissions("sys:module:view") + @RequestMapping(value = "selectData") + @ResponseBody + public List> selectData(Module module) { + return moduleService.findList(module).stream().map(m -> { + Map map = new HashMap<>(); + map.put("label", m.getModuleName()); + map.put("value", m.getModuleCode()); + return map; + }).collect(Collectors.toList()); + } + + /** + * 查看编辑表单 + * @param module + * @param model + * @return + */ + @RequiresPermissions("sys:module:view") + @RequestMapping(value = "form") + public String form(Module module, Model model) { + if (StringUtils.isBlank(module.getMainClassName())){ + module.setMainClassName("com.jeesite.modules.sys.web.LoginController"); + } + if (StringUtils.isBlank(module.getCurrentVersion())) { + module.setCurrentVersion(SpringUtils.getLastVersion()); + } + GenConfig config = GenUtils.getConfig(); + model.addAttribute("config", config); + List genBaseDirList = GenModuleUtils.getGenBaseDirList(); + model.addAttribute("genBaseDirList", genBaseDirList); + if (StringUtils.isNotBlank(module.getGenBaseDir())) { + model.addAttribute("genBaseDir", module.getGenBaseDir()); + } else { + model.addAttribute("genBaseDir", genBaseDirList.get(0)); + } + model.addAttribute("module", module); + return "modules/sys/moduleForm"; + } + + /** + * 保存数据 + * @param module + * @return + */ + @RequiresPermissions("sys:module:edit") + @PostMapping(value = "save") + @ResponseBody + public String save(@Validated Module module) { + if (!module.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + if (StringUtils.equals(module.getGenFlag(), "2") && StringUtils.isBlank(module.getTplCategory())) { + return renderResult(Global.FALSE, text("请选择代码生成模板!")); + } + moduleService.save(module); + // 如果设置生成标记,则编译或生成代码 1编译输出到控制台 2生成文件 + if (StringUtils.inString(module.getGenFlag(), "1", "2") && StringUtils.isNotBlank(module.getTplCategory())){ + String result = GenModuleUtils.generateCode(module); + String flagMsg = ("1".equals(module.getGenFlag()) ? "编译" : "生成"); + String msg = "posfull:保存模块并" + flagMsg + "成功:
" + result; + return renderResult(Global.TRUE, msg); + }else { + return renderResult(Global.TRUE, text("保存模块成功")); + } + } + + /** + * 验证编码是否有效 + * @return + */ + @RequiresPermissions("sys:module:edit") + @RequestMapping(value = "checkModuleCode") + @ResponseBody + public String checkModuleCode(String oldCode, String moduleCode) { + Module module = new Module(); + module.setModuleCode(moduleCode); + if (moduleCode != null && moduleCode.equals(oldCode)) { + return Global.TRUE; + } else if (moduleCode != null && moduleService.get(module) == null) { + return Global.TRUE; + } + return Global.FALSE; + } + + /** + * 停用数据 + * @param module + * @return + */ + @RequiresPermissions("sys:module:edit") + @RequestMapping(value = "disable") + @ResponseBody + public String disable(Module module) { + if (!module.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + if (Module.MODULE_CORE.equals(module.getModuleCode())){ + return renderResult(Global.FALSE, text("核心模块,不允许停用")); + } + module.setStatus(Module.STATUS_DISABLE); + moduleService.updateStatus(module); + return renderResult(Global.TRUE, text("停用模块成功")); + } + + /** + * 启用数据 + * @param module + * @return + */ + @RequiresPermissions("sys:module:edit") + @RequestMapping(value = "enable") + @ResponseBody + public String enable(Module module) { + if (!module.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + module.setStatus(Module.STATUS_NORMAL); + moduleService.updateStatus(module); + return renderResult(Global.TRUE, text("启用模块成功")); + } + + /** + * 删除数据 + * @param module + * @return + */ + @RequiresPermissions("sys:module:edit") + @RequestMapping(value = "delete") + @ResponseBody + public String delete(Module module) { + if (!module.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改此数据!")); + } + if (Module.MODULE_CORE.equals(module.getModuleCode())){ + return renderResult(Global.FALSE, text("核心模块,不允许删除")); + } + moduleService.delete(module); + return renderResult(Global.TRUE, text("删除模块成功")); + } + +} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/OfficeController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/OfficeController.java index 758d05ac..0e03d177 100644 --- a/modules/core/src/main/java/com/jeesite/modules/sys/web/OfficeController.java +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/OfficeController.java @@ -15,7 +15,6 @@ import com.jeesite.common.utils.excel.annotation.ExcelField.Type; import com.jeesite.common.web.BaseController; import com.jeesite.modules.sys.entity.Office; import com.jeesite.modules.sys.service.OfficeService; -import com.jeesite.modules.sys.utils.UserUtils; import com.jeesite.modules.sys.web.user.EmpUserController; import io.swagger.annotations.Api; import org.apache.shiro.authz.annotation.RequiresPermissions; @@ -352,8 +351,8 @@ public class OfficeController extends BaseController { @RequiresPermissions("sys:office:edit") @RequestMapping(value = "fixTreeData") @ResponseBody - public String fixTreeData() { - if (!UserUtils.getUser().isAdmin()){ + public String fixTreeData(Office office) { + if (!office.currentUser().isAdmin()){ return renderResult(Global.FALSE, text("操作失败,只有管理员才能进行修复!")); } officeService.fixTreeData(); diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/RoleController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/RoleController.java new file mode 100644 index 00000000..5f2e386b --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/RoleController.java @@ -0,0 +1,372 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import com.jeesite.common.collect.ListUtils; +import com.jeesite.common.collect.MapUtils; +import com.jeesite.common.config.Global; +import com.jeesite.common.entity.Page; +import com.jeesite.common.lang.ObjectUtils; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.mapper.JsonMapper; +import com.jeesite.common.web.BaseController; +import com.jeesite.modules.sys.entity.*; +import com.jeesite.modules.sys.service.MenuService; +import com.jeesite.modules.sys.service.RoleService; +import com.jeesite.modules.sys.utils.DictUtils; +import com.jeesite.modules.sys.utils.ModuleUtils; +import com.jeesite.modules.sys.utils.RoleUtils; +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; +import springfox.documentation.annotations.ApiIgnore; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.List; +import java.util.Map; + +/** + * 角色Controller + * @author ThinkGem + * @version 2020-3-20 + */ +@Controller +@RequestMapping(value = "${adminPath}/sys/role") +@ConditionalOnProperty(name={"user.enabled","web.core.enabled"}, havingValue="true", matchIfMissing=true) +@ApiIgnore +public class RoleController extends BaseController { + + @Autowired + private RoleService roleService; + + @Autowired + private MenuService menuService; + + @ModelAttribute + public Role get(String roleCode, boolean isNewRecord) { + return roleService.get(roleCode, isNewRecord); + } + + @RequiresPermissions("sys:role:view") + @RequestMapping(value = "list") + public String list(Role role, Model model) { + model.addAttribute("role", role); + model.addAttribute("ctrlPermi", Global.getConfig("user.adminCtrlPermi", "2")); + return "modules/sys/roleList"; + } + + @RequiresPermissions("sys:role:view") + @RequestMapping(value = "listData") + @ResponseBody + public Page listData(Role role, String ctrlPermi, HttpServletRequest request, HttpServletResponse response) { + // 不是超级管理员,则添加数据权限过滤 + if (!role.currentUser().isSuperAdmin()){ + roleService.addDataScopeFilter(role, ctrlPermi); + } + role.setPage(new Page<>(request, response)); + Page page = roleService.findPage(role); + return page; + } + + @RequiresPermissions("sys:role:view") + @RequestMapping(value = "form") + public String form(Role role, String op, Model model) { + if(role.getIsNewRecord()){ + role.setRoleSort(((int)roleService.findCount(role) + 1) * 10); + role.setUserType(User.USER_TYPE_EMPLOYEE); + role.setIsSys(Global.NO); + role.setIsShow(Global.SHOW); + } + // 操作类型:add: 全部; edit: 编辑; auth: 授权; + model.addAttribute("op", op); + model.addAttribute("role", role); + return "modules/sys/roleForm"; + } + + @RequiresPermissions("sys:role:edit") + @PostMapping(value = "save") + @ResponseBody + public String save(@Validated Role role, String op, HttpServletRequest request) { + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + Role old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !role.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + // 只有系统管理员才能保存为系统角色! + if (!role.currentUser().isSuperAdmin() && Global.YES.equals(role.getIsSys())){ + return renderResult(Global.FALSE, text("保存失败,只有系统管理员才能保存为系统角色!")); + } + if (!Global.TRUE.equals(checkRoleName(old != null ? old.getRoleName() : "", role.getRoleName()))) { + return renderResult(Global.FALSE, text("保存角色''{0}''失败,角色名称已存在", role.getRoleName())); + } + if (StringUtils.inString(op, Global.OP_ADD, Global.OP_EDIT)){ + roleService.save(role); + } + if (StringUtils.inString(op, Global.OP_ADD, Global.OP_AUTH)){ + roleService.saveAuth(role); + } + return renderResult(Global.TRUE, text("保存角色''{0}''成功", role.getRoleName())); + } + + /** + * 验证角色名是否有效 + * @param oldRoleName + * @param roleName + * @return + */ + @RequiresPermissions("user") + @RequestMapping(value = "checkRoleName") + @ResponseBody + public String checkRoleName(String oldRoleName, String roleName) { + Role role = new Role(); + role.setRoleName(roleName); + if (roleName != null && roleName.equals(oldRoleName)) { + return Global.TRUE; + } else if (roleName != null && roleService.getByRoleName(role) == null) { + return Global.TRUE; + } + return Global.FALSE; + } + + /** + * 停用角色 + * @param role + * @return + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "disable") + @ResponseBody + public String disable(Role role, HttpServletRequest request){ + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + Role old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !role.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + role.setStatus(Role.STATUS_DISABLE); + roleService.updateStatus(role); + return renderResult(Global.TRUE, text("停用角色''{0}''成功", role.getRoleName())); + } + + /** + * 启用角色 + * @param role + * @return + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "enable") + @ResponseBody + public String enable(Role role, HttpServletRequest request){ + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + Role old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !role.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + role.setStatus(Role.STATUS_NORMAL); + roleService.updateStatus(role); + return renderResult(Global.TRUE, text("启用角色''{0}''成功", role.getRoleName())); + } + + /** + * 删除角色 + * @param role + * @return + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "delete") + @ResponseBody + public String delete(Role role, HttpServletRequest request) { + if (Role.CORP_ADMIN_ROLE_CODE.equals(role.getRoleCode())){ + return renderResult(Global.FALSE, text("非法操作,此角色为内置角色,不允许删除!")); + } + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + Role old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !role.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + //if(roleService.hasUserRoleByRoleCode(role)){ + // return renderResult(Global.FALSE, text("删除角色''{0}''失败,角色关联了用户", role.getRoleName())); + //} + roleService.delete(role); + return renderResult(Global.TRUE, text("删除角色''{0}''成功", role.getRoleName())); + } + + /** + * 判断某用户是包含某角色 + * @param userCode + * @param roleCode + * @return + */ + @RequiresPermissions("user") + @RequestMapping(value = "hasUserRole") + @ResponseBody + public Boolean hasUserRole(String userCode, String roleCode){ + if (StringUtils.isNotBlank(userCode)){ + return RoleUtils.hasUserRole(userCode, roleCode); + }else{ + return RoleUtils.hasCurrentUserRole(roleCode); + } + } + + /** + * 查询菜单的树结构数据 + * @param role + */ + @RequiresPermissions("sys:role:view") + @RequestMapping(value = "menuTreeData") + @ResponseBody + public Map menuTreeData(Role role) { + Map model = MapUtils.newHashMap(); + List sysCodes = ListUtils.newArrayList(); + for (DictData sysCode : DictUtils.getDictList("sys_menu_sys_code")) { + sysCodes.add(sysCode.getDictValue()); + } + List menuList = roleService.findManageMenuList(role); + Map>> map = MapUtils.newLinkedHashMap(); + for (Menu menu : menuList){ + // 过滤已经禁用的子系统 + if (!sysCodes.contains(menu.getSysCode())) { + continue; + } + List> list = map.get(menu.getSysCode()); + if (list == null){ + list = ListUtils.newArrayList(); + map.put(menu.getSysCode(), list); + } + Map m = MapUtils.newHashMap(); + m.put("id", menu.getMenuCode()); + m.put("pId", menu.getParentCode()); + m.put("name", menu.getMenuName() + "     " + + StringUtils.abbr(ObjectUtils.toString(menu.getPermission()) + "   " + + ObjectUtils.toString(menu.getMenuHref()), 50) + ""); + m.put("title", menu.getMenuName() + " " + + ObjectUtils.toString(menu.getPermission()) + "\n" + + ObjectUtils.toString(menu.getMenuHref())); + list.add(m); + } + model.put("menuMap", map); + if (StringUtils.isNotBlank(role.getRoleCode())) { + Menu menuWhere = new Menu(); + menuWhere.setRoleCode(role.getRoleCode()); + List roleMenuList = menuService.findByRoleCode(menuWhere); + model.put("roleMenuList", roleMenuList); + } + return model; + } + + /** + * 角色授权数据权限 + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "formAuthDataScope") + public String formAuthDataScope(Role role, String checkbox, Model model, HttpServletRequest request) { + RoleDataScope roleDataScope = new RoleDataScope(); + roleDataScope.setRoleCode(role.getRoleCode()); + List roleDataScopeList = roleService.findDataScopeList(roleDataScope); + model.addAttribute("roleDataScopeList", roleDataScopeList); + model.addAttribute("role", role); + model.addAttribute("moduleCodes", ModuleUtils.getEnableModuleCodes()); + model.addAttribute("dataScopes", JsonMapper.fromJson(Global.getConfig("user.dataScopes", "[]"), List.class)); + return "modules/sys/roleFormAuthDataScope"; + } + + /** + * 保存角色授权数据权限 + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "saveAuthDataScope") + @ResponseBody + public String saveAuthDataScope(Role role, HttpServletRequest request) { + // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 + Role old = super.getWebDataBinderSource(request); + if (old != null && Global.YES.equals(old.getIsSys()) && !role.currentUser().isSuperAdmin()){ + return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); + } + roleService.saveAuthDataScope(role); + return renderResult(Global.TRUE, text("角色授权数据权限成功")); + } + + /** + * 获取角色树结构数据 + * @param isAll 是否显示所有机构(true:不进行权限过滤) + * @param isShowCode 是否显示编码(true or 1:显示在左侧;2:显示在右侧;false or null:不显示) + * @return + */ + @RequiresPermissions("user") + @RequestMapping(value = "treeData") + @ResponseBody + public List> treeData(String userType, Boolean isAll, String isShowCode, String ctrlPermi) { + List> mapList = ListUtils.newArrayList(); + Role where = new Role(); + where.setStatus(Role.STATUS_NORMAL); + if (!(isAll != null && isAll) || Global.isStrictMode()){ + if (!"__all".equals(userType)) { + where.setUserType(StringUtils.defaultIfBlank(userType, User.USER_TYPE_EMPLOYEE)); + } + roleService.addDataScopeFilter(where, ctrlPermi); + } + List list = roleService.findList(where); + list.forEach(e -> { + Map map = MapUtils.newHashMap(); + map.put("id", e.getId()); + map.put("pId", "0"); + map.put("code", e.getViewCode()); + map.put("name", StringUtils.getTreeNodeName(isShowCode, e.getViewCode(), e.getRoleName()) + (!"__all".equals(userType) + ? "" : "(" + DictUtils.getDictLabel("sys_user_type", e.getUserType(), text("未知")) + ")")); + mapList.add(map); + }); + return mapList; + } + + /** + * 角色授权给用户 + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "formAuthUser") + public String formAuthUser(Role role, Model model, HttpServletRequest request) { + model.addAttribute("role", role); + return "modules/sys/roleFormAuthUser"; + } + + /** + * 保存角色授权给用户 + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "saveAuthUser") + @ResponseBody + public String saveAuthUser(Role role, HttpServletRequest request) { +// // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 +// Role old = super.getWebDataBinderSource(request); +// if (old != null && Global.YES.equals(old.getIsSys()) && !role.currentUser().isSuperAdmin()){ +// return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); +// } + roleService.saveAuthUser(role); + return renderResult(Global.TRUE, text("角色授权给用户成功")); + } + + /** + * 删除角色授权给用户 + */ + @RequiresPermissions("sys:role:edit") + @RequestMapping(value = "deleteAuthUser") + @ResponseBody + public String deleteAuthUser(Role role, HttpServletRequest request) { +// // 获取原数据的isSys状态,如果是系统数据,则必须超级管理员编辑 +// Role old = super.getWebDataBinderSource(request); +// if (old != null && Global.YES.equals(old.getIsSys()) && !role.currentUser().isSuperAdmin()){ +// return renderResult(Global.FALSE, text("越权操作,只有超级管理员才能修改系统数据!")); +// } + roleService.deleteAuthUser(role); + return renderResult(Global.TRUE, text("取消用户角色授权成功")); + } + +} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/TagsController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/TagsController.java new file mode 100644 index 00000000..2826c0c8 --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/TagsController.java @@ -0,0 +1,57 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import javax.servlet.http.HttpServletRequest; + +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.RequestMapping; + +import com.jeesite.common.web.BaseController; +import com.jeesite.common.web.http.ServletUtils; + +import springfox.documentation.annotations.ApiIgnore; + +/** + * 公共标签Controller + * @author ThinkGem + * @version 2017-5-7 + */ +@Controller +@RequestMapping(value = "tags") +@ConditionalOnProperty(name="web.core.enabled", havingValue="true", matchIfMissing=true) +@ApiIgnore +public class TagsController extends BaseController { + + /** + * 树结构选择标签使用 + */ + @RequestMapping(value = "treeselect") + public String treeselect(HttpServletRequest request, Model model) { + model.addAllAttributes(ServletUtils.getParameters(request)); + return "tagsview/form/treeselect"; + } + + /** + * 图标选择标签 + */ + @RequestMapping(value = "iconselect") + public String iconselect(HttpServletRequest request, Model model) { + model.addAllAttributes(ServletUtils.getParameters(request)); + return "tagsview/form/iconselect"; + } + + /** + * 图片裁剪标签 + */ + @RequestMapping(value = "imageclip") + public String imageclip(HttpServletRequest request, Model model) { + model.addAllAttributes(ServletUtils.getParameters(request)); + return "tagsview/form/imageclip"; + } + +} diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/ValidCodeController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/ValidCodeController.java new file mode 100644 index 00000000..52c1d8fb --- /dev/null +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/ValidCodeController.java @@ -0,0 +1,57 @@ +/** + * Copyright (c) 2013-Now http://jeesite.com All rights reserved. + * No deletion without permission, or be held responsible to law. + */ +package com.jeesite.modules.sys.web; + +import com.jeesite.common.config.Global; +import com.jeesite.modules.sys.utils.UserUtils; +import com.jeesite.modules.sys.utils.ValidCodeUtils; +import io.swagger.annotations.Api; +import org.apache.commons.lang3.StringUtils; +import org.apache.shiro.session.Session; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * 验证码控制器 + * @author ThinkGem + * @version 2019年12月17日 + */ +@Controller +@Api(tags = "ValidCode - 验证码服务") +public class ValidCodeController { + + @RequestMapping(value="/validCode") + public void validCode(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + // 如果传递了validCode参数,则代表是验证方法,成功返回true,失败返回false + String validCode = request.getParameter(ValidCodeUtils.VALID_CODE); + if (StringUtils.isNotBlank(validCode)){ + boolean result = ValidCodeUtils.validate(request, ValidCodeUtils.VALID_CODE, validCode, false); + response.getOutputStream().print(result ? Global.TRUE : Global.FALSE); + } + else{ + // 生成会话 + Session session = UserUtils.getSession(); + // 设置响应头 + response.setContentType("image/png"); + response.setHeader("Cache-Control", "no-cache, no-store"); + response.setHeader("Pragma", "no-cache"); + long time = System.currentTimeMillis(); + response.setDateHeader("Last-Modified", time); + response.setDateHeader("Date", time); + response.setDateHeader("Expires", time); + // 生成输出验证码 + String s = ValidCodeUtils.generateCaptcha(response.getOutputStream()); + session.setAttribute(ValidCodeUtils.VALID_CODE, s); +// System.out.println(s); + } + } + +} diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java index d84ed8f0..44322195 100644 --- a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java +++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/user/CorpAdminController.java @@ -4,26 +4,6 @@ */ package com.jeesite.modules.sys.web.user; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import io.swagger.annotations.Api; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.apache.shiro.session.Session; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.validation.annotation.Validated; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.ResponseBody; - import com.jeesite.common.collect.ListUtils; import com.jeesite.common.collect.MapUtils; import com.jeesite.common.config.Global; @@ -37,6 +17,20 @@ import com.jeesite.modules.sys.entity.User; import com.jeesite.modules.sys.service.RoleService; import com.jeesite.modules.sys.service.UserService; import com.jeesite.modules.sys.utils.UserUtils; +import io.swagger.annotations.Api; +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.apache.shiro.session.Session; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.*; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.List; +import java.util.Map; /** * 租户和系统管理员Controller @@ -138,7 +132,7 @@ public class CorpAdminController extends BaseController { User where = new User(); where.setCorpCode_(user.getCorpCode_()); List list = userService.findCorpList(where); - if (list.size() > 0){ + if (!list.isEmpty()){ // 新增租户,如果已存在,则不能保存 if ("addCorp".equals(op)){ return renderResult(Global.FALSE, text("保存租户失败,租户代码已存在")); @@ -157,7 +151,7 @@ public class CorpAdminController extends BaseController { userService.save(user); userService.saveAuth(user); // 如果修改的是当前用户,则清除当前用户缓存 - if (user.getUserCode().equals(UserUtils.getUser().getUserCode())) { + if (user.getUserCode().equals(user.currentUser().getUserCode())) { UserUtils.clearCache(); } return renderResult(Global.TRUE, text("保存管理员''{0}''成功", user.getLoginCode())); @@ -281,7 +275,7 @@ public class CorpAdminController extends BaseController { where.setCorpCode_(corpCode); where.setPage(new Page<>(1, 1, -1)); List list = userService.findCorpList(where); - if (list.size() > 0){ + if (!list.isEmpty()){ User user = list.get(0); Session session = UserUtils.getSession(); session.setAttribute("corpCode", user.getCorpCode_());