package com.landtool.lanbase.modules.org.controller; import com.alibaba.excel.EasyExcel; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.landtool.lanbase.common.annotation.LogAction; import com.landtool.lanbase.common.annotation.SysLog; import com.landtool.lanbase.common.exception.LanbaseException; import com.landtool.lanbase.common.utils.*; import com.landtool.lanbase.config.SysTemPropertyConfig; import com.landtool.lanbase.modules.org.dao.OrgUserDao; import com.landtool.lanbase.modules.org.entity.OrgUnitmanager; import com.landtool.lanbase.modules.org.entity.OrgUser; import com.landtool.lanbase.modules.org.entity.OrgUserWithUnitCell; import com.landtool.lanbase.modules.org.listener.OrgUserReadListener; import com.landtool.lanbase.modules.org.service.OrgUnitService; import com.landtool.lanbase.modules.org.service.OrgUnitmanagerService; import com.landtool.lanbase.modules.org.service.OrgUserService; import com.landtool.lanbase.modules.sys.controller.AbstractController; import com.landtool.lanbase.modules.sys.service.SysAttachmentService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.File; import java.io.FileInputStream; import java.net.URLDecoder; import java.net.URLEncoder; import java.util.Date; import java.util.List; import java.util.Map; /** * @author lanbase * @Description: TODO(用户管理表) * @date 2018-01-17 09:37:59 */ @RestController @RequestMapping("/org/user") @Api(value = "", tags = {"用户管理"}) public class OrgUserController extends AbstractController{ @Autowired private OrgUserService userService; @Autowired private OrgUnitService unitService ; @Autowired private OrgUnitmanagerService unitmanagerService; @Autowired private SysAttachmentService sysAttachmentService; @Autowired private OrgUserService OrgUserService; @Resource private OrgUserDao orgUserDao; @Autowired private SysTemPropertyConfig sysProps; /** * 用户列表 */ @RequestMapping(value ="/list", method ={RequestMethod.POST, RequestMethod.GET}) // @RequiresPermissions("org:user:list") @RequiresPermissions(value = {"org:user:list","org:user:edit"}, logical = Logical.OR) @ApiOperation( value = "用户列表", notes = "所有用户列表" ) @LogAction("用户管理,用户信息管理,用户信息管理查询,查询") public Result list(@ApiParam(name="params",value="用户集合",required=true)@RequestParam Map params){ OrgUser orgUser = (OrgUser) SecurityUtils.getSubject().getPrincipal(); //判读登录用户是否为属单位的管理员 OrgUnitmanager unitmanager = unitmanagerService.queryObject(orgUser.getUserid()); params.put("userid", orgUser.getUserid()); if(unitmanager != null){ params.put("unitid", unitmanager.getUnitid()); }else{ params.put("unitid", -1); } /** % 号为通配符，但是会导致部分用户不带单位而与空查询结果数不相符 * alert ykm 2019-04-12 */ if(params.get("unitname") != null && params.get("unitname").equals("%")) { params.replace("unitname", null); } //查询列表数据 //用户列表展示的数据是：管理下的单位用户 or 自己录的用户 or 管理员可以查看所有用户 //Set permissions = OrgUserService.getUserPermissions(getUserId()); //if(permissions.contains("org_user_admin")){//管理员可以查看所有用户 if(SecurityUtils.getSubject().isPermitted("org_user_admin")){//管理员可以查看所有用户 params.put("isadmin", 1); } else{//管理下的单位用户 or 自己录的用户 params.put("isadmin", 0); } Query query = new Query(params); List userList = userService.queryList(query); int total = userService.queryTotal(query); PageUtils pageUtil = new PageUtils(userList, total, query.getLimit(), query.getPage()); return Result.ok().put("page", pageUtil); } /** * 用户信息 */ @GetMapping("/info/{userid}") // @RequiresPermissions("org:user:list") @RequiresPermissions(value = {"org:user:list","org:user:edit"}, logical = Logical.OR) @ApiOperation( value = "用户信息", notes = "" ) public Result info(@ApiParam(name="userid",value="用户Id",required=true)@PathVariable("userid") Long userid){ OrgUser user = userService.queryObject(userid); return Result.ok().put("user", user); } /** * 保存 */ @LogAction("用户管理,用户信息管理,用户信息新增,新增") @SysLog("保存单位") @PostMapping("/save") @RequiresPermissions("org:user:edit") @ApiOperation( value = "保存用户", notes = "" ) public Result save(@ApiParam(name="user",value="传入json格式",required=true)@RequestBody OrgUser user){ OrgUser OrgUser = (OrgUser) SecurityUtils.getSubject().getPrincipal(); Integer username = userService.queryByLoginname(user.getLoginname()); if(username > 0) { throw new LanbaseException("该用户名已存在！"); } user.setSpellfirst(user.getSpellfirst().toUpperCase());//首字母小写转化大写 user.setRcreateuser(OrgUser.getUserid()); user.setRcreatedate(new Date()); user.setRlasteditdate(new Date()); user.setIsfirstlogin((long) 0); userService.save(user); //保存后获取自增的id值 int userid = userService.queryUserWithSEQ(); return Result.ok().put("userid",userid); } /** * 修改 */ @LogAction("用户管理,用户信息管理,用户信息管理修改,修改") @SysLog("修改用户") @PostMapping("/update") @RequiresPermissions("org:user:edit") @ApiOperation( value = "修改用户", notes = "" ) public Result update(@ApiParam(name="user",value="传入json格式",required=true)@RequestBody OrgUser user) throws Exception { if(user.getPhotourl() != null){ TiHuanLuJin(user.getPhotourl()); } if(user.getCertificateurl() != null){ TiHuanLuJin(user.getCertificateurl()); } //查询数据库存储的文件跟本次 OrgUser userList=userService.queryObject(user.getUserid()); if(user.getCertificateurl() != null && !user.getCertificateurl().equals("") && userList.getCertificateurl() != null && !userList.getCertificateurl().equals("")){ DelectEquealFile(user.getCertificateurl(), userList.getCertificateurl()); } if(user.getPhotourl() != null && !user.getPhotourl().equals("") && userList.getPhotourl() != null && !userList.getPhotourl().equals("")){ DelectEquealFile(user.getPhotourl(), userList.getPhotourl()); } user.setPhotourl(user.getPhotourl() != null ? user.getPhotourl().replace("temp/","") : user.getPhotourl()); user.setCertificateurl(user.getCertificateurl() != null ? user.getCertificateurl().replace("temp/","") :user.getCertificateurl()); user.setSpellfirst(user.getSpellfirst() != null ? user.getSpellfirst().toUpperCase() : user.getSpellfirst());//首字母小写转化大写 user.setRlasteditdate(new Date()); userService.update(user); return Result.ok(); } //替换旧的文件 private void DelectEquealFile(@RequestBody String NEWString, String OLDString) { String oldourl=OLDString.substring(OLDString.lastIndexOf("/"),OLDString.length()); String newurl=NEWString.substring(NEWString.lastIndexOf("/"),NEWString.length()); if(!oldourl.equals(newurl)){ File OLDFile=new File(sysProps.getUploadPath()+OLDString.replace("/","\\")); System.out.println(OLDFile); OLDFile.delete(); } } //替换路径 private void TiHuanLuJin(@ApiParam(name = "lujin", value = "传入json格式", required = true) @RequestBody String lujin) { String oldFileUrl=sysProps.getUploadPath()+lujin.replace("/","\\"); File oldFile=new File(oldFileUrl); String NewFileUrl=sysProps.getUploadPath()+lujin.replace("temp","").replace("/","\\"); NewFileUrl=NewFileUrl.substring(0,NewFileUrl.lastIndexOf("\\"))+"\\" ; File NewFile=new File(NewFileUrl); if (!NewFile.exists()) { // 当前地址不为空，判断该路径是否存在，不存在则创建新的文件夹 File newfilePath = new File(NewFile+"\\"); // 创建对应的年月文件夹 newfilePath.mkdirs(); } FileUtils.moveTotherFolders(oldFileUrl,NewFileUrl); } /** * 删除 */ @LogAction("用户管理,用户信息管理,用户信息管理删除,删除") @SysLog("删除用户") @PostMapping("/delete") @RequiresPermissions("org:user:edit") @ApiOperation( value = "删除用户", notes = "" ) public Result delete(@ApiParam(name="userids",value="用户Id",required=true)@RequestBody Long[] userids){ userService.deleteBatch(userids); return Result.ok(); } /** * 自动补全输入首字母查询 * @param keyWord * @return */ @GetMapping("/findPinyinByKeyWord") public String[] findpinyinByKeyWord(@RequestParam(name = "keyWord") String keyWord){ List UnitNames = unitService.findPinyinByKeyWord(URLDecoder.decode(keyWord.toUpperCase())); if (StringUtils.isEmpty(UnitNames)) { return null; } int size = UnitNames.size(); String[] arr = (String[]) UnitNames.toArray(new String[size]); return arr; } /** * @Description: 修改用户状态 * @return: Result * @see Result * @param user */ @PostMapping("/updateStatusByUserId") public Result updateStatusByUserId(@ApiParam(name="user",value="传入json格式",required=true) @RequestBody OrgUser user){ userService.updateStatusByUserId(user.getUserid(), user.getUserstatus()); return Result.ok(); } /** * 自动补全输入首字母或名称查询 * @param keyWord * @return */ @GetMapping("/findUserByWord") public String[] findUserByWord(@RequestParam(name = "keyWord") String keyWord){ List users = userService.findUserByWord(URLDecoder.decode(keyWord)); if (StringUtils.isEmpty(users)) { return null; } int size = users.size(); //String[] arr = (String[]) users.toArray(new String[size]); String[] arr = new String[size]; for (int i = 0; i < users.size(); i++) { arr[i] = users.get(i).getChinesename(); } return arr; } /** * 删除附件 */ // @LogAction("删除附件") @SysLog("删除附件") @PostMapping("/deleteCertificateUrl") @RequiresPermissions("org:user:edit") @ApiOperation( value = "删除附件", notes = "" ) public Result deleteCertificateUrl(@ApiParam(name="复合对象",value="传入json格式",required=true)@RequestBody JSONObject json){ Long userid = json.getLong("userid"); String path = json.getString("path"); OrgUser user = new OrgUser(); user.setUserid(userid); user.setCertificateurl(""); userService.update(user); sysAttachmentService.deleteByPath(path); return Result.ok(); } /** * 获取登录的用户信息 */ @RequestMapping("/info") public Result info(){ return Result.ok().put("user", getUser()); } /** * 获取登录的用户信息 */ @RequestMapping("/jsinfo") public String jsinfo(HttpServletRequest request,HttpServletResponse response){ String username = request.getRemoteUser(); return "var userid='"+ username+"'; alert(userid);"; } protected OrgUser getUser() { return (OrgUser) SecurityUtils.getSubject().getPrincipal(); } /** * 修改登录用户密码 */ @SysLog("修改密码") @RequestMapping("/updatePassword") public Result updatePassword(String password, String newPassword){ if(org.apache.commons.lang.StringUtils.isBlank(newPassword)){ throw new LanbaseException("新密码不为能空"); } // ^((?=.*[A-Za-z])(?=.*\d)|(?=.*[A-Za-z])(?=.*[#@!~%$^&*_])|(?=.*\d)(?=.*[#@!~%$^&*_]))[A-Za-z\d#@!~%$^&*_].{6,16} String reg = "^((?=.*[A-Za-z])(?=.*\\d)|(?=.*[A-Za-z])(?=.*[#@!~%$^&*_])|(?=.*\\d)(?=.*[#@!~%$^&*_]))[A-Za-z\\d#@!~%$^&*_].{5,15}"; if(!newPassword.matches(reg)) { throw new LanbaseException("密码必须至少包含数字、字母、特殊符号中的任意两种，且长度在6-16位之间！"); } //MD5加密 try { password = CoderUtils.lantuEncryptMD5(password); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } //MD5加密 try { newPassword =CoderUtils.lantuEncryptMD5(newPassword); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } //更新密码 int count = userService.updatePassword(getUser(), password, newPassword); if(count == 0){ return Result.error("原密码不正确"); } return Result.ok(); } /** * 修改用于普通用户修改个人信息，不需要用户编辑权限 alert ykm 2018/12/29 */ @LogAction("用户管理,修改个人信息,个人信息修改,修改") @SysLog("修改用户") @PostMapping("/updateMyselfInfo") @ApiOperation( value = "修改用户", notes = "" ) public Result updateMyselfInfo(@ApiParam(name="user",value="传入json格式",required=true)@RequestBody OrgUser user) throws Exception { if(user.getPhotourl() != null){ TiHuanLuJin(user.getPhotourl()); } if(user.getCertificateurl() != null){ TiHuanLuJin(user.getCertificateurl()); } //查询数据库存储的文件跟本次 OrgUser userList=userService.queryObject(user.getUserid()); if(user.getCertificateurl() != null && !user.getCertificateurl().equals("") && userList.getCertificateurl() != null && !userList.getCertificateurl().equals("")){ DelectEquealFile(user.getCertificateurl(), userList.getCertificateurl()); } if(user.getPhotourl() != null && !user.getPhotourl().equals("") && userList.getPhotourl() != null && !userList.getPhotourl().equals("")){ DelectEquealFile(user.getPhotourl(), userList.getPhotourl()); } user.setPhotourl(user.getPhotourl() != null ? user.getPhotourl().replace("temp/","") : user.getPhotourl()); user.setCertificateurl(user.getCertificateurl() != null ? user.getCertificateurl().replace("temp/","") :user.getCertificateurl()); user.setSpellfirst(user.getSpellfirst() != null ? user.getSpellfirst().toUpperCase() : user.getSpellfirst());//首字母小写转化大写 user.setRlasteditdate(new Date()); userService.update(user); return Result.ok(); } /** * 批量导入各应用系统已有用户 */ @LogAction("用户管理,修改个人信息,个人信息修改,修改") @SysLog("修改用户") @PostMapping("/batchimportUser") @ApiOperation( value = "批量导入用户", notes = "" ) public Result batchimportUser(File file, String fromsys) throws Exception { EasyExcel.read(file, OrgUser.class,new OrgUserReadListener(orgUserDao)); return Result.ok(); } /** * 批量导入各应用系统已有用户 * @return */ @PostMapping("/batchExportUser") @ApiOperation( value = "批量导入用户", notes = "" ) @RequiresPermissions(value = {"org:user:list","org:user:edit"}, logical = Logical.OR) public @ResponseBody void batchExportUser(HttpServletResponse rep,@RequestParam Map params) throws Exception { try{ rep.setContentType("application/vnd.ms-excel"); rep.setCharacterEncoding("utf-8"); String filename=URLEncoder.encode("用户信息表","UTF-8").replaceAll("\\+", "%20"); rep.setHeader("Content-disposition", "attachment;filename*=utf-8''"+filename+".xlsx"); OrgUser orgUser = (OrgUser) SecurityUtils.getSubject().getPrincipal(); //判读登录用户是否为属单位的管理员 OrgUnitmanager unitmanager = unitmanagerService.queryObject(orgUser.getUserid()); params.put("userid", orgUser.getUserid()); if(unitmanager != null){ params.put("unitid", unitmanager.getUnitid()); }else{ params.put("unitid", -1); } /** % 号为通配符，但是会导致部分用户不带单位而与空查询结果数不相符 * alert ykm 2019-04-12 */ if(params.get("unitname") != null && params.get("unitname").equals("%")) { params.replace("unitname", null); } //查询列表数据 //用户列表展示的数据是：管理下的单位用户 or 自己录的用户 or 管理员可以查看所有用户 //Set permissions = OrgUserService.getUserPermissions(getUserId()); //if(permissions.contains("org_user_admin")){//管理员可以查看所有用户 if(SecurityUtils.getSubject().isPermitted("org_user_admin")){//管理员可以查看所有用户 params.put("isadmin", 1); } else{//管理下的单位用户 or 自己录的用户 params.put("isadmin", 0); } Query query = new Query(params); List userList = userService.queryList(query); // OrgUserWithUnitCell os=new OrgUserWithUnitCell(); // os.setChinesename("3223"); // List userList = new ArrayList(); // userList.add(os); String filepath="D://"+"ORGUSER"+System.currentTimeMillis()+".xlsx"; EasyExcel.write(filepath,OrgUserWithUnitCell.class).sheet("用户信息").doWrite(userList); // EasyExcel.write(rep.getOutputStream(),OrgUserWithUnitCell.class).sheet("用户信息").doWrite(userList); File file=new File(filepath); ServletOutputStream sos=rep.getOutputStream(); FileInputStream fis=new FileInputStream(file); try{ byte[] bytes=new byte[1024]; while(fis.read(bytes)!=-1){ sos.write(bytes); } }catch(Exception e){ e.printStackTrace(); }finally{ sos.close(); fis.close(); } }catch(Exception e){ rep.reset(); rep.setContentType("application/json"); rep.setCharacterEncoding("utf-8"); JSONObject json=new JSONObject(); json.put("status", "failure"); json.put("message", "文件下载失败"); rep.getWriter().println(JSON.toJSONString(json)); } } public static void main(String[] args) throws Exception { String lantuEncryptMD5 = CoderUtils.lantuEncryptMD5("CaoKe@0601"); System.out.println(lantuEncryptMD5); System.out.println("CoderUtils.lantuEncryptMD5(\"123456\") = " + CoderUtils.lantuEncryptMD5("123456")); } }