package art.kexue.sxwz.controller; import art.kexue.sxwz.entity.request.*; import art.kexue.sxwz.entity.request.BindPhoneDto; import art.kexue.sxwz.entity.request.BindWxDto; import art.kexue.sxwz.annotation.RequireAuth; import art.kexue.sxwz.annotation.RequireRole; import art.kexue.sxwz.entity.SysUser; import art.kexue.sxwz.entity.dto.SysUserDto; import art.kexue.sxwz.entity.dto.UserDetailDto; import art.kexue.sxwz.entity.request.*; import art.kexue.sxwz.exception.BizException; import art.kexue.sxwz.service.SysUserService; import org.springframework.web.bind.annotation.*; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; import javax.annotation.Resource; import jakarta.servlet.http.HttpServletRequest; import art.kexue.sxwz.common.CacheManager; import com.github.pagehelper.PageInfo; import art.kexue.sxwz.common.CommonResult; import art.kexue.sxwz.entity.base.IdDto; import org.redisson.api.RedissonClient; import org.springframework.web.multipart.MultipartFile; import java.util.List; /** * (SysUser)表控制层 * * @author 王志维 * @since 2025-02-21 23:01:48 */ @RestController @RequestMapping("api/sysUser") @Tag(name = "用户管理 Api") @CrossOrigin(origins = "*") public class SysUserController { /** * 服务对象 */ @Resource private SysUserService sysUserService; /** * Redisson客户端 */ @Resource private RedissonClient redissonClient; /** * 分页查询 * * @param queryDto 筛选条件 * @return 查询结果 */ @PostMapping("/getPageList") @Operation(summary = "查询分页列表", description = "查询分页列表") public CommonResult> getPageList(@RequestBody SysUserDto queryDto) { return CommonResult.success(sysUserService.getPageList(queryDto)); } /** * 通过主键查询单条数据 * * @param id 主键 * @return 单条数据 */ @PostMapping("queryById/{id}") @Operation(summary = "通过ID查询用户", description = "通过ID查询用户") public CommonResult queryById(@PathVariable("id") Long id) { return CommonResult.success(sysUserService.queryById(id)); } @GetMapping("/getUserDetail/{userId}") @Operation(summary = "查询用户详细信息", description = "根据用户ID查询用户所有信息,包含sysUser、student、teacher、account") @RequireRole({"SUPER","SUPER1","SCHOOL_ADMIN","COLLEGE_ADMIN"}) public CommonResult getUserDetail(@PathVariable("userId") Long userId) { return CommonResult.success(sysUserService.getUserDetailById(userId)); } /** * 新增数据 * * @param SysUser 实体 * @return 新增结果 */ @PostMapping("/insert") @Operation(summary = "新增用户", description = "新增用户") public CommonResult insert(@RequestBody SysUser SysUser) { return CommonResult.success(sysUserService.insert(SysUser)); } /** * 编辑数据 * * @param SysUser 实体 * @return 编辑结果 */ @PostMapping("/update") @Operation(summary = "更新用户", description = "更新用户") public CommonResult update(@RequestBody SysUserUpdateDto SysUser) { return CommonResult.success(sysUserService.update(SysUser)); } /** * 删除数据 * * @param id * @return 删除数据 */ @PostMapping("deleteById/{id}") @Operation(summary = "通过ID删除用户", description = "通过ID删除用户") public CommonResult deleteById(@PathVariable("id") Long id) { return CommonResult.success(sysUserService.deleteById(id)); } @PostMapping("deleteByIdDto") @Operation(summary = "通过ID删除用户", description = "通过ID删除用户") public CommonResult deleteByIdDto(@RequestBody IdDto idDto) { return CommonResult.success(sysUserService.deleteById(idDto.getId())); } @PostMapping("/resetPassword") @Operation(summary = "管理员帮助用户重置密码", description = "管理员帮助用户重置密码") @RequireAuth public CommonResult resetPassword(@RequestBody ResetPwdDto resetPasswordDto) { boolean result = sysUserService.resetPassword(resetPasswordDto); return CommonResult.success(result); } /** * 重置密码(管理员专用,通过用户ID) * * @param resetPwdDto 重置密码请求参数 * @param request HTTP请求 * @return 重置结果 */ @PostMapping("/resetPwd") @Operation(summary = "重置密码(管理员专用,通过用户ID)", description = "重置密码(管理员专用,通过用户ID)") @RequireAuth public CommonResult resetPwd(@RequestBody ResetPwdDto resetPwdDto, HttpServletRequest request) { // 从请求头中获取token String token = request.getHeader("Authorization"); if (token == null || token.isEmpty()) { throw new BizException("请先登录认证后操作"); } // 从缓存中获取当前登录用户 String username = CacheManager.getUsernameFromToken(token); if (username == null) { throw new BizException("无效的token,请重新登录"); } SysUser adminUser = sysUserService.getByUsername(username); if (adminUser == null) { throw new BizException("管理员不存在"); } // 调用服务层方法重置密码 boolean result = sysUserService.resetPwd(resetPwdDto.getUserId(), resetPwdDto.getNewPassword(), username); return CommonResult.success(result); } /** * 重置密码(管理员专用,通过用户名或手机号) * * @param resetPasswordDto 重置密码请求参数 * @param request HTTP请求 * @return 重置结果 */ @PostMapping("/resetPasswordByUsernameOrPhone") @Operation(summary = "重置密码(管理员专用,通过用户名或手机号)", description = "重置密码(管理员专用,通过用户名或手机号,无需旧密码)") @RequireAuth public CommonResult resetPasswordByUsernameOrPhone(@RequestBody AdminResetPasswordDto resetPasswordDto, HttpServletRequest request) { // 从请求头中获取token String token = request.getHeader("Authorization"); if (token == null || token.isEmpty()) { throw new BizException("请先登录认证后操作"); } // 从缓存中获取当前登录用户 String username = CacheManager.getUsernameFromToken(token); if (username == null) { throw new BizException("无效的token,请重新登录"); } SysUser adminUser = sysUserService.getByUsername(username); if (adminUser == null) { throw new BizException("管理员不存在"); } // 调用服务层方法重置密码 boolean result = sysUserService.resetPasswordByUsernameOrPhone(resetPasswordDto.getUsernameOrPhone(), resetPasswordDto.getNewPassword(), username); return CommonResult.success(result); } /** * 获取当前登录用户信息 * * @param request HTTP请求 * @return 当前登录用户信息 */ @GetMapping("/currentUser") @Operation(summary = "获取当前登录用户信息", description = "获取当前登录用户信息") @RequireAuth public CommonResult currentUser(HttpServletRequest request) { // 从请求头中获取token String token = request.getHeader("Authorization"); if (token == null || token.isEmpty()) { throw new BizException("请先登录认证后操作"); } // 使用Sa-Token检查token是否有效 try { cn.dev33.satoken.stp.StpUtil.checkLogin(); } catch (Exception e) { throw new BizException("无效的token,请重新登录"); } // 从Redis缓存中获取LoginUser对象 String loginUserJson = (String)redissonClient.getBucket("loginUser:" + token).get(); if (loginUserJson == null || loginUserJson.isEmpty()) { throw new BizException("无效的token,请重新登录"); } // 解析JSON字符串为LoginUser对象 LoginUser loginUser = cn.hutool.json.JSONUtil.toBean(loginUserJson, LoginUser.class); // 转换为LoginUserDto LoginUserDto loginUserDto = new LoginUserDto(); loginUserDto.setToken(loginUser.getToken()); loginUserDto.setUserInfo(loginUser.getUserInfo()); return CommonResult.success(loginUserDto); } /** * 上传用户头像 * * @param file 头像文件 * @param request HTTP请求 * @return 上传结果 */ @PostMapping("/uploadAvatar") @Operation(summary = "上传用户头像", description = "上传用户头像并更新用户信息") @RequireAuth public CommonResult uploadAvatar(@RequestParam("file") MultipartFile file, HttpServletRequest request) { // 从请求头中获取token String token = request.getHeader("Authorization"); if (token == null || token.isEmpty()) { throw new BizException("请先登录认证后操作"); } // 从Redis中获取当前登录用户信息 String loginUserJson = (String)redissonClient.getBucket("loginUser:" + token).get(); if (loginUserJson == null || loginUserJson.isEmpty()) { throw new BizException("无效的token,请重新登录"); } // 解析JSON字符串为LoginUser对象 LoginUser loginUser = cn.hutool.json.JSONUtil.toBean(loginUserJson, LoginUser.class); if (loginUser == null || loginUser.getUserInfo() == null) { throw new BizException("无效的token,请重新登录"); } SysUser user = loginUser.getUserInfo(); if (user == null) { throw new BizException("用户不存在"); } // 调用服务层方法上传头像 String fileName = sysUserService.uploadAvatar(file, user.getUserId(), token); return CommonResult.success(fileName); } @PostMapping("/verifyPhoneCode") @Operation(summary = "验证手机号验证码", description = "验证手机号和验证码是否匹配,用于更换手机号等场景的原手机号验证") public CommonResult verifyPhoneCode(@RequestBody VerifyPhoneCodeDto verifyPhoneCodeDto) { boolean result = sysUserService.verifyPhoneCode(verifyPhoneCodeDto.getPhone(), verifyPhoneCodeDto.getCode()); return CommonResult.success(result); } @PostMapping("/bindPhone") @Operation(summary = "绑定电话号码", description = "为当前登录用户绑定手机号码") @RequireAuth public CommonResult bindPhone(@RequestBody BindPhoneDto bindPhoneDto) { boolean result = sysUserService.bindPhone(bindPhoneDto.getPhone(), bindPhoneDto.getCode()); return CommonResult.success(result); } @PostMapping("/bindWx") @Operation(summary = "绑定微信", description = "为用户绑定微信ID") @RequireAuth public CommonResult bindWx(@RequestBody BindWxDto bindWxDto) { boolean result = sysUserService.bindWx(bindWxDto.getUserId(), bindWxDto.getWxid()); return CommonResult.success(result); } @PostMapping("/createSchoolAdmin") @Operation(summary = "创建学校管理员", description = "创建学校管理员用户,只有公司管理员(SUPER)能操作") @RequireRole({"SUPER","SUPER1"}) public CommonResult createSchoolAdmin(@RequestBody CreateUserDto createUserDto) { return CommonResult.success(sysUserService.createSchoolAdmin(createUserDto)); } @PostMapping("/createCollegeAdmin") @Operation(summary = "创建学院管理员", description = "创建学院管理员用户,只有学校管理员(SCHOOL_ADMIN)能操作") @RequireRole("SCHOOL_ADMIN") public CommonResult createCollegeAdmin(@RequestBody CreateUserDto createUserDto) { return CommonResult.success(sysUserService.createCollegeAdmin(createUserDto)); } @PostMapping("/createTeacher") @Operation(summary = "创建教师用户", description = "创建教师用户,只有学院管理员(COLLEGE_ADMIN)能操作") @RequireRole({"COLLEGE_ADMIN","SCHOOL_ADMIN"}) public CommonResult createTeacher(@RequestBody CreateUserDto createUserDto) { return CommonResult.success(sysUserService.createTeacher(createUserDto)); } @PostMapping("/createStudent") @Operation(summary = "创建学生用户", description = "创建学生用户,只有学院管理员(COLLEGE_ADMIN)能操作") @RequireRole("COLLEGE_ADMIN") public CommonResult createStudent(@RequestBody CreateUserDto createUserDto) { return CommonResult.success(sysUserService.createStudent(createUserDto)); } @PostMapping("/getUsersBySchool") @Operation(summary = "根据学校ID获取用户列表", description = "根据学校ID和角色类型获取用户列表") @RequireAuth public CommonResult> getUsersBySchool(@RequestBody UserBySchoolQueryDto queryDto) { return CommonResult.success(sysUserService.getUsersBySchoolIdAndRoleType(queryDto.getSchoolId(), queryDto.getRoleType())); } @PostMapping("/getUsersWithExtBySchool") @Operation(summary = "根据学校ID获取用户列表(级联查询)", description = "根据学校ID和角色类型获取用户列表,级联查询学生/教师扩展信息") @RequireAuth public CommonResult> getUsersWithExtBySchool(@RequestBody UserBySchoolQueryDto queryDto) { return CommonResult.success(sysUserService.getUsersWithExtBySchoolIdAndRoleType(queryDto.getSchoolId(), queryDto.getRoleType())); } }