diff --git a/src/main/java/com/xmomen/framework/web/interceptor/CrossInterceptor.java b/src/main/java/com/xmomen/framework/web/interceptor/CrossInterceptor.java index 4f7a162..3b6ef0a 100644 --- a/src/main/java/com/xmomen/framework/web/interceptor/CrossInterceptor.java +++ b/src/main/java/com/xmomen/framework/web/interceptor/CrossInterceptor.java @@ -16,13 +16,17 @@ public class CrossInterceptor extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { + // 判断请求头中是否包含"Access-Control-Request-Method",并且请求方法为"OPTIONS" if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) { // CORS "pre-flight" request + + // 添加允许跨域请求的响应头 response.addHeader("Access-Control-Allow-Origin", "*"); response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE"); response.addHeader("Access-Control-Allow-Headers", "X-Requested-With,Content-Type"); response.addHeader("Access-Control-Max-Age", "1800");//30 min } + // 继续执行过滤器链 filterChain.doFilter(request, response); } } diff --git a/src/main/java/com/xmomen/module/account/credentials/RetryLimitHashedCredentialsMatcher.java b/src/main/java/com/xmomen/module/account/credentials/RetryLimitHashedCredentialsMatcher.java index fb6980b..3a46623 100644 --- a/src/main/java/com/xmomen/module/account/credentials/RetryLimitHashedCredentialsMatcher.java +++ b/src/main/java/com/xmomen/module/account/credentials/RetryLimitHashedCredentialsMatcher.java @@ -16,25 +16,19 @@ import java.util.concurrent.atomic.AtomicInteger; */ public class RetryLimitHashedCredentialsMatcher extends HashedCredentialsMatcher { + //密码重试缓存 private Cache passwordRetryCache; + //构造函数,传入CacheManager public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager) { passwordRetryCache = cacheManager.getCache("passwordRetryCache"); } + //重写doCredentialsMatch方法,实现密码重试限制 @Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { + //获取用户名 String username = (String)token.getPrincipal(); - //retry count + 1 -// AtomicInteger retryCount = passwordRetryCache.get(username); -// if(retryCount == null) { -// retryCount = new AtomicInteger(0); -// passwordRetryCache.put(username, retryCount); -// } -// if(retryCount.incrementAndGet() > 5) { -// //if retry count > 5 throw -// throw new ExcessiveAttemptsException(); -// } boolean matches = super.doCredentialsMatch(token, info); if(matches) { diff --git a/src/main/java/com/xmomen/module/account/mapper/UserMapper.java b/src/main/java/com/xmomen/module/account/mapper/UserMapper.java index fd17e8d..3a1566f 100644 --- a/src/main/java/com/xmomen/module/account/mapper/UserMapper.java +++ b/src/main/java/com/xmomen/module/account/mapper/UserMapper.java @@ -9,33 +9,21 @@ import org.apache.ibatis.annotations.Update; import java.util.List; - -/** - * Created by Jeng on 2016/1/22. - */ public interface UserMapper { public static final String UserMapperNameSpace = "com.xmomen.module.account.mapper.UserMapper."; + // 根据用户名查询用户角色列表 @Select("select r.* from sys_roles r left join sys_users_roles ur on ur.role_id = r.id left join sys_users u on u.id=ur.user_id where u.username = #{username}") @ResultType(SysRoles.class) public List getRoleList(String username); - /** - * 查询用户所有权限 - * @param username - * @return - */ + // 根据用户名查询用户权限列表 @Select("select p.* from sys_permissions p left join `sys_roles_permissions` rp on rp.`PERMISSION_ID`=p.`ID` left join sys_roles r on rp.`ROLE_ID`=r.`ID` left join sys_users_roles ur on ur.role_id = r.id left join sys_users u on u.id=ur.user_id where u.username = #{username}") @ResultType(SysPermissions.class) public List getPermissionList(String username); - /** - * 修改密码 - * @param username - * @param currentPassword - * @param password - */ + // 修改用户密码 @Update("UPDATE sys_users SET PASSWORD = #{password},SALT=#{salt} WHERE username = #{username} AND PASSWORD=#{currentPassword}") public void resetPassword(@Param(value = "username") String username, @Param(value = "currentPassword") String currentPassword, diff --git a/src/main/java/com/xmomen/module/account/model/CreateUser.java b/src/main/java/com/xmomen/module/account/model/CreateUser.java index f687add..58a9a33 100644 --- a/src/main/java/com/xmomen/module/account/model/CreateUser.java +++ b/src/main/java/com/xmomen/module/account/model/CreateUser.java @@ -12,41 +12,28 @@ import lombok.Data; */ public @Data class CreateUser implements Serializable { + // 用户名 private String username; + // 邮箱 private String email; + // 密码 private String password; - /** - * 真实姓名 - */ + // 真实姓名 private String realname; - - /** - * 年龄 - */ + // 年龄 private Integer age; - /** - * 1-男,2女 - */ + // 性别 1-男 2-女 private Integer sex; - - /** - * QQ - */ + // QQ private String qq; - - /** - * 手机号 - */ + // 手机号 private String phoneNumber; - - /** - * 办公室电话 - */ + //办公室电话 private String officeTel; - + // 是否锁定 private Boolean locked = Boolean.FALSE; - + // 组织ID private Integer organizationId; - + // 用户组ID列表 private List userGroupIds; } diff --git a/src/main/java/com/xmomen/module/account/model/User.java b/src/main/java/com/xmomen/module/account/model/User.java index 1059b9f..2ddef3b 100644 --- a/src/main/java/com/xmomen/module/account/model/User.java +++ b/src/main/java/com/xmomen/module/account/model/User.java @@ -9,17 +9,31 @@ import lombok.Data; * Created by Jeng on 2016/1/28. */ public @Data class User implements Serializable { + + //用户ID private Integer id; + //用户名 private String username; + //真实姓名 private String realName; + //电话号码 private String phoneNumber; + //性别 private String sex; + //年龄 private Integer age; + //QQ号 private String qq; + //办公电话 private String officeTel; + //是否锁定 private Integer locked; + //邮箱 private String email; - private String organization;//组织 + //组织 + private String organization; + //组织ID private Integer organizationId; + //用户组 private List userGroups; } diff --git a/src/main/java/com/xmomen/module/account/model/UserGroup.java b/src/main/java/com/xmomen/module/account/model/UserGroup.java index 2505326..6329fa1 100644 --- a/src/main/java/com/xmomen/module/account/model/UserGroup.java +++ b/src/main/java/com/xmomen/module/account/model/UserGroup.java @@ -4,7 +4,11 @@ import java.io.Serializable; import lombok.Data; +// 用户组实体类 public @Data class UserGroup implements Serializable{ + + // 用户组名称 private String userGorup; + // 用户组ID private Integer userGroupId; } diff --git a/src/main/java/com/xmomen/module/account/realm/MemberRealm.java b/src/main/java/com/xmomen/module/account/realm/MemberRealm.java index a2bb951..5f7cfe8 100644 --- a/src/main/java/com/xmomen/module/account/realm/MemberRealm.java +++ b/src/main/java/com/xmomen/module/account/realm/MemberRealm.java @@ -25,6 +25,7 @@ public class MemberRealm extends AuthorizingRealm { MemberService memberService; + //设置MemberService public void setMemberService(MemberService memberService) { this.memberService = memberService; } @@ -56,31 +57,40 @@ public class MemberRealm extends AuthorizingRealm { protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String phoneNumber = (String)token.getPrincipal(); if(StringUtils.trimToNull(phoneNumber) == null){ - throw new IncorrectCredentialsException();//账号或密码错误 + //账号或密码错误 + throw new IncorrectCredentialsException(); } CdMember query = new CdMember(); query.setPhoneNumber(phoneNumber); CdMember member = memberService.findMember(query); if(member == null) { - throw new UnknownAccountException();//没找到帐号 + //没找到帐号 + throw new UnknownAccountException(); } SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo( - phoneNumber, //用户名 - member.getPassword(), //密码 - ByteSource.Util.bytes(AppConstants.PC_PASSWORD_SALT),//salt=phoneNumber - getName() //realm name + //用户名 + phoneNumber, + //密码 + member.getPassword(), + //salt=phoneNumber + ByteSource.Util.bytes(AppConstants.PC_PASSWORD_SALT), + //realm name + getName() ); return authenticationInfo; } + //清除所有授权信息 public void clearAllCachedAuthorizationInfo() { getAuthorizationCache().clear(); } + //清除所有认证信息 public void clearAllCachedAuthenticationInfo() { getAuthenticationCache().clear(); } + //清除所有缓存信息 public void clearAllCache() { clearAllCachedAuthenticationInfo(); clearAllCachedAuthorizationInfo(); diff --git a/src/main/java/com/xmomen/module/account/realm/UserRealm.java b/src/main/java/com/xmomen/module/account/realm/UserRealm.java index d1af711..a6d2b77 100644 --- a/src/main/java/com/xmomen/module/account/realm/UserRealm.java +++ b/src/main/java/com/xmomen/module/account/realm/UserRealm.java @@ -25,29 +25,39 @@ import java.util.Set; */ public class UserRealm extends AuthorizingRealm { + // 注入UserService private UserService userService; + // 设置UserService public void setUserService(UserService userService) { this.userService = userService; } + // 获取用户的授权信息 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { + // 获取用户名 String username = (String)principals.getPrimaryPrincipal(); + // 获取用户的角色 Set roles = userService.findRoles(username); + // 获取用户的权限 Set realmNames = principals.getRealmNames(); for(String realmName: realmNames) { if(realmName.contains("UserRealm")) { roles.add("user"); } } + // 创建SimpleAuthorizationInfo对象 SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(); + // 设置用户的角色 authorizationInfo.setRoles(roles); + // 设置用户的权限 authorizationInfo.setStringPermissions(userService.findPermissions(username)); return authorizationInfo; } + // 判断是否支持该类型的token @Override public boolean supports(AuthenticationToken token) { if(token instanceof SysUserToken) { @@ -56,22 +66,28 @@ public class UserRealm extends AuthorizingRealm { return false; } + // 获取用户的认证信息 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { + // 获取用户名 String username = (String)token.getPrincipal(); + // 根据用户名获取用户信息 SysUsers user = userService.findByUsername(username); + // 如果用户不存在,抛出UnknownAccountException异常 if(user == null) { throw new UnknownAccountException();//没找到帐号 } + // 如果用户被锁定,抛出LockedAccountException异常 if(Boolean.TRUE.equals(user.getLocked())) { throw new LockedAccountException(); //帐号锁定 } //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现 + // 创建SimpleAuthenticationInfo对象 SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo( username, //用户名 user.getPassword(), //密码 @@ -81,29 +97,35 @@ public class UserRealm extends AuthorizingRealm { return authenticationInfo; } + // 清除用户的授权信息 @Override public void clearCachedAuthorizationInfo(PrincipalCollection principals) { super.clearCachedAuthorizationInfo(principals); } + // 清除用户的认证信息 @Override public void clearCachedAuthenticationInfo(PrincipalCollection principals) { super.clearCachedAuthenticationInfo(principals); } + // 清除用户的缓存信息 @Override public void clearCache(PrincipalCollection principals) { super.clearCache(principals); } + // 清除所有用户的授权信息 public void clearAllCachedAuthorizationInfo() { getAuthorizationCache().clear(); } + // 清除所有用户的认证信息 public void clearAllCachedAuthenticationInfo() { getAuthenticationCache().clear(); } + // 清除所有用户的缓存信息 public void clearAllCache() { clearAllCachedAuthenticationInfo(); clearAllCachedAuthorizationInfo(); diff --git a/src/main/java/com/xmomen/module/account/service/PasswordHelper.java b/src/main/java/com/xmomen/module/account/service/PasswordHelper.java index 6a65cbe..259f5cc 100644 --- a/src/main/java/com/xmomen/module/account/service/PasswordHelper.java +++ b/src/main/java/com/xmomen/module/account/service/PasswordHelper.java @@ -12,26 +12,34 @@ import org.apache.shiro.util.ByteSource; */ public class PasswordHelper { + // 随机数生成器 private RandomNumberGenerator randomNumberGenerator = new SecureRandomNumberGenerator(); + // 加密算法 private String algorithmName = "md5"; + // 加密次数 private int hashIterations = 2; + // 设置随机数生成器 public void setRandomNumberGenerator(RandomNumberGenerator randomNumberGenerator) { this.randomNumberGenerator = randomNumberGenerator; } + // 设置加密算法 public void setAlgorithmName(String algorithmName) { this.algorithmName = algorithmName; } + // 设置加密次数 public void setHashIterations(int hashIterations) { this.hashIterations = hashIterations; } + // 生成随机盐 public String getSalt(){ return randomNumberGenerator.nextBytes().toHex(); } + // 加密密码 public String encryptPassword(String password, String salt) { return new SimpleHash( algorithmName, diff --git a/src/main/java/com/xmomen/module/account/service/PermissionService.java b/src/main/java/com/xmomen/module/account/service/PermissionService.java index c4f58cd..0ec8fc9 100644 --- a/src/main/java/com/xmomen/module/account/service/PermissionService.java +++ b/src/main/java/com/xmomen/module/account/service/PermissionService.java @@ -9,16 +9,10 @@ import com.xmomen.module.user.entity.SysPermissions; *

Version: 1.0 */ public interface PermissionService { - /** - * 创建权限资源 - * @param permission - * @return - */ + //创建权限 public SysPermissions createPermission(SysPermissions permission); - /** - * 删除权限资源 - * @param permissionId - */ + + //删除权限 public void deletePermission(Long permissionId); } diff --git a/src/main/java/com/xmomen/module/account/service/PermissionServiceImpl.java b/src/main/java/com/xmomen/module/account/service/PermissionServiceImpl.java index 47590fc..575760c 100644 --- a/src/main/java/com/xmomen/module/account/service/PermissionServiceImpl.java +++ b/src/main/java/com/xmomen/module/account/service/PermissionServiceImpl.java @@ -21,6 +21,7 @@ public class PermissionServiceImpl implements PermissionService { @Override @Transactional public SysPermissions createPermission(SysPermissions permission) { + // 保存权限信息 permission = mybatisDao.saveByModel(permission); return permission; } @@ -28,6 +29,7 @@ public class PermissionServiceImpl implements PermissionService { @Override @Transactional public void deletePermission(Long permissionId) { + // 根据权限ID删除权限信息 mybatisDao.deleteByPrimaryKey(SysPermissions.class, permissionId); } } diff --git a/src/main/java/com/xmomen/module/account/service/RoleService.java b/src/main/java/com/xmomen/module/account/service/RoleService.java index 0f6e5ec..3ef4fae 100644 --- a/src/main/java/com/xmomen/module/account/service/RoleService.java +++ b/src/main/java/com/xmomen/module/account/service/RoleService.java @@ -14,78 +14,61 @@ import java.util.List; */ public interface RoleService { - /** - * 根据角色ID查询用户 - * @param roleId - * @param pageSize - * @param pageNum - * @return - */ + // 根据角色ID查询用户 + // @param roleId 角色ID + // @param chose 是否选择 + // @param pageSize 每页大小 + // @param pageNum 当前页码 + // @return 用户组关系分页对象 + public Page findUsersByRoles(String roleId, boolean chose, Integer pageSize, Integer pageNum); - /** - * 查询用户角色 - * @param keyValue - * @param pageSize - * @param pageNum - * @return - */ + // 查询用户角色 + // @param keyValue 查询关键字 + // @param pageSize 每页大小 + // @param pageNum 当前页码 + // @return 角色分页对象 public Page findRoles(String keyValue, Integer pageSize, Integer pageNum); - /** - * 获取角色 - * @param roleId - */ + // 获取角色 + // @param roleId 角色ID + // @return 角色对象 public SysRoles getRole(Integer roleId); - /** - * 获取角色 - * @param sysRoles - */ + // 获取角色 + // @param sysRoles 角色对象 public void updateRole(SysRoles sysRoles); - /** - * 更新用户组信息并添加用户 - * @param sysRoles - * @param userIdList - */ + // 更新用户组信息并添加用户 + // @param sysRoles 角色对象 + // @param userIdList 用户ID列表 public void updateRole(SysRoles sysRoles, List userIdList); - /** - * 创建角色 - * @param role - * @return - */ + // 创建角色 + // @param role 角色对象 + // @return 角色对象 public SysRoles createRole(SysRoles role); - /** - * 删除角色 - * @param roleId - */ + // 删除角色 + // @param roleId 角色ID public void deleteRole(Integer roleId); - /** - * 根据角色查询权限 - * @param roleId - * @param chose - * @param pageSize - * @param pageNum - * @return - */ + // 根据角色查询权限 + // @param roleId 角色ID + // @param chose 是否选择 + // @param pageSize 每页大小 + // @param pageNum 当前页码 + // @return 角色权限关系分页对象 public Page findPermissionByRoles(String roleId, boolean chose, Integer pageSize, Integer pageNum); - /** - * 添加角色-权限之间关系 - * @param roleId - * @param permissionIds - */ + // 添加角色-权限之间关系 + // @param roleId 角色ID + // @param permissionIds 权限ID列表 public void correlationPermissions(Integer roleId, Integer... permissionIds); - /** - * 移除角色-权限之间关系 - * @param roleId - * @param permissionIds - */ + // 移除角色-权限之间关系 + // @param roleId 角色ID + //@param permissionIds 权限ID列表 public void unCorrelationPermissions(Integer roleId, Integer... permissionIds); } diff --git a/src/main/java/com/xmomen/module/account/service/RoleServiceImpl.java b/src/main/java/com/xmomen/module/account/service/RoleServiceImpl.java index c7c6025..5662241 100644 --- a/src/main/java/com/xmomen/module/account/service/RoleServiceImpl.java +++ b/src/main/java/com/xmomen/module/account/service/RoleServiceImpl.java @@ -34,14 +34,7 @@ public class RoleServiceImpl implements RoleService { @Autowired UserService userService; - /** - * 根据角色ID查询用户 - * - * @param roleId - * @param pageSize - * @param pageNum - * @return - */ + //根据角色ID查询用户 @Override public Page findUsersByRoles(String roleId, boolean chose, Integer pageSize, Integer pageNum) { Map map = new HashMap(); @@ -61,32 +54,19 @@ public class RoleServiceImpl implements RoleService { return mybatisDao.selectPageByExample(sysRolesExample, pageSize, pageNum); } - /** - * 获取角色 - * - * @param roleId - */ + //获取角色 @Override public SysRoles getRole(Integer roleId) { return mybatisDao.selectByPrimaryKey(SysRoles.class, roleId); } - /** - * 更新角色 - * - * @param sysRoles - */ + // 更新角色 @Override public void updateRole(SysRoles sysRoles) { mybatisDao.update(sysRoles); } - /** - * 更新用户组信息并添加用户 - * - * @param sysRoles - * @param userIdList - */ + // 更新用户组信息并添加用户 @Override @Transactional public void updateRole(SysRoles sysRoles, List userIdList) { @@ -114,11 +94,7 @@ public class RoleServiceImpl implements RoleService { return (Page) mybatisDao.selectPage(UserMapper.UserMapperNameSpace + "findPermissionByRole", map, pageSize, pageNum); } - /** - * 添加角色-权限之间关系 - * @param roleId - * @param permissionIds - */ + // 添加角色-权限之间关系 public void correlationPermissions(Integer roleId, Integer... permissionIds) { for(Integer permissionId : permissionIds){ SysRolesPermissions sysRolesPermissionsKey = new SysRolesPermissions(); @@ -128,11 +104,7 @@ public class RoleServiceImpl implements RoleService { } } - /** - * 移除角色-权限之间关系 - * @param roleId - * @param permissionIds - */ + //移除角色-权限之间关系 public void unCorrelationPermissions(Integer roleId, Integer... permissionIds) { SysRolesPermissionsExample sysRolesPermissionsExample = new SysRolesPermissionsExample(); sysRolesPermissionsExample.createCriteria() diff --git a/src/main/java/com/xmomen/module/account/service/UserService.java b/src/main/java/com/xmomen/module/account/service/UserService.java index 17a795d..d0c6746 100644 --- a/src/main/java/com/xmomen/module/account/service/UserService.java +++ b/src/main/java/com/xmomen/module/account/service/UserService.java @@ -13,66 +13,49 @@ import com.xmomen.module.user.entity.SysUsers; */ public interface UserService { - /** - * 创建用户 - * @param user - */ + // 创建用户 + // @param user public SysUsers createUser(CreateUser user); - /** - * 更新用户 - * @param updateUserVo - */ + // 更新用户 + // @param updateUserVo public void updateUser(UpdateUserVo updateUserVo); - /** - * 修改密码 - * @param userId - * @param newPassword - */ + // 修改密码 + // @param userId + // @param newPassword + public void changePassword(Integer userId, String newPassword); - /** - * 修改密码 - * @param currentPassword - * @param newPassword - */ + //修改密码 + // @param currentPassword + // @param newPassword public void changePassword(String username, String currentPassword, String newPassword); - /** - * 添加用户-角色关系 - * @param userId - * @param roleIds - */ + // 添加用户-角色关系 + // @param userId + // @param roleIds public void correlationRoles(Integer userId, Integer... roleIds); - /** - * 移除用户-角色关系 - * @param userId - * @param roleIds - */ + // 移除用户-角色关系 + // @param userId + // @param roleIds public void uncorrelationRoles(Integer userId, Integer... roleIds); - /** - * 根据用户名查找用户 - * @param username - * @return - */ + // 根据用户名查找用户 + // @param username + // @return public SysUsers findByUsername(String username); - /** - * 根据用户名查找其角色 - * @param username - * @return - */ + // 根据用户名查找其角色 + // @param username + // @return public Set findRoles(String username); - /** - * 根据用户名查找其权限 - * @param username - * @return - */ + // 根据用户名查找其权限 + // @param username + // @return public Set findPermissions(String username); } diff --git a/src/main/java/com/xmomen/module/account/service/UserServiceImpl.java b/src/main/java/com/xmomen/module/account/service/UserServiceImpl.java index 19a4bd7..2d3cdfc 100644 --- a/src/main/java/com/xmomen/module/account/service/UserServiceImpl.java +++ b/src/main/java/com/xmomen/module/account/service/UserServiceImpl.java @@ -34,6 +34,7 @@ public class UserServiceImpl implements UserService { private PasswordHelper passwordHelper; + //设置密码帮助类 public void setPasswordHelper(PasswordHelper passwordHelper) { this.passwordHelper = passwordHelper; } @@ -44,11 +45,8 @@ public class UserServiceImpl implements UserService { @Autowired(required = false) UserMapper userMapper; - /** - * 创建用户 - * - * @param user - */ + // 创建用户 + // @param user @Transactional public SysUsers createUser(CreateUser user) { //加密密码 @@ -68,12 +66,14 @@ public class UserServiceImpl implements UserService { sysUsers.setPassword(newPassword); sysUsers.setLocked(user.getLocked() ? 1 : 0); sysUsers = mybatisDao.saveByModel(sysUsers); + //保存用户角色关系 for (int userGroupId : user.getUserGroupIds()) { SysUsersRoles userRoles = new SysUsersRoles(); userRoles.setRoleId(userGroupId); userRoles.setUserId(sysUsers.getId()); mybatisDao.save(userRoles); } + //保存用户组织关系 SysUserOrganization userOrganization = new SysUserOrganization(); userOrganization.setOrganizationId(user.getOrganizationId()); userOrganization.setUserId(sysUsers.getId()); @@ -81,11 +81,8 @@ public class UserServiceImpl implements UserService { return sysUsers; } - /** - * 更新用户 - * - * @param updateUserVo - */ + // 更新用户 + // @param updateUserVo @Transactional @Override public void updateUser(UpdateUserVo updateUserVo) { @@ -120,12 +117,9 @@ public class UserServiceImpl implements UserService { mybatisDao.save(sysUsers); } - /** - * 修改密码 - * - * @param userId - * @param newPassword - */ + // 修改密码 + // @param userId + // @param newPassword @Transactional public void changePassword(Integer userId, String newPassword) { SysUsers user = mybatisDao.selectByPrimaryKey(SysUsers.class, userId); @@ -150,12 +144,9 @@ public class UserServiceImpl implements UserService { userMapper.resetPassword(username, currentRealPwd, newCurrentRealPwd, newSalt); } - /** - * 添加用户-角色关系 - * - * @param userId - * @param roleIds - */ + // 添加用户-角色关系 + // @param userId + // @param roleIds @Transactional public void correlationRoles(Integer userId, Integer... roleIds) { for (int i = 0; i < roleIds.length; i++) { @@ -168,12 +159,9 @@ public class UserServiceImpl implements UserService { } - /** - * 移除用户-角色关系 - * - * @param userId - * @param roleIds - */ + // 移除用户-角色关系 + // @param userId + // @param roleIds public void uncorrelationRoles(Integer userId, Integer... roleIds) { SysUsersRolesExample sysUsersRolesExample = new SysUsersRolesExample(); sysUsersRolesExample.createCriteria() @@ -182,12 +170,9 @@ public class UserServiceImpl implements UserService { mybatisDao.deleteByExample(sysUsersRolesExample); } - /** - * 根据用户名查找用户 - * - * @param username - * @return - */ + // 根据用户名查找用户 + // @param username + // @return public SysUsers findByUsername(String username) { SysUsersExample sysUsersExample = new SysUsersExample(); sysUsersExample.createCriteria().andUsernameEqualTo(username); @@ -197,12 +182,9 @@ public class UserServiceImpl implements UserService { return userses.size() > 0 ? userses.get(0) : null; } - /** - * 根据用户名查找其角色 - * - * @param username - * @return - */ + // 根据用户名查找其角色 + // @param username + // @return public Set findRoles(String username) { List sysRolesList = userMapper.getRoleList(username); Set roles = new HashSet(); @@ -212,12 +194,9 @@ public class UserServiceImpl implements UserService { return roles; } - /** - * 根据用户名查找其权限 - * - * @param username - * @return - */ + // 根据用户名查找其权限 + // @param username + // @return public Set findPermissions(String username) { List sysPermissionsList = userMapper.getPermissionList(username); Set permissions = new HashSet(); diff --git a/src/main/java/com/xmomen/module/account/web/controller/PermissionController.java b/src/main/java/com/xmomen/module/account/web/controller/PermissionController.java index e839a47..0563431 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/PermissionController.java +++ b/src/main/java/com/xmomen/module/account/web/controller/PermissionController.java @@ -19,95 +19,93 @@ import org.springframework.web.bind.annotation.*; import javax.validation.Valid; import java.util.*; -/** - * Created by Jeng on 2016/1/5. - */ + @RestController public class PermissionController { + // 注入UserService @Autowired UserService userService; + // 注入PermissionService @Autowired PermissionService permissionService; + // 注入RoleService @Autowired RoleService roleService; + // 注入MybatisDao @Autowired MybatisDao mybatisDao; - /** - * 权限权限 - * @return - */ + // 权限权限 @RequestMapping(value = "/user/permissions", method = RequestMethod.GET) public Map getPermission(){ + // 获取当前用户名 String username = (String) SecurityUtils.getSubject().getPrincipal(); + // 获取当前用户的角色 Set roles = userService.findRoles(username); + // 获取当前用户的权限 Set permissions = userService.findPermissions(username); + // 将角色和权限放入Map中 Map rolesMap = new HashMap(); rolesMap.put("roles", roles); rolesMap.put("permissions", permissions); return rolesMap; } - /** - * 权限列表 - * @param limit - * @param offset - * @param keyword - * @return - */ + // 权限列表 @RequestMapping(value = "/permission", method = RequestMethod.GET) @Log(actionName = "查看权限列表") public Page getPermissionList(@RequestParam(value = "limit") Integer limit, @RequestParam(value = "offset") Integer offset, @RequestParam(value = "keyword", required = false) String keyword){ + // 创建权限示例 SysPermissionsExample sysPermissionsExample = new SysPermissionsExample(); + // 添加权限名称模糊查询条件 sysPermissionsExample.createCriteria() .andPermissionLike("%" + StringUtils.trimToEmpty(keyword) + "%"); + // 添加权限描述模糊查询条件 sysPermissionsExample.or() .andDescriptionLike("%" + StringUtils.trimToEmpty(keyword) + "%"); + // 根据示例查询权限列表 return mybatisDao.selectPageByExample(sysPermissionsExample, limit, offset); } - /** - * 权限资源 - * @param id - */ + // 权限资源 @RequestMapping(value = "/permission/{id}", method = RequestMethod.GET) @Log(actionName = "查询单个权限") public SysPermissions getPermission(@PathVariable(value = "id") Integer id){ + // 根据id查询权限 return mybatisDao.selectByPrimaryKey(SysPermissions.class, id); } - /** - * 新增权限 - * @param createPermissionVo - * @param bindingResult - * @return - */ + // 新增权限 @RequestMapping(value = "/permission", method = RequestMethod.POST) @Log(actionName = "新增权限资源") public SysPermissions createPermission(@RequestBody @Valid CreatePermissionVo createPermissionVo, BindingResult bindingResult) throws ArgumentValidException { + // 验证参数 if(bindingResult != null && bindingResult.hasErrors()){ throw new ArgumentValidException(bindingResult); } + // 创建权限对象 SysPermissions sysPermissions = new SysPermissions(); + // 设置权限描述 sysPermissions.setDescription(createPermissionVo.getDescription()); + // 设置权限代码 sysPermissions.setPermission(createPermissionVo.getPermissionCode().toUpperCase()); + // 设置权限是否可用 sysPermissions.setAvailable(createPermissionVo.getAvailable() != null && createPermissionVo.getAvailable() ? 1 : 0); + // 调用权限服务创建权限 return permissionService.createPermission(sysPermissions); } - /** - * 删除权限 - * @param id - */ + // 删除权限 @RequestMapping(value = "/permission/{id}", method = RequestMethod.DELETE) @Log(actionName = "删除权限资源") public void deletePermission(@PathVariable(value = "id") Long id){ + // 根据id删除权限 mybatisDao.deleteByPrimaryKey(SysPermissions.class, id); } diff --git a/src/main/java/com/xmomen/module/account/web/controller/UserController.java b/src/main/java/com/xmomen/module/account/web/controller/UserController.java index d34cb4b..19fdf49 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/UserController.java +++ b/src/main/java/com/xmomen/module/account/web/controller/UserController.java @@ -22,25 +22,23 @@ import com.xmomen.framework.mybatis.dao.MybatisDao; import java.util.HashMap; import java.util.Map; -/** - * Created by Jeng on 2016/1/5. - */ + @RestController public class UserController { + // 注入UserService @Autowired UserService userService; + // 注入UserMapper @Autowired UserMapper userMapper; + // 注入MybatisDao @Autowired MybatisDao mybatisDao; - /** - * 用户列表 - * @param id - */ + // 用户列表 @RequestMapping(value = "/user", method = RequestMethod.GET) @Log(actionName = "查询用户列表") public Page getUserList(@RequestParam(value = "limit") Integer limit, @@ -48,35 +46,32 @@ public class UserController { @RequestParam(value = "id", required = false) Integer id, @RequestParam(value = "keyword", required = false) String keyword, @RequestParam(value = "organizationId",required = false) Integer organizationId){ + // 创建一个Map,用于存储查询条件 Map map = new HashMap(); map.put("id", id); map.put("keyword", keyword); map.put("organizationId", organizationId); + // 调用MybatisDao的selectPage方法,查询用户列表 return (Page) mybatisDao.selectPage(UserMapper.UserMapperNameSpace + "getUsers", map, limit, offset); } - /** - * 用户列表 - * @param id - */ + // 用户列表 @RequestMapping(value = "/user/{id}", method = RequestMethod.GET) @Log(actionName = "查询用户") public SysUsers getUserList(@PathVariable(value = "id") Integer id){ + // 调用MybatisDao的selectByPrimaryKey方法,查询用户 return mybatisDao.selectByPrimaryKey(SysUsers.class, id); } - /** - * 新增用户 - * @param createUser - * @param bindingResult - * @return - */ + // 新增用户 @RequestMapping(value = "/user", method = RequestMethod.POST) @Log(actionName = "新增用户") public SysUsers createUser(@RequestBody @Valid CreateUserVo createUser, BindingResult bindingResult) throws ArgumentValidException { + // 验证参数是否合法 if(bindingResult != null && bindingResult.hasErrors()){ throw new ArgumentValidException(bindingResult); } + // 创建一个CreateUser对象,用于存储用户信息 CreateUser user = new CreateUser(); user.setAge(createUser.getAge()); user.setOfficeTel(createUser.getOfficeTel()); @@ -90,57 +85,49 @@ public class UserController { user.setLocked(createUser.getLocked() != null && createUser.getLocked() == true ? true : false); user.setOrganizationId(createUser.getOrganizationId()); user.setUserGroupIds(createUser.getUserGroupIds()); + // 调用UserService的createUser方法,新增用户 return userService.createUser(user); } - /** - * 更新用户 - * @param id - * @param updateUserVo - * @param bindingResult - * @throws ArgumentValidException - */ + // 更新用户 @RequestMapping(value = "/user/{id}", method = RequestMethod.PUT) @Log(actionName = "更新用户") public void updateUser(@PathVariable(value = "id") Integer id, @RequestBody @Valid UpdateUserVo updateUserVo, BindingResult bindingResult) throws ArgumentValidException { + // 验证参数是否合法 if(bindingResult != null && bindingResult.hasErrors()){ throw new ArgumentValidException(bindingResult); } + // 调用UserService的updateUser方法,更新用户 userService.updateUser(updateUserVo); } - /** - * 删除用户 - * @param id - */ + // 删除用户 @RequestMapping(value = "/user/{id}", method = RequestMethod.DELETE) @Log(actionName = "删除用户") public void deleteUser(@PathVariable(value = "id") Long id){ + // 调用MybatisDao的deleteByPrimaryKey方法,删除用户 mybatisDao.deleteByPrimaryKey(SysUsers.class, id); } - /** - * 锁定用户 - * @param id - */ + // 锁定用户 @RequestMapping(value = "/user/{id}/locked", method = RequestMethod.PUT) @Log(actionName = "修改用户信息") public void lockedUser(@PathVariable(value = "id") Integer id, @RequestParam(value = "locked") Boolean locked){ + // 创建一个SysUsers对象,用于存储用户信息 SysUsers sysUsers = new SysUsers(); sysUsers.setLocked(locked ? 1 : 0); sysUsers.setId(id); + // 调用MybatisDao的update方法,更新用户信息 mybatisDao.update(sysUsers); } - /** - * 重置密码 - * @param id - */ + // 重置密码 @RequestMapping(value = "/user/{id}/resetPassword", method = RequestMethod.PUT) @Log(actionName = "重置密码") public void resetPassword(@PathVariable(value = "id") Integer id){ + // 调用UserService的changePassword方法,重置密码 userService.changePassword(id, "123456"); } diff --git a/src/main/java/com/xmomen/module/account/web/controller/UserGroupController.java b/src/main/java/com/xmomen/module/account/web/controller/UserGroupController.java index ed99c14..579ccff 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/UserGroupController.java +++ b/src/main/java/com/xmomen/module/account/web/controller/UserGroupController.java @@ -17,9 +17,6 @@ import org.springframework.web.bind.annotation.*; import javax.validation.Valid; -/** - * Created by Jeng on 2016/1/5. - */ @RestController public class UserGroupController { @@ -28,44 +25,35 @@ public class UserGroupController { @Autowired UserService userService; - /** - * 查询用户组列表 - * @param limit - * @param offset - * @param keyword - * @return - */ + // 查询用户组列表 @RequestMapping(value = "/group", method = RequestMethod.GET) @Log(actionName = "查询用户组列表") public Page getUserList(@RequestParam(value = "limit") Integer limit, @RequestParam(value = "offset") Integer offset, @RequestParam(value = "keyword", required = false) String keyword){ + // 去除关键字两端的空格 keyword = StringUtils.trimToEmpty(keyword); + // 根据关键字查询用户组列表 return roleService.findRoles("%" + keyword + "%", limit, offset); } - /** - * 查询用户组 - * @param id - */ + // 查询用户组 @RequestMapping(value = "/group/{id}", method = RequestMethod.GET) @Log(actionName = "查询用户组") public SysRoles getUserList(@PathVariable(value = "id") Integer id){ + // 根据id查询用户组 return roleService.getRole(id); } - /** - * 新增用户组 - * @param createUserGroup - * @param bindingResult - * @throws ArgumentValidException - */ + // 新增用户组 @RequestMapping(value = "/group", method = RequestMethod.POST) @Log(actionName = "新增用户组") public void createUser(@RequestBody @Valid CreateUserGroup createUserGroup, BindingResult bindingResult) throws ArgumentValidException { + // 验证参数是否合法 if(bindingResult != null && bindingResult.hasErrors()){ throw new ArgumentValidException(bindingResult); } + // 创建用户组 SysRoles sysRoles = new SysRoles(); sysRoles.setRole(createUserGroup.getUserGroup()); sysRoles.setDescription(createUserGroup.getDescription()); @@ -73,27 +61,24 @@ public class UserGroupController { roleService.createRole(sysRoles); } - /** - * 删除用户组 - * @param id - */ + // 删除用户组 @RequestMapping(value = "/group/{id}", method = RequestMethod.DELETE) @Log(actionName = "删除用户组") public void deleteUser(@PathVariable(value = "id") Integer id){ + // 根据id删除用户组 roleService.deleteRole(id); } - /** - * 修改用户组 - * @param id - */ + // 修改用户组 @RequestMapping(value = "/group/{id}", method = RequestMethod.PUT) @Log(actionName = "修改用户组") public void updateUserGroup(@PathVariable(value = "id") Integer id, @RequestBody @Valid UpdateUserGroup updateUserGroup, BindingResult bindingResult) throws ArgumentValidException { + // 验证参数是否合法 if(bindingResult != null && bindingResult.hasErrors()){ throw new ArgumentValidException(bindingResult); } + // 修改用户组 SysRoles sysRoles = new SysRoles(); sysRoles.setId(id); sysRoles.setDescription(updateUserGroup.getDescription()); @@ -107,13 +92,7 @@ public class UserGroupController { } } - /** - * 查询用户组用户 - * @param groupId - * @param limit - * @param offset - * @return - */ + // 查询用户组用户 @RequestMapping(value = "/group/{groupId}/user") @Log(actionName = "查询用户组下属用户") public Page findUsersByGroup(@PathVariable(value = "groupId") String groupId, @@ -123,15 +102,12 @@ public class UserGroupController { if(unChose == null){ unChose = false; } + // 如果未选择,则默认为false return roleService.findUsersByRoles(groupId, unChose, limit, offset); } - /** - * 绑定用户 - * @param groupId - * @param chose - * @param userId - */ + // 根据用户组id查询用户列表 + // 绑定用户 @Log(actionName = "修改用户组下属用户关系") @RequestMapping(value = "/group/{groupId}/user", method = RequestMethod.PUT) public void findUsersByGroup(@PathVariable(value = "groupId") Integer groupId, @@ -144,13 +120,8 @@ public class UserGroupController { } } - /** - * 查询用户组权限 - * @param groupId - * @param limit - * @param offset - * @return - */ + // 如果选择,则绑定用户 + // 查询用户组权限 @Log(actionName = "查询用户组所属权限") @RequestMapping(value = "/group/{groupId}/permissions") public Page findPermissionByGroup(@PathVariable(value = "groupId") String groupId, @@ -163,12 +134,7 @@ public class UserGroupController { return roleService.findPermissionByRoles(groupId, unChose, limit, offset); } - /** - * 绑定权限 - * @param groupId - * @param chose - * @param permissionId - */ + // 绑定权限 @Log(actionName = "修改用户组所属权限") @RequestMapping(value = "/group/{groupId}/permissions", method = RequestMethod.PUT) public void correlationPermission(@PathVariable(value = "groupId") Integer groupId, diff --git a/src/main/java/com/xmomen/module/account/web/controller/vo/CreatePermissionVo.java b/src/main/java/com/xmomen/module/account/web/controller/vo/CreatePermissionVo.java index da48c31..1418404 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/vo/CreatePermissionVo.java +++ b/src/main/java/com/xmomen/module/account/web/controller/vo/CreatePermissionVo.java @@ -5,17 +5,18 @@ import org.hibernate.validator.constraints.NotBlank; import javax.validation.constraints.NotNull; import java.io.Serializable; -/** - * Created by Jeng on 2016/3/18. - */ + public class CreatePermissionVo implements Serializable { + // 权限编码 @NotBlank @NotNull private String permissionCode; + // 描述 @NotBlank @NotNull private String description; + // 是否可用 private Boolean available; public String getPermissionCode() { diff --git a/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserGroup.java b/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserGroup.java index a0505d9..b546d01 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserGroup.java +++ b/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserGroup.java @@ -5,15 +5,15 @@ import org.hibernate.validator.constraints.NotEmpty; import java.io.Serializable; -/** - * Created by Jeng on 2016/2/1. - */ public class CreateUserGroup implements Serializable { + // 用户组名称,不能为空 @NotBlank private String userGroup; + // 描述,不能为空 @NotEmpty private String description; + // 是否可用 private Boolean available; public String getUserGroup() { diff --git a/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserVo.java b/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserVo.java index 86a6933..5cca110 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserVo.java +++ b/src/main/java/com/xmomen/module/account/web/controller/vo/CreateUserVo.java @@ -7,31 +7,38 @@ import lombok.Data; import org.hibernate.validator.constraints.NotBlank; -/** - * Created by Jeng on 2016/1/7. - */ + public @Data class CreateUserVo implements Serializable { + // 用户名 @NotBlank private String username; + // 密码 @NotBlank private String password; + // 邮箱 private String email; + // 真实姓名 @NotBlank private String realName; + // 手机号码 @NotBlank private String phoneNumber; + // 年龄 private Integer age; + // QQ号码 private String qq; + // 办公电话 private String officeTel; + // 是否锁定 private Boolean locked; - /** - * 1-男,2女 - */ + // 性别 private Integer sex; + // 组织ID private Integer organizationId; + // 用户组ID列表 private List userGroupIds; } diff --git a/src/main/java/com/xmomen/module/account/web/controller/vo/GroupPermissionRelation.java b/src/main/java/com/xmomen/module/account/web/controller/vo/GroupPermissionRelation.java index 5950f8f..1b51303 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/vo/GroupPermissionRelation.java +++ b/src/main/java/com/xmomen/module/account/web/controller/vo/GroupPermissionRelation.java @@ -2,44 +2,54 @@ package com.xmomen.module.account.web.controller.vo; import java.io.Serializable; -/** - * Created by Jeng on 2016/2/1. - */ + public class GroupPermissionRelation implements Serializable { + // 组ID private String groupId; + // 权限编码 private String permissionCode; + // 权限描述 private String permissionDescription; + // 权限ID private String permissionId; + // 获取组ID public String getGroupId() { return groupId; } + // 设置组ID public void setGroupId(String groupId) { this.groupId = groupId; } + // 获取权限编码 public String getPermissionCode() { return permissionCode; } + // 设置权限编码 public void setPermissionCode(String permissionCode) { this.permissionCode = permissionCode; } + // 获取权限描述 public String getPermissionDescription() { return permissionDescription; } + // 设置权限描述 public void setPermissionDescription(String permissionDescription) { this.permissionDescription = permissionDescription; } + // 获取权限ID public String getPermissionId() { return permissionId; } + // 设置权限ID public void setPermissionId(String permissionId) { this.permissionId = permissionId; } diff --git a/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserGroup.java b/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserGroup.java index bc6531c..7f05774 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserGroup.java +++ b/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserGroup.java @@ -5,36 +5,43 @@ import org.hibernate.validator.constraints.Length; import java.io.Serializable; import java.util.List; -/** - * Created by Jeng on 2016/2/1. - */ + public class UpdateUserGroup implements Serializable { + // 用户组描述 @Length(min = 0, max = 100) private String description; + // 用户ID列表 private List userIdList; + // 是否可用 private Boolean available; + // 获取用户ID列表 public List getUserIdList() { return userIdList; } + // 设置用户ID列表 public void setUserIdList(List userIdList) { this.userIdList = userIdList; } + // 获取用户组描述 public String getDescription() { return description; } + // 设置用户组描述 public void setDescription(String description) { this.description = description; } + // 获取是否可用 public Boolean getAvailable() { return available; } + // 设置是否可用 public void setAvailable(Boolean available) { this.available = available; } diff --git a/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserVo.java b/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserVo.java index 5ab62d9..34ab267 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserVo.java +++ b/src/main/java/com/xmomen/module/account/web/controller/vo/UpdateUserVo.java @@ -9,31 +9,35 @@ import lombok.Data; import org.hibernate.validator.constraints.NotBlank; -/** - * Created by Jeng on 2016/1/7. - */ + public @Data class UpdateUserVo implements Serializable { + // 用户ID @NotNull private Integer id; + // 用户名 @NotBlank private String username; + // 邮箱 private String email; + // 真实姓名 @NotBlank private String realName; + // 电话号码 @NotNull private String phoneNumber; + // 年龄 private Integer age; + // QQ号 private String qq; + // 办公电话 private String officeTel; + private Boolean locked; - /** - * 1-男,2女 - */ + // 是否锁定 1-男,2女 private Integer sex; - + // 组织ID private Integer organizationId; - + // 用户组ID列表 private List userGroupIds; - } diff --git a/src/main/java/com/xmomen/module/account/web/controller/vo/UserGroupRelation.java b/src/main/java/com/xmomen/module/account/web/controller/vo/UserGroupRelation.java index b463213..6f7df36 100644 --- a/src/main/java/com/xmomen/module/account/web/controller/vo/UserGroupRelation.java +++ b/src/main/java/com/xmomen/module/account/web/controller/vo/UserGroupRelation.java @@ -2,35 +2,42 @@ package com.xmomen.module.account.web.controller.vo; import java.io.Serializable; -/** - * Created by Jeng on 2016/2/1. - */ + public class UserGroupRelation implements Serializable { + // 用户名 private String username; + // 邮箱 private String email; + // 用户ID private String userId; + // 获取用户名 public String getUsername() { return username; } + // 设置用户名 public void setUsername(String username) { this.username = username; } + // 获取邮箱 public String getEmail() { return email; } + // 设置邮箱 public void setEmail(String email) { this.email = email; } + // 获取用户ID public String getUserId() { return userId; } + // 设置用户ID public void setUserId(String userId) { this.userId = userId; }