From 439da500957f132af37e678e1cef878005d59c73 Mon Sep 17 00:00:00 2001 From: chen-xin-zhi <3588068430@qq.com> Date: Mon, 28 Oct 2024 17:57:31 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E6=88=90=E4=BA=86=E5=90=8E=E5=8F=B0?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E7=AE=A1=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../heritage/aop/AuthInterceptor.java | 13 +++- .../cultural/heritage/common/PageRequest.java | 3 + .../cultural/heritage/config/CorsConfig.java | 3 + .../operategood/GoodController.java | 63 +++++++++++++++++++ .../controller/userinfo/UserController.java | 50 +++++++++++++-- .../cultural/heritage/mapper/GoodMapper.java | 7 +++ .../heritage/model/dto/CommonRequest.java | 2 +- .../model/dto/good/GoodAddRequest.java | 61 ++++++++++++++++++ .../model/dto/user/UserQueryRequest.java | 40 ++++++++++++ .../service/operategood/GoodService.java | 7 +++ .../operategood/impl/GoodServiceImpl.java | 11 ++++ .../service/userinfo/UserService.java | 7 +++ .../userinfo/impl/UserServiceImpl.java | 31 ++++++++- .../com/cultural/heritage/utils/SqlUtils.java | 22 +++++++ src/main/resources/mapper/GoodMapper.xml | 7 +++ 15 files changed, 315 insertions(+), 12 deletions(-) create mode 100644 src/main/java/com/cultural/heritage/controller/operategood/GoodController.java create mode 100644 src/main/java/com/cultural/heritage/mapper/GoodMapper.java create mode 100644 src/main/java/com/cultural/heritage/model/dto/good/GoodAddRequest.java create mode 100644 src/main/java/com/cultural/heritage/model/dto/user/UserQueryRequest.java create mode 100644 src/main/java/com/cultural/heritage/service/operategood/GoodService.java create mode 100644 src/main/java/com/cultural/heritage/service/operategood/impl/GoodServiceImpl.java create mode 100644 src/main/java/com/cultural/heritage/utils/SqlUtils.java create mode 100644 src/main/resources/mapper/GoodMapper.xml diff --git a/src/main/java/com/cultural/heritage/aop/AuthInterceptor.java b/src/main/java/com/cultural/heritage/aop/AuthInterceptor.java index a4cf04f..1dc384e 100644 --- a/src/main/java/com/cultural/heritage/aop/AuthInterceptor.java +++ b/src/main/java/com/cultural/heritage/aop/AuthInterceptor.java @@ -33,6 +33,7 @@ public class AuthInterceptor { */ @Around("@annotation(authCheck)") public Object doInterceptor(ProceedingJoinPoint joinPoint, AuthCheck authCheck) throws Throwable { + //接口的权限 String mustRole = authCheck.mustRole(); RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes(); HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest(); @@ -41,22 +42,28 @@ public class AuthInterceptor { User loginUser = userService.getLoginUser(request); //必须有该权限才通过 if (StringUtils.isNotBlank(mustRole)) { + //mustUserRoleEnum是接口权限 UserRoleEnum mustUserRoleEnum = UserRoleEnum.getEnumByValues(mustRole); if(mustUserRoleEnum == null) { throw new BusinessException(ErrorCode.NO_AUTH_ERROR); } + //用户权限 String userRole = loginUser.getUserRole(); + //根据用户角色获取封装后的枚举类对象 + UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValues(userRole); + //如果被封号,直接拒绝 - if (UserRoleEnum.BAN.equals(mustUserRoleEnum)) { + if (UserRoleEnum.BAN.equals(userRoleEnum)) { throw new BusinessException(ErrorCode.NO_AUTH_ERROR); } - //必须有BOSS权限 + + //如果接口需要Boss权限,则需要判断用户是否是boss管理员 if (UserRoleEnum.BOSS.equals(mustUserRoleEnum)) { if (!mustRole.equals(userRole)) { throw new BusinessException(ErrorCode.NO_AUTH_ERROR); } } - //必须有管理员权限 + //如果接口需要管理员权限,则需要判断用户是否是boss或者admin管理员 if (UserRoleEnum.ADMIN.equals(mustUserRoleEnum)) { if (!mustRole.equals(userRole) && !userRole.equals(UserConstant.BOSS_ROLE)) { throw new BusinessException(ErrorCode.NO_AUTH_ERROR); diff --git a/src/main/java/com/cultural/heritage/common/PageRequest.java b/src/main/java/com/cultural/heritage/common/PageRequest.java index 8c52f34..c94cc0f 100644 --- a/src/main/java/com/cultural/heritage/common/PageRequest.java +++ b/src/main/java/com/cultural/heritage/common/PageRequest.java @@ -3,6 +3,9 @@ package com.cultural.heritage.common; import com.cultural.heritage.constant.CommonConstant; import lombok.Data; +/** + * 分页请求 + */ @Data public class PageRequest { diff --git a/src/main/java/com/cultural/heritage/config/CorsConfig.java b/src/main/java/com/cultural/heritage/config/CorsConfig.java index 354441a..1722a06 100644 --- a/src/main/java/com/cultural/heritage/config/CorsConfig.java +++ b/src/main/java/com/cultural/heritage/config/CorsConfig.java @@ -7,6 +7,8 @@ import org.springframework.core.Ordered; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.filter.CorsFilter; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; /** * 跨域配置 @@ -30,3 +32,4 @@ public class CorsConfig { return bean; } } + diff --git a/src/main/java/com/cultural/heritage/controller/operategood/GoodController.java b/src/main/java/com/cultural/heritage/controller/operategood/GoodController.java new file mode 100644 index 0000000..2d4acb5 --- /dev/null +++ b/src/main/java/com/cultural/heritage/controller/operategood/GoodController.java @@ -0,0 +1,63 @@ +package com.cultural.heritage.controller.operategood; + + +import com.cultural.heritage.annotation.AuthCheck; +import com.cultural.heritage.common.BaseResponse; +import com.cultural.heritage.common.ErrorCode; +import com.cultural.heritage.common.ResultUtils; +import com.cultural.heritage.constant.UserConstant; +import com.cultural.heritage.controller.userinfo.UserController; +import com.cultural.heritage.exception.BusinessException; +import com.cultural.heritage.model.dto.good.GoodAddRequest; +import com.cultural.heritage.model.entity.Good; +import com.cultural.heritage.service.operategood.GoodService; +import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.annotation.Resource; +import jakarta.servlet.http.HttpServletRequest; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.BeanUtils; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import javax.xml.transform.Result; + + +/** + * 商品接口 + */ +@RestController +@RequestMapping("/goods") +@Slf4j +@Tag(name = "商品接口") +public class GoodController { + + @Resource + private GoodService goodService; + + + /** + * 添加商品 + * @param goodAddRequest 商品添加请求体 + * @return + */ + @PostMapping("/add") +// @AuthCheck(mustRole = UserConstant.ADMIN_ROLE) + public BaseResponse addGood(@RequestBody GoodAddRequest goodAddRequest) { + if (goodAddRequest == null) { + throw new BusinessException(ErrorCode.PARAMS_ERROR); + } + Good good = new Good(); + BeanUtils.copyProperties(goodAddRequest, good); + good.setIsGoodType(1); + boolean save = goodService.save(good); + if (!save) { + throw new BusinessException(ErrorCode.SYSTEM_ERROR); + } + return ResultUtils.success(good, "商品插入成功"); + } + + + +} diff --git a/src/main/java/com/cultural/heritage/controller/userinfo/UserController.java b/src/main/java/com/cultural/heritage/controller/userinfo/UserController.java index 3345dc1..cd4d118 100644 --- a/src/main/java/com/cultural/heritage/controller/userinfo/UserController.java +++ b/src/main/java/com/cultural/heritage/controller/userinfo/UserController.java @@ -2,6 +2,9 @@ package com.cultural.heritage.controller.userinfo; import cn.hutool.core.util.IdUtil; +import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; +import com.baomidou.mybatisplus.extension.plugins.pagination.Page; +import com.cultural.heritage.annotation.AuthCheck; import com.cultural.heritage.common.BaseResponse; import com.cultural.heritage.common.ErrorCode; import com.cultural.heritage.common.ResultUtils; @@ -10,10 +13,7 @@ import com.cultural.heritage.constant.UserConstant; import com.cultural.heritage.exception.BusinessException; import com.cultural.heritage.exception.ThrowUtils; import com.cultural.heritage.model.dto.CommonRequest; -import com.cultural.heritage.model.dto.user.UserAddRequest; -import com.cultural.heritage.model.dto.user.UserLoginRequest; -import com.cultural.heritage.model.dto.user.UserUpdateMyRequest; -import com.cultural.heritage.model.dto.user.UserUpdateRequest; +import com.cultural.heritage.model.dto.user.*; import com.cultural.heritage.model.entity.User; import com.cultural.heritage.model.vo.UserVO; import com.cultural.heritage.service.userinfo.UserService; @@ -37,6 +37,7 @@ import java.util.Map; import java.util.concurrent.TimeUnit; import static com.cultural.heritage.constant.UserConstant.SALT; +import static com.cultural.heritage.constant.UserConstant.USER_LOGIN_STATE; /** * 用户接口 @@ -70,7 +71,10 @@ public class UserController { /** - * 登录 + * 用户登录 + * @param userLoginRequest 用户登录请求体 + * @param request http + * @return 登录用户信息 */ @PostMapping("/login") public BaseResponse userLogin(@RequestBody UserLoginRequest userLoginRequest, HttpServletRequest request){ @@ -93,6 +97,7 @@ public class UserController { */ @PostMapping("/logout") public BaseResponse userLogout(HttpServletRequest request) { + System.out.println(request.getSession()); if(request == null) { throw new BusinessException(ErrorCode.PARAMS_ERROR); } @@ -126,9 +131,10 @@ public class UserController { /** * 创建用户 * @param userAddRequest 用户添加请求体 - * @return 添加用户的id + * @return 添加用户的信息 */ @PostMapping("/add") +// @AuthCheck(mustRole = UserConstant.ADMIN_ROLE) public BaseResponse addUser(@RequestBody UserAddRequest userAddRequest) { if (userAddRequest == null) { throw new BusinessException(ErrorCode.PARAMS_ERROR); @@ -151,6 +157,7 @@ public class UserController { * @return 是否删除 */ @PostMapping("/delete") +// @AuthCheck(mustRole = UserConstant.ADMIN_ROLE) public BaseResponse deleteUser(@RequestBody CommonRequest deleteRequest) { if (deleteRequest == null || deleteRequest.getId() <= 0) { throw new BusinessException(ErrorCode.PARAMS_ERROR); @@ -167,6 +174,7 @@ public class UserController { * @return 是否更新成功 */ @PostMapping("/update") +// @AuthCheck(mustRole = UserConstant.ADMIN_ROLE) public BaseResponse updateUser(@RequestBody UserUpdateRequest userUpdateRequest) { if (userUpdateRequest == null || userUpdateRequest.getId() == null) { throw new BusinessException(ErrorCode.PARAMS_ERROR); @@ -185,6 +193,7 @@ public class UserController { * @return 用户信息 */ @GetMapping("/get") +// @AuthCheck(mustRole = UserConstant.ADMIN_ROLE) public BaseResponse getUserById(long id) { if (id <= 0) { throw new BusinessException(ErrorCode.PARAMS_ERROR); @@ -195,6 +204,33 @@ public class UserController { } + /** + * 获取用户数量 + */ + @GetMapping("/count") +// @AuthCheck(mustRole = UserConstant.ADMIN_ROLE) + public BaseResponse getUserCount() { + QueryWrapper queryWrapper = new QueryWrapper<>(); + queryWrapper.eq("userRole", "user"); + long count = userService.count(queryWrapper); + return ResultUtils.success(count); + } + + /** + * 分页获取用户列表(仅管理员) + * @param userQueryRequest + * @return + */ + @PostMapping("/list/page") +// @AuthCheck(mustRole = UserConstant.ADMIN_ROLE) + public BaseResponse> listUserByPage(@RequestBody UserQueryRequest userQueryRequest) { + long current = userQueryRequest.getCurrent(); + long pageSize = userQueryRequest.getPageSize(); + QueryWrapper queryWrapper = userService.getQueryWrapper(userQueryRequest); + Page page = userService.page(new Page<>(current, pageSize), queryWrapper); + return ResultUtils.success(page); + } + /** @@ -217,4 +253,6 @@ public class UserController { + + } diff --git a/src/main/java/com/cultural/heritage/mapper/GoodMapper.java b/src/main/java/com/cultural/heritage/mapper/GoodMapper.java new file mode 100644 index 0000000..e419282 --- /dev/null +++ b/src/main/java/com/cultural/heritage/mapper/GoodMapper.java @@ -0,0 +1,7 @@ +package com.cultural.heritage.mapper; + +import com.baomidou.mybatisplus.core.mapper.BaseMapper; +import com.cultural.heritage.model.entity.Good; + +public interface GoodMapper extends BaseMapper { +} diff --git a/src/main/java/com/cultural/heritage/model/dto/CommonRequest.java b/src/main/java/com/cultural/heritage/model/dto/CommonRequest.java index eaac3ec..eb7b294 100644 --- a/src/main/java/com/cultural/heritage/model/dto/CommonRequest.java +++ b/src/main/java/com/cultural/heritage/model/dto/CommonRequest.java @@ -14,5 +14,5 @@ public class CommonRequest implements Serializable { private Long id; @Serial - private static final long serialVersionUID = -719221507292362303L; + private static final long serialVersionUID = 1L; } diff --git a/src/main/java/com/cultural/heritage/model/dto/good/GoodAddRequest.java b/src/main/java/com/cultural/heritage/model/dto/good/GoodAddRequest.java new file mode 100644 index 0000000..28f49c5 --- /dev/null +++ b/src/main/java/com/cultural/heritage/model/dto/good/GoodAddRequest.java @@ -0,0 +1,61 @@ +package com.cultural.heritage.model.dto.good; + +import com.baomidou.mybatisplus.annotation.IdType; +import com.baomidou.mybatisplus.annotation.TableField; +import com.baomidou.mybatisplus.annotation.TableId; +import lombok.Data; + +import java.io.Serializable; + +@Data +public class GoodAddRequest implements Serializable { + + + /** + * 商品名 + */ + private String name; + + /** + * 商品类型 + */ + private String type; + + /** + * 商品图片 + */ + private String goodImg; + + /** + * 商品简介 + */ + private String intro; + + /** + * 商品详情简介 + */ + private String introDetail; + + /** + * 商品详情图片 + */ + private String detailImg; + + /** + * 商品标签 + */ + private String label; + + /** + * 商品库存量 + */ + private Integer inventory; + + /** + * 节日限定序号 + */ + private Integer festivalOrder; + + @TableField(exist = false) + private static final long serialVersionUID = 1L; +} diff --git a/src/main/java/com/cultural/heritage/model/dto/user/UserQueryRequest.java b/src/main/java/com/cultural/heritage/model/dto/user/UserQueryRequest.java new file mode 100644 index 0000000..419e818 --- /dev/null +++ b/src/main/java/com/cultural/heritage/model/dto/user/UserQueryRequest.java @@ -0,0 +1,40 @@ +package com.cultural.heritage.model.dto.user; + +import com.cultural.heritage.common.PageRequest; +import lombok.Data; +import lombok.EqualsAndHashCode; + +import java.io.Serial; +import java.io.Serializable; +@Data +@EqualsAndHashCode(callSuper = true) +public class UserQueryRequest extends PageRequest implements Serializable { + + /** + * id + */ + private Long id; + + /** + * 小程序openId + */ + private String miniOpenId; + + /** + * 用户昵称 + */ + private String userName; + + /** + * 手机号 + */ + private String phone; + + /** + * 用户角色:user/admin/ban + */ + private String userRole; + + @Serial + private static final long serialVersionUID = -8778649230187591764L; +} diff --git a/src/main/java/com/cultural/heritage/service/operategood/GoodService.java b/src/main/java/com/cultural/heritage/service/operategood/GoodService.java new file mode 100644 index 0000000..7b83ec9 --- /dev/null +++ b/src/main/java/com/cultural/heritage/service/operategood/GoodService.java @@ -0,0 +1,7 @@ +package com.cultural.heritage.service.operategood; + +import com.baomidou.mybatisplus.extension.service.IService; +import com.cultural.heritage.model.entity.Good; + +public interface GoodService extends IService { +} diff --git a/src/main/java/com/cultural/heritage/service/operategood/impl/GoodServiceImpl.java b/src/main/java/com/cultural/heritage/service/operategood/impl/GoodServiceImpl.java new file mode 100644 index 0000000..9bbaa88 --- /dev/null +++ b/src/main/java/com/cultural/heritage/service/operategood/impl/GoodServiceImpl.java @@ -0,0 +1,11 @@ +package com.cultural.heritage.service.operategood.impl; + +import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; +import com.cultural.heritage.mapper.GoodMapper; +import com.cultural.heritage.model.entity.Good; +import com.cultural.heritage.service.operategood.GoodService; +import org.springframework.stereotype.Service; + +@Service +public class GoodServiceImpl extends ServiceImpl implements GoodService { +} diff --git a/src/main/java/com/cultural/heritage/service/userinfo/UserService.java b/src/main/java/com/cultural/heritage/service/userinfo/UserService.java index 2d25978..aada41e 100644 --- a/src/main/java/com/cultural/heritage/service/userinfo/UserService.java +++ b/src/main/java/com/cultural/heritage/service/userinfo/UserService.java @@ -1,6 +1,8 @@ package com.cultural.heritage.service.userinfo; +import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.service.IService; +import com.cultural.heritage.model.dto.user.UserQueryRequest; import com.cultural.heritage.model.entity.User; import com.cultural.heritage.model.vo.UserVO; import jakarta.servlet.http.HttpServletRequest; @@ -30,4 +32,9 @@ public interface UserService extends IService { * 获取当前登录用户 */ User getLoginUser(HttpServletRequest request); + + /** + * 获取查询条件 + */ + QueryWrapper getQueryWrapper(UserQueryRequest userQueryRequest); } diff --git a/src/main/java/com/cultural/heritage/service/userinfo/impl/UserServiceImpl.java b/src/main/java/com/cultural/heritage/service/userinfo/impl/UserServiceImpl.java index bed1fc3..3a98064 100644 --- a/src/main/java/com/cultural/heritage/service/userinfo/impl/UserServiceImpl.java +++ b/src/main/java/com/cultural/heritage/service/userinfo/impl/UserServiceImpl.java @@ -3,17 +3,19 @@ package com.cultural.heritage.service.userinfo.impl; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.cultural.heritage.common.ErrorCode; -import com.cultural.heritage.constant.UserConstant; +import com.cultural.heritage.constant.CommonConstant; import com.cultural.heritage.exception.BusinessException; import com.cultural.heritage.mapper.UserMapper; +import com.cultural.heritage.model.dto.user.UserQueryRequest; import com.cultural.heritage.model.entity.User; import com.cultural.heritage.model.enums.UserRoleEnum; import com.cultural.heritage.model.vo.UserVO; import com.cultural.heritage.service.userinfo.UserService; -import jakarta.annotation.Resource; +import com.cultural.heritage.utils.SqlUtils; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpSession; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; import org.springframework.beans.BeanUtils; import org.springframework.stereotype.Service; import org.springframework.util.DigestUtils; @@ -52,6 +54,7 @@ public class UserServiceImpl extends ServiceImpl implements Us throw new BusinessException(ErrorCode.PARAMS_ERROR, "用户不存在或密码错误"); } HttpSession session = request.getSession(); + System.out.println(session); session.setAttribute(USER_LOGIN_STATE, user); return this.getUserVO(user); } @@ -103,4 +106,28 @@ public class UserServiceImpl extends ServiceImpl implements Us return currentUser; } + @Override + public QueryWrapper getQueryWrapper(UserQueryRequest userQueryRequest) { + if (userQueryRequest == null) { + throw new BusinessException(ErrorCode.PARAMS_ERROR, "请求参数为空"); + } + Long id = userQueryRequest.getId(); + String miniOpenId = userQueryRequest.getMiniOpenId(); + String userName = userQueryRequest.getUserName(); + String phone = userQueryRequest.getPhone(); + String userRole = userQueryRequest.getUserRole(); + String sortField = userQueryRequest.getSortField(); + String sortOrder = userQueryRequest.getSortOrder(); + + QueryWrapper queryWrapper = new QueryWrapper<>(); + queryWrapper.eq(id != null, "id", id); + queryWrapper.eq(StringUtils.isNotBlank(miniOpenId), "miniOpenId", miniOpenId); + queryWrapper.eq(StringUtils.isNotBlank(userRole), "userRole", userRole); + queryWrapper.eq(StringUtils.isNotBlank(phone), "phone", phone); + queryWrapper.like(StringUtils.isNotBlank(userName), "userName", userName); + queryWrapper.orderBy(SqlUtils.validSortField(sortField), sortOrder.equals(CommonConstant.SORT_ORDER_ASC), + sortField); + return queryWrapper; + } + } diff --git a/src/main/java/com/cultural/heritage/utils/SqlUtils.java b/src/main/java/com/cultural/heritage/utils/SqlUtils.java new file mode 100644 index 0000000..2bfb682 --- /dev/null +++ b/src/main/java/com/cultural/heritage/utils/SqlUtils.java @@ -0,0 +1,22 @@ +package com.cultural.heritage.utils; + +import org.apache.commons.lang3.StringUtils; + +/** + * SQL工具 + */ +@SuppressWarnings("all") +public class SqlUtils { + /** + * 校验排序字段是否合法(防止 SQL 注入) + * + * @param sortField + * @return + */ + public static boolean validSortField(String sortField) { + if (StringUtils.isBlank(sortField)) { + return false; + } + return !StringUtils.containsAny(sortField, "=", "(", ")", " "); + } +} diff --git a/src/main/resources/mapper/GoodMapper.xml b/src/main/resources/mapper/GoodMapper.xml new file mode 100644 index 0000000..45d9456 --- /dev/null +++ b/src/main/resources/mapper/GoodMapper.xml @@ -0,0 +1,7 @@ + + + + + \ No newline at end of file