package com.iailab.module.system.service.user;
|
|
import cn.hutool.core.collection.CollUtil;
|
import cn.hutool.core.collection.CollectionUtil;
|
import cn.hutool.core.io.IoUtil;
|
import cn.hutool.core.util.StrUtil;
|
import com.baomidou.dynamic.datasource.annotation.DSTransactional;
|
import com.iailab.framework.common.enums.CommonStatusEnum;
|
import com.iailab.framework.common.exception.ServiceException;
|
import com.iailab.framework.common.pojo.PageResult;
|
import com.iailab.framework.common.util.collection.CollectionUtils;
|
import com.iailab.framework.common.util.object.BeanUtils;
|
import com.iailab.framework.datapermission.core.util.DataPermissionUtils;
|
import com.iailab.module.infra.api.config.ConfigApi;
|
import com.iailab.module.infra.api.file.FileApi;
|
import com.iailab.module.system.controller.admin.user.vo.profile.UserProfileUpdatePasswordReqVO;
|
import com.iailab.module.system.controller.admin.user.vo.profile.UserProfileUpdateReqVO;
|
import com.iailab.module.system.controller.admin.user.vo.user.UserImportExcelVO;
|
import com.iailab.module.system.controller.admin.user.vo.user.UserImportRespVO;
|
import com.iailab.module.system.controller.admin.user.vo.user.UserPageReqVO;
|
import com.iailab.module.system.controller.admin.user.vo.user.UserSaveReqVO;
|
import com.iailab.module.system.dal.dataobject.dept.DeptDO;
|
import com.iailab.module.system.dal.dataobject.dept.UserPostDO;
|
import com.iailab.module.system.dal.dataobject.user.AdminUserDO;
|
import com.iailab.module.system.dal.mysql.dept.UserPostMapper;
|
import com.iailab.module.system.dal.mysql.user.AdminUserMapper;
|
import com.iailab.module.system.service.dept.DeptService;
|
import com.iailab.module.system.service.dept.PostService;
|
import com.iailab.module.system.service.permission.PermissionService;
|
import com.iailab.module.system.service.tenant.TenantService;
|
import com.google.common.annotations.VisibleForTesting;
|
import com.mzt.logapi.context.LogRecordContext;
|
import com.mzt.logapi.service.impl.DiffParseFunction;
|
import com.mzt.logapi.starter.annotation.LogRecord;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.stereotype.Service;
|
import org.springframework.transaction.annotation.Transactional;
|
|
import javax.annotation.Resource;
|
import java.io.InputStream;
|
import java.time.LocalDateTime;
|
import java.util.*;
|
|
import static com.iailab.framework.common.exception.util.ServiceExceptionUtil.exception;
|
import static com.iailab.framework.common.util.collection.CollectionUtils.convertList;
|
import static com.iailab.framework.common.util.collection.CollectionUtils.convertSet;
|
import static com.iailab.module.system.enums.ErrorCodeConstants.*;
|
import static com.iailab.module.system.enums.LogRecordConstants.*;
|
|
/**
|
* 后台用户 Service 实现类
|
*
|
* @author iailab
|
*/
|
@Service("adminUserService")
|
@Slf4j
|
public class AdminUserServiceImpl implements AdminUserService {
|
|
static final String USER_INIT_PASSWORD_KEY = "system.user.init-password";
|
|
@Resource
|
private AdminUserMapper userMapper;
|
|
@Resource
|
private DeptService deptService;
|
@Resource
|
private PostService postService;
|
@Resource
|
private PermissionService permissionService;
|
@Resource
|
private PasswordEncoder passwordEncoder;
|
@Resource
|
@Lazy // 延迟,避免循环依赖报错
|
private TenantService tenantService;
|
|
@Resource
|
private UserPostMapper userPostMapper;
|
|
@Resource
|
private FileApi fileApi;
|
|
@Resource
|
private ConfigApi configApi;
|
|
@Override
|
@DSTransactional
|
@LogRecord(type = SYSTEM_USER_TYPE, subType = SYSTEM_USER_CREATE_SUB_TYPE, bizNo = "{{#user.id}}",
|
success = SYSTEM_USER_CREATE_SUCCESS)
|
public Long createUser(UserSaveReqVO createReqVO) {
|
// 1.1 校验账户配合
|
tenantService.handleTenantInfo(tenant -> {
|
long count = userMapper.selectCount();
|
if (count >= tenant.getAccountCount()) {
|
throw exception(USER_COUNT_MAX, tenant.getAccountCount());
|
}
|
});
|
// 1.2 校验正确性
|
validateUserForCreateOrUpdate(null, createReqVO.getUsername(),
|
createReqVO.getMobile(), createReqVO.getEmail(), createReqVO.getDeptId(), createReqVO.getPostIds());
|
// 2.1 插入用户
|
AdminUserDO user = BeanUtils.toBean(createReqVO, AdminUserDO.class);
|
user.setStatus(CommonStatusEnum.ENABLE.getStatus()); // 默认开启
|
user.setPassword(encodePassword(createReqVO.getPassword())); // 加密密码
|
userMapper.insert(user);
|
// 2.2 插入关联岗位
|
if (CollectionUtil.isNotEmpty(user.getPostIds())) {
|
userPostMapper.insertBatch(convertList(user.getPostIds(),
|
postId -> new UserPostDO().setUserId(user.getId()).setPostId(postId)));
|
}
|
|
// 3. 记录操作日志上下文
|
LogRecordContext.putVariable("user", user);
|
return user.getId();
|
}
|
|
@Override
|
@DSTransactional
|
@LogRecord(type = SYSTEM_USER_TYPE, subType = SYSTEM_USER_UPDATE_SUB_TYPE, bizNo = "{{#updateReqVO.id}}",
|
success = SYSTEM_USER_UPDATE_SUCCESS)
|
public void updateUser(UserSaveReqVO updateReqVO) {
|
updateReqVO.setPassword(null); // 特殊:此处不更新密码
|
// 1. 校验正确性
|
AdminUserDO oldUser = validateUserForCreateOrUpdate(updateReqVO.getId(), updateReqVO.getUsername(),
|
updateReqVO.getMobile(), updateReqVO.getEmail(), updateReqVO.getDeptId(), updateReqVO.getPostIds());
|
|
// 2.1 更新用户
|
AdminUserDO updateObj = BeanUtils.toBean(updateReqVO, AdminUserDO.class);
|
userMapper.updateById(updateObj);
|
// 2.2 更新岗位
|
updateUserPost(updateReqVO, updateObj);
|
|
// 3. 记录操作日志上下文
|
LogRecordContext.putVariable(DiffParseFunction.OLD_OBJECT, BeanUtils.toBean(oldUser, UserSaveReqVO.class));
|
LogRecordContext.putVariable("user", oldUser);
|
}
|
|
private void updateUserPost(UserSaveReqVO reqVO, AdminUserDO updateObj) {
|
Long userId = reqVO.getId();
|
Set<Long> dbPostIds = convertSet(userPostMapper.selectListByUserId(userId), UserPostDO::getPostId);
|
// 计算新增和删除的岗位编号
|
Set<Long> postIds = CollUtil.emptyIfNull(updateObj.getPostIds());
|
Collection<Long> createPostIds = CollUtil.subtract(postIds, dbPostIds);
|
Collection<Long> deletePostIds = CollUtil.subtract(dbPostIds, postIds);
|
// 执行新增和删除。对于已经授权的岗位,不用做任何处理
|
if (!CollectionUtil.isEmpty(createPostIds)) {
|
userPostMapper.insertBatch(convertList(createPostIds,
|
postId -> new UserPostDO().setUserId(userId).setPostId(postId)));
|
}
|
if (!CollectionUtil.isEmpty(deletePostIds)) {
|
userPostMapper.deleteByUserIdAndPostId(userId, deletePostIds);
|
}
|
}
|
|
@Override
|
public void updateUserLogin(Long id, String loginIp) {
|
userMapper.updateById(new AdminUserDO().setId(id).setLoginIp(loginIp).setLoginDate(LocalDateTime.now()));
|
}
|
|
@Override
|
public void updateUserProfile(Long id, UserProfileUpdateReqVO reqVO) {
|
// 校验正确性
|
validateUserExists(id);
|
validateEmailUnique(id, reqVO.getEmail());
|
validateMobileUnique(id, reqVO.getMobile());
|
// 执行更新
|
userMapper.updateById(BeanUtils.toBean(reqVO, AdminUserDO.class).setId(id));
|
}
|
|
@Override
|
public void updateUserPassword(Long id, UserProfileUpdatePasswordReqVO reqVO) {
|
// 校验旧密码密码
|
validateOldPassword(id, reqVO.getOldPassword());
|
// 执行更新
|
AdminUserDO updateObj = new AdminUserDO().setId(id);
|
updateObj.setPassword(encodePassword(reqVO.getNewPassword())); // 加密密码
|
userMapper.updateById(updateObj);
|
}
|
|
@Override
|
public String updateUserAvatar(Long id, InputStream avatarFile) {
|
validateUserExists(id);
|
// 存储文件
|
String avatar = fileApi.createFile(IoUtil.readBytes(avatarFile));
|
// 更新路径
|
AdminUserDO sysUserDO = new AdminUserDO();
|
sysUserDO.setId(id);
|
sysUserDO.setAvatar(avatar);
|
userMapper.updateById(sysUserDO);
|
return avatar;
|
}
|
|
@Override
|
@LogRecord(type = SYSTEM_USER_TYPE, subType = SYSTEM_USER_UPDATE_PASSWORD_SUB_TYPE, bizNo = "{{#id}}",
|
success = SYSTEM_USER_UPDATE_PASSWORD_SUCCESS)
|
public void updateUserPassword(Long id, String password) {
|
// 1. 校验用户存在
|
AdminUserDO user = validateUserExists(id);
|
|
// 2. 更新密码
|
AdminUserDO updateObj = new AdminUserDO();
|
updateObj.setId(id);
|
updateObj.setPassword(encodePassword(password)); // 加密密码
|
userMapper.updateById(updateObj);
|
|
// 3. 记录操作日志上下文
|
LogRecordContext.putVariable("user", user);
|
LogRecordContext.putVariable("newPassword", updateObj.getPassword());
|
}
|
|
@Override
|
public void updateUserStatus(Long id, Integer status) {
|
// 校验用户存在
|
validateUserExists(id);
|
// 更新状态
|
AdminUserDO updateObj = new AdminUserDO();
|
updateObj.setId(id);
|
updateObj.setStatus(status);
|
userMapper.updateById(updateObj);
|
}
|
|
@Override
|
@Transactional(rollbackFor = Exception.class)
|
@LogRecord(type = SYSTEM_USER_TYPE, subType = SYSTEM_USER_DELETE_SUB_TYPE, bizNo = "{{#id}}",
|
success = SYSTEM_USER_DELETE_SUCCESS)
|
public void deleteUser(Long id) {
|
// 1. 校验用户存在
|
AdminUserDO user = validateUserExists(id);
|
|
// 2.1 删除用户
|
userMapper.deleteById(id);
|
// 2.2 删除用户关联数据
|
permissionService.processUserDeleted(id);
|
// 2.2 删除用户岗位
|
userPostMapper.deleteByUserId(id);
|
|
// 3. 记录操作日志上下文
|
LogRecordContext.putVariable("user", user);
|
}
|
|
@Override
|
public AdminUserDO getUserByUsername(String username) {
|
return userMapper.selectByUsername(username);
|
}
|
|
@Override
|
public AdminUserDO getUserByMobile(String mobile) {
|
return userMapper.selectByMobile(mobile);
|
}
|
|
@Override
|
public PageResult<AdminUserDO> getUserPage(UserPageReqVO reqVO) {
|
return userMapper.selectPage(reqVO, getDeptCondition(reqVO.getDeptId()));
|
}
|
|
@Override
|
public AdminUserDO getUser(Long id) {
|
return userMapper.selectById(id);
|
}
|
|
@Override
|
public List<AdminUserDO> getUserListByDeptIds(Collection<Long> deptIds) {
|
if (CollUtil.isEmpty(deptIds)) {
|
return Collections.emptyList();
|
}
|
return userMapper.selectListByDeptIds(deptIds);
|
}
|
|
@Override
|
public List<AdminUserDO> getUserListByPostIds(Collection<Long> postIds) {
|
if (CollUtil.isEmpty(postIds)) {
|
return Collections.emptyList();
|
}
|
Set<Long> userIds = convertSet(userPostMapper.selectListByPostIds(postIds), UserPostDO::getUserId);
|
if (CollUtil.isEmpty(userIds)) {
|
return Collections.emptyList();
|
}
|
return userMapper.selectBatchIds(userIds);
|
}
|
|
@Override
|
public List<AdminUserDO> getUserList(Collection<Long> ids) {
|
if (CollUtil.isEmpty(ids)) {
|
return Collections.emptyList();
|
}
|
return userMapper.selectBatchIds(ids);
|
}
|
|
@Override
|
public void validateUserList(Collection<Long> ids) {
|
if (CollUtil.isEmpty(ids)) {
|
return;
|
}
|
// 获得岗位信息
|
List<AdminUserDO> users = userMapper.selectBatchIds(ids);
|
Map<Long, AdminUserDO> userMap = CollectionUtils.convertMap(users, AdminUserDO::getId);
|
// 校验
|
ids.forEach(id -> {
|
AdminUserDO user = userMap.get(id);
|
if (user == null) {
|
throw exception(USER_NOT_EXISTS);
|
}
|
if (!CommonStatusEnum.ENABLE.getStatus().equals(user.getStatus())) {
|
throw exception(USER_IS_DISABLE, user.getNickname());
|
}
|
});
|
}
|
|
@Override
|
public List<AdminUserDO> getUserListByNickname(String nickname) {
|
return userMapper.selectListByNickname(nickname);
|
}
|
|
/**
|
* 获得部门条件:查询指定部门的子部门编号们,包括自身
|
* @param deptId 部门编号
|
* @return 部门编号集合
|
*/
|
private Set<Long> getDeptCondition(Long deptId) {
|
if (deptId == null) {
|
return Collections.emptySet();
|
}
|
Set<Long> deptIds = convertSet(deptService.getChildDeptList(deptId), DeptDO::getId);
|
deptIds.add(deptId); // 包括自身
|
return deptIds;
|
}
|
|
private AdminUserDO validateUserForCreateOrUpdate(Long id, String username, String mobile, String email,
|
Long deptId, Set<Long> postIds) {
|
// 关闭数据权限,避免因为没有数据权限,查询不到数据,进而导致唯一校验不正确
|
return DataPermissionUtils.executeIgnore(() -> {
|
// 校验用户存在
|
AdminUserDO user = validateUserExists(id);
|
// 校验用户名唯一
|
validateUsernameUnique(id, username);
|
// 校验手机号唯一
|
validateMobileUnique(id, mobile);
|
// 校验邮箱唯一
|
validateEmailUnique(id, email);
|
// 校验部门处于开启状态
|
deptService.validateDeptList(CollectionUtils.singleton(deptId));
|
// 校验岗位处于开启状态
|
postService.validatePostList(postIds);
|
return user;
|
});
|
}
|
|
@VisibleForTesting
|
AdminUserDO validateUserExists(Long id) {
|
if (id == null) {
|
return null;
|
}
|
AdminUserDO user = userMapper.selectById(id);
|
if (user == null) {
|
throw exception(USER_NOT_EXISTS);
|
}
|
return user;
|
}
|
|
@VisibleForTesting
|
void validateUsernameUnique(Long id, String username) {
|
if (StrUtil.isBlank(username)) {
|
return;
|
}
|
AdminUserDO user = userMapper.selectByUsername(username);
|
if (user == null) {
|
return;
|
}
|
// 如果 id 为空,说明不用比较是否为相同 id 的用户
|
if (id == null) {
|
throw exception(USER_USERNAME_EXISTS);
|
}
|
if (!user.getId().equals(id)) {
|
throw exception(USER_USERNAME_EXISTS);
|
}
|
}
|
|
@VisibleForTesting
|
void validateEmailUnique(Long id, String email) {
|
if (StrUtil.isBlank(email)) {
|
return;
|
}
|
AdminUserDO user = userMapper.selectByEmail(email);
|
if (user == null) {
|
return;
|
}
|
// 如果 id 为空,说明不用比较是否为相同 id 的用户
|
if (id == null) {
|
throw exception(USER_EMAIL_EXISTS);
|
}
|
if (!user.getId().equals(id)) {
|
throw exception(USER_EMAIL_EXISTS);
|
}
|
}
|
|
@VisibleForTesting
|
void validateMobileUnique(Long id, String mobile) {
|
if (StrUtil.isBlank(mobile)) {
|
return;
|
}
|
AdminUserDO user = userMapper.selectByMobile(mobile);
|
if (user == null) {
|
return;
|
}
|
// 如果 id 为空,说明不用比较是否为相同 id 的用户
|
if (id == null) {
|
throw exception(USER_MOBILE_EXISTS);
|
}
|
if (!user.getId().equals(id)) {
|
throw exception(USER_MOBILE_EXISTS);
|
}
|
}
|
|
/**
|
* 校验旧密码
|
* @param id 用户 id
|
* @param oldPassword 旧密码
|
*/
|
@VisibleForTesting
|
void validateOldPassword(Long id, String oldPassword) {
|
AdminUserDO user = userMapper.selectById(id);
|
if (user == null) {
|
throw exception(USER_NOT_EXISTS);
|
}
|
if (!isPasswordMatch(oldPassword, user.getPassword())) {
|
throw exception(USER_PASSWORD_FAILED);
|
}
|
}
|
|
@Override
|
@Transactional(rollbackFor = Exception.class) // 添加事务,异常则回滚所有导入
|
public UserImportRespVO importUserList(List<UserImportExcelVO> importUsers, boolean isUpdateSupport) {
|
// 1.1 参数校验
|
if (CollUtil.isEmpty(importUsers)) {
|
throw exception(USER_IMPORT_LIST_IS_EMPTY);
|
}
|
// 1.2 初始化密码不能为空
|
String initPassword = configApi.getConfigValueByKey(USER_INIT_PASSWORD_KEY).getCheckedData();
|
if (StrUtil.isEmpty(initPassword)) {
|
throw exception(USER_IMPORT_INIT_PASSWORD);
|
}
|
|
// 2. 遍历,逐个创建 or 更新
|
UserImportRespVO respVO = UserImportRespVO.builder().createUsernames(new ArrayList<>())
|
.updateUsernames(new ArrayList<>()).failureUsernames(new LinkedHashMap<>()).build();
|
importUsers.forEach(importUser -> {
|
// 校验,判断是否有不符合的原因
|
try {
|
validateUserForCreateOrUpdate(null, null, importUser.getMobile(), importUser.getEmail(),
|
importUser.getDeptId(), null);
|
} catch (ServiceException ex) {
|
respVO.getFailureUsernames().put(importUser.getUsername(), ex.getMessage());
|
return;
|
}
|
// 判断如果不存在,在进行插入
|
AdminUserDO existUser = userMapper.selectByUsername(importUser.getUsername());
|
if (existUser == null) {
|
userMapper.insert(BeanUtils.toBean(importUser, AdminUserDO.class)
|
.setPassword(encodePassword(initPassword)).setPostIds(new HashSet<>())); // 设置默认密码及空岗位编号数组
|
respVO.getCreateUsernames().add(importUser.getUsername());
|
return;
|
}
|
// 如果存在,判断是否允许更新
|
if (!isUpdateSupport) {
|
respVO.getFailureUsernames().put(importUser.getUsername(), USER_USERNAME_EXISTS.getMsg());
|
return;
|
}
|
AdminUserDO updateUser = BeanUtils.toBean(importUser, AdminUserDO.class);
|
updateUser.setId(existUser.getId());
|
userMapper.updateById(updateUser);
|
respVO.getUpdateUsernames().add(importUser.getUsername());
|
});
|
return respVO;
|
}
|
|
@Override
|
public List<AdminUserDO> getUserListByStatus(Integer status) {
|
return userMapper.selectListByStatus(status);
|
}
|
|
@Override
|
public boolean isPasswordMatch(String rawPassword, String encodedPassword) {
|
return passwordEncoder.matches(rawPassword, encodedPassword);
|
}
|
|
/**
|
* 对密码进行加密
|
*
|
* @param password 密码
|
* @return 加密后的密码
|
*/
|
private String encodePassword(String password) {
|
return passwordEncoder.encode(password);
|
}
|
|
}
|
