From fa0564c3f4ca2a86e5d11a3a7da78fff63ded11c Mon Sep 17 00:00:00 2001
From: Zheng Jie <201507802@qq.com>
Date: Tue, 1 Mar 2022 12:14:40 +0800
Subject: [PATCH] update

---
 .github/FUNDING.yml                                |  5 -----
 .../modules/mnt/rest/DeployController.java         |  4 ++--
 .../modules/quartz/rest/QuartzJobController.java   | 12 +++---------
 .../modules/security/rest/OnlineController.java    |  9 ++-------
 .../modules/system/rest/DeptController.java        |  6 ++++++
 .../modules/system/rest/DictController.java        |  8 ++++++++
 .../modules/system/rest/DictDetailController.java  |  6 ++++++
 .../modules/system/rest/MenuController.java        |  6 ++++++
 .../modules/system/rest/RoleController.java        |  9 +++++++++
 .../modules/system/rest/UserController.java        | 14 +++++++++++++-
 10 files changed, 55 insertions(+), 24 deletions(-)
 delete mode 100644 .github/FUNDING.yml

diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
deleted file mode 100644
index 0cd1ba99..00000000
--- a/.github/FUNDING.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# These are supported funding model platforms
-
-github: # [user1, user2]
-otechie: c9635b6fcfabfeed
-custom: https://aurora-1255840532.cos.ap-chengdu.myqcloud.com/donation.png
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/mnt/rest/DeployController.java b/eladmin-system/src/main/java/me/zhengjie/modules/mnt/rest/DeployController.java
index 38197e82..f48b5b51 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/mnt/rest/DeployController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/mnt/rest/DeployController.java
@@ -19,6 +19,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import me.zhengjie.annotation.Log;
+import me.zhengjie.exception.BadRequestException;
 import me.zhengjie.modules.mnt.domain.Deploy;
 import me.zhengjie.modules.mnt.domain.DeployHistory;
 import me.zhengjie.modules.mnt.service.DeployService;
@@ -73,8 +74,7 @@ public class DeployController {
     @PostMapping
 	@PreAuthorize("@el.check('deploy:add')")
     public ResponseEntity<Object> createDeploy(@Validated @RequestBody Deploy resources){
-		deployService.create(resources);
-        return new ResponseEntity<>(HttpStatus.CREATED);
+		throw new BadRequestException("演示环境不可操作");
     }
 
     @Log("修改部署")
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java b/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java
index 31613572..d5633dc2 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java
@@ -81,11 +81,7 @@ public class QuartzJobController {
     @PostMapping
     @PreAuthorize("@el.check('timing:add')")
     public ResponseEntity<Object> createQuartzJob(@Validated @RequestBody QuartzJob resources){
-        if (resources.getId() != null) {
-            throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
-        }
-        quartzJobService.create(resources);
-        return new ResponseEntity<>(HttpStatus.CREATED);
+        throw new BadRequestException("演示环境不支持新增任务！");
     }
 
     @Log("修改定时任务")
@@ -102,8 +98,7 @@ public class QuartzJobController {
     @PutMapping(value = "/{id}")
     @PreAuthorize("@el.check('timing:edit')")
     public ResponseEntity<Object> updateQuartzJobStatus(@PathVariable Long id){
-        quartzJobService.updateIsPause(quartzJobService.findById(id));
-        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+        throw new BadRequestException("演示环境请使用执行按钮运行任务！");
     }
 
     @Log("执行定时任务")
@@ -120,7 +115,6 @@ public class QuartzJobController {
     @DeleteMapping
     @PreAuthorize("@el.check('timing:del')")
     public ResponseEntity<Object> deleteQuartzJob(@RequestBody Set<Long> ids){
-        quartzJobService.delete(ids);
-        return new ResponseEntity<>(HttpStatus.OK);
+        throw new BadRequestException("演示环境不支持删除定时任务！");
     }
 }
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java
index 8b91fdfd..61529a00 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java
@@ -18,8 +18,8 @@ package me.zhengjie.modules.security.rest;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
+import me.zhengjie.exception.BadRequestException;
 import me.zhengjie.modules.security.service.OnlineUserService;
-import me.zhengjie.utils.EncryptUtils;
 import org.springframework.data.domain.Pageable;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -58,11 +58,6 @@ public class OnlineController {
     @DeleteMapping
     @PreAuthorize("@el.check()")
     public ResponseEntity<Object> deleteOnlineUser(@RequestBody Set<String> keys) throws Exception {
-        for (String key : keys) {
-            // 解密Key
-            key = EncryptUtils.desDecrypt(key);
-            onlineUserService.kickOut(key);
-        }
-        return new ResponseEntity<>(HttpStatus.OK);
+        throw new BadRequestException("演示环境不可操作");
     }
 }
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java
index 99624306..c44763fc 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java
@@ -92,6 +92,9 @@ public class DeptController {
     @PutMapping
     @PreAuthorize("@el.check('dept:edit')")
     public ResponseEntity<Object> updateDept(@Validated(Dept.Update.class) @RequestBody Dept resources){
+        if(resources.getId() <= 11){
+            throw new BadRequestException("演示环境不可操作");
+        }
         deptService.update(resources);
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
@@ -103,6 +106,9 @@ public class DeptController {
     public ResponseEntity<Object> deleteDept(@RequestBody Set<Long> ids){
         Set<DeptDto> deptDtos = new HashSet<>();
         for (Long id : ids) {
+            if(id <= 11){
+                throw new BadRequestException("演示环境不可操作");
+            }
             List<Dept> deptList = deptService.findByPid(id);
             deptDtos.add(deptService.findById(id));
             if(CollectionUtil.isNotEmpty(deptList)){
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java
index 70705781..1b6768e4 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java
@@ -84,6 +84,9 @@ public class DictController {
     @PutMapping
     @PreAuthorize("@el.check('dict:edit')")
     public ResponseEntity<Object> updateDict(@Validated(Dict.Update.class) @RequestBody Dict resources){
+        if(resources.getId() <= 5){
+            throw new BadRequestException("演示环境不可操作");
+        }
         dictService.update(resources);
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
@@ -93,6 +96,11 @@ public class DictController {
     @DeleteMapping
     @PreAuthorize("@el.check('dict:del')")
     public ResponseEntity<Object> deleteDict(@RequestBody Set<Long> ids){
+        for (Long id : ids) {
+            if(id <= 5){
+                throw new BadRequestException("演示环境不可操作");
+            }
+        }
         dictService.delete(ids);
         return new ResponseEntity<>(HttpStatus.OK);
     }
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java
index 8ddbfe4b..dc27fd24 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java
@@ -84,6 +84,9 @@ public class DictDetailController {
     @PutMapping
     @PreAuthorize("@el.check('dict:edit')")
     public ResponseEntity<Object> updateDictDetail(@Validated(DictDetail.Update.class) @RequestBody DictDetail resources){
+        if(resources.getId() <= 6){
+            throw new BadRequestException("演示环境不可操作");
+        }
         dictDetailService.update(resources);
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
@@ -93,6 +96,9 @@ public class DictDetailController {
     @DeleteMapping(value = "/{id}")
     @PreAuthorize("@el.check('dict:del')")
     public ResponseEntity<Object> deleteDictDetail(@PathVariable Long id){
+        if(id <= 6){
+            throw new BadRequestException("演示环境不可操作");
+        }
         dictDetailService.delete(id);
         return new ResponseEntity<>(HttpStatus.OK);
     }
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java
index 66a1e82c..ac122cb0 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java
@@ -126,6 +126,9 @@ public class MenuController {
     @PutMapping
     @PreAuthorize("@el.check('menu:edit')")
     public ResponseEntity<Object> updateMenu(@Validated(Menu.Update.class) @RequestBody Menu resources){
+        if(resources.getId() <= 116){
+            throw new BadRequestException("演示环境不可操作");
+        }
         menuService.update(resources);
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
@@ -137,6 +140,9 @@ public class MenuController {
     public ResponseEntity<Object> deleteMenu(@RequestBody Set<Long> ids){
         Set<Menu> menuSet = new HashSet<>();
         for (Long id : ids) {
+            if(id <= 116){
+                throw new BadRequestException("演示环境不可操作");
+            }
             List<MenuDto> menuList = menuService.getMenus(id);
             menuSet.add(menuService.findOne(id));
             menuSet = menuService.getChildMenus(menuMapper.toEntity(menuList), menuSet);
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java
index f4f9f5e3..ded94bab 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java
@@ -106,6 +106,9 @@ public class RoleController {
     @PutMapping
     @PreAuthorize("@el.check('roles:edit')")
     public ResponseEntity<Object> updateRole(@Validated(Role.Update.class) @RequestBody Role resources){
+        if(resources.getId() <= 1){
+            throw new BadRequestException("演示环境不可操作");
+        }
         getLevels(resources.getLevel());
         roleService.update(resources);
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@@ -116,6 +119,9 @@ public class RoleController {
     @PutMapping(value = "/menu")
     @PreAuthorize("@el.check('roles:edit')")
     public ResponseEntity<Object> updateRoleMenu(@RequestBody Role resources){
+        if(resources.getId() <= 1){
+            throw new BadRequestException("演示环境不可操作");
+        }
         RoleDto role = roleService.findById(resources.getId());
         getLevels(role.getLevel());
         roleService.updateMenu(resources,role);
@@ -128,6 +134,9 @@ public class RoleController {
     @PreAuthorize("@el.check('roles:del')")
     public ResponseEntity<Object> deleteRole(@RequestBody Set<Long> ids){
         for (Long id : ids) {
+            if(id <= 1){
+                throw new BadRequestException("演示环境不可操作");
+            }
             RoleDto role = roleService.findById(id);
             getLevels(role.getLevel());
         }
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java
index ed8e51fb..e521baaf 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java
@@ -119,6 +119,9 @@ public class UserController {
     @PutMapping
     @PreAuthorize("@el.check('user:edit')")
     public ResponseEntity<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception {
+        if(resources.getId() <= 1){
+            throw new BadRequestException("演示环境不可操作");
+        }
         checkLevel(resources);
         userService.update(resources);
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@@ -128,6 +131,9 @@ public class UserController {
     @ApiOperation("修改用户：个人中心")
     @PutMapping(value = "center")
     public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources){
+        if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
+            throw new BadRequestException("不能修改他人资料");
+        }
         if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
             throw new BadRequestException("不能修改他人资料");
         }
@@ -141,6 +147,9 @@ public class UserController {
     @PreAuthorize("@el.check('user:del')")
     public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids){
         for (Long id : ids) {
+            if(id <= 1){
+                throw new BadRequestException("演示环境不可操作");
+            }
             Integer currentLevel =  Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
             Integer optLevel =  Collections.min(roleService.findByUsersId(id).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
             if (currentLevel > optLevel) {
@@ -157,6 +166,9 @@ public class UserController {
         String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
         String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
         UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
+        if("admin".equals(user.getUsername())){
+            throw new BadRequestException("演示环境不可操作");
+        }
         if(!passwordEncoder.matches(oldPass, user.getPassword())){
             throw new BadRequestException("修改失败，旧密码错误");
         }
@@ -170,7 +182,7 @@ public class UserController {
     @ApiOperation("修改头像")
     @PostMapping(value = "/updateAvatar")
     public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar){
-        return new ResponseEntity<>(userService.updateAvatar(avatar), HttpStatus.OK);
+        throw new BadRequestException("演示环境不可操作");
     }
 
     @Log("修改邮箱")