pull/789/head
Zheng Jie 2022-03-01 12:14:40 +08:00
parent 788aaf3370
commit fa0564c3f4
10 changed files with 55 additions and 24 deletions

5
.github/FUNDING.yml vendored
View File

@ -1,5 +0,0 @@
# These are supported funding model platforms
github: # [user1, user2]
otechie: c9635b6fcfabfeed
custom: https://aurora-1255840532.cos.ap-chengdu.myqcloud.com/donation.png

View File

@ -19,6 +19,7 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import me.zhengjie.annotation.Log; import me.zhengjie.annotation.Log;
import me.zhengjie.exception.BadRequestException;
import me.zhengjie.modules.mnt.domain.Deploy; import me.zhengjie.modules.mnt.domain.Deploy;
import me.zhengjie.modules.mnt.domain.DeployHistory; import me.zhengjie.modules.mnt.domain.DeployHistory;
import me.zhengjie.modules.mnt.service.DeployService; import me.zhengjie.modules.mnt.service.DeployService;
@ -73,8 +74,7 @@ public class DeployController {
@PostMapping @PostMapping
@PreAuthorize("@el.check('deploy:add')") @PreAuthorize("@el.check('deploy:add')")
public ResponseEntity<Object> createDeploy(@Validated @RequestBody Deploy resources){ public ResponseEntity<Object> createDeploy(@Validated @RequestBody Deploy resources){
deployService.create(resources); throw new BadRequestException("演示环境不可操作");
return new ResponseEntity<>(HttpStatus.CREATED);
} }
@Log("修改部署") @Log("修改部署")

View File

@ -81,11 +81,7 @@ public class QuartzJobController {
@PostMapping @PostMapping
@PreAuthorize("@el.check('timing:add')") @PreAuthorize("@el.check('timing:add')")
public ResponseEntity<Object> createQuartzJob(@Validated @RequestBody QuartzJob resources){ public ResponseEntity<Object> createQuartzJob(@Validated @RequestBody QuartzJob resources){
if (resources.getId() != null) { throw new BadRequestException("演示环境不支持新增任务!");
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
}
quartzJobService.create(resources);
return new ResponseEntity<>(HttpStatus.CREATED);
} }
@Log("修改定时任务") @Log("修改定时任务")
@ -102,8 +98,7 @@ public class QuartzJobController {
@PutMapping(value = "/{id}") @PutMapping(value = "/{id}")
@PreAuthorize("@el.check('timing:edit')") @PreAuthorize("@el.check('timing:edit')")
public ResponseEntity<Object> updateQuartzJobStatus(@PathVariable Long id){ public ResponseEntity<Object> updateQuartzJobStatus(@PathVariable Long id){
quartzJobService.updateIsPause(quartzJobService.findById(id)); throw new BadRequestException("演示环境请使用执行按钮运行任务!");
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
} }
@Log("执行定时任务") @Log("执行定时任务")
@ -120,7 +115,6 @@ public class QuartzJobController {
@DeleteMapping @DeleteMapping
@PreAuthorize("@el.check('timing:del')") @PreAuthorize("@el.check('timing:del')")
public ResponseEntity<Object> deleteQuartzJob(@RequestBody Set<Long> ids){ public ResponseEntity<Object> deleteQuartzJob(@RequestBody Set<Long> ids){
quartzJobService.delete(ids); throw new BadRequestException("演示环境不支持删除定时任务!");
return new ResponseEntity<>(HttpStatus.OK);
} }
} }

View File

@ -18,8 +18,8 @@ package me.zhengjie.modules.security.rest;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import me.zhengjie.exception.BadRequestException;
import me.zhengjie.modules.security.service.OnlineUserService; import me.zhengjie.modules.security.service.OnlineUserService;
import me.zhengjie.utils.EncryptUtils;
import org.springframework.data.domain.Pageable; import org.springframework.data.domain.Pageable;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
@ -58,11 +58,6 @@ public class OnlineController {
@DeleteMapping @DeleteMapping
@PreAuthorize("@el.check()") @PreAuthorize("@el.check()")
public ResponseEntity<Object> deleteOnlineUser(@RequestBody Set<String> keys) throws Exception { public ResponseEntity<Object> deleteOnlineUser(@RequestBody Set<String> keys) throws Exception {
for (String key : keys) { throw new BadRequestException("演示环境不可操作");
// 解密Key
key = EncryptUtils.desDecrypt(key);
onlineUserService.kickOut(key);
}
return new ResponseEntity<>(HttpStatus.OK);
} }
} }

View File

@ -92,6 +92,9 @@ public class DeptController {
@PutMapping @PutMapping
@PreAuthorize("@el.check('dept:edit')") @PreAuthorize("@el.check('dept:edit')")
public ResponseEntity<Object> updateDept(@Validated(Dept.Update.class) @RequestBody Dept resources){ public ResponseEntity<Object> updateDept(@Validated(Dept.Update.class) @RequestBody Dept resources){
if(resources.getId() <= 11){
throw new BadRequestException("演示环境不可操作");
}
deptService.update(resources); deptService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT); return new ResponseEntity<>(HttpStatus.NO_CONTENT);
} }
@ -103,6 +106,9 @@ public class DeptController {
public ResponseEntity<Object> deleteDept(@RequestBody Set<Long> ids){ public ResponseEntity<Object> deleteDept(@RequestBody Set<Long> ids){
Set<DeptDto> deptDtos = new HashSet<>(); Set<DeptDto> deptDtos = new HashSet<>();
for (Long id : ids) { for (Long id : ids) {
if(id <= 11){
throw new BadRequestException("演示环境不可操作");
}
List<Dept> deptList = deptService.findByPid(id); List<Dept> deptList = deptService.findByPid(id);
deptDtos.add(deptService.findById(id)); deptDtos.add(deptService.findById(id));
if(CollectionUtil.isNotEmpty(deptList)){ if(CollectionUtil.isNotEmpty(deptList)){

View File

@ -84,6 +84,9 @@ public class DictController {
@PutMapping @PutMapping
@PreAuthorize("@el.check('dict:edit')") @PreAuthorize("@el.check('dict:edit')")
public ResponseEntity<Object> updateDict(@Validated(Dict.Update.class) @RequestBody Dict resources){ public ResponseEntity<Object> updateDict(@Validated(Dict.Update.class) @RequestBody Dict resources){
if(resources.getId() <= 5){
throw new BadRequestException("演示环境不可操作");
}
dictService.update(resources); dictService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT); return new ResponseEntity<>(HttpStatus.NO_CONTENT);
} }
@ -93,6 +96,11 @@ public class DictController {
@DeleteMapping @DeleteMapping
@PreAuthorize("@el.check('dict:del')") @PreAuthorize("@el.check('dict:del')")
public ResponseEntity<Object> deleteDict(@RequestBody Set<Long> ids){ public ResponseEntity<Object> deleteDict(@RequestBody Set<Long> ids){
for (Long id : ids) {
if(id <= 5){
throw new BadRequestException("演示环境不可操作");
}
}
dictService.delete(ids); dictService.delete(ids);
return new ResponseEntity<>(HttpStatus.OK); return new ResponseEntity<>(HttpStatus.OK);
} }

View File

@ -84,6 +84,9 @@ public class DictDetailController {
@PutMapping @PutMapping
@PreAuthorize("@el.check('dict:edit')") @PreAuthorize("@el.check('dict:edit')")
public ResponseEntity<Object> updateDictDetail(@Validated(DictDetail.Update.class) @RequestBody DictDetail resources){ public ResponseEntity<Object> updateDictDetail(@Validated(DictDetail.Update.class) @RequestBody DictDetail resources){
if(resources.getId() <= 6){
throw new BadRequestException("演示环境不可操作");
}
dictDetailService.update(resources); dictDetailService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT); return new ResponseEntity<>(HttpStatus.NO_CONTENT);
} }
@ -93,6 +96,9 @@ public class DictDetailController {
@DeleteMapping(value = "/{id}") @DeleteMapping(value = "/{id}")
@PreAuthorize("@el.check('dict:del')") @PreAuthorize("@el.check('dict:del')")
public ResponseEntity<Object> deleteDictDetail(@PathVariable Long id){ public ResponseEntity<Object> deleteDictDetail(@PathVariable Long id){
if(id <= 6){
throw new BadRequestException("演示环境不可操作");
}
dictDetailService.delete(id); dictDetailService.delete(id);
return new ResponseEntity<>(HttpStatus.OK); return new ResponseEntity<>(HttpStatus.OK);
} }

View File

@ -126,6 +126,9 @@ public class MenuController {
@PutMapping @PutMapping
@PreAuthorize("@el.check('menu:edit')") @PreAuthorize("@el.check('menu:edit')")
public ResponseEntity<Object> updateMenu(@Validated(Menu.Update.class) @RequestBody Menu resources){ public ResponseEntity<Object> updateMenu(@Validated(Menu.Update.class) @RequestBody Menu resources){
if(resources.getId() <= 116){
throw new BadRequestException("演示环境不可操作");
}
menuService.update(resources); menuService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT); return new ResponseEntity<>(HttpStatus.NO_CONTENT);
} }
@ -137,6 +140,9 @@ public class MenuController {
public ResponseEntity<Object> deleteMenu(@RequestBody Set<Long> ids){ public ResponseEntity<Object> deleteMenu(@RequestBody Set<Long> ids){
Set<Menu> menuSet = new HashSet<>(); Set<Menu> menuSet = new HashSet<>();
for (Long id : ids) { for (Long id : ids) {
if(id <= 116){
throw new BadRequestException("演示环境不可操作");
}
List<MenuDto> menuList = menuService.getMenus(id); List<MenuDto> menuList = menuService.getMenus(id);
menuSet.add(menuService.findOne(id)); menuSet.add(menuService.findOne(id));
menuSet = menuService.getChildMenus(menuMapper.toEntity(menuList), menuSet); menuSet = menuService.getChildMenus(menuMapper.toEntity(menuList), menuSet);

View File

@ -106,6 +106,9 @@ public class RoleController {
@PutMapping @PutMapping
@PreAuthorize("@el.check('roles:edit')") @PreAuthorize("@el.check('roles:edit')")
public ResponseEntity<Object> updateRole(@Validated(Role.Update.class) @RequestBody Role resources){ public ResponseEntity<Object> updateRole(@Validated(Role.Update.class) @RequestBody Role resources){
if(resources.getId() <= 1){
throw new BadRequestException("演示环境不可操作");
}
getLevels(resources.getLevel()); getLevels(resources.getLevel());
roleService.update(resources); roleService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT); return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@ -116,6 +119,9 @@ public class RoleController {
@PutMapping(value = "/menu") @PutMapping(value = "/menu")
@PreAuthorize("@el.check('roles:edit')") @PreAuthorize("@el.check('roles:edit')")
public ResponseEntity<Object> updateRoleMenu(@RequestBody Role resources){ public ResponseEntity<Object> updateRoleMenu(@RequestBody Role resources){
if(resources.getId() <= 1){
throw new BadRequestException("演示环境不可操作");
}
RoleDto role = roleService.findById(resources.getId()); RoleDto role = roleService.findById(resources.getId());
getLevels(role.getLevel()); getLevels(role.getLevel());
roleService.updateMenu(resources,role); roleService.updateMenu(resources,role);
@ -128,6 +134,9 @@ public class RoleController {
@PreAuthorize("@el.check('roles:del')") @PreAuthorize("@el.check('roles:del')")
public ResponseEntity<Object> deleteRole(@RequestBody Set<Long> ids){ public ResponseEntity<Object> deleteRole(@RequestBody Set<Long> ids){
for (Long id : ids) { for (Long id : ids) {
if(id <= 1){
throw new BadRequestException("演示环境不可操作");
}
RoleDto role = roleService.findById(id); RoleDto role = roleService.findById(id);
getLevels(role.getLevel()); getLevels(role.getLevel());
} }

View File

@ -119,6 +119,9 @@ public class UserController {
@PutMapping @PutMapping
@PreAuthorize("@el.check('user:edit')") @PreAuthorize("@el.check('user:edit')")
public ResponseEntity<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception { public ResponseEntity<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception {
if(resources.getId() <= 1){
throw new BadRequestException("演示环境不可操作");
}
checkLevel(resources); checkLevel(resources);
userService.update(resources); userService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT); return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@ -128,6 +131,9 @@ public class UserController {
@ApiOperation("修改用户:个人中心") @ApiOperation("修改用户:个人中心")
@PutMapping(value = "center") @PutMapping(value = "center")
public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources){ public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources){
if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
throw new BadRequestException("不能修改他人资料");
}
if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){ if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
throw new BadRequestException("不能修改他人资料"); throw new BadRequestException("不能修改他人资料");
} }
@ -141,6 +147,9 @@ public class UserController {
@PreAuthorize("@el.check('user:del')") @PreAuthorize("@el.check('user:del')")
public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids){ public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids){
for (Long id : ids) { for (Long id : ids) {
if(id <= 1){
throw new BadRequestException("演示环境不可操作");
}
Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList())); Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList())); Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
if (currentLevel > optLevel) { if (currentLevel > optLevel) {
@ -157,6 +166,9 @@ public class UserController {
String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass()); String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass()); String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
UserDto user = userService.findByName(SecurityUtils.getCurrentUsername()); UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
if("admin".equals(user.getUsername())){
throw new BadRequestException("演示环境不可操作");
}
if(!passwordEncoder.matches(oldPass, user.getPassword())){ if(!passwordEncoder.matches(oldPass, user.getPassword())){
throw new BadRequestException("修改失败,旧密码错误"); throw new BadRequestException("修改失败,旧密码错误");
} }
@ -170,7 +182,7 @@ public class UserController {
@ApiOperation("修改头像") @ApiOperation("修改头像")
@PostMapping(value = "/updateAvatar") @PostMapping(value = "/updateAvatar")
public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar){ public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar){
return new ResponseEntity<>(userService.updateAvatar(avatar), HttpStatus.OK); throw new BadRequestException("演示环境不可操作");
} }
@Log("修改邮箱") @Log("修改邮箱")