pull/789/head
Zheng Jie 2022-03-01 12:14:40 +08:00
parent 788aaf3370
commit fa0564c3f4
10 changed files with 55 additions and 24 deletions

5
.github/FUNDING.yml vendored
View File

@ -1,5 +0,0 @@
# These are supported funding model platforms
github: # [user1, user2]
otechie: c9635b6fcfabfeed
custom: https://aurora-1255840532.cos.ap-chengdu.myqcloud.com/donation.png

View File

@ -19,6 +19,7 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import me.zhengjie.annotation.Log;
import me.zhengjie.exception.BadRequestException;
import me.zhengjie.modules.mnt.domain.Deploy;
import me.zhengjie.modules.mnt.domain.DeployHistory;
import me.zhengjie.modules.mnt.service.DeployService;
@ -73,8 +74,7 @@ public class DeployController {
@PostMapping
@PreAuthorize("@el.check('deploy:add')")
public ResponseEntity<Object> createDeploy(@Validated @RequestBody Deploy resources){
deployService.create(resources);
return new ResponseEntity<>(HttpStatus.CREATED);
throw new BadRequestException("演示环境不可操作");
}
@Log("修改部署")

View File

@ -81,11 +81,7 @@ public class QuartzJobController {
@PostMapping
@PreAuthorize("@el.check('timing:add')")
public ResponseEntity<Object> createQuartzJob(@Validated @RequestBody QuartzJob resources){
if (resources.getId() != null) {
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
}
quartzJobService.create(resources);
return new ResponseEntity<>(HttpStatus.CREATED);
throw new BadRequestException("演示环境不支持新增任务!");
}
@Log("修改定时任务")
@ -102,8 +98,7 @@ public class QuartzJobController {
@PutMapping(value = "/{id}")
@PreAuthorize("@el.check('timing:edit')")
public ResponseEntity<Object> updateQuartzJobStatus(@PathVariable Long id){
quartzJobService.updateIsPause(quartzJobService.findById(id));
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
throw new BadRequestException("演示环境请使用执行按钮运行任务!");
}
@Log("执行定时任务")
@ -120,7 +115,6 @@ public class QuartzJobController {
@DeleteMapping
@PreAuthorize("@el.check('timing:del')")
public ResponseEntity<Object> deleteQuartzJob(@RequestBody Set<Long> ids){
quartzJobService.delete(ids);
return new ResponseEntity<>(HttpStatus.OK);
throw new BadRequestException("演示环境不支持删除定时任务!");
}
}

View File

@ -18,8 +18,8 @@ package me.zhengjie.modules.security.rest;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import me.zhengjie.exception.BadRequestException;
import me.zhengjie.modules.security.service.OnlineUserService;
import me.zhengjie.utils.EncryptUtils;
import org.springframework.data.domain.Pageable;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
@ -58,11 +58,6 @@ public class OnlineController {
@DeleteMapping
@PreAuthorize("@el.check()")
public ResponseEntity<Object> deleteOnlineUser(@RequestBody Set<String> keys) throws Exception {
for (String key : keys) {
// 解密Key
key = EncryptUtils.desDecrypt(key);
onlineUserService.kickOut(key);
}
return new ResponseEntity<>(HttpStatus.OK);
throw new BadRequestException("演示环境不可操作");
}
}

View File

@ -92,6 +92,9 @@ public class DeptController {
@PutMapping
@PreAuthorize("@el.check('dept:edit')")
public ResponseEntity<Object> updateDept(@Validated(Dept.Update.class) @RequestBody Dept resources){
if(resources.getId() <= 11){
throw new BadRequestException("演示环境不可操作");
}
deptService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
@ -103,6 +106,9 @@ public class DeptController {
public ResponseEntity<Object> deleteDept(@RequestBody Set<Long> ids){
Set<DeptDto> deptDtos = new HashSet<>();
for (Long id : ids) {
if(id <= 11){
throw new BadRequestException("演示环境不可操作");
}
List<Dept> deptList = deptService.findByPid(id);
deptDtos.add(deptService.findById(id));
if(CollectionUtil.isNotEmpty(deptList)){

View File

@ -84,6 +84,9 @@ public class DictController {
@PutMapping
@PreAuthorize("@el.check('dict:edit')")
public ResponseEntity<Object> updateDict(@Validated(Dict.Update.class) @RequestBody Dict resources){
if(resources.getId() <= 5){
throw new BadRequestException("演示环境不可操作");
}
dictService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
@ -93,6 +96,11 @@ public class DictController {
@DeleteMapping
@PreAuthorize("@el.check('dict:del')")
public ResponseEntity<Object> deleteDict(@RequestBody Set<Long> ids){
for (Long id : ids) {
if(id <= 5){
throw new BadRequestException("演示环境不可操作");
}
}
dictService.delete(ids);
return new ResponseEntity<>(HttpStatus.OK);
}

View File

@ -84,6 +84,9 @@ public class DictDetailController {
@PutMapping
@PreAuthorize("@el.check('dict:edit')")
public ResponseEntity<Object> updateDictDetail(@Validated(DictDetail.Update.class) @RequestBody DictDetail resources){
if(resources.getId() <= 6){
throw new BadRequestException("演示环境不可操作");
}
dictDetailService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
@ -93,6 +96,9 @@ public class DictDetailController {
@DeleteMapping(value = "/{id}")
@PreAuthorize("@el.check('dict:del')")
public ResponseEntity<Object> deleteDictDetail(@PathVariable Long id){
if(id <= 6){
throw new BadRequestException("演示环境不可操作");
}
dictDetailService.delete(id);
return new ResponseEntity<>(HttpStatus.OK);
}

View File

@ -126,6 +126,9 @@ public class MenuController {
@PutMapping
@PreAuthorize("@el.check('menu:edit')")
public ResponseEntity<Object> updateMenu(@Validated(Menu.Update.class) @RequestBody Menu resources){
if(resources.getId() <= 116){
throw new BadRequestException("演示环境不可操作");
}
menuService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
@ -137,6 +140,9 @@ public class MenuController {
public ResponseEntity<Object> deleteMenu(@RequestBody Set<Long> ids){
Set<Menu> menuSet = new HashSet<>();
for (Long id : ids) {
if(id <= 116){
throw new BadRequestException("演示环境不可操作");
}
List<MenuDto> menuList = menuService.getMenus(id);
menuSet.add(menuService.findOne(id));
menuSet = menuService.getChildMenus(menuMapper.toEntity(menuList), menuSet);

View File

@ -106,6 +106,9 @@ public class RoleController {
@PutMapping
@PreAuthorize("@el.check('roles:edit')")
public ResponseEntity<Object> updateRole(@Validated(Role.Update.class) @RequestBody Role resources){
if(resources.getId() <= 1){
throw new BadRequestException("演示环境不可操作");
}
getLevels(resources.getLevel());
roleService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@ -116,6 +119,9 @@ public class RoleController {
@PutMapping(value = "/menu")
@PreAuthorize("@el.check('roles:edit')")
public ResponseEntity<Object> updateRoleMenu(@RequestBody Role resources){
if(resources.getId() <= 1){
throw new BadRequestException("演示环境不可操作");
}
RoleDto role = roleService.findById(resources.getId());
getLevels(role.getLevel());
roleService.updateMenu(resources,role);
@ -128,6 +134,9 @@ public class RoleController {
@PreAuthorize("@el.check('roles:del')")
public ResponseEntity<Object> deleteRole(@RequestBody Set<Long> ids){
for (Long id : ids) {
if(id <= 1){
throw new BadRequestException("演示环境不可操作");
}
RoleDto role = roleService.findById(id);
getLevels(role.getLevel());
}

View File

@ -119,6 +119,9 @@ public class UserController {
@PutMapping
@PreAuthorize("@el.check('user:edit')")
public ResponseEntity<Object> updateUser(@Validated(User.Update.class) @RequestBody User resources) throws Exception {
if(resources.getId() <= 1){
throw new BadRequestException("演示环境不可操作");
}
checkLevel(resources);
userService.update(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@ -128,6 +131,9 @@ public class UserController {
@ApiOperation("修改用户:个人中心")
@PutMapping(value = "center")
public ResponseEntity<Object> centerUser(@Validated(User.Update.class) @RequestBody User resources){
if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
throw new BadRequestException("不能修改他人资料");
}
if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
throw new BadRequestException("不能修改他人资料");
}
@ -141,6 +147,9 @@ public class UserController {
@PreAuthorize("@el.check('user:del')")
public ResponseEntity<Object> deleteUser(@RequestBody Set<Long> ids){
for (Long id : ids) {
if(id <= 1){
throw new BadRequestException("演示环境不可操作");
}
Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
if (currentLevel > optLevel) {
@ -157,6 +166,9 @@ public class UserController {
String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
if("admin".equals(user.getUsername())){
throw new BadRequestException("演示环境不可操作");
}
if(!passwordEncoder.matches(oldPass, user.getPassword())){
throw new BadRequestException("修改失败,旧密码错误");
}
@ -170,7 +182,7 @@ public class UserController {
@ApiOperation("修改头像")
@PostMapping(value = "/updateAvatar")
public ResponseEntity<Object> updateUserAvatar(@RequestParam MultipartFile avatar){
return new ResponseEntity<>(userService.updateAvatar(avatar), HttpStatus.OK);
throw new BadRequestException("演示环境不可操作");
}
@Log("修改邮箱")