优化

src/main/java/cn/hnthyy/thmz/comment/MenuPermission.java

@@ -0,0 +1,23 @@
+package cn.hnthyy.thmz.comment;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface MenuPermission {
+    /**
+     * 菜单url
+     */
+    String value() default "";
+
+    /**
+     * 菜单名称
+     */
+    String name() default "";
+
+}

src/main/java/cn/hnthyy/thmz/controller/LoginController.java

@@ -94,7 +94,7 @@ public class LoginController {
         Employee employee = employeeService.queryByCodeRs(userParam.getUserCode());
         if (employee == null) {
             resultMap.put("code", -1);
-            resultMap.put("message", "登录失败,用户不存在,请联系管理员");
+            resultMap.put("message", "登录失败,用户名或密码错误");
             return resultMap;
         }
         if (user == null) {
@@ -117,8 +117,8 @@ public class LoginController {
             resultMap.put("message", "登录失败,账号状态为非在职，请联系管理员");
             return resultMap;
         }
-        //LoginErr loginErr = loginErrService.queryLoginErrByUserCode(user.getUserCode());
-        if(!userParam.getPassword().equals(user.getPassword())){
+        String password =  userService.queryPassword(userParam.getUserCode());
+        if(!userParam.getPassword().equals(password)){
             resultMap.put("code", -1);
             resultMap.put("message","用户名或密码错误!");
             return resultMap;

src/main/java/cn/hnthyy/thmz/controller/UserController.java

@@ -4,6 +4,7 @@ import cn.hnthyy.thmz.Utils.JsonUtil;
 import cn.hnthyy.thmz.Utils.Md5Util;
 import cn.hnthyy.thmz.Utils.R;
 import cn.hnthyy.thmz.Utils.TokenUtil;
+import cn.hnthyy.thmz.comment.MenuPermission;
 import cn.hnthyy.thmz.comment.UserLoginToken;
 import cn.hnthyy.thmz.common.Constants;
 import cn.hnthyy.thmz.entity.thmz.Role;
@@ -67,6 +68,7 @@ public class UserController {
         }
         DecodedJWT decodedJWT = TokenUtil.parseJWT(token);
         User tokenUser = (User) JsonUtil.jsontoObject(decodedJWT.getSubject(), User.class);
+
         if (tokenUser == null || tokenUser.getId() == null) {
             resultMap.put("code", -1);
             resultMap.put("message", "用户信息修改失败,用户主键不能为空");
@@ -74,7 +76,7 @@ public class UserController {
         }
         if (StringUtils.isNotBlank(userParam.getOldPassword())) {
             try {
-                if (!Md5Util.checkPassword(userParam.getOldPassword(), tokenUser.getPassword())) {
+                if (!Md5Util.checkPassword(userParam.getOldPassword(), userService.queryPassword(tokenUser.getUserCode()))) {
                     resultMap.put("code", -1);
                     resultMap.put("message", "密码重置失败,原密码密码错误，请重新输入");
                     return resultMap;
@@ -241,6 +243,7 @@ public class UserController {
      *
      * @return
      */
+    @MenuPermission(value = "/thmz/user-manage",name = "用户管理")
     @UserLoginToken
     @RequestMapping(value = "/getUserPage", method = {RequestMethod.GET, RequestMethod.POST})
     public Map<String, Object> getUserPage(@RequestBody UserVo userVo) {

src/main/java/cn/hnthyy/thmz/interceptor/AuthenticationInterceptor.java

@@ -1,9 +1,11 @@
 package cn.hnthyy.thmz.interceptor;
 
 import cn.hnthyy.thmz.Utils.TokenUtil;
+import cn.hnthyy.thmz.comment.MenuPermission;
 import cn.hnthyy.thmz.comment.PassToken;
 import cn.hnthyy.thmz.comment.UserLoginToken;
 import cn.hnthyy.thmz.common.Constants;
+import cn.hnthyy.thmz.common.exception.BizException;
 import cn.hnthyy.thmz.entity.AuthException;
 import cn.hnthyy.thmz.entity.thmz.Token;
 import cn.hnthyy.thmz.entity.thmz.User;
@@ -11,6 +13,7 @@ import cn.hnthyy.thmz.entity.thmz.UserControls;
 import cn.hnthyy.thmz.service.his.zd.DictDataService;
 import cn.hnthyy.thmz.service.thmz.EvaluationService;
 import cn.hnthyy.thmz.service.thmz.TokenService;
+import cn.hnthyy.thmz.service.thmz.UserService;
 import cn.hutool.core.date.DateUnit;
 import cn.hutool.core.date.DateUtil;
 import cn.hutool.core.map.MapUtil;
@@ -24,10 +27,12 @@ import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;
 import sun.util.calendar.BaseCalendar;
 
+import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.lang.reflect.Method;
 import java.util.Date;
+import java.util.List;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -41,6 +46,8 @@ public class AuthenticationInterceptor implements HandlerInterceptor {
     private EvaluationService evaluationService;
     @Autowired
     private DictDataService dictDataService;
+    @Resource
+    private UserService userService;
 
     /**过期时间30分钟*/
     private static final int EXPIRED_TIME = 30;
@@ -77,10 +84,19 @@ public class AuthenticationInterceptor implements HandlerInterceptor {
             JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(Constants.JWT_SECRET)).build();
             try {
                 jwtVerifier.verify(token);
+                User user = TokenUtil.getUser(token);
+                if(method.isAnnotationPresent(MenuPermission.class)){
+                    MenuPermission annotation = method.getAnnotation(MenuPermission.class);
+                    String value = annotation.value();
+                    String name = annotation.name();
+                    List<String> userRoleUrls = userService.getUserRoleUrls(user.getId());
+                    if(!userRoleUrls.contains(value)){
+                        throw new BizException("没有[" + name + "]权限,请找管理员开通");
+                    }
+                }
                 boolean controlExpirFlag = dictDataService.queryDictVlaue("1.5", "control_expir_flag", "0").equals("1");
                 if(controlExpirFlag){
                     Date now = new Date();
-                    User user = TokenUtil.getUser(token);
                     UserControls userControls = TokenUtil.USER_CONTROL_MAP.get(user.getUserCode());
                     if (userControls == null) {
                         userControls = new UserControls(user.getUserCode(), now);

src/main/java/cn/hnthyy/thmz/mapper/thmz/UserMapper.java

@@ -16,7 +16,7 @@ public interface UserMapper {
      *
      * @return
      */
-    @Select("select id,user_id_code,user_code,user_name,password,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where status !=2 ")
+    @Select("select id,user_id_code,user_code,user_name,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where status !=2 ")
     List<User> selectAllUser();
 
     /**
@@ -25,7 +25,7 @@ public interface UserMapper {
      * @return
      */
     @Select({"<script>",
-            "select id,user_id_code,user_code,user_name,password,id_card,create_time,create_user,update_time,update_user," +
+            "select id,user_id_code,user_code,user_name,id_card,create_time,create_user,update_time,update_user," +
                     "status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image FROM t_user WHERE 1 = 1 " +
                     "<when test='id != null'>" +
                     " and id = #{id}" +
@@ -37,7 +37,8 @@ public interface UserMapper {
                     " and user_code = #{userCode}" +
                     "</when>"+
                     "<when test='userName != null'>" +
-                    " and user_name like '%${userName}%'" +
+                    " <bind name=\"pattenName\" value=\"userName+'%'\" />"+
+                    " and user_name like #{pattenName}" +
                     "</when>" +
                     " ORDER BY ID desc limit #{offset},#{pageSize} ",
             "</script>"})
@@ -72,7 +73,7 @@ public interface UserMapper {
      * @param id 主键
      * @return
      */
-    @Select("select id,user_id_code,user_code,user_name,password,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where id=#{id}")
+    @Select("select id,user_id_code,user_code,user_name,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where id=#{id}")
     User selectUserById(@Param("id") Long id);
 
     /**
@@ -81,7 +82,7 @@ public interface UserMapper {
      * @param userCode 工号
      * @return
      */
-    @Select("select id,user_id_code,user_code,user_name,password,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where user_code=#{userCode}")
+    @Select("select id,user_id_code,user_code,user_name,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where user_code=#{userCode}")
     User selectUserByCode(@Param("userCode") String userCode);
 
     /**
@@ -90,7 +91,7 @@ public interface UserMapper {
      * @param user
      * @return
      */
-    @Insert("INSERT INTO t_user(user_id_code,user_code, user_name, password, id_card, create_time, create_user, update_time, update_user, status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image) VALUES " +
+    @Insert("INSERT INTO t_user(user_id_code,user_code, user_name, id_card, create_time, create_user, update_time, update_user, status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image) VALUES " +
             "(#{userIdCode,jdbcType=VARCHAR},#{userCode,jdbcType=VARCHAR}, #{userName,jdbcType=VARCHAR}, #{password,jdbcType=VARCHAR},  #{idCard,jdbcType=VARCHAR}, #{createTime,jdbcType=TIMESTAMP}," +
             " #{createUser,jdbcType=BIGINT},  #{updateTime,jdbcType=TIMESTAMP}, #{updateUser,jdbcType=BIGINT}, #{status,jdbcType=INTEGER},#{profileImage,jdbcType=BIGINT}" +
             ",#{email,jdbcType=VARCHAR},#{phoneNumber,jdbcType=VARCHAR},#{gender,jdbcType=CHAR},#{lockScreenPassword,jdbcType=VARCHAR},#{clientProfileImage,jdbcType=BIGINT})")
@@ -165,8 +166,10 @@ public interface UserMapper {
      * @param userIdCode 员工编码
      * @return
      */
-    @Select("select id,user_id_code,user_code,user_name,password,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where user_id_code=#{userIdCode}")
+    @Select("select id,user_id_code,user_code,user_name,id_card,create_time,create_user,update_time,update_user,status,profile_image,email,phone_number,gender,lock_screen_password,client_profile_image from t_user where user_id_code=#{userIdCode}")
     User selectUserByUserIdCode(@Param("userIdCode") String userIdCode);
     @Update(" update t_user set password =#{password} where user_code = #{userCode} ")
     int updatePasswordByUserCode(User user);
+    @Select("select password from t_user where user_code=#{userCode}")
+    String selectPassword(String userCode);
 }

src/main/java/cn/hnthyy/thmz/service/impl/thmz/UserServiceImpl.java

@@ -2,15 +2,24 @@ package cn.hnthyy.thmz.service.impl.thmz;
 
 import cn.hnthyy.thmz.Utils.ImageUtil;
 import cn.hnthyy.thmz.Utils.Md5Util;
+import cn.hnthyy.thmz.Utils.TokenUtil;
 import cn.hnthyy.thmz.common.Constants;
+import cn.hnthyy.thmz.common.exception.BizException;
 import cn.hnthyy.thmz.entity.thmz.FileUpload;
+import cn.hnthyy.thmz.entity.thmz.Menu;
+import cn.hnthyy.thmz.entity.thmz.RoleMenuRelation;
 import cn.hnthyy.thmz.entity.thmz.User;
 import cn.hnthyy.thmz.entity.thmz.UserDeptRelation;
+import cn.hnthyy.thmz.entity.thmz.UserRoleRelation;
 import cn.hnthyy.thmz.mapper.thmz.FileUploadMapper;
 import cn.hnthyy.thmz.mapper.thmz.UserDeptRelationMapper;
 import cn.hnthyy.thmz.mapper.thmz.UserMapper;
+import cn.hnthyy.thmz.service.thmz.MenuService;
+import cn.hnthyy.thmz.service.thmz.RoleMenuRelationService;
+import cn.hnthyy.thmz.service.thmz.UserRoleRelationService;
 import cn.hnthyy.thmz.service.thmz.UserService;
 import cn.hnthyy.thmz.vo.UserVo;
+import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.StrUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
@@ -20,8 +29,14 @@ import org.springframework.transaction.annotation.Isolation;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
 
+import javax.annotation.Resource;
+import java.util.ArrayList;
 import java.util.Date;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;
+
 @Slf4j
 @Service
 public class UserServiceImpl implements UserService {
@@ -34,6 +49,12 @@ public class UserServiceImpl implements UserService {
     @SuppressWarnings("all")
     @Autowired
     private UserDeptRelationMapper userDeptRelationMapper;
+    @Resource
+    private UserRoleRelationService userRoleRelationService;
+    @Resource
+    private RoleMenuRelationService rolMenuRelationService;
+    @Resource
+    private MenuService menuService;
 
     @Override
     public List<User> queryAllUser() {
@@ -142,4 +163,41 @@ public class UserServiceImpl implements UserService {
             log.error("[updatePassword]保报错",e);
         }
     }
+
+    @Override
+    public String queryPassword(String userCode) {
+        return userMapper.selectPassword(userCode);
+    }
+
+    @Override
+    public List<String> getUserRoleUrls(Long userId) {
+        if(userId == null){
+            User tokenUser = TokenUtil.getUser();
+            if(tokenUser == null){
+                throw new BizException("请先登录！");
+            }
+            userId = tokenUser.getId();
+        }
+        List<UserRoleRelation> userRoleRelations = userRoleRelationService.queryByUserId(userId);
+        if(CollUtil.isEmpty(userRoleRelations)){
+            throw new BizException("请找管理员设置角色！");
+        }
+        List<Menu> menuList;
+        if(userRoleRelations.stream().anyMatch(item->Constants.GLY_ROLE_ID.equals(item.getRoleId()))){
+            menuList = menuService.queryAllMenu(null, null);
+        }else{
+            Set<RoleMenuRelation> roleMenuRelationSet = new HashSet<>();
+            for (UserRoleRelation userRoleRelation : userRoleRelations) {
+                List<RoleMenuRelation> list = rolMenuRelationService.queryByRoleId(userRoleRelation.getRoleId());
+                roleMenuRelationSet.addAll(list);
+            }
+            List<Long> menuIdsNew = roleMenuRelationSet.stream().map(RoleMenuRelation::getMenuId).collect(Collectors.toList());
+            List<Long> menuIds = new ArrayList<>(new HashSet(menuIdsNew));//利用Set去重多个角色相同的菜单权限
+            if (menuIds == null || menuIds.size() == 0) {
+                throw new BizException("您没有分配菜单，请联系管理员开通！");
+            }
+            menuList = menuService.queryByIds(menuIds);
+        }
+        return menuList.stream().map(Menu::getMenuUrl).collect(Collectors.toList());
+    }
 }

src/main/java/cn/hnthyy/thmz/service/thmz/UserService.java

@@ -72,4 +72,8 @@ public interface UserService {
      * @param: userCode
      **/
     void updatePassword(String userCode);
+
+    String queryPassword(String userCode);
+
+   List<String> getUserRoleUrls(Long userId);
 }

src/main/resources/templates/login.html

@@ -74,7 +74,7 @@
                             </div>
                             <div class="input-group " style="margin-bottom: 5px">
                                 <label class="sr-only" >密码</label>
-                               <input type="text"  autocomplete="off"  name="form-password" placeholder="密码(初始密码为thyy加您的工号,如:thyy1234)" class="form-username form-control  hide-password" id="form-password">
+                               <input type="text"  autocomplete="off"  name="form-password" placeholder="密码" class="form-username form-control  hide-password" id="form-password">
                                 <span id="showOrHidePasswordId" class="input-group-addon" onclick="showOrHidePassword()" style="border: 3px solid #ddd;border-left:none;cursor: pointer"><i class="fa fa-eye"></i></span>
                             </div>
                             <button type="button" id="loginButton" class="btn">登录!</button>