[ADD]实现管理员管理

wangfengcool · Oct 17, 2017 · 7bd2c0f · 7bd2c0f
1 parent 7a3a342
commit 7bd2c0f
Show file tree

Hide file tree

Showing 38 changed files with 3,538 additions and 1,671 deletions.
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # XMall
 ### 基于SOA架构的分布式购物电商商城
-- [x] 后台管理系统：管理商品、订单、类目、商品规格属性、用户管理、权限管理以及内容管理等功能
+- [x] 后台管理系统：管理商品、订单、类目、商品规格属性、用户管理、权限管理以及内容管理等功能 //TODO 系统统计
 - [x] 前台系统：用户可以在前台系统中进行注册、登录、浏览商品、首页、下单等操作
 - [x] 会员系统：用户可以在该系统中查询已下的订单、管理订单、我的优惠券等信息
 - [x] 订单系统：提供下单、查询订单、修改订单状态、定时处理订单

diff --git a/dependency/xmall.sql b/dependency/xmall.sql
diff --git a/study/Linux.md b/study/Linux.md
@@ -24,4 +24,5 @@
 　　-aux 显示所有状态
 
 - 终止进程 `kill -9 [PID]`
+- Tomcat查看日志 `cd logs   tail -f catalina.out`
 
diff --git a/xmall-content/xmall-content-service/src/main/resources/spring/applicationContext-service.xml b/xmall-content/xmall-content-service/src/main/resources/spring/applicationContext-service.xml
@@ -18,7 +18,7 @@
     <!-- 用dubbo协议在20880端口暴露服务 -->
     <dubbo:protocol name="dubbo" port="20881" />
     <!-- 声明需要暴露的服务接口 -->
-    <dubbo:service interface="cn.exrick.content.service.ContentCatService" ref="contentCatServiceImpl" timeout="5000"/>
+    <dubbo:service interface="cn.exrick.content.service.ContentCatService" ref="contentCatServiceImpl" timeout="10000"/>
     <dubbo:service interface="cn.exrick.content.service.ContentService" ref="contentServiceImpl" timeout="10000"/>
-    <dubbo:service interface="cn.exrick.content.service.ContentImageService" ref="contentImageServiceImpl" timeout="5000"/>
+    <dubbo:service interface="cn.exrick.content.service.ContentImageService" ref="contentImageServiceImpl" timeout="10000"/>
 </beans>
diff --git a/xmall-front-web/src/main/java/cn/exrick/front/swagger/Swagger2Config.java b/xmall-front-web/src/main/java/cn/exrick/front/swagger/Swagger2Config.java
@@ -40,8 +40,8 @@ private ApiInfo apiInfo() {
         return new ApiInfoBuilder()
                 .title("XMall Api Documentation")
                 .description("XMall商城前台API接口文档")
-                .termsOfServiceUrl("http://www.exrick.cn")
-                .contact(new Contact("Exrick", "http://www.exrick.cn", "1012139570@qq.com"))
+                .termsOfServiceUrl("http://blog.exrick.cn")
+                .contact(new Contact("Exrick", "http://blog.exrick.cn", "1012139570@qq.com"))
                 .version("1.0.0")
                 .build();
     }

diff --git a/xmall-manager-web/src/main/java/cn/exrick/manager/controller/UserController.java b/xmall-manager-web/src/main/java/cn/exrick/manager/controller/UserController.java
@@ -1,7 +1,11 @@
 package cn.exrick.manager.controller;
 
+import cn.exrick.common.pojo.DataTablesResult;
 import cn.exrick.common.pojo.Result;
 import cn.exrick.common.utils.ResultUtil;
+import cn.exrick.manager.dto.RoleDto;
+import cn.exrick.manager.pojo.TbPermission;
+import cn.exrick.manager.pojo.TbRole;
 import cn.exrick.manager.pojo.TbUser;
 import cn.exrick.manager.service.UserService;
 import io.swagger.annotations.Api;
@@ -15,6 +19,8 @@
 import org.springframework.util.DigestUtils;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+
 @RestController
 @Api(description= "管理员管理")
 public class UserController {
@@ -52,12 +58,208 @@ public Result<Object> logout(){
     }
 
     @RequestMapping(value = "/user/userInfo",method = RequestMethod.GET)
-    @ApiOperation(value = "获得登录用户信息")
+    @ApiOperation(value = "获取登录用户信息")
     public Result<TbUser> getUserInfo(){
 
         String username= SecurityUtils.getSubject().getPrincipal().toString();
         TbUser tbUser=userService.getUserByUsername(username);
         tbUser.setPassword(null);
         return new ResultUtil<TbUser>().setData(tbUser);
     }
+
+    @RequestMapping(value = "/user/roleList",method = RequestMethod.GET)
+    @ApiOperation(value = "获取角色列表")
+    public DataTablesResult getRoleList(){
+
+        DataTablesResult result=userService.getRoleList();
+        return result;
+    }
+
+    @RequestMapping(value = "/user/getAllRoles",method = RequestMethod.GET)
+    @ApiOperation(value = "获取所有角色")
+    public Result<List<TbRole>> getAllRoles(){
+
+        List<TbRole> list=userService.getAllRoles();
+        return new ResultUtil<List<TbRole>>().setData(list);
+    }
+
+    @RequestMapping(value = "/user/addRole",method = RequestMethod.POST)
+    @ApiOperation(value = "添加角色")
+    public Result<Object> addRole(){
+
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/updateRole",method = RequestMethod.POST)
+    @ApiOperation(value = "更新角色")
+    public Result<Object> updateRole(){
+
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/delRole/{id}",method = RequestMethod.DELETE)
+    @ApiOperation(value = "删除角色")
+    public Result<Object> delRole(@PathVariable int id){
+
+        int result=userService.deleteRole(id);
+        if(result==1){
+            return new ResultUtil<Object>().setData(null);
+        }else {
+            return new ResultUtil<Object>().setErrorMsg("该角色被使用中，不能删除！");
+        }
+    }
+
+    @RequestMapping(value = "/user/roleCount",method = RequestMethod.GET)
+    @ApiOperation(value = "统计角色数")
+    public Result<Object> getRoleCount(){
+
+        Long result=userService.countRole();
+        return new ResultUtil<Object>().setData(result);
+    }
+
+    @RequestMapping(value = "/user/permissionList",method = RequestMethod.GET)
+    @ApiOperation(value = "获取权限列表")
+    public DataTablesResult getPermissionList(){
+
+        DataTablesResult result=userService.getPermissionList();
+        return result;
+    }
+
+    @RequestMapping(value = "/user/addPermission",method = RequestMethod.POST)
+    @ApiOperation(value = "添加权限")
+    public Result<Object> addPermission(@ModelAttribute TbPermission tbPermission){
+
+        userService.addPermission(tbPermission);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/updatePermission",method = RequestMethod.POST)
+    @ApiOperation(value = "更新权限")
+    public Result<Object> updatePermission(@ModelAttribute TbPermission tbPermission){
+
+        userService.updatePermission(tbPermission);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/delPermission/{id}",method = RequestMethod.DELETE)
+    @ApiOperation(value = "删除权限")
+    public Result<Object> delPermission(@PathVariable int id){
+
+        userService.deletePermission(id);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/permissionCount",method = RequestMethod.GET)
+    @ApiOperation(value = "统计权限数")
+    public Result<Object> getPermissionCount(){
+
+        Long result=userService.countPermission();
+        return new ResultUtil<Object>().setData(result);
+    }
+
+    @RequestMapping(value = "/user/userList",method = RequestMethod.GET)
+    @ApiOperation(value = "获取用户列表")
+    public DataTablesResult getUserList(){
+
+        DataTablesResult result=userService.getUserList();
+        return result;
+    }
+
+    @RequestMapping(value = "/user/username",method = RequestMethod.GET)
+    @ApiOperation(value = "判断用户名是否存在")
+    public boolean getUserByName(String username){
+
+        return userService.getUserByName(username);
+    }
+
+    @RequestMapping(value = "/user/phone",method = RequestMethod.GET)
+    @ApiOperation(value = "判断手机是否存在")
+    public boolean getUserByPhone(String phone){
+
+        return userService.getUserByPhone(phone);
+    }
+
+    @RequestMapping(value = "/user/email",method = RequestMethod.GET)
+    @ApiOperation(value = "判断邮箱是否存在")
+    public boolean getUserByEmail(String email){
+
+        return userService.getUserByEmail(email);
+    }
+
+    @RequestMapping(value = "/user/addUser",method = RequestMethod.POST)
+    @ApiOperation(value = "添加用户")
+    public Result<Object> addUser(@ModelAttribute TbUser tbUser){
+
+        userService.addUser(tbUser);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/updateUser",method = RequestMethod.POST)
+    @ApiOperation(value = "更新用户")
+    public Result<Object> updateUser(@ModelAttribute TbUser tbUser){
+
+        userService.updateUser(tbUser);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/edit/username/{id}",method = RequestMethod.GET)
+    @ApiOperation(value = "判断编辑用户名是否存在")
+    public boolean getUserByEditName(@PathVariable Long id, String username){
+
+        return userService.getUserByEditName(id,username);
+    }
+
+    @RequestMapping(value = "/user/edit/phone/{id}",method = RequestMethod.GET)
+    @ApiOperation(value = "判断编辑手机是否存在")
+    public boolean getUserByEditPhone(@PathVariable Long id, String phone){
+
+        return userService.getUserByEditPhone(id,phone);
+    }
+
+    @RequestMapping(value = "/user/edit/email/{id}",method = RequestMethod.GET)
+    @ApiOperation(value = "判断编辑用户名是否存在")
+    public boolean getUserByEditEmail(@PathVariable Long id, String email){
+
+        return userService.getUserByEditEmail(id,email);
+    }
+
+    @RequestMapping(value = "/user/stop/{id}",method = RequestMethod.PUT)
+    @ApiOperation(value = "停用用户")
+    public Result<Object> stopUser(@PathVariable Long id){
+
+        userService.changeUserState(id,0);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/start/{id}",method = RequestMethod.PUT)
+    @ApiOperation(value = "启用用户")
+    public Result<Object> startUser(@PathVariable Long id){
+
+        userService.changeUserState(id,1);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/changePass",method = RequestMethod.POST)
+    @ApiOperation(value = "修改用户密码")
+    public Result<Object> changePass(@ModelAttribute TbUser tbUser){
+
+        userService.changePassword(tbUser);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/delUser/{id}",method = RequestMethod.DELETE)
+    @ApiOperation(value = "删除用户")
+    public Result<Object> delUser(@PathVariable Long id){
+
+        userService.deleteUser(id);
+        return new ResultUtil<Object>().setData(null);
+    }
+
+    @RequestMapping(value = "/user/userCount",method = RequestMethod.GET)
+    @ApiOperation(value = "统计用户数")
+    public Result<Object> getUserCount(){
+
+        Long result=userService.countUser();
+        return new ResultUtil<Object>().setData(result);
+    }
 }
diff --git a/xmall-manager-web/src/main/java/cn/exrick/manager/shiro/FilterUtil.java b/xmall-manager-web/src/main/java/cn/exrick/manager/shiro/FilterUtil.java
@@ -0,0 +1,51 @@
+package cn.exrick.manager.shiro;
+
+import com.google.gson.Gson;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import java.io.PrintWriter;
+import java.util.Map;
+
+public class FilterUtil {
+
+    private static final Logger log= LoggerFactory.getLogger(FilterUtil.class);
+
+    /**
+     * 是否是Ajax请求
+     * @param request
+     * @return
+     */
+    public static boolean isAjax(ServletRequest request){
+        String header = ((HttpServletRequest) request).getHeader("X-Requested-With");
+        if("XMLHttpRequest".equalsIgnoreCase(header)){
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     *  使用response输出JSON
+     * @param response
+     * @param resultMap
+     */
+    public static void out(ServletResponse response, Map<String, Object> resultMap){
+        PrintWriter out = null;
+        try {
+            response.setCharacterEncoding("UTF-8");
+            response.setContentType("application/json");
+            out = response.getWriter();
+            out.println(new Gson().toJson(resultMap));
+        } catch (Exception e) {
+            log.error(e + "输出JSON出错");
+        }finally{
+            if(out!=null){
+                out.flush();
+                out.close();
+            }
+        }
+    }
+}
diff --git a/xmall-manager-web/src/main/java/cn/exrick/manager/shiro/MyPermissionFilter.java b/xmall-manager-web/src/main/java/cn/exrick/manager/shiro/MyPermissionFilter.java
@@ -0,0 +1,61 @@
+package cn.exrick.manager.shiro;
+
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.web.filter.authz.AuthorizationFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import java.util.HashMap;
+import java.util.Map;
+
+public class MyPermissionFilter extends AuthorizationFilter {
+
+    private static final Logger log= LoggerFactory.getLogger(MyPermissionFilter.class);
+
+    @Override
+    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object o) throws Exception {
+
+        Subject subject = this.getSubject(request, response);
+        String[] perms = (String[]) ((String[]) o);
+        boolean isPermitted = true;
+
+        if (subject.getPrincipal() == null) {
+            if(FilterUtil.isAjax(request)){
+                log.info("未登录或登录时间过长,是ajax！");
+                Map<String, Object> resultMap = new HashMap<String, Object>();
+                resultMap.put("success", false);
+                resultMap.put("message", "您还未登录或登录时间过长,请重新登录！");
+                FilterUtil.out(response, resultMap);
+            }else{
+                log.info("未登录或登录时间过长,不是ajax！");
+                this.saveRequestAndRedirectToLogin(request, response);
+            }
+            //isPermitted = false;
+        } else {
+            if (perms != null && perms.length > 0) {
+                if (perms.length == 1) {
+                    if (!subject.isPermitted(perms[0])) {
+                        isPermitted = false;
+                    }
+                } else if (!subject.isPermittedAll(perms)) {
+                    isPermitted = false;
+                }
+            }
+            if (!isPermitted) {
+                if (FilterUtil.isAjax(request)) {
+                    log.info("没有该权限，并且是Ajax请求");
+                    Map<String, Object> resultMap = new HashMap<String, Object>();
+                    resultMap.put("success", false);
+                    resultMap.put("message", "抱歉，您没有该权限！看就看，你点它干什么...");
+                    FilterUtil.out(response, resultMap);
+                } else {
+                    return isPermitted;
+                }
+            }
+        }
+        return isPermitted;
+    }
+
+}
diff --git a/xmall-manager-web/src/main/java/cn/exrick/manager/shiro/MyRealm.java b/xmall-manager-web/src/main/java/cn/exrick/manager/shiro/MyRealm.java
@@ -34,10 +34,10 @@ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal
         SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
         //获得授权角色
         authorizationInfo.setRoles(userService.getRoles(username));
-        log.info(authorizationInfo.getRoles().toString()+"====================");
+        log.info(authorizationInfo.getRoles().toString());
         //获得授权权限
         authorizationInfo.setStringPermissions(userService.getPermissions(username));
-        log.info(authorizationInfo.getStringPermissions().toString()+"=======================");
+        log.info(authorizationInfo.getStringPermissions().toString());
         return authorizationInfo;
     }