修改后台用户的权限

leromro-admin/src/main/java/com/leromro/web/controller/system/SysUserController.java

@@ -13,6 +13,7 @@ import com.leromro.common.enums.BusinessType;
 import com.leromro.common.utils.SecurityUtils;
 import com.leromro.common.utils.StringUtils;
 import com.leromro.common.utils.poi.ExcelUtil;
+import com.leromro.system.mapper.SysUserRoleMapper;
 import com.leromro.system.service.ISysDeptService;
 import com.leromro.system.service.ISysPostService;
 import com.leromro.system.service.ISysRoleService;
@@ -34,14 +35,13 @@ import java.util.stream.Collectors;
 
 /**
  * 用户信息
- * 
+ *
  * @author ruoyi
  */
 @RestController
 @Api(tags = "用户接口")
 @RequestMapping("/system/user")
-public class SysUserController extends BaseController
-{
+public class SysUserController extends BaseController {
     @Autowired
     private ISysUserService userService;
 
@@ -61,8 +61,7 @@ public class SysUserController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:user:list')")
     @GetMapping("/list")
-    public TableDataInfo<SysUser> list(SysUser user)
-    {
+    public TableDataInfo<SysUser> list(SysUser user) {
         startPage();
         List<SysUser> list = userService.selectUserList(user);
         return getDataTable(list);
@@ -71,29 +70,31 @@ public class SysUserController extends BaseController
 
     @ApiOperation("后台客户列表接口")
     @GetMapping("/userList")
-    public TableDataInfo<SysUser> userList(SysUser user)
-    {
-        startPage();
+    public TableDataInfo<SysUser> userList(SysUser user) {
+
         SysUser sysUser = sysUserServiceImpl.selectUserById(SecurityUtils.getUserId());
         user.setAreaType(sysUser.getAreaType());
         user.setDeptId(SecurityUtils.getDeptId());
+        startPage();
         List<SysUser> list = userService.userList(user);
         return getDataTable(list);
     }
 
     @ApiOperation("小程序端用户信息回显")
     @GetMapping("/userInfo")
-    public R<SysUser> userInfo()
-    {
+    public R<SysUser> userInfo() {
         Long userId = SecurityUtils.getUserId();
         SysUser sysUserInfo = userService.getOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getUserId, userId));
         return R.ok(sysUserInfo);
     }
+
     @ApiOperation("小程序端用户信息修改")
     @PostMapping("/updateUserInfo")
-    public AjaxResult updateUserInfo(SysUser sysUser)
-    {
+    public AjaxResult updateUserInfo(SysUser sysUser) {
         sysUser.setUserId(SecurityUtils.getUserId());
+        if (StringUtils.isNotEmpty(sysUser.getPhonenumber()) && !userService.checkPhoneUnique(sysUser)) {
+            return error("新增用户'" + sysUser.getUserName() + "'失败，手机号码已存在");
+        }
         userService.updateById(sysUser);
         return AjaxResult.success();
     }
@@ -102,8 +103,7 @@ public class SysUserController extends BaseController
     @Log(title = "用户管理", businessType = BusinessType.EXPORT)
     @PreAuthorize("@ss.hasPermi('system:user:export')")
     @PostMapping("/export")
-    public void export(HttpServletResponse response, SysUser user)
-    {
+    public void export(HttpServletResponse response, SysUser user) {
         List<SysUser> list = userService.selectUserList(user);
         ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
         util.exportExcel(response, list, "用户数据");
@@ -112,8 +112,7 @@ public class SysUserController extends BaseController
     @Log(title = "用户管理", businessType = BusinessType.IMPORT)
     @PreAuthorize("@ss.hasPermi('system:user:import')")
     @PostMapping("/importData")
-    public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception
-    {
+    public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception {
         ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
         List<SysUser> userList = util.importExcel(file.getInputStream());
         String operName = getUsername();
@@ -122,8 +121,7 @@ public class SysUserController extends BaseController
     }
 
     @PostMapping("/importTemplate")
-    public void importTemplate(HttpServletResponse response)
-    {
+    public void importTemplate(HttpServletResponse response) {
         ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
         util.importTemplateExcel(response, "用户数据");
     }
@@ -132,23 +130,31 @@ public class SysUserController extends BaseController
      * 根据用户编号获取详细信息
      */
     @PreAuthorize("@ss.hasPermi('system:user:query')")
-    @GetMapping(value = { "/", "/{userId}" })
-    public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
-    {
+    @GetMapping(value = {"/", "/{userId}"})
+    public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) {
         AjaxResult ajax = AjaxResult.success();
-        if (StringUtils.isNotNull(userId))
-        {
+        if (StringUtils.isNotNull(userId)) {
             userService.checkUserDataScope(userId);
             SysUser sysUser = userService.selectUserById(userId);
             ajax.put(AjaxResult.DATA_TAG, sysUser);
             ajax.put("postIds", postService.selectPostListByUserId(userId));
             ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
         }
-        //获取当前用户最大的角色id
         //获取所有的角色id
         List<SysRole> roles = roleService.selectRoleAll();
+        Integer myRolesSort;
+        //获取当前用户最大的角色的sort值
+        if (userId == null){
+            Long userId1 = SecurityUtils.getUserId();
+             myRolesSort = roleService.selectRolesSortByUserId(userId1);
+        }else {
+             myRolesSort = roleService.selectRolesSortByUserId(userId);
+        }
         //只能分配等于或小于自己角色的id
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+            ajax.put("roles", roles.stream()
+                    .filter(role -> role.getRoleSort() >= myRolesSort)
+                    .collect(Collectors.toList()));
+      /*  ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));*/
         ajax.put("posts", postService.selectPostAll());
         return ajax;
     }
@@ -159,23 +165,17 @@ public class SysUserController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:user:add')")
     @Log(title = "用户管理", businessType = BusinessType.INSERT)
     @PostMapping
-    public AjaxResult add(@Validated @RequestBody SysUser user)
-    {
-        if (user.getDeptId() == null){
+    public AjaxResult add(@Validated @RequestBody SysUser user) {
+        if (user.getDeptId() == null) {
             throw new RuntimeException("新增失败，部门为必填项！");
         }
         deptService.checkDeptDataScope(user.getDeptId());
         roleService.checkRoleDataScope(user.getRoleIds());
-        if (!userService.checkUserNameUnique(user))
-        {
+        if (!userService.checkUserNameUnique(user)) {
             return error("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
-        {
+        } else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user)) {
             return error("新增用户'" + user.getUserName() + "'失败，手机号码已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
-        {
+        } else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user)) {
             return error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
         }
         user.setCreateBy(getUsername());
@@ -188,6 +188,7 @@ public class SysUserController extends BaseController
         user.setDistrictCode(sysDept.getDistrictCode());
         user.setDistrictName(sysDept.getDistrictName());
         user.setAreaType(sysDept.getAreaType());
+        user.setDeptId(sysDept.getDeptId());
         return toAjax(userService.insertUser(user));
     }
 
@@ -197,24 +198,27 @@ public class SysUserController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:user:edit')")
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping
-    public AjaxResult edit(@Validated @RequestBody SysUser user)
-    {
+    public AjaxResult edit(@Validated @RequestBody SysUser user) {
         userService.checkUserAllowed(user);
         userService.checkUserDataScope(user.getUserId());
         deptService.checkDeptDataScope(user.getDeptId());
         roleService.checkRoleDataScope(user.getRoleIds());
-        if (!userService.checkUserNameUnique(user))
-        {
+        if (!userService.checkUserNameUnique(user)) {
             return error("修改用户'" + user.getUserName() + "'失败，登录账号已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
-        {
+        } else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user)) {
             return error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
-        }
-        else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
-        {
+        } else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user)) {
             return error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
         }
+        SysDept sysDept = deptService.selectDeptById(user.getDeptId());
+        user.setProvinceCode(sysDept.getProvinceCode());
+        user.setProvinceName(sysDept.getProvinceName());
+        user.setCityCode(sysDept.getCityCode());
+        user.setCityName(sysDept.getCityName());
+        user.setDistrictCode(sysDept.getDistrictCode());
+        user.setDistrictName(sysDept.getDistrictName());
+        user.setAreaType(sysDept.getAreaType());
+        user.setDeptId(sysDept.getDeptId());
         user.setUpdateBy(getUsername());
         return toAjax(userService.updateUser(user));
     }
@@ -225,10 +229,8 @@ public class SysUserController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:user:remove')")
     @Log(title = "用户管理", businessType = BusinessType.DELETE)
     @DeleteMapping("/{userIds}")
-    public AjaxResult remove(@PathVariable Long[] userIds)
-    {
-        if (ArrayUtils.contains(userIds, getUserId()))
-        {
+    public AjaxResult remove(@PathVariable Long[] userIds) {
+        if (ArrayUtils.contains(userIds, getUserId())) {
             return error("当前用户不能删除");
         }
         return toAjax(userService.deleteUserByIds(userIds));
@@ -240,8 +242,7 @@ public class SysUserController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping("/resetPwd")
-    public AjaxResult resetPwd(@RequestBody SysUser user)
-    {
+    public AjaxResult resetPwd(@RequestBody SysUser user) {
         userService.checkUserAllowed(user);
         userService.checkUserDataScope(user.getUserId());
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
@@ -255,8 +256,7 @@ public class SysUserController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:user:edit')")
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping("/changeStatus")
-    public AjaxResult changeStatus(@RequestBody SysUser user)
-    {
+    public AjaxResult changeStatus(@RequestBody SysUser user) {
         userService.checkUserAllowed(user);
         userService.checkUserDataScope(user.getUserId());
         user.setUpdateBy(getUsername());
@@ -268,8 +268,7 @@ public class SysUserController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:user:query')")
     @GetMapping("/authRole/{userId}")
-    public AjaxResult authRole(@PathVariable("userId") Long userId)
-    {
+    public AjaxResult authRole(@PathVariable("userId") Long userId) {
         AjaxResult ajax = AjaxResult.success();
         SysUser user = userService.selectUserById(userId);
         List<SysRole> roles = roleService.selectRolesByUserId(userId);
@@ -284,8 +283,7 @@ public class SysUserController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:user:edit')")
     @Log(title = "用户管理", businessType = BusinessType.GRANT)
     @PutMapping("/authRole")
-    public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
-    {
+    public AjaxResult insertAuthRole(Long userId, Long[] roleIds) {
         userService.checkUserDataScope(userId);
         roleService.checkRoleDataScope(roleIds);
         userService.insertUserAuth(userId, roleIds);
@@ -297,8 +295,7 @@ public class SysUserController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:user:list')")
     @GetMapping("/deptTree")
-    public AjaxResult deptTree(SysDept dept)
-    {
+    public AjaxResult deptTree(SysDept dept) {
         return success(deptService.selectDeptTreeList(dept));
     }
 }

leromro-system/src/main/java/com/leromro/system/mapper/SysUserRoleMapper.java

@@ -59,4 +59,6 @@ public interface SysUserRoleMapper
      * @return 结果
      */
     public int deleteUserRoleInfos(@Param("roleId") Long roleId, @Param("userIds") Long[] userIds);
+
+    Integer selectRolesSortByUserId(Long userId);
 }

leromro-system/src/main/java/com/leromro/system/service/ISysRoleService.java

@@ -170,4 +170,6 @@ public interface ISysRoleService
      * @return 结果
      */
     public int insertAuthUsers(Long roleId, Long[] userIds);
+
+    Integer selectRolesSortByUserId(Long userId);
 }

leromro-system/src/main/java/com/leromro/system/service/impl/SysRoleServiceImpl.java

@@ -424,4 +424,12 @@ public class SysRoleServiceImpl implements ISysRoleService
         }
         return userRoleMapper.batchUserRole(list);
     }
+
+    /**
+     * @return
+     */
+    @Override
+    public Integer selectRolesSortByUserId(Long userId) {
+        return userRoleMapper.selectRolesSortByUserId(userId);
+    }
 }

leromro-system/src/main/resources/mapper/system/SysUserMapper.xml

@@ -165,11 +165,18 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		select user_id, email from sys_user where email = #{email} and del_flag = '0' limit 1
 	</select>
 	<select id="userList" resultType="com.leromro.common.core.domain.entity.SysUser">
-        select * from sys_user
-        <where>
-            del_flag = '0' /*and user_or_worker != 0*/
-			<if test="user.deptId != null and user.deptId != '' and user.areaType='4'">and service_centre_id = #{user.deptId}</if>
-        </where>
+		select * from sys_user
+		<where>
+			del_flag = '0' and  user_open_id IS NOT NULL and user_platform = 0
+			<choose>
+				<when test="user != null and user.deptId != null and user.areaType != null">
+					<choose>
+						<when test='user.areaType == "4"'>and service_centre_id = #{user.deptId}</when>
+					</choose>
+				</when>
+			</choose>
+		</where>
+		order by create_time desc
     </select>
 
     <select id="getUserPointInfo" resultType="com.leromro.system.domain.vo.UserPointInfoVO">
@@ -183,7 +190,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		select * from sys_user
 		<where>
 		    user_open_id is not null and  user_platform = 0 and del_flag = 0
-			<if test="user.deptId != null ">service_centre_id =#{user.deptId}</if>
+			<if test="user.deptId != null ">and service_centre_id = #{user.deptId}</if>
 		</where>
 	</select>
 
@@ -259,6 +266,13 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="updateBy != null and updateBy != ''">update_by = #{updateBy},</if>
  			<if test="remark != null">remark = #{remark},</if>
  		    <if test="userOrWorker != null">user_or_worker = #{userOrWorker},</if>
+ 		    <if test="deptId != null">dept_id = #{deptId},</if>
+ 		    <if test="provinceCode != null">province_code = #{provinceCode},</if>
+ 		    <if test="provinceName != null">province_name = #{provinceName},</if>
+ 		    <if test="cityCode != null">city_code = #{cityCode},</if>
+ 		    <if test="cityName != null">city_name = #{cityName},</if>
+ 		    <if test="districtCode != null">district_code = #{districtCode},</if>
+ 		    <if test="districtName != null">district_name = #{districtName},</if>
  			update_time = sysdate()
  		</set>
  		where user_id = #{userId}

leromro-system/src/main/resources/mapper/system/SysUserRoleMapper.xml

@@ -16,7 +16,11 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	<select id="countUserRoleByRoleId" resultType="Integer">
 	    select count(1) from sys_user_role where role_id=#{roleId}  
 	</select>
-	
+	<select id="selectRolesSortByUserId" resultType="java.lang.Integer" parameterType="java.lang.Long">
+
+		select sr.role_sort from sys_role sr left join sys_user_role sur on sr.role_id = sur.role_id where sur.user_id = #{userId};
+	</select>
+
 	<delete id="deleteUserRole" parameterType="Long">
  		delete from sys_user_role where user_id in
  		<foreach collection="array" item="userId" open="(" separator="," close=")">