package com.example.controller; import com.alibaba.excel.EasyExcel; import com.baomidou.mybatisplus.core.metadata.IPage; import com.example.common.PageResult; import com.example.common.Result; import com.example.entity.User; import com.example.excel.UserImportExcel; import com.example.security.UserContext; import com.example.service.DepartmentService; import com.example.service.UserService; import com.example.utils.Md5Util; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.net.URLEncoder; import java.util.ArrayList; import java.util.List; @RestController @RequestMapping("/api/user") public class UserController { @Autowired private UserService userService; @Autowired private DepartmentService departmentService; @GetMapping("/page") public Result> page( @RequestParam(defaultValue = "1") Long current, @RequestParam(defaultValue = "10") Long size, @RequestParam(required = false) String username, @RequestParam(required = false) String realName, @RequestParam(required = false) String deptCode) { String currentDeptCode = UserContext.getCurrentDeptCode(); List deptCodes = departmentService.getChildDeptCodes(currentDeptCode); IPage page = userService.getUserPage(current, size, username, realName, deptCode, deptCodes); for (User record : page.getRecords()) { record.setDeptName(departmentService.getByDeptCode(record.getDeptCode()).getDeptName()); } return Result.success(new PageResult<>(page.getTotal(), current, size, page.getRecords())); } @GetMapping("/{id}") public Result getById(@PathVariable Long id) { User user = userService.getUserWithDeptById(id); if (user == null) { return Result.error("用户不存在"); } String currentDeptCode = UserContext.getCurrentDeptCode(); List deptCodes = departmentService.getChildDeptCodes(currentDeptCode); if (!deptCodes.contains(user.getDeptCode())) { return Result.error("无权限查看该用户"); } return Result.success(user); } @PostMapping public Result save(@RequestBody User user) { String currentDeptCode = UserContext.getCurrentDeptCode(); List deptCodes = departmentService.getChildDeptCodes(currentDeptCode); if (!deptCodes.contains(user.getDeptCode())) { return Result.error("无权限在该部门创建用户"); } if (userService.checkUsernameExists(user.getUsername())) { return Result.error("用户名已存在"); } if (user.getPassword() != null && !user.getPassword().isEmpty()) { user.setPassword(Md5Util.encrypt(user.getPassword())); } else { user.setPassword(Md5Util.encrypt("123456")); } return Result.success(userService.save(user)); } @PutMapping public Result update(@RequestBody User user) { User existUser = userService.getById(user.getId()); if (existUser == null) { return Result.error("用户不存在"); } String currentDeptCode = UserContext.getCurrentDeptCode(); List deptCodes = departmentService.getChildDeptCodes(currentDeptCode); if (!deptCodes.contains(existUser.getDeptCode())) { return Result.error("无权限修改该用户"); } User checkUser = userService.lambdaQuery().eq(User::getUsername, user.getUsername()).one(); if (checkUser != null && !checkUser.getId().equals(user.getId())) { return Result.error("用户名已存在"); } if (user.getPassword() != null && !user.getPassword().isEmpty()) { user.setPassword(Md5Util.encrypt(user.getPassword())); } else { user.setPassword(null); } return Result.success(userService.updateById(user)); } @DeleteMapping("/{id}") public Result delete(@PathVariable Long id) { User user = userService.getById(id); if (user == null) { return Result.error("用户不存在"); } String currentDeptCode = UserContext.getCurrentDeptCode(); List deptCodes = departmentService.getChildDeptCodes(currentDeptCode); if (!deptCodes.contains(user.getDeptCode())) { return Result.error("无权限删除该用户"); } return Result.success(userService.removeById(id)); } @PostMapping("/import") public Result importUsers(@RequestParam("file") MultipartFile file) { if (file.isEmpty()) { return Result.error("上传文件不能为空"); } String currentDeptCode = UserContext.getCurrentDeptCode(); List deptCodes = departmentService.getChildDeptCodes(currentDeptCode); String result = userService.importUsers(file, deptCodes); if (result.startsWith("成功")) { return Result.success(result); } else { return Result.error(result); } } @GetMapping("/template") public void downloadTemplate(HttpServletResponse response) throws IOException { response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"); response.setCharacterEncoding("utf-8"); String fileName = URLEncoder.encode("用户导入模版", "UTF-8").replaceAll("\\+", "%20"); response.setHeader("Content-disposition", "attachment;filename*=utf-8''" + fileName + ".xlsx"); List templateData = new ArrayList<>(); UserImportExcel example = new UserImportExcel(); example.setUsername("zhangsan"); example.setRealName("张三"); example.setEmail("zhangsan@example.com"); example.setPhone("13800138001"); example.setDeptCode("1001"); templateData.add(example); EasyExcel.write(response.getOutputStream(), UserImportExcel.class) .sheet("用户导入模版") .doWrite(templateData); } @PostMapping("/change-password") public Result changePassword(@RequestBody ChangePasswordRequest request) { Long currentUserId = UserContext.getCurrentUserId(); if (currentUserId == null) { return Result.error("用户未登录"); } boolean success = userService.changePassword(currentUserId, request.getOldPassword(), request.getNewPassword()); if (success) { return Result.success(true); } else { return Result.error("原密码错误"); } } static class ChangePasswordRequest { private String oldPassword; private String newPassword; public String getOldPassword() { return oldPassword; } public void setOldPassword(String oldPassword) { this.oldPassword = oldPassword; } public String getNewPassword() { return newPassword; } public void setNewPassword(String newPassword) { this.newPassword = newPassword; } } }