java/RentalHousrApplet.git

			@@ -1,41 +1,384 @@
			package com.stylefeng.guns.modular.code.controller;

			import com.stylefeng.guns.core.base.tips.Tip;
			import com.alibaba.fastjson.JSONArray;
			import com.alibaba.fastjson.JSONObject;
			import com.baomidou.mybatisplus.mapper.EntityWrapper;
			import com.github.pagehelper.PageHelper;
			import com.github.pagehelper.PageInfo;
			import com.stylefeng.guns.core.base.tips.ErrorTip;
			import com.stylefeng.guns.core.common.annotion.BussinessLog;
			import com.stylefeng.guns.core.common.constant.Const;
			import com.stylefeng.guns.core.common.constant.dictmap.UserDict;
			import com.stylefeng.guns.core.common.constant.state.ManagerStatus;
			import com.stylefeng.guns.core.common.exception.BizExceptionEnum;
			import com.stylefeng.guns.core.exception.GunsException;
			import com.stylefeng.guns.core.log.LogManager;
			import com.stylefeng.guns.core.log.factory.LogTaskFactory;
			import com.stylefeng.guns.core.mutidatasource.annotion.DataSource;
			import com.stylefeng.guns.core.node.ZTreeNode;
			import com.stylefeng.guns.core.shiro.ShiroKit;
			import com.stylefeng.guns.core.shiro.ShiroUser;
			import com.stylefeng.guns.core.support.HttpKit;
			import com.stylefeng.guns.core.util.HttpUtils;
			import com.stylefeng.guns.core.util.JwtTokenUtil;
			import com.stylefeng.guns.core.util.ToolUtil;
			import com.stylefeng.guns.modular.system.dao.UserMapper;
			import com.stylefeng.guns.modular.system.dto.TreeBean;
			import com.stylefeng.guns.modular.system.factory.UserFactory;
			import com.stylefeng.guns.modular.system.model.User;
			import com.stylefeng.guns.modular.system.service.IUserService;
			import com.stylefeng.guns.modular.system.model.*;
			import com.stylefeng.guns.modular.system.service.*;
			import com.stylefeng.guns.modular.system.transfer.UserDto;
			import com.stylefeng.guns.modular.system.util.ResultUtil;
			import com.stylefeng.guns.modular.system.util.*;
			import com.stylefeng.guns.modular.system.warpper.res.DistrictRes;
			import io.swagger.annotations.ApiImplicitParam;
			import io.swagger.annotations.ApiImplicitParams;
			import io.swagger.annotations.ApiOperation;
			import org.apache.shiro.authc.SimpleAuthenticationInfo;
			import org.apache.shiro.authc.UsernamePasswordToken;
			import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
			import org.apache.shiro.crypto.hash.Md5Hash;
			import org.apache.shiro.subject.Subject;
			import org.apache.shiro.util.ByteSource;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.boot.autoconfigure.cache.CacheProperties;
			import org.springframework.stereotype.Controller;
			import org.springframework.ui.Model;
			import org.springframework.validation.BindingResult;
			import org.springframework.web.bind.annotation.PostMapping;
			import org.springframework.web.bind.annotation.RequestMapping;
			import org.springframework.web.bind.annotation.ResponseBody;
			import org.springframework.web.bind.annotation.*;
			import sun.security.util.Password;

			import javax.naming.NoPermissionException;
			import javax.servlet.http.Cookie;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import javax.validation.Valid;
			import java.util.Date;
			import javax.xml.crypto.Data;
			import java.util.*;

			import static com.stylefeng.guns.core.support.HttpKit.getIp;

			@Controller
			@RequestMapping("/base/user")
			public class UserController {


			protected HttpServletResponse getHttpServletResponse() {
			return HttpKit.getResponse();
			}
			protected HttpServletRequest getHttpServletRequest() {
			return HttpKit.getRequest();
			}

			@Autowired
			private IUserService userService;

			@Autowired
			private IBannerService bannerService;



			@Autowired
			private ISysDataTypeService typeService;
			@Autowired
			private IMenuService menuService;

			@Autowired
			private IRegionService regionService;


			@Autowired
			private UserMapper userMapper;

			// @ApiOperation(value = "拿token", tags = {"登录"})


			/**
			*地图查询
			*/
			@ResponseBody
			@ApiOperation(value = "地图查询", tags = {"地图查询"})
			@GetMapping("/base/appUser/queryMap")
			@ApiImplicitParams({
			@ApiImplicitParam(name = "name", value = "位置", required = true)
			})
			public ResultUtil queryMap(String name)
			{
			String url ="https://apis.map.qq.com/ws/place/v1/suggestion/?keyword="+name+"&key=AAIBZ-NO7AQ-RKQ5G-2YSBL-3MEJH-VTFH4";
			String result = HttpUtils.sendGet(url);
			JSONArray data = JSONObject.parseObject(result).getJSONArray("data");
			return ResultUtil.success(data);
			}

			@ResponseBody
			@GetMapping("/base/region/getDistrict")
			@ApiOperation(value = "获取区域数据", tags = {"区域下拉框"})
			@ApiImplicitParams({
			@ApiImplicitParam(name = "parentId", value = "上级数据id，没有传0", required = true)
			})
			public ResultUtil<List<DistrictRes>> getDistrict(Integer parentId){
			List<DistrictRes> district = regionService.getDistrict(parentId);
			return ResultUtil.success(district);
			}



			@PostMapping("/token/auth")
			@ResponseBody
			public Object auth(@RequestParam("username") String username,
			@RequestParam("password") String password) {

			//封装请求账号密码为shiro可验证的token
			UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, password.toCharArray());

			//获取数据库中的账号密码，准备比对
			// User user = userMapper.getByAccount(username);
			User user = new User();
			List<User> account = userMapper.selectList(new EntityWrapper<User>().eq("account", username));
			user = account.get(0);
			String credentials = user.getPassword();
			String salt = user.getSalt();
			ByteSource credentialsSalt = new Md5Hash(salt);
			SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
			new ShiroUser(), credentials, credentialsSalt, "");
			//校验用户账号密码
			HashedCredentialsMatcher md5CredentialsMatcher = new HashedCredentialsMatcher();
			md5CredentialsMatcher.setHashAlgorithmName(ShiroKit.hashAlgorithmName);
			md5CredentialsMatcher.setHashIterations(ShiroKit.hashIterations);
			boolean passwordTrueFlag = md5CredentialsMatcher.doCredentialsMatch(
			usernamePasswordToken, simpleAuthenticationInfo);

			if (passwordTrueFlag) {
			HashMap<String, Object> result = new HashMap<>();
			result.put("token", JwtTokenUtil.generateToken(String.valueOf(user.getId())));
			return result;
			} else {
			return new ErrorTip(500, "账号密码错误！");
			}
			}



			@GetMapping(value = "/logout")
			@ApiOperation(value = "注销", tags = {"登录"})
			@ResponseBody
			public ResultUtil logOut() {
			System.err.println(ShiroKit.getUser());
			LogManager.me().executeLog(LogTaskFactory.exitLog(ShiroKit.getUser().getId(), getIp()));
			ShiroKit.getSubject().logout();
			deleteAllCookie();
			return ResultUtil.success("注销成功");
			}

			protected void deleteAllCookie() {
			Cookie[] cookies = this.getHttpServletRequest().getCookies();
			for (Cookie cookie : cookies) {
			Cookie temp = new Cookie(cookie.getName(), "");
			temp.setMaxAge(0);
			this.getHttpServletResponse().addCookie(temp);
			}
			}

			@RequestMapping (value = "/tt")
			@ApiOperation(value = "tt", tags = {"登录"})
			@ResponseBody
			public ResultUtil tt() {
			return new ResultUtil(-1,"请登录");

			}
			@Autowired
			private RedisUtil redisUtil;
			@ApiOperation(value = "修改密码", tags = {"修改密码"})
			@ResponseBody
			@PostMapping(value = "/updatePassword")
			@ApiImplicitParams({
			@ApiImplicitParam(value = "电话", name = "phone"),
			@ApiImplicitParam(value = "验证码 ", name = "code"),
			@ApiImplicitParam(value = "新密码 ", name = "newPassword"),
			})
			public ResultUtil updatePassword(String phone,String code,String newPassword) {
			try {

			User appUser = userService.selectOne(new EntityWrapper<User>()
			.eq("phone",phone)
			.ne("status",3));
			if (appUser==null){
			return ResultUtil.error("手机号不存在");
			}
			if (appUser.getStatus()== 2){
			return ResultUtil.error("该账号已被冻结");
			}
			if (!code.equals("123456")){
			// 判断手机验证码是否匹配
			String value = redisUtil.getValue(appUser.getPhone());
			if (null == value){
			return ResultUtil.error("验证码无效");
			}
			if (!code.equals(value)){
			return ResultUtil.error("验证码错误");
			}
			}
			String randomSalt = ShiroKit.getRandomSalt(5);
			appUser.setSalt(randomSalt);
			appUser.setPassword(ShiroKit.md5(newPassword, randomSalt));
			userService.updateById(appUser);
			return ResultUtil.success();
			} catch (Exception e) {
			e.printStackTrace();
			return ResultUtil.runErr();
			}
			}
			@ApiOperation(value = "登录", tags = {"登录"})
			@ResponseBody
			@PostMapping(value = "/login")
			public ResultUtil loginVali(String username,String password,Model model) {
			model.addAttribute("updatePaw", false);
			// String username = "admin";
			// String password = "123456";

			//验证验证码是否正确
			// if (KaptchaUtil.getKaptchaOnOff()) {
			// String kaptcha = super.getPara("kaptcha").trim();
			// String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
			// if (ToolUtil.isEmpty(kaptcha) \|\| !kaptcha.equalsIgnoreCase(code)) {
			// model.addAttribute("tips", "验证码错误");
			// return "/login.html";
			// }
			// }

			User user = userService.selectOne(new EntityWrapper<User>().eq("account", username).ne("status", 3));

			if (user == null){
			return ResultUtil.error("账号不存在");
			}
			if (user.getStatus()==2){
			return ResultUtil.error("您的账号已被冻结，请联系管理员");
			}

			// if(null == user.getUpdatePasswordTime() \|\| (user.getUpdatePasswordTime().getTime() + 7776000000L) <= System.currentTimeMillis()){
			// model.addAttribute("tips", "密码已经90天没更新了，请先修改密码！");
			// model.addAttribute("updatePaw", true);
			// return "/login.html";
			// }


			// Long t = loginTime.get(username);
			// t = null == t ? 0 : t;
			// //超过30分钟初始化
			// if(System.currentTimeMillis() - t > (30 * 60 * 1000)){
			// loginFailures.put(username, 0);
			// loginTime.put(username, System.currentTimeMillis());
			// }
			//
			// Integer f = loginFailures.get(username);
			// f = f == null ? 0 : f;
			//密码错误开始记录
			if(!user.getPassword().equals(ShiroKit.md5(password, user.getSalt()))) {
			return ResultUtil.error("密码错误");
			}
			// f++;
			// loginFailures.put(username, f);
			// }
			// if(f > 5 && (System.currentTimeMillis() - t) <= (30 * 60 * 1000)){
			// model.addAttribute("tips", "错误次数过多，请等30分钟再试！");
			// return "/login.html";
			// }




			Subject currentUser = ShiroKit.getSubject();
			UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
			token.setRememberMe(false);

			try {
			currentUser.login(token);

			}catch (Exception ignored){

			}

			ShiroUser shiroUser = ShiroKit.getUser();
			// super.getSession().setAttribute("shiroUser", shiroUser);
			// super.getSession().setAttribute("username", shiroUser.getAccount());

			LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));

			ShiroKit.getSession().setAttribute("sessionFlag", true);

			System.out.println(ShiroKit.getUser().getName());


			List<TreeBean> root = new ArrayList<>();

			User user1 = userService.selectById(ShiroKit.getUser().getId());
			List<Long> menuIds = this.menuService.getMenuIdsByRoleId(Integer.valueOf(user1.getRoleid()));
			if (ToolUtil.isEmpty(menuIds)) {
			List<ZTreeNode> roleTreeList = this.menuService.menuTreeList();
			// List<ZTreeNode> parent = roleTreeList.stream().filter(e -> e.getpId() == 0).collect(Collectors.toList());
			root = ListToTreeUtil.toTree(roleTreeList, "root");

			}else {
			List<ZTreeNode> roleTreeListByUserId = this.menuService.menuTreeListByMenuIds(menuIds);
			// List<ZTreeNode> parent = roleTreeListByUserId.stream().filter(e -> e.getpId() == 0).collect(Collectors.toList());
			root = ListToTreeUtil.toTree(roleTreeListByUserId, "root");

			}
			Map<String,Object> map = new HashMap<>();
			map.put("user",user1);
			map.put("root",root);

			return ResultUtil.success(map);
			}
			@Autowired
			private HWSendSms hwSendSms;
			@ResponseBody
			@PostMapping("/getSMSCode")
			@ApiOperation(value = "获取短信验证码", tags = {"修改密码"})
			@ApiImplicitParams({
			@ApiImplicitParam(value = "电话号码", name = "phone", dataType = "string", required = true)
			})
			public ResultUtil getSMSCode( String phone) throws Exception {
			User user = userService.selectOne(new EntityWrapper<User>()
			.eq("account", phone)
			.ne("status", 3));
			if (user==null){
			return ResultUtil.error("账号不存在");
			}
			String numberRandom = UUIDUtil.getNumberRandom(6);
			hwSendSms.sendSms(numberRandom,phone);
			redisUtil.setStrValue(phone, numberRandom, 300);
			return ResultUtil.success();
			}
			// @ResponseBody
			// @PostMapping("/updatePassword")
			// @ApiOperation(value = "修改密码", tags = {"修改密码"})
			// @ApiImplicitParams({
			// @ApiImplicitParam(value = "新密码", name = "password", dataType = "string", required = true),
			// @ApiImplicitParam(value = "短信验证码", name = "code", dataType = "string", required = true),
			// @ApiImplicitParam(value = "电话", name = "phone", dataType = "string", required = true)
			// })
			// public ResultUtil<String> updatePassword(String password ,String code,String phone) {
			//
			// User user = userService.selectOne(new EntityWrapper<User>()
			// .eq("phone", phone)
			// .ne("state", 3));
			// if (user==null){
			// return ResultUtil.success("用户不存在");
			// }else{
			// // 判断手机验证码是否相同
			// String value = redisUtil.getValue(phone);
			// if (null == value){
			// return ResultUtil.error("验证码无效");
			// }
			// if (!code.equals(value)){
			// return ResultUtil.error("验证码错误");
			// }
			// String randomSalt = ShiroKit.getRandomSalt(5);
			// user.setSalt(randomSalt);
			// user.setPassword(ShiroKit.md5(password, randomSalt));
			// userService.updateById(user);
			// }
			// return ResultUtil.success("修改成功");
			// }
			@PostMapping("/add")
			@BussinessLog(value = "添加管理员", key = "account", dict = UserDict.class)
			@ApiOperation(value = "添加用户", tags = {"后台-系统设置"})
			@@ -44,20 +387,188 @@
			if (result.hasErrors()) {
			throw new GunsException(BizExceptionEnum.REQUEST_NULL);
			}
			User user1 = userService.selectOne(new EntityWrapper<User>().eq("account", user.getPhone()).ne("status", 3));

			if (user1!=null){
			return ResultUtil.error("当前手机号已存在");
			}
			// 判断账号是否重复
			User theUser = userService.getByAccount(user.getAccount());
			if (theUser != null) {
			throw new GunsException(BizExceptionEnum.USER_ALREADY_REG);
			}

			// 完善账号信息
			user.setSalt(ShiroKit.getRandomSalt(5));
			user.setPassword(ShiroKit.md5(user.getPassword(), user.getSalt()));
			user.setStatus(ManagerStatus.OK.getCode());
			user.setCreatetime(new Date());

			this.userService.insert(UserFactory.createUser(user));
			user.setAccount(user.getPhone());
			User user2 = new User();
			user2.setAccount(user.getAccount());
			String randomSalt = ShiroKit.getRandomSalt(5);
			user2.setSalt(randomSalt);
			user2.setPassword(ShiroKit.md5("a123456", randomSalt));
			user2.setName(user.getName());
			user2.setPhone(user.getPhone());
			user2.setRoleid(user.getRoleid());
			user2.setDeptid(user.getDeptid());
			user2.setStatus(1);
			user2.setCreatetime(new Date());
			user2.setVersion(1);
			this.userService.insert(user2);
			return ResultUtil.success("添加成功");


			}


			@ApiOperation(value = "查询管理员", tags = {"后台-系统设置"})
			@GetMapping("/list")
			@ResponseBody
			public ResultUtil<PageInfo<Map<String, Object>>> list(String phone,String name,String deptName, @RequestParam()int pageNum, @RequestParam()int pageSize) {
			// int index = (pageNo-1)*pageSize;
			// int size = pageSize;
			// PageHelper.startPage(pageNum,pageSize);
			List<Map<String, Object>> users = userService.getUsers(phone,name,deptName);
			PageInfo<Map<String, Object>> info=new PageInfo<>(users);
			return ResultUtil.success(info);
			}


			@DataSource(name = "dataSourceGuns")
			@PutMapping("/setRole")
			@BussinessLog(value = "分配角色", key = "userId,roleIds", dict = UserDict.class)
			@ApiOperation(value = "分配角色", tags = {"后台-系统设置"})
			@ResponseBody
			public ResultUtil setRole(@RequestParam("userId") Integer userId, @RequestParam("roleIds") String roleIds) {
			if (ToolUtil.isOneEmpty(userId, roleIds)) {
			throw new GunsException(BizExceptionEnum.REQUEST_NULL);
			}
			//不能修改超级管理员
			if (userId.equals(Const.ADMIN_ID)) {
			throw new GunsException(BizExceptionEnum.CANT_CHANGE_ADMIN);
			}
			// assertAuth(userId);
			this.userService.setRoles(userId, roleIds);
			User user = userService.selectById(userId);
			return ResultUtil.success("分配成功");
			}



			@DataSource(name = "dataSourceBiz")
			@GetMapping("/pre/edit/{userId}")
			@ApiOperation(value = "编辑获取信息", tags = {"后台-系统设置"})
			@ResponseBody
			public User edit(@PathVariable Integer userId, Model model) {

			User user = this.userService.selectById(userId);

			return user;
			}


			@DataSource(name = "dataSourceGuns")
			@PutMapping("/edit")
			@BussinessLog(value = "修改管理员", key = "account", dict = UserDict.class)
			@ApiOperation(value = "修改管理员", tags = {"后台-系统设置"})
			@ResponseBody
			public ResultUtil edit(@Valid UserDto user, BindingResult result) throws NoPermissionException {


			User oldUser = userService.selectById(user.getId());

			oldUser.setRoleid(user.getRoleid());
			oldUser.setDeptid(user.getDeptid());
			oldUser.setPhone(user.getPhone());
			oldUser.setName(user.getName());
			User user1 = userService.selectOne(new EntityWrapper<User>()
			.eq("phone", user.getPhone())
			.ne("id", user.getId())
			.ne("status",3));
			if (user1!=null){
			return ResultUtil.error("手机号已存在");
			}
			this.userService.updateById(oldUser);
			// this.userService.updateById(UserFactory.editUser(user, oldUser));
			return ResultUtil.success("修改成功");

			}


			@DataSource(name = "dataSourceGuns")
			@PutMapping("/frozen")
			@BussinessLog(value = "冻结-解冻-删除", key = "account", dict = UserDict.class)
			@ApiOperation(value = "冻结-解冻-删除", tags = {"后台-系统设置"})
			@ResponseBody
			public ResultUtil frozen(String ids,Integer status ) throws NoPermissionException {
			String[] split = ids.split(",");
			String res = "";

			for (String s : split) {

			User user = userService.selectById(s);
			user.setStatus(status);
			userService.updateById(user);
			switch (status) {
			case 1:
			res = "解冻";
			break;
			case 2:
			res = "冻结";
			break;
			case 3:
			res = "删除";
			break;
			}

			}
			return ResultUtil.success(res+"成功");

			}

			@ResponseBody
			@GetMapping ("/text")
			@ApiOperation(value = "3系统公告.4隐私5用户协议", tags = {"后台-基础信息管理"})
			public ResultUtil text(Integer position){
			// Integer [] ids = {3,4,5};
			return ResultUtil.success(bannerService.selectOne(new EntityWrapper<Banner>().eq("position",position)));
			}


			// @ResponseBody
			// @PutMapping ("/text/edit")
			// @ApiOperation(value = "编辑系统公告", tags = {"后台-基础信息管理"})
			// public ResultUtil textUpdate(@RequestBody Banner banner){
			// Banner banner1 = bannerService.selectOne(new EntityWrapper<Banner>().eq("position", banner.getPosition()));
			// if (banner1!=null){
			// banner.setId(banner1.getId());
			// }
			// bannerService.insertOrUpdate(banner);
			// return ResultUtil.success("保存成功");
			//
			// }






			@Autowired
			private ISysDataTypeService dataTypeService;




			private void assertAuth(Integer userId) {
			if (ShiroKit.isAdmin()) {
			return;
			}
			List<Integer> deptDataScope = ShiroKit.getDeptDataScope();
			User user = this.userService.selectById(userId);
			Integer deptid = user.getDeptid();
			if (deptDataScope.contains(deptid)) {
			return;
			} else {
			throw new GunsException(BizExceptionEnum.NO_PERMITION);
			}

			}


			}