package cn.chnmuseum.party.web.controller;
import cn.chnmuseum.party.core.annotations.OperationLog;
import cn.chnmuseum.party.model.Permission;
import cn.chnmuseum.party.model.RolePermission;
import cn.chnmuseum.party.service.PermissionService;
import cn.chnmuseum.party.service.RolePermissionService;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import cn.chnmuseum.party.web.controller.base.BaseController;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.util.*;
/**
* 角色管理Controller
*/
@RestController
@RequestMapping(value = "/permission")
public class PermissionController extends BaseController {
private static final Logger logger = LoggerFactory.getLogger(PermissionController.class);
@Autowired
private PermissionService permissionService;
@Autowired
private RolePermissionService rolePermissionService;
/**
* 获取单个权限
*/
@ApiOperation(value = "获取单个权限")
@RequestMapping(value = "/getById", method = RequestMethod.GET)
@RequiresAuthentication //@RequiresPermissions("/permission/getById")
public ResponseEntity<Permission> getById(String Id) {
try {
Permission one = permissionService.getById(Id);
if (null == one) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
}
return ResponseEntity.ok(one);
} catch (Exception e) {
logger.error("查询错误!", e);
}
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(null);
}
// 获取的顶级权限列表
@ApiOperation(value = "获取的顶级权限列表")
@RequestMapping(value = "/getTopPermissionList", method = RequestMethod.GET)
@RequiresAuthentication //@RequiresPermissions("/permission/getPermissionList")
public ResponseEntity<List<Permission>> getTopPermissionList() {
try {
QueryWrapper<Permission> wrapper = new QueryWrapper<>();
wrapper.eq("pid", 0).orderByAsc("create_time");
List<Permission> permissionList = this.permissionService.list(wrapper);
return ResponseEntity.ok(permissionList);
} catch (Exception e) {
logger.error("查询角色列表出错!", e);
}
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(null);
}
// 获取权限分页对象
@ApiOperation(value = "获取权限分页对象")
@RequestMapping(value = "/getPermissionList", method = RequestMethod.GET)
@RequiresAuthentication //@RequiresPermissions("/permission/getPermissionList")
public ResponseEntity<Page<Permission>> getPermissionList(QueryWrapper<Permission> ew, String name, String math) {
try {
Page<Permission> page = this.getPage();
ew.orderByDesc("create_time");
if (StringUtils.isNotBlank(name)) {
ew.like("name", name.trim());
}
if (StringUtils.isNotBlank(math) && StringUtils.isNotEmpty(math)) {
ew.like("url", math.trim());
}
Page<Permission> list = this.permissionService.page(page, ew);
return ResponseEntity.ok(list);
} catch (Exception e) {
logger.error("查询角色列表出错!", e);
}
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(null);
}
@OperationLog("添加权限")
@ApiOperation(value = "添加")
@RequestMapping(value = "/add", method = RequestMethod.POST)
@RequiresAuthentication //@RequiresPermissions("/permission/add")
public ResponseEntity<Map<String, Object>> add(Permission permission) {
Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
try {
boolean ret = false;
if (!permission.getPid().equals(0)) {
Permission parent = this.permissionService.getById(permission.getPid());
String parentName = parent.getName().trim();
permission.setName(parentName + "-" + permission.getName().trim());
}
QueryWrapper<Permission> ew = new QueryWrapper<>();
if (StringUtils.isNoneBlank(permission.getName())) {
permission.setName(permission.getName().trim());
ew.eq("name", permission.getName());
Permission one = this.permissionService.getOne(ew);
if (one != null) {
resultMap.put("status", 400);
resultMap.put("message", "该权限已存在!");
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(resultMap);
}
}
permission.setUrl(permission.getUrl().trim());
permission.setCreateTime(new Date(System.currentTimeMillis()));
permission.setUpdateTime(permission.getCreateTime());
ret = this.permissionService.save(permission);
if (!ret) {
// 更新失败, 400
resultMap.put("status", 400);
resultMap.put("message", "添加失败!");
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(resultMap);
}
// 204
resultMap.put("status", 200);
resultMap.put("message", "添加成功!");
return ResponseEntity.status(HttpStatus.OK).body(resultMap);
} catch (Exception e) {
logger.error("添加权限错误!", e);
}
// 500
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
}
// 修改
@OperationLog("修改权限")
@ApiOperation(value = "修改")
@RequestMapping(value = "/edit", method = RequestMethod.PUT)
@RequiresAuthentication //@RequiresPermissions("/permission/edit")
public ResponseEntity<Map<String, Object>> edit(Permission permission) {
Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
try {
boolean ret = false;
if (permission.getId() != null) {
if (!permission.getPid().equals(0)) {
Permission parent = this.permissionService.getById(permission.getPid());
String parentName = parent.getName().trim();
permission.setName(parentName + "-" + permission.getName().trim());
}
QueryWrapper<Permission> ew = new QueryWrapper<>();
if (StringUtils.isNoneBlank(permission.getName())) {
permission.setName(permission.getName().trim());
ew.ne("id",permission.getId());
ew.eq("name", permission.getName());
Permission one = this.permissionService.getOne(ew);
if (one != null) {
resultMap.put("status", 400);
resultMap.put("message", "该权限已存在!");
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(resultMap);
}
}
permission.setUrl(permission.getUrl().trim());
ret = this.permissionService.updateById(permission);
} else {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
}
if (!ret) {
// 更新失败, 500
resultMap.put("status", 500);
resultMap.put("message", "更新错误!");
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
// 204
resultMap.put("status", 200);
resultMap.put("message", "更新成功!");
return ResponseEntity.status(HttpStatus.OK).body(resultMap);
} catch (Exception e) {
logger.error("编辑角色错误!", e);
}
// 500
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
}
// 刪除
@OperationLog("删除权限")
@ApiOperation(value = "刪除")
@RequestMapping(value = "/delete", method = RequestMethod.DELETE)
@RequiresAuthentication //@RequiresPermissions("/permission/delete")
public ResponseEntity<Map<String, Object>> delete(@RequestParam(value = "permissionId", required = true) String permissionId) {
Map<String, Object> resultMap = new HashMap<>();
try {
boolean ret = false;
if (StringUtils.isNotBlank(permissionId)) {
RolePermission rolePermission = new RolePermission();
rolePermission.setPid(permissionId);
QueryWrapper<RolePermission> ew = new QueryWrapper<RolePermission>();
ew.setEntity(rolePermission);
List<RolePermission> roleRightList = this.rolePermissionService.list(ew);
// 如果存在权限,先进行删除
if (roleRightList.size() > 0) {
for (RolePermission rp : roleRightList) {
this.rolePermissionService.remove(new QueryWrapper<RolePermission>(rp));
}
}
ret = this.permissionService.removeById(permissionId);
} else {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
}
if (!ret) {
// 删除失败, 500
resultMap.put("status", 500);
resultMap.put("message", "删除失败!");
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
// 204
resultMap.put("status", 200);
resultMap.put("message", "删除成功!");
return ResponseEntity.status(HttpStatus.OK).body(resultMap);
} catch (Exception e) {
logger.error("删除权限错误!", e);
}
// 500
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
}
// 批量刪除
@OperationLog("批量删除权限")
@ApiOperation(value = "批量刪除")
@RequestMapping(value = "/batchDel", method = RequestMethod.DELETE)
@RequiresAuthentication //@RequiresPermissions("/permission/batchDel")
public ResponseEntity<Map<String, Object>> batchDel(@RequestParam(value = "permissionIds") String permissionIds) {
Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
try {
boolean ret = false;
if (StringUtils.isNotBlank(permissionIds)) {
QueryWrapper<RolePermission> ew = new QueryWrapper<RolePermission>();
ew.in("pid", StringUtils.split(permissionIds, ","));
List<RolePermission> roleRightList = this.rolePermissionService.list(ew);
// 如果存在权限,先进行删除
if (roleRightList.size() > 0) {
for (RolePermission rp : roleRightList) {
this.rolePermissionService.remove(new QueryWrapper<>(rp));
}
}
ret = this.permissionService.removeByIds(Arrays.asList(StringUtils.split(permissionIds, ",")));
} else {
resultMap.put("status", 400);
resultMap.put("message", "错误请求!");
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(resultMap);
}
if (!ret) {
// 删除失败, 500
resultMap.put("status", 500);
resultMap.put("message", "删除失败!");
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
// 204
resultMap.put("status", 200);
resultMap.put("message", "删除成功!");
return ResponseEntity.status(HttpStatus.OK).body(resultMap);
} catch (Exception e) {
logger.error("删除角色错误!", e);
}
// 500
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
}
}