diff options
Diffstat (limited to 'src/main/java/com/mesasoft/cn/web')
12 files changed, 1250 insertions, 0 deletions
diff --git a/src/main/java/com/mesasoft/cn/web/controller/AuthController.java b/src/main/java/com/mesasoft/cn/web/controller/AuthController.java new file mode 100644 index 0000000..24a4a0b --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/AuthController.java @@ -0,0 +1,66 @@ +package com.mesasoft.cn.web.controller; + +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.IAuthService; +import com.mesasoft.cn.util.ControllerUtils; +import com.zhazhapan.util.Formatter; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiImplicitParams; +import io.swagger.annotations.ApiOperation; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; + +/** + * @author pantao + * @since 2018/3/8 + */ +@RestController +@RequestMapping("/auth") +@Api(value = "/auth", description = "权限表相关操作") +public class AuthController { + + private final IAuthService authService; + + @Autowired + public AuthController(IAuthService authService) {this.authService = authService;} + + @ApiOperation(value = "添加权限记录", notes = "设置指定用户对指定文件的权限") + @ApiImplicitParams({@ApiImplicitParam(name = "files", value = "文件", example = "file1,file2,file3", required = true), + @ApiImplicitParam(name = "users", value = "用户", example = "user1,user2,user3", required = true), + @ApiImplicitParam(name = "auths", value = "权限", example = "1,1,1,1", required = true)}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "", method = RequestMethod.POST) + public String add(String files, String users, String auths) { + System.out.println("files: " + files + " users: " + users + " auths: " + auths); + return ControllerUtils.getResponse(authService.addAuth(files, users, auths)); + } + + @ApiOperation(value = "获取权限记录") + @ApiImplicitParams({@ApiImplicitParam(name = "user", value = "用户", required = true), @ApiImplicitParam(name = + "file", value = "文件", required = true), @ApiImplicitParam(name = "offset", value = "偏移量", required = true)}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/all", method = RequestMethod.GET) + public String getAuth(String user, String file, int offset) { + return Formatter.listToJson(authService.listAuth(user, file, offset)); + } + + @ApiOperation(value = "更新权限记录") + @ApiImplicitParams({@ApiImplicitParam(name = "auth", value = "权限值", required = true)}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}", method = RequestMethod.PUT) + public String updateAuth(@PathVariable("id") long id, String auth) { + return ControllerUtils.getResponse(authService.updateAuth(id, auth)); + } + + @ApiOperation(value = "批量删除权限记录") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/batch/{ids}", method = RequestMethod.DELETE) + public String batchDelete(@PathVariable("ids") String ids) { + return ControllerUtils.getResponse(authService.batchDelete(ids)); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/CategoryController.java b/src/main/java/com/mesasoft/cn/web/controller/CategoryController.java new file mode 100644 index 0000000..41bf74e --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/CategoryController.java @@ -0,0 +1,75 @@ +package com.mesasoft.cn.web.controller; + +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.entity.Category; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.ICategoryService; +import com.mesasoft.cn.util.ControllerUtils; +import com.zhazhapan.modules.constant.ValueConsts; +import com.zhazhapan.util.Checker; +import com.zhazhapan.util.Formatter; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiOperation; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; + +/** + * @author pantao + * @since 2018/1/30 + */ +@RestController +@RequestMapping("/category") +@Api(value = "/category", description = "文件分类相关操作") +public class CategoryController { + + private final ICategoryService categoryService; + + @Autowired + public CategoryController(ICategoryService categoryService) {this.categoryService = categoryService;} + + @ApiOperation(value = "新增一个分类") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{name}", method = RequestMethod.POST) + public String add(@PathVariable("name") String name) { + return ControllerUtils.getResponse(categoryService.insert(name)); + } + + @ApiOperation(value = "更新分类名称") + @ApiImplicitParam(name = "name", value = "新的名称", required = true) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}", method = RequestMethod.PUT) + public String update(@PathVariable("id") int id, String name) { + boolean isSuccess = Checker.isNotEmpty(name) && categoryService.update(id, name); + return ControllerUtils.getResponse(isSuccess); + } + + @ApiOperation(value = "删除一个分类") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}", method = RequestMethod.DELETE) + public String remove(@PathVariable("id") int id) { + return ControllerUtils.getResponse(categoryService.remove(id)); + } + + @ApiOperation(value = "获取一个分类") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/{id}", method = RequestMethod.GET) + public String getById(@PathVariable("id") int id) { + Category category = categoryService.getById(id); + if (Checker.isNull(category)) { + return ControllerUtils.getResponse(ValueConsts.FALSE); + } else { + return category.toString(); + } + } + + @ApiOperation(value = "获取所有分类") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/all", method = RequestMethod.GET) + public String getAll() { + return Formatter.listToJson(categoryService.list()); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/CommonController.java b/src/main/java/com/mesasoft/cn/web/controller/CommonController.java new file mode 100644 index 0000000..493de1b --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/CommonController.java @@ -0,0 +1,94 @@ +package com.mesasoft.cn.web.controller; + +import com.alibaba.fastjson.JSONObject; +import com.mesasoft.cn.modules.constant.DefaultValues; +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.config.SettingConfig; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.ICommonService; +import com.mesasoft.cn.util.ControllerUtils; +import com.zhazhapan.modules.constant.ValueConsts; +import com.zhazhapan.util.Checker; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiOperation; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.*; +import org.springframework.web.multipart.MultipartFile; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * @author pantao + * @since 2018/1/23 + */ +@RestController +@RequestMapping("/common") +@Api(value = "/common", description = "公共接口") +public class CommonController { + + private static Logger logger = LoggerFactory.getLogger(ConfigController.class); + + private final ICommonService commonService; + + private final HttpServletRequest request; + + private final JSONObject jsonObject; + + @Autowired + public CommonController(ICommonService commonService, HttpServletRequest request, JSONObject jsonObject) { + this.commonService = commonService; + this.request = request; + this.jsonObject = jsonObject; + } + + @ApiOperation(value = "获取头像资源") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/avatar/{name}", method = RequestMethod.GET) + public void getAvatar(HttpServletResponse response, @PathVariable("name") String name) throws IOException { + String path = SettingConfig.getAvatarStoragePath() + ValueConsts.SEPARATOR + name; + ControllerUtils.loadResource(response, path, ValueConsts.FALSE); + } + + @ApiOperation(value = "上传头像") + @ApiImplicitParam(name = "multipartFile", value = "头像", required = true) + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/avatar", method = RequestMethod.POST) + public String avatarUpload(@RequestParam("file") MultipartFile multipartFile) { + String name = commonService.uploadAvatar(multipartFile); + if (Checker.isEmpty(name)) { + jsonObject.put("error", "文件格式不合法"); + } else { + jsonObject.put("success", "/common/avatar/" + name); + } + return jsonObject.toString(); + } + + @ApiOperation(value = "发送验证码") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/{email}/code", method = RequestMethod.POST) + public String sendVerifyCode(@PathVariable("email") String email) { + int code = commonService.sendVerifyCode(email); + if (code > 0) { + request.getSession().setAttribute(DefaultValues.CODE_STRING, code); + logger.info("verify code: " + code); + jsonObject.put("status", "success"); + } else { + jsonObject.put("status", "error"); + } + return jsonObject.toString(); + } + + @ApiOperation(value = "验证验证码是否正确") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/{code}/verification", method = RequestMethod.PUT) + public String verifyCode(@PathVariable("code") String code) { + boolean isSuccess = Checker.checkNull(code).equals(String.valueOf(request.getSession().getAttribute + (DefaultValues.CODE_STRING))); + return ControllerUtils.getResponse(isSuccess); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/ConfigController.java b/src/main/java/com/mesasoft/cn/web/controller/ConfigController.java new file mode 100644 index 0000000..e13bf35 --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/ConfigController.java @@ -0,0 +1,92 @@ +package com.mesasoft.cn.web.controller; + +import com.mesasoft.cn.SketchApplication; +import com.mesasoft.cn.modules.constant.DefaultValues; +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.entity.User; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.IConfigService; +import com.zhazhapan.modules.constant.ValueConsts; +import com.zhazhapan.util.FileExecutor; +import com.zhazhapan.util.NetUtils; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiOperation; +import org.apache.log4j.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; + +import javax.servlet.http.HttpServletRequest; +import java.io.IOException; + +/** + * @author pantao + * @since 2018/1/22 + */ +@RestController +@RequestMapping("/config") +@Api(value = "/config", description = "配置文件的相关操作") +public class ConfigController { + + private static Logger logger = Logger.getLogger(ConfigController.class); + + private final IConfigService configService; + + private final HttpServletRequest request; + + @Autowired + public ConfigController(IConfigService configService, HttpServletRequest request) { + this.configService = configService; + this.request = request; + } + + @ApiOperation(value = "更新配置文件") + @ApiImplicitParam(name = "config", value = "配置文件内容", required = true) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "", method = RequestMethod.PUT) + public String updateConfig(String config) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + if (user.getPermission() > ValueConsts.TWO_INT) { + SketchApplication.settings.setJsonObject(config); + //打包成jar之后无法修改config.json文件 + try { + FileExecutor.saveFile(NetUtils.urlToString(SketchApplication.class.getResource(DefaultValues + .SETTING_PATH)), SketchApplication.settings.toString()); + } catch (IOException e) { + logger.error(e.getMessage()); + return "{\"message\":\"internal error, cannot save\"}"; + } + return "{\"message\":\"saved successfully\"}"; + } else { + return "{\"message\":\"permission denied\"}"; + } + } + + @ApiOperation(value = "获取配置文件内容") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/all", method = RequestMethod.GET) + public String getAll() { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + if (user.getPermission() > ValueConsts.TWO_INT) { + return SketchApplication.settings.toString(); + } else { + return "{\"message\":\"permission denied\"}"; + } + } + + @ApiOperation(value = "获取配置文件中的全局相关配置内容") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/global", method = RequestMethod.GET) + public String getGlobalConfig() { + return configService.getGlobalConfig(); + } + + @ApiOperation(value = "获取配置文件中的用户相关配置内容") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/user", method = RequestMethod.GET) + public String getUserConfig() { + return configService.getUserConfig(); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/CustomErrorController.java b/src/main/java/com/mesasoft/cn/web/controller/CustomErrorController.java new file mode 100644 index 0000000..bc22a1d --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/CustomErrorController.java @@ -0,0 +1,42 @@ +package com.mesasoft.cn.web.controller; + +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.enums.InterceptorLevel; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import org.springframework.boot.web.servlet.error.ErrorController; +import org.springframework.http.HttpStatus; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseStatus; +import springfox.documentation.annotations.ApiIgnore; + +/** + * @author pantao + * @since 2018/1/22 + */ +@Controller +@Api(description = "错误页面映射") +public class CustomErrorController implements ErrorController { + + @ApiOperation(value = "异常页面") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping("/exception") + public String handleError() { + return "error"; + } + + @ApiOperation(value = "404、错误页面") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping("/error") + @ResponseStatus(HttpStatus.NOT_FOUND) + public String handleNotFound() { + return "/404"; + } + + @ApiIgnore + @Override + public String getErrorPath() { + return "/error"; + } +}
\ No newline at end of file diff --git a/src/main/java/com/mesasoft/cn/web/controller/DownloadedController.java b/src/main/java/com/mesasoft/cn/web/controller/DownloadedController.java new file mode 100644 index 0000000..324aeaa --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/DownloadedController.java @@ -0,0 +1,41 @@ +package com.mesasoft.cn.web.controller; + +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.IDownloadedService; +import com.zhazhapan.util.Formatter; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiImplicitParams; +import io.swagger.annotations.ApiOperation; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; + +/** + * @author pantao + * @since 2018/2/9 + */ +@RestController +@RequestMapping(value = "/downloaded") +@Api(value = "/downloaded", description = "下载记录相关操作") +public class DownloadedController { + + private final IDownloadedService downloadService; + + @Autowired + public DownloadedController(IDownloadedService downloadService) { + this.downloadService = downloadService; + } + + @ApiOperation(value = "获取文件下载记录") + @ApiImplicitParams({@ApiImplicitParam(name = "user", value = "指定用户(默认所有用户)"), @ApiImplicitParam(name = + "指定文件(默认所有文件)"), @ApiImplicitParam(name = "category", value = "指定分类(默认所有分类)"), @ApiImplicitParam(name = + "offset", value = "偏移量", required = true)}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "all", method = RequestMethod.GET) + public String getAll(String user, String file, String category, int offset) { + return Formatter.listToJson(downloadService.list(user, file, category, offset)); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/FileController.java b/src/main/java/com/mesasoft/cn/web/controller/FileController.java new file mode 100644 index 0000000..6ae6d57 --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/FileController.java @@ -0,0 +1,220 @@ +package com.mesasoft.cn.web.controller; + +import com.alibaba.fastjson.JSONArray; +import com.alibaba.fastjson.JSONObject; +import com.mesasoft.cn.SketchApplication; +import com.mesasoft.cn.modules.constant.ConfigConsts; +import com.mesasoft.cn.util.BeanUtils; +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.entity.User; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.IFileService; +import com.mesasoft.cn.util.ControllerUtils; +import com.zhazhapan.modules.constant.ValueConsts; +import com.zhazhapan.util.Checker; +import com.zhazhapan.util.FileExecutor; +import com.zhazhapan.util.Formatter; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiImplicitParams; +import io.swagger.annotations.ApiOperation; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.*; +import org.springframework.web.multipart.MultipartFile; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.File; +import java.io.IOException; + +/** + * @author pantao + * @since 2018/1/29 + */ +@RestController +@RequestMapping("/file") +@Api(value = "/file", description = "文件相关操作") +public class FileController { + + private final IFileService fileService; + + private final HttpServletRequest request; + + private final JSONObject jsonObject; + + @Autowired + public FileController(IFileService fileService, HttpServletRequest request, JSONObject jsonObject) { + this.fileService = fileService; + this.request = request; + this.jsonObject = jsonObject; + } + + @ApiOperation(value = "获取我的下载记录") + @ApiImplicitParams({@ApiImplicitParam(name = "offset", value = "偏移量", required = true), @ApiImplicitParam(name = + "search", value = "记录匹配(允许为空)")}) + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/user/downloaded", method = RequestMethod.GET) + public String getUserDownloaded(int offset, String search) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + return Formatter.listToJson(fileService.listUserDownloaded(user.getId(), offset, search)); + } + + @ApiOperation(value = "获取我的上传记录") + @ApiImplicitParams({@ApiImplicitParam(name = "offset", value = "偏移量", required = true), @ApiImplicitParam(name = + "search", value = "记录匹配(允许为空)")}) + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/user/uploaded", method = RequestMethod.GET) + public String getUserUploaded(int offset, String search) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + return Formatter.listToJson(fileService.listUserUploaded(user.getId(), offset, search)); + } + + @ApiOperation(value = "文件上传") + @ApiImplicitParams({@ApiImplicitParam(name = "categoryId", value = "分类ID", required = true), @ApiImplicitParam + (name = "tag", value = "文件标签"), @ApiImplicitParam(name = "description", value = "文件描述"), + @ApiImplicitParam(name = "prefix", value = "文件前缀(仅适用于管理员上传文件,普通用户无效)")}) + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "", method = RequestMethod.POST) + public String upload(int categoryId, String tag, String description, String prefix, @RequestParam("file") + MultipartFile multipartFile) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + return ControllerUtils.getResponse(fileService.upload(categoryId, tag, description, prefix, multipartFile, + user)); + } + + @ApiOperation(value = "获取文件记录") + @ApiImplicitParams({@ApiImplicitParam(name = "offset", value = "偏移量", required = true), @ApiImplicitParam(name = + "categoryId", value = "分类ID", required = true), @ApiImplicitParam(name = "orderBy", value = "排序方式", + required = true, example = "id desc"), @ApiImplicitParam(name = "search", value = "记录匹配(允许为空)")}) + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/all", method = RequestMethod.GET) + public String getAll(int offset, int categoryId, String orderBy, String search) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + boolean canGet = SketchApplication.settings.getBooleanUseEval(ConfigConsts.ANONYMOUS_VISIBLE_OF_SETTING) || + (Checker.isNotNull(user) && user.getIsVisible() == 1); + if (canGet) { + int userId = Checker.isNull(user) ? 0 : user.getId(); + return Formatter.listToJson(fileService.listAll(userId, offset, categoryId, orderBy, search)); + } else { + jsonObject.put("error", "权限被限制,无法获取资源,请联系管理员"); + return jsonObject.toString(); + } + } + + @ApiOperation(value = "删除指定文件") + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/{id}", method = RequestMethod.DELETE) + public String removeFile(@PathVariable("id") long id) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + jsonObject.put("status", "error"); + if (Checker.isNull(user)) { + jsonObject.put("message", "请先登录"); + } else if (id < 1) { + jsonObject.put("message", "格式不合法"); + } else if (fileService.removeFile(user, id)) { + jsonObject.put("status", "success"); + } else { + jsonObject.put("message", "删除失败,权限不够,请联系管理员"); + } + return jsonObject.toString(); + } + + @ApiOperation(value = "更新文件属性") + @ApiImplicitParams({@ApiImplicitParam(name = "name", value = "文件名", required = true), @ApiImplicitParam(name = + "category", value = "分类名称", required = true), @ApiImplicitParam(name = "tag", value = "文件标签", required = + true), @ApiImplicitParam(name = "description", value = "文件描述", required = true)}) + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/{id}", method = RequestMethod.PUT) + public String updateFileInfo(@PathVariable("id") long id, String name, String category, String tag, String + description) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + jsonObject.put("status", "error"); + if (fileService.updateFileInfo(id, user, name, category, tag, description)) { + jsonObject.put("status", "success"); + } else { + jsonObject.put("message", "格式不正确或权限不够,更新失败,请联系管理员"); + } + return jsonObject.toString(); + } + + @ApiOperation(value = "获取所有文件的基本信息") + @ApiImplicitParams({@ApiImplicitParam(name = "user", value = "指定用户(默认所有用户)"), @ApiImplicitParam(name = "file", + value = "指定文件(默认所有文件)"), @ApiImplicitParam(name = "category", value = "指定分类(默认所有分类)"), @ApiImplicitParam + (name = "offset", value = "偏移量", required = true)}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/basic/all", method = RequestMethod.GET) + public String getBasicAll(String user, String file, String category, int offset) { + return Formatter.listToJson(fileService.listBasicAll(user, file, category, offset)); + } + + @ApiOperation(value = "通过文件路径获取服务器端的文件") + @ApiImplicitParam(name = "path", value = "文件路径(默认根目录)") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/server", method = RequestMethod.GET) + public String getServerFilesByPath(String path) { + File[] files = FileExecutor.listFile(Checker.isEmpty(path) ? (Checker.isWindows() ? "C:\\" : "/") : path); + JSONArray array = new JSONArray(); + if (Checker.isNotNull(files)) { + for (File file : files) { + array.add(BeanUtils.beanToJson(file)); + } + } + return array.toJSONString(); + } + + @ApiOperation("分享服务器端文件") + @ApiImplicitParams({@ApiImplicitParam(name = "prefix", value = "自定义前缀(可空)"), @ApiImplicitParam(name = "files", + value = "文件", required = true, example = "file1,file2,file3")}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/server/share", method = RequestMethod.POST) + public String shareFile(String prefix, String files) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + return ControllerUtils.getResponse(fileService.shareFiles(Checker.checkNull(prefix), files, user)); + } + + @ApiOperation(value = "更新文件路径(包括本地路径,访问路径,如果新的本地路径和访问路径均为空,这什么也不会做)") + @ApiImplicitParams({@ApiImplicitParam(name = "oldLocalUrl", value = "文件本地路径", required = true), @ApiImplicitParam + (name = "localUrl", value = "新的本地路径(可空)"), @ApiImplicitParam(name = "visitUrl", value = "新的访问路径(可空)")}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}/url", method = RequestMethod.PUT) + public String uploadFileUrl(@PathVariable("id") int id, String oldLocalUrl, String localUrl, String visitUrl) { + boolean[] b = fileService.updateUrl(id, oldLocalUrl, localUrl, visitUrl); + String responseJson = "{status:{localUrl:" + b[0] + ",visitUrl:" + b[1] + "}}"; + return Formatter.formatJson(responseJson); + } + + @ApiOperation(value = "批量删除文件") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/batch/{ids}", method = RequestMethod.DELETE) + public String deleteFiles(@PathVariable("ids") String ids) { + return ControllerUtils.getResponse(fileService.deleteFiles(ids)); + } + + @ApiOperation(value = "获取指定文件的权限记录") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}/auth", method = RequestMethod.GET) + public String getAuth(@PathVariable("id") long id) { + return BeanUtils.toPrettyJson(fileService.getAuth(id)); + } + + @ApiOperation(value = "更新指定文件的权限") + @ApiImplicitParam(name = "auth", value = "权限", required = true, example = "1,1,1,1") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}/auth", method = RequestMethod.PUT) + public String updateAuth(@PathVariable("id") long id, String auth) { + return ControllerUtils.getResponse(fileService.updateAuth(id, auth)); + } + + /** + * 资源下载 + * + * @param response {@link HttpServletResponse} + */ + @ApiOperation(value = "通过访问路径获取文件资源") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/**", method = RequestMethod.GET) + public void getResource(HttpServletResponse response) throws IOException { + ControllerUtils.loadResource(response, fileService.getResource(request.getServletPath(), request), + ValueConsts.FALSE); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/FileMangerController.java b/src/main/java/com/mesasoft/cn/web/controller/FileMangerController.java new file mode 100644 index 0000000..ca7dbff --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/FileMangerController.java @@ -0,0 +1,188 @@ +package com.mesasoft.cn.web.controller; + +import com.alibaba.fastjson.JSONObject; +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.IFileManagerService; +import com.mesasoft.cn.util.ControllerUtils; +import com.zhazhapan.modules.constant.ValueConsts; +import com.zhazhapan.util.ArrayUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.multipart.MultipartFile; +import org.springframework.web.multipart.MultipartHttpServletRequest; +import springfox.documentation.annotations.ApiIgnore; + +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.Map; + +/** + * <a href="https://github.com/joni2back/angular-filemanager/blob/master/API.md">see api doc</a> + * + * @author pantao + * @since 2018/1/29 + */ +@ApiIgnore +@RestController +@RequestMapping("/filemanager") +@AuthInterceptor(InterceptorLevel.SYSTEM) +public class FileMangerController { + + private final IFileManagerService fileManagerService; + + private final JSONObject jsonObject; + + @Autowired + public FileMangerController(IFileManagerService fileManagerService, JSONObject jsonObject) { + this.fileManagerService = fileManagerService; + this.jsonObject = jsonObject; + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/multidownload", method = RequestMethod.GET) + public void multiDownload(HttpServletResponse response, String[] items, String toFilename) throws IOException { + ControllerUtils.setResponseFileName(response, toFilename); + fileManagerService.multiDownload(response, items, toFilename); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/download", method = RequestMethod.GET) + public void download(HttpServletResponse response, String path) throws IOException { + ControllerUtils.loadResource(response, path, ValueConsts.TRUE); + } + public static String getEncoding(String str) { + String encode = "GB2312"; + String finecode = ""; + try { + if (str.equals(new String(str.getBytes(encode), encode))) { + finecode = encode; + } + } catch (Exception exception) { + } + encode = "ISO-8859-1"; + try { + if (str.equals(new String(str.getBytes(encode), encode))) { + finecode = encode; + } + } catch (Exception exception1) { + } + encode = "GBK"; + try { + if (str.equals(new String(str.getBytes(encode), encode))) { + finecode = encode; + } + } catch (Exception exception1) { + } + encode = "UTF-8"; + try { + if (str.equals(new String(str.getBytes(encode), encode))) { + finecode = encode; + } + } catch (Exception exception2) { + } + encode = "GBK"; + try { + if (str.equals(new String(str.getBytes(encode), encode))) { + finecode = encode; + } + } catch (Exception exception3) { + } + return finecode; + } + /** + * 暂时没有找到更好的解决方案 + * + * @param destination 目的 + * + * @return 响应结果 + */ + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/upload", method = RequestMethod.POST) + public String upload(String destination, MultipartHttpServletRequest request) { + Map<String, MultipartFile> fileMap = request.getFileMap(); + MultipartFile[] files = ArrayUtils.mapToArray(fileMap, MultipartFile.class); + jsonObject.put("result", fileManagerService.upload(destination, files)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/extract", method = RequestMethod.POST) + public String extract(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.extract(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/compress", method = RequestMethod.POST) + public String compress(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.compress(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/permission", method = RequestMethod.POST) + public String setPermission(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.setPermission(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/folder", method = RequestMethod.POST) + public String createFolder(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.createFolder(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/content", method = RequestMethod.POST) + public String getContent(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.getContent(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/edit", method = RequestMethod.POST) + public String edit(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.edit(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/remove", method = RequestMethod.POST) + public String remove(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.remove(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/copy", method = RequestMethod.POST) + public String copy(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.copy(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/move", method = RequestMethod.POST) + public String move(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.move(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/rename", method = RequestMethod.POST) + public String rename(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.rename(json)); + return jsonObject.toJSONString(); + } + + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/list", method = RequestMethod.POST) + public String list(@RequestBody JSONObject json) { + jsonObject.put("result", fileManagerService.list(json)); + return jsonObject.toJSONString(); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/GlobalExceptionHandler.java b/src/main/java/com/mesasoft/cn/web/controller/GlobalExceptionHandler.java new file mode 100644 index 0000000..e096243 --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/GlobalExceptionHandler.java @@ -0,0 +1,49 @@ +package com.mesasoft.cn.web.controller; + +import cn.hutool.core.util.ObjectUtil; +import cn.hutool.log.Log; +import cn.hutool.log.LogFactory; +import com.mesasoft.cn.entity.Result; +import com.mesasoft.cn.entity.ResultEntity; +import com.mesasoft.cn.enums.StatusEnum; +import com.mesasoft.cn.exception.BusinessException; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.RestControllerAdvice; +import org.springframework.web.context.request.async.AsyncRequestTimeoutException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +@RestControllerAdvice +public class GlobalExceptionHandler { + private static final Log log = LogFactory.get(); + + + @ExceptionHandler(AsyncRequestTimeoutException.class) //捕获特定异常 + public void handleAsyncRequestTimeoutException(AsyncRequestTimeoutException e, HttpServletRequest request) { + log.info("Handle Async Request Timeout Exception"); + } + + + @ExceptionHandler(Exception.class) + public ResultEntity handleException(Exception e, HttpServletRequest request, HttpServletResponse response) { + response.setStatus(StatusEnum.FAIL.getStatus()); + String message = e.getMessage() + (e.getCause() != null ? e.getCause().getMessage() : ""); + log.error("message:{}, stackTrace:{}", message, getStackTrace(e)); + return Result.fail(e.getMessage()); + } + + @ExceptionHandler({BusinessException.class}) + public ResultEntity handleBusinessException(BusinessException e, HttpServletRequest request, HttpServletResponse response) { + response.setStatus(e.getStatus()); + String message = (e.getMessage() != null ? e.getMessage() : e.getMessage()) + " " + (e.getCause() != null ? e.getCause().getMessage() : ""); + log.error("message:{}.stackTrace:{}", message, getStackTrace(e)); + return Result.fail(e.getStatus(), e.getCode(), message); + } + + private String getStackTrace(Exception e) { + return ObjectUtil.isNotNull(e.getStackTrace()) ? e.getStackTrace()[0].toString() : ""; + } + + +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/UploadedController.java b/src/main/java/com/mesasoft/cn/web/controller/UploadedController.java new file mode 100644 index 0000000..a99827f --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/UploadedController.java @@ -0,0 +1,39 @@ +package com.mesasoft.cn.web.controller; + +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.IUploadedService; +import com.zhazhapan.util.Formatter; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiImplicitParams; +import io.swagger.annotations.ApiOperation; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; + +/** + * @author pantao + * @since 2018/2/28 + */ +@RestController +@RequestMapping(value = "/uploaded") +@Api(value = "/uploaded", description = "上传记录相关操作") +public class UploadedController { + + private final IUploadedService uploadedService; + + @Autowired + public UploadedController(IUploadedService uploadedService) {this.uploadedService = uploadedService;} + + @ApiOperation(value = "获取文件上传记录") + @ApiImplicitParams({@ApiImplicitParam(name = "user", value = "指定用户(默认所有用户)"), @ApiImplicitParam(name = + "指定文件(默认所有文件)"), @ApiImplicitParam(name = "category", value = "指定分类(默认所有分类)"), @ApiImplicitParam(name = + "offset", value = "偏移量", required = true)}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "all", method = RequestMethod.GET) + public String getAll(String user, String file, String category, int offset) { + return Formatter.listToJson(uploadedService.list(user, file, category, offset)); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/UserController.java b/src/main/java/com/mesasoft/cn/web/controller/UserController.java new file mode 100644 index 0000000..a76aad9 --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/UserController.java @@ -0,0 +1,281 @@ +package com.mesasoft.cn.web.controller; + +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; +import com.mesasoft.cn.SketchApplication; +import com.mesasoft.cn.modules.constant.ConfigConsts; +import com.mesasoft.cn.modules.constant.DefaultValues; +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.config.TokenConfig; +import com.mesasoft.cn.entity.Result; +import com.mesasoft.cn.entity.ResultEntity; +import com.mesasoft.cn.entity.User; +import com.mesasoft.cn.enums.InterceptorLevel; +import com.mesasoft.cn.service.IUserService; +import com.mesasoft.cn.util.ControllerUtils; +import com.zhazhapan.modules.constant.ValueConsts; +import com.zhazhapan.util.Checker; +import com.zhazhapan.util.Formatter; +import com.zhazhapan.util.encryption.JavaEncrypt; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiImplicitParam; +import io.swagger.annotations.ApiImplicitParams; +import io.swagger.annotations.ApiOperation; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; + +import javax.servlet.http.HttpServletRequest; +import java.io.UnsupportedEncodingException; +import java.security.NoSuchAlgorithmException; + +/** + * @author pantao + * @since 2018/1/22 + */ +@RestController +@RequestMapping("/user") +@Api(value = "/user", description = "用户相关操作") +public class UserController { + + private final IUserService userService; + + private final HttpServletRequest request; + + private final JSONObject jsonObject; + + @Autowired + public UserController(IUserService userService, HttpServletRequest request, JSONObject jsonObject) { + this.userService = userService; + this.request = request; + this.jsonObject = jsonObject; + } + + @ApiOperation(value = "更新用户权限(注:不是文件权限)") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}/{permission}", method = RequestMethod.PUT) + public String updatePermission(@PathVariable("id") int id, @PathVariable("permission") int permission) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + if (user.getPermission() < ValueConsts.THREE_INT && permission > 1) { + jsonObject.put("message", "权限不够,设置失败"); + } else if (userService.updatePermission(id, permission)) { + jsonObject.put("message", "更新成功"); + } else { + jsonObject.put("message", "更新失败,请稍后重新尝试"); + } + return jsonObject.toJSONString(); + } + + @ApiOperation("重置用户密码(管理员接口)") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/reset/{id}/{password}", method = RequestMethod.PUT) + public String resetPassword(@PathVariable("id") int id, @PathVariable("password") String password) { + return ControllerUtils.getResponse(userService.resetPassword(id, password)); + } + + @ApiOperation(value = "更新用户的默认文件权限") + @ApiImplicitParam(name = "auth", value = "权限", example = "1,1,1,1", required = true) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/{id}/auth", method = RequestMethod.PUT) + public String updateFileAuth(@PathVariable("id") int id, String auth) { + return ControllerUtils.getResponse(userService.updateFileAuth(id, auth)); + } + + @ApiOperation(value = "获取所有用户") + @ApiImplicitParams({@ApiImplicitParam(name = "user", value = "指定用户(默认所有用户)"), @ApiImplicitParam(name = "offset", + value = "偏移量", required = true)}) + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/all", method = RequestMethod.GET) + public String getUser(String user, int offset) { + User u = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + return Formatter.listToJson(userService.listUser(u.getPermission(), user, offset)); + } + + @ApiOperation(value = "更新我的基本信息") + @ApiImplicitParams({@ApiImplicitParam(name = "avatar", value = "头像(可空)"), @ApiImplicitParam(name = "realName", + value = "真实姓名(可空)"), @ApiImplicitParam(name = "email", value = "邮箱(可空)"), @ApiImplicitParam(name = + "code", value = "验证码(可空)")}) + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/info", method = RequestMethod.PUT) + public String updateBasicInfo(String avatar, String realName, String email, String code) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + jsonObject.put("message", "保存成功"); + boolean emilVerify = SketchApplication.settings.getBooleanUseEval(ConfigConsts.EMAIL_VERIFY_OF_SETTINGS); + if (Checker.isNotEmpty(email) && !email.equals(user.getEmail())) { + if (!emilVerify || isCodeValidate(code)) { + if (userService.emailExists(email)) { + jsonObject.put("message", "邮箱更新失败,该邮箱已经存在"); + } else { + user.setEmail(email); + } + } else { + jsonObject.put("message", "邮箱更新失败,验证码校验失败"); + } + } + if (userService.updateBasicInfoById(user.getId(), avatar, realName, user.getEmail())) { + user.setAvatar(avatar); + user.setRealName(realName); + jsonObject.put("status", "success"); + } else { + jsonObject.put("message", "服务器发生错误,请稍后重新尝试"); + } + jsonObject.put("email", user.getEmail()); + return jsonObject.toString(); + } + + @ApiOperation(value = "更新我的密码") + @ApiImplicitParams({@ApiImplicitParam(name = "oldPassword", value = "原密码", required = true), @ApiImplicitParam + (name = "newPassword", value = "新密码", required = true)}) + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/password", method = RequestMethod.PUT) + public String updatePassword(String oldPassword, String newPassword) { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + jsonObject.put("status", "error"); + try { + if (user.getPassword().equals(JavaEncrypt.sha256(oldPassword))) { + if (userService.updatePasswordById(newPassword, user.getId())) { + jsonObject.put("status", "success"); + TokenConfig.removeTokenByValue(user.getId()); + } else { + jsonObject.put("message", "新密码格式不正确"); + } + } else { + jsonObject.put("message", "原密码不正确"); + } + } catch (NoSuchAlgorithmException | UnsupportedEncodingException e) { + jsonObject.put("message", "服务器内部错误,请稍后重新尝试"); + } + return jsonObject.toString(); + } + + @ApiOperation(value = "获取我的基本信息") + @AuthInterceptor(InterceptorLevel.USER) + @RequestMapping(value = "/info", method = RequestMethod.GET) + public String getInfo() { + User user = (User) request.getSession().getAttribute(ValueConsts.USER_STRING); + JSONObject object = JSON.parseObject(user.toString()); + object.remove(ValueConsts.ID_STRING); + object.remove(ValueConsts.PASSWORD_STRING); + return object.toString(); + } + + @ApiOperation(value = "登录(用户名密码和token必须有一个输入)") + @ApiImplicitParams({@ApiImplicitParam(name = "username", value = "用户名"), @ApiImplicitParam(name + = "password", value = "密码"), @ApiImplicitParam(name = "auto", value = "是否自动登录", dataType = "Boolean"), + @ApiImplicitParam(name = "token", value = "用于自动登录")}) + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/login", method = RequestMethod.PUT) + public String login(String username, String password, boolean auto, String token) { + //使用密码登录 + User user = userService.login(username, password, ValueConsts.NULL_STRING, ValueConsts.NULL_RESPONSE); + if (Checker.isNull(user) || user.getPermission() < 1) { + jsonObject.put("status", "failed"); + } else { + request.getSession().setAttribute(ValueConsts.USER_STRING, user); + jsonObject.put("status", "success"); + if (auto) { + jsonObject.put("token", TokenConfig.generateToken(token, user.getId())); + } else { + jsonObject.put("token", ""); + TokenConfig.removeTokenByValue(user.getId()); + } + } + return jsonObject.toString(); + } + + @ApiOperation(value = "用户注册(当不需要验证邮箱时,邮箱和验证码可空)") + @ApiImplicitParams({@ApiImplicitParam(name = "username", value = "用户名", required = true), @ApiImplicitParam(name + = "email", value = "邮箱"), @ApiImplicitParam(name = "password", value = "密码", required = true), + @ApiImplicitParam(name = "code", value = "验证码")}) + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/register", method = RequestMethod.POST) + public String register(String username, String email, String password, String code) { + boolean emilVerify = SketchApplication.settings.getBooleanUseEval(ConfigConsts.EMAIL_VERIFY_OF_SETTINGS); + jsonObject.put("status", "error"); + if (!emilVerify || isCodeValidate(code)) { + if (userService.usernameExists(username)) { + jsonObject.put("message", "用户名已经存在"); + } else if (userService.emailExists(email)) { + jsonObject.put("message", "该邮箱已经被注册啦"); + } else if (userService.register(username, email, password)) { + jsonObject.put("status", "success"); + } else { + jsonObject.put("message", "数据格式不合法"); + } + } else { + jsonObject.put("message", "验证码校验失败"); + } + return jsonObject.toString(); + } + + @ApiOperation(value = "重置我的密码") + @ApiImplicitParams({@ApiImplicitParam(name = "email", value = "邮箱", required = true), @ApiImplicitParam(name = + "code", value = "验证码", required = true), @ApiImplicitParam(name = "password", value = "密码", required = + true)}) + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/password/reset", method = RequestMethod.PUT) + public String resetPassword(String email, String code, String password) { + jsonObject.put("status", "error"); + if (isCodeValidate(code)) { + if (userService.resetPasswordByEmail(email, password)) { + jsonObject.put("status", "success"); + } else { + jsonObject.put("message", "格式不合法"); + } + } else { + jsonObject.put("message", "验证码校验失败"); + } + return jsonObject.toString(); + } + + @ApiOperation(value = "检测用户名是否已经注册") + @ApiImplicitParam(name = "username", value = "用户名", required = true) + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/username/exists", method = RequestMethod.GET) + public String usernameExists(String username) { + jsonObject.put("exists", userService.usernameExists(username)); + return jsonObject.toString(); + } + + @ApiOperation(value = "检测邮箱是否已经注册") + @ApiImplicitParam(name = "email", value = "邮箱", required = true) + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/email/exists", method = RequestMethod.GET) + public String emailExists(String email) { + jsonObject.put("exists", userService.emailExists(email)); + return jsonObject.toString(); + } + + private boolean isCodeValidate(String code) { + return Checker.checkNull(code).equals(String.valueOf(request.getSession().getAttribute(DefaultValues + .CODE_STRING))); + } + + + @ApiOperation(value = "登录(用户名密码和token必须有一个输入)") + @ApiImplicitParams({@ApiImplicitParam(name = "username", value = "用户名"), @ApiImplicitParam(name + = "password", value = "密码"), @ApiImplicitParam(name = "auto", value = "是否自动登录", dataType = "Boolean"), + @ApiImplicitParam(name = "token", value = "用于自动登录")}) + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/login2", method = RequestMethod.PUT) + public ResultEntity login2(String username, String password, boolean auto, String token) { + + JSONObject resultObject = null; + //使用密码登录 + User user = userService.login(username, password, ValueConsts.NULL_STRING, ValueConsts.NULL_RESPONSE); + if (Checker.isNull(user) || user.getPermission() < 1) { + return Result.fail(); + } else { + request.getSession().setAttribute(ValueConsts.USER_STRING, user); + if (auto) { + resultObject.put("token", TokenConfig.generateToken(token, user.getId())); + } else { + resultObject.put("token", ""); + TokenConfig.removeTokenByValue(user.getId()); + } + } + return Result.success(resultObject); + } +} diff --git a/src/main/java/com/mesasoft/cn/web/controller/ViewController.java b/src/main/java/com/mesasoft/cn/web/controller/ViewController.java new file mode 100644 index 0000000..33ad670 --- /dev/null +++ b/src/main/java/com/mesasoft/cn/web/controller/ViewController.java @@ -0,0 +1,63 @@ +package com.mesasoft.cn.web.controller; + +import com.mesasoft.cn.annotation.AuthInterceptor; +import com.mesasoft.cn.enums.InterceptorLevel; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.ResponseBody; +import springfox.documentation.annotations.ApiIgnore; + +/** + * @author pantao + * @since 2018/1/25 + */ +@Controller +@Api(description = "视图页面映射") +public class ViewController { + + @ApiOperation(value = "远程文件管理页面") + @AuthInterceptor(InterceptorLevel.SYSTEM) + @RequestMapping(value = "/filemanager", method = RequestMethod.GET) + public String fileManager() { + return "/filemanager"; + } + + @ApiOperation(value = "上传页面") + @AuthInterceptor + @RequestMapping(value = "/upload", method = RequestMethod.GET) + public String upload() { + return "/upload"; + } + + @ApiOperation(value = "首页") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/index", method = RequestMethod.GET) + public String index() { + return "/index"; + } + + @ApiOperation(value = "登录、注册、忘记密码页面") + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/signin", method = RequestMethod.GET) + public String signin() { + return "/signin"; + } + + @ApiOperation(value = "管理员页面") + @AuthInterceptor(InterceptorLevel.ADMIN) + @RequestMapping(value = "/admin", method = RequestMethod.GET) + public String admin() { + return "/admin"; + } + + @ApiIgnore + @AuthInterceptor(InterceptorLevel.NONE) + @RequestMapping(value = "/test", method = RequestMethod.GET) + @ResponseBody + public String test() { + return "<b>test</b>"; + } +} |