用户，角色功能修改

LN
Commit 877e30a6 由 LN 编写于 2021-07-20 17:33:04 +0800
src/main/java/com/neotel/smfcore/security/config/SpringSecurityConfig.java
src/main/java/com/neotel/smfcore/security/rest/GroupController.java
src/main/java/com/neotel/smfcore/security/rest/MenuController.java
src/main/java/com/neotel/smfcore/security/rest/RoleController.java
src/main/java/com/neotel/smfcore/security/rest/UserController.java
src/main/java/com/neotel/smfcore/security/rest/bean/dto/MenuDto.java
src/main/java/com/neotel/smfcore/security/rest/bean/dto/RoleDto.java
src/main/java/com/neotel/smfcore/security/rest/bean/dto/RoleSmallDto.java
src/main/java/com/neotel/smfcore/security/rest/bean/dto/UserDto.java
src/main/java/com/neotel/smfcore/security/rest/bean/mapstruct/RoleMapper.java
src/main/java/com/neotel/smfcore/security/rest/bean/mapstruct/UserMapper.java
src/main/java/com/neotel/smfcore/security/rest/bean/query/GroupQueryCriteria.java
src/main/java/com/neotel/smfcore/security/rest/bean/query/RoleQueryCriteria.java
src/main/java/com/neotel/smfcore/security/rest/bean/query/UserQueryCriteria.java
src/main/java/com/neotel/smfcore/security/service/dao/IUserDao.java
src/main/java/com/neotel/smfcore/security/service/dao/impl/MenuDaoImpl.java
src/main/java/com/neotel/smfcore/security/service/dao/impl/UserDaoImpl.java
src/main/java/com/neotel/smfcore/security/service/manager/IGroupManager.java
src/main/java/com/neotel/smfcore/security/service/manager/IMenuManager.java
src/main/java/com/neotel/smfcore/security/service/manager/IRoleManager.java
--- a/src/main/java/com/neotel/smfcore/security/config/SpringSecurityConfig.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/config/SpringSecurityConfig.java
查看文件 @877e30a
@@ -121,7 +121,7 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
                .antMatchers("/druid/**").permitAll()
                // 放行OPTIONS请求
                .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
-                .antMatchers("api/menus/build").permitAll()
+//                .antMatchers("api/menus/build").permitAll()
                // 自定义匿名访问所有url放行：允许匿名和带Token访问，细腻化到每个 Request 类型
                // GET
                .antMatchers(HttpMethod.GET, anonymousUrls.get(RequestMethodEnum.GET.getType()).toArray(new String[0])).permitAll()

--- a/src/main/java/com/neotel/smfcore/security/rest/GroupController.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/GroupController.java
查看文件 @877e30a
@@ -5,6 +5,7 @@ import com.neotel.smfcore.common.utils.PageUtil;
 import com.neotel.smfcore.common.utils.QueryHelp;
 import com.neotel.smfcore.security.rest.bean.dto.MenuDto;
 import com.neotel.smfcore.security.rest.bean.mapstruct.GroupMapper;
+import com.neotel.smfcore.security.rest.bean.query.GroupQueryCriteria;
 import com.neotel.smfcore.security.rest.bean.query.MenuQueryCondition;
 import com.neotel.smfcore.security.service.manager.IGroupManager;
 import com.neotel.smfcore.security.service.manager.IMenuManager;
@@ -15,6 +16,7 @@ import lombok.RequiredArgsConstructor;
 import lombok.extern.java.Log;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Pageable;
 import org.springframework.data.mongodb.core.query.Criteria;
 import org.springframework.data.mongodb.core.query.Query;
 import org.springframework.http.HttpStatus;
@@ -23,8 +25,10 @@ import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.servlet.http.HttpServletResponse;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
 import java.util.regex.Pattern;
@@ -39,14 +43,22 @@ public class GroupController {
    @Autowired
    GroupMapper groupMapper;
+    @ApiOperation("导出分组数据")
+    @GetMapping(value = "/download")
+    @PreAuthorize("@el.check('menu:list')")
+    public void download(HttpServletResponse response, GroupQueryCriteria criteria) throws Exception {
+        Query query= QueryHelp.getQuery(criteria);
+        groupManager.download(groupManager.findByQuery(query), response);
+    }
    @GetMapping
    @ApiOperation("查询组列表")
 //    @PreAuthorize("@el.check('groups:list')")
-    public ResponseEntity<Object> query(@RequestParam String groupname) throws Exception {
+    public ResponseEntity<Object> query(GroupQueryCriteria criteria, Pageable pageable) throws Exception {
-        Criteria criteria = new Criteria().and("groupName").regex(".*?\\" + groupname.trim() + ".*");
-        Query query = new Query(criteria);
+        Query query = QueryHelp.getQuery(criteria);
-        List<Group> groups = groupManager.findByQuery(query);
+        List<Group> groups = groupManager.findByPage(query,pageable);
-        return new ResponseEntity<>(groupMapper.toDto(groups), HttpStatus.OK);
+        Map<String,Object> data=PageUtil.toPage(groupMapper.toDto(groups),groups.size());
+        return new ResponseEntity<>(data, HttpStatus.OK);
    }
    @ApiOperation("新增分组")
@@ -59,15 +71,8 @@ public class GroupController {
            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
        }
-        //验证名称是否重复
-        Group hasGroup=groupManager.findOneByGroupName(resources.getGroupName());
-        if(hasGroup!=null){
-            log.info("新增分组: 组名称["+resources.getGroupName()+"]已存在");
-            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
-        }
        try {
-            groupManager.save(resources);
+            groupManager.saveGroup(resources);
        } catch (ValidateException e) {
            log.error("新增分组["+resources.getGroupName()+"]出错："+e);
            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
@@ -78,12 +83,7 @@ public class GroupController {
    @PutMapping
    @PreAuthorize("@el.check('group:edit')")
    public ResponseEntity<Object> update(@RequestBody Group resources){
-        //验证名称是否重复
-        Group hasGroup=groupManager.findOneByGroupName(resources.getGroupName());
-        if(hasGroup!=null&&(hasGroup.getId()!=resources.getId())){
-            log.info("新增分组: 组名称["+resources.getGroupName()+"]已存在");
-            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
-        }
        try {
            groupManager.save(resources);
        } catch (ValidateException e) {

--- a/src/main/java/com/neotel/smfcore/security/rest/MenuController.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/MenuController.java
查看文件 @877e30a
@@ -144,8 +144,9 @@ public class MenuController {
            log.error("menu:add 参数错误：ID不能为空");
            return  new ResponseEntity<>(HttpStatus.BAD_REQUEST);
        }
        try {
-            menuManager.save(resources);
+            menuManager.saveMenu(resources);
        }catch ( Exception exception){
            log.error("menu:add 新增菜单["+resources.toString()+"]出错："+exception);
            return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
@@ -159,8 +160,9 @@ public class MenuController {
    @PreAuthorize("@el.check('menu:edit')")
    public ResponseEntity<Object> update(@Validated @RequestBody Menu resources){
 //        public ResponseEntity<Object> update(@Validated(Menu.Update.class) @RequestBody Menu resources){
        try {
-            menuManager.save(resources);
+            menuManager.saveMenu(resources);
        } catch (ValidateException e) {
            log.error("menu:add 修改菜单["+resources.toString()+"]出错："+e);
            return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
@@ -179,7 +181,12 @@ public class MenuController {
            menuSet.add(menuManager.get(id));
            menuSet = menuManager.getChildMenus(menuList, menuSet);
        }
-        menuManager.delete(menuSet);
+        try {
+            menuManager.delete(menuSet);
+        } catch (ValidateException e) {
+            log.error("menu:add 删除菜单["+ids+"]出错："+e);
+            return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+        }
        return new ResponseEntity<>(HttpStatus.OK);
    }
 }
--- a/src/main/java/com/neotel/smfcore/security/rest/RoleController.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/RoleController.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest;
+import cn.hutool.core.lang.Dict;
+import com.neotel.smfcore.common.exception.ValidateException;
+import com.neotel.smfcore.common.utils.PageUtil;
+import com.neotel.smfcore.common.utils.QueryHelp;
+import com.neotel.smfcore.common.utils.SecurityUtils;
+import com.neotel.smfcore.security.rest.bean.dto.RoleDto;
+import com.neotel.smfcore.security.rest.bean.mapstruct.RoleMapper;
+import com.neotel.smfcore.security.rest.bean.query.RoleQueryCriteria;
+import com.neotel.smfcore.security.service.manager.IRoleManager;
+import com.neotel.smfcore.security.service.manager.IUserManager;
+import com.neotel.smfcore.security.service.po.Role;
+import com.neotel.smfcore.security.service.po.User;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Sort;
+import org.springframework.data.mongodb.core.query.Criteria;
+import org.springframework.data.mongodb.core.query.Query;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.*;
+import java.util.stream.Collectors;
+@RestController
+@RequiredArgsConstructor
+@Api(tags = "系统：角色管理")
+@RequestMapping("/api/roles")
+@Slf4j
+public class RoleController {
+    @Autowired
+    private IUserManager userManager;
+    @Autowired
+    private IRoleManager roleManager;
+    @Autowired
+    private RoleMapper roleMapper;
+    @ApiOperation("获取单个role")
+    @GetMapping(value = "/{id}")
+    @PreAuthorize("@el.check('roles:list')")
+    public ResponseEntity<Object> query(@PathVariable String id){
+        RoleDto dto=roleMapper.toDto(roleManager.get(id));
+        return new ResponseEntity<>(dto, HttpStatus.OK);
+    }
+    @ApiOperation("导出角色数据")
+    @GetMapping(value = "/download")
+    @PreAuthorize("@el.check('role:list')")
+    public void download(HttpServletResponse response, RoleQueryCriteria criteria) throws IOException {
+        Query query= QueryHelp.getQuery(criteria);
+        List<Role> roles=roleManager.findByQuery(query);
+        roleManager.download(roles, response);
+    }
+    @ApiOperation("返回全部的角色")
+    @GetMapping(value = "/all")
+    @PreAuthorize("@el.check('roles:list','user:add','user:edit')")
+    public ResponseEntity<Object> query(){
+        Query query=new Query();
+        query.with(Sort.by(Sort.Direction.ASC,"levle"));
+        return new ResponseEntity<>(roleManager.findByQuery(query),HttpStatus.OK);
+    }
+    @ApiOperation("查询角色")
+    @GetMapping
+    @PreAuthorize("@el.check('roles:list')")
+    public ResponseEntity<Object> query(RoleQueryCriteria criteria, Pageable pageable){
+        Query query= QueryHelp.getQuery(criteria);
+        query.with(Sort.by(Sort.Direction.ASC,"level"));
+        List<Role> roles=roleManager.findByPage(query,pageable);
+        List<RoleDto> dtos=roleMapper.toDto(roles);
+        Map<String ,Object> data= PageUtil.toPage(dtos,dtos.size());
+        return new ResponseEntity<>(data,HttpStatus.OK);
+    }
+    @ApiOperation("获取用户级别")
+    @GetMapping(value = "/level")
+    public ResponseEntity<Object> getLevel(){
+        User curruser =   userManager.get(SecurityUtils.getCurrentUserId());
+        Role currRole=roleManager.get(curruser.getRoleId());
+        return new ResponseEntity<>(Dict.create().set("level", currRole.getLevel() ),HttpStatus.OK);
+    }
+    @ApiOperation("新增角色")
+    @PostMapping
+    @PreAuthorize("@el.check('roles:add')")
+    public ResponseEntity<Object> create(@Validated @RequestBody Role resources){
+        if (resources.getId() != null) {
+//            throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
+            log.error("新增角色：角色ID不为空："+resources.getId());
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        if(!hasLevel(resources.getLevel()) ) {
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        try {
+            roleManager.saveRole(resources);
+        } catch (ValidateException e) {
+            log.error("新增角色["+resources.toString()+"]出错：："+e);
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        return new ResponseEntity<>(HttpStatus.CREATED);
+    }
+    @ApiOperation("修改角色")
+    @PutMapping
+    @PreAuthorize("@el.check('roles:edit')")
+    public ResponseEntity<Object> update(@Validated @RequestBody Role resources){
+        if(resources.getId()==null){
+            log.error("修改角色：角色ID为空：");
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        if(!hasLevel(resources.getLevel()) ) {
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        try {
+            roleManager.saveRole(resources);
+        } catch (ValidateException e) {
+            log.error("修改角色["+resources.toString()+"]出错：："+e);
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+    }
+    @ApiOperation("修改角色菜单")
+    @PutMapping(value = "/menu")
+    @PreAuthorize("@el.check('roles:edit')")
+    public ResponseEntity<Object> updateMenu(@RequestBody Role resources){
+        if(resources.getId()==null){
+            log.error("修改角色菜单["+resources.toString()+"]失败：角色ID不能是空");
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        Role role = roleManager.get(resources.getId());
+        if(!hasLevel(resources.getLevel()) ) {
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        try {
+            roleManager.updateMenu(resources);
+        } catch (ValidateException e) {
+            log.error("修改角色["+resources.toString()+"]出错：："+e);
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+    }
+    @ApiOperation("删除角色")
+    @DeleteMapping
+    @PreAuthorize("@el.check('roles:del')")
+    public ResponseEntity<Object> delete(@RequestBody Set<String> ids){
+        List<Role> roles=new ArrayList<Role>();
+        for (String id : ids) {
+            if(id ==null){
+                log.error("删除角色出错：ID为空");
+                return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+            }
+            Role role = roleManager.get(id);
+            if(!hasLevel(role.getLevel()) ) {
+                return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+            }
+            // 验证是否被用户关联
+            List<User> users=userManager.findByRoleId(role.getId());
+            if(users!=null&& users.size()>0){
+                log.error("删除角色["+role.toString()+"]出错：有["+users.size()+"]个用户关联改角色");
+                return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+            }
+            roles.add(role);
+        }
+        try {
+            roleManager.deleteRoles(roles);
+        } catch (ValidateException e) {
+            log.error("删除角色 ["+ids+"] 出错：："+e);
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        return new ResponseEntity<>(HttpStatus.OK);
+    }
+    /**
+     * 如果当前用户的角色级别低于创建用户的角色级别，则抛出权限不足的错误
+     * @param level /
+     */
+    private boolean hasLevel(Integer level) {
+        User curruser = userManager.get(SecurityUtils.getCurrentUserId());
+        Role currRole=roleManager.get(curruser.getRoleId());
+        if (level < currRole.getLevel()) {
+            log.error("当前用户["+curruser.getUsername()+"]权限低于 ["+level+"]，操作失败");
+            return  false;
+        }
+        return true;
+    }
+}
--- a/src/main/java/com/neotel/smfcore/security/rest/UserController.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/UserController.java
查看文件 @877e30a
@@ -18,7 +18,14 @@ package com.neotel.smfcore.security.rest;
 import com.neotel.smfcore.common.annotation.QueryCondition;
 import com.neotel.smfcore.common.exception.ValidateException;
 import com.neotel.smfcore.common.utils.PageUtil;
+import com.neotel.smfcore.common.utils.QueryHelp;
+import com.neotel.smfcore.common.utils.RsaUtils;
 import com.neotel.smfcore.common.utils.SecurityUtils;
+import com.neotel.smfcore.security.bean.RsaProperties;
+import com.neotel.smfcore.security.rest.bean.dto.RoleSmallDto;
+import com.neotel.smfcore.security.rest.bean.dto.UserDto;
+import com.neotel.smfcore.security.rest.bean.mapstruct.UserMapper;
+import com.neotel.smfcore.security.rest.bean.query.UserQueryCriteria;
 import com.neotel.smfcore.security.rest.bean.vo.UserPassVo;
 import com.neotel.smfcore.security.service.manager.IRoleManager;
 import com.neotel.smfcore.security.service.manager.IUserManager;
@@ -30,6 +37,7 @@ import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Pageable;
+import org.springframework.data.mongodb.core.query.Query;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
@@ -37,6 +45,10 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
 import java.util.Set;
 /**
@@ -55,41 +67,28 @@ public class UserController {
    private IUserManager userManager;
    @Autowired
    private IRoleManager roleManager;
+//    @Autowired
+//    private UserMapper userMapper;
-//    @ApiOperation("导出用户数据")
+    @ApiOperation("导出用户数据")
-//    @GetMapping(value = "/download")
+    @GetMapping(value = "/download")
-//    @PreAuthorize("@el.check('user:list')")
+    @PreAuthorize("@el.check('user:list')")
-//    public void download(HttpServletResponse response, UserQueryCriteria criteria) throws IOException {
+    public void download(HttpServletResponse response, UserQueryCriteria criteria) throws IOException {
-//        userService.download(userService.queryAll(criteria), response);
+        Query query=QueryHelp.getQuery(criteria);
-//    }
+        List<User> users=userManager.findByQuery(query);
+        userManager.download(users, response);
+    }
    @ApiOperation("查询用户")
    @GetMapping
    @PreAuthorize("@el.check('user:list')")
 //    public ResponseEntity<Object> query(UserQueryCriteria criteria, Pageable pageable){
-    public ResponseEntity<Object> query(QueryCondition criteria, Pageable pageable){
+    public ResponseEntity<Object> query(UserQueryCriteria criteria, Pageable pageable) {
-//        if (!ObjectUtils.isEmpty(criteria.getDeptId())) {
+        Query query = QueryHelp.getQuery(criteria);
-//            criteria.getDeptIds().add(criteria.getDeptId());
+        List<User> users = userManager.findByPage(query, pageable);
-//            // 先查找是否存在子节点
+        List<UserDto> dtos = userManager.listToDto(users);
-//            List<Dept> data = deptService.findByPid(criteria.getDeptId());
+        Map<String, Object> data = PageUtil.toPage(dtos, dtos.size());
-//            // 然后把子节点的ID都加入到集合中
+        return new ResponseEntity<>(data, HttpStatus.OK);
-//            criteria.getDeptIds().addAll(deptService.getDeptChildren(data));
-//        }
-//        // 数据权限
-//        List<Long> dataScopes = dataService.getDeptIds(userService.findByName(SecurityUtils.getCurrentUsername()));
-//        // criteria.getDeptIds() 不为空并且数据权限不为空则取交集
-//        if (!CollectionUtils.isEmpty(criteria.getDeptIds()) && !CollectionUtils.isEmpty(dataScopes)){
-//            // 取交集
-//            criteria.getDeptIds().retainAll(dataScopes);
-//            if(!CollectionUtil.isEmpty(criteria.getDeptIds())){
-//                return new ResponseEntity<>(userService.queryAll(criteria,pageable), HttpStatus.OK);
-//            }
-//        } else {
-//            // 否则取并集
-//            criteria.getDeptIds().addAll(dataScopes);
-//            return new ResponseEntity<>(userService.queryAll(criteria,pageable), HttpStatus.OK);
-//        }
-        return new ResponseEntity<>(PageUtil.toPage(null,0), HttpStatus.OK);
    }
    @ApiOperation("新增用户")
@@ -146,7 +145,20 @@ public class UserController {
    @PreAuthorize("@el.check('user:del')")
    public ResponseEntity<Object> delete(@RequestBody Set<String> ids){
        for (String id : ids) {
+            //不能删除自己
+            String currId=SecurityUtils.getCurrentUserId();
+            if(currId==id){
+                log.error("删除用户：不能删除自己");
+                return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+            }
            User user=userManager.get(id);
+            //admin的用户不让删除
+            if(user.getUsername().equals("admin")){
+                log.error("删除用户：admin用户不能删除");
+                return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+            }
            if(!hasLevel(user)) {
                return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
            }
@@ -181,19 +193,19 @@ public class UserController {
-//    @Log("修改邮箱")
+    @ApiOperation("修改邮箱")
-//    @ApiOperation("修改邮箱")
+    @PostMapping(value = "/updateEmail/{code}")
-//    @PostMapping(value = "/updateEmail/{code}")
+    public ResponseEntity<Object> updateEmail(@PathVariable String code, @RequestBody User user) throws Exception {
-//    public ResponseEntity<Object> updateEmail(@PathVariable String code, @RequestBody User user) throws Exception {
+        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, user.getPassword());
-//        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,user.getPassword());
+        User myUser = userManager.findByUserName(SecurityUtils.getCurrentUsername());
-//        UserDto userDto = userService.findByName(SecurityUtils.getCurrentUsername());
+        if(!passwordEncoder.matches(password, myUser.getPassword())){
-//        if(!passwordEncoder.matches(password, userDto.getPassword())){
+            log.error("用户["+SecurityUtils.getCurrentUsername()+"]修改邮箱失败，密码错误");
-//            throw new BadRequestException("密码错误");
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
-//        }
+        }
 //        verificationCodeService.validated(CodeEnum.EMAIL_RESET_EMAIL_CODE.getKey() + user.getEmail(), code);
-//        userService.updateEmail(userDto.getUsername(),user.getEmail());
+        userManager.updateEmail(myUser.getUsername(),myUser.getEmail());
-//        return new ResponseEntity<>(HttpStatus.OK);
+        return new ResponseEntity<>(HttpStatus.OK);
-//    }
+    }
    /**
     * 如果当前用户的角色级别低于创建用户的角色级别，则抛出权限不足的错误
@@ -208,6 +220,15 @@ public class UserController {
            log.error("当前用户["+curruser.getUsername()+"]权限低于用户["+resources.getUsername()+"]，操作失败");
          return  false;
        }
+        //如果当前用户不是管理员，不能修改管理员
+        if(resources.getIsAdmin()){
+            if(curruser.getIsAdmin().equals(false)){
+                log.error("当前用户["+curruser.getUsername()+"]权限低于管理员用户["+resources.getUsername()+"]，操作失败");
+                return  false;
+            }
+        }
        return true;
    }
 }
--- a/src/main/java/com/neotel/smfcore/security/rest/bean/dto/MenuDto.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/dto/MenuDto.java
查看文件 @877e30a
@@ -69,11 +69,16 @@ public class MenuDto implements Serializable {
    private String icon;
    public Boolean getHasChildren() {
+        if(subCount==null){
+            return false;
+        }
        return subCount > 0;
    }
    public Boolean getLeaf() {
-        return subCount <= 0;
+        if(subCount==null){
+            return true;
+        }return subCount <= 0;
    }
    public String getLabel() {

--- a/src/main/java/com/neotel/smfcore/security/rest/bean/dto/RoleDto.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/dto/RoleDto.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest.bean.dto;
+import lombok.Getter;
+import lombok.Setter;
+import java.io.Serializable;
+import java.util.Set;
+@Setter
+@Getter
+public class RoleDto implements Serializable {
+    private String id;
+    private Set<String> menus;
+    private String name;
+    private String dataScope;
+    private Integer level;
+    private String description;
+}
--- a/src/main/java/com/neotel/smfcore/security/rest/bean/dto/RoleSmallDto.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/dto/RoleSmallDto.java
查看文件 @877e30a
@@ -15,14 +15,16 @@
 */
 package com.neotel.smfcore.security.rest.bean.dto;
+import lombok.AllArgsConstructor;
 import lombok.Data;
 import java.io.Serializable;
 @Data
+@AllArgsConstructor
 public class RoleSmallDto implements Serializable {
-    private Long id;
+    private String id;
    private String name;

--- a/src/main/java/com/neotel/smfcore/security/rest/bean/dto/UserDto.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/dto/UserDto.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest.bean.dto;
+import com.alibaba.fastjson.annotation.JSONField;
+import lombok.Getter;
+import lombok.Setter;
+import java.io.Serializable;
+import java.util.Date;
+import java.util.Set;
+@Getter
+@Setter
+public class UserDto implements Serializable {
+    private String id;
+    private String roleId;
+    private String username;
+    private String email;
+    @JSONField(serialize = false)
+    private String password;
+    private Boolean enabled;
+    @JSONField(serialize = false)
+    private Boolean isAdmin = false;
+    private Date pwdResetTime;
+    private Set<String> groups;
+    private String roleName;
+}
--- a/src/main/java/com/neotel/smfcore/security/rest/bean/mapstruct/RoleMapper.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/mapstruct/RoleMapper.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest.bean.mapstruct;
+import com.neotel.smfcore.common.base.BaseMapper;
+import com.neotel.smfcore.security.rest.bean.dto.RoleDto;
+import com.neotel.smfcore.security.service.po.Role;
+import org.mapstruct.Mapper;
+import org.mapstruct.ReportingPolicy;
+@Mapper(componentModel = "spring",unmappedTargetPolicy = ReportingPolicy.IGNORE)
+public interface RoleMapper extends BaseMapper<RoleDto, Role> {
+}
--- a/src/main/java/com/neotel/smfcore/security/rest/bean/mapstruct/UserMapper.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/mapstruct/UserMapper.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest.bean.mapstruct;
+import com.neotel.smfcore.common.base.BaseMapper;
+import com.neotel.smfcore.security.rest.bean.dto.UserDto;
+import com.neotel.smfcore.security.service.po.User;
+import org.mapstruct.Mapper;
+import org.mapstruct.ReportingPolicy;
+@Mapper(componentModel = "spring" ,unmappedTargetPolicy = ReportingPolicy.IGNORE)
+public interface UserMapper  extends BaseMapper<UserDto, User> {
+}
--- a/src/main/java/com/neotel/smfcore/security/rest/bean/query/GroupQueryCriteria.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/query/GroupQueryCriteria.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest.bean.query;
+import com.neotel.smfcore.common.annotation.QueryCondition;
+import java.util.Date;
+import java.util.List;
+public class GroupQueryCriteria {
+    @QueryCondition(blurry = "groupName")
+    private String blurry;
+    @QueryCondition(type = QueryCondition.Type.BETWEEN)
+    private List<Date> createTime;
+    @QueryCondition
+    private String id;
+}
--- a/src/main/java/com/neotel/smfcore/security/rest/bean/query/RoleQueryCriteria.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/query/RoleQueryCriteria.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest.bean.query;
+import com.neotel.smfcore.common.annotation.QueryCondition;
+import org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy;
+import java.io.Serializable;
+import java.sql.Timestamp;
+import java.util.List;
+public class RoleQueryCriteria implements Serializable {
+    @QueryCondition(blurry = "name,description")
+    private String blurry;
+    @QueryCondition(type = QueryCondition.Type.BETWEEN)
+    private List<Timestamp> createTime;
+    @QueryCondition
+    private String id;
+}
--- a/src/main/java/com/neotel/smfcore/security/rest/bean/query/UserQueryCriteria.java 0 → 100644
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/rest/bean/query/UserQueryCriteria.java 0 → 100644
查看文件 @877e30a
+package com.neotel.smfcore.security.rest.bean.query;
+import com.neotel.smfcore.common.annotation.QueryCondition;
+import lombok.Data;
+import org.springframework.data.mongodb.repository.Query;
+import java.io.Serializable;
+import java.sql.Timestamp;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+@Data
+public class UserQueryCriteria implements Serializable {
+    @QueryCondition
+    private String id;
+    @QueryCondition(blurry = "email,username")
+    private String blurry;
+    @QueryCondition
+    private Boolean enabled;
+    @QueryCondition
+    private String roleId;
+    @QueryCondition(type = QueryCondition.Type.BETWEEN)
+    private List<Timestamp> createTime;
+}
--- a/src/main/java/com/neotel/smfcore/security/service/dao/IUserDao.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/dao/IUserDao.java
查看文件 @877e30a
@@ -27,66 +27,13 @@ public interface IUserDao extends IBaseDao {
     */
    User findByEmail(String email);
-    /**
-     * 修改密码
-     * @param username 用户名
-     * @param pass 密码
-     * @param lastPasswordResetTime /
-     */
-    void updatePass(String username, String pass, Date lastPasswordResetTime);
-    /**
-     * 修改邮箱
-     * @param username 用户名
-     * @param email 邮箱
-     */
-    void updateEmail(String username, String email);
    /**
     * 根据角色查询用户
     * @param roleId /
     * @return /
     */
-    List<User> findByRoleId(Long roleId);
+    List<User> findByRoleId(String roleId);
-    /**
-     * 根据角色中的部门查询
-     * @param deptId /
-     * @return /
-     */
-    List<User> findByRoleDeptId(Long deptId);
-    /**
-     * 根据菜单查询
-     * @param id 菜单ID
-     * @return /
-     */
-    List<User> findByMenuId(Long id);
-    /**
-     * 根据Id删除
-     * @param ids /
-     */
-    void deleteAllByIdIn(Set<Long> ids);
-    /**
-     * 根据岗位查询
-     * @param ids /
-     * @return /
-     */
-    int countByJobs(Set<Long> ids);
-    /**
-     * 根据部门查询
-     * @param deptIds /
-     * @return /
-     */
-    int countByDepts(Set<Long> deptIds);
-    /**
-     * 根据角色查询
-     * @param ids /
-     * @return /
-     */
-    int countByRoles(Set<Long> ids);
 }
--- a/src/main/java/com/neotel/smfcore/security/service/dao/impl/MenuDaoImpl.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/dao/impl/MenuDaoImpl.java
查看文件 @877e30a
@@ -21,6 +21,6 @@ public class MenuDaoImpl extends AbstractBaseDao implements IMenuDao {
    @Override
    public List<Menu> findByPid(String pid) {
-        return super.findOneByCondition(new String[] {"pid"}, new String[] {pid});
+        return super.findListByCondition(new String[] {"pid"}, new String[] {pid});
    }
 }
--- a/src/main/java/com/neotel/smfcore/security/service/dao/impl/UserDaoImpl.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/dao/impl/UserDaoImpl.java
查看文件 @877e30a
@@ -4,6 +4,9 @@ import com.neotel.smfcore.common.base.AbstractBaseDao;
 import com.neotel.smfcore.security.service.OnlineUserService;
 import com.neotel.smfcore.security.service.dao.IUserDao;
 import com.neotel.smfcore.security.service.po.User;
+import org.springframework.data.mongodb.core.query.Criteria;
+import org.springframework.data.mongodb.core.query.Query;
+import org.springframework.data.mongodb.core.query.Update;
 import org.springframework.stereotype.Service;
 import java.util.Date;
@@ -33,49 +36,10 @@ public class UserDaoImpl extends AbstractBaseDao implements IUserDao {
    }
-    @Override
-    public void updatePass(String username, String pass, Date lastPasswordResetTime) {
-    }
-    @Override
-    public void updateEmail(String username, String email) {
-    }
-    @Override
-    public List<User> findByRoleId(Long roleId) {
-        return null;
-    }
-    @Override
-    public List<User> findByRoleDeptId(Long deptId) {
-        return null;
-    }
    @Override
-    public List<User> findByMenuId(Long id) {
+    public List<User> findByRoleId(String roleId) {
-        return null;
+        return super.findOneByCondition(new String[] {"roleId"}, new String[] {roleId});
    }
-    @Override
-    public void deleteAllByIdIn(Set<Long> ids) {
-    }
-    @Override
-    public int countByJobs(Set<Long> ids) {
-        return 0;
-    }
-    @Override
-    public int countByDepts(Set<Long> deptIds) {
-        return 0;
-    }
-    @Override
-    public int countByRoles(Set<Long> ids) {
-        return 0;
-    }
 }
--- a/src/main/java/com/neotel/smfcore/security/service/manager/IGroupManager.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/IGroupManager.java
查看文件 @877e30a
 package com.neotel.smfcore.security.service.manager;
 import com.neotel.smfcore.common.base.IBaseManager;
+import com.neotel.smfcore.common.exception.ValidateException;
 import com.neotel.smfcore.security.service.po.Group;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.List;
 public interface IGroupManager extends IBaseManager<Group> {
+    Group getByGroupName(String groupName);
+    Group saveGroup(Group resources) throws ValidateException;
+    void download(List<Group> byQuery, HttpServletResponse response) throws IOException;
 }
--- a/src/main/java/com/neotel/smfcore/security/service/manager/IMenuManager.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/IMenuManager.java
查看文件 @877e30a
@@ -2,6 +2,7 @@
 package com.neotel.smfcore.security.service.manager;
 import com.neotel.smfcore.common.base.IBaseManager;
+import com.neotel.smfcore.common.exception.ValidateException;
 import com.neotel.smfcore.security.rest.bean.dto.MenuDto;
 import com.neotel.smfcore.security.rest.bean.vo.MenuVo;
 import com.neotel.smfcore.security.service.po.Menu;
@@ -71,5 +72,7 @@ public interface IMenuManager extends IBaseManager<Menu> {
     * 删除
     * @param menuSet /
     */
-    void delete(Set<Menu> menuSet);
+    void delete(Set<Menu> menuSet) throws ValidateException;
+    Menu saveMenu(Menu menu) throws ValidateException;
 }
--- a/src/main/java/com/neotel/smfcore/security/service/manager/IRoleManager.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/IRoleManager.java
查看文件 @877e30a
@@ -16,6 +16,7 @@
 package com.neotel.smfcore.security.service.manager;
 import com.neotel.smfcore.common.base.IBaseManager;
+import com.neotel.smfcore.common.exception.ValidateException;
 import com.neotel.smfcore.security.service.po.Role;
 import com.neotel.smfcore.security.service.po.User;
 import org.springframework.data.domain.Pageable;
@@ -32,4 +33,13 @@ import java.util.Set;
 public interface IRoleManager extends IBaseManager<Role> {
+    void download(List<Role> roles, HttpServletResponse response) throws IOException;
+    Role saveRole(Role user) throws ValidateException;
+    void updateMenu(Role resources) throws ValidateException;
+    void deleteRoles(List<Role> roles) throws ValidateException;
+    void untiedMenu(String menuId) throws ValidateException;
 }
--- a/src/main/java/com/neotel/smfcore/security/service/manager/IUserManager.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/IUserManager.java
查看文件 @877e30a
@@ -17,10 +17,8 @@ package com.neotel.smfcore.security.service.manager;
 import com.neotel.smfcore.common.base.IBaseManager;
 import com.neotel.smfcore.common.exception.ValidateException;
+import com.neotel.smfcore.security.rest.bean.dto.UserDto;
 import com.neotel.smfcore.security.service.po.User;
-import org.springframework.data.domain.Pageable;
-import org.springframework.web.multipart.MultipartFile;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.List;
@@ -62,4 +60,12 @@ public interface IUserManager extends IBaseManager<User> {
     * @param ids
     */
    void deleteUsers(Set<String> ids) throws ValidateException;
+    List<User> findByRoleId(String roleId);
+    void download(List<User> users, HttpServletResponse response) throws IOException;
+    void updateEmail(String username, String email);
+    List<UserDto> listToDto(List<User> users);
 }
--- a/src/main/java/com/neotel/smfcore/security/service/manager/impl/GroupManagerImpl.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/impl/GroupManagerImpl.java
查看文件 @877e30a
 package com.neotel.smfcore.security.service.manager.impl;
 import com.neotel.smfcore.common.exception.ValidateException;
+import com.neotel.smfcore.common.utils.FileUtil;
 import com.neotel.smfcore.security.service.dao.IGroupDao;
 import com.neotel.smfcore.security.service.manager.IGroupManager;
 import com.neotel.smfcore.security.service.po.Group;
+import com.neotel.smfcore.security.service.po.Menu;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Pageable;
+import org.springframework.data.mongodb.core.query.Criteria;
 import org.springframework.data.mongodb.core.query.Query;
 import org.springframework.stereotype.Service;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.LinkedHashMap;
 import java.util.List;
+import java.util.Map;
 @Service
 public class GroupManagerImpl implements IGroupManager {
    @Autowired
@@ -21,6 +30,35 @@ public class GroupManagerImpl implements IGroupManager {
    }
    @Override
+    public Group saveGroup(Group resources) throws ValidateException {
+        String logName="新增分组：";
+        Criteria c = Criteria.where("groupName").is(resources.getGroupName());
+        if (resources.getId() != null) {
+            c.and("id").ne(resources.getId());
+             logName="修改分组：";
+        }
+        Query que = new Query(c);
+        List<Group> groups = findByQuery(que);
+        if (groups != null && groups.size() > 0) {
+            throw new ValidateException(logName+"组名称[" + resources.getGroupName() + "]已存在");
+        }
+        return groupDao.save(resources);
+    }
+    @Override
+    public void download(List<Group> groups, HttpServletResponse response)throws IOException {
+        List<Map<String, Object>> list = new ArrayList<>();
+        for (Group group : groups) {
+            Map<String,Object> map = new LinkedHashMap<>();
+            map.put("组ID", group.getId());
+            map.put("组名称", group.getGroupName());
+            list.add(map);
+        }
+        FileUtil.downloadExcel(list, response);
+    }
+    @Override
    public Group get(String id) {
        return groupDao.findOneById(id);
    }
@@ -45,8 +83,4 @@ public class GroupManagerImpl implements IGroupManager {
        return groupDao.findByQuery(query);
    }
-    @Override
-    public Group findOneByGroupName(String groupName) {
-        return groupDao.findOneByCondition(new String[]{"groupName"},new String[]{groupName});
-    }
 }
--- a/src/main/java/com/neotel/smfcore/security/service/manager/impl/MenuManagerImpl.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/impl/MenuManagerImpl.java
查看文件 @877e30a
@@ -208,8 +208,10 @@ public class MenuManagerImpl implements IMenuManager {
    }
    @Override
-    public void delete(Set<Menu> menuSet) {
+    public void delete(Set<Menu> menuSet) throws ValidateException {
        for (Menu menu : menuSet) {
+            this.delete(menu);
+            roleManager.untiedMenu(menu.getId());
            // 清理缓存
 //            delCaches(menu.getId());
 //            roleService.untiedMenu(menu.getId());
@@ -217,6 +219,26 @@ public class MenuManagerImpl implements IMenuManager {
 //            updateSubCnt(menu.getPid());
        }
    }
+    @Override
+    public Menu saveMenu(Menu menu) throws ValidateException {
+        if(menu.getChildren()==null){
+            menu.setChildren(new ArrayList<Menu>());
+        }
+        if(menu.getSubCount()==null){
+            menu.setSubCount(0);
+        }
+        if(menu.getPermission()==null){
+            menu.setPermission("");
+        }
+        if(menu.getComponent()==null){
+            menu.setComponent("");
+        }
+        if(menu.getComponentName()==null){
+            menu.setComponentName("");
+        }
+        return menuDao.save(menu);
+    }
 //    /**
 //     * 清理缓存
 //     * @param id 菜单ID

--- a/src/main/java/com/neotel/smfcore/security/service/manager/impl/RoleManagerImpl.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/impl/RoleManagerImpl.java
查看文件 @877e30a
 package com.neotel.smfcore.security.service.manager.impl;
 import com.neotel.smfcore.common.exception.ValidateException;
+import com.neotel.smfcore.common.utils.FileUtil;
 import com.neotel.smfcore.security.service.dao.IRoleDao;
 import com.neotel.smfcore.security.service.dao.IUserDao;
 import com.neotel.smfcore.security.service.manager.IRoleManager;
 import com.neotel.smfcore.security.service.manager.IUserManager;
 import com.neotel.smfcore.security.service.po.Role;
 import com.neotel.smfcore.security.service.po.User;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.mongodb.core.query.Criteria;
 import org.springframework.data.mongodb.core.query.Query;
 import org.springframework.data.mongodb.core.query.Update;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
-import java.util.List;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.*;
 /**
 * Created by kangmor on 2015/12/1.
 */
 @Service
+@Slf4j
 public class RoleManagerImpl implements IRoleManager {
    @Autowired
@@ -31,8 +38,8 @@ public class RoleManagerImpl implements IRoleManager {
    }
    @Override
-    public Role save(Role user) throws ValidateException {
+    public Role save(Role role) throws ValidateException {
-        return roleDao.save(user);
+        return roleDao.save(role);
    }
    @Override
@@ -49,4 +56,77 @@ public class RoleManagerImpl implements IRoleManager {
    public List<Role> findByQuery(Query query) {
        return roleDao.findByQuery(query);
    }
+    @Override
+    public void download(List<Role> roles, HttpServletResponse response) throws IOException {
+        List<Map<String, Object>> list = new ArrayList<>();
+        for (Role role : roles) {
+            Map<String, Object> map = new LinkedHashMap<>();
+            map.put("角色名称", role.getName());
+            map.put("角色级别", role.getLevel());
+            map.put("描述", role.getDescription());
+            map.put("创建日期", role.getCreateDate());
+            list.add(map);
+        }
+        FileUtil.downloadExcel(list, response);
+    }
+    @Override
+    public Role saveRole(Role role) throws ValidateException {
+        if (role.getLevel() == null) {
+            role.setLevel(99);
+        }
+        if (role.getMenus() == null) {
+            role.setMenus(new HashSet<String>());
+        }
+        if (role.getDataScope() == null) {
+            role.setDataScope("全部");
+        }
+        if (role.getDescription() == null) {
+            role.setDescription("");
+        }
+        String logName="新增角色:";
+        Criteria c = Criteria.where("name").is(role.getName());
+        if (role.getId() != null) {
+            c = c.and("id").ne(role.getId());
+            logName="修改角色:";
+        }
+        Query query = new Query(c);
+        List<Role> roles = findByQuery(query);
+        if (roles != null && roles.size() > 0) {
+            log.error(logName+"[" + role.toString() + "]出错：角色名[" + role.getName() + "]已存在");
+            throw new ValidateException(logName+"角色名[" + role.getName() + "]已存在");
+        }
+        return roleDao.save(role);
+    }
+    @Override
+    public void updateMenu(Role resources) throws ValidateException {
+        this.save(resources);
+//        List<User> users = userRepository.findByRoleId(role.getId());
+//        // 更新菜单
+//        role.setMenus(resources.getMenus());
+//        delCaches(resources.getId(), users);
+//        roleRepository.save(role);
+    }
+    @Override
+    public  void deleteRoles(List<Role> roles) throws ValidateException {
+        for (Role role:roles  ) {
+            this.delete(role);
+        }
+    }
+    @Override
+    public void untiedMenu(String menuId) throws ValidateException {
+        Query query = new Query(Criteria.where("menus").all(menuId));
+        List<Role> roles = roleDao.findByQuery(query);
+        for (Role role : roles
+        ) {
+            Set<String> menus = role.getMenus();
+            menus.remove(menuId);
+            role.setMenus(menus);
+            this.save(role);
+        }
+    }
 }
--- a/src/main/java/com/neotel/smfcore/security/service/manager/impl/UserManagerImpl.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/manager/impl/UserManagerImpl.java
查看文件 @877e30a
@@ -2,8 +2,15 @@ package com.neotel.smfcore.security.service.manager.impl;
 import com.google.common.base.Strings;
 import com.neotel.smfcore.common.exception.ValidateException;
+import com.neotel.smfcore.common.utils.FileUtil;
+import com.neotel.smfcore.security.rest.bean.dto.RoleSmallDto;
+import com.neotel.smfcore.security.rest.bean.dto.UserDto;
+import com.neotel.smfcore.security.rest.bean.mapstruct.RoleMapper;
+import com.neotel.smfcore.security.rest.bean.mapstruct.UserMapper;
 import com.neotel.smfcore.security.service.dao.IUserDao;
+import com.neotel.smfcore.security.service.manager.IRoleManager;
 import com.neotel.smfcore.security.service.manager.IUserManager;
+import com.neotel.smfcore.security.service.po.Role;
 import com.neotel.smfcore.security.service.po.User;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
@@ -13,18 +20,22 @@ import org.springframework.data.mongodb.core.query.Query;
 import org.springframework.data.mongodb.core.query.Update;
 import org.springframework.stereotype.Service;
-import java.util.Date;
+import javax.servlet.http.HttpServletResponse;
-import java.util.List;
+import java.io.IOException;
-import java.util.Set;
+import java.util.*;
+import java.util.stream.Collectors;
 /**
 * Created by kangmor on 2015/12/1.
 */
 @Service
 public class UserManagerImpl implements IUserManager {
+    @Autowired
+    private UserMapper userMapper;
    @Autowired
    protected IUserDao userDao;
+    @Autowired
+    protected IRoleManager roleManager;
    @Override
    public User findByUserName(String username) {
@@ -47,7 +58,10 @@ public class UserManagerImpl implements IUserManager {
            if(!user.getEnabled()){
            }
-            dataUser.setUsername(user.getUsername());
+            //用户名admin不能修改
+            if(!dataUser.equals("admin")){
+                dataUser.setUsername(user.getUsername());
+            }
            dataUser.setEmail(user.getEmail());
            dataUser.setEnabled(user.getEnabled());
            dataUser.setIsAdmin(user.getIsAdmin());;
@@ -60,18 +74,23 @@ public class UserManagerImpl implements IUserManager {
    public void updateCenter(User resources) {
        User dataUser=this.get(resources.getId());
        if(dataUser!=null){
+            //用户名admin不能修改
+            if(!dataUser.equals("admin")){
+                dataUser.setUsername(resources.getUsername());
+            }
+            dataUser.setUsername(resources.getUsername());
            dataUser.setEmail(resources.getEmail());
        }
        userDao.save(dataUser);
    }
    @Override
-    public void deleteUsers(Set<String> ids) throws ValidateException{
+    public void deleteUsers(Set<String> ids) throws ValidateException {
-        for (String id:ids
+        for (String id : ids ) {
-             ) {
+            User user = get(id);
-            User user=get(id);
+            if (user != null) {
-            if(user!=null){
+                this.delete(user);
-              this.delete(user);
            }
        }
    }
@@ -100,4 +119,52 @@ public class UserManagerImpl implements IUserManager {
    public List<User> findByQuery(Query query) {
        return userDao.findByQuery(query);
    }
+    @Override
+    public  List<User> findByRoleId(String roleId){
+        List<User> users = userDao.findOneByCondition(new String[] {"roleId"}, new String[] {roleId});
+        return users;
+    }
+    @Override
+    public void download(List<User> queryAll, HttpServletResponse response) throws IOException {
+        List<Map<String, Object>> list = new ArrayList<>();
+        for (User user : queryAll) {
+            Map<String, Object> map = new LinkedHashMap<>();
+            map.put("用户名", user.getUsername());
+            map.put("角色", user.getRoleId());
+            map.put("邮箱", user.getEmail());
+            map.put("状态", user.getEnabled() ? "启用" : "禁用");
+            map.put("修改密码的时间", user.getPwdResetTime());
+            map.put("创建日期", user.getCreateDate());
+            list.add(map);
+        }
+        FileUtil.downloadExcel(list, response);
+    }
+    @Override
+    public void updateEmail(String username, String email) {
+        Criteria c = Criteria.where("username").is(username);
+        Query query = Query.query(c);
+        Update update = Update.update("email","email");
+        userDao.updateFirst(query,update);
+    }
+    @Override
+    public List<UserDto> listToDto(List<User> users) {
+        List<UserDto> dtos = userMapper.toDto(users);
+        for (int i=0;i< dtos.size();i++ )
+        {
+            String roleId=dtos.get(i).getRoleId();
+            if(roleId!=null){
+                Role role=roleManager.get(dtos.get(i).getRoleId());
+                if(role!=null){
+//                    dtos.get(i).setRole(new RoleSmallDto(roleId,role.getName(),role.getLevel(),role.getDataScope()));
+                    dtos.get(i).setRoleName(role.getName());
+                }
+            }
+        }
+        return dtos;
+    }
 }
--- a/src/main/java/com/neotel/smfcore/security/service/po/Menu.java
查看文件 @877e30a
+++ b/src/main/java/com/neotel/smfcore/security/service/po/Menu.java
查看文件 @877e30a
@@ -91,11 +91,16 @@ public class Menu extends BasePo implements Serializable {
    private String icon;
    public Boolean getHasChildren() {
+        if(subCount==0){
+            return false;
+        }
        return subCount > 0;
    }
    public Boolean getLeaf() {
-        return subCount <= 0;
+        if(subCount==0){
+            return true;
+        }return subCount <= 0;
    }
    public String getLabel() {