细节优化

febs-server/febs-server-system/src/main/java/cc/mrbird/febs/server/system/controller/UserController.java

@@ -5,6 +5,7 @@ import cc.mrbird.febs.common.entity.FebsResponse;
 import cc.mrbird.febs.common.entity.QueryRequest;
 import cc.mrbird.febs.common.entity.system.LoginLog;
 import cc.mrbird.febs.common.entity.system.SystemUser;
+import cc.mrbird.febs.common.exception.FebsException;
 import cc.mrbird.febs.common.utils.FebsUtil;
 import cc.mrbird.febs.server.system.service.ILoginLogService;
 import cc.mrbird.febs.server.system.service.IUserService;
@@ -76,7 +77,7 @@ public class UserController {
     @GetMapping
     @PreAuthorize("hasAuthority('user:view')")
     public FebsResponse userList(QueryRequest queryRequest, SystemUser user) {
-        Map<String, Object> dataTable = FebsUtil.getDataTable(userService.findUserDetail(user, queryRequest));
+        Map<String, Object> dataTable = FebsUtil.getDataTable(userService.findUserDetailList(user, queryRequest));
         return new FebsResponse().data(dataTable);
     }
 
@@ -109,7 +110,7 @@ public class UserController {
 
     @PutMapping("profile")
     @ControllerEndpoint(exceptionMessage = "修改个人信息失败")
-    public void updateProfile(@Valid SystemUser user) {
+    public void updateProfile(@Valid SystemUser user) throws FebsException {
         this.userService.updateProfile(user);
     }
 
@@ -149,7 +150,7 @@ public class UserController {
     @PreAuthorize("hasAuthority('user:export')")
     @ControllerEndpoint(operation = "导出用户数据", exceptionMessage = "导出Excel失败")
     public void export(QueryRequest queryRequest, SystemUser user, HttpServletResponse response) {
-        List<SystemUser> users = this.userService.findUserDetail(user, queryRequest).getRecords();
+        List<SystemUser> users = this.userService.findUserDetailList(user, queryRequest).getRecords();
         ExcelKit.$Export(SystemUser.class, response).downXlsx(users, false);
     }
 }

febs-server/febs-server-system/src/main/java/cc/mrbird/febs/server/system/service/IUserService.java

@@ -2,6 +2,7 @@ package cc.mrbird.febs.server.system.service;
 
 import cc.mrbird.febs.common.entity.QueryRequest;
 import cc.mrbird.febs.common.entity.system.SystemUser;
+import cc.mrbird.febs.common.exception.FebsException;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.service.IService;
 
@@ -25,7 +26,7 @@ public interface IUserService extends IService<SystemUser> {
      * @param user    用户对象，用于传递查询条件
      * @return IPage
      */
-    IPage<SystemUser> findUserDetail(SystemUser user, QueryRequest request);
+    IPage<SystemUser> findUserDetailList(SystemUser user, QueryRequest request);
 
     /**
      * 通过用户名查找用户详细信息
@@ -68,7 +69,7 @@ public interface IUserService extends IService<SystemUser> {
      *
      * @param user 个人信息
      */
-    void updateProfile(SystemUser user);
+    void updateProfile(SystemUser user) throws FebsException;
 
     /**
      * 更新用户头像

febs-server/febs-server-system/src/main/java/cc/mrbird/febs/server/system/service/impl/UserServiceImpl.java

@@ -1,9 +1,11 @@
 package cc.mrbird.febs.server.system.service.impl;
 
+import cc.mrbird.febs.common.entity.FebsAuthUser;
 import cc.mrbird.febs.common.entity.QueryRequest;
 import cc.mrbird.febs.common.entity.constant.FebsConstant;
 import cc.mrbird.febs.common.entity.system.SystemUser;
 import cc.mrbird.febs.common.entity.system.UserRole;
+import cc.mrbird.febs.common.exception.FebsException;
 import cc.mrbird.febs.common.utils.SortUtil;
 import cc.mrbird.febs.server.system.mapper.UserMapper;
 import cc.mrbird.febs.server.system.service.IUserRoleService;
@@ -15,6 +17,8 @@ import com.baomidou.mybatisplus.core.toolkit.StringPool;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
@@ -45,7 +49,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, SystemUser> impleme
     }
 
     @Override
-    public IPage<SystemUser> findUserDetail(SystemUser user, QueryRequest request) {
+    public IPage<SystemUser> findUserDetailList(SystemUser user, QueryRequest request) {
         Page<SystemUser> page = new Page<>(request.getPageNum(), request.getPageSize());
         SortUtil.handlePageSort(request, page, "userId", FebsConstant.ORDER_ASC, false);
         return this.baseMapper.findUserDetailPage(page, user);
@@ -107,11 +111,15 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, SystemUser> impleme
 
     @Override
     @Transactional
-    public void updateProfile(SystemUser user) {
+    public void updateProfile(SystemUser user) throws FebsException {
         user.setPassword(null);
         user.setUsername(null);
         user.setStatus(null);
-        updateById(user);
+        if (isCurrentUser(user.getUserId())) {
+            updateById(user);
+        } else {
+            throw new FebsException("您无权修改别人的账号信息！");
+        }
     }
 
     @Override
@@ -151,4 +159,10 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, SystemUser> impleme
         });
         userRoleService.saveBatch(userRoles);
     }
+
+    private boolean isCurrentUser(Long id) {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        FebsAuthUser authUser = (FebsAuthUser) authentication.getPrincipal();
+        return id.equals(authUser.getUserId());
+    }
 }