161 lines
7.0 KiB
Java
161 lines
7.0 KiB
Java
package com.labelsys.backend.service;
|
|
|
|
import java.util.List;
|
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
import org.springframework.stereotype.Service;
|
|
import org.springframework.transaction.annotation.Transactional;
|
|
|
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
|
import com.labelsys.backend.common.ResultCode;
|
|
import com.labelsys.backend.common.exception.BusinessException;
|
|
import com.labelsys.backend.common.exception.ForbiddenException;
|
|
import com.labelsys.backend.context.LoginUser;
|
|
import com.labelsys.backend.dto.request.CreateCompanyAdminRequest;
|
|
import com.labelsys.backend.dto.request.CreateSystemEngineerAdminRequest;
|
|
import com.labelsys.backend.dto.request.CreateUserRequest;
|
|
import com.labelsys.backend.dto.request.UpdateUserAssignmentRequest;
|
|
import com.labelsys.backend.dto.request.UpdateUserStatusRequest;
|
|
import com.labelsys.backend.entity.SysCompany;
|
|
import com.labelsys.backend.entity.SysUser;
|
|
import com.labelsys.backend.enums.CompanyStatus;
|
|
import com.labelsys.backend.enums.UserPosition;
|
|
import com.labelsys.backend.enums.UserRole;
|
|
import com.labelsys.backend.enums.UserStatus;
|
|
import com.labelsys.backend.mapper.SysCompanyMapper;
|
|
import com.labelsys.backend.mapper.SysUserMapper;
|
|
import com.labelsys.backend.service.session.TokenSessionRepository;
|
|
import com.labelsys.backend.util.IdGenerator;
|
|
|
|
import lombok.RequiredArgsConstructor;
|
|
|
|
@Service
|
|
@RequiredArgsConstructor
|
|
public class UserService {
|
|
|
|
private static final String DEFAULT_PASSWORD = "123456";
|
|
|
|
private final SysUserMapper sysUserMapper;
|
|
private final SysCompanyMapper sysCompanyMapper;
|
|
private final PasswordEncoder passwordEncoder;
|
|
private final TokenSessionRepository tokenSessionRepository;
|
|
|
|
public List<SysUser> listAllUsers(LoginUser currentUser) {
|
|
assertSystemAdmin(currentUser);
|
|
LambdaQueryWrapper wrapper = new LambdaQueryWrapper<SysUser>().orderByAsc(SysUser::getId);
|
|
return sysUserMapper.selectList(wrapper);
|
|
}
|
|
|
|
public List<SysUser> listCompanyUsers(LoginUser currentUser) {
|
|
assertCompanyAdmin(currentUser);
|
|
LambdaQueryWrapper wrapper = new LambdaQueryWrapper<SysUser>()
|
|
.eq(SysUser::getCompanyId, currentUser.companyId()).orderByAsc(SysUser::getId);
|
|
return sysUserMapper.selectList(wrapper);
|
|
}
|
|
|
|
public List<SysUser> listCompanyAdmins(LoginUser currentUser, Long companyId) {
|
|
assertSystemAdmin(currentUser);
|
|
return sysUserMapper.listCompanyAdmins(companyId);
|
|
}
|
|
|
|
public SysUser createCompanyAdmin(LoginUser currentUser, CreateCompanyAdminRequest request) {
|
|
assertSystemAdmin(currentUser);
|
|
ensureEnabledCompany(request.companyId());
|
|
return createUser(request.companyId(), new CreateUserRequest(request.phone(), request.username(),
|
|
request.realName(), UserRole.EMPLOYEE, UserPosition.ADMIN));
|
|
}
|
|
|
|
public SysUser createSystemEngineerAdmin(LoginUser currentUser, CreateSystemEngineerAdminRequest request) {
|
|
assertSystemAdmin(currentUser);
|
|
Long systemCompanyId = 1L;
|
|
ensureEnabledCompany(systemCompanyId);
|
|
|
|
if (sysUserMapper.findByCompanyIdAndPhone(systemCompanyId, request.phone()) != null) {
|
|
throw new BusinessException(ResultCode.CONFLICT, "同一公司内手机号已存在");
|
|
}
|
|
|
|
SysUser user = SysUser.builder().id(IdGenerator.nextId()).companyId(systemCompanyId).phone(request.phone())
|
|
.username(request.username()).realName(request.realName()).role(UserRole.ENGINEER)
|
|
.position(UserPosition.SUPER_ADMIN).passwordHash(passwordEncoder.encode(DEFAULT_PASSWORD))
|
|
.mustChangePassword(true).status(UserStatus.ENABLED).sessionVersion(1).build();
|
|
sysUserMapper.insert(user);
|
|
return user;
|
|
}
|
|
|
|
public SysUser createCompanyUser(LoginUser currentUser, CreateUserRequest request) {
|
|
assertCompanyAdmin(currentUser);
|
|
return createUser(currentUser.companyId(), request);
|
|
}
|
|
|
|
public SysUser createCompanyUser(LoginUser currentUser, Long companyId, CreateUserRequest request) {
|
|
assertSystemAdmin(currentUser);
|
|
ensureEnabledCompany(companyId);
|
|
return createUser(companyId, request);
|
|
}
|
|
|
|
@Transactional
|
|
public void updateAssignment(LoginUser currentUser, Long userId, UpdateUserAssignmentRequest request) {
|
|
assertCompanyAdmin(currentUser);
|
|
if (sysUserMapper.updateAssignment(userId, currentUser.companyId(), request.role(), request.position()) == 0) {
|
|
throw new BusinessException(ResultCode.NOT_FOUND, "用户不存在");
|
|
}
|
|
tokenSessionRepository.removeAll(userId);
|
|
}
|
|
|
|
@Transactional
|
|
public void updateStatus(LoginUser currentUser, Long userId, UpdateUserStatusRequest request) {
|
|
assertCompanyAdmin(currentUser);
|
|
if (sysUserMapper.updateStatus(userId, currentUser.companyId(), request.status()) == 0) {
|
|
throw new BusinessException(ResultCode.NOT_FOUND, "用户不存在");
|
|
}
|
|
tokenSessionRepository.removeAll(userId);
|
|
}
|
|
|
|
@Transactional
|
|
public void updateCompanyAdminStatus(LoginUser currentUser, Long companyId, Long userId,
|
|
UpdateUserStatusRequest request) {
|
|
assertSystemAdmin(currentUser);
|
|
if (sysUserMapper.updateStatus(userId, companyId, request.status()) == 0) {
|
|
throw new BusinessException(ResultCode.NOT_FOUND, "用户不存在");
|
|
}
|
|
tokenSessionRepository.removeAll(userId);
|
|
}
|
|
|
|
private SysUser createUser(Long companyId, CreateUserRequest request) {
|
|
if (sysUserMapper.findByCompanyIdAndPhone(companyId, request.phone()) != null) {
|
|
throw new BusinessException(ResultCode.CONFLICT, "同一公司内手机号已存在");
|
|
}
|
|
SysUser user = SysUser.builder().id(IdGenerator.nextId()).companyId(companyId).phone(request.phone())
|
|
.username(request.username()).realName(request.realName()).role(request.role()).position(request.position())
|
|
.passwordHash(passwordEncoder.encode(DEFAULT_PASSWORD)).mustChangePassword(true).status(UserStatus.ENABLED)
|
|
.sessionVersion(1).build();
|
|
sysUserMapper.insert(user);
|
|
return user;
|
|
}
|
|
|
|
private void ensureEnabledCompany(Long companyId) {
|
|
SysCompany company = sysCompanyMapper.selectById(companyId);
|
|
if (company == null || company.getStatus() != CompanyStatus.ENABLED) {
|
|
throw new BusinessException(ResultCode.NOT_FOUND, "公司不存在或已禁用");
|
|
}
|
|
}
|
|
|
|
// private void assertPlatformAdmin(LoginUser currentUser) {
|
|
// if (!currentUser.isPlatformAdmin()) {
|
|
// throw new ForbiddenException("仅平台管理员可操作");
|
|
// }
|
|
// }
|
|
|
|
private void assertSystemAdmin(LoginUser currentUser) {
|
|
if (!currentUser.isSuperAdmin()) {
|
|
throw new ForbiddenException("仅超级管理员可操作");
|
|
}
|
|
}
|
|
|
|
private void assertCompanyAdmin(LoginUser currentUser) {
|
|
if (currentUser.isSuperAdmin() || currentUser.position() != UserPosition.ADMIN) {
|
|
throw new ForbiddenException("仅公司管理员可操作");
|
|
}
|
|
}
|
|
}
|