add user

Signed-off-by: AE86 <836391306@qq.com>

dbsyncer-biz/src/main/java/org/dbsyncer/biz/UserService.java

@@ -1,7 +1,9 @@
 package org.dbsyncer.biz;
 
 import org.dbsyncer.biz.vo.UserInfoVo;
+import org.dbsyncer.parser.model.UserInfo;
 
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -12,32 +14,53 @@ import java.util.Map;
 public interface UserService {
 
     /**
-     * 新增用戶
+     * 获取登录用户属性KEY
+     */
+    String CURRENT_USER_NAME = "currentUserName";
+
+    /**
+     * 新增用戶(仅管理员可以新增用户)
      *
      * @param params
      */
     String add(Map<String, String> params);
 
     /**
-     * 修改用戶
+     * 修改用戶(管理员可以修改所有用户，普通用户只能修改自己)
      *
      * @param params
      */
     String edit(Map<String, String> params);
 
     /**
-     * 获取用户密码
+     * 删除用戶(仅管理员可以删除普通用户)
+     *
+     * @param params
+     */
+    String remove(Map<String, String> params);
+
+    /**
+     * 获取登录用户密码
+     *
+     * @param currentUserName 登录用户
+     * @return
+     */
+    UserInfo getUserInfo(String currentUserName);
+
+    /**
+     * 获取登录用户信息VO
      *
+     * @param currentUserName 登录用户
      * @return
      */
-    String getPassword(String username);
+    UserInfoVo getUserInfoVo(String currentUserName);
 
     /**
-     * 获取用户信息VO
+     * 获取所有用户信息VO(系统管理员可以查看所有用户，其他用户只能查看自己)
      *
-     * @param username
+     * @param currentUserName 登录用户
      * @return
      */
-    UserInfoVo getUserInfoVo(String username);
+    List<UserInfoVo> getUserInfoAll(String currentUserName);
 
 }

dbsyncer-biz/src/main/java/org/dbsyncer/biz/checker/impl/user/UserConfigChecker.java

@@ -2,24 +2,12 @@ package org.dbsyncer.biz.checker.impl.user;
 
 import org.dbsyncer.biz.BizException;
 import org.dbsyncer.biz.checker.AbstractChecker;
-import org.dbsyncer.common.util.SHA1Util;
-import org.dbsyncer.common.util.StringUtil;
-import org.dbsyncer.manager.Manager;
-import org.dbsyncer.parser.logger.LogService;
-import org.dbsyncer.parser.logger.LogType;
 import org.dbsyncer.parser.model.ConfigModel;
 import org.dbsyncer.parser.model.UserConfig;
-import org.dbsyncer.parser.model.UserInfo;
 import org.dbsyncer.storage.constant.ConfigConstant;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
-import org.springframework.util.Assert;
 
 import java.util.ArrayList;
-import java.util.List;
 import java.util.Map;
 
 /**
@@ -30,73 +18,21 @@ import java.util.Map;
 @Component
 public class UserConfigChecker extends AbstractChecker {
 
-    private final Logger logger = LoggerFactory.getLogger(getClass());
-
-    @Value(value = "${dbsyncer.web.login.username}")
-    private String username;
-
-    @Value(value = "${dbsyncer.web.login.password}")
-    private String password;
-
-    @Autowired
-    private Manager manager;
-
-    @Autowired
-    private LogService logService;
-
     @Override
-    public synchronized ConfigModel checkAddConfigModel(Map<String, String> params) {
+    public ConfigModel checkAddConfigModel(Map<String, String> params) {
         UserConfig config = new UserConfig();
         config.setName("用户配置");
         config.setType(ConfigConstant.USER_CONFIG);
-        List<UserInfo> list = new ArrayList<>();
-        list.add(new UserInfo(username, "系统管理员", password));
-        config.setUserInfoList(list);
+        config.setUserInfoList(new ArrayList<>());
 
         // 修改基本配置
         this.modifyConfigModel(config, params);
-
-        manager.addUserConfig(config);
         return config;
     }
 
     @Override
-    public synchronized ConfigModel checkEditConfigModel(Map<String, String> params) {
-        logger.info("params:{}", params);
-        Assert.notEmpty(params, "UserConfig check params is null.");
-
-        String id = params.get(ConfigConstant.CONFIG_MODEL_ID);
-        Assert.hasText(id, "UserConfig id is empty.");
-        UserConfig config = manager.getUserConfig(id);
-        Assert.notNull(config, "用户配置文件为空.");
-        String username = params.get("username");
-        Assert.hasText(username, "UserConfig username is empty.");
-        UserInfo userInfo = config.getUserInfo(username);
-        Assert.notNull(userInfo, "无效的用户.");
-
-        String nickname = params.get("nickname");
-        Assert.hasText(nickname, "UserConfig nickname is empty.");
-        // 修改密码
-        String newPwd = params.get("newPwd");
-        String oldPwd = params.get("oldPwd");
-        if (StringUtil.isNotBlank(newPwd) && StringUtil.isNotBlank(oldPwd)) {
-            oldPwd = SHA1Util.b64_sha1(oldPwd);
-
-            if (!StringUtil.equals(userInfo.getPassword(), oldPwd)) {
-                logService.log(LogType.SystemLog.ERROR, "修改密码失败");
-                throw new BizException("修改密码失败");
-            }
-            userInfo.setPassword(SHA1Util.b64_sha1(newPwd));
-            logService.log(LogType.SystemLog.INFO, "修改密码成功");
-        }
-
-        userInfo.setNickname(nickname);
-        userInfo.setPassword(password);
-        logService.log(LogType.SystemLog.INFO, String.format("[%s]修改密码成功", username));
-
-        // 修改基本配置
-        this.modifyConfigModel(config, params);
-        return config;
+    public ConfigModel checkEditConfigModel(Map<String, String> params) {
+        throw new BizException("Unsupported method");
     }
 
 }

dbsyncer-biz/src/main/java/org/dbsyncer/biz/enums/UserEnum.java

@@ -0,0 +1,48 @@
+package org.dbsyncer.biz.enums;
+
+/**
+ * 用户角色枚举
+ *
+ * @author AE86
+ * @version 1.0.0
+ * @date 2022/11/18 23:21
+ */
+public enum UserEnum {
+
+    /**
+     * 管理员
+     */
+    ADMIN("admin", "管理员"),
+
+    /**
+     * 普通用户
+     */
+    USER("user", "普通用户");
+
+    private String code;
+
+    private String name;
+
+    UserEnum(String code, String name) {
+        this.code = code;
+        this.name = name;
+    }
+
+    /**
+     * 是否是管理员
+     *
+     * @param roleCode
+     * @return
+     */
+    public static boolean isAdmin(String roleCode) {
+        return ADMIN.getCode().equals(roleCode);
+    }
+
+    public String getCode() {
+        return code;
+    }
+
+    public String getName() {
+        return name;
+    }
+}

dbsyncer-biz/src/main/java/org/dbsyncer/biz/impl/ConfigServiceImpl.java

@@ -46,8 +46,7 @@ public class ConfigServiceImpl implements ConfigService {
     private LogService logService;
 
     @Override
-    public synchronized String edit(Map<String, String> params) {
-        getConfigModel();
+    public String edit(Map<String, String> params) {
         ConfigModel model = configChecker.checkEditConfigModel(params);
         manager.editConfig(model);
         return "修改成功.";
@@ -61,7 +60,7 @@ public class ConfigServiceImpl implements ConfigService {
     @Override
     public List<ConfigModel> getConfigModelAll() {
         List<ConfigModel> list = new ArrayList<>();
-        list.add(getConfig());
+        list.add(getConfigModel());
         manager.getConnectorAll().forEach(config -> list.add(config));
         manager.getMappingAll().forEach(config -> list.add(config));
         manager.getMetaAll().forEach(config -> list.add(config));

dbsyncer-biz/src/main/java/org/dbsyncer/biz/impl/UserServiceImpl.java

@@ -1,20 +1,28 @@
 package org.dbsyncer.biz.impl;
 
+import org.dbsyncer.biz.BizException;
 import org.dbsyncer.biz.UserService;
-import org.dbsyncer.biz.checker.Checker;
+import org.dbsyncer.biz.checker.impl.user.UserConfigChecker;
+import org.dbsyncer.biz.enums.UserEnum;
 import org.dbsyncer.biz.vo.UserInfoVo;
 import org.dbsyncer.common.util.CollectionUtils;
+import org.dbsyncer.common.util.SHA1Util;
+import org.dbsyncer.common.util.StringUtil;
 import org.dbsyncer.manager.Manager;
-import org.dbsyncer.parser.model.ConfigModel;
+import org.dbsyncer.parser.logger.LogService;
+import org.dbsyncer.parser.logger.LogType;
 import org.dbsyncer.parser.model.UserConfig;
 import org.dbsyncer.parser.model.UserInfo;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
+import org.springframework.util.Assert;
 
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 /**
  * @author AE86
@@ -24,42 +32,137 @@ import java.util.Map;
 @Service
 public class UserServiceImpl implements UserService {
 
+    @Value(value = "${dbsyncer.web.login.username}")
+    private String username;
+
+    @Value(value = "${dbsyncer.web.login.password}")
+    private String password;
+
     @Autowired
     private Manager manager;
 
     @Autowired
-    private Checker userConfigChecker;
+    private UserConfigChecker userConfigChecker;
+
+    @Autowired
+    private LogService logService;
 
     @Override
     public synchronized String add(Map<String, String> params) {
-        getUserConfig();
-        ConfigModel configModel = userConfigChecker.checkAddConfigModel(params);
-        return manager.addUserConfig(configModel);
+        String username = params.get("username");
+        Assert.hasText(username, "The username is null.");
+        String nickname = params.get("nickname");
+        Assert.hasText(nickname, "The nickname is null.");
+        String password = params.get("password");
+        Assert.hasText(password, "The password is null.");
+
+        // 验证当前登录用户合法身份（必须是管理员操作）
+        UserConfig userConfig = getUserConfig();
+        UserInfo currentUser = userConfig.getUserInfo(params.get(UserService.CURRENT_USER_NAME));
+        Assert.isTrue(null == currentUser || UserEnum.isAdmin(currentUser.getRoleCode()), "No permission.");
+        // 新用户合法性（用户不能重复）
+        Assert.isNull(userConfig.getUserInfo(username), "用户已存在");
+        // 注册新用户
+        userConfig.getUserInfoList().add(new UserInfo(username, nickname, SHA1Util.b64_sha1(password), UserEnum.USER.getCode()));
+
+        return manager.editUserConfig(userConfig);
     }
 
     @Override
-    public String edit(Map<String, String> params) {
-        ConfigModel configModel = userConfigChecker.checkEditConfigModel(params);
-        return manager.editUserConfig(configModel);
+    public synchronized String edit(Map<String, String> params) {
+        String username = params.get("username");
+        Assert.hasText(username, "The username is null.");
+        String nickname = params.get("nickname");
+        Assert.hasText(nickname, "The nickname is null.");
+        String newPwd = params.get("newPwd");
+
+        // 验证当前登录用户合法身份（管理员或本人操作）
+        UserConfig userConfig = getUserConfig();
+        UserInfo currentUser = userConfig.getUserInfo(params.get(UserService.CURRENT_USER_NAME));
+        boolean admin = null != currentUser && UserEnum.isAdmin(currentUser.getRoleCode());
+        boolean self = null != currentUser && StringUtil.equals(currentUser.getUsername(), username);
+        Assert.isTrue(admin || self, "No permission.");
+
+        // 修改自己或其他用户信息
+        UserInfo updateUser = self ? currentUser : userConfig.getUserInfo(username);
+        Assert.notNull(updateUser, "用户不存在");
+
+        // 用户昵称
+        updateUser.setNickname(nickname);
+        // 修改密码
+        if(StringUtil.isNotBlank(newPwd)){
+            // 修改自己的密码需要验证
+            if(self){
+                String oldPwd = params.get("oldPwd");
+                Assert.hasText(oldPwd, "The oldPwd is null.");
+                if(!StringUtil.equals(SHA1Util.b64_sha1(oldPwd), updateUser.getPassword())){
+                    logService.log(LogType.SystemLog.ERROR, String.format("[%s]修改密码失败", username));
+                    throw new BizException("修改密码失败");
+                }
+            }
+            newPwd = SHA1Util.b64_sha1(newPwd);
+            Assert.isTrue(!StringUtil.equals(newPwd, updateUser.getPassword()), "新旧密码不能完全一样.");
+            updateUser.setPassword(newPwd);
+            logService.log(LogType.SystemLog.INFO, String.format("[%s]修改账号[%s]密码成功", currentUser.getUsername(), username));
+        }
+
+        return manager.editUserConfig(userConfig);
     }
 
     @Override
-    public String getPassword(String username) {
+    public synchronized String remove(Map<String, String> params) {
+        String username = params.get("username");
+        Assert.hasText(username, "The username is null.");
+
+        // 验证当前登录用户合法身份（必须是管理员操作）
         UserConfig userConfig = getUserConfig();
-        return userConfig != null ? userConfig.getUserInfo(username).getPassword() : null;
+        UserInfo currentUser = userConfig.getUserInfo(params.get(UserService.CURRENT_USER_NAME));
+        Assert.isTrue(UserEnum.isAdmin(currentUser.getRoleCode()), "No permission.");
+
+        // 删除用户
+        UserInfo deleteUser = userConfig.getUserInfo(username);
+        Assert.notNull(deleteUser, "用户已删除.");
+        userConfig.removeUserInfo(username);
+        manager.editUserConfig(userConfig);
+        return "删除用户成功!";
+    }
+
+    @Override
+    public UserInfo getUserInfo(String currentUserName) {
+        return getUserConfig().getUserInfo(currentUserName);
     }
 
     @Override
-    public UserInfoVo getUserInfoVo(String username) {
-        return convertUserConfig2Vo(getUserConfig().getUserInfo(username));
+    public UserInfoVo getUserInfoVo(String currentUserName) {
+        return convertUserInfo2Vo(getUserConfig().getUserInfo(currentUserName));
     }
 
-    private synchronized UserConfig getUserConfig() {
+    @Override
+    public List<UserInfoVo> getUserInfoAll(String currentUserName) {
+        return getUserConfig().getUserInfoList().stream().map(user -> convertUserInfo2Vo(user)).collect(Collectors.toList());
+    }
+
+    private UserConfig getUserConfig() {
         List<UserConfig> all = manager.getUserConfigAll();
-        return CollectionUtils.isEmpty(all) ? (UserConfig) userConfigChecker.checkAddConfigModel(new HashMap<>()) : all.get(0);
+        if (!CollectionUtils.isEmpty(all)) {
+            return all.get(0);
+        }
+
+        synchronized (this) {
+            all = manager.getUserConfigAll();
+            if (!CollectionUtils.isEmpty(all)) {
+                return all.get(0);
+            }
+
+            UserConfig userConfig = (UserConfig) userConfigChecker.checkAddConfigModel(new HashMap<>());
+            UserEnum admin = UserEnum.ADMIN;
+            userConfig.getUserInfoList().add(new UserInfo(username, admin.getName(), password, admin.getCode()));
+            manager.addUserConfig(userConfig);
+            return userConfig;
+        }
     }
 
-    private UserInfoVo convertUserConfig2Vo(UserInfo userInfo) {
+    private UserInfoVo convertUserInfo2Vo(UserInfo userInfo) {
         UserInfoVo userInfoVo = new UserInfoVo();
         BeanUtils.copyProperties(userInfo, userInfoVo);
         // 避免密码直接暴露

dbsyncer-biz/src/main/java/org/dbsyncer/biz/vo/ConfigVo.java

@@ -4,14 +4,4 @@ import org.dbsyncer.parser.model.Config;
 
 public class ConfigVo extends Config {
 
-    private String id;
-
-    public String getId() {
-        return id;
-    }
-
-    public void setId(String id) {
-        this.id = id;
-    }
-
 }

dbsyncer-parser/src/main/java/org/dbsyncer/parser/model/UserInfo.java

@@ -22,13 +22,19 @@ public class UserInfo {
      */
     private String password;
 
+    /**
+     * 角色
+     */
+    private String roleCode;
+
     public UserInfo() {
     }
 
-    public UserInfo(String username, String nickname, String password) {
+    public UserInfo(String username, String nickname, String password, String roleCode) {
         this.username = username;
         this.nickname = nickname;
         this.password = password;
+        this.roleCode = roleCode;
     }
 
     public String getUsername() {
@@ -55,6 +61,14 @@ public class UserInfo {
         this.password = password;
     }
 
+    public String getRoleCode() {
+        return roleCode;
+    }
+
+    public void setRoleCode(String roleCode) {
+        this.roleCode = roleCode;
+    }
+
     @Override
     public boolean equals(Object obj) {
         if(obj instanceof UserInfo){
@@ -68,4 +82,4 @@ public class UserInfo {
     public int hashCode() {
         return username.hashCode();
     }
-}
+}

dbsyncer-web/src/main/java/org/dbsyncer/web/controller/index/IndexController.java

@@ -1,14 +1,11 @@
 package org.dbsyncer.web.controller.index;
 
 import org.dbsyncer.biz.ProjectGroupService;
-import org.dbsyncer.biz.UserService;
 import org.dbsyncer.biz.vo.ProjectGroupVo;
 import org.dbsyncer.biz.vo.RestResult;
 import org.dbsyncer.biz.vo.VersionVo;
 import org.dbsyncer.common.config.AppConfig;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -24,9 +21,6 @@ public class IndexController {
     @Autowired
     private ProjectGroupService projectGroupService;
 
-    @Autowired
-    private UserService userService;
-
     @Autowired
     private AppConfig appConfig;
 
@@ -47,11 +41,4 @@ public class IndexController {
         return RestResult.restSuccess(new VersionVo(appConfig.getName(), appConfig.getCopyright()));
     }
 
-    @GetMapping("/getUserInfo.json")
-    @ResponseBody
-    public RestResult getUserInfo() {
-        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        return RestResult.restSuccess(userService.getUserInfoVo(authentication.getName()));
-    }
-
 }