feat[litemall-admin-api]:后端API访问需要校验权限
This commit is contained in:
Junling Bu
47
doc/admin.md
47
doc/admin.md
@@ -80,39 +80,9 @@
|
||||
|
||||
### 4.1.8 安全
|
||||
|
||||
#### 4.1.8.1 Token
|
||||
这里的安全基于Shiro。
|
||||
|
||||
管理员登录成功以后,后端会返回token,之后管理员的请求都会携带token。
|
||||
|
||||
见AdminWebMvcConfiguration类、LoginAdmin和LoginAdminHandlerMethodArgumentResolver类。
|
||||
|
||||
管理后台后端服务每次请求都会检测是否存在HTTP头部域`X-Litemall-Admin-Token`。
|
||||
如果存在,则内部查询转换成LoginAdmin,然后作为请求参数。
|
||||
如果不存在,则作为null请求参数。
|
||||
|
||||
而具体的后端服务controller中,则可以利用LoginAdmin来检查。
|
||||
|
||||
例如管理员地址服务中:
|
||||
```
|
||||
@RestController
|
||||
@RequestMapping("/admin/address")
|
||||
@Validated
|
||||
public class AdminAddressController {
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
Integer userId, String name,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@Order @RequestParam(defaultValue = "desc") String order) {
|
||||
if (adminId == null) {
|
||||
return ResponseUtil.unlogin();
|
||||
}
|
||||
|
||||
...
|
||||
}
|
||||
```
|
||||
如果检测`adminId`是null,则返回错误信息“管理员未登录”。
|
||||
#### 4.1.8.1 认证
|
||||
|
||||
#### 4.1.8.2 账号密码加盐
|
||||
|
||||
@@ -120,12 +90,17 @@ public class AdminAddressController {
|
||||
|
||||
而如果用户采用了账号和密码的形式登录,那么后端需要把用户密码加盐。
|
||||
|
||||
#### 4.1.8.3 权限管理
|
||||
|
||||
### 4.1.9 定时任务
|
||||
|
||||
AdminOrderController类存在以下三个方法,其实是三个定时任务:
|
||||
* checkOrderUnpaid
|
||||
* checkOrderUnconfirm
|
||||
* checkOrderComment
|
||||
job子包存在以下定时任务:
|
||||
* OrderJob类
|
||||
* checkOrderUnpaid
|
||||
* checkOrderUnconfirm
|
||||
* checkOrderComment
|
||||
* CouponJob类
|
||||
* checkCouponExpired
|
||||
|
||||
注意:
|
||||
> 虽然定时任务放在AdminOrderController类中,但是可能这里不是很合适,
|
||||
|
||||
@@ -1,13 +0,0 @@
|
||||
package org.linlinjava.litemall.admin.annotation;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
|
||||
@Target(ElementType.PARAMETER)
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
public @interface LoginAdmin {
|
||||
|
||||
}
|
||||
@@ -1,33 +0,0 @@
|
||||
package org.linlinjava.litemall.admin.annotation.support;
|
||||
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.linlinjava.litemall.db.domain.LitemallAdmin;
|
||||
import org.springframework.core.MethodParameter;
|
||||
import org.springframework.web.bind.support.WebDataBinderFactory;
|
||||
import org.springframework.web.context.request.NativeWebRequest;
|
||||
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
|
||||
import org.springframework.web.method.support.ModelAndViewContainer;
|
||||
|
||||
|
||||
public class LoginAdminHandlerMethodArgumentResolver implements HandlerMethodArgumentResolver {
|
||||
|
||||
@Override
|
||||
public boolean supportsParameter(MethodParameter parameter) {
|
||||
return parameter.getParameterType().isAssignableFrom(Integer.class) && parameter.hasParameterAnnotation(LoginAdmin.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer container,
|
||||
NativeWebRequest request, WebDataBinderFactory factory) throws Exception {
|
||||
Subject currentUser = SecurityUtils.getSubject();
|
||||
LitemallAdmin admin = (LitemallAdmin) currentUser.getPrincipal();
|
||||
if (admin == null) {
|
||||
throw new AuthenticationException();
|
||||
}
|
||||
|
||||
return admin.getId();
|
||||
}
|
||||
}
|
||||
@@ -1,16 +0,0 @@
|
||||
package org.linlinjava.litemall.admin.config;
|
||||
|
||||
import org.linlinjava.litemall.admin.annotation.support.LoginAdminHandlerMethodArgumentResolver;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Configuration
|
||||
public class AdminWebMvcConfigurer implements WebMvcConfigurer {
|
||||
@Override
|
||||
public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
|
||||
argumentResolvers.add(new LoginAdminHandlerMethodArgumentResolver());
|
||||
}
|
||||
}
|
||||
@@ -11,6 +11,7 @@ import org.linlinjava.litemall.admin.shiro.AdminWebSessionManager;
|
||||
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.DependsOn;
|
||||
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
@@ -72,9 +73,9 @@ public class ShiroConfig {
|
||||
}
|
||||
|
||||
@Bean
|
||||
public static DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
|
||||
@DependsOn("lifecycleBeanPostProcessor")
|
||||
public static DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
|
||||
DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
|
||||
creator.setUsePrefix(true);
|
||||
return creator;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -27,9 +27,9 @@ public class AdminAdController {
|
||||
@Autowired
|
||||
private LitemallAdService adService;
|
||||
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String name, String content,
|
||||
@RequiresPermissions("admin:ad:list")
|
||||
@RequestMapping("/list")
|
||||
public Object list(String name, String content,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -55,8 +55,9 @@ public class AdminAdController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:ad:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallAd ad) {
|
||||
public Object create(@RequestBody LitemallAd ad) {
|
||||
Object error = validate(ad);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -65,14 +66,16 @@ public class AdminAdController {
|
||||
return ResponseUtil.ok(ad);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:ad:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallAd brand = adService.findById(id);
|
||||
return ResponseUtil.ok(brand);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:ad:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallAd ad) {
|
||||
public Object update(@RequestBody LitemallAd ad) {
|
||||
Object error = validate(ad);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -84,8 +87,9 @@ public class AdminAdController {
|
||||
return ResponseUtil.ok(ad);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:ad:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallAd ad) {
|
||||
public Object delete(@RequestBody LitemallAd ad) {
|
||||
Integer id = ad.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -52,9 +52,9 @@ public class AdminAddressController {
|
||||
return addressVo;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:address:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
Integer userId, String name,
|
||||
public Object list(Integer userId, String name,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.RegexUtil;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.util.bcrypt.BCryptPasswordEncoder;
|
||||
@@ -16,7 +16,6 @@ import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.constraints.NotNull;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@@ -32,9 +31,9 @@ public class AdminAdminController {
|
||||
@Autowired
|
||||
private LitemallAdminService adminService;
|
||||
|
||||
@RequiresPermissions("admin:admin:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String username,
|
||||
public Object list(String username,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -63,8 +62,9 @@ public class AdminAdminController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:admin:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallAdmin admin) {
|
||||
public Object create(@RequestBody LitemallAdmin admin) {
|
||||
Object error = validate(admin);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -84,14 +84,16 @@ public class AdminAdminController {
|
||||
return ResponseUtil.ok(admin);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:admin:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallAdmin admin = adminService.findById(id);
|
||||
return ResponseUtil.ok(admin);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:admin:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallAdmin admin) {
|
||||
public Object update(@RequestBody LitemallAdmin admin) {
|
||||
Object error = validate(admin);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -114,8 +116,9 @@ public class AdminAdminController {
|
||||
return ResponseUtil.ok(admin);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:admin:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallAdmin admin) {
|
||||
public Object delete(@RequestBody LitemallAdmin admin) {
|
||||
Integer anotherAdminId = admin.getId();
|
||||
if (anotherAdminId == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -3,9 +3,12 @@ package org.linlinjava.litemall.admin.web;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.*;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.LockedAccountException;
|
||||
import org.apache.shiro.authc.UnknownAccountException;
|
||||
import org.apache.shiro.authc.UsernamePasswordToken;
|
||||
import org.apache.shiro.authz.annotation.RequiresAuthentication;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.linlinjava.litemall.core.util.JacksonUtil;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.db.domain.LitemallAdmin;
|
||||
@@ -60,20 +63,20 @@ public class AdminAuthController {
|
||||
/*
|
||||
*
|
||||
*/
|
||||
@RequiresAuthentication
|
||||
@PostMapping("/logout")
|
||||
public Object login(@LoginAdmin Integer adminId) {
|
||||
public Object login() {
|
||||
Subject currentUser = SecurityUtils.getSubject();
|
||||
currentUser.logout();
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
|
||||
@RequiresAuthentication
|
||||
@GetMapping("/info")
|
||||
public Object info(@LoginAdmin Integer adminId) {
|
||||
LitemallAdmin admin = adminService.findById(adminId);
|
||||
if (admin == null) {
|
||||
return ResponseUtil.badArgumentValue();
|
||||
}
|
||||
public Object info() {
|
||||
Subject currentUser = SecurityUtils.getSubject();
|
||||
LitemallAdmin admin = (LitemallAdmin) currentUser.getPrincipal();
|
||||
|
||||
Map<String, Object> data = new HashMap<>();
|
||||
data.put("name", admin.getUsername());
|
||||
@@ -83,6 +86,7 @@ public class AdminAuthController {
|
||||
List<String> roles = new ArrayList<>();
|
||||
roles.add("admin");
|
||||
data.put("roles", roles);
|
||||
data.put("perms", "*");
|
||||
data.put("introduction", "admin introduction");
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -28,9 +28,9 @@ public class AdminBrandController {
|
||||
@Autowired
|
||||
private LitemallBrandService brandService;
|
||||
|
||||
@RequiresPermissions("admin:brand:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String id, String name,
|
||||
public Object list(String id, String name,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -62,8 +62,9 @@ public class AdminBrandController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:brand:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallBrand brand) {
|
||||
public Object create(@RequestBody LitemallBrand brand) {
|
||||
Object error = validate(brand);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -72,14 +73,16 @@ public class AdminBrandController {
|
||||
return ResponseUtil.ok(brand);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:brand:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallBrand brand = brandService.findById(id);
|
||||
return ResponseUtil.ok(brand);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:brand:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallBrand brand) {
|
||||
public Object update(@RequestBody LitemallBrand brand) {
|
||||
Object error = validate(brand);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -90,8 +93,9 @@ public class AdminBrandController {
|
||||
return ResponseUtil.ok(brand);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:brand:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallBrand brand) {
|
||||
public Object delete(@RequestBody LitemallBrand brand) {
|
||||
Integer id = brand.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -28,9 +28,9 @@ public class AdminCategoryController {
|
||||
@Autowired
|
||||
private LitemallCategoryService categoryService;
|
||||
|
||||
@RequiresPermissions("admin:category:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String id, String name,
|
||||
public Object list(String id, String name,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -66,8 +66,9 @@ public class AdminCategoryController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:category:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallCategory category) {
|
||||
public Object create(@RequestBody LitemallCategory category) {
|
||||
Object error = validate(category);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -76,14 +77,16 @@ public class AdminCategoryController {
|
||||
return ResponseUtil.ok(category);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:category:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallCategory category = categoryService.findById(id);
|
||||
return ResponseUtil.ok(category);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:category:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallCategory category) {
|
||||
public Object update(@RequestBody LitemallCategory category) {
|
||||
Object error = validate(category);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -95,8 +98,9 @@ public class AdminCategoryController {
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:category:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallCategory category) {
|
||||
public Object delete(@RequestBody LitemallCategory category) {
|
||||
Integer id = category.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
@@ -105,8 +109,9 @@ public class AdminCategoryController {
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:category:list")
|
||||
@GetMapping("/l1")
|
||||
public Object catL1(@LoginAdmin Integer adminId) {
|
||||
public Object catL1() {
|
||||
// 所有一级分类目录
|
||||
List<LitemallCategory> l1CatList = categoryService.queryL1();
|
||||
List<Map<String, Object>> data = new ArrayList<>(l1CatList.size());
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -28,9 +28,10 @@ public class AdminCollectController {
|
||||
@Autowired
|
||||
private LitemallCollectService collectService;
|
||||
|
||||
|
||||
@RequiresPermissions("admin:collect:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String userId, String valueId,
|
||||
public Object list(String userId, String valueId,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -25,9 +25,9 @@ public class AdminCommentController {
|
||||
@Autowired
|
||||
private LitemallCommentService commentService;
|
||||
|
||||
@RequiresPermissions("admin:comment:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String userId, String valueId,
|
||||
public Object list(String userId, String valueId,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -41,8 +41,9 @@ public class AdminCommentController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:comment:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallComment comment) {
|
||||
public Object delete(@RequestBody LitemallComment comment) {
|
||||
Integer id = comment.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -2,16 +2,14 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
import org.linlinjava.litemall.db.domain.LitemallCoupon;
|
||||
import org.linlinjava.litemall.db.domain.LitemallCouponUser;
|
||||
import org.linlinjava.litemall.db.domain.LitemallTopic;
|
||||
import org.linlinjava.litemall.db.service.LitemallCouponService;
|
||||
import org.linlinjava.litemall.db.service.LitemallCouponUserService;
|
||||
import org.linlinjava.litemall.db.service.LitemallTopicService;
|
||||
import org.linlinjava.litemall.db.util.CouponConstant;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.util.StringUtils;
|
||||
@@ -34,9 +32,9 @@ public class AdminCouponController {
|
||||
@Autowired
|
||||
private LitemallCouponUserService couponUserService;
|
||||
|
||||
@RequiresPermissions("admin:coupon:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String name, Short type, Short status,
|
||||
public Object list(String name, Short type, Short status,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -50,9 +48,9 @@ public class AdminCouponController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:coupon:list")
|
||||
@GetMapping("/listuser")
|
||||
public Object listuser(@LoginAdmin Integer adminId,
|
||||
Integer userId, Integer couponId, Short status,
|
||||
public Object listuser(Integer userId, Integer couponId, Short status,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -74,8 +72,9 @@ public class AdminCouponController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:coupon:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallCoupon coupon) {
|
||||
public Object create(@RequestBody LitemallCoupon coupon) {
|
||||
Object error = validate(coupon);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -91,14 +90,16 @@ public class AdminCouponController {
|
||||
return ResponseUtil.ok(coupon);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:coupon:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallCoupon coupon = couponService.findById(id);
|
||||
return ResponseUtil.ok(coupon);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:coupon:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallCoupon coupon) {
|
||||
public Object update(@RequestBody LitemallCoupon coupon) {
|
||||
Object error = validate(coupon);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -109,8 +110,9 @@ public class AdminCouponController {
|
||||
return ResponseUtil.ok(coupon);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:coupon:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallCoupon coupon) {
|
||||
public Object delete(@RequestBody LitemallCoupon coupon) {
|
||||
couponService.deleteById(coupon.getId());
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.db.service.LitemallGoodsProductService;
|
||||
import org.linlinjava.litemall.db.service.LitemallGoodsService;
|
||||
@@ -32,8 +32,9 @@ public class AdminDashbordController {
|
||||
@Autowired
|
||||
private LitemallOrderService orderService;
|
||||
|
||||
@RequiresPermissions("admin:dashboard:info")
|
||||
@GetMapping("")
|
||||
public Object info(@LoginAdmin Integer adminId) {
|
||||
public Object info() {
|
||||
int userTotal = userService.count();
|
||||
int goodsTotal = goodsService.count();
|
||||
int productTotal = productService.count();
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -32,9 +32,9 @@ public class AdminFeedbackController {
|
||||
@Autowired
|
||||
private LitemallFeedbackService feedbackService;
|
||||
|
||||
@RequiresPermissions("admin:feedback:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
Integer userId, String username,
|
||||
public Object list(Integer userId, String username,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -28,9 +28,9 @@ public class AdminFootprintController {
|
||||
@Autowired
|
||||
private LitemallFootprintService footprintService;
|
||||
|
||||
@RequiresPermissions("admin:footprint:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String userId, String goodsId,
|
||||
public Object list(String userId, String goodsId,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.admin.dao.GoodsAllinone;
|
||||
import org.linlinjava.litemall.admin.util.CatVo;
|
||||
import org.linlinjava.litemall.core.qcode.QCodeService;
|
||||
@@ -59,9 +59,9 @@ public class AdminGoodsController {
|
||||
@Autowired
|
||||
private QCodeService qCodeService;
|
||||
|
||||
@RequiresPermissions("admin:goods:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String goodsSn, String name,
|
||||
public Object list(String goodsSn, String name,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -161,8 +161,9 @@ public class AdminGoodsController {
|
||||
* 因此这里会拒绝管理员编辑商品,如果订单或购物车中存在商品。
|
||||
* 所以这里可能需要重新设计。
|
||||
*/
|
||||
@RequiresPermissions("admin:goods:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody GoodsAllinone goodsAllinone) {
|
||||
public Object update(@RequestBody GoodsAllinone goodsAllinone) {
|
||||
Object error = validate(goodsAllinone);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -232,8 +233,9 @@ public class AdminGoodsController {
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:goods:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallGoods goods) {
|
||||
public Object delete(@RequestBody LitemallGoods goods) {
|
||||
Integer id = goods.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
@@ -259,8 +261,9 @@ public class AdminGoodsController {
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:goods:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody GoodsAllinone goodsAllinone) {
|
||||
public Object create(@RequestBody GoodsAllinone goodsAllinone) {
|
||||
Object error = validate(goodsAllinone);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -321,9 +324,9 @@ public class AdminGoodsController {
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
|
||||
@RequiresPermissions("admin:goods:list")
|
||||
@GetMapping("/catAndBrand")
|
||||
public Object list2(@LoginAdmin Integer adminId) {
|
||||
public Object list2() {
|
||||
// http://element-cn.eleme.io/#/zh-CN/component/cascader
|
||||
// 管理员设置“所属分类”
|
||||
List<LitemallCategory> l1CatList = categoryService.queryL1();
|
||||
@@ -364,8 +367,9 @@ public class AdminGoodsController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:goods:read")
|
||||
@GetMapping("/detail")
|
||||
public Object detail(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object detail(@NotNull Integer id) {
|
||||
LitemallGoods goods = goodsService.findById(id);
|
||||
List<LitemallGoodsProduct> products = productService.queryByGid(id);
|
||||
List<LitemallGoodsSpecification> specifications = specificationService.queryByGid(id);
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -36,9 +36,9 @@ public class AdminGrouponController {
|
||||
@Autowired
|
||||
private LitemallGrouponService grouponService;
|
||||
|
||||
@RequiresPermissions("admin:groupon:read")
|
||||
@GetMapping("/listRecord")
|
||||
public Object listRecord(@LoginAdmin Integer adminId,
|
||||
String grouponId,
|
||||
public Object listRecord(String grouponId,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -72,9 +72,9 @@ public class AdminGrouponController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:groupon:delete")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String goodsId,
|
||||
public Object list(String goodsId,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -109,8 +109,9 @@ public class AdminGrouponController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:groupon:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallGrouponRules grouponRules) {
|
||||
public Object update(@RequestBody LitemallGrouponRules grouponRules) {
|
||||
Object error = validate(grouponRules);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -132,9 +133,9 @@ public class AdminGrouponController {
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
|
||||
@RequiresPermissions("admin:groupon:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallGrouponRules grouponRules) {
|
||||
public Object create(@RequestBody LitemallGrouponRules grouponRules) {
|
||||
Object error = validate(grouponRules);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -154,9 +155,9 @@ public class AdminGrouponController {
|
||||
return ResponseUtil.ok(grouponRules);
|
||||
}
|
||||
|
||||
|
||||
@RequiresPermissions("admin:groupon:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallGrouponRules grouponRules) {
|
||||
public Object delete(@RequestBody LitemallGrouponRules grouponRules) {
|
||||
Integer id = grouponRules.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -26,9 +26,9 @@ public class AdminHistoryController {
|
||||
@Autowired
|
||||
private LitemallSearchHistoryService searchHistoryService;
|
||||
|
||||
@RequiresPermissions("admin:history:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String userId, String keyword,
|
||||
public Object list(String userId, String keyword,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -27,9 +27,9 @@ public class AdminIssueController {
|
||||
@Autowired
|
||||
private LitemallIssueService issueService;
|
||||
|
||||
@RequiresPermissions("admin:issue:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String question,
|
||||
public Object list(String question,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -55,8 +55,9 @@ public class AdminIssueController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:issue:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallIssue issue) {
|
||||
public Object create(@RequestBody LitemallIssue issue) {
|
||||
Object error = validate(issue);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -65,14 +66,16 @@ public class AdminIssueController {
|
||||
return ResponseUtil.ok(issue);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:issue:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallIssue issue = issueService.findById(id);
|
||||
return ResponseUtil.ok(issue);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:issue:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallIssue issue) {
|
||||
public Object update(@RequestBody LitemallIssue issue) {
|
||||
Object error = validate(issue);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -84,8 +87,9 @@ public class AdminIssueController {
|
||||
return ResponseUtil.ok(issue);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:issue:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallIssue issue) {
|
||||
public Object delete(@RequestBody LitemallIssue issue) {
|
||||
Integer id = issue.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -27,9 +27,9 @@ public class AdminKeywordController {
|
||||
@Autowired
|
||||
private LitemallKeywordService keywordService;
|
||||
|
||||
@RequiresPermissions("admin:keyword:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String keyword, String url,
|
||||
public Object list(String keyword, String url,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -55,8 +55,9 @@ public class AdminKeywordController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:keyword:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallKeyword keywords) {
|
||||
public Object create(@RequestBody LitemallKeyword keywords) {
|
||||
Object error = validate(keywords);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -65,14 +66,16 @@ public class AdminKeywordController {
|
||||
return ResponseUtil.ok(keywords);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:keyword:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallKeyword brand = keywordService.findById(id);
|
||||
return ResponseUtil.ok(brand);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:keyword:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallKeyword keywords) {
|
||||
public Object update(@RequestBody LitemallKeyword keywords) {
|
||||
Object error = validate(keywords);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -83,8 +86,9 @@ public class AdminKeywordController {
|
||||
return ResponseUtil.ok(keywords);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:keyword:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallKeyword keyword) {
|
||||
public Object delete(@RequestBody LitemallKeyword keyword) {
|
||||
Integer id = keyword.getId();
|
||||
if (id == null) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -6,19 +6,20 @@ import com.github.binarywang.wxpay.exception.WxPayException;
|
||||
import com.github.binarywang.wxpay.service.WxPayService;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.notify.NotifyService;
|
||||
import org.linlinjava.litemall.core.notify.NotifyType;
|
||||
import org.linlinjava.litemall.core.util.CharUtil;
|
||||
import org.linlinjava.litemall.core.util.JacksonUtil;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
import org.linlinjava.litemall.db.domain.*;
|
||||
import org.linlinjava.litemall.db.domain.LitemallComment;
|
||||
import org.linlinjava.litemall.db.domain.LitemallOrder;
|
||||
import org.linlinjava.litemall.db.domain.LitemallOrderGoods;
|
||||
import org.linlinjava.litemall.db.domain.UserVo;
|
||||
import org.linlinjava.litemall.db.service.*;
|
||||
import org.linlinjava.litemall.db.util.OrderUtil;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.scheduling.annotation.Scheduled;
|
||||
import org.springframework.transaction.PlatformTransactionManager;
|
||||
import org.springframework.transaction.TransactionDefinition;
|
||||
import org.springframework.transaction.TransactionStatus;
|
||||
@@ -60,9 +61,9 @@ public class AdminOrderController {
|
||||
@Autowired
|
||||
private NotifyService notifyService;
|
||||
|
||||
@RequiresPermissions("admin:order:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
Integer userId, String orderSn,
|
||||
public Object list(Integer userId, String orderSn,
|
||||
@RequestParam(required = false) List<Short> orderStatusArray,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@@ -78,8 +79,9 @@ public class AdminOrderController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:order:read")
|
||||
@GetMapping("/detail")
|
||||
public Object detail(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object detail(@NotNull Integer id) {
|
||||
LitemallOrder order = orderService.findById(id);
|
||||
List<LitemallOrderGoods> orderGoods = orderGoodsService.queryByOid(id);
|
||||
UserVo user = userService.findUserVoById(order.getUserId());
|
||||
@@ -108,8 +110,9 @@ public class AdminOrderController {
|
||||
* @param body 订单信息,{ orderId:xxx }
|
||||
* @return 订单退款操作结果
|
||||
*/
|
||||
@RequiresPermissions("admin:order:refund")
|
||||
@PostMapping("refund")
|
||||
public Object refund(@LoginAdmin Integer adminId, @RequestBody String body) {
|
||||
public Object refund(@RequestBody String body) {
|
||||
Integer orderId = JacksonUtil.parseInteger(body, "orderId");
|
||||
String refundMoney = JacksonUtil.parseString(body, "refundMoney");
|
||||
if (orderId == null) {
|
||||
@@ -205,8 +208,9 @@ public class AdminOrderController {
|
||||
* 成功则 { errno: 0, errmsg: '成功' }
|
||||
* 失败则 { errno: XXX, errmsg: XXX }
|
||||
*/
|
||||
@RequiresPermissions("admin:order:ship")
|
||||
@PostMapping("ship")
|
||||
public Object ship(@LoginAdmin Integer adminId, @RequestBody String body) {
|
||||
public Object ship(@RequestBody String body) {
|
||||
Integer orderId = JacksonUtil.parseInteger(body, "orderId");
|
||||
String shipSn = JacksonUtil.parseString(body, "shipSn");
|
||||
String shipChannel = JacksonUtil.parseString(body, "shipChannel");
|
||||
@@ -250,8 +254,9 @@ public class AdminOrderController {
|
||||
* 成功则 { errno: 0, errmsg: '成功' }
|
||||
* 失败则 { errno: XXX, errmsg: XXX }
|
||||
*/
|
||||
@RequiresPermissions("admin:order:reply")
|
||||
@PostMapping("reply")
|
||||
public Object reply(@LoginAdmin Integer adminId, @RequestBody String body) {
|
||||
public Object reply(@RequestBody String body) {
|
||||
Integer commentId = JacksonUtil.parseInteger(body, "commentId");
|
||||
if (commentId == null || commentId == 0) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -2,7 +2,9 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authz.annotation.RequiresAuthentication;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.linlinjava.litemall.core.util.JacksonUtil;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.util.bcrypt.BCryptPasswordEncoder;
|
||||
@@ -16,7 +18,6 @@ import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import static org.linlinjava.litemall.admin.util.AdminResponseCode.ADMIN_ALTER_NOT_ALLOWED;
|
||||
import static org.linlinjava.litemall.admin.util.AdminResponseCode.ADMIN_INVALID_ACCOUNT;
|
||||
|
||||
@RestController
|
||||
@@ -28,8 +29,9 @@ public class AdminProfileController {
|
||||
@Autowired
|
||||
private LitemallAdminService adminService;
|
||||
|
||||
@RequiresAuthentication
|
||||
@PostMapping("/password")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody String body) {
|
||||
public Object create(@RequestBody String body) {
|
||||
String oldPassword = JacksonUtil.parseString(body, "oldPassword");
|
||||
String newPassword = JacksonUtil.parseString(body, "newPassword");
|
||||
if (StringUtils.isEmpty(oldPassword)) {
|
||||
@@ -39,7 +41,8 @@ public class AdminProfileController {
|
||||
return ResponseUtil.badArgument();
|
||||
}
|
||||
|
||||
LitemallAdmin admin = adminService.findAdmin(adminId);
|
||||
Subject currentUser = SecurityUtils.getSubject();
|
||||
LitemallAdmin admin = (LitemallAdmin) currentUser.getPrincipal();
|
||||
|
||||
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
||||
if (!encoder.matches(oldPassword, admin.getPassword())) {
|
||||
|
||||
@@ -2,7 +2,6 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -30,14 +29,13 @@ public class AdminRegionController {
|
||||
private LitemallRegionService regionService;
|
||||
|
||||
@GetMapping("/clist")
|
||||
public Object clist(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object clist(@NotNull Integer id) {
|
||||
List<LitemallRegion> regionList = regionService.queryByPid(id);
|
||||
return ResponseUtil.ok(regionList);
|
||||
}
|
||||
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String name, Integer code,
|
||||
public Object list(String name, Integer code,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort(accepts = {"id"}) @RequestParam(defaultValue = "id") String sort,
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.admin.util.StatVo;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.db.service.StatService;
|
||||
@@ -24,8 +24,9 @@ public class AdminStatController {
|
||||
@Autowired
|
||||
private StatService statService;
|
||||
|
||||
@RequiresPermissions("admin:stat:user")
|
||||
@GetMapping("/user")
|
||||
public Object statUser(@LoginAdmin Integer adminId) {
|
||||
public Object statUser() {
|
||||
List<Map> rows = statService.statUser();
|
||||
String[] columns = new String[]{"day", "users"};
|
||||
StatVo statVo = new StatVo();
|
||||
@@ -34,8 +35,9 @@ public class AdminStatController {
|
||||
return ResponseUtil.ok(statVo);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:stat:order")
|
||||
@GetMapping("/order")
|
||||
public Object statOrder(@LoginAdmin Integer adminId) {
|
||||
public Object statOrder() {
|
||||
List<Map> rows = statService.statOrder();
|
||||
String[] columns = new String[]{"day", "orders", "customers", "amount", "pcr"};
|
||||
StatVo statVo = new StatVo();
|
||||
@@ -45,8 +47,9 @@ public class AdminStatController {
|
||||
return ResponseUtil.ok(statVo);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:stat:goods")
|
||||
@GetMapping("/goods")
|
||||
public Object statGoods(@LoginAdmin Integer adminId) {
|
||||
public Object statGoods() {
|
||||
List<Map> rows = statService.statGoods();
|
||||
String[] columns = new String[]{"day", "orders", "products", "amount"};
|
||||
StatVo statVo = new StatVo();
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.storage.StorageService;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
@@ -32,9 +32,9 @@ public class AdminStorageController {
|
||||
@Autowired
|
||||
private LitemallStorageService litemallStorageService;
|
||||
|
||||
@RequiresPermissions("admin:storage:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String key, String name,
|
||||
public Object list(String key, String name,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -48,8 +48,9 @@ public class AdminStorageController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:storage:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestParam("file") MultipartFile file) throws IOException {
|
||||
public Object create(@RequestParam("file") MultipartFile file) throws IOException {
|
||||
String originalFilename = file.getOriginalFilename();
|
||||
String url = storageService.store(file.getInputStream(), file.getSize(), file.getContentType(), originalFilename);
|
||||
Map<String, Object> data = new HashMap<>();
|
||||
@@ -57,8 +58,9 @@ public class AdminStorageController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:storage:read")
|
||||
@PostMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallStorage storageInfo = litemallStorageService.findById(id);
|
||||
if (storageInfo == null) {
|
||||
return ResponseUtil.badArgumentValue();
|
||||
@@ -66,16 +68,18 @@ public class AdminStorageController {
|
||||
return ResponseUtil.ok(storageInfo);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:storage:delete")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallStorage litemallStorage) {
|
||||
public Object update(@RequestBody LitemallStorage litemallStorage) {
|
||||
if (litemallStorageService.update(litemallStorage) == 0) {
|
||||
return ResponseUtil.updatedDataFailed();
|
||||
}
|
||||
return ResponseUtil.ok(litemallStorage);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:storage:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallStorage litemallStorage) {
|
||||
public Object delete(@RequestBody LitemallStorage litemallStorage) {
|
||||
String key = litemallStorage.getKey();
|
||||
if (StringUtils.isEmpty(key)) {
|
||||
return ResponseUtil.badArgument();
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.validator.Order;
|
||||
import org.linlinjava.litemall.core.validator.Sort;
|
||||
@@ -28,9 +28,9 @@ public class AdminTopicController {
|
||||
@Autowired
|
||||
private LitemallTopicService topicService;
|
||||
|
||||
@RequiresPermissions("admin:topic:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String title, String subtitle,
|
||||
public Object list(String title, String subtitle,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -60,8 +60,9 @@ public class AdminTopicController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:topic:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallTopic topic) {
|
||||
public Object create(@RequestBody LitemallTopic topic) {
|
||||
Object error = validate(topic);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -70,14 +71,16 @@ public class AdminTopicController {
|
||||
return ResponseUtil.ok(topic);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:topic:read")
|
||||
@GetMapping("/read")
|
||||
public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
|
||||
public Object read(@NotNull Integer id) {
|
||||
LitemallTopic topic = topicService.findById(id);
|
||||
return ResponseUtil.ok(topic);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:topic:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallTopic topic) {
|
||||
public Object update(@RequestBody LitemallTopic topic) {
|
||||
Object error = validate(topic);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -88,8 +91,9 @@ public class AdminTopicController {
|
||||
return ResponseUtil.ok(topic);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:topic:delete")
|
||||
@PostMapping("/delete")
|
||||
public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallTopic topic) {
|
||||
public Object delete(@RequestBody LitemallTopic topic) {
|
||||
topicService.deleteById(topic.getId());
|
||||
return ResponseUtil.ok();
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ package org.linlinjava.litemall.admin.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.linlinjava.litemall.admin.annotation.LoginAdmin;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.linlinjava.litemall.core.util.RegexUtil;
|
||||
import org.linlinjava.litemall.core.util.ResponseUtil;
|
||||
import org.linlinjava.litemall.core.util.bcrypt.BCryptPasswordEncoder;
|
||||
@@ -31,9 +31,9 @@ public class AdminUserController {
|
||||
@Autowired
|
||||
private LitemallUserService userService;
|
||||
|
||||
@RequiresPermissions("admin:user:list")
|
||||
@GetMapping("/list")
|
||||
public Object list(@LoginAdmin Integer adminId,
|
||||
String username, String mobile,
|
||||
public Object list(String username, String mobile,
|
||||
@RequestParam(defaultValue = "1") Integer page,
|
||||
@RequestParam(defaultValue = "10") Integer limit,
|
||||
@Sort @RequestParam(defaultValue = "add_time") String sort,
|
||||
@@ -47,8 +47,9 @@ public class AdminUserController {
|
||||
return ResponseUtil.ok(data);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:user:list")
|
||||
@GetMapping("/username")
|
||||
public Object username(@LoginAdmin Integer adminId, @NotEmpty String username) {
|
||||
public Object username(@NotEmpty String username) {
|
||||
int total = userService.countSeletive(username, null, null, null, null, null);
|
||||
if (total == 0) {
|
||||
return ResponseUtil.ok("不存在");
|
||||
@@ -78,8 +79,9 @@ public class AdminUserController {
|
||||
return null;
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:user:create")
|
||||
@PostMapping("/create")
|
||||
public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallUser user) {
|
||||
public Object create(@RequestBody LitemallUser user) {
|
||||
Object error = validate(user);
|
||||
if (error != null) {
|
||||
return error;
|
||||
@@ -107,8 +109,9 @@ public class AdminUserController {
|
||||
return ResponseUtil.ok(user);
|
||||
}
|
||||
|
||||
@RequiresPermissions("admin:user:update")
|
||||
@PostMapping("/update")
|
||||
public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallUser user) {
|
||||
public Object update(@RequestBody LitemallUser user) {
|
||||
Object error = validate(user);
|
||||
if (error != null) {
|
||||
return error;
|
||||
|
||||
Reference in New Issue
Block a user