/** 保存. */
@RequestMapping(value = {"save"})
@ResponseBody
public Result save(@ModelAttribute("model") User user) {
Result result = null;
// 名称重复校验
User nameCheckUser = userManager.getUserByLoginName(user.getLoginName());
if (nameCheckUser != null && !nameCheckUser.getId().equals(user.getId())) {
result = new Result(Result.WARN, "登录名为[" + user.getLoginName() + "]已存在,请修正!", "loginName");
logger.debug(result.toString());
return result;
}
if (user.getId() == null) { // 新增
user.setPassword(Encrypt.e(user.getPassword()));
} else { // 修改
User superUser = userManager.getSuperUser();
User sessionUser = userManager.getCurrentUser();
if (!sessionUser.getId().equals(superUser.getId())) {
result = new Result(Result.ERROR, "超级用户信息仅允许自己修改!", null);
logger.debug(result.toString());
return result;
}
}
userManager.saveEntity(user);
result = Result.successResult();
logger.debug(result.toString());
return result;
}
@RequestMapping(value = {"_remove"})
@ResponseBody
@Override
public Result remove(@RequestParam(value = "ids", required = false) List<Long> ids) {
Result result;
userManager.deleteByIds(ids);
result = Result.successResult();
logger.debug(result.toString());
return result;
}
/**
* 修改用户密码. <br>
* 参数upateOperate 需要密码"1" 不需要密码"0".
*/
@RequestMapping(value = {"updateUserPassword"})
@ResponseBody
public Result updateUserPassword(
@ModelAttribute("model") User user, String upateOperate, String newPassword)
throws Exception {
Result result;
if (!StringUtils.isEmpty(upateOperate)) {
User u = userManager.loadById(user.getId());
if (u != null) {
boolean isCheck = true;
// 需要输入原始密码
if (AppConstants.USER_UPDATE_PASSWORD_YES.equals(upateOperate)) {
String originalPassword = u.getPassword(); // 数据库存储的原始密码
String pagePassword = u.getPassword(); // 页面输入的原始密码(未加密)
if (!originalPassword.equals(Encrypt.e(pagePassword))) {
isCheck = false;
}
}
// 不需要输入原始密码
if (AppConstants.USER_UPDATE_PASSWORD_NO.equals(upateOperate)) {
isCheck = true;
}
if (isCheck) {
u.setPassword(Encrypt.e(newPassword));
userManager.saveEntity(u);
result = Result.successResult();
} else {
result = new Result(Result.WARN, "原始密码输入错误.", "password");
}
} else {
result = new Result(Result.ERROR, "修改的用户不存在或已被删除.", null);
}
} else {
result = Result.errorResult();
logger.warn("请求参数错误,未设置参数[upateOperate].");
}
logger.debug(result.toString());
return result;
}