fixed 后台账号权限梳理优化

fuint-application/src/main/java/com/fuint/common/service/StaffService.java

@@ -46,11 +46,13 @@ public interface StaffService extends IService<MtStaff> {
     /**
      * 审核更改状态(禁用，审核通过)
      *
-     * @param  id
+     * @param  staffId 员工ID
+     * @param status 状态
+     * @param operator 操作人
      * @throws BusinessCheckException
      * @return
      */
-    Integer updateAuditedStatus(Integer id, String statusEnum) throws BusinessCheckException;
+    Integer updateAuditedStatus(Integer staffId, String status, String operator) throws BusinessCheckException;
 
     /**
      * 根据条件搜索员工

fuint-application/src/main/java/com/fuint/common/service/impl/AccountServiceImpl.java

@@ -101,6 +101,10 @@ public class AccountServiceImpl extends ServiceImpl<TAccountMapper, TAccount> im
         if (StringUtils.isNotEmpty(storeId)) {
             lambdaQueryWrapper.eq(TAccount::getStoreId, storeId);
         }
+        String staffId = paginationRequest.getSearchParams().get("staffId") == null ? "" : paginationRequest.getSearchParams().get("staffId").toString();
+        if (StringUtils.isNotEmpty(staffId)) {
+            lambdaQueryWrapper.eq(TAccount::getStaffId, staffId);
+        }
 
         lambdaQueryWrapper.orderByDesc(TAccount::getAcctId);
         List<TAccount> accountList = tAccountMapper.selectList(lambdaQueryWrapper);

fuint-application/src/main/java/com/fuint/common/service/impl/StaffServiceImpl.java

@@ -196,12 +196,14 @@ public class StaffServiceImpl extends ServiceImpl<MtStaffMapper, MtStaff> implem
      * 修改店铺员工状态
      *
      * @param  staffId 员工ID
+     * @param status 状态
+     * @param operator 操作人
      * @throws BusinessCheckException
      * @return
      */
     @Override
     @OperationServiceLog(description = "修改店铺员工状态")
-    public Integer updateAuditedStatus(Integer staffId, String status) throws BusinessCheckException {
+    public Integer updateAuditedStatus(Integer staffId, String status, String operator) throws BusinessCheckException {
         MtStaff mtStaff = mtStaffMapper.selectById(staffId);
         if (mtStaff != null) {
             mtStaff.setAuditedStatus(status);

fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendAccountController.java

@@ -83,6 +83,7 @@ public class BackendAccountController extends BaseController {
         String accountStatus = request.getParameter("accountStatus") == null ? "" : request.getParameter("accountStatus");
         String merchantId = request.getParameter("merchantId") == null ? "" : request.getParameter("merchantId");
         String storeId = request.getParameter("storeId") == null ? "" : request.getParameter("storeId");
+        String staffId = request.getParameter("staffId") == null ? "" : request.getParameter("staffId");
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
 
         PaginationRequest paginationRequest = new PaginationRequest();
@@ -116,6 +117,9 @@ public class BackendAccountController extends BaseController {
                 searchParams.put("storeId", storeId);
             }
         }
+        if (StringUtil.isNotEmpty(staffId)) {
+            searchParams.put("staffId", staffId);
+        }
 
         paginationRequest.setSearchParams(searchParams);
         PaginationResponse<AccountDto> paginationResponse = tAccountService.getAccountListByPagination(paginationRequest);

fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendMemberController.java

@@ -202,11 +202,6 @@ public class BackendMemberController extends BaseController {
         Integer userId = param.get("userId") == null ? 0 : Integer.parseInt(param.get("userId").toString());
         String status = param.get("status") == null ? StatusEnum.ENABLED.getKey() : param.get("status").toString();
 
-        AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
-
         MtUser userInfo = memberService.queryMemberById(userId);
         if (userInfo == null) {
             return getFailureResult(201, "会员不存在");
@@ -231,9 +226,6 @@ public class BackendMemberController extends BaseController {
     public ResponseObject delete(HttpServletRequest request, @PathVariable("id") Integer id) throws BusinessCheckException {
         String token = request.getHeader("Access-Token");
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         String operator = accountInfo.getAccountName();
         memberService.deleteMember(id, operator);
@@ -253,9 +245,6 @@ public class BackendMemberController extends BaseController {
     public ResponseObject save(HttpServletRequest request, @RequestBody Map<String, Object> param) throws BusinessCheckException, ParseException {
         String token = request.getHeader("Access-Token");
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         String id = param.get("id").toString();
         String name = param.get("name") == null ? "" : param.get("name").toString();
@@ -336,9 +325,6 @@ public class BackendMemberController extends BaseController {
     public ResponseObject info(HttpServletRequest request, @PathVariable("id") Integer id) throws BusinessCheckException {
         String token = request.getHeader("Access-Token");
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         MtUser mtUser = memberService.queryMemberById(id);
         if (mtUser == null) {
@@ -382,9 +368,6 @@ public class BackendMemberController extends BaseController {
     public ResponseObject setting(HttpServletRequest request) throws BusinessCheckException {
         String token = request.getHeader("Access-Token");
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         List<MtSetting> settingList = settingService.getSettingList(accountInfo.getMerchantId(), SettingTypeEnum.USER.getKey());
 
@@ -440,9 +423,6 @@ public class BackendMemberController extends BaseController {
         String wxMemberCard = param.get("wxMemberCard") != null ? param.get("wxMemberCard").toString() : null;
 
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         UserSettingEnum[] settingList = UserSettingEnum.values();
         for (UserSettingEnum setting : settingList) {
@@ -508,9 +488,6 @@ public class BackendMemberController extends BaseController {
         String password = param.get("password") == null ? "" : param.get("password").toString();
 
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         if (StringUtil.isEmpty(password)) {
             return getFailureResult(1001, "密码格式有误");
@@ -542,13 +519,9 @@ public class BackendMemberController extends BaseController {
     @ApiOperation(value = "获取会员分组")
     @RequestMapping(value = "/groupList", method = RequestMethod.GET)
     @CrossOrigin
-    @PreAuthorize("@pms.hasPermission('member:group:index')")
     public ResponseObject groupList(HttpServletRequest request) throws BusinessCheckException {
         String token = request.getHeader("Access-Token");
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         // 会员分组
         List<UserGroupDto> groupList = new ArrayList<>();
@@ -582,9 +555,6 @@ public class BackendMemberController extends BaseController {
         String groupIds = request.getParameter("groupIds") != null ? request.getParameter("groupIds") : "";
         String keyword = request.getParameter("keyword") != null ? request.getParameter("keyword") : "";
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
         List<GroupMemberDto> memberList = memberService.searchMembers(accountInfo.getMerchantId(), keyword, groupIds,1, Constants.MAX_ROWS);
         return getSuccessResult(memberList);
     }

fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendStaffController.java

@@ -130,11 +130,8 @@ public class BackendStaffController extends BaseController {
         Integer id = params.get("id") == null ? 0 : Integer.parseInt(params.get("id").toString());
 
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
-        staffService.updateAuditedStatus(id, status);
+        staffService.updateAuditedStatus(id, status, accountInfo.getAccountName());
         return getSuccessResult(true);
     }
 
@@ -159,9 +156,6 @@ public class BackendStaffController extends BaseController {
         String status = params.get("auditedStatus") == null ? StatusEnum.FORBIDDEN.getKey() : CommonUtil.replaceXSS(params.get("auditedStatus").toString());
 
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         if (accountInfo.getMerchantId() == null || accountInfo.getMerchantId() <= 0) {
             return getFailureResult(201, "平台方帐号无法执行该操作，请使用商户帐号操作");
@@ -240,9 +234,6 @@ public class BackendStaffController extends BaseController {
         String token = request.getHeader("Access-Token");
 
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
         Map<String, Object> params = new HashMap<>();
         if (accountInfo.getMerchantId() != null && accountInfo.getMerchantId() > 0) {
@@ -252,7 +243,9 @@ public class BackendStaffController extends BaseController {
             storeId = accountInfo.getStoreId();
         }
         params.put("AUDITED_STATUS", StatusEnum.ENABLED.getKey());
-        params.put("STORE_ID", storeId);
+        if (storeId != null && storeId > 0) {
+            params.put("STORE_ID", storeId);
+        }
         List<MtStaff> staffList = staffService.queryStaffByParams(params);
 
         Map<String, Object> result = new HashMap<>();
@@ -275,11 +268,8 @@ public class BackendStaffController extends BaseController {
         String token = request.getHeader("Access-Token");
 
         AccountInfo accountInfo = TokenUtil.getAccountInfoByToken(token);
-        if (accountInfo == null) {
-            return getFailureResult(1001, "请先登录");
-        }
 
-        staffService.updateAuditedStatus(id, StatusEnum.DISABLE.getKey());
+        staffService.updateAuditedStatus(id, StatusEnum.DISABLE.getKey(), accountInfo.getAccountName());
         return getSuccessResult(true);
     }
 }