优化权限认证模块

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/controller/ResourceController.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/ResourceController.java

@@ -1,10 +1,9 @@
-package cn.reghao.autodop.dmaster.view.controller;
+package cn.reghao.autodop.dmaster.auth.controller;
 
 import cn.reghao.autodop.dmaster.auth.entity.DataStatus;
 import cn.reghao.autodop.dmaster.auth.entity.Menu;
 import cn.reghao.autodop.dmaster.utils.WebBody;
-import cn.reghao.autodop.dmaster.view.service.ResourceService;
-import cn.reghao.autodop.dmaster.view.validator.MenuValidator;
+import cn.reghao.autodop.dmaster.auth.service.ResourceService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.http.MediaType;
@@ -19,7 +18,7 @@ import java.util.Map;
  * @date 2021-04-04 21:24:18
  */
 @Api(tags = "资源接口")
-@RequestMapping("/system/menu")
+@RequestMapping("/api/auth/menu")
 @RestController
 public class ResourceController {
     private ResourceService resourceService;
@@ -30,7 +29,7 @@ public class ResourceController {
 
     @ApiOperation(value = "添加/修改资源")
     @PostMapping(value = "/save", produces = MediaType.APPLICATION_JSON_VALUE)
-    public String addMenu(@Validated MenuValidator menuValidator, Menu menu) {
+    public String addMenu(@Validated Menu menu) {
         Integer id = menu.getId();
         if (id == null) {
             // TODO menu 最多只能有两个 parent，即最多只能有三级菜单

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/controller/ResourcePageController.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/ResourcePageController.java

@@ -1,9 +1,9 @@
-package cn.reghao.autodop.dmaster.view.controller;
+package cn.reghao.autodop.dmaster.auth.controller;
 
 import cn.reghao.autodop.dmaster.auth.entity.DataStatus;
 import cn.reghao.autodop.dmaster.auth.entity.Role;
 import cn.reghao.autodop.dmaster.auth.entity.Menu;
-import cn.reghao.autodop.dmaster.view.service.ResourceService;
+import cn.reghao.autodop.dmaster.auth.service.ResourceService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.stereotype.Controller;
@@ -17,7 +17,7 @@ import java.util.*;
  * @date 2021-04-04 21:24:18
  */
 @Api(tags = "资源页面")
-@RequestMapping("/system/menu")
+@RequestMapping("/auth/menu")
 @Controller
 public class ResourcePageController {
     private ResourceService resourceService;
@@ -33,7 +33,7 @@ public class ResourcePageController {
             status = DataStatus.ENABLE.name();
         }
         model.addAttribute("status", status);
-        return "/system/menu/index";
+        return "/auth/menu/index";
     }
 
     @ApiOperation(value = "获取资源添加页面")
@@ -45,7 +45,7 @@ public class ResourcePageController {
             pMenu = resourceService.getResourceById(pid);
         }
         model.addAttribute("pMenu", pMenu);
-        return "/system/menu/add";
+        return "/auth/menu/add";
     }
 
     @ApiOperation(value = "获取资源编辑页面")
@@ -61,7 +61,7 @@ public class ResourcePageController {
 
         model.addAttribute("menu", menu);
         model.addAttribute("pMenu", pMenu);
-        return "/system/menu/add";
+        return "/auth/menu/add";
     }
 
     // TODO Hibernate 会根据传入的 id 自动查找相应的 Menu
@@ -70,13 +70,13 @@ public class ResourcePageController {
     public String roleListWithResource(@PathVariable("id") Menu menu, Model model) {
         List<Role> list = new ArrayList<>(menu.getRoles());
         model.addAttribute("list", list);
-        return "/system/menu/roleList";
+        return "/auth/menu/roleList";
     }
 
     @ApiOperation(value = "获取资源详细页面")
     @GetMapping("/detail/{id}")
     public String toDetail(@PathVariable("id") Menu menu, Model model) {
         model.addAttribute("menu", menu);
-        return "/system/menu/detail";
+        return "/auth/menu/detail";
     }
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/controller/RoleController.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/RoleController.java

@@ -1,4 +1,4 @@
-package cn.reghao.autodop.dmaster.view.controller;
+package cn.reghao.autodop.dmaster.auth.controller;
 
 import cn.reghao.autodop.dmaster.auth.entity.Menu;
 import cn.reghao.autodop.dmaster.auth.entity.Role;
@@ -19,7 +19,7 @@ import java.util.List;
  * @date 2021-04-04 21:24:18
  */
 @Api(tags = "角色接口")
-@RequestMapping("/system/role")
+@RequestMapping("/api/auth/role")
 @Controller
 public class RoleController {
     private RoleService roleService;

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/controller/RolePageController.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/RolePageController.java

@@ -1,4 +1,4 @@
-package cn.reghao.autodop.dmaster.view.controller;
+package cn.reghao.autodop.dmaster.auth.controller;
 
 import cn.reghao.autodop.dmaster.auth.entity.GrantedAuthorityImpl;
 import cn.reghao.autodop.dmaster.auth.entity.Role;
@@ -23,7 +23,7 @@ import java.util.stream.Collectors;
  * @date 2021-04-04 21:24:18
  */
 @Api(tags = "角色页面")
-@RequestMapping("/system/role")
+@RequestMapping("/auth/role")
 @Controller
 public class RolePageController {
     private RoleService roleService;
@@ -46,32 +46,32 @@ public class RolePageController {
 
         model.addAttribute("page", rolePage);
         model.addAttribute("list", pageList.getList());
-        return "/system/role/index";
+        return "/auth/role/index";
     }
 
     @GetMapping("/add")
     public String addRolePage() {
-        return "/system/role/add";
+        return "/auth/role/add";
     }
 
     @GetMapping("/edit/{id}")
     public String editRolePage(@PathVariable("id") int id, Model model) {
         Role role = roleService.findById(id);
         model.addAttribute("role", role);
-        return "/system/role/add";
+        return "/auth/role/add";
     }
 
     @GetMapping("/detail/{id}")
     public String roleDetailPage(@PathVariable("id") int id, Model model) {
         Role role = roleService.findById(id);
         model.addAttribute("role", role);
-        return "/system/role/detail";
+        return "/auth/role/detail";
     }
 
     @GetMapping("/auth")
     public String authPage(@RequestParam(value = "ids") Long id, Model model){
         model.addAttribute("id", id);
-        return "/system/role/auth";
+        return "/auth/role/auth";
     }
 
     @GetMapping("/resource/{id}")
@@ -81,6 +81,6 @@ public class RolePageController {
                 .collect(Collectors.toList());
 
         model.addAttribute("list", list);
-        return "/system/role/resource";
+        return "/auth/role/resource";
     }
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/controller/UserController.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/UserController.java

@@ -1,4 +1,4 @@
-package cn.reghao.autodop.dmaster.view.controller;
+package cn.reghao.autodop.dmaster.auth.controller;
 
 import cn.reghao.autodop.dmaster.auth.db.UserCrud;
 import cn.reghao.autodop.dmaster.auth.entity.Role;
@@ -17,7 +17,7 @@ import java.util.List;
  * @date 2021-04-04 21:24:18
  */
 @Api(tags = "用户接口")
-@RequestMapping("/system/user")
+@RequestMapping("/api/auth/user")
 @RestController
 public class UserController {
     private UserCrud userCrud;
@@ -27,19 +27,22 @@ public class UserController {
     }
 
     @ApiOperation(value = "新增/修改用户")
-    @PostMapping(value = "/save", produces = MediaType.APPLICATION_JSON_VALUE)
+    @PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public String addOrUpdateUser(User user) {
         userCrud.addOrUpdate(user);
         return WebBody.success();
     }
 
+    @ApiOperation(value = "删除用户")
+    @DeleteMapping(value = "/{id}", produces = MediaType.APPLICATION_JSON_VALUE)
+    public String deleteUser(@PathVariable("id") User user) {
+        return WebBody.success();
+    }
+
     @ApiOperation(value = "修改用户密码")
-    @PostMapping(value = "/pwd", produces = MediaType.APPLICATION_JSON_VALUE)
-    public String modifyPassword(String password,
-                                 String confirm,
-                                 @RequestParam(value = "ids", required = false) List<Long> ids,
-                                 @RequestParam(value = "ids", required = false) List<User> users) {
-        return WebBody.success("");
+    @PostMapping(value = "/passwd", produces = MediaType.APPLICATION_JSON_VALUE)
+    public String modifyPassword(Integer id, String newPassword) {
+        return WebBody.success();
     }
 
     @ApiOperation(value = "给用户分配角色")
@@ -49,4 +52,14 @@ public class UserController {
         userCrud.modifyUserRoles(user, roles);
         return WebBody.success();
     }
+
+    @ApiOperation(value = "启用/禁用用户")
+    @PostMapping(value = "/status/{var}", produces = MediaType.APPLICATION_JSON_VALUE)
+    public String setUserStatus(@PathVariable("var") String var,
+                                @RequestParam(value = "ids") List<User> users) {
+        if ("disable".equals(var)) {
+        } else {
+        }
+        return WebBody.success();
+    }
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/controller/UserPageController.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/UserPageController.java

@@ -1,4 +1,4 @@
-package cn.reghao.autodop.dmaster.view.controller;
+package cn.reghao.autodop.dmaster.auth.controller;
 
 import cn.reghao.autodop.dmaster.auth.db.UserCrud;
 import cn.reghao.autodop.dmaster.auth.entity.Role;
@@ -15,6 +15,8 @@ import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 
 /**
@@ -22,7 +24,7 @@ import java.util.List;
  * @date 2021-04-04 21:24:18
  */
 @Api(tags = "用户页面")
-@RequestMapping("/system/user")
+@RequestMapping("/auth/user")
 @Controller
 public class UserPageController {
     private UserCrud userCrud;
@@ -43,44 +45,54 @@ public class UserPageController {
 
         model.addAttribute("page", userPage);
         model.addAttribute("list", pageList.getList());
-        return "/system/user/index";
+        return "/auth/user/index";
     }
 
     @GetMapping("/add")
-    public String addUserPage() {
-        return "/system/user/add";
+    public String addUserPage(Model model) {
+        List<Role> allRoles = roleRepository.findAll();
+        List<Role> userRoles = Collections.emptyList();
+
+        model.addAttribute("allRoles", allRoles);
+        model.addAttribute("userRoles", userRoles);
+        return "/auth/user/add";
     }
 
     @GetMapping("/edit/{id}")
-    public String editUserPage(@PathVariable("id") int id, Model model) {
-        User userInfo = userCrud.findById(id);
-        model.addAttribute("user", userInfo);
-        return "/system/user/add";
+    public String editUserPage(@PathVariable("id") User user, Model model) {
+        List<Role> allRoles = roleRepository.findAll();
+        List<Role> userRoles = userCrud.getUserRoles(user.getId());
+
+        model.addAttribute("allRoles", allRoles);
+        model.addAttribute("userRoles", userRoles);
+        model.addAttribute("user", user);
+        return "/auth/user/edit";
     }
 
     @GetMapping("/detail/{id}")
     public String userDetailPage(@PathVariable("id") int id, Model model) {
         User userInfo = userCrud.findById(id);
         model.addAttribute("user", userInfo);
-        return "/system/user/detail";
+        return "/auth/user/detail";
     }
 
-    @GetMapping("/pwd")
-    public String modifyPasswordPage(Model model, @RequestParam(value = "ids", required = false) List<Long> ids) {
-        model.addAttribute("idList", ids);
-        return "/system/user/pwd";
+    @GetMapping("/passwd/{id}")
+    public String modifyPasswordPage(@PathVariable("id") Integer id, Model model) {
+        model.addAttribute("id", id);
+        return "/auth/user/passwd";
     }
 
     @ApiOperation(value = "用户角色分配页面")
-    @GetMapping("/role")
-    public String assignRolePage(@RequestParam(value = "ids") int userId, Model model) {
+    @GetMapping("/role/{id}")
+    public String assignRolePage(@PathVariable("id") User user, Model model) {
         List<Role> roles = roleRepository.findAll();
+        int userId = user.getId();
         List<Role> authRoles = userCrud.getUserRoles(userId);
 
         model.addAttribute("id", userId);
         model.addAttribute("list", roles);
         model.addAttribute("authRoles", authRoles);
-        return "/system/user/role";
+        return "/auth/user/role";
     }
 
     @ApiOperation(value = "获取角色列表页面")
@@ -88,6 +100,6 @@ public class UserPageController {
     public String roleListWithResource(@PathVariable("userId") User user, Model model) {
         List<Role> list = userCrud.getUserRoles(user.getId());
         model.addAttribute("list", list);
-        return "/system/user/roleList";
+        return "/auth/user/roleList";
     }
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/db/UserCrud.java

@@ -16,6 +16,7 @@ import javax.persistence.criteria.JoinType;
 import javax.persistence.criteria.Predicate;
 import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -37,9 +38,18 @@ public class UserCrud {
     }
 
     public User findById(int id) {
-        return userRepository.findById(id);
+        return userRepository.findById(id).orElse(null);
     }
 
+    public void insert(User user) {
+        userRepository.save(user);
+    }
+
+    public void update(User user) {
+        userRepository.save(user);
+    }
+
+    @Deprecated
     public void addOrUpdate(User user) {
         Integer id = user.getId();
         if (id == null) {
@@ -49,6 +59,7 @@ public class UserCrud {
         }
     }
 
+    @Deprecated
     private void addUser(User user) {
         String password = user.getPassword();
         String salt = Salt.get(64);
@@ -59,10 +70,12 @@ public class UserCrud {
         userRepository.save(user);
     }
 
+    @Deprecated
     private void updateUser(User user) {
         userRepository.save(user);
     }
 
+    @Deprecated
     public void modifyUserRoles(User user, Set<Role> roles) {
         // 用户当前拥有的角色
         List<String> roleList = user.getAuthorities().stream()
@@ -99,7 +112,11 @@ public class UserCrud {
     }
 
     public List<Role> getUserRoles(int userId) {
-        User user = userRepository.findById(userId);
+        User user = userRepository.findById(userId).orElse(null);
+        if (user == null) {
+            return Collections.emptyList();
+        }
+
         List<String> roles = user.getAuthorities().stream()
                 .map(GrantedAuthority::getAuthority).collect(Collectors.toList());
         return roleCrud.findUserRoles(roles);

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/db/query/RoleQuery.java

@@ -0,0 +1,32 @@
+package cn.reghao.autodop.dmaster.auth.db.query;
+
+import cn.reghao.autodop.dmaster.auth.entity.Role;
+import cn.reghao.autodop.dmaster.auth.entity.User;
+import cn.reghao.autodop.dmaster.auth.repository.RoleRepository;
+import cn.reghao.autodop.dmaster.auth.repository.UserRepository;
+import org.springframework.data.jpa.domain.Specification;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.stereotype.Service;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+/**
+ * @author reghao
+ * @date 2021-07-12 15:32:26
+ */
+@Service
+public class RoleQuery {
+    private RoleRepository roleRepository;
+
+    public RoleQuery(RoleRepository roleRepository) {
+        this.roleRepository = roleRepository;
+    }
+
+    public List<Role> getUserRoles(List<String> roles) {
+        Specification<Role> spec = ((root, query, criteriaBuilder) -> root.get("title").in(roles));
+        return roleRepository.findAll(spec);
+    }
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/db/query/UserQuery.java

@@ -0,0 +1,43 @@
+package cn.reghao.autodop.dmaster.auth.db.query;
+
+import cn.reghao.autodop.dmaster.auth.entity.Role;
+import cn.reghao.autodop.dmaster.auth.entity.User;
+import cn.reghao.autodop.dmaster.auth.repository.RoleRepository;
+import cn.reghao.autodop.dmaster.auth.repository.UserRepository;
+import org.springframework.data.jpa.domain.Specification;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.stereotype.Service;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+/**
+ * @author reghao
+ * @date 2021-07-12 15:32:26
+ */
+@Service
+public class UserQuery {
+    private UserRepository userRepository;
+    private RoleRepository roleRepository;
+
+    public UserQuery(UserRepository userRepository, RoleRepository roleRepository) {
+        this.userRepository = userRepository;
+        this.roleRepository = roleRepository;
+    }
+
+    public List<Role> getUserRoles(int userId) {
+        Optional<User> userOptional = userRepository.findById(userId);
+        if (userOptional.isEmpty()) {
+            return Collections.emptyList();
+        }
+
+        User userEntity = userOptional.get();
+        List<String> roles = userEntity.getAuthorities().stream()
+                .map(GrantedAuthority::getAuthority).collect(Collectors.toList());
+
+        Specification<Role> spec = ((root, query, criteriaBuilder) -> root.get("title").in(roles));
+        return roleRepository.findAll(spec);
+    }
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/entity/Menu.java

@@ -7,6 +7,8 @@ import lombok.NoArgsConstructor;
 import lombok.ToString;
 
 import javax.persistence.*;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import java.util.*;
 
 /**
@@ -22,12 +24,16 @@ import java.util.*;
 @Entity
 public class Menu extends BaseEntity<Integer> {
     // 父 menu id
+    @NotNull(message = "父级菜单不能为 NULL")
     private Integer pid;
     // 在同一个 pid 组内的位置，作为排序使用
     private Integer pos;
+    @NotBlank(message = "标题不能为空白字符串")
     private String title;
+    @NotBlank(message = "url地址不能为空白字符串，可以输入#代替")
     private String url;
     // Menu 类型
+    @NotNull(message = "菜单类型不能为 NULL")
     private String type;
     private String icon;
     private String remark;

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/entity/User.java

@@ -9,6 +9,7 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import javax.persistence.*;
+import javax.validation.constraints.NotBlank;
 import java.util.Collection;
 import java.util.Set;
 
@@ -25,9 +26,11 @@ import java.util.Set;
 public class User extends BaseEntity<Integer> implements UserDetails {
     // 用户名和密码
     @Column(nullable = false, unique = true)
+    @NotBlank(message = "用户名不能为空白字符串")
     private String username;
     @Column(nullable = false)
     @JsonIgnore
+    @NotBlank(message = "密码不能为空白字符串")
     private String password;
     @Column(nullable = false)
     private String salt;
@@ -36,12 +39,12 @@ public class User extends BaseEntity<Integer> implements UserDetails {
     private int status;
     private int locked;
 
+    @NotBlank(message = "标题不能为空白字符串")
     private String nickname;
     private String email;
     private String mobilePhone;
-    private String avatarUrl;
     private int gender;
-    private String remark;
+    private String avatarUrl;
 
     public User(String username, Set<GrantedAuthorityImpl> authorities) {
         this.username = username;

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/entity/UserInfo.java

@@ -0,0 +1,14 @@
+package cn.reghao.autodop.dmaster.auth.entity;
+
+import lombok.Data;
+
+/**
+ * @author reghao
+ * @date 2021-07-12 16:06:11
+ */
+@Data
+public class UserInfo {
+    private String nickname;
+    private String email;
+    private String mobilePhone;
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/repository/UserRepository.java

@@ -10,5 +10,4 @@ import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
  */
 public interface UserRepository extends JpaRepository<User, Integer>, JpaSpecificationExecutor<User> {
     User findByUsername(String username);
-    User findById(int userId);
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/service/ResourceService.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/service/ResourceService.java

@@ -1,8 +1,10 @@
-package cn.reghao.autodop.dmaster.view.service;
+package cn.reghao.autodop.dmaster.auth.service;
 
 import cn.reghao.autodop.dmaster.auth.entity.DataStatus;
 import cn.reghao.autodop.dmaster.auth.entity.Menu;
+import cn.reghao.autodop.dmaster.auth.entity.Role;
 import cn.reghao.autodop.dmaster.auth.repository.MenuRepository;
+import cn.reghao.autodop.dmaster.auth.repository.RoleRepository;
 import org.springframework.stereotype.Service;
 
 import java.time.LocalDateTime;
@@ -16,9 +18,11 @@ import java.util.stream.Collectors;
 @Service
 public class ResourceService {
     private final MenuRepository menuRepository;
+    private RoleRepository roleRepository;
 
-    public ResourceService(MenuRepository menuRepository) {
+    public ResourceService(MenuRepository menuRepository, RoleRepository roleRepository) {
         this.menuRepository = menuRepository;
+        this.roleRepository = roleRepository;
     }
 
     public void addResource(Menu menu) {
@@ -152,8 +156,14 @@ public class ResourceService {
     }
 
     public void deleteResource(Menu menu) {
+        // 删除 Role 关联的 Menu
+        for (Role role : menu.getRoles()) {
+            role.getMenus().remove(menu);
+            roleRepository.save(role);
+        }
+
         // TODO 重新调整组内 menu 的位置
-        //menuRepository.delete(menu);
+        menuRepository.delete(menu);
     }
 
     public List<Menu> getResourceByStatus(String status) {

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/service/UserService.java

@@ -1,9 +1,18 @@
 package cn.reghao.autodop.dmaster.auth.service;
 
+import cn.reghao.autodop.dmaster.auth.entity.Role;
+import cn.reghao.autodop.dmaster.auth.entity.User;
+
+import java.util.List;
+
 /**
  * @author reghao
  * @date 2020-06-19 16:36:53
  */
 public interface UserService {
-    void createUser();
+    void createUser(User user);
+    void modifyUserPassword(Integer userId, String newPassword);
+    void modifyUserInfo(User user);
+    void setUserStatus(Integer userId, Integer status);
+    void setUserRoles(Integer userId, List<Role> roles);
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/service/UserServiceImpl.java

@@ -0,0 +1,114 @@
+package cn.reghao.autodop.dmaster.auth.service;
+
+import cn.reghao.autodop.common.utils.security.Cryptor;
+import cn.reghao.autodop.common.utils.security.Md5Cryptor;
+import cn.reghao.autodop.common.utils.security.Salt;
+import cn.reghao.autodop.dmaster.auth.db.RoleCrud;
+import cn.reghao.autodop.dmaster.auth.db.UserCrud;
+import cn.reghao.autodop.dmaster.auth.db.query.RoleQuery;
+import cn.reghao.autodop.dmaster.auth.db.query.UserQuery;
+import cn.reghao.autodop.dmaster.auth.entity.GrantedAuthorityImpl;
+import cn.reghao.autodop.dmaster.auth.entity.Role;
+import cn.reghao.autodop.dmaster.auth.entity.User;
+import cn.reghao.autodop.dmaster.auth.repository.RoleRepository;
+import cn.reghao.autodop.dmaster.auth.repository.UserRepository;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.stereotype.Service;
+
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
+import java.util.Optional;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+/**
+ * @author reghao
+ * @date 2020-06-19 16:36:53
+ */
+@Slf4j
+@Service
+public class UserServiceImpl implements UserService {
+    private UserRepository userRepository;
+    private RoleRepository roleRepository;
+    private UserQuery userQuery;
+    private RoleQuery roleQuery;
+    private Cryptor cryptor;
+
+    public UserServiceImpl(UserRepository userRepository, RoleRepository roleRepository,
+                           UserQuery userQuery, RoleQuery roleQuery)
+            throws NoSuchAlgorithmException {
+        this.userRepository = userRepository;
+        this.roleRepository = roleRepository;
+        this.userQuery = userQuery;
+        this.roleQuery = roleQuery;
+        this.cryptor = new Md5Cryptor();
+    }
+
+    @Override
+    public void createUser(User user) {
+        String username = user.getUsername();
+        User userEntity = userRepository.findByUsername(username);
+        if (userEntity != null) {
+            log.error("用户 {} 已存在...", username);
+            return;
+        }
+
+        setEncryptPassword(user);
+        user.setAvatarUrl("/imgs/avatar/default.png");
+        userRepository.save(user);
+    }
+
+    private void setEncryptPassword(User user) {
+        String password = user.getPassword();
+        String salt = Salt.get(64);
+        String encryptPwd = cryptor.encrypt(password + salt);
+        user.setPassword(encryptPwd);
+        user.setSalt(salt);
+    }
+
+    @Override
+    public void modifyUserPassword(Integer userId, String newPassword) {
+        Optional<User> userOptional = userRepository.findById(userId);
+        if (userOptional.isPresent()) {
+            User userEntity = userOptional.get();
+            userEntity.setPassword(newPassword);
+            setEncryptPassword(userEntity);
+            userRepository.save(userEntity);
+        } else {
+            log.error("用户不存在...");
+        }
+    }
+
+    @Override
+    public void modifyUserInfo(User user) {
+
+    }
+
+    @Override
+    public void setUserStatus(Integer userId, Integer status) {
+    }
+
+    @Override
+    public void setUserRoles(Integer userId, List<Role> roles) {
+        Optional<User> userOptional = userRepository.findById(userId);
+        if (userOptional.isEmpty()) {
+            log.error("用户不存在...");
+            return;
+        }
+
+        User userEntity = userOptional.get();
+        List<String> roleTitles = userEntity.getAuthorities().stream()
+                .map(GrantedAuthority::getAuthority).collect(Collectors.toList());
+        if (roleTitles.isEmpty()) {
+            Set<GrantedAuthorityImpl> authorities = roles.stream()
+                    .map(role -> new GrantedAuthorityImpl(role.getTitle()))
+                    .collect(Collectors.toSet());
+            userEntity.setAuthorities(authorities);
+            userRepository.save(userEntity);
+            return;
+        }
+
+        List<Role> currentRoles = roleQuery.getUserRoles(roleTitles);
+    }
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/sys/controller/TestController.java

@@ -136,9 +136,8 @@ public class TestController {
         user.setNickname("大灰狼");
         user.setEmail("reghaodev@gmail.com");
         user.setMobilePhone("13012345678");
-        user.setAvatarUrl("/imgs/avatar/default.png");
         user.setGender(1);
-        user.setRemark("管理员");
+        user.setAvatarUrl("/imgs/avatar/default.png");
 
         userRepository.save(user);
     }

dmaster/src/main/java/cn/reghao/autodop/dmaster/view/validator/MenuValidator.java

@@ -1,23 +0,0 @@
-package cn.reghao.autodop.dmaster.view.validator;
-
-import lombok.Data;
-
-import javax.validation.constraints.NotBlank;
-import javax.validation.constraints.NotNull;
-import java.io.Serializable;
-
-/**
- * @author reghao
- * @date 2021-05-18 14:38:49
- */
-@Data
-public class MenuValidator implements Serializable {
-    @NotBlank(message = "标题不能为空白字符串")
-    private String title;
-    @NotNull(message = "父级菜单不能为 NULL")
-    private Integer pid;
-    @NotBlank(message = "url地址不能为空白字符串，可以输入#代替")
-    private String url;
-    @NotNull(message = "菜单类型不能为 NULL")
-    private String type;
-}

dmaster/src/main/resources/templates/system/menu/add.html → dmaster/src/main/resources/templates/auth/menu/add.html

@@ -6,7 +6,7 @@
 </head>
 <body>
 <div class="layui-form timo-compile">
-    <form th:action="@{/system/menu/save}">
+    <form th:action="@{/auth/menu/save}">
         <input type="hidden" name="id" th:if="${menu}" th:value="${menu.id}"/>
         <input type="hidden" name="isDelete" th:if="${menu}" th:value="${menu.isDelete}"/>
         <input type="hidden" name="createTime" th:if="${menu}" th:value="${menu.createTime}"/>
@@ -41,7 +41,7 @@
             <label class="layui-form-label required">父级菜单</label>
             <div class="layui-input-inline">
                 <label>
-                    <input class="layui-input select-tree" th:attr="data-url=@{/system/menu/list/enable}, data-value=${pMenu?.id}" type="text" name="pid"  placeholder="请输入父级菜单（必须是目录类型）" th:value="${pMenu?.title}">
+                    <input class="layui-input select-tree" th:attr="data-url=@{/auth/menu/list/enable}, data-value=${pMenu?.id}" type="text" name="pid"  placeholder="请输入父级菜单（必须是目录类型）" th:value="${pMenu?.title}">
                 </label>
             </div>
         </div>
@@ -58,7 +58,7 @@
             <div class="layui-input-inline">
                 <label>
                     <select class="select-pos" name="pos"
-                            th:attr="data-url=@{/system/menu/sortList}, data-id=${menu?.id}, data-pos=${menu?.pos}" lay-verify="pos"></select>
+                            th:attr="data-url=@{/auth/menu/sortList}, data-id=${menu?.id}, data-pos=${menu?.pos}" lay-verify="pos"></select>
                 </label>
             </div>
             <div class="layui-input-info">（之后）</div>

dmaster/src/main/resources/templates/system/menu/index.html → dmaster/src/main/resources/templates/auth/menu/index.html

@@ -5,7 +5,7 @@
         <link rel="stylesheet" th:href="@{/lib/zTree_v3/css/zTreeStyle/zTreeStyle.css}" type="text/css">
     </head>
     <body class="timo-layout-page">
-        <div class="layui-card timo-tree" th:attr="data-url=@{'/system/menu/list/' + ${status}}">
+        <div class="layui-card timo-tree" th:attr="data-url=@{'/auth/menu/list/' + ${status}}">
             <div class="layui-card-header timo-card-header">
                 <span>
                     <i class="fa fa-bars"></i>
@@ -35,7 +35,7 @@
                         </div>
                         <div class="pull-right screen-btn-group">
                             <button class="layui-btn open-popup popup-add" data-title="添加资源"
-                                    th:attr="data-url=@{/system/menu/add}">
+                                    th:attr="data-url=@{/auth/menu/add}">
                                 <i class="fa fa-plus"></i>
                                 添加
                             </button>
@@ -45,10 +45,10 @@
                                 </button>
                                 <dl class="layui-nav-child layui-anim layui-anim-upbit">
                                     <dd>
-                                        <a class="ajax-status" th:href="@{/system/menu/status/enable}">启用</a>
+                                        <a class="ajax-status" th:href="@{/auth/menu/status/enable}">启用</a>
                                     </dd>
                                     <dd>
-                                        <a class="ajax-status" th:href="@{/system/menu/status/disable}">停用</a>
+                                        <a class="ajax-status" th:href="@{/auth/menu/status/disable}">停用</a>
                                     </dd>
                                 </dl>
                             </div>
@@ -84,19 +84,19 @@
                                     <td>{{type}}</td>
                                     <td>
                                         <a class="open-popup" data-title="角色列表"
-                                           th:attr="data-url=@{'/system/menu/roleList/{{id}}'}" data-size="800,600"
+                                           th:attr="data-url=@{'/auth/menu/roleList/{{id}}'}" data-size="800,600"
                                            href="#">查看</a>
                                     </td>
                                     <td>
                                         <a class="open-popup popup-edit" data-title="编辑资源"
-                                           th:attr="data-url=@{'/system/menu/edit/{{id}}'}" href="#">编辑
+                                           th:attr="data-url=@{'/auth/menu/edit/{{id}}'}" href="#">编辑
                                         </a>
                                         <a class="open-popup" data-title="详细信息"
-                                           th:attr="data-url=@{'/system/menu/detail/{{id}}'}"
+                                           th:attr="data-url=@{'/auth/menu/detail/{{id}}'}"
                                            data-size="800,600" href="#">详细
                                         </a>
                                         <a class="ajax-delete popup-delete" th:attr="data-msg='您是否确定删除'"
-                                           th:href="@{'/system/menu/{{id}}'}">删除
+                                           th:href="@{'/auth/menu/{{id}}'}">删除
                                         </a>
                                     </td>
                                 </tr>

dmaster/src/main/resources/templates/system/role/add.html → dmaster/src/main/resources/templates/auth/role/add.html

@@ -4,7 +4,7 @@
 </head>
 <body>
 <div class="layui-form timo-compile">
-    <form th:action="@{/system/role/save}">
+    <form th:action="@{/auth/role/save}">
         <input type="hidden" name="id" th:if="${role}" th:value="${role.id}"/>
         <div class="layui-form-item">
             <label class="layui-form-label required">角色</label>

dmaster/src/main/resources/templates/system/role/auth.html → dmaster/src/main/resources/templates/auth/role/auth.html

@@ -20,9 +20,9 @@
 </head>
 <body>
 <div class="layui-form timo-compile">
-    <ul id="authTree" class="ztree" th:attr="data-url=@{/system/role/authList(ids=${id})}"></ul>
+    <ul id="authTree" class="ztree" th:attr="data-url=@{/auth/role/authList(ids=${id})}"></ul>
     <div class="layui-form-item timo-finally">
-        <button id="submit" class="layui-btn" th:attr="data-url=@{/system/role/auth}, data-id=${id}"><i class="fa fa-check-circle"></i> 保存</button>
+        <button id="submit" class="layui-btn" th:attr="data-url=@{/auth/role/auth}, data-id=${id}"><i class="fa fa-check-circle"></i> 保存</button>
         <button class="layui-btn btn-secondary close-popup"><i class="fa fa-times-circle"></i> 关闭</button>
     </div>
 </div>

dmaster/src/main/resources/templates/system/role/index.html → dmaster/src/main/resources/templates/auth/role/index.html

@@ -26,12 +26,12 @@
                 </div>
             </div>
             <div class="pull-right screen-btn-group">
-                <button class="layui-btn open-popup" data-title="添加角色" th:attr="data-url=@{/system/role/add}"
+                <button class="layui-btn open-popup" data-title="添加角色" th:attr="data-url=@{/auth/role/add}"
                         data-size="460,357">
                     <i class="fa fa-plus"></i> 添加
                 </button>
                 <button class="layui-btn open-popup-param" data-type="radio" data-title="授权管理"
-                        th:attr="data-url=@{/system/role/auth}" data-size="600,500">
+                        th:attr="data-url=@{/auth/role/auth}" data-size="600,500">
                     <i class="fa fa-user-secret"></i> 分配权限
                 </button>
             </div>
@@ -62,15 +62,15 @@
                     <td th:text="${item.updateTime}">更新时间</td>
                     <td>
                         <a class="open-popup" data-title="可访问的资源"
-                           th:attr="data-url=@{'/system/role/resource/'+${item.id}}" data-size="800,600"
+                           th:attr="data-url=@{'/auth/role/resource/'+${item.id}}" data-size="800,600"
                            href="#">查看</a>
                     </td>
                     <td>
-                        <a class="open-popup" data-title="编辑角色" th:attr="data-url=@{'/system/role/edit/'+${item.id}}"
+                        <a class="open-popup" data-title="编辑角色" th:attr="data-url=@{'/auth/role/edit/'+${item.id}}"
                            data-size="460,357" href="#">编辑</a>
-                        <a class="open-popup" data-title="详细信息" th:attr="data-url=@{'/system/role/detail/'+${item.id}}"
+                        <a class="open-popup" data-title="详细信息" th:attr="data-url=@{'/auth/role/detail/'+${item.id}}"
                            data-size="800,600" href="#">详细</a>
-                        <a class="ajax-get" data-msg="您是否确认删除" th:href="@{/system/role/status/delete(ids=${item.id})}">删除</a>
+                        <a class="ajax-get" data-msg="您是否确认删除" th:href="@{/auth/role/status/delete(ids=${item.id})}">删除</a>
                     </td>
                 </tr>
                 </tbody>

dmaster/src/main/resources/templates/system/role/resource.html → dmaster/src/main/resources/templates/auth/role/resource.html

@@ -25,7 +25,7 @@
             <tr th:each="item:${list}">
                 <td>[[${item.username}]]</td>
                 <td>[[${item.nickname}]]</td>
-                <td><a th:href="@{/system/user/index(id=${item.id})}">查看</a></td>
+                <td><a th:href="@{/auth/user/index(id=${item.id})}">查看</a></td>
             </tr>
             <tr th:if="${list.isEmpty()}">
                 <td style="text-align: center" colspan="3">未有分配该角色的用户</td>

dmaster/src/main/resources/templates/system/user/add.html → dmaster/src/main/resources/templates/auth/user/add.html

@@ -1,69 +1,59 @@
 <!DOCTYPE html>
-<html xmlns:th="http://www.thymeleaf.org"
-      xmlns:mo="https://gitee.com/aun/Timo">
-
-<head th:replace="/common/template :: header(~{::title},~{::link},~{::style})">
-    <link rel="stylesheet" th:href="@{/lib/zTree_v3/css/zTreeStyle/zTreeStyle.css}" type="text/css">
-</head>
+<html xmlns:th="http://www.thymeleaf.org">
+<head th:replace="/common/template :: header(~{::title},~{::link},~{::style})"></head>
 <body>
 <div class="layui-form timo-compile">
-    <form th:action="@{/system/user/save}">
-        <input type="hidden" name="id" th:if="${user}" th:value="${user.id}"/>
-        <div class="layui-form-item" th:if="!${user}">
-            <label class="layui-form-label required">用户名</label>
+    <form th:action="@{/api/auth/user}">
+        <div class="layui-form-item">
+            <label class="layui-form-label required">登录名</label>
             <div class="layui-input-inline">
-                <input class="layui-input" type="text" name="username"  placeholder="请输入用户名">
+                <input class="layui-input" type="text" name="username"  placeholder="请输入登录名">
             </div>
         </div>
-        <div class="layui-form-item" th:if="${user}">
+        <div class="layui-form-item">
             <label class="layui-form-label required">用户名</label>
             <div class="layui-input-inline">
-                <input class="layui-input" type="text" name="username"  placeholder="请输入用户名" readonly="true" th:value="${user.username}">
+                <input class="layui-input" type="text" name="nickname" placeholder="请输入用户名">
             </div>
         </div>
         <div class="layui-form-item">
-            <label class="layui-form-label required">用户昵称</label>
-            <div class="layui-input-inline">
-                <input class="layui-input" type="text" name="nickname" placeholder="请输入用户昵称" th:value="${user?.nickname}">
-            </div>
-        </div>
-        <div class="layui-form-item" th:if="!${user}">
             <label class="layui-form-label required">用户密码</label>
             <div class="layui-input-inline">
                 <input class="layui-input" type="password" name="password" placeholder="请输入用户密码">
-                <!--<img id="img" src="/imgs/icons/icon-visible.png" onclick="hideOrShow()">-->
-            </div>
-        </div>
-        <div class="layui-form-item" th:if="!${user}">
-            <label class="layui-form-label required">确认密码</label>
-            <div class="layui-input-inline">
-                <input class="layui-input" type="password" name="confirm" placeholder="再一次输入密码">
             </div>
         </div>
         <div class="layui-form-item">
-            <label class="layui-form-label">电话号码</label>
+            <label class="layui-form-label">手机号码</label>
             <div class="layui-input-inline">
-                <input class="layui-input" type="text" name="mobilePhone" placeholder="请输入电话号码" th:value="${user?.mobilePhone}">
+                <input class="layui-input" type="text" name="mobilePhone" placeholder="请输入手机号码">
             </div>
         </div>
         <div class="layui-form-item">
             <label class="layui-form-label">邮箱</label>
             <div class="layui-input-inline">
-                <input class="layui-input" type="text" name="email" placeholder="请输入邮箱" th:value="${user?.email}">
+                <input class="layui-input" type="text" name="email" placeholder="请输入邮箱">
             </div>
         </div>
-
         <div class="layui-form-item">
             <label class="layui-form-label">选择性别</label>
             <div class="layui-input-inline">
-                <input type="radio" name="gender" value="1" title="男" checked><div class="layui-unselect layui-form-radio layui-form-radioed"><i class="layui-anim layui-icon"></i><div>男</div></div>
-                <input type="radio" name="gender" value="2" title="女" th:checked="${user?.gender} eq 2"><div class="layui-unselect layui-form-radio"><i class="layui-anim layui-icon"></i><div>女</div></div>
+                <input type="radio" name="gender" value="1" title="男" checked>
+                <div class="layui-unselect layui-form-radio layui-form-radioed">
+                    <i class="layui-anim layui-icon"></i>
+                    <div>男</div>
+                </div>
+                <input type="radio" name="gender" value="2" title="女">
+                <div class="layui-unselect layui-form-radio">
+                    <i class="layui-anim layui-icon"></i>
+                    <div>女</div>
+                </div>
             </div>
         </div>
-        <div class="layui-form-item layui-form-text">
-            <label class="layui-form-label">备注</label>
+        <div class="layui-form-item">
+            <label class="layui-form-label">用户角色</label>
             <div class="layui-input-block">
-                <textarea placeholder="请输入内容" class="layui-textarea" name="remark">[[${user?.remark}]]</textarea>
+                <input th:each="item:${allRoles}" type="checkbox" name="roleId" th:title="${item.name}"
+                       th:value="${item.id}" th:checked="${#sets.contains(userRoles, item)}" lay-skin="primary">
             </div>
         </div>
         <div class="layui-form-item timo-finally">
@@ -74,16 +64,9 @@
 </div>
 <script th:replace="/common/template :: script"></script>
 <script type="text/javascript" th:src="@{/js/plugins/jquery-2.2.4.min.js}"></script>
-<script type="text/javascript" th:src="@{/lib/zTree_v3/js/jquery.ztree.core.min.js}"></script>
-<script type="text/javascript" th:src="@{/js/timoTree.js}"></script>
-<script type="text/javascript">
-    // 树形菜单
-    $.fn.selectTree();
-</script>
 <script type="text/javascript">
     var img = document.getElementById("img");
     var passwd = document.getElementById("LAY-user-login-password");
-
     function hideOrShow() {
         if (passwd.type == "password") {
             passwd.type = "text";

dmaster/src/main/resources/templates/auth/user/edit.html

@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head th:replace="/common/template :: header(~{::title},~{::link},~{::style})"></head>
+<body>
+<div class="layui-form timo-compile">
+    <form th:action="@{/api/auth/user}">
+        <input type="hidden" name="id" th:value="${user.id}"/>
+        <div class="layui-form-item">
+            <label class="layui-form-label required">登录名</label>
+            <div class="layui-input-inline">
+                <input class="layui-input" type="text" name="username"  placeholder="请输入登录名" readonly="true" th:value="${user.username}">
+            </div>
+        </div>
+        <div class="layui-form-item">
+            <label class="layui-form-label required">用户名</label>
+            <div class="layui-input-inline">
+                <input class="layui-input" type="text" name="nickname" placeholder="请输入用户名" th:value="${user.nickname}">
+            </div>
+        </div>
+        <div class="layui-form-item">
+            <label class="layui-form-label">手机号码</label>
+            <div class="layui-input-inline">
+                <input class="layui-input" type="text" name="mobilePhone" placeholder="请输入手机号码" th:value="${user.mobilePhone}">
+            </div>
+        </div>
+        <div class="layui-form-item">
+            <label class="layui-form-label">邮箱</label>
+            <div class="layui-input-inline">
+                <input class="layui-input" type="text" name="email" placeholder="请输入邮箱" th:value="${user.email}">
+            </div>
+        </div>
+        <div class="layui-form-item timo-finally">
+            <button class="layui-btn ajax-submit"><i class="fa fa-check-circle"></i> 保存</button>
+            <button class="layui-btn btn-secondary close-popup"><i class="fa fa-times-circle"></i> 关闭</button>
+        </div>
+    </form>
+</div>
+<script th:replace="/common/template :: script"></script>
+</body>
+</html>

dmaster/src/main/resources/templates/system/user/index.html → dmaster/src/main/resources/templates/auth/user/index.html

@@ -1,9 +1,6 @@
 <!DOCTYPE html>
-<html xmlns:th="http://www.thymeleaf.org"
-      xmlns:mo="https://gitee.com/aun/Timo">
-<head th:replace="/common/template :: header(~{::title},~{::link},~{::style})">
-    <link rel="stylesheet" th:href="@{/lib/zTree_v3/css/zTreeStyle/zTreeStyle.css}" type="text/css">
-</head>
+<html xmlns:th="http://www.thymeleaf.org">
+<head th:replace="/common/template :: header(~{::title},~{::link},~{::style})"></head>
 <body class="timo-layout-page">
 <div class="layui-card">
     <div class="layui-card-header timo-card-header">
@@ -27,27 +24,16 @@
                 </div>
             </div>
             <div class="pull-right screen-btn-group">
-                <div class="btn-group-left">
-                    <button class="layui-btn open-popup-param" data-title="修改密码" th:attr="data-url=@{/system/user/pwd}"
-                             data-size="456,242">
-                        <i class="fa fa-refresh"></i> 修改密码
-                    </button>
-                    <button class="layui-btn open-popup-param" data-type="radio" data-title="角色分配"
-                            th:attr="data-url=@{/system/user/role}"
-                            data-size="480,400">
-                        <i class="fa fa-user-secret"></i> 分配角色
-                    </button>
-                </div>
                 <div class="btn-group-right">
-                    <button class="layui-btn open-popup" data-title="添加用户" th:attr="data-url=@{/system/user/add}"
+                    <button class="layui-btn open-popup" data-title="添加用户" th:attr="data-url=@{/auth/user/add}"
                              data-size="auto">
                         <i class="fa fa-plus"></i> 添加
                     </button>
                     <div class="btn-group">
-                        <button class="layui-btn">操作<span class="caret"></span></button>
+                        <button class="layui-btn">启用/禁用<span class="caret"></span></button>
                         <dl class="layui-nav-child layui-anim layui-anim-upbit">
-                            <dd><a class="ajax-status" th:href="@{/system/user/status/ok}">启用</a></dd>
-                            <dd><a class="ajax-status" th:href="@{/system/user/status/freezed}">禁用</a></dd>
+                            <dd><a class="ajax-status" th:href="@{/api/auth/user/status/enable}">启用</a></dd>
+                            <dd><a class="ajax-status" th:href="@{/api/auth/user/status/disable}">禁用</a></dd>
                         </dl>
                     </div>
                 </div>
@@ -61,14 +47,15 @@
                         <label class="timo-checkbox"><input type="checkbox">
                             <i class="layui-icon layui-icon-ok"></i></label>
                     </th>
-                    <th class="sortable" data-field="username">用户名</th>
-                    <th class="sortable" data-field="nickname">用户昵称</th>
-                    <th class="sortable" data-field="sex">性别</th>
-                    <th class="sortable" data-field="mobilePhone">手机号</th>
-                    <th class="sortable" data-field="email">邮箱</th>
-                    <th class="sortable" data-field="createDate">创建时间</th>
+                    <th data-field="username">登录名</th>
+                    <th data-field="nickname">用户名</th>
+                    <th data-field="sex">性别</th>
+                    <th data-field="mobilePhone">手机号</th>
+                    <th data-field="email">邮箱</th>
+                    <th data-field="createDate">创建时间</th>
                     <th>状态</th>
-                    <th>已授予的角色</th>
+                    <th>分配角色</th>
+                    <th>修改密码</th>
                     <th>操作</th>
                 </tr>
                 </thead>
@@ -76,25 +63,30 @@
                 <tr th:each="item:${list}">
                     <td><label class="timo-checkbox"><input type="checkbox" th:value="${item.id}">
                         <i class="layui-icon layui-icon-ok"></i></label></td>
-                    <td th:text="${item.username}">用户名</td>
-                    <td th:text="${item.nickname}">用户昵称</td>
+                    <td th:text="${item.username}">登录名</td>
+                    <td th:text="${item.nickname}">用户名</td>
                     <td th:text="${item.gender}">性别</td>
                     <td th:text="${item.mobilePhone}">手机号</td>
                     <td th:text="${item.email}">邮箱</td>
                     <td th:text="${item.createTime}">创建时间</td>
                     <td th:text="正常">状态</td>
                     <td>
-                        <a class="open-popup" data-title="角色列表"
-                           th:attr="data-url=@{'/system/user/roleList/'+${item.id}}" data-size="640,480"
-                           href="#">查看</a>
+                        <a class="open-popup" data-title="分配角色"
+                           th:attr="data-url=@{'/auth/user/role/'+${item.id}}" data-size="640,480"
+                           href="#">设置</a>
+                    </td>
+                    <td>
+                        <a class="open-popup" data-title="修改密码"
+                           th:attr="data-url=@{'/auth/user/passwd/'+${item.id}}" data-size="640,480"
+                           href="#">修改</a>
                     </td>
                     <td>
-                        <a class="open-popup" data-title="编辑用户" th:attr="data-url=@{'/system/user/edit/'+${item.id}}"
+                        <a class="open-popup" data-title="编辑用户" th:attr="data-url=@{'/auth/user/edit/'+${item.id}}"
                            data-size="640,480" href="#">编辑</a>
-                        <a class="open-popup" data-title="详细信息" th:attr="data-url=@{'/system/user/detail/'+${item.id}}"
+                        <a class="open-popup" data-title="详细信息" th:attr="data-url=@{'/auth/user/detail/'+${item.id}}"
                            data-size="640,480" href="#">详细</a>
-                        <a class="ajax-get" th:attr="data-msg='您是否删除'+${item.nickname}"
-                           th:href="@{/system/user/status/delete(ids=${item.id})}">删除</a>
+                        <a class="ajax-delete" th:attr="data-msg='确定要删除 '+${item.username}+'?'"+
+                           th:href="@{/auth/user/${item.id}}">删除</a>
                     </td>
                 </tr>
                 </tbody>
@@ -104,18 +96,5 @@
     </div>
 </div>
 <script th:replace="/common/template :: script"></script>
-<script type="text/javascript" th:src="@{/js/plugins/jquery-2.2.4.min.js}"></script>
-<script type="text/javascript" th:src="@{/lib/zTree_v3/js/jquery.ztree.core.min.js}"></script>
-<script type="text/javascript" th:src="@{/js/timoTree.js}"></script>
-<script type="text/javascript">
-    var local = window.localStorage;
-    // 树形菜单
-    $.fn.selectTree({
-        rootTree: '全部',
-        onSelected: function (treeNode) {
-            local.setItem('deptTitle', treeNode.name);
-        }
-    });
-</script>
 </body>
 </html>

dmaster/src/main/resources/templates/system/user/pwd.html → dmaster/src/main/resources/templates/auth/user/passwd.html

@@ -4,18 +4,12 @@
 </head>
 <body>
 <div class="layui-form timo-compile">
-    <form th:action="@{/system/user/pwd}">
-        <input th:each="id:${idList}" type="hidden" name="ids" th:value="${id}"/>
+    <form th:action="@{/api/auth/passwd}">
+        <input type="hidden" name="id" th:value="${id}"/>
         <div class="layui-form-item">
             <label class="layui-form-label">新密码</label>
             <div class="layui-input-inline">
-                <input class="layui-input" type="password" name="password" placeholder="请输入新密码">
-            </div>
-        </div>
-        <div class="layui-form-item">
-            <label class="layui-form-label">确认密码</label>
-            <div class="layui-input-inline">
-                <input class="layui-input" type="password" name="confirm" placeholder="再一次输入密码">
+                <input class="layui-input" type="password" name="newPassword" placeholder="请输入新密码">
             </div>
         </div>
         <div class="layui-form-item timo-finally">

dmaster/src/main/resources/templates/system/user/role.html → dmaster/src/main/resources/templates/auth/user/role.html

@@ -20,7 +20,7 @@
 </head>
 <body>
 <div class="layui-form timo-compile">
-    <form th:action="@{/system/user/role}">
+    <form th:action="@{/api/auth/user/role}">
         <input type="hidden" name="id" th:value="${id}"/>
         <div class="layui-form-item">
             <div class="layui-input-block">