diff --git a/src/main/java/com/light/delivery/controller/EmployeeController.java b/src/main/java/com/light/delivery/controller/EmployeeController.java new file mode 100644 index 0000000..a01348d --- /dev/null +++ b/src/main/java/com/light/delivery/controller/EmployeeController.java @@ -0,0 +1,138 @@ +package com.light.delivery.controller; + +import com.light.delivery.model.Employee; +import com.light.delivery.model.User; +import com.light.delivery.model.UserRole; +import com.light.delivery.service.EmployeeService; +import com.light.delivery.service.UserService; +import com.light.delivery.service.impl.UserServiceImpl; +import com.light.delivery.util.JwtUtil; +import jakarta.servlet.http.HttpServletRequest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +import java.util.List; + +/** + * 员工管理控制器,提供员工信息的增删改查功能。 + * 仅限管理员角色访问。 + */ +@RestController +@RequestMapping("/employees") +public class EmployeeController { + + @Autowired + private EmployeeService employeeService; + + @Autowired + private UserService userService; + + @Autowired + private JwtUtil jwtUtil; + + @Autowired + private UserServiceImpl userServiceImpl; + + /** + * 获取所有员工列表 + * @return 员工信息列表 + */ + @GetMapping + public ResponseEntity getAllEmployees(HttpServletRequest request) { + try { + User user = getUserFromToken(request); + UserRole userRole = userServiceImpl.getUserRole(user); + if (!UserRole.ADMIN.equals(userRole)) { + return ResponseEntity.status(403).body("权限不足,仅管理员可访问"); + } + + List employees = employeeService.getAllEmployees(); + return ResponseEntity.ok(employees); + } catch (Exception e) { + return ResponseEntity.status(401).body("认证失败: " + e.getMessage()); + } + } + + /** + * 添加新员工 + * @param employee 员工信息 + * @return 添加结果 + */ + @PostMapping + public ResponseEntity addEmployee(@RequestBody Employee employee, HttpServletRequest request) { + try { + User user = getUserFromToken(request); + UserRole userRole = userServiceImpl.getUserRole(user); + if (!UserRole.ADMIN.equals(userRole)) { + return ResponseEntity.status(403).body("权限不足,仅管理员可访问"); + } + + Employee savedEmployee = employeeService.saveEmployee(employee); + return ResponseEntity.ok(savedEmployee); + } catch (Exception e) { + return ResponseEntity.status(401).body("认证失败: " + e.getMessage()); + } + } + + /** + * 更新员工信息 + * @param id 员工ID + * @param employee 员工信息 + * @return 更新结果 + */ + @PutMapping("/{id}") + public ResponseEntity updateEmployee(@PathVariable Long id, @RequestBody Employee employee, HttpServletRequest request) { + try { + User user = getUserFromToken(request); + UserRole userRole = userServiceImpl.getUserRole(user); + if (!UserRole.ADMIN.equals(userRole)) { + return ResponseEntity.status(403).body("权限不足,仅管理员可访问"); + } + + Employee updatedEmployee = employeeService.updateEmployee(id, employee); + if (updatedEmployee == null) { + return ResponseEntity.status(404).body("员工不存在"); + } + return ResponseEntity.ok(updatedEmployee); + } catch (Exception e) { + return ResponseEntity.status(401).body("认证失败: " + e.getMessage()); + } + } + + /** + * 删除员工 + * @param id 员工ID + * @return 删除结果 + */ + @DeleteMapping("/{id}") + public ResponseEntity deleteEmployee(@PathVariable Long id, HttpServletRequest request) { + try { + User user = getUserFromToken(request); + UserRole userRole = userServiceImpl.getUserRole(user); + if (!UserRole.ADMIN.equals(userRole)) { + return ResponseEntity.status(403).body("权限不足,仅管理员可访问"); + } + + employeeService.deleteEmployee(id); + return ResponseEntity.ok("员工删除成功"); + } catch (Exception e) { + return ResponseEntity.status(401).body("认证失败: " + e.getMessage()); + } + } + + /** + * 从请求中提取用户信息 + * @param request HTTP请求 + * @return 用户对象 + */ + private User getUserFromToken(HttpServletRequest request) { + String bearerToken = request.getHeader("Authorization"); + if (bearerToken != null && bearerToken.startsWith("Bearer ")) { + String token = bearerToken.substring(7); + String openid = jwtUtil.extractUsername(token); + return userService.getUserInfo(token); + } + throw new IllegalArgumentException("Authorization token is missing"); + } +} \ No newline at end of file diff --git a/src/main/java/com/light/delivery/dto/EmployeeDto.java b/src/main/java/com/light/delivery/dto/EmployeeDto.java new file mode 100644 index 0000000..b29db92 --- /dev/null +++ b/src/main/java/com/light/delivery/dto/EmployeeDto.java @@ -0,0 +1,15 @@ +package com.light.delivery.dto; + +import lombok.Data; + +/** + * 员工信息DTO,用于员工信息的传输 + */ +@Data +public class EmployeeDto { + private Long id; + private String name; + private String phone; + private String role; + private String openid; +} \ No newline at end of file diff --git a/src/main/java/com/light/delivery/exception/GlobalExceptionHandler.java b/src/main/java/com/light/delivery/exception/GlobalExceptionHandler.java new file mode 100644 index 0000000..a5273f5 --- /dev/null +++ b/src/main/java/com/light/delivery/exception/GlobalExceptionHandler.java @@ -0,0 +1,49 @@ +package com.light.delivery.exception; + +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.ExceptionHandler; + +import java.util.HashMap; +import java.util.Map; + +/** + * 全局异常处理器,用于统一处理系统中的异常 + */ +@ControllerAdvice +public class GlobalExceptionHandler { + + /** + * 处理权限不足异常 + */ + @ExceptionHandler(SecurityException.class) + public ResponseEntity> handleSecurityException(SecurityException e) { + Map errorResponse = new HashMap<>(); + errorResponse.put("error", "权限不足"); + errorResponse.put("message", e.getMessage()); + return ResponseEntity.status(HttpStatus.FORBIDDEN).body(errorResponse); + } + + /** + * 处理非法参数异常 + */ + @ExceptionHandler(IllegalArgumentException.class) + public ResponseEntity> handleIllegalArgumentException(IllegalArgumentException e) { + Map errorResponse = new HashMap<>(); + errorResponse.put("error", "参数错误"); + errorResponse.put("message", e.getMessage()); + return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(errorResponse); + } + + /** + * 处理通用异常 + */ + @ExceptionHandler(Exception.class) + public ResponseEntity> handleGenericException(Exception e) { + Map errorResponse = new HashMap<>(); + errorResponse.put("error", "系统错误"); + errorResponse.put("message", e.getMessage()); + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(errorResponse); + } +} \ No newline at end of file diff --git a/src/main/java/com/light/delivery/service/EmployeeService.java b/src/main/java/com/light/delivery/service/EmployeeService.java new file mode 100644 index 0000000..ec02451 --- /dev/null +++ b/src/main/java/com/light/delivery/service/EmployeeService.java @@ -0,0 +1,52 @@ +package com.light.delivery.service; + +import com.light.delivery.dto.EmployeeDto; +import com.light.delivery.model.Employee; + +import java.util.List; + +/** + * 员工服务接口,定义员工相关的业务操作。 + */ +public interface EmployeeService { + /** + * 获取所有员工信息 + * @return 员工列表 + */ + List getAllEmployees(); + + /** + * 保存员工信息 + * @param employee 员工信息 + * @return 保存后的员工信息 + */ + Employee saveEmployee(Employee employee); + + /** + * 更新员工信息 + * @param id 员工ID + * @param employee 员工信息 + * @return 更新后的员工信息 + */ + Employee updateEmployee(Long id, Employee employee); + + /** + * 删除员工 + * @param id 员工ID + */ + void deleteEmployee(Long id); + + /** + * 将Employee实体转换为EmployeeDto + * @param employee 员工实体 + * @return 员工DTO + */ + EmployeeDto toDto(Employee employee); + + /** + * 将EmployeeDto转换为Employee实体 + * @param dto 员工DTO + * @return 员工实体 + */ + Employee toEntity(EmployeeDto dto); +} \ No newline at end of file diff --git a/src/main/java/com/light/delivery/service/impl/EmployeeServiceImpl.java b/src/main/java/com/light/delivery/service/impl/EmployeeServiceImpl.java new file mode 100644 index 0000000..81cfc3d --- /dev/null +++ b/src/main/java/com/light/delivery/service/impl/EmployeeServiceImpl.java @@ -0,0 +1,80 @@ +package com.light.delivery.service.impl; + +import com.light.delivery.dto.EmployeeDto; +import com.light.delivery.model.Employee; +import com.light.delivery.repository.EmployeeRepository; +import com.light.delivery.service.EmployeeService; +import org.springframework.beans.BeanUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; + +/** + * 员工服务实现类,处理员工相关的业务逻辑。 + */ +@Service +public class EmployeeServiceImpl implements EmployeeService { + + @Autowired + private EmployeeRepository employeeRepository; + + @Override + public List getAllEmployees() { + return employeeRepository.findAll(); + } + + @Override + public Employee saveEmployee(Employee employee) { + return employeeRepository.save(employee); + } + + @Override + public Employee updateEmployee(Long id, Employee employee) { + Optional existingEmployee = employeeRepository.findById(id); + if (existingEmployee.isPresent()) { + Employee emp = existingEmployee.get(); + emp.setName(employee.getName()); + emp.setPhone(employee.getPhone()); + emp.setRole(employee.getRole()); + // 注意:不更新openid字段,该字段由用户注册时自动填充 + return employeeRepository.save(emp); + } + return null; + } + + @Override + public void deleteEmployee(Long id) { + employeeRepository.deleteById(id); + } + + /** + * 将Employee实体转换为EmployeeDto + * @param employee 员工实体 + * @return 员工DTO + */ + public EmployeeDto toDto(Employee employee) { + if (employee == null) { + return null; + } + EmployeeDto dto = new EmployeeDto(); + BeanUtils.copyProperties(employee, dto); + return dto; + } + + /** + * 将EmployeeDto转换为Employee实体 + * @param dto 员工DTO + * @return 员工实体 + */ + public Employee toEntity(EmployeeDto dto) { + if (dto == null) { + return null; + } + Employee employee = new Employee(); + BeanUtils.copyProperties(dto, employee); + return employee; + } +} \ No newline at end of file diff --git a/src/main/resources/static/employee-management.html b/src/main/resources/static/employee-management.html new file mode 100644 index 0000000..3867133 --- /dev/null +++ b/src/main/resources/static/employee-management.html @@ -0,0 +1,293 @@ + + + + + + 员工管理 + + + + +
+
+

员工管理

+ +
+ + + + + + + + + + + + + + + + +
ID姓名电话角色OpenID操作
+
+ + + + + + + + + + + \ No newline at end of file diff --git a/src/main/resources/static/js/employee-api.js b/src/main/resources/static/js/employee-api.js new file mode 100644 index 0000000..e9e4498 --- /dev/null +++ b/src/main/resources/static/js/employee-api.js @@ -0,0 +1,125 @@ +/** + * 员工管理API服务 + */ +class EmployeeApiService { + constructor(baseURL) { + this.baseURL = baseURL; + } + + /** + * 获取所有员工列表 + * @returns 员工信息数组 + */ + async getEmployees() { + try { + const response = await fetch(`${this.baseURL}/employees`, { + method: 'GET', + headers: { + 'Content-Type': 'application/json', + 'Authorization': `Bearer ${this.getToken()}` + } + }); + + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + return await response.json(); + } catch (error) { + console.error('获取员工列表失败:', error); + throw error; + } + } + + /** + * 添加新员工 + * @param employeeInfo 员工信息 + * @returns 添加结果 + */ + async addEmployee(employeeInfo) { + try { + const response = await fetch(`${this.baseURL}/employees`, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + 'Authorization': `Bearer ${this.getToken()}` + }, + body: JSON.stringify(employeeInfo) + }); + + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + return await response.json(); + } catch (error) { + console.error('添加员工失败:', error); + throw error; + } + } + + /** + * 删除员工 + * @param employeeId 员工ID + * @returns 删除结果 + */ + async deleteEmployee(employeeId) { + try { + const response = await fetch(`${this.baseURL}/employees/${employeeId}`, { + method: 'DELETE', + headers: { + 'Content-Type': 'application/json', + 'Authorization': `Bearer ${this.getToken()}` + } + }); + + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + return await response.text(); + } catch (error) { + console.error('删除员工失败:', error); + throw error; + } + } + + /** + * 更新员工信息 + * @param employeeId 员工ID + * @param employeeInfo 员工信息 + * @returns 更新结果 + */ + async updateEmployee(employeeId, employeeInfo) { + try { + const response = await fetch(`${this.baseURL}/employees/${employeeId}`, { + method: 'PUT', + headers: { + 'Content-Type': 'application/json', + 'Authorization': `Bearer ${this.getToken()}` + }, + body: JSON.stringify(employeeInfo) + }); + + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + return await response.json(); + } catch (error) { + console.error('更新员工信息失败:', error); + throw error; + } + } + + /** + * 从localStorage获取token + * @returns JWT token + */ + getToken() { + return localStorage.getItem('token'); + } +} + +// 导出员工API服务实例 +const employeeApiService = new EmployeeApiService('/api'); \ No newline at end of file