bugfix: 禁用与启用用户接口 token有效性判定.

朱兆平
src/main/java/com/tianbo/warehouse/controller/UserController.java
--- a/src/main/java/com/tianbo/warehouse/controller/UserController.java
查看文件 @fef37da
+++ b/src/main/java/com/tianbo/warehouse/controller/UserController.java
查看文件 @fef37da
@@ -19,6 +19,7 @@ import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -72,7 +73,7 @@ public class UserController {
     }
     @ApiOperation(value = "更新用户信息", notes = "更新用户信息除了用户密码")
     @LogAnnotation(moduleName = "用户管理",operate = "用户编辑")
-    @PutMapping("/edit")
+    @PostMapping("/edit")
     public ResultJson updateUserById(@Validated(UpdateUser.class) @RequestBody USERS user){
         int i = userService.updateByPrimaryKeySelective(user);
         user.setPassword(null);
@@ -83,7 +84,7 @@ public class UserController {
     @LogAnnotation(moduleName = "用户管理",operate = "用户密码修改")
     @UserPasswordSM3
-    @PutMapping("/password")
+    @PostMapping("/password")
     public ResultJson updateUserPassById(@RequestBody USERS user){
         int i = userService.updateByPrimaryKeySelective(user);
         return i==1 ? new ResultJson("200","success") :new ResultJson("500","update faild");
@@ -105,7 +106,7 @@ public class UserController {
     }
     @LogAnnotation(moduleName = "用户管理",operate = "用户删除")
-    @DeleteMapping("/del")
+    @PostMapping("/del")
     public ResultJson delUser(@RequestBody USERS user,HttpServletRequest request,HttpServletResponse response){
         //String username = getusername();
         int i = userService.deleteByPrimaryKey(user.getUserId());
@@ -113,7 +114,7 @@ public class UserController {
         return i==1 ? new ResultJson("200","删除账户成功") :new ResultJson("500","delete faild");
     }
-    @PutMapping("/roleset")
+    @PostMapping("/roleset")
     public ResultJson roleSet(@RequestBody Map<String,Object> map,HttpServletRequest request,HttpServletResponse respons){
         Integer id = (Integer) map.get("userId");
         List<Integer> roles = (List<Integer>) map.get("roleIds");
@@ -128,7 +129,7 @@ public class UserController {
      * 刷新redis权限缓存
      */
     @ApiOperation(value = "更新用户权限缓存", notes = "重新生成用户的信息到redis")
-    @PutMapping("/resetToken")
+    @PostMapping("/resetToken")
     public ResultJson resetToken(HttpServletRequest request,HttpServletResponse respons) {
         /**
          * 更新目标用户的权限缓存
@@ -160,19 +161,22 @@ public class UserController {
         return new ResultJson("500","缓存更新失败");
     }
+    @ApiOperation(value = "禁用用户", notes = "禁用用户并踢掉已登录的用户,以及启用用户")
     @LogAnnotation(moduleName = "用户锁定",operate = "用户锁定")
-    @PutMapping("/lock")
+    @PostMapping("/lock")
     public ResultJson lockUserById(@Validated(UpdateUser.class) @RequestBody USERS user){
         USERS lockuser = new USERS();
         lockuser.setUserId(user.getUserId());
-        lockuser.setState(false);
+        lockuser.setState(user.getState());
         int i = userService.updateByPrimaryKeySelective(lockuser);
         //删除用户token缓存 及时生效锁定账号
         if (i>0){
             String userTokenStr = redisUtils.get(Token.USER_TOKEN_KEY + user.getUsername());
-            redisUtils.del(userTokenStr);
-            redisUtils.del(Token.USER_TOKEN_KEY + user.getUsername());
+            if (StringUtils.isNotEmpty(userTokenStr)){
+                redisUtils.del(userTokenStr);
+                redisUtils.del(Token.USER_TOKEN_KEY + user.getUsername());
+            }
         }
         return i==1 ? new ResultJson("200","success") :new ResultJson("500","lock user faild");