package com.yundage.chat.controller; import com.yundage.chat.common.ApiResponse; import com.yundage.chat.dto.UserDTO; import com.yundage.chat.dto.UserProfileUpdateRequest; import com.yundage.chat.entity.User; import com.yundage.chat.mapper.UserMapper; import com.yundage.chat.service.UserService; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.responses.ApiResponses; import io.swagger.v3.oas.annotations.security.SecurityRequirement; import io.swagger.v3.oas.annotations.tags.Tag; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import java.time.LocalDateTime; import java.util.List; @RestController @RequestMapping("/api/users") @Tag(name = "用户管理", description = "用户CRUD操作接口") @SecurityRequirement(name = "Bearer Authentication") public class UserController { @Autowired private UserMapper userMapper; @Autowired private UserService userService; @GetMapping @PreAuthorize("hasRole('ADMIN')") @Operation(summary = "获取所有用户", description = "获取系统中所有用户列表") @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "200", description = "成功获取用户列表") public ApiResponse> getAllUsers() { return ApiResponse.success(userMapper.selectAll()); } @GetMapping("/me") @Operation(summary = "获取当前用户信息", description = "根据当前用户的token获取用户信息") @ApiResponses(value = { @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "200", description = "成功获取用户信息"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "401", description = "未授权") }) public ApiResponse getCurrentUser() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); String username = authentication.getName(); User user = userMapper.selectByEmailOrPhone(username); return ApiResponse.success(UserDTO.fromUser(user)); } @GetMapping("/{id}") @PreAuthorize("hasRole('ADMIN')") @Operation(summary = "根据ID获取用户", description = "根据用户ID获取用户信息") @ApiResponses(value = { @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "200", description = "成功获取用户信息"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "404", description = "用户不存在") }) public ApiResponse getUserById(@Parameter(description = "用户ID") @PathVariable Long id) { User user = userMapper.selectOneById(id); if (user != null) { return ApiResponse.success(user); } else { return ApiResponse.notFound("用户不存在"); } } @PostMapping @PreAuthorize("hasRole('ADMIN')") @Operation(summary = "创建用户", description = "创建新的用户") @ApiResponses(value = { @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "200", description = "用户创建成功"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "400", description = "请求参数错误") }) public ApiResponse createUser(@RequestBody User user) { user.setCreatedAt(LocalDateTime.now()); user.setUpdatedAt(LocalDateTime.now()); userMapper.insert(user); return ApiResponse.success(user); } @PutMapping("/{id}") @PreAuthorize("hasRole('ADMIN')") @Operation(summary = "更新用户", description = "管理员更新指定用户的信息") @ApiResponses(value = { @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "200", description = "用户更新成功"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "404", description = "用户不存在"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "400", description = "请求参数错误") }) public ApiResponse updateUser(@Parameter(description = "用户ID") @PathVariable Long id, @RequestBody User user) { User existingUser = userMapper.selectOneById(id); if (existingUser == null) { return ApiResponse.notFound("用户不存在"); } user.setId(id); user.setUpdatedAt(LocalDateTime.now()); userMapper.update(user); return ApiResponse.success(user); } @PutMapping("/profile") @Operation(summary = "更新个人资料", description = "普通用户更新自己的个人资料") @ApiResponses(value = { @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "200", description = "个人资料更新成功"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "400", description = "请求参数错误"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "401", description = "未授权"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "409", description = "邮箱或手机号已被占用") }) public ApiResponse updateProfile(@RequestBody UserProfileUpdateRequest request) { try { // 获取当前用户 Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); User currentUser = (User) authentication.getPrincipal(); // 调用服务更新用户资料 UserDTO updatedUser = userService.updateCurrentUserProfile(request, currentUser.getId()); return ApiResponse.success(updatedUser); } catch (RuntimeException e) { // 处理可能的错误情况 if (e.getMessage().contains("已被其他用户使用")) { return ApiResponse.conflict(e.getMessage()); } else { return ApiResponse.badRequest(e.getMessage()); } } } @DeleteMapping("/{id}") @PreAuthorize("hasRole('ADMIN')") @Operation(summary = "删除用户", description = "根据ID删除用户") @ApiResponses(value = { @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "200", description = "用户删除成功"), @io.swagger.v3.oas.annotations.responses.ApiResponse(responseCode = "404", description = "用户不存在") }) public ApiResponse deleteUser(@Parameter(description = "用户ID") @PathVariable Long id) { User existingUser = userMapper.selectOneById(id); if (existingUser == null) { return ApiResponse.notFound("用户不存在"); } userMapper.deleteById(id); return ApiResponse.success(); } }