Merge remote-tracking branch 'fork/master'
# Conflicts: # ballcat-admin/ballcat-admin-core/src/main/java/com/hccake/ballcat/admin/modules/sys/service/impl/SysUserServiceImpl.java
This commit is contained in:
b2baccline
@@ -20,10 +20,12 @@ import com.hccake.ballcat.common.core.domain.SelectData;
|
||||
import com.hccake.ballcat.common.core.result.BaseResultCode;
|
||||
import com.hccake.ballcat.common.core.result.R;
|
||||
import com.hccake.ballcat.common.core.result.SystemResultCode;
|
||||
import com.hccake.ballcat.common.core.util.PasswordUtil;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
@@ -54,6 +56,12 @@ public class SysUserController {
|
||||
|
||||
private final SysUserRoleService sysUserRoleService;
|
||||
|
||||
/**
|
||||
* TODO 封装为实体对象,方便归档系统参数
|
||||
*/
|
||||
@Value("${password.secret-key}")
|
||||
private String passwordSecretKey;
|
||||
|
||||
/**
|
||||
* 分页查询用户
|
||||
* @param pageParam 参数集
|
||||
@@ -78,20 +86,22 @@ public class SysUserController {
|
||||
|
||||
/**
|
||||
* 新增用户
|
||||
* @param sysUserDto userInfo
|
||||
* @param sysUserDTO userInfo
|
||||
* @return success/false
|
||||
*/
|
||||
@PostMapping
|
||||
@ApiOperation(value = "新增系统用户", notes = "新增系统用户")
|
||||
@CreateOperationLogging(msg = "新增系统用户")
|
||||
@PreAuthorize("@per.hasPermission('sys:sysuser:add')")
|
||||
public R<?> addSysUser(@Valid @RequestBody SysUserDTO sysUserDto) {
|
||||
|
||||
SysUser user = sysUserService.getByUsername(sysUserDto.getUsername());
|
||||
public R<?> addSysUser(@Valid @RequestBody SysUserDTO sysUserDTO) {
|
||||
SysUser user = sysUserService.getByUsername(sysUserDTO.getUsername());
|
||||
if (user != null) {
|
||||
return R.failed(BaseResultCode.LOGIC_CHECK_ERROR, "用户名已存在");
|
||||
}
|
||||
return sysUserService.addSysUser(sysUserDto) ? R.ok()
|
||||
// 明文密码
|
||||
String password = PasswordUtil.decodeAES(sysUserDTO.getPass(), passwordSecretKey);
|
||||
sysUserDTO.setPassword(password);
|
||||
return sysUserService.addSysUser(sysUserDTO) ? R.ok()
|
||||
: R.failed(BaseResultCode.UPDATE_DATABASE_ERROR, "新增系统用户失败");
|
||||
}
|
||||
|
||||
@@ -164,10 +174,14 @@ public class SysUserController {
|
||||
@UpdateOperationLogging(msg = "修改系统用户密码")
|
||||
@PreAuthorize("@per.hasPermission('sys:sysuser:pass')")
|
||||
public R<?> updateUserPass(@PathVariable Integer userId, @RequestBody SysUserPassDTO sysUserPassDTO) {
|
||||
if (!sysUserPassDTO.getPass().equals(sysUserPassDTO.getConfirmPass())) {
|
||||
String pass = sysUserPassDTO.getPass();
|
||||
if (!pass.equals(sysUserPassDTO.getConfirmPass())) {
|
||||
return R.failed(SystemResultCode.BAD_REQUEST, "错误的密码!");
|
||||
}
|
||||
return sysUserService.updateUserPass(userId, sysUserPassDTO.getPass()) ? R.ok()
|
||||
|
||||
// 明文密码
|
||||
String password = PasswordUtil.decodeAES(pass, passwordSecretKey);
|
||||
return sysUserService.updatePassword(userId, password) ? R.ok()
|
||||
: R.failed(BaseResultCode.UPDATE_DATABASE_ERROR, "修改用户密码失败!");
|
||||
}
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ public interface SysUserMapper extends ExtendMapper<SysUser> {
|
||||
* @param password 密码
|
||||
* @return 更新条数
|
||||
*/
|
||||
default boolean updateUserPassword(Integer userId, String password) {
|
||||
default boolean updatePassword(Integer userId, String password) {
|
||||
int i = this.update(null,
|
||||
Wrappers.<SysUser>lambdaUpdate().eq(SysUser::getUserId, userId).set(SysUser::getPassword, password));
|
||||
return SqlHelper.retBool(i);
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.hccake.ballcat.admin.modules.sys.model.dto.SysUserDTO;
|
||||
import com.hccake.ballcat.admin.modules.sys.model.entity.SysUser;
|
||||
import com.hccake.ballcat.admin.modules.sys.model.vo.SysUserVO;
|
||||
import org.mapstruct.Mapper;
|
||||
import org.mapstruct.Mapping;
|
||||
import org.mapstruct.factory.Mappers;
|
||||
|
||||
/**
|
||||
@@ -21,6 +22,7 @@ public interface SysUserConverter {
|
||||
* @param sysUserDTO 系统用户DTO
|
||||
* @return SysUser 系统用户
|
||||
*/
|
||||
@Mapping(target = "password", ignore = true)
|
||||
SysUser dtoToPo(SysUserDTO sysUserDTO);
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.hccake.ballcat.admin.modules.sys.model.dto;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import com.hccake.ballcat.common.core.desensite.annotation.JsonRegexDesensitize;
|
||||
import com.hccake.ballcat.common.core.desensite.enums.RegexDesensitizationTypeEnum;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
@@ -27,6 +28,12 @@ public class SysUserDTO {
|
||||
@ApiModelProperty(value = "前端传入密码")
|
||||
private String pass;
|
||||
|
||||
/**
|
||||
* 用户明文密码, 不参与前后端交互
|
||||
*/
|
||||
@JsonIgnore
|
||||
private String password;
|
||||
|
||||
/**
|
||||
* 登录账号
|
||||
*/
|
||||
|
||||
@@ -77,10 +77,10 @@ public interface SysUserService extends ExtendService<SysUser> {
|
||||
/**
|
||||
* 修改用户密码
|
||||
* @param userId 用户ID
|
||||
* @param pass 未加密的密码
|
||||
* @param password 明文密码
|
||||
* @return boolean
|
||||
*/
|
||||
boolean updateUserPass(Integer userId, String pass);
|
||||
boolean updatePassword(Integer userId, String password);
|
||||
|
||||
/**
|
||||
* 批量修改用户状态
|
||||
|
||||
@@ -25,7 +25,6 @@ import com.hccake.ballcat.common.core.domain.SelectData;
|
||||
import com.hccake.ballcat.common.core.util.PasswordUtil;
|
||||
import com.hccake.extend.mybatis.plus.service.impl.ExtendServiceImpl;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
@@ -60,9 +59,6 @@ public class SysUserServiceImpl extends ExtendServiceImpl<SysUserMapper, SysUser
|
||||
|
||||
private final ApplicationEventPublisher publisher;
|
||||
|
||||
@Value("${ballcat.password.secret-key}")
|
||||
private String secretKey;
|
||||
|
||||
/**
|
||||
* 根据QueryObject查询分页数据
|
||||
* @param pageParam 分页参数
|
||||
@@ -135,9 +131,10 @@ public class SysUserServiceImpl extends ExtendServiceImpl<SysUserMapper, SysUser
|
||||
SysUser sysUser = SysUserConverter.INSTANCE.dtoToPo(sysUserDto);
|
||||
sysUser.setStatus(SysUserConst.Status.NORMAL.getValue());
|
||||
sysUser.setType(SysUserConst.Type.SYSTEM.getValue());
|
||||
|
||||
String password = PasswordUtil.decodeAesAndEncodeBCrypt(sysUserDto.getPass(), secretKey);
|
||||
sysUser.setPassword(password);
|
||||
// 对密码进行 BCrypt 加密
|
||||
String password = sysUserDto.getPassword();
|
||||
String bCryptPassword = PasswordUtil.encodeBCrypt(password);
|
||||
sysUser.setPassword(bCryptPassword);
|
||||
boolean result = SqlHelper.retBool(baseMapper.insert(sysUser));
|
||||
if (result) {
|
||||
publisher.publishEvent(new UserChangeEvent(sysUser));
|
||||
@@ -187,14 +184,15 @@ public class SysUserServiceImpl extends ExtendServiceImpl<SysUserMapper, SysUser
|
||||
/**
|
||||
* 修改用户密码
|
||||
* @param userId 用户ID
|
||||
* @param pass 明文密码
|
||||
* @param password 明文密码
|
||||
* @return 更新成功:true
|
||||
*/
|
||||
@Override
|
||||
public boolean updateUserPass(Integer userId, String pass) {
|
||||
public boolean updatePassword(Integer userId, String password) {
|
||||
Assert.isTrue(adminUserChecker.hasModifyPermission(getById(userId)), "当前用户不允许修改!");
|
||||
String password = PasswordUtil.decodeAesAndEncodeBCrypt(pass, secretKey);
|
||||
return baseMapper.updateUserPassword(userId, password);
|
||||
// BCrypt 加密
|
||||
String bCryptPassword = PasswordUtil.encodeBCrypt(password);
|
||||
return baseMapper.updatePassword(userId, bCryptPassword);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user