解绑

zhanzhiqin

2022-04-25 1b3d45fb96222673bc060e1b1f8050b2ad93f770

 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java

@@ -1,6 +1,7 @@
package com.sandu.ximon.admin.controller;

import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.github.pagehelper.PageHelper;
@@ -32,6 +33,7 @@
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.util.*;
import java.util.stream.Collectors;
@@ -79,17 +81,30 @@
    @Log("修改普通用户的密码")
    @PostMapping("/updateClientPassword")
    public ResponseVO<Object> updateClientPassword(@Validated @RequestBody UserPwsParm param) {
        if (!SecurityUtils.getUserDetails().getAdministratorType().equals(AdministratorEnums.ADMIN.getCode())) {
            throw new BusinessException("非超级管理员无法修改密码！");
        }
        boolean result;

        boolean result = clientService.updateAdminPassword(param);
        //超管直接修改
        if (SecurityUtils.getUserDetails().getAdministratorType().equals(AdministratorEnums.ADMIN.getCode())) {
            result = clientService.updateAdminPassword(param);
        } else {
            //当前登录账号ID
            Long userId = SecurityUtils.getUserId();
            //要修要密码的用户的上级ID
            Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getId, param.getUserid()));
            //为其下属才能修改
            if (client != null && userId.equals(client.getSuperiorId())) {
                result = clientService.updateAdminPassword(param);
            } else {
                throw new BusinessException("非超级管理员或该用户不是您下属用户，无法修改密码！");
            }
        }

        if (result) {
            return ResponseUtil.success("修改成功");
        } else {
            return ResponseUtil.fail("修改失败");
        }

    }

    @PostMapping("/delete/{id}")
@@ -140,11 +155,15 @@

    @AnonymousAccess
    @PostMapping(value = "/login")
    public ResponseVO<Object> longin(@RequestBody @Validated AdminLoginParam loginParam) {
    public ResponseVO<Object> longin(HttpServletRequest request, @RequestBody @Validated AdminLoginParam loginParam) {
        Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getClientName, loginParam.getUsername()).last("limit 1"));
        if (client == null) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
        }
        String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey());
        if (!StrUtil.equalsIgnoreCase(session_vcode, loginParam.getVlue())) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage());
        }
        if (!passwordEncoder.matches(loginParam.getPassword(), client.getPassword())) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
        }