From 3a8ecfd6062adb7f75777656fa7cb1a5a411535f Mon Sep 17 00:00:00 2001
From: zhanzhiqin <895896009@qq.com>
Date: 星期二, 10 五月 2022 17:25:31 +0800
Subject: [PATCH] 一键求助

---
 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java |   31 ++++++++++++++++++++++++++++---
 1 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
index 2bd4b2e..0b69b22 100644
--- a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
+++ b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
@@ -3,6 +3,7 @@
 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.map.MapBuilder;
 import cn.hutool.core.map.MapUtil;
+import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.sandu.common.domain.ResponseVO;
 import com.sandu.common.enums.AdminStatusStatus;
@@ -12,7 +13,6 @@
 import com.sandu.common.log.Log;
 import com.sandu.common.object.BaseConditionVO;
 import com.sandu.common.redis.RedisService;
-import com.sandu.common.redis.UserModel;
 import com.sandu.common.security.LoginUserInfo;
 import com.sandu.common.security.annotation.AnonymousAccess;
 import com.sandu.common.security.config.SecurityProperties;
@@ -36,8 +36,12 @@
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import javax.servlet.http.HttpServletRequest;
 import java.time.LocalDateTime;
-import java.util.*;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 import java.util.stream.Collectors;
 
 /**
@@ -65,11 +69,19 @@
     @Log("鍚庡彴鐢ㄦ埛鐧诲綍")
     @AnonymousAccess
     @PostMapping(value = "/login")
-    public ResponseVO<Object> login(@RequestBody AdminLoginParam loginParam) {
+    public ResponseVO<Object> login(HttpServletRequest request, @RequestBody AdminLoginParam loginParam) {
         Admin admin = adminService.getOne(Wrappers.lambdaQuery(Admin.class).eq(Admin::getUsername, loginParam.getUsername()).last("limit 1"));
         if (admin == null) {
             return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
         }
+//        String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey());
+        String s = RedisUtils.getBean().get(loginParam.getKey());
+        System.out.println(s + "===========================");
+        if (!loginParam.getVlue().equals(s)) {
+            log.error(loginParam.getVlue() + "楠岃瘉鐮�");
+            return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage());
+        }
+        RedisUtils.getBean().delete(loginParam.getKey());
         if (!passwordEncoder.matches(loginParam.getPassword(), admin.getPassword())) {
             return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
         }
@@ -214,6 +226,9 @@
     @Log("鍚庡彴鐢ㄦ埛娉ㄥ唽")
     @PostMapping("/register")
     public ResponseVO<Object> register(@Validated @RequestBody AdminParam param) {
+        if (!permissionConfig.check(MenuEnum.ADMIN_ADD.getCode())) {
+            return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+        }
         boolean result = adminService.register(param);
         if (result) {
             return ResponseUtil.success("娉ㄥ唽鐢ㄦ埛鎴愬姛");
@@ -230,6 +245,9 @@
     @Log("鍚庡彴鐢ㄦ埛淇敼淇℃伅")
     @PostMapping("/update/{adminId}")
     public ResponseVO<Object> updateAdmin(@RequestBody AdminParam param, @PathVariable Long adminId) {
+        if (!permissionConfig.check(MenuEnum.ADMIN_INFO_UPDATE.getCode())) {
+            return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+        }
         boolean result = adminService.updateAdmin(adminId, param);
         if (result) {
             return ResponseUtil.success("淇敼鎴愬姛");
@@ -264,6 +282,10 @@
     @Log("淇敼绠＄悊鍛樼殑瀵嗙爜")
     @PostMapping("/updateAdminPassword")
     public ResponseVO<Object> updateAdminPassword(@Validated @RequestBody UserPwsParm param) {
+        if (!SecurityUtils.getUserDetails().getAdministratorType().equals(AdministratorEnums.ADMIN.getCode())) {
+            throw new BusinessException("闈炶秴绾х鐞嗗憳鏃犳硶淇敼瀵嗙爜锛�");
+        }
+
         boolean result = adminService.updateAdminPassword(param);
 
         if (result) {
@@ -286,6 +308,9 @@
     @Log("鍚庡彴鐢ㄦ埛鍒犻櫎")
     @PostMapping("/del/{adminId}")
     public ResponseVO<Object> deleteAdmin(@PathVariable Long adminId) {
+        if (!permissionConfig.check(MenuEnum.ADMIN_DELETE.getCode())) {
+            return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+        }
         boolean result = adminService.deleteAdmin(adminId);
         if (result) {
             return ResponseUtil.success("淇敼鎴愬姛");

--
Gitblit v1.9.3