From b9276c27abdac33f7e3fefccb4600a98db465c6e Mon Sep 17 00:00:00 2001
From: zhanzhiqin <895896009@qq.com>
Date: 星期三, 11 五月 2022 16:49:10 +0800
Subject: [PATCH] fix
---
ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java | 77 +++++++++++++++++++++++++++++++++-----
1 files changed, 66 insertions(+), 11 deletions(-)
diff --git a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
index 665bc71..0b69b22 100644
--- a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
+++ b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
@@ -3,28 +3,27 @@
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.map.MapBuilder;
import cn.hutool.core.map.MapUtil;
+import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.sandu.common.domain.ResponseVO;
import com.sandu.common.enums.AdminStatusStatus;
import com.sandu.common.enums.ResponseStatusEnums;
+import com.sandu.common.enums.RoleLevelStatus;
import com.sandu.common.execption.BusinessException;
import com.sandu.common.log.Log;
import com.sandu.common.object.BaseConditionVO;
import com.sandu.common.redis.RedisService;
-import com.sandu.common.redis.UserModel;
import com.sandu.common.security.LoginUserInfo;
import com.sandu.common.security.annotation.AnonymousAccess;
import com.sandu.common.security.config.SecurityProperties;
import com.sandu.common.security.token.TokenProvider;
import com.sandu.common.util.IpUtil;
import com.sandu.common.util.ResponseUtil;
-import com.sandu.ximon.admin.param.AdminLoginParam;
-import com.sandu.ximon.admin.param.AdminParam;
-import com.sandu.ximon.admin.param.PwdParam;
-import com.sandu.ximon.admin.param.ReceiveParam;
+import com.sandu.ximon.admin.param.*;
import com.sandu.ximon.admin.security.PermissionConfig;
import com.sandu.ximon.admin.security.SecurityUtils;
import com.sandu.ximon.admin.service.*;
+import com.sandu.ximon.admin.utils.RedisUtils;
import com.sandu.ximon.dao.bo.MenuNode;
import com.sandu.ximon.dao.domain.*;
import com.sandu.ximon.dao.enums.AdministratorEnums;
@@ -37,8 +36,12 @@
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
+import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
-import java.util.*;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
import java.util.stream.Collectors;
/**
@@ -66,11 +69,19 @@
@Log("鍚庡彴鐢ㄦ埛鐧诲綍")
@AnonymousAccess
@PostMapping(value = "/login")
- public ResponseVO<Object> login(@RequestBody AdminLoginParam loginParam) {
+ public ResponseVO<Object> login(HttpServletRequest request, @RequestBody AdminLoginParam loginParam) {
Admin admin = adminService.getOne(Wrappers.lambdaQuery(Admin.class).eq(Admin::getUsername, loginParam.getUsername()).last("limit 1"));
if (admin == null) {
return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
}
+// String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey());
+ String s = RedisUtils.getBean().get(loginParam.getKey());
+ System.out.println(s + "===========================");
+ if (!loginParam.getVlue().equals(s)) {
+ log.error(loginParam.getVlue() + "楠岃瘉鐮�");
+ return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage());
+ }
+ RedisUtils.getBean().delete(loginParam.getKey());
if (!passwordEncoder.matches(loginParam.getPassword(), admin.getPassword())) {
return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
}
@@ -86,7 +97,16 @@
loginUserInfo.setAccount(admin.getUsername());
loginUserInfo.setStatus(admin.getStatus());
loginUserInfo.setIp(IpUtil.getRealIp());
- loginUserInfo.setAdministratorType(AdministratorEnums.ADMIN.getCode());
+
+ //纭畾鐢ㄦ埛瑙掕壊鏉冮檺
+ AdminRoleRelation adminRoleRelation = adminRoleRelationService.getOne(Wrappers.lambdaQuery(AdminRoleRelation.class).eq(AdminRoleRelation::getAdminId, loginUserInfo.getUserId()));
+ Role role = roleService.getOne(Wrappers.lambdaQuery(Role.class).eq(Role::getId, adminRoleRelation.getRoleId()));
+ if (role != null && role.getLevel().equals(RoleLevelStatus.SUPER.getCode())) {
+ loginUserInfo.setAdministratorType(AdministratorEnums.ADMIN.getCode());
+ } else {
+ loginUserInfo.setAdministratorType(AdministratorEnums.CUSTOMER.getCode());
+ }
+
loginUserInfo.setPermission(grantedAuthorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.joining(",")));
// 鐢熸垚浠ょ墝
@@ -109,6 +129,7 @@
// @Log("鍚庡彴鐢ㄦ埛淇℃伅")
@GetMapping(value = "/info")
public ResponseVO<Object> getUserInfo() {
+ System.out.println(SecurityUtils.getUserDetails().getAdministratorType() + " ---------");
Long userId = SecurityUtils.getUserId();
List<Role> roles;
MapBuilder<Object, Object> builder;
@@ -205,6 +226,9 @@
@Log("鍚庡彴鐢ㄦ埛娉ㄥ唽")
@PostMapping("/register")
public ResponseVO<Object> register(@Validated @RequestBody AdminParam param) {
+ if (!permissionConfig.check(MenuEnum.ADMIN_ADD.getCode())) {
+ return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+ }
boolean result = adminService.register(param);
if (result) {
return ResponseUtil.success("娉ㄥ唽鐢ㄦ埛鎴愬姛");
@@ -221,6 +245,9 @@
@Log("鍚庡彴鐢ㄦ埛淇敼淇℃伅")
@PostMapping("/update/{adminId}")
public ResponseVO<Object> updateAdmin(@RequestBody AdminParam param, @PathVariable Long adminId) {
+ if (!permissionConfig.check(MenuEnum.ADMIN_INFO_UPDATE.getCode())) {
+ return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+ }
boolean result = adminService.updateAdmin(adminId, param);
if (result) {
return ResponseUtil.success("淇敼鎴愬姛");
@@ -232,10 +259,35 @@
/**
* 淇敼鎴戠殑瀵嗙爜
*/
- @Log("鍚庡彴鐢ㄦ埛淇敼瀵嗙爜")
- @PutMapping("/updateMyPassword")
+ @Log("淇敼褰撳墠鐢ㄦ埛瀵嗙爜")
+ @PostMapping("/updateMyPassword")
public ResponseVO<Object> updateMyPassword(@Validated @RequestBody PwdParam param) {
- boolean result = adminService.updateMyPassword(param);
+ boolean result;
+ if (SecurityUtils.getClientId() == null) {
+ result = adminService.updateMyPassword(param);
+ } else {
+ result = clientService.resetPassword(param);
+ }
+
+ if (result) {
+ return ResponseUtil.success("淇敼鎴愬姛");
+ } else {
+ return ResponseUtil.fail("淇敼澶辫触");
+ }
+ }
+
+ /**
+ * 淇敼绠$悊鍛樼殑瀵嗙爜
+ */
+ @Log("淇敼绠$悊鍛樼殑瀵嗙爜")
+ @PostMapping("/updateAdminPassword")
+ public ResponseVO<Object> updateAdminPassword(@Validated @RequestBody UserPwsParm param) {
+ if (!SecurityUtils.getUserDetails().getAdministratorType().equals(AdministratorEnums.ADMIN.getCode())) {
+ throw new BusinessException("闈炶秴绾х鐞嗗憳鏃犳硶淇敼瀵嗙爜锛�");
+ }
+
+ boolean result = adminService.updateAdminPassword(param);
+
if (result) {
return ResponseUtil.success("淇敼鎴愬姛");
} else {
@@ -256,6 +308,9 @@
@Log("鍚庡彴鐢ㄦ埛鍒犻櫎")
@PostMapping("/del/{adminId}")
public ResponseVO<Object> deleteAdmin(@PathVariable Long adminId) {
+ if (!permissionConfig.check(MenuEnum.ADMIN_DELETE.getCode())) {
+ return ResponseUtil.fail("缂哄皯瀵瑰簲鐢ㄦ埛鏉冮檺");
+ }
boolean result = adminService.deleteAdmin(adminId);
if (result) {
return ResponseUtil.success("淇敼鎴愬姛");
--
Gitblit v1.9.3