bonus
/
smart_archives_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

用户管理手机号加密存储

This commit is contained in:
liang.chao 2025-09-30 10:24:16 +08:00
parent d92f9c3898
commit a3e1184ff0
6 changed files with 81 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
bonus-admin/src/main/java/com/bonus/web/controller/system/SysUserController.java
View File

@ -7,6 +7,7 @@ import javax.servlet.http.HttpServletResponse;
import com.bonus.common.annotation.RequiresPermissions;
import com.bonus.common.annotation.SysLog;
import com.bonus.common.enums.OperaType;
import com.bonus.common.utils.DesensitizedUtil;
import com.bonus.common.utils.encryption.Sm4Utils;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
@ -44,8 +45,7 @@ import com.bonus.system.service.ISysUserService;
*/
@RestController
@RequestMapping("/system/user")
public class SysUserController extends BaseController
{
public class SysUserController extends BaseController {
@Autowired
private ISysUserService userService;
@ -64,8 +64,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:list")
@GetMapping("/list")
@SysLog(title = "用户管理", businessType = OperaType.QUERY, logType = 1, module = "系统管理->用户管理", details = "查询用户列表")
public TableDataInfo list(SysUser user)
{
public TableDataInfo list(SysUser user) {
startPage();
List<SysUser> list = userService.selectUserList(user);
return getDataTable(list);
@ -74,8 +73,7 @@ public class SysUserController extends BaseController
@SysLog(title = "用户管理", businessType = OperaType.EXPORT, logType = 1, module = "系统管理->用户管理", details = "导入")
@RequiresPermissions("system:user:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysUser user)
{
public void export(HttpServletResponse response, SysUser user) {
List<SysUser> list = userService.selectUserList(user);
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
util.exportExcel(response, list, "用户数据");
@ -84,8 +82,7 @@ public class SysUserController extends BaseController
@SysLog(title = "用户管理", businessType = OperaType.IMPORT, logType = 1, module = "系统管理->用户管理", details = "导出")
@RequiresPermissions("system:user:import")
@PostMapping("/importData")
public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception
{
public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception {
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
List<SysUser> userList = util.importExcel(file.getInputStream());
String operName = getUsername();
@ -94,8 +91,7 @@ public class SysUserController extends BaseController
}
@PostMapping("/importTemplate")
public void importTemplate(HttpServletResponse response)
{
public void importTemplate(HttpServletResponse response) {
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
util.importTemplateExcel(response, "用户数据");
}
@ -104,15 +100,15 @@ public class SysUserController extends BaseController
* 根据用户编号获取详细信息
*/
@RequiresPermissions("system:user:query")
@GetMapping(value = { "/", "/{userId}" })
@GetMapping(value = {"/", "/{userId}"})
@SysLog(title = "用户管理", businessType = OperaType.QUERY, logType = 1, module = "系统管理->用户管理", details = "根据用户编号获取详细信息")
public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
{
public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) {
AjaxResult ajax = AjaxResult.success();
if (StringUtils.isNotNull(userId))
{
if (StringUtils.isNotNull(userId)) {
userService.checkUserDataScope(userId);
SysUser sysUser = userService.selectUserById(userId);
sysUser.setPhonenumber(Sm4Utils.decrypt(sysUser.getPhonenumber()));
sysUser.setPhonenumberDes(DesensitizedUtil.maskPhone(Sm4Utils.decrypt(sysUser.getPhonenumber())));
ajax.put(AjaxResult.DATA_TAG, sysUser);
ajax.put("postIds", postService.selectPostListByUserId(userId));
ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
@ -129,25 +125,19 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:add")
@SysLog(title = "用户管理", businessType = OperaType.INSERT, logType = 1, module = "系统管理->用户管理", details = "新增用户")
@PostMapping
public AjaxResult add(@Validated @RequestBody SysUser user)
{
public AjaxResult add(@Validated @RequestBody SysUser user) {
deptService.checkDeptDataScope(user.getDeptId());
roleService.checkRoleDataScope(user.getRoleIds());
if (!userService.checkUserNameUnique(user))
{
if (!userService.checkUserNameUnique(user)) {
return error("新增用户'" + user.getUserName() + "'失败,登录账号已存在");
}
else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
{
} else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user)) {
return error("新增用户'" + user.getUserName() + "'失败,手机号码已存在");
}
else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
{
} else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user)) {
return error("新增用户'" + user.getUserName() + "'失败,邮箱账号已存在");
}
user.setCreateBy(getUsername());
user.setPhonenumber(Sm4Utils.encrypt(user.getPhonenumber()));
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
user.setPassword(SecurityUtils.encryptPassword(userService.getPassWord()));
return toAjax(userService.insertUser(user));
}
@ -157,25 +147,20 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:edit")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "修改用户")
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysUser user)
{
public AjaxResult edit(@Validated @RequestBody SysUser user) {
userService.checkUserAllowed(user);
userService.checkUserDataScope(user.getUserId());
deptService.checkDeptDataScope(user.getDeptId());
roleService.checkRoleDataScope(user.getRoleIds());
if (!userService.checkUserNameUnique(user))
{
if (!userService.checkUserNameUnique(user)) {
return error("修改用户'" + user.getUserName() + "'失败,登录账号已存在");
}
else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
{
} else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user)) {
return error("修改用户'" + user.getUserName() + "'失败,手机号码已存在");
}
else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
{
} else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user)) {
return error("修改用户'" + user.getUserName() + "'失败,邮箱账号已存在");
}
user.setUpdateBy(getUsername());
user.setPhonenumber(Sm4Utils.encrypt(user.getPhonenumber()));
return toAjax(userService.updateUser(user));
}
@ -185,10 +170,8 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:remove")
@SysLog(title = "用户管理", businessType = OperaType.DELETE, logType = 1, module = "系统管理->用户管理", details = "删除用户")
@DeleteMapping("/{userIds}")
public AjaxResult remove(@PathVariable Long[] userIds)
{
if (ArrayUtils.contains(userIds, getUserId()))
{
public AjaxResult remove(@PathVariable Long[] userIds) {
if (ArrayUtils.contains(userIds, getUserId())) {
return error("当前用户不能删除");
}
return toAjax(userService.deleteUserByIds(userIds));
@ -200,8 +183,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:resetPwd")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "重置密码")
@PutMapping("/resetPwd")
public AjaxResult resetPwd(@RequestBody SysUser user)
{
public AjaxResult resetPwd(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
userService.checkUserDataScope(user.getUserId());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
@ -215,8 +197,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:edit")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "状态修改")
@PutMapping("/changeStatus")
public AjaxResult changeStatus(@RequestBody SysUser user)
{
public AjaxResult changeStatus(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
userService.checkUserDataScope(user.getUserId());
user.setUpdateBy(getUsername());
@ -228,8 +209,7 @@ public class SysUserController extends BaseController
*/
@RequiresPermissions("system:user:query")
@GetMapping("/authRole/{userId}")
public AjaxResult authRole(@PathVariable("userId") Long userId)
{
public AjaxResult authRole(@PathVariable("userId") Long userId) {
AjaxResult ajax = AjaxResult.success();
SysUser user = userService.selectUserById(userId);
List<SysRole> roles = roleService.selectRolesByUserId(userId);
@ -244,8 +224,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:edit")
@SysLog(title = "用户管理", businessType = OperaType.GRANT, logType = 1, module = "系统管理->用户管理", details = "用户授权角色")
@PutMapping("/authRole")
public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
{
public AjaxResult insertAuthRole(Long userId, Long[] roleIds) {
userService.checkUserDataScope(userId);
roleService.checkRoleDataScope(roleIds);
userService.insertUserAuth(userId, roleIds);
@ -257,8 +236,7 @@ public class SysUserController extends BaseController
*/
@RequiresPermissions("system:user:list")
@GetMapping("/deptTree")
public AjaxResult deptTree(SysDept dept)
{
public AjaxResult deptTree(SysDept dept) {
return success(deptService.selectDeptTreeList(dept));
}
}

3
bonus-common/src/main/java/com/bonus/common/utils/encryption/Sm4Utils.java
View File

@ -27,7 +27,8 @@ public class Sm4Utils {
// 加密带盐的明文
byte[] encryptedData = sm4.encrypt(plainText);
// 返回带盐的加密结果Hex编码
return HexUtil.encodeHexStr(encryptedData);
String s = HexUtil.encodeHexStr(encryptedData);
return s;
} catch (Exception e) {
return plainText; // 发生异常时返回传入字符串
}

28
bonus-system/src/main/java/com/bonus/system/mapper/SysUserMapper.java
View File

@ -6,14 +6,14 @@ import com.bonus.common.core.domain.entity.SysUser;
/**
* 用户表 数据层
*
*
* @author bonus
*/
public interface SysUserMapper
{
/**
* 根据条件分页查询用户列表
*
*
* @param sysUser 用户信息
* @return 用户信息集合信息
*/
@ -21,7 +21,7 @@ public interface SysUserMapper
/**
* 根据条件分页查询已配用户角色列表
*
*
* @param user 用户信息
* @return 用户信息集合信息
*/
@ -29,7 +29,7 @@ public interface SysUserMapper
/**
* 根据条件分页查询未分配用户角色列表
*
*
* @param user 用户信息
* @return 用户信息集合信息
*/
@ -37,7 +37,7 @@ public interface SysUserMapper
/**
* 通过用户名查询用户
*
*
* @param userName 用户名
* @return 用户对象信息
*/
@ -45,7 +45,7 @@ public interface SysUserMapper
/**
* 通过用户ID查询用户
*
*
* @param userId 用户ID
* @return 用户对象信息
*/
@ -53,7 +53,7 @@ public interface SysUserMapper
/**
* 新增用户信息
*
*
* @param user 用户信息
* @return 结果
*/
@ -61,7 +61,7 @@ public interface SysUserMapper
/**
* 修改用户信息
*
*
* @param user 用户信息
* @return 结果
*/
@ -69,7 +69,7 @@ public interface SysUserMapper
/**
* 修改用户头像
*
*
* @param userId 用户ID
* @param avatar 头像地址
* @return 结果
@ -78,7 +78,7 @@ public interface SysUserMapper
/**
* 重置用户密码
*
*
* @param userId 用户ID
* @param password 密码
* @return 结果
@ -87,7 +87,7 @@ public interface SysUserMapper
/**
* 通过用户ID删除用户
*
*
* @param userId 用户ID
* @return 结果
*/
@ -95,7 +95,7 @@ public interface SysUserMapper
/**
* 批量删除用户信息
*
*
* @param userIds 需要删除的用户ID
* @return 结果
*/
@ -103,7 +103,7 @@ public interface SysUserMapper
/**
* 校验用户名称是否唯一
*
*
* @param userName 用户名称
* @return 结果
*/
@ -124,4 +124,6 @@ public interface SysUserMapper
* @return 结果
*/
public SysUser checkEmailUnique(String email);
String getPassWord();
}

48
bonus-system/src/main/java/com/bonus/system/service/ISysUserService.java
View File

@ -5,14 +5,14 @@ import com.bonus.common.core.domain.entity.SysUser;
/**
* 用户 业务层
*
*
* @author bonus
*/
public interface ISysUserService
{
/**
* 根据条件分页查询用户列表
*
*
* @param user 用户信息
* @return 用户信息集合信息
*/
@ -20,7 +20,7 @@ public interface ISysUserService
/**
* 根据条件分页查询已分配用户角色列表
*
*
* @param user 用户信息
* @return 用户信息集合信息
*/
@ -28,7 +28,7 @@ public interface ISysUserService
/**
* 根据条件分页查询未分配用户角色列表
*
*
* @param user 用户信息
* @return 用户信息集合信息
*/
@ -36,7 +36,7 @@ public interface ISysUserService
/**
* 通过用户名查询用户
*
*
* @param userName 用户名
* @return 用户对象信息
*/
@ -44,7 +44,7 @@ public interface ISysUserService
/**
* 通过用户ID查询用户
*
*
* @param userId 用户ID
* @return 用户对象信息
*/
@ -52,7 +52,7 @@ public interface ISysUserService
/**
* 根据用户ID查询用户所属角色组
*
*
* @param userName 用户名
* @return 结果
*/
@ -60,7 +60,7 @@ public interface ISysUserService
/**
* 根据用户ID查询用户所属岗位组
*
*
* @param userName 用户名
* @return 结果
*/
@ -68,7 +68,7 @@ public interface ISysUserService
/**
* 校验用户名称是否唯一
*
*
* @param user 用户信息
* @return 结果
*/
@ -92,21 +92,21 @@ public interface ISysUserService
/**
* 校验用户是否允许操作
*
*
* @param user 用户信息
*/
public void checkUserAllowed(SysUser user);
/**
* 校验用户是否有数据权限
*
*
* @param userId 用户id
*/
public void checkUserDataScope(Long userId);
/**
* 新增用户信息
*
*
* @param user 用户信息
* @return 结果
*/
@ -114,7 +114,7 @@ public interface ISysUserService
/**
* 注册用户信息
*
*
* @param user 用户信息
* @return 结果
*/
@ -122,7 +122,7 @@ public interface ISysUserService
/**
* 修改用户信息
*
*
* @param user 用户信息
* @return 结果
*/
@ -130,7 +130,7 @@ public interface ISysUserService
/**
* 用户授权角色
*
*
* @param userId 用户ID
* @param roleIds 角色组
*/
@ -138,7 +138,7 @@ public interface ISysUserService
/**
* 修改用户状态
*
*
* @param user 用户信息
* @return 结果
*/
@ -146,7 +146,7 @@ public interface ISysUserService
/**
* 修改用户基本信息
*
*
* @param user 用户信息
* @return 结果
*/
@ -154,7 +154,7 @@ public interface ISysUserService
/**
* 修改用户头像
*
*
* @param userId 用户ID
* @param avatar 头像地址
* @return 结果
@ -163,7 +163,7 @@ public interface ISysUserService
/**
* 重置用户密码
*
*
* @param user 用户信息
* @return 结果
*/
@ -171,7 +171,7 @@ public interface ISysUserService
/**
* 重置用户密码
*
*
* @param userId 用户ID
* @param password 密码
* @return 结果
@ -180,7 +180,7 @@ public interface ISysUserService
/**
* 通过用户ID删除用户
*
*
* @param userId 用户ID
* @return 结果
*/
@ -188,7 +188,7 @@ public interface ISysUserService
/**
* 批量删除用户信息
*
*
* @param userIds 需要删除的用户ID
* @return 结果
*/
@ -196,11 +196,13 @@ public interface ISysUserService
/**
* 导入用户数据
*
*
* @param userList 用户数据列表
* @param isUpdateSupport 是否更新支持如果已存在则进行更新数据
* @param operName 操作用户
* @return 结果
*/
public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName);
String getPassWord();
}

9
bonus-system/src/main/java/com/bonus/system/service/impl/SysUserServiceImpl.java
View File

@ -7,6 +7,7 @@ import javax.validation.Validator;
import com.bonus.common.utils.DesensitizedUtil;
import com.bonus.common.utils.GenerateUtil;
import com.bonus.common.utils.encryption.Sm4Utils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@ -80,7 +81,8 @@ public class SysUserServiceImpl implements ISysUserService
{
List<SysUser> sysUsers = userMapper.selectUserList(user);
for (SysUser sysUser : sysUsers) {
sysUser.setPhonenumberDes(DesensitizedUtil.maskPhone(sysUser.getPhonenumber()));
sysUser.setPhonenumber(Sm4Utils.decrypt(sysUser.getPhonenumber()));
sysUser.setPhonenumberDes(DesensitizedUtil.maskPhone(Sm4Utils.decrypt(sysUser.getPhonenumber())));
}
return sysUsers;
}
@ -555,4 +557,9 @@ public class SysUserServiceImpl implements ISysUserService
}
return successMsg.toString();
}
@Override
public String getPassWord() {
return userMapper.getPassWord();
}
}

3
bonus-system/src/main/resources/mapper/system/SysUserMapper.xml
View File

@ -148,6 +148,9 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
<select id="checkEmailUnique" parameterType="String" resultMap="SysUserResult">
select user_id, email from da_ky_sys_user where email = #{email} and del_flag = '0' limit 1
</select>
<select id="getPassWord" resultType="java.lang.String">
select config_value from da_ky_sys_config where config_key = 'sys.user.initPassword'
</select>
<insert id="insertUser" parameterType="SysUser" useGeneratedKeys="true" keyProperty="userId">
insert into da_ky_sys_user(