bonus
/
smart_archives_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

用户管理手机号加密存储

This commit is contained in:
liang.chao 2025-09-30 10:24:16 +08:00
parent d92f9c3898
commit a3e1184ff0
6 changed files with 81 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
bonus-admin/src/main/java/com/bonus/web/controller/system/SysUserController.java
View File

@ -7,6 +7,7 @@ import javax.servlet.http.HttpServletResponse;
import com.bonus.common.annotation.RequiresPermissions; import com.bonus.common.annotation.RequiresPermissions;
import com.bonus.common.annotation.SysLog; import com.bonus.common.annotation.SysLog;
import com.bonus.common.enums.OperaType; import com.bonus.common.enums.OperaType;
import com.bonus.common.utils.DesensitizedUtil;
import com.bonus.common.utils.encryption.Sm4Utils; import com.bonus.common.utils.encryption.Sm4Utils;
import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -44,8 +45,7 @@ import com.bonus.system.service.ISysUserService;
*/ */
@RestController @RestController
@RequestMapping("/system/user") @RequestMapping("/system/user")
public class SysUserController extends BaseController public class SysUserController extends BaseController {
{
@Autowired @Autowired
private ISysUserService userService; private ISysUserService userService;
@ -64,8 +64,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:list") @RequiresPermissions("system:user:list")
@GetMapping("/list") @GetMapping("/list")
@SysLog(title = "用户管理", businessType = OperaType.QUERY, logType = 1, module = "系统管理->用户管理", details = "查询用户列表") @SysLog(title = "用户管理", businessType = OperaType.QUERY, logType = 1, module = "系统管理->用户管理", details = "查询用户列表")
public TableDataInfo list(SysUser user) public TableDataInfo list(SysUser user) {
{
startPage(); startPage();
List<SysUser> list = userService.selectUserList(user); List<SysUser> list = userService.selectUserList(user);
return getDataTable(list); return getDataTable(list);
@ -74,8 +73,7 @@ public class SysUserController extends BaseController
@SysLog(title = "用户管理", businessType = OperaType.EXPORT, logType = 1, module = "系统管理->用户管理", details = "导入") @SysLog(title = "用户管理", businessType = OperaType.EXPORT, logType = 1, module = "系统管理->用户管理", details = "导入")
@RequiresPermissions("system:user:export") @RequiresPermissions("system:user:export")
@PostMapping("/export") @PostMapping("/export")
public void export(HttpServletResponse response, SysUser user) public void export(HttpServletResponse response, SysUser user) {
{
List<SysUser> list = userService.selectUserList(user); List<SysUser> list = userService.selectUserList(user);
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class); ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
util.exportExcel(response, list, "用户数据"); util.exportExcel(response, list, "用户数据");
@ -84,8 +82,7 @@ public class SysUserController extends BaseController
@SysLog(title = "用户管理", businessType = OperaType.IMPORT, logType = 1, module = "系统管理->用户管理", details = "导出") @SysLog(title = "用户管理", businessType = OperaType.IMPORT, logType = 1, module = "系统管理->用户管理", details = "导出")
@RequiresPermissions("system:user:import") @RequiresPermissions("system:user:import")
@PostMapping("/importData") @PostMapping("/importData")
public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception {
{
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class); ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
List<SysUser> userList = util.importExcel(file.getInputStream()); List<SysUser> userList = util.importExcel(file.getInputStream());
String operName = getUsername(); String operName = getUsername();
@ -94,8 +91,7 @@ public class SysUserController extends BaseController
} }
@PostMapping("/importTemplate") @PostMapping("/importTemplate")
public void importTemplate(HttpServletResponse response) public void importTemplate(HttpServletResponse response) {
{
ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class); ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
util.importTemplateExcel(response, "用户数据"); util.importTemplateExcel(response, "用户数据");
} }
@ -104,15 +100,15 @@ public class SysUserController extends BaseController
* 根据用户编号获取详细信息 * 根据用户编号获取详细信息
*/ */
@RequiresPermissions("system:user:query") @RequiresPermissions("system:user:query")
@GetMapping(value = { "/", "/{userId}" }) @GetMapping(value = {"/", "/{userId}"})
@SysLog(title = "用户管理", businessType = OperaType.QUERY, logType = 1, module = "系统管理->用户管理", details = "根据用户编号获取详细信息") @SysLog(title = "用户管理", businessType = OperaType.QUERY, logType = 1, module = "系统管理->用户管理", details = "根据用户编号获取详细信息")
public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) {
{
AjaxResult ajax = AjaxResult.success(); AjaxResult ajax = AjaxResult.success();
if (StringUtils.isNotNull(userId)) if (StringUtils.isNotNull(userId)) {
{
userService.checkUserDataScope(userId); userService.checkUserDataScope(userId);
SysUser sysUser = userService.selectUserById(userId); SysUser sysUser = userService.selectUserById(userId);
sysUser.setPhonenumber(Sm4Utils.decrypt(sysUser.getPhonenumber()));
sysUser.setPhonenumberDes(DesensitizedUtil.maskPhone(Sm4Utils.decrypt(sysUser.getPhonenumber())));
ajax.put(AjaxResult.DATA_TAG, sysUser); ajax.put(AjaxResult.DATA_TAG, sysUser);
ajax.put("postIds", postService.selectPostListByUserId(userId)); ajax.put("postIds", postService.selectPostListByUserId(userId));
ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList())); ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
@ -129,25 +125,19 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:add") @RequiresPermissions("system:user:add")
@SysLog(title = "用户管理", businessType = OperaType.INSERT, logType = 1, module = "系统管理->用户管理", details = "新增用户") @SysLog(title = "用户管理", businessType = OperaType.INSERT, logType = 1, module = "系统管理->用户管理", details = "新增用户")
@PostMapping @PostMapping
public AjaxResult add(@Validated @RequestBody SysUser user) public AjaxResult add(@Validated @RequestBody SysUser user) {
{
deptService.checkDeptDataScope(user.getDeptId()); deptService.checkDeptDataScope(user.getDeptId());
roleService.checkRoleDataScope(user.getRoleIds()); roleService.checkRoleDataScope(user.getRoleIds());
if (!userService.checkUserNameUnique(user)) if (!userService.checkUserNameUnique(user)) {
{
return error("新增用户'" + user.getUserName() + "'失败,登录账号已存在"); return error("新增用户'" + user.getUserName() + "'失败,登录账号已存在");
} } else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user)) {
else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
{
return error("新增用户'" + user.getUserName() + "'失败,手机号码已存在"); return error("新增用户'" + user.getUserName() + "'失败,手机号码已存在");
} } else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user)) {
else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
{
return error("新增用户'" + user.getUserName() + "'失败,邮箱账号已存在"); return error("新增用户'" + user.getUserName() + "'失败,邮箱账号已存在");
} }
user.setCreateBy(getUsername()); user.setCreateBy(getUsername());
user.setPhonenumber(Sm4Utils.encrypt(user.getPhonenumber())); user.setPhonenumber(Sm4Utils.encrypt(user.getPhonenumber()));
user.setPassword(SecurityUtils.encryptPassword(user.getPassword())); user.setPassword(SecurityUtils.encryptPassword(userService.getPassWord()));
return toAjax(userService.insertUser(user)); return toAjax(userService.insertUser(user));
} }
@ -157,25 +147,20 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:edit") @RequiresPermissions("system:user:edit")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "修改用户") @SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "修改用户")
@PutMapping @PutMapping
public AjaxResult edit(@Validated @RequestBody SysUser user) public AjaxResult edit(@Validated @RequestBody SysUser user) {
{
userService.checkUserAllowed(user); userService.checkUserAllowed(user);
userService.checkUserDataScope(user.getUserId()); userService.checkUserDataScope(user.getUserId());
deptService.checkDeptDataScope(user.getDeptId()); deptService.checkDeptDataScope(user.getDeptId());
roleService.checkRoleDataScope(user.getRoleIds()); roleService.checkRoleDataScope(user.getRoleIds());
if (!userService.checkUserNameUnique(user)) if (!userService.checkUserNameUnique(user)) {
{
return error("修改用户'" + user.getUserName() + "'失败,登录账号已存在"); return error("修改用户'" + user.getUserName() + "'失败,登录账号已存在");
} } else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user)) {
else if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user))
{
return error("修改用户'" + user.getUserName() + "'失败,手机号码已存在"); return error("修改用户'" + user.getUserName() + "'失败,手机号码已存在");
} } else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user)) {
else if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user))
{
return error("修改用户'" + user.getUserName() + "'失败,邮箱账号已存在"); return error("修改用户'" + user.getUserName() + "'失败,邮箱账号已存在");
} }
user.setUpdateBy(getUsername()); user.setUpdateBy(getUsername());
user.setPhonenumber(Sm4Utils.encrypt(user.getPhonenumber()));
return toAjax(userService.updateUser(user)); return toAjax(userService.updateUser(user));
} }
@ -185,10 +170,8 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:remove") @RequiresPermissions("system:user:remove")
@SysLog(title = "用户管理", businessType = OperaType.DELETE, logType = 1, module = "系统管理->用户管理", details = "删除用户") @SysLog(title = "用户管理", businessType = OperaType.DELETE, logType = 1, module = "系统管理->用户管理", details = "删除用户")
@DeleteMapping("/{userIds}") @DeleteMapping("/{userIds}")
public AjaxResult remove(@PathVariable Long[] userIds) public AjaxResult remove(@PathVariable Long[] userIds) {
{ if (ArrayUtils.contains(userIds, getUserId())) {
if (ArrayUtils.contains(userIds, getUserId()))
{
return error("当前用户不能删除"); return error("当前用户不能删除");
} }
return toAjax(userService.deleteUserByIds(userIds)); return toAjax(userService.deleteUserByIds(userIds));
@ -200,8 +183,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:resetPwd") @RequiresPermissions("system:user:resetPwd")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "重置密码") @SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "重置密码")
@PutMapping("/resetPwd") @PutMapping("/resetPwd")
public AjaxResult resetPwd(@RequestBody SysUser user) public AjaxResult resetPwd(@RequestBody SysUser user) {
{
userService.checkUserAllowed(user); userService.checkUserAllowed(user);
userService.checkUserDataScope(user.getUserId()); userService.checkUserDataScope(user.getUserId());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword())); user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
@ -215,8 +197,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:edit") @RequiresPermissions("system:user:edit")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "状态修改") @SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->用户管理", details = "状态修改")
@PutMapping("/changeStatus") @PutMapping("/changeStatus")
public AjaxResult changeStatus(@RequestBody SysUser user) public AjaxResult changeStatus(@RequestBody SysUser user) {
{
userService.checkUserAllowed(user); userService.checkUserAllowed(user);
userService.checkUserDataScope(user.getUserId()); userService.checkUserDataScope(user.getUserId());
user.setUpdateBy(getUsername()); user.setUpdateBy(getUsername());
@ -228,8 +209,7 @@ public class SysUserController extends BaseController
*/ */
@RequiresPermissions("system:user:query") @RequiresPermissions("system:user:query")
@GetMapping("/authRole/{userId}") @GetMapping("/authRole/{userId}")
public AjaxResult authRole(@PathVariable("userId") Long userId) public AjaxResult authRole(@PathVariable("userId") Long userId) {
{
AjaxResult ajax = AjaxResult.success(); AjaxResult ajax = AjaxResult.success();
SysUser user = userService.selectUserById(userId); SysUser user = userService.selectUserById(userId);
List<SysRole> roles = roleService.selectRolesByUserId(userId); List<SysRole> roles = roleService.selectRolesByUserId(userId);
@ -244,8 +224,7 @@ public class SysUserController extends BaseController
@RequiresPermissions("system:user:edit") @RequiresPermissions("system:user:edit")
@SysLog(title = "用户管理", businessType = OperaType.GRANT, logType = 1, module = "系统管理->用户管理", details = "用户授权角色") @SysLog(title = "用户管理", businessType = OperaType.GRANT, logType = 1, module = "系统管理->用户管理", details = "用户授权角色")
@PutMapping("/authRole") @PutMapping("/authRole")
public AjaxResult insertAuthRole(Long userId, Long[] roleIds) public AjaxResult insertAuthRole(Long userId, Long[] roleIds) {
{
userService.checkUserDataScope(userId); userService.checkUserDataScope(userId);
roleService.checkRoleDataScope(roleIds); roleService.checkRoleDataScope(roleIds);
userService.insertUserAuth(userId, roleIds); userService.insertUserAuth(userId, roleIds);
@ -257,8 +236,7 @@ public class SysUserController extends BaseController
*/ */
@RequiresPermissions("system:user:list") @RequiresPermissions("system:user:list")
@GetMapping("/deptTree") @GetMapping("/deptTree")
public AjaxResult deptTree(SysDept dept) public AjaxResult deptTree(SysDept dept) {
{
return success(deptService.selectDeptTreeList(dept)); return success(deptService.selectDeptTreeList(dept));
} }
} }

3
bonus-common/src/main/java/com/bonus/common/utils/encryption/Sm4Utils.java
View File

@ -27,7 +27,8 @@ public class Sm4Utils {
// 加密带盐的明文 // 加密带盐的明文
byte[] encryptedData = sm4.encrypt(plainText); byte[] encryptedData = sm4.encrypt(plainText);
// 返回带盐的加密结果Hex编码 // 返回带盐的加密结果Hex编码
return HexUtil.encodeHexStr(encryptedData); String s = HexUtil.encodeHexStr(encryptedData);
return s;
} catch (Exception e) { } catch (Exception e) {
return plainText; // 发生异常时返回传入字符串 return plainText; // 发生异常时返回传入字符串
} }

2
bonus-system/src/main/java/com/bonus/system/mapper/SysUserMapper.java
View File

@ -124,4 +124,6 @@ public interface SysUserMapper
* @return 结果 * @return 结果
*/ */
public SysUser checkEmailUnique(String email); public SysUser checkEmailUnique(String email);
String getPassWord();
} }

2
bonus-system/src/main/java/com/bonus/system/service/ISysUserService.java
View File

@ -203,4 +203,6 @@ public interface ISysUserService
* @return 结果 * @return 结果
*/ */
public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName); public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName);
String getPassWord();
} }

9
bonus-system/src/main/java/com/bonus/system/service/impl/SysUserServiceImpl.java
View File

@ -7,6 +7,7 @@ import javax.validation.Validator;
import com.bonus.common.utils.DesensitizedUtil; import com.bonus.common.utils.DesensitizedUtil;
import com.bonus.common.utils.GenerateUtil; import com.bonus.common.utils.GenerateUtil;
import com.bonus.common.utils.encryption.Sm4Utils;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -80,7 +81,8 @@ public class SysUserServiceImpl implements ISysUserService
{ {
List<SysUser> sysUsers = userMapper.selectUserList(user); List<SysUser> sysUsers = userMapper.selectUserList(user);
for (SysUser sysUser : sysUsers) { for (SysUser sysUser : sysUsers) {
sysUser.setPhonenumberDes(DesensitizedUtil.maskPhone(sysUser.getPhonenumber())); sysUser.setPhonenumber(Sm4Utils.decrypt(sysUser.getPhonenumber()));
sysUser.setPhonenumberDes(DesensitizedUtil.maskPhone(Sm4Utils.decrypt(sysUser.getPhonenumber())));
} }
return sysUsers; return sysUsers;
} }
@ -555,4 +557,9 @@ public class SysUserServiceImpl implements ISysUserService
} }
return successMsg.toString(); return successMsg.toString();
} }
@Override
public String getPassWord() {
return userMapper.getPassWord();
}
} }

3
bonus-system/src/main/resources/mapper/system/SysUserMapper.xml
View File

@ -148,6 +148,9 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
<select id="checkEmailUnique" parameterType="String" resultMap="SysUserResult"> <select id="checkEmailUnique" parameterType="String" resultMap="SysUserResult">
select user_id, email from da_ky_sys_user where email = #{email} and del_flag = '0' limit 1 select user_id, email from da_ky_sys_user where email = #{email} and del_flag = '0' limit 1
</select> </select>
<select id="getPassWord" resultType="java.lang.String">
select config_value from da_ky_sys_config where config_key = 'sys.user.initPassword'
</select>
<insert id="insertUser" parameterType="SysUser" useGeneratedKeys="true" keyProperty="userId"> <insert id="insertUser" parameterType="SysUser" useGeneratedKeys="true" keyProperty="userId">
insert into da_ky_sys_user( insert into da_ky_sys_user(