bonus
/
smart_archives_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

弱密码校验

This commit is contained in:
liang.chao 2025-09-30 15:00:26 +08:00
parent e457bb942a
commit ac01bcef6e
1 changed files with 69 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
bonus-system/src/main/java/com/bonus/system/service/impl/SysUserServiceImpl.java
View File

@ -41,8 +41,7 @@ import com.bonus.system.service.ISysUserService;
* @author bonus
*/
@Service
public class SysUserServiceImpl implements ISysUserService
{
public class SysUserServiceImpl implements ISysUserService {
private static final Logger log = LoggerFactory.getLogger(SysUserServiceImpl.class);
@Autowired
@ -77,8 +76,7 @@ public class SysUserServiceImpl implements ISysUserService
*/
@Override
@DataScope(deptAlias = "d", userAlias = "u")
public List<SysUser> selectUserList(SysUser user)
{
public List<SysUser> selectUserList(SysUser user) {
List<SysUser> sysUsers = userMapper.selectUserList(user);
for (SysUser sysUser : sysUsers) {
sysUser.setPhonenumber(Sm4Utils.decrypt(sysUser.getPhonenumber()));
@ -95,8 +93,7 @@ public class SysUserServiceImpl implements ISysUserService
*/
@Override
@DataScope(deptAlias = "d", userAlias = "u")
public List<SysUser> selectAllocatedList(SysUser user)
{
public List<SysUser> selectAllocatedList(SysUser user) {
return userMapper.selectAllocatedList(user);
}
@ -108,8 +105,7 @@ public class SysUserServiceImpl implements ISysUserService
*/
@Override
@DataScope(deptAlias = "d", userAlias = "u")
public List<SysUser> selectUnallocatedList(SysUser user)
{
public List<SysUser> selectUnallocatedList(SysUser user) {
return userMapper.selectUnallocatedList(user);
}
@ -120,8 +116,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 用户对象信息
*/
@Override
public SysUser selectUserByUserName(String userName)
{
public SysUser selectUserByUserName(String userName) {
return userMapper.selectUserByUserName(userName);
}
@ -132,8 +127,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 用户对象信息
*/
@Override
public SysUser selectUserById(Long userId)
{
public SysUser selectUserById(Long userId) {
return userMapper.selectUserById(userId);
}
@ -144,11 +138,9 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public String selectUserRoleGroup(String userName)
{
public String selectUserRoleGroup(String userName) {
List<SysRole> list = roleMapper.selectRolesByUserName(userName);
if (CollectionUtils.isEmpty(list))
{
if (CollectionUtils.isEmpty(list)) {
return StringUtils.EMPTY;
}
return list.stream().map(SysRole::getRoleName).collect(Collectors.joining(","));
@ -161,11 +153,9 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public String selectUserPostGroup(String userName)
{
public String selectUserPostGroup(String userName) {
List<SysPost> list = postMapper.selectPostsByUserName(userName);
if (CollectionUtils.isEmpty(list))
{
if (CollectionUtils.isEmpty(list)) {
return StringUtils.EMPTY;
}
return list.stream().map(SysPost::getPostName).collect(Collectors.joining(","));
@ -178,12 +168,10 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public boolean checkUserNameUnique(SysUser user)
{
public boolean checkUserNameUnique(SysUser user) {
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkUserNameUnique(user.getUserName());
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue())
{
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) {
return UserConstants.NOT_UNIQUE;
}
return UserConstants.UNIQUE;
@ -196,12 +184,10 @@ public class SysUserServiceImpl implements ISysUserService
* @return
*/
@Override
public boolean checkPhoneUnique(SysUser user)
{
public boolean checkPhoneUnique(SysUser user) {
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkPhoneUnique(user.getPhonenumber());
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue())
{
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) {
return UserConstants.NOT_UNIQUE;
}
return UserConstants.UNIQUE;
@ -214,12 +200,10 @@ public class SysUserServiceImpl implements ISysUserService
* @return
*/
@Override
public boolean checkEmailUnique(SysUser user)
{
public boolean checkEmailUnique(SysUser user) {
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkEmailUnique(user.getEmail());
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue())
{
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) {
return UserConstants.NOT_UNIQUE;
}
return UserConstants.UNIQUE;
@ -231,10 +215,8 @@ public class SysUserServiceImpl implements ISysUserService
* @param user 用户信息
*/
@Override
public void checkUserAllowed(SysUser user)
{
if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin())
{
public void checkUserAllowed(SysUser user) {
if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin()) {
throw new ServiceException("不允许操作超级管理员用户");
}
}
@ -245,15 +227,12 @@ public class SysUserServiceImpl implements ISysUserService
* @param userId 用户id
*/
@Override
public void checkUserDataScope(Long userId)
{
if (!SysUser.isAdmin(SecurityUtils.getUserId()))
{
public void checkUserDataScope(Long userId) {
if (!SysUser.isAdmin(SecurityUtils.getUserId())) {
SysUser user = new SysUser();
user.setUserId(userId);
List<SysUser> users = SpringUtils.getAopProxy(this).selectUserList(user);
if (StringUtils.isEmpty(users))
{
if (StringUtils.isEmpty(users)) {
throw new ServiceException("没有权限访问用户数据!");
}
}
@ -267,8 +246,7 @@ public class SysUserServiceImpl implements ISysUserService
*/
@Override
@Transactional
public int insertUser(SysUser user)
{
public int insertUser(SysUser user) {
user.setSecret(GenerateUtil.generateRandomSecret(64));
// 新增用户信息
int rows = userMapper.insertUser(user);
@ -286,8 +264,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public boolean registerUser(SysUser user)
{
public boolean registerUser(SysUser user) {
return userMapper.insertUser(user) > 0;
}
@ -299,8 +276,7 @@ public class SysUserServiceImpl implements ISysUserService
*/
@Override
@Transactional
public int updateUser(SysUser user)
{
public int updateUser(SysUser user) {
Long userId = user.getUserId();
// 删除用户与角色关联
userRoleMapper.deleteUserRoleByUserId(userId);
@ -316,13 +292,12 @@ public class SysUserServiceImpl implements ISysUserService
/**
* 用户授权角色
*
* @param userId 用户ID
* @param userId 用户ID
* @param roleIds 角色组
*/
@Override
@Transactional
public void insertUserAuth(Long userId, Long[] roleIds)
{
public void insertUserAuth(Long userId, Long[] roleIds) {
userRoleMapper.deleteUserRoleByUserId(userId);
insertUserRole(userId, roleIds);
}
@ -334,8 +309,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public int updateUserStatus(SysUser user)
{
public int updateUserStatus(SysUser user) {
return userMapper.updateUser(user);
}
@ -346,8 +320,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public int updateUserProfile(SysUser user)
{
public int updateUserProfile(SysUser user) {
return userMapper.updateUser(user);
}
@ -359,8 +332,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public boolean updateUserAvatar(Long userId, String avatar)
{
public boolean updateUserAvatar(Long userId, String avatar) {
return userMapper.updateUserAvatar(userId, avatar) > 0;
}
@ -371,21 +343,19 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果
*/
@Override
public int resetPwd(SysUser user)
{
public int resetPwd(SysUser user) {
return userMapper.updateUser(user);
}
/**
* 重置用户密码
*
* @param userId 用户ID
* @param userId 用户ID
* @param password 密码
* @return 结果
*/
@Override
public int resetUserPwd(Long userId, String password)
{
public int resetUserPwd(Long userId, String password) {
return userMapper.resetUserPwd(userId, password);
}
@ -394,9 +364,8 @@ public class SysUserServiceImpl implements ISysUserService
*
* @param user 用户对象
*/
public void insertUserRole(SysUser user)
{
this.insertUserRole(user.getUserId(), user.getRoleIds());
public void insertUserRole(SysUser user) {
this.insertUserRole(user.getUserId(), user.getRoleId());
}
/**
@ -404,15 +373,12 @@ public class SysUserServiceImpl implements ISysUserService
*
* @param user 用户对象
*/
public void insertUserPost(SysUser user)
{
public void insertUserPost(SysUser user) {
Long[] posts = user.getPostIds();
if (StringUtils.isNotEmpty(posts))
{
if (StringUtils.isNotEmpty(posts)) {
// 新增用户与岗位管理
List<SysUserPost> list = new ArrayList<SysUserPost>(posts.length);
for (Long postId : posts)
{
for (Long postId : posts) {
SysUserPost up = new SysUserPost();
up.setUserId(user.getUserId());
up.setPostId(postId);
@ -425,17 +391,14 @@ public class SysUserServiceImpl implements ISysUserService
/**
* 新增用户角色信息
*
* @param userId 用户ID
* @param userId 用户ID
* @param roleIds 角色组
*/
public void insertUserRole(Long userId, Long[] roleIds)
{
if (StringUtils.isNotEmpty(roleIds))
{
// 新增用户与角色管理
public void insertUserRole(Long userId, Long[] roleIds) {
if (StringUtils.isNotEmpty(roleIds)) {
// 新增用户与角色管理角色组
List<SysUserRole> list = new ArrayList<SysUserRole>(roleIds.length);
for (Long roleId : roleIds)
{
for (Long roleId : roleIds) {
SysUserRole ur = new SysUserRole();
ur.setUserId(userId);
ur.setRoleId(roleId);
@ -445,6 +408,18 @@ public class SysUserServiceImpl implements ISysUserService
}
}
public void insertUserRole(Long userId, Long roleId) {
if (roleId != null) {
// 新增用户与角色管理单个角色
List<SysUserRole> list = new ArrayList<SysUserRole>();
SysUserRole ur = new SysUserRole();
ur.setUserId(userId);
ur.setRoleId(roleId);
list.add(ur);
userRoleMapper.batchUserRole(list);
}
}
/**
* 通过用户ID删除用户
*
@ -453,8 +428,7 @@ public class SysUserServiceImpl implements ISysUserService
*/
@Override
@Transactional
public int deleteUserById(Long userId)
{
public int deleteUserById(Long userId) {
// 删除用户与角色关联
userRoleMapper.deleteUserRoleByUserId(userId);
// 删除用户与岗位表
@ -470,10 +444,8 @@ public class SysUserServiceImpl implements ISysUserService
*/
@Override
@Transactional
public int deleteUserByIds(Long[] userIds)
{
for (Long userId : userIds)
{
public int deleteUserByIds(Long[] userIds) {
for (Long userId : userIds) {
checkUserAllowed(new SysUser(userId));
checkUserDataScope(userId);
}
@ -487,30 +459,25 @@ public class SysUserServiceImpl implements ISysUserService
/**
* 导入用户数据
*
* @param userList 用户数据列表
* @param userList 用户数据列表
* @param isUpdateSupport 是否更新支持如果已存在则进行更新数据
* @param operName 操作用户
* @param operName 操作用户
* @return 结果
*/
@Override
public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName)
{
if (StringUtils.isNull(userList) || userList.size() == 0)
{
public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName) {
if (StringUtils.isNull(userList) || userList.size() == 0) {
throw new ServiceException("导入用户数据不能为空!");
}
int successNum = 0;
int failureNum = 0;
StringBuilder successMsg = new StringBuilder();
StringBuilder failureMsg = new StringBuilder();
for (SysUser user : userList)
{
try
{
for (SysUser user : userList) {
try {
// 验证是否存在这个用户
SysUser u = userMapper.selectUserByUserName(user.getUserName());
if (StringUtils.isNull(u))
{
if (StringUtils.isNull(u)) {
BeanValidators.validateWithException(validator, user);
deptService.checkDeptDataScope(user.getDeptId());
String password = configService.selectConfigByKey("sys.user.initPassword");
@ -519,9 +486,7 @@ public class SysUserServiceImpl implements ISysUserService
userMapper.insertUser(user);
successNum++;
successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 导入成功");
}
else if (isUpdateSupport)
{
} else if (isUpdateSupport) {
BeanValidators.validateWithException(validator, user);
checkUserAllowed(u);
checkUserDataScope(u.getUserId());
@ -531,28 +496,21 @@ public class SysUserServiceImpl implements ISysUserService
userMapper.updateUser(user);
successNum++;
successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 更新成功");
}
else
{
} else {
failureNum++;
failureMsg.append("<br/>" + failureNum + "、账号 " + user.getUserName() + " 已存在");
}
}
catch (Exception e)
{
} catch (Exception e) {
failureNum++;
String msg = "<br/>" + failureNum + "、账号 " + user.getUserName() + " 导入失败:";
failureMsg.append(msg + e.getMessage());
log.error(msg, e);
}
}
if (failureNum > 0)
{
if (failureNum > 0) {
failureMsg.insert(0, "很抱歉,导入失败!共 " + failureNum + " 条数据格式不正确,错误如下:");
throw new ServiceException(failureMsg.toString());
}
else
{
} else {
successMsg.insert(0, "恭喜您,数据已全部导入成功!共 " + successNum + " 条,数据如下:");
}
return successMsg.toString();