bonus
/
smart_archives_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

弱密码校验

This commit is contained in:
liang.chao 2025-09-30 15:00:26 +08:00
parent e457bb942a
commit ac01bcef6e
1 changed files with 69 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
bonus-system/src/main/java/com/bonus/system/service/impl/SysUserServiceImpl.java
View File

@ -41,8 +41,7 @@ import com.bonus.system.service.ISysUserService;
* @author bonus * @author bonus
*/ */
@Service @Service
public class SysUserServiceImpl implements ISysUserService public class SysUserServiceImpl implements ISysUserService {
{
private static final Logger log = LoggerFactory.getLogger(SysUserServiceImpl.class); private static final Logger log = LoggerFactory.getLogger(SysUserServiceImpl.class);
@Autowired @Autowired
@ -77,8 +76,7 @@ public class SysUserServiceImpl implements ISysUserService
*/ */
@Override @Override
@DataScope(deptAlias = "d", userAlias = "u") @DataScope(deptAlias = "d", userAlias = "u")
public List<SysUser> selectUserList(SysUser user) public List<SysUser> selectUserList(SysUser user) {
{
List<SysUser> sysUsers = userMapper.selectUserList(user); List<SysUser> sysUsers = userMapper.selectUserList(user);
for (SysUser sysUser : sysUsers) { for (SysUser sysUser : sysUsers) {
sysUser.setPhonenumber(Sm4Utils.decrypt(sysUser.getPhonenumber())); sysUser.setPhonenumber(Sm4Utils.decrypt(sysUser.getPhonenumber()));
@ -95,8 +93,7 @@ public class SysUserServiceImpl implements ISysUserService
*/ */
@Override @Override
@DataScope(deptAlias = "d", userAlias = "u") @DataScope(deptAlias = "d", userAlias = "u")
public List<SysUser> selectAllocatedList(SysUser user) public List<SysUser> selectAllocatedList(SysUser user) {
{
return userMapper.selectAllocatedList(user); return userMapper.selectAllocatedList(user);
} }
@ -108,8 +105,7 @@ public class SysUserServiceImpl implements ISysUserService
*/ */
@Override @Override
@DataScope(deptAlias = "d", userAlias = "u") @DataScope(deptAlias = "d", userAlias = "u")
public List<SysUser> selectUnallocatedList(SysUser user) public List<SysUser> selectUnallocatedList(SysUser user) {
{
return userMapper.selectUnallocatedList(user); return userMapper.selectUnallocatedList(user);
} }
@ -120,8 +116,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 用户对象信息 * @return 用户对象信息
*/ */
@Override @Override
public SysUser selectUserByUserName(String userName) public SysUser selectUserByUserName(String userName) {
{
return userMapper.selectUserByUserName(userName); return userMapper.selectUserByUserName(userName);
} }
@ -132,8 +127,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 用户对象信息 * @return 用户对象信息
*/ */
@Override @Override
public SysUser selectUserById(Long userId) public SysUser selectUserById(Long userId) {
{
return userMapper.selectUserById(userId); return userMapper.selectUserById(userId);
} }
@ -144,11 +138,9 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public String selectUserRoleGroup(String userName) public String selectUserRoleGroup(String userName) {
{
List<SysRole> list = roleMapper.selectRolesByUserName(userName); List<SysRole> list = roleMapper.selectRolesByUserName(userName);
if (CollectionUtils.isEmpty(list)) if (CollectionUtils.isEmpty(list)) {
{
return StringUtils.EMPTY; return StringUtils.EMPTY;
} }
return list.stream().map(SysRole::getRoleName).collect(Collectors.joining(",")); return list.stream().map(SysRole::getRoleName).collect(Collectors.joining(","));
@ -161,11 +153,9 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public String selectUserPostGroup(String userName) public String selectUserPostGroup(String userName) {
{
List<SysPost> list = postMapper.selectPostsByUserName(userName); List<SysPost> list = postMapper.selectPostsByUserName(userName);
if (CollectionUtils.isEmpty(list)) if (CollectionUtils.isEmpty(list)) {
{
return StringUtils.EMPTY; return StringUtils.EMPTY;
} }
return list.stream().map(SysPost::getPostName).collect(Collectors.joining(",")); return list.stream().map(SysPost::getPostName).collect(Collectors.joining(","));
@ -178,12 +168,10 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public boolean checkUserNameUnique(SysUser user) public boolean checkUserNameUnique(SysUser user) {
{
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId(); Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkUserNameUnique(user.getUserName()); SysUser info = userMapper.checkUserNameUnique(user.getUserName());
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) {
{
return UserConstants.NOT_UNIQUE; return UserConstants.NOT_UNIQUE;
} }
return UserConstants.UNIQUE; return UserConstants.UNIQUE;
@ -196,12 +184,10 @@ public class SysUserServiceImpl implements ISysUserService
* @return * @return
*/ */
@Override @Override
public boolean checkPhoneUnique(SysUser user) public boolean checkPhoneUnique(SysUser user) {
{
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId(); Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkPhoneUnique(user.getPhonenumber()); SysUser info = userMapper.checkPhoneUnique(user.getPhonenumber());
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) {
{
return UserConstants.NOT_UNIQUE; return UserConstants.NOT_UNIQUE;
} }
return UserConstants.UNIQUE; return UserConstants.UNIQUE;
@ -214,12 +200,10 @@ public class SysUserServiceImpl implements ISysUserService
* @return * @return
*/ */
@Override @Override
public boolean checkEmailUnique(SysUser user) public boolean checkEmailUnique(SysUser user) {
{
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId(); Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkEmailUnique(user.getEmail()); SysUser info = userMapper.checkEmailUnique(user.getEmail());
if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue()) {
{
return UserConstants.NOT_UNIQUE; return UserConstants.NOT_UNIQUE;
} }
return UserConstants.UNIQUE; return UserConstants.UNIQUE;
@ -231,10 +215,8 @@ public class SysUserServiceImpl implements ISysUserService
* @param user 用户信息 * @param user 用户信息
*/ */
@Override @Override
public void checkUserAllowed(SysUser user) public void checkUserAllowed(SysUser user) {
{ if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin()) {
if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin())
{
throw new ServiceException("不允许操作超级管理员用户"); throw new ServiceException("不允许操作超级管理员用户");
} }
} }
@ -245,15 +227,12 @@ public class SysUserServiceImpl implements ISysUserService
* @param userId 用户id * @param userId 用户id
*/ */
@Override @Override
public void checkUserDataScope(Long userId) public void checkUserDataScope(Long userId) {
{ if (!SysUser.isAdmin(SecurityUtils.getUserId())) {
if (!SysUser.isAdmin(SecurityUtils.getUserId()))
{
SysUser user = new SysUser(); SysUser user = new SysUser();
user.setUserId(userId); user.setUserId(userId);
List<SysUser> users = SpringUtils.getAopProxy(this).selectUserList(user); List<SysUser> users = SpringUtils.getAopProxy(this).selectUserList(user);
if (StringUtils.isEmpty(users)) if (StringUtils.isEmpty(users)) {
{
throw new ServiceException("没有权限访问用户数据!"); throw new ServiceException("没有权限访问用户数据!");
} }
} }
@ -267,8 +246,7 @@ public class SysUserServiceImpl implements ISysUserService
*/ */
@Override @Override
@Transactional @Transactional
public int insertUser(SysUser user) public int insertUser(SysUser user) {
{
user.setSecret(GenerateUtil.generateRandomSecret(64)); user.setSecret(GenerateUtil.generateRandomSecret(64));
// 新增用户信息 // 新增用户信息
int rows = userMapper.insertUser(user); int rows = userMapper.insertUser(user);
@ -286,8 +264,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public boolean registerUser(SysUser user) public boolean registerUser(SysUser user) {
{
return userMapper.insertUser(user) > 0; return userMapper.insertUser(user) > 0;
} }
@ -299,8 +276,7 @@ public class SysUserServiceImpl implements ISysUserService
*/ */
@Override @Override
@Transactional @Transactional
public int updateUser(SysUser user) public int updateUser(SysUser user) {
{
Long userId = user.getUserId(); Long userId = user.getUserId();
// 删除用户与角色关联 // 删除用户与角色关联
userRoleMapper.deleteUserRoleByUserId(userId); userRoleMapper.deleteUserRoleByUserId(userId);
@ -316,13 +292,12 @@ public class SysUserServiceImpl implements ISysUserService
/** /**
* 用户授权角色 * 用户授权角色
* *
* @param userId 用户ID * @param userId 用户ID
* @param roleIds 角色组 * @param roleIds 角色组
*/ */
@Override @Override
@Transactional @Transactional
public void insertUserAuth(Long userId, Long[] roleIds) public void insertUserAuth(Long userId, Long[] roleIds) {
{
userRoleMapper.deleteUserRoleByUserId(userId); userRoleMapper.deleteUserRoleByUserId(userId);
insertUserRole(userId, roleIds); insertUserRole(userId, roleIds);
} }
@ -334,8 +309,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public int updateUserStatus(SysUser user) public int updateUserStatus(SysUser user) {
{
return userMapper.updateUser(user); return userMapper.updateUser(user);
} }
@ -346,8 +320,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public int updateUserProfile(SysUser user) public int updateUserProfile(SysUser user) {
{
return userMapper.updateUser(user); return userMapper.updateUser(user);
} }
@ -359,8 +332,7 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public boolean updateUserAvatar(Long userId, String avatar) public boolean updateUserAvatar(Long userId, String avatar) {
{
return userMapper.updateUserAvatar(userId, avatar) > 0; return userMapper.updateUserAvatar(userId, avatar) > 0;
} }
@ -371,21 +343,19 @@ public class SysUserServiceImpl implements ISysUserService
* @return 结果 * @return 结果
*/ */
@Override @Override
public int resetPwd(SysUser user) public int resetPwd(SysUser user) {
{
return userMapper.updateUser(user); return userMapper.updateUser(user);
} }
/** /**
* 重置用户密码 * 重置用户密码
* *
* @param userId 用户ID * @param userId 用户ID
* @param password 密码 * @param password 密码
* @return 结果 * @return 结果
*/ */
@Override @Override
public int resetUserPwd(Long userId, String password) public int resetUserPwd(Long userId, String password) {
{
return userMapper.resetUserPwd(userId, password); return userMapper.resetUserPwd(userId, password);
} }
@ -394,9 +364,8 @@ public class SysUserServiceImpl implements ISysUserService
* *
* @param user 用户对象 * @param user 用户对象
*/ */
public void insertUserRole(SysUser user) public void insertUserRole(SysUser user) {
{ this.insertUserRole(user.getUserId(), user.getRoleId());
this.insertUserRole(user.getUserId(), user.getRoleIds());
} }
/** /**
@ -404,15 +373,12 @@ public class SysUserServiceImpl implements ISysUserService
* *
* @param user 用户对象 * @param user 用户对象
*/ */
public void insertUserPost(SysUser user) public void insertUserPost(SysUser user) {
{
Long[] posts = user.getPostIds(); Long[] posts = user.getPostIds();
if (StringUtils.isNotEmpty(posts)) if (StringUtils.isNotEmpty(posts)) {
{
// 新增用户与岗位管理 // 新增用户与岗位管理
List<SysUserPost> list = new ArrayList<SysUserPost>(posts.length); List<SysUserPost> list = new ArrayList<SysUserPost>(posts.length);
for (Long postId : posts) for (Long postId : posts) {
{
SysUserPost up = new SysUserPost(); SysUserPost up = new SysUserPost();
up.setUserId(user.getUserId()); up.setUserId(user.getUserId());
up.setPostId(postId); up.setPostId(postId);
@ -425,17 +391,14 @@ public class SysUserServiceImpl implements ISysUserService
/** /**
* 新增用户角色信息 * 新增用户角色信息
* *
* @param userId 用户ID * @param userId 用户ID
* @param roleIds 角色组 * @param roleIds 角色组
*/ */
public void insertUserRole(Long userId, Long[] roleIds) public void insertUserRole(Long userId, Long[] roleIds) {
{ if (StringUtils.isNotEmpty(roleIds)) {
if (StringUtils.isNotEmpty(roleIds)) // 新增用户与角色管理角色组
{
// 新增用户与角色管理
List<SysUserRole> list = new ArrayList<SysUserRole>(roleIds.length); List<SysUserRole> list = new ArrayList<SysUserRole>(roleIds.length);
for (Long roleId : roleIds) for (Long roleId : roleIds) {
{
SysUserRole ur = new SysUserRole(); SysUserRole ur = new SysUserRole();
ur.setUserId(userId); ur.setUserId(userId);
ur.setRoleId(roleId); ur.setRoleId(roleId);
@ -445,6 +408,18 @@ public class SysUserServiceImpl implements ISysUserService
} }
} }
public void insertUserRole(Long userId, Long roleId) {
if (roleId != null) {
// 新增用户与角色管理单个角色
List<SysUserRole> list = new ArrayList<SysUserRole>();
SysUserRole ur = new SysUserRole();
ur.setUserId(userId);
ur.setRoleId(roleId);
list.add(ur);
userRoleMapper.batchUserRole(list);
}
}
/** /**
* 通过用户ID删除用户 * 通过用户ID删除用户
* *
@ -453,8 +428,7 @@ public class SysUserServiceImpl implements ISysUserService
*/ */
@Override @Override
@Transactional @Transactional
public int deleteUserById(Long userId) public int deleteUserById(Long userId) {
{
// 删除用户与角色关联 // 删除用户与角色关联
userRoleMapper.deleteUserRoleByUserId(userId); userRoleMapper.deleteUserRoleByUserId(userId);
// 删除用户与岗位表 // 删除用户与岗位表
@ -470,10 +444,8 @@ public class SysUserServiceImpl implements ISysUserService
*/ */
@Override @Override
@Transactional @Transactional
public int deleteUserByIds(Long[] userIds) public int deleteUserByIds(Long[] userIds) {
{ for (Long userId : userIds) {
for (Long userId : userIds)
{
checkUserAllowed(new SysUser(userId)); checkUserAllowed(new SysUser(userId));
checkUserDataScope(userId); checkUserDataScope(userId);
} }
@ -487,30 +459,25 @@ public class SysUserServiceImpl implements ISysUserService
/** /**
* 导入用户数据 * 导入用户数据
* *
* @param userList 用户数据列表 * @param userList 用户数据列表
* @param isUpdateSupport 是否更新支持如果已存在则进行更新数据 * @param isUpdateSupport 是否更新支持如果已存在则进行更新数据
* @param operName 操作用户 * @param operName 操作用户
* @return 结果 * @return 结果
*/ */
@Override @Override
public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName) public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName) {
{ if (StringUtils.isNull(userList) || userList.size() == 0) {
if (StringUtils.isNull(userList) || userList.size() == 0)
{
throw new ServiceException("导入用户数据不能为空!"); throw new ServiceException("导入用户数据不能为空!");
} }
int successNum = 0; int successNum = 0;
int failureNum = 0; int failureNum = 0;
StringBuilder successMsg = new StringBuilder(); StringBuilder successMsg = new StringBuilder();
StringBuilder failureMsg = new StringBuilder(); StringBuilder failureMsg = new StringBuilder();
for (SysUser user : userList) for (SysUser user : userList) {
{ try {
try
{
// 验证是否存在这个用户 // 验证是否存在这个用户
SysUser u = userMapper.selectUserByUserName(user.getUserName()); SysUser u = userMapper.selectUserByUserName(user.getUserName());
if (StringUtils.isNull(u)) if (StringUtils.isNull(u)) {
{
BeanValidators.validateWithException(validator, user); BeanValidators.validateWithException(validator, user);
deptService.checkDeptDataScope(user.getDeptId()); deptService.checkDeptDataScope(user.getDeptId());
String password = configService.selectConfigByKey("sys.user.initPassword"); String password = configService.selectConfigByKey("sys.user.initPassword");
@ -519,9 +486,7 @@ public class SysUserServiceImpl implements ISysUserService
userMapper.insertUser(user); userMapper.insertUser(user);
successNum++; successNum++;
successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 导入成功"); successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 导入成功");
} } else if (isUpdateSupport) {
else if (isUpdateSupport)
{
BeanValidators.validateWithException(validator, user); BeanValidators.validateWithException(validator, user);
checkUserAllowed(u); checkUserAllowed(u);
checkUserDataScope(u.getUserId()); checkUserDataScope(u.getUserId());
@ -531,28 +496,21 @@ public class SysUserServiceImpl implements ISysUserService
userMapper.updateUser(user); userMapper.updateUser(user);
successNum++; successNum++;
successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 更新成功"); successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 更新成功");
} } else {
else
{
failureNum++; failureNum++;
failureMsg.append("<br/>" + failureNum + "、账号 " + user.getUserName() + " 已存在"); failureMsg.append("<br/>" + failureNum + "、账号 " + user.getUserName() + " 已存在");
} }
} } catch (Exception e) {
catch (Exception e)
{
failureNum++; failureNum++;
String msg = "<br/>" + failureNum + "、账号 " + user.getUserName() + " 导入失败:"; String msg = "<br/>" + failureNum + "、账号 " + user.getUserName() + " 导入失败:";
failureMsg.append(msg + e.getMessage()); failureMsg.append(msg + e.getMessage());
log.error(msg, e); log.error(msg, e);
} }
} }
if (failureNum > 0) if (failureNum > 0) {
{
failureMsg.insert(0, "很抱歉,导入失败!共 " + failureNum + " 条数据格式不正确,错误如下:"); failureMsg.insert(0, "很抱歉,导入失败!共 " + failureNum + " 条数据格式不正确,错误如下:");
throw new ServiceException(failureMsg.toString()); throw new ServiceException(failureMsg.toString());
} } else {
else
{
successMsg.insert(0, "恭喜您,数据已全部导入成功!共 " + successNum + " 条,数据如下:"); successMsg.insert(0, "恭喜您,数据已全部导入成功!共 " + successNum + " 条,数据如下:");
} }
return successMsg.toString(); return successMsg.toString();