liux
/
gs_sub_evaluate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bug修复

This commit is contained in:
liang.chao 2025-05-17 15:23:54 +08:00
parent cd2f9a8070
commit 9cb63601d5
12 changed files with 167 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/bonus/gs/sub/evaluate/evaluate/service/OrganizationalServiceImpl.java
View File

@ -172,7 +172,7 @@ public class OrganizationalServiceImpl implements OrganizationalService {
//新增
bean.setDataSource("2");
OrganizationalBean his = mapper.getDataDetails(bean);
if (!his.getIdCard().equals(bean.getIdCard())) {
if (his.getIdCard() != null && !his.getIdCard().equals(bean.getIdCard())) {
int userNum = mapper.getUserNum(bean);
if (userNum > 0) {
ar.setFailMsg("该人员已存在");

4
src/main/java/com/bonus/gs/sub/evaluate/evaluate/service/OutsourcerEvaluateServiceImpl.java
View File

@ -6,10 +6,7 @@ import com.bonus.gs.sub.evaluate.evaluate.beans.*;
import com.bonus.gs.sub.evaluate.evaluate.dao.OutsourcerEvaluateDao;
import com.bonus.gs.sub.evaluate.manager.utils.AjaxRes;
import com.bonus.gs.sub.evaluate.manager.utils.UserUtil;
import com.sun.java.browser.plugin2.DOM;
import lombok.val;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.weaver.loadtime.Aj;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@ -17,7 +14,6 @@ import org.springframework.transaction.annotation.Transactional;
import org.springframework.transaction.interceptor.TransactionAspectSupport;
import javax.annotation.Resource;
import java.lang.reflect.Array;
import java.math.BigDecimal;
import java.time.LocalDate;
import java.time.format.DateTimeFormatter;

2
src/main/java/com/bonus/gs/sub/evaluate/manager/config/BnsSecurityConfig.java
View File

@ -1,5 +1,6 @@
package com.bonus.gs.sub.evaluate.manager.config;
import com.bonus.gs.sub.evaluate.manager.filter.DecryptionFilter;
import com.bonus.gs.sub.evaluate.manager.filter.TokenFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
@ -61,6 +62,7 @@ public class BnsSecurityConfig extends WebSecurityConfigurerAdapter {
http.headers().frameOptions().disable();
http.headers().cacheControl();
http.addFilterBefore(new DecryptionFilter(),UsernamePasswordAuthenticationFilter.class);
http.addFilterBefore(tokenFilter, UsernamePasswordAuthenticationFilter.class);
}

31
src/main/java/com/bonus/gs/sub/evaluate/manager/filter/DecryptionFilter.java Normal file
View File

@ -0,0 +1,31 @@
package com.bonus.gs.sub.evaluate.manager.filter;
/**
* @Authorliang.chao
* @Date2025/5/17 - 11:26
*/
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
public class DecryptionFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
if (httpRequest.getRequestURI().endsWith("/login")
&& "POST".equalsIgnoreCase(httpRequest.getMethod())) {
// 处理登录请求
DecryptionRequestWrapper wrappedRequest = new DecryptionRequestWrapper(httpRequest);
chain.doFilter(wrappedRequest, response);
return;
}
chain.doFilter(request, response);
}
}

68
src/main/java/com/bonus/gs/sub/evaluate/manager/filter/DecryptionRequestWrapper.java Normal file
View File

@ -0,0 +1,68 @@
package com.bonus.gs.sub.evaluate.manager.filter;
import com.bonus.gs.sub.evaluate.manager.utils.AesCbcUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
/**
* @Authorliang.chao
* @Date2025/5/17 - 11:31
*/
public class DecryptionRequestWrapper extends HttpServletRequestWrapper {
private static final String SECRET_KEY = "zhgd@bonus@zhgd@bonus@1234567890";
private final Map<String, String[]> decryptedParams = new HashMap<>();
public DecryptionRequestWrapper(HttpServletRequest request) {
super(request);
// 1. 复制原始参数不直接修改原始 Map
Map<String, String[]> originalParams = new HashMap<>(request.getParameterMap());
// 2. 仅解密 username password
try {
if (originalParams.containsKey("username")) {
String encryptedUsername = originalParams.get("username")[0];
String decryptedUsername = AesCbcUtils.decryptCode(encryptedUsername);
originalParams.put("username", new String[]{decryptedUsername});
}
if (originalParams.containsKey("password")) {
String encryptedPassword = originalParams.get("password")[0];
String decryptedPassword = AesCbcUtils.decryptCode(encryptedPassword);
originalParams.put("password", new String[]{decryptedPassword});
}
} catch (Exception e) {
throw new RuntimeException("解密失败", e);
}
// 3. 最终使用解密后的参数
this.decryptedParams.putAll(originalParams);
}
// ----------- 重写方法保持原样------------
@Override
public String getParameter(String name) {
return decryptedParams.containsKey(name) ? decryptedParams.get(name)[0] : null;
}
@Override
public Map<String, String[]> getParameterMap() {
return Collections.unmodifiableMap(decryptedParams);
}
@Override
public Enumeration<String> getParameterNames() {
return Collections.enumeration(decryptedParams.keySet());
}
@Override
public String[] getParameterValues(String name) {
return decryptedParams.get(name);
}
}

43
src/main/java/com/bonus/gs/sub/evaluate/manager/service/impl/UserDetailsServiceImpl.java
View File

@ -2,6 +2,7 @@ package com.bonus.gs.sub.evaluate.manager.service.impl;
import java.util.List;
import com.bonus.gs.sub.evaluate.manager.utils.AesCbcUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
@ -29,29 +30,29 @@ import com.bonus.gs.sub.evaluate.manager.service.UserService;
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private UserService userService;
@Autowired
private PermissionDao permissionDao;
@Autowired
private UserService userService;
@Autowired
private PermissionDao permissionDao;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
SysUser sysUser = userService.findByPhone(username);
if (sysUser == null) {
throw new AuthenticationCredentialsNotFoundException("用户名不存在");
} else if (sysUser.getStatus() == Status.LOCKED) {
throw new LockedException("用户被锁定,请联系管理员");
} else if (sysUser.getStatus() == Status.DISABLED) {
throw new DisabledException("用户已作废");
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
SysUser sysUser = userService.findByPhone(username);
if (sysUser == null) {
throw new AuthenticationCredentialsNotFoundException("用户名不存在");
} else if (sysUser.getStatus() == Status.LOCKED) {
throw new LockedException("用户被锁定,请联系管理员");
} else if (sysUser.getStatus() == Status.DISABLED) {
throw new DisabledException("用户已作废");
}
LoginUser loginUser = new LoginUser();
BeanUtils.copyProperties(sysUser, loginUser);
LoginUser loginUser = new LoginUser();
BeanUtils.copyProperties(sysUser, loginUser);
List<Permission> permissions = permissionDao.listByUserId(sysUser.getId());
loginUser.setPermissions(permissions);
loginUser.setDeptId(sysUser.getDeptId());
return loginUser;
}
List<Permission> permissions = permissionDao.listByUserId(sysUser.getId());
loginUser.setPermissions(permissions);
loginUser.setDeptId(sysUser.getDeptId());
return loginUser;
}
}

16
src/main/java/com/bonus/gs/sub/evaluate/manager/utils/AesCbcUtils.java
View File

@ -8,6 +8,7 @@ import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.lang.reflect.Field;
import java.nio.charset.StandardCharsets;
import java.security.Security;
/**
@ -40,7 +41,7 @@ public class AesCbcUtils {
* AES要求密钥长度为128位或192位或256位java默认限制AES密钥长度最多128位
*/
public static String sKey = "zhgd@bonus@zhgd@bonus@1234567890";
private static final String IV = sKey.substring(0, 16);
/**
* 编码格式导出
*/
@ -139,4 +140,17 @@ public class AesCbcUtils {
return null;
}
public static String decryptCode(String encryptedData) throws Exception {
SecretKeySpec keySpec = new SecretKeySpec(sKey.getBytes(StandardCharsets.UTF_8), KEY_ALGORITHM);
IvParameterSpec ivSpec = new IvParameterSpec(IV.getBytes(StandardCharsets.UTF_8));
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
byte[] decodedBytes = Base64.decodeBase64(encryptedData);
byte[] decryptedBytes = cipher.doFinal(decodedBytes);
return new String(decryptedBytes, StandardCharsets.UTF_8);
}
}

1
src/main/resources/mappers/initiateEvaluate/InitiateEvaluateMapper.xml
View File

@ -94,6 +94,7 @@
pt.config_name like concat('%', #{keyWord},
'%'))
</if>
group by per.evaluate_id
order by per.create_time desc
</select>
<select id="getOrgSelect" resultType="com.bonus.gs.sub.evaluate.evaluate.beans.InitiateEvaluateBean">

3
src/main/resources/static/js/filePreview.js
View File

@ -89,7 +89,8 @@ var Base64 = {
}
}
//
var filePreviewPath = "http://36.33.26.201:21624/GsSubEvaluate/statics/";
// var filePreviewPath = "http://36.33.26.201:21624/GsSubEvaluate/statics/";
var filePreviewPath = "http://192.168.0.14:1803/GsSubEvaluate/statics/"; // 测试环境
// var filePreviewPath = "http://127.0.0.1:1803/GsSubEvaluate/statics/";

23
src/main/resources/static/login.html
View File

@ -34,6 +34,7 @@
<script src="js/libs/jquery-2.1.1.min.js"></script>
<script src="js/publicJs.js"></script>
<script src="layui/layui.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js"></script>
<script type="text/javascript">
// if (top != self) {
@ -108,7 +109,16 @@
}
});
}
// AES加密函数
function encryptData(data, key) {
const keyHex = CryptoJS.enc.Utf8.parse(key);
const ivHex = CryptoJS.enc.Utf8.parse(key.substring(0, 16)); // 使用密钥前16位作为IV
return CryptoJS.AES.encrypt(data, keyHex, {
iv: ivHex,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
}).toString();
}
function login(obj) {
$(obj).attr("disabled", true);
@ -118,10 +128,19 @@
$("#info").html('用户名或者密码不能为空');
$(obj).attr("disabled", false);
} else {
// 加密密钥(需与后端一致)
var secretKey = "zhgd@bonus@zhgd@bonus@1234567890";
// 加密用户名和密码
var encryptedData = {
username: encryptData(username, secretKey),
password: encryptData(password, secretKey),
};
$.ajax({
type : 'post',
url : ctxPath + '/login',
data : {username:username,password:password},
data : encryptedData,
success : function(data) {
// debugger;
localStorage.setItem("token", data.token);

6
src/main/resources/static/pages/evaluate/org/addForm.html
View File

@ -168,13 +168,13 @@
lay-affix="clear" autocomplete="off" maxlength="30">
</div>
</div>
<div class="layui-form-item">
<!-- <div class="layui-form-item">
<label class="layui-form-label"><span class="required_icon">*</span>身份证号码</label>
<div class="layui-input-inline">
<input class="layui-input" id="idCard" name="idCard" lay-verify="required\|idCard"
lay-affix="clear" autocomplete="off" maxlength="30" readonly>
</div>
</div>
</div>-->
<div class="layui-form-item">
<label class="layui-form-label"><span class="required_icon">*</span>性别</label>
<div class="layui-input-inline">
@ -188,7 +188,7 @@
<label class="layui-form-label"><span class="required_icon">*</span>联系电话</label>
<div class="layui-input-inline">
<input class="layui-input" id="userPhone" name="userPhone" lay-verify="required\|phone"
lay-affix="clear" autocomplete="off" maxlength="30" readonly>
lay-affix="clear" autocomplete="off" maxlength="30">
</div>
</div>
</div>

2
src/main/resources/static/pages/evaluate/person/EvaluatePersonAdd.html
View File

@ -93,7 +93,7 @@
style="color: red">*</span>所属项目/部门:</label>
<div class="layui-input-inline" style="width: 60%">
<select id="deptId" name="deptId" class="layui-select" lay-filter="changeOrg" lay-search
lay-verify="required" style="height: 360px;"></select>
lay-verify="required" style="height: 360px;" disabled></select>
</div>
</div>
</div>