update
This commit is contained in:
@@ -38,9 +38,9 @@ import java.util.Date;
|
|||||||
public class JwtUtil {
|
public class JwtUtil {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Token有效期为7天(Token在reids中缓存时间为两倍)
|
* Token有效期为30mins(Token在reids中缓存时间为两倍)
|
||||||
*/
|
*/
|
||||||
public static final long EXPIRE_TIME = (7 * 12) * 60 * 60 * 1000;
|
public static final long EXPIRE_TIME = 30 * 60 * 1000;
|
||||||
static final String WELL_NUMBER = SymbolConstant.WELL_NUMBER + SymbolConstant.LEFT_CURLY_BRACKET;
|
static final String WELL_NUMBER = SymbolConstant.WELL_NUMBER + SymbolConstant.LEFT_CURLY_BRACKET;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -1,10 +1,7 @@
|
|||||||
package org.jeecg.modules.system.controller;
|
package org.jeecg.modules.system.controller;
|
||||||
|
|
||||||
|
|
||||||
import cn.hutool.core.util.RandomUtil;
|
import cn.hutool.core.util.RandomUtil;
|
||||||
import com.alibaba.fastjson.JSON;
|
import com.alibaba.fastjson.*;
|
||||||
import com.alibaba.fastjson.JSONArray;
|
|
||||||
import com.alibaba.fastjson.JSONObject;
|
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||||
@@ -19,8 +16,7 @@ import org.apache.shiro.authz.annotation.RequiresRoles;
|
|||||||
import org.jeecg.common.api.vo.Result;
|
import org.jeecg.common.api.vo.Result;
|
||||||
import org.jeecg.common.aspect.annotation.PermissionData;
|
import org.jeecg.common.aspect.annotation.PermissionData;
|
||||||
import org.jeecg.common.config.TenantContext;
|
import org.jeecg.common.config.TenantContext;
|
||||||
import org.jeecg.common.constant.CommonConstant;
|
import org.jeecg.common.constant.*;
|
||||||
import org.jeecg.common.constant.SymbolConstant;
|
|
||||||
import org.jeecg.common.modules.redis.client.JeecgRedisClient;
|
import org.jeecg.common.modules.redis.client.JeecgRedisClient;
|
||||||
import org.jeecg.common.system.query.QueryGenerator;
|
import org.jeecg.common.system.query.QueryGenerator;
|
||||||
import org.jeecg.common.system.util.JwtUtil;
|
import org.jeecg.common.system.util.JwtUtil;
|
||||||
@@ -116,7 +112,8 @@ public class SysUserController {
|
|||||||
@PermissionData(pageComponent = "system/UserList")
|
@PermissionData(pageComponent = "system/UserList")
|
||||||
@RequestMapping(value = "/list", method = RequestMethod.GET)
|
@RequestMapping(value = "/list", method = RequestMethod.GET)
|
||||||
public Result<IPage<SysUser>> queryPageList(SysUser user, @RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
public Result<IPage<SysUser>> queryPageList(SysUser user, @RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
||||||
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, HttpServletRequest req) {
|
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize,
|
||||||
|
HttpServletRequest req) {
|
||||||
QueryWrapper<SysUser> queryWrapper = QueryGenerator.initQueryWrapper(user, req.getParameterMap());
|
QueryWrapper<SysUser> queryWrapper = QueryGenerator.initQueryWrapper(user, req.getParameterMap());
|
||||||
//------------------------------------------------------------------------------------------------
|
//------------------------------------------------------------------------------------------------
|
||||||
//是否开启系统管理模块的多租户数据隔离【SAAS多租户模式】
|
//是否开启系统管理模块的多租户数据隔离【SAAS多租户模式】
|
||||||
@@ -145,7 +142,8 @@ public class SysUserController {
|
|||||||
@RequiresPermissions("system:user:listAll")
|
@RequiresPermissions("system:user:listAll")
|
||||||
@RequestMapping(value = "/listAll", method = RequestMethod.GET)
|
@RequestMapping(value = "/listAll", method = RequestMethod.GET)
|
||||||
public Result<IPage<SysUser>> queryAllPageList(SysUser user, @RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
public Result<IPage<SysUser>> queryAllPageList(SysUser user, @RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
||||||
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, HttpServletRequest req) {
|
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize,
|
||||||
|
HttpServletRequest req) {
|
||||||
QueryWrapper<SysUser> queryWrapper = QueryGenerator.initQueryWrapper(user, req.getParameterMap());
|
QueryWrapper<SysUser> queryWrapper = QueryGenerator.initQueryWrapper(user, req.getParameterMap());
|
||||||
return sysUserService.queryPageList(req, queryWrapper, pageSize, pageNo);
|
return sysUserService.queryPageList(req, queryWrapper, pageSize, pageNo);
|
||||||
}
|
}
|
||||||
@@ -300,7 +298,6 @@ public class SysUserController {
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 校验用户账号是否唯一<br>
|
* 校验用户账号是否唯一<br>
|
||||||
* 可以校验其他 需要检验什么就传什么。。。
|
* 可以校验其他 需要检验什么就传什么。。。
|
||||||
@@ -345,9 +342,16 @@ public class SysUserController {
|
|||||||
sysUser.setId(u.getId());
|
sysUser.setId(u.getId());
|
||||||
//update-begin---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
//update-begin---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
||||||
LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
||||||
baseCommonService.addLog("修改用户 " + sysUser.getUsername() + " 的密码,操作人: " + loginUser.getUsername(), CommonConstant.LOG_TYPE_2, 2);
|
baseCommonService.addLog("修改用户 " + sysUser.getUsername() + " 的密码,操作人: " + loginUser.getUsername(),
|
||||||
|
CommonConstant.LOG_TYPE_2, 2);
|
||||||
//update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
//update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
||||||
return sysUserService.changePassword(sysUser);
|
Result<?> result = sysUserService.changePassword(sysUser);
|
||||||
|
if (result.isSuccess()) {
|
||||||
|
redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
|
||||||
|
//清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username>
|
||||||
|
redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
|
||||||
|
}
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -401,7 +405,8 @@ public class SysUserController {
|
|||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
@RequestMapping(value = "/queryUserByDepId", method = RequestMethod.GET)
|
@RequestMapping(value = "/queryUserByDepId", method = RequestMethod.GET)
|
||||||
public Result<List<SysUser>> queryUserByDepId(@RequestParam(name = "id", required = true) String id, @RequestParam(name = "realname", required = false) String realname) {
|
public Result<List<SysUser>> queryUserByDepId(@RequestParam(name = "id", required = true) String id,
|
||||||
|
@RequestParam(name = "realname", required = false) String realname) {
|
||||||
Result<List<SysUser>> result = new Result<>();
|
Result<List<SysUser>> result = new Result<>();
|
||||||
//List<SysUser> userList = sysUserDepartService.queryUserByDepId(id);
|
//List<SysUser> userList = sysUserDepartService.queryUserByDepId(id);
|
||||||
SysDepart sysDepart = sysDepartService.getById(id);
|
SysDepart sysDepart = sysDepartService.getById(id);
|
||||||
@@ -450,7 +455,8 @@ public class SysUserController {
|
|||||||
String[] arr = new String[] {departId, realname, username, id};
|
String[] arr = new String[] {departId, realname, username, id};
|
||||||
SqlInjectionUtil.filterContent(arr, SymbolConstant.SINGLE_QUOTATION_MARK);
|
SqlInjectionUtil.filterContent(arr, SymbolConstant.SINGLE_QUOTATION_MARK);
|
||||||
//update-end-author:taoyan date:2022-7-14 for: VUEN-1702【禁止问题】sql注入漏洞
|
//update-end-author:taoyan date:2022-7-14 for: VUEN-1702【禁止问题】sql注入漏洞
|
||||||
IPage<SysUser> pageList = sysUserDepartService.queryDepartUserPageList(departId, username, realname, pageSize, pageNo, id, isMultiTranslate);
|
IPage<SysUser> pageList = sysUserDepartService.queryDepartUserPageList(departId, username, realname, pageSize, pageNo, id,
|
||||||
|
isMultiTranslate);
|
||||||
return Result.OK(pageList);
|
return Result.OK(pageList);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -586,7 +592,6 @@ public class SysUserController {
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param userNames
|
* @param userNames
|
||||||
* @return
|
* @return
|
||||||
@@ -626,12 +631,18 @@ public class SysUserController {
|
|||||||
LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
||||||
baseCommonService.addLog("修改密码,username: " + loginUser.getUsername(), CommonConstant.LOG_TYPE_2, 2);
|
baseCommonService.addLog("修改密码,username: " + loginUser.getUsername(), CommonConstant.LOG_TYPE_2, 2);
|
||||||
//update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
//update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
||||||
return sysUserService.resetPassword(username, oldpassword, password, confirmpassword);
|
Result<?> result = sysUserService.resetPassword(username, oldpassword, password, confirmpassword);
|
||||||
|
if (result.isSuccess()) {
|
||||||
|
//退出登录
|
||||||
|
SecurityUtils.getSubject().logout();
|
||||||
|
}
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
@RequestMapping(value = "/userRoleList", method = RequestMethod.GET)
|
@RequestMapping(value = "/userRoleList", method = RequestMethod.GET)
|
||||||
public Result<IPage<SysUser>> userRoleList(@RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
public Result<IPage<SysUser>> userRoleList(@RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
||||||
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, HttpServletRequest req) {
|
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize,
|
||||||
|
HttpServletRequest req) {
|
||||||
Result<IPage<SysUser>> result = new Result<IPage<SysUser>>();
|
Result<IPage<SysUser>> result = new Result<IPage<SysUser>>();
|
||||||
Page<SysUser> page = new Page<SysUser>(pageNo, pageSize);
|
Page<SysUser> page = new Page<SysUser>(pageNo, pageSize);
|
||||||
String roleId = req.getParameter("roleId");
|
String roleId = req.getParameter("roleId");
|
||||||
@@ -730,7 +741,8 @@ public class SysUserController {
|
|||||||
*/
|
*/
|
||||||
@RequestMapping(value = "/departUserList", method = RequestMethod.GET)
|
@RequestMapping(value = "/departUserList", method = RequestMethod.GET)
|
||||||
public Result<IPage<SysUser>> departUserList(@RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
public Result<IPage<SysUser>> departUserList(@RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
||||||
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, HttpServletRequest req) {
|
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize,
|
||||||
|
HttpServletRequest req) {
|
||||||
Result<IPage<SysUser>> result = new Result<IPage<SysUser>>();
|
Result<IPage<SysUser>> result = new Result<IPage<SysUser>>();
|
||||||
Page<SysUser> page = new Page<SysUser>(pageNo, pageSize);
|
Page<SysUser> page = new Page<SysUser>(pageNo, pageSize);
|
||||||
String depId = req.getParameter("depId");
|
String depId = req.getParameter("depId");
|
||||||
@@ -773,7 +785,6 @@ public class SysUserController {
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 根据 orgCode 查询用户,包括子部门下的用户
|
* 根据 orgCode 查询用户,包括子部门下的用户
|
||||||
* 若某个用户包含多个部门,则会显示多条记录,可自行处理成单条记录
|
* 若某个用户包含多个部门,则会显示多条记录,可自行处理成单条记录
|
||||||
@@ -943,7 +954,6 @@ public class SysUserController {
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 用户注册接口
|
* 用户注册接口
|
||||||
*
|
*
|
||||||
@@ -1114,7 +1124,8 @@ public class SysUserController {
|
|||||||
@RequestParam(name = "smscode") String smscode,
|
@RequestParam(name = "smscode") String smscode,
|
||||||
@RequestParam(name = "phone") String phone) {
|
@RequestParam(name = "phone") String phone) {
|
||||||
Result<SysUser> result = new Result<SysUser>();
|
Result<SysUser> result = new Result<SysUser>();
|
||||||
if (oConvertUtils.isEmpty(username) || oConvertUtils.isEmpty(password) || oConvertUtils.isEmpty(smscode) || oConvertUtils.isEmpty(phone)) {
|
if (oConvertUtils.isEmpty(username) || oConvertUtils.isEmpty(password) || oConvertUtils.isEmpty(smscode) || oConvertUtils.isEmpty(
|
||||||
|
phone)) {
|
||||||
result.setMessage("重置密码失败!");
|
result.setMessage("重置密码失败!");
|
||||||
result.setSuccess(false);
|
result.setSuccess(false);
|
||||||
return result;
|
return result;
|
||||||
@@ -1135,7 +1146,8 @@ public class SysUserController {
|
|||||||
result.setSuccess(false);
|
result.setSuccess(false);
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
sysUser = this.sysUserService.getOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getUsername, username).eq(SysUser::getPhone, phone));
|
sysUser = this.sysUserService.getOne(
|
||||||
|
new LambdaQueryWrapper<SysUser>().eq(SysUser::getUsername, username).eq(SysUser::getPhone, phone));
|
||||||
if (sysUser == null) {
|
if (sysUser == null) {
|
||||||
result.setMessage("当前登录用户和绑定的手机号不匹配,无法修改密码!");
|
result.setMessage("当前登录用户和绑定的手机号不匹配,无法修改密码!");
|
||||||
result.setSuccess(false);
|
result.setSuccess(false);
|
||||||
@@ -1157,7 +1169,6 @@ public class SysUserController {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 根据TOKEN获取用户的部分信息(返回的数据是可供表单设计器使用的数据)
|
* 根据TOKEN获取用户的部分信息(返回的数据是可供表单设计器使用的数据)
|
||||||
*
|
*
|
||||||
@@ -1285,7 +1296,6 @@ public class SysUserController {
|
|||||||
return Result.ok("删除成功");
|
return Result.ok("删除成功");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 移动端修改用户信息
|
* 移动端修改用户信息
|
||||||
*
|
*
|
||||||
@@ -1430,7 +1440,8 @@ public class SysUserController {
|
|||||||
public Result<List<SysUser>> appQueryUser(@RequestParam(name = "keyword", required = false) String keyword,
|
public Result<List<SysUser>> appQueryUser(@RequestParam(name = "keyword", required = false) String keyword,
|
||||||
@RequestParam(name = "username", required = false) String username,
|
@RequestParam(name = "username", required = false) String username,
|
||||||
@RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
@RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
|
||||||
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, HttpServletRequest request) {
|
@RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize,
|
||||||
|
HttpServletRequest request) {
|
||||||
Result<List<SysUser>> result = new Result<List<SysUser>>();
|
Result<List<SysUser>> result = new Result<List<SysUser>>();
|
||||||
LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<SysUser>();
|
LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<SysUser>();
|
||||||
//TODO 外部模拟登陆临时账号,列表不显示
|
//TODO 外部模拟登陆临时账号,列表不显示
|
||||||
@@ -1514,7 +1525,6 @@ public class SysUserController {
|
|||||||
return Result.ok("手机号设置成功!");
|
return Result.ok("手机号设置成功!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 根据对象里面的属性值作in查询 属性可能会变 用户组件用到
|
* 根据对象里面的属性值作in查询 属性可能会变 用户组件用到
|
||||||
*
|
*
|
||||||
@@ -1585,7 +1595,8 @@ public class SysUserController {
|
|||||||
log.info("---------简流中选择用户接口,通过租户筛选,租户ID={}", tenantId);
|
log.info("---------简流中选择用户接口,通过租户筛选,租户ID={}", tenantId);
|
||||||
}
|
}
|
||||||
//------------------------------------------------------------------------------------------------
|
//------------------------------------------------------------------------------------------------
|
||||||
IPage<SysUser> pageList = sysUserDepartService.getUserInformation(tenantId, departId, roleId, keyword, pageSize, pageNo, excludeUserIdList);
|
IPage<SysUser> pageList = sysUserDepartService.getUserInformation(tenantId, departId, roleId, keyword, pageSize, pageNo,
|
||||||
|
excludeUserIdList);
|
||||||
return Result.OK(pageList);
|
return Result.OK(pageList);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user