From 9ed5b521d613edb51b160cca931ee680019e2896 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期二, 07 三月 2023 22:26:13 +0800
Subject: [PATCH] fix 修复 用户密码暴露问题
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysRoleController.java | 88 ++++++++++++++++++++++++++------------------
1 files changed, 52 insertions(+), 36 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysRoleController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysRoleController.java
index 0dce18b..96400f6 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysRoleController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysRoleController.java
@@ -1,32 +1,36 @@
package com.ruoyi.system.controller.system;
import cn.dev33.satoken.annotation.SaCheckPermission;
-import cn.hutool.core.util.ObjectUtil;
-import com.ruoyi.common.core.constant.UserConstants;
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.collection.CollUtil;
+import com.ruoyi.common.core.constant.GlobalConstants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.web.core.BaseController;
import com.ruoyi.common.excel.utils.ExcelUtil;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.mybatis.core.page.PageQuery;
import com.ruoyi.common.mybatis.core.page.TableDataInfo;
import com.ruoyi.common.satoken.utils.LoginHelper;
-import com.ruoyi.system.domain.SysDept;
-import com.ruoyi.system.domain.SysRole;
-import com.ruoyi.system.domain.SysUser;
+import com.ruoyi.common.web.core.BaseController;
import com.ruoyi.system.domain.SysUserRole;
+import com.ruoyi.system.domain.bo.SysDeptBo;
+import com.ruoyi.system.domain.bo.SysRoleBo;
+import com.ruoyi.system.domain.bo.SysUserBo;
+import com.ruoyi.system.domain.vo.DeptTreeSelectVo;
+import com.ruoyi.system.domain.vo.SysRoleVo;
+import com.ruoyi.system.domain.vo.SysUserVo;
import com.ruoyi.system.service.ISysDeptService;
+import com.ruoyi.system.service.ISysPermissionService;
import com.ruoyi.system.service.ISysRoleService;
import com.ruoyi.system.service.ISysUserService;
-import com.ruoyi.system.service.SysPermissionService;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import java.util.List;
-import java.util.Map;
/**
* 瑙掕壊淇℃伅
@@ -42,14 +46,14 @@
private final ISysRoleService roleService;
private final ISysUserService userService;
private final ISysDeptService deptService;
- private final SysPermissionService permissionService;
+ private final ISysPermissionService permissionService;
/**
* 鑾峰彇瑙掕壊淇℃伅鍒楄〃
*/
@SaCheckPermission("system:role:list")
@GetMapping("/list")
- public TableDataInfo<SysRole> list(SysRole role, PageQuery pageQuery) {
+ public TableDataInfo<SysRoleVo> list(SysRoleBo role, PageQuery pageQuery) {
return roleService.selectPageRoleList(role, pageQuery);
}
@@ -59,9 +63,9 @@
@Log(title = "瑙掕壊绠$悊", businessType = BusinessType.EXPORT)
@SaCheckPermission("system:role:export")
@PostMapping("/export")
- public void export(SysRole role, HttpServletResponse response) {
- List<SysRole> list = roleService.selectRoleList(role);
- ExcelUtil.exportExcel(list, "瑙掕壊鏁版嵁", SysRole.class, response);
+ public void export(SysRoleBo role, HttpServletResponse response) {
+ List<SysRoleVo> list = roleService.selectRoleList(role);
+ ExcelUtil.exportExcel(list, "瑙掕壊鏁版嵁", SysRoleVo.class, response);
}
/**
@@ -71,7 +75,7 @@
*/
@SaCheckPermission("system:role:query")
@GetMapping(value = "/{roleId}")
- public R<SysRole> getInfo(@PathVariable Long roleId) {
+ public R<SysRoleVo> getInfo(@PathVariable Long roleId) {
roleService.checkRoleDataScope(roleId);
return R.ok(roleService.selectRoleById(roleId));
}
@@ -82,10 +86,10 @@
@SaCheckPermission("system:role:add")
@Log(title = "瑙掕壊绠$悊", businessType = BusinessType.INSERT)
@PostMapping
- public R<Void> add(@Validated @RequestBody SysRole role) {
- if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) {
+ public R<Void> add(@Validated @RequestBody SysRoleBo role) {
+ if (!roleService.checkRoleNameUnique(role)) {
return R.fail("鏂板瑙掕壊'" + role.getRoleName() + "'澶辫触锛岃鑹插悕绉板凡瀛樺湪");
- } else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role))) {
+ } else if (!roleService.checkRoleKeyUnique(role)) {
return R.fail("鏂板瑙掕壊'" + role.getRoleName() + "'澶辫触锛岃鑹叉潈闄愬凡瀛樺湪");
}
return toAjax(roleService.insertRole(role));
@@ -98,23 +102,35 @@
@SaCheckPermission("system:role:edit")
@Log(title = "瑙掕壊绠$悊", businessType = BusinessType.UPDATE)
@PutMapping
- public R<Void> edit(@Validated @RequestBody SysRole role) {
+ public R<Void> edit(@Validated @RequestBody SysRoleBo role) {
roleService.checkRoleAllowed(role);
roleService.checkRoleDataScope(role.getRoleId());
- if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) {
+ if (!roleService.checkRoleNameUnique(role)) {
return R.fail("淇敼瑙掕壊'" + role.getRoleName() + "'澶辫触锛岃鑹插悕绉板凡瀛樺湪");
- } else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role))) {
+ } else if (!roleService.checkRoleKeyUnique(role)) {
return R.fail("淇敼瑙掕壊'" + role.getRoleName() + "'澶辫触锛岃鑹叉潈闄愬凡瀛樺湪");
}
if (roleService.updateRole(role) > 0) {
- // 鏇存柊缂撳瓨鐢ㄦ埛鏉冮檺
- LoginUser loginUser = LoginHelper.getLoginUser();
- SysUser sysUser = userService.selectUserById(loginUser.getUserId());
- if (ObjectUtil.isNotNull(sysUser) && !LoginHelper.isAdmin()) {
- loginUser.setMenuPermission(permissionService.getMenuPermission(sysUser));
- LoginHelper.setLoginUser(loginUser);
+ List<String> keys = StpUtil.searchTokenValue("", 0, -1, false);
+ if (CollUtil.isEmpty(keys)) {
+ return R.ok();
}
+ // 瑙掕壊鍏宠仈鐨勫湪绾跨敤鎴烽噺杩囧ぇ浼氬鑷磖edis闃诲鍗¢】 璋ㄦ厧鎿嶄綔
+ keys.parallelStream().forEach(key -> {
+ String token = key.replace(GlobalConstants.LOGIN_TOKEN_KEY, "");
+ // 濡傛灉宸茬粡杩囨湡鍒欒烦杩�
+ if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
+ return;
+ }
+ LoginUser loginUser = LoginHelper.getLoginUser(token);
+ if (loginUser.getRoles().stream().anyMatch(r -> r.getRoleId().equals(role.getRoleId()))) {
+ try {
+ StpUtil.logoutByTokenValue(token);
+ } catch (NotLoginException ignored) {
+ }
+ }
+ });
return R.ok();
}
return R.fail("淇敼瑙掕壊'" + role.getRoleName() + "'澶辫触锛岃鑱旂郴绠$悊鍛�");
@@ -126,7 +142,7 @@
@SaCheckPermission("system:role:edit")
@Log(title = "瑙掕壊绠$悊", businessType = BusinessType.UPDATE)
@PutMapping("/dataScope")
- public R<Void> dataScope(@RequestBody SysRole role) {
+ public R<Void> dataScope(@RequestBody SysRoleBo role) {
roleService.checkRoleAllowed(role);
roleService.checkRoleDataScope(role.getRoleId());
return toAjax(roleService.authDataScope(role));
@@ -138,7 +154,7 @@
@SaCheckPermission("system:role:edit")
@Log(title = "瑙掕壊绠$悊", businessType = BusinessType.UPDATE)
@PutMapping("/changeStatus")
- public R<Void> changeStatus(@RequestBody SysRole role) {
+ public R<Void> changeStatus(@RequestBody SysRoleBo role) {
roleService.checkRoleAllowed(role);
roleService.checkRoleDataScope(role.getRoleId());
return toAjax(roleService.updateRoleStatus(role));
@@ -161,7 +177,7 @@
*/
@SaCheckPermission("system:role:query")
@GetMapping("/optionselect")
- public R<List<SysRole>> optionselect() {
+ public R<List<SysRoleVo>> optionselect() {
return R.ok(roleService.selectRoleAll());
}
@@ -170,7 +186,7 @@
*/
@SaCheckPermission("system:role:list")
@GetMapping("/authUser/allocatedList")
- public TableDataInfo<SysUser> allocatedList(SysUser user, PageQuery pageQuery) {
+ public TableDataInfo<SysUserVo> allocatedList(SysUserBo user, PageQuery pageQuery) {
return userService.selectAllocatedList(user, pageQuery);
}
@@ -179,7 +195,7 @@
*/
@SaCheckPermission("system:role:list")
@GetMapping("/authUser/unallocatedList")
- public TableDataInfo<SysUser> unallocatedList(SysUser user, PageQuery pageQuery) {
+ public TableDataInfo<SysUserVo> unallocatedList(SysUserBo user, PageQuery pageQuery) {
return userService.selectUnallocatedList(user, pageQuery);
}
@@ -227,10 +243,10 @@
*/
@SaCheckPermission("system:role:list")
@GetMapping(value = "/deptTree/{roleId}")
- public R<Map<String, Object>> roleDeptTreeselect(@PathVariable("roleId") Long roleId) {
- return R.ok(Map.of(
- "checkedKeys", deptService.selectDeptListByRoleId(roleId),
- "depts", deptService.selectDeptTreeList(new SysDept())
- ));
+ public R<DeptTreeSelectVo> roleDeptTreeselect(@PathVariable("roleId") Long roleId) {
+ DeptTreeSelectVo selectVo = new DeptTreeSelectVo();
+ selectVo.setCheckedKeys(deptService.selectDeptListByRoleId(roleId));
+ selectVo.setDepts(deptService.selectDeptTreeList(new SysDeptBo()));
+ return R.ok(selectVo);
}
}
--
Gitblit v1.9.3