From 9ed5b521d613edb51b160cca931ee680019e2896 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期二, 07 三月 2023 22:26:13 +0800
Subject: [PATCH] fix 修复 用户密码暴露问题
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java | 45 +++++++++++++++++++--------------------------
1 files changed, 19 insertions(+), 26 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
index 9c82ff6..598ce47 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
@@ -1,6 +1,5 @@
package com.ruoyi.system.service.impl;
-import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.ObjectUtil;
@@ -14,6 +13,7 @@
import com.ruoyi.common.core.constant.UserConstants;
import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.service.UserService;
+import com.ruoyi.common.core.utils.MapstructUtils;
import com.ruoyi.common.core.utils.StreamUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.mybatis.core.page.PageQuery;
@@ -201,14 +201,11 @@
* @return 缁撴灉
*/
@Override
- public String checkUserNameUnique(SysUserBo user) {
+ public boolean checkUserNameUnique(SysUserBo user) {
boolean exist = baseMapper.exists(new LambdaQueryWrapper<SysUser>()
.eq(SysUser::getUserName, user.getUserName())
.ne(ObjectUtil.isNotNull(user.getUserId()), SysUser::getUserId, user.getUserId()));
- if (exist) {
- return UserConstants.NOT_UNIQUE;
- }
- return UserConstants.UNIQUE;
+ return !exist;
}
/**
@@ -217,14 +214,11 @@
* @param user 鐢ㄦ埛淇℃伅
*/
@Override
- public String checkPhoneUnique(SysUserBo user) {
+ public boolean checkPhoneUnique(SysUserBo user) {
boolean exist = baseMapper.exists(new LambdaQueryWrapper<SysUser>()
.eq(SysUser::getPhonenumber, user.getPhonenumber())
.ne(ObjectUtil.isNotNull(user.getUserId()), SysUser::getUserId, user.getUserId()));
- if (exist) {
- return UserConstants.NOT_UNIQUE;
- }
- return UserConstants.UNIQUE;
+ return !exist;
}
/**
@@ -233,14 +227,11 @@
* @param user 鐢ㄦ埛淇℃伅
*/
@Override
- public String checkEmailUnique(SysUserBo user) {
+ public boolean checkEmailUnique(SysUserBo user) {
boolean exist = baseMapper.exists(new LambdaQueryWrapper<SysUser>()
.eq(SysUser::getEmail, user.getEmail())
.ne(ObjectUtil.isNotNull(user.getUserId()), SysUser::getUserId, user.getUserId()));
- if (exist) {
- return UserConstants.NOT_UNIQUE;
- }
- return UserConstants.UNIQUE;
+ return !exist;
}
/**
@@ -250,7 +241,7 @@
*/
@Override
public void checkUserAllowed(SysUserBo user) {
- if (ObjectUtil.isNotNull(user.getUserId()) && user.isAdmin()) {
+ if (ObjectUtil.isNotNull(user.getUserId()) && user.isSuperAdmin()) {
throw new ServiceException("涓嶅厑璁告搷浣滆秴绾х鐞嗗憳鐢ㄦ埛");
}
}
@@ -262,7 +253,7 @@
*/
@Override
public void checkUserDataScope(Long userId) {
- if (!LoginHelper.isAdmin()) {
+ if (!LoginHelper.isSuperAdmin()) {
SysUserBo user = new SysUserBo();
user.setUserId(userId);
List<SysUserVo> users = this.selectUserList(user);
@@ -281,9 +272,10 @@
@Override
@Transactional(rollbackFor = Exception.class)
public int insertUser(SysUserBo user) {
- SysUser sysUser = BeanUtil.copyProperties(user, SysUser.class);
+ SysUser sysUser = MapstructUtils.convert(user, SysUser.class);
// 鏂板鐢ㄦ埛淇℃伅
int rows = baseMapper.insert(sysUser);
+ user.setUserId(sysUser.getUserId());
// 鏂板鐢ㄦ埛宀椾綅鍏宠仈
insertUserPost(user);
// 鏂板鐢ㄦ埛涓庤鑹茬鐞�
@@ -298,10 +290,11 @@
* @return 缁撴灉
*/
@Override
- public boolean registerUser(SysUserBo user) {
+ public boolean registerUser(SysUserBo user, String tenantId) {
user.setCreateBy(user.getUserId());
user.setUpdateBy(user.getUserId());
- SysUser sysUser = BeanUtil.copyProperties(user, SysUser.class);
+ SysUser sysUser = MapstructUtils.convert(user, SysUser.class);
+ sysUser.setTenantId(tenantId);
return baseMapper.insert(sysUser) > 0;
}
@@ -323,7 +316,7 @@
userPostMapper.delete(new LambdaQueryWrapper<SysUserPost>().eq(SysUserPost::getUserId, userId));
// 鏂板鐢ㄦ埛涓庡矖浣嶇鐞�
insertUserPost(user);
- SysUser sysUser = BeanUtil.copyProperties(user, SysUser.class);
+ SysUser sysUser = MapstructUtils.convert(user, SysUser.class);
return baseMapper.updateById(sysUser);
}
@@ -349,7 +342,7 @@
*/
@Override
public int updateUserStatus(SysUserBo user) {
- SysUser sysUser = BeanUtil.copyProperties(user, SysUser.class);
+ SysUser sysUser = MapstructUtils.convert(user, SysUser.class);
return baseMapper.updateById(sysUser);
}
@@ -361,7 +354,7 @@
*/
@Override
public int updateUserProfile(SysUserBo user) {
- SysUser sysUser = BeanUtil.copyProperties(user, SysUser.class);
+ SysUser sysUser = MapstructUtils.convert(user, SysUser.class);
return baseMapper.updateById(sysUser);
}
@@ -373,7 +366,7 @@
* @return 缁撴灉
*/
@Override
- public boolean updateUserAvatar(String userName, String avatar) {
+ public boolean updateUserAvatar(String userName, Long avatar) {
return baseMapper.update(null,
new LambdaUpdateWrapper<SysUser>()
.set(SysUser::getAvatar, avatar)
@@ -388,7 +381,7 @@
*/
@Override
public int resetPwd(SysUserBo user) {
- SysUser sysUser = BeanUtil.copyProperties(user, SysUser.class);
+ SysUser sysUser = MapstructUtils.convert(user, SysUser.class);
return baseMapper.updateById(sysUser);
}
--
Gitblit v1.9.3