|
@@ -17,6 +17,7 @@ import org.apache.shiro.authz.annotation.RequiresPermissions;
|
|
|
import org.apache.shiro.authz.annotation.RequiresRoles;
|
|
import org.apache.shiro.authz.annotation.RequiresRoles;
|
|
|
import org.jeecg.common.api.vo.Result;
|
|
import org.jeecg.common.api.vo.Result;
|
|
|
import org.jeecg.common.aspect.annotation.PermissionData;
|
|
import org.jeecg.common.aspect.annotation.PermissionData;
|
|
|
|
|
+import org.jeecg.common.constant.CacheConstant;
|
|
|
import org.jeecg.common.constant.CommonConstant;
|
|
import org.jeecg.common.constant.CommonConstant;
|
|
|
import org.jeecg.common.system.api.ISysBaseAPI;
|
|
import org.jeecg.common.system.api.ISysBaseAPI;
|
|
|
import org.jeecg.modules.base.service.BaseCommonService;
|
|
import org.jeecg.modules.base.service.BaseCommonService;
|
|
@@ -28,6 +29,7 @@ import org.jeecg.modules.system.entity.*;
|
|
|
import org.jeecg.modules.system.model.DepartIdModel;
|
|
import org.jeecg.modules.system.model.DepartIdModel;
|
|
|
import org.jeecg.modules.system.model.SysUserSysDepartModel;
|
|
import org.jeecg.modules.system.model.SysUserSysDepartModel;
|
|
|
import org.jeecg.modules.system.service.*;
|
|
import org.jeecg.modules.system.service.*;
|
|
|
|
|
+import org.jeecg.modules.system.service.impl.SysBaseApiImpl;
|
|
|
import org.jeecg.modules.system.vo.SysDepartUsersVO;
|
|
import org.jeecg.modules.system.vo.SysDepartUsersVO;
|
|
|
import org.jeecg.modules.system.vo.SysUserRoleVO;
|
|
import org.jeecg.modules.system.vo.SysUserRoleVO;
|
|
|
import org.jeecgframework.poi.excel.ExcelImportUtil;
|
|
import org.jeecgframework.poi.excel.ExcelImportUtil;
|
|
@@ -60,7 +62,8 @@ import java.util.stream.Collectors;
|
|
|
@RestController
|
|
@RestController
|
|
|
@RequestMapping("/sys/user")
|
|
@RequestMapping("/sys/user")
|
|
|
public class SysUserController {
|
|
public class SysUserController {
|
|
|
-
|
|
|
|
|
|
|
+ @Autowired
|
|
|
|
|
+ private SysBaseApiImpl sysBaseApi;
|
|
|
@Autowired
|
|
@Autowired
|
|
|
private ISysUserService sysUserService;
|
|
private ISysUserService sysUserService;
|
|
|
|
|
|
|
@@ -581,7 +584,7 @@ public class SysUserController {
|
|
|
*/
|
|
*/
|
|
|
//@RequiresRoles({"admin"})
|
|
//@RequiresRoles({"admin"})
|
|
|
@RequestMapping(value = "/updatePassword", method = RequestMethod.PUT)
|
|
@RequestMapping(value = "/updatePassword", method = RequestMethod.PUT)
|
|
|
- public Result<?> updatePassword(@RequestBody JSONObject json) {
|
|
|
|
|
|
|
+ public Result<?> updatePassword(@RequestBody JSONObject json,HttpServletRequest request) {
|
|
|
String username = json.getString("username");
|
|
String username = json.getString("username");
|
|
|
String oldpassword = json.getString("oldpassword");
|
|
String oldpassword = json.getString("oldpassword");
|
|
|
String password = json.getString("password");
|
|
String password = json.getString("password");
|
|
@@ -598,9 +601,43 @@ public class SysUserController {
|
|
|
LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
|
LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
|
|
baseCommonService.addLog("修改密码,username: " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2);
|
|
baseCommonService.addLog("修改密码,username: " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2);
|
|
|
//update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
|
//update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
|
|
- return sysUserService.resetPassword(username,oldpassword,password,confirmpassword);
|
|
|
|
|
|
|
+ Result<?> result = sysUserService.resetPassword(username, oldpassword, password, confirmpassword);
|
|
|
|
|
+ //退出登录
|
|
|
|
|
+ if (result.getCode()==200){
|
|
|
|
|
+ logout( request);
|
|
|
|
|
+ }
|
|
|
|
|
+ return result;
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
+ public Result<Object> logout(HttpServletRequest request) {
|
|
|
|
|
+ //用户退出逻辑
|
|
|
|
|
+ String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
|
|
|
|
|
+ if (oConvertUtils.isEmpty(token)) {
|
|
|
|
|
+ return Result.error("退出登录失败!");
|
|
|
|
|
+ }
|
|
|
|
|
+ String username = JwtUtil.getUsername(token);
|
|
|
|
|
+ LoginUser sysUser = sysBaseApi.getUserByName(username);
|
|
|
|
|
+ if (sysUser != null) {
|
|
|
|
|
+ //update-begin--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
|
|
|
|
+ baseCommonService.addLog("用户名: " + sysUser.getRealname() + ",退出成功!", CommonConstant.LOG_TYPE_1, null, sysUser);
|
|
|
|
|
+ //update-end--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
|
|
|
|
+ log.info(" 用户名: " + sysUser.getRealname() + ",退出成功! ");
|
|
|
|
|
+ //清空用户登录Token缓存
|
|
|
|
|
+ redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
|
|
|
|
|
+ //清空用户登录Shiro权限缓存
|
|
|
|
|
+ redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
|
|
|
|
|
+ //清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username>
|
|
|
|
|
+ redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
|
|
|
|
|
+ //调用shiro的logout
|
|
|
|
|
+ SecurityUtils.getSubject().logout();
|
|
|
|
|
+ return Result.ok("退出登录成功!");
|
|
|
|
|
+ } else {
|
|
|
|
|
+ return Result.error("Token无效!");
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
@RequestMapping(value = "/userRoleList", method = RequestMethod.GET)
|
|
@RequestMapping(value = "/userRoleList", method = RequestMethod.GET)
|
|
|
public Result<IPage<SysUser>> userRoleList(@RequestParam(name="pageNo", defaultValue="1") Integer pageNo,
|
|
public Result<IPage<SysUser>> userRoleList(@RequestParam(name="pageNo", defaultValue="1") Integer pageNo,
|
|
|
@RequestParam(name="pageSize", defaultValue="10") Integer pageSize, HttpServletRequest req) {
|
|
@RequestParam(name="pageSize", defaultValue="10") Integer pageSize, HttpServletRequest req) {
|