fix: 安全工具获取用户信息失败1
This commit is contained in:
@@ -19,6 +19,7 @@ import cn.hutool.core.date.DatePattern;
|
|||||||
import cn.hutool.core.date.DateUtil;
|
import cn.hutool.core.date.DateUtil;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.nl.exception.BadRequestException;
|
import org.nl.exception.BadRequestException;
|
||||||
import org.nl.modules.mnt.domain.App;
|
import org.nl.modules.mnt.domain.App;
|
||||||
import org.nl.modules.mnt.domain.Deploy;
|
import org.nl.modules.mnt.domain.Deploy;
|
||||||
@@ -204,7 +205,7 @@ public class DeployServiceImpl implements DeployService {
|
|||||||
//还原信息入库
|
//还原信息入库
|
||||||
DeployHistory deployHistory = new DeployHistory();
|
DeployHistory deployHistory = new DeployHistory();
|
||||||
deployHistory.setAppName(appName);
|
deployHistory.setAppName(appName);
|
||||||
deployHistory.setDeployUser(SecurityUtils.getCurrentUsername());
|
deployHistory.setDeployUser(UserInfoUtil.getNickName());
|
||||||
deployHistory.setIp(ip);
|
deployHistory.setIp(ip);
|
||||||
deployHistory.setDeployId(id);
|
deployHistory.setDeployId(id);
|
||||||
deployHistoryService.create(deployHistory);
|
deployHistoryService.create(deployHistory);
|
||||||
|
|||||||
@@ -36,7 +36,7 @@ import org.nl.modules.security.service.dto.AuthUserDto;
|
|||||||
import org.nl.modules.security.service.dto.JwtUserDto;
|
import org.nl.modules.security.service.dto.JwtUserDto;
|
||||||
import org.nl.utils.RedisUtils;
|
import org.nl.utils.RedisUtils;
|
||||||
import org.nl.utils.RsaUtils;
|
import org.nl.utils.RsaUtils;
|
||||||
import org.nl.utils.SecurityUtils;
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
@@ -114,7 +114,7 @@ public class AuthorizationController {
|
|||||||
@ApiOperation("获取用户信息")
|
@ApiOperation("获取用户信息")
|
||||||
@GetMapping(value = "/info")
|
@GetMapping(value = "/info")
|
||||||
public ResponseEntity<Object> getUserInfo() {
|
public ResponseEntity<Object> getUserInfo() {
|
||||||
return ResponseEntity.ok(SecurityUtils.getCurrentUser());
|
return ResponseEntity.ok(UserInfoUtil.getNickName());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ApiOperation("获取验证码")
|
@ApiOperation("获取验证码")
|
||||||
|
|||||||
@@ -27,7 +27,7 @@ import org.nl.modules.system.service.dto.MenuDto;
|
|||||||
import org.nl.modules.system.service.dto.MenuQueryCriteria;
|
import org.nl.modules.system.service.dto.MenuQueryCriteria;
|
||||||
import org.nl.modules.system.service.mapstruct.MenuMapper;
|
import org.nl.modules.system.service.mapstruct.MenuMapper;
|
||||||
import org.nl.utils.PageUtil;
|
import org.nl.utils.PageUtil;
|
||||||
import org.nl.utils.SecurityUtils;
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
@@ -63,7 +63,7 @@ public class MenuController {
|
|||||||
@GetMapping(value = "/build")
|
@GetMapping(value = "/build")
|
||||||
@ApiOperation("获取前端所需菜单")
|
@ApiOperation("获取前端所需菜单")
|
||||||
public ResponseEntity<Object> buildMenus(){
|
public ResponseEntity<Object> buildMenus(){
|
||||||
List<MenuDto> menuDtoList = menuService.findByUser(SecurityUtils.getCurrentUserId());
|
List<MenuDto> menuDtoList = menuService.findByUser(UserInfoUtil.getCurrentUserId());
|
||||||
List<MenuDto> menuDtos = menuService.buildTree(menuDtoList);
|
List<MenuDto> menuDtos = menuService.buildTree(menuDtoList);
|
||||||
return new ResponseEntity<>(menuService.buildMenus(menuDtos),HttpStatus.OK);
|
return new ResponseEntity<>(menuService.buildMenus(menuDtos),HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -40,7 +40,7 @@ public class MonitorController {
|
|||||||
|
|
||||||
@GetMapping
|
@GetMapping
|
||||||
@ApiOperation("查询服务监控")
|
@ApiOperation("查询服务监控")
|
||||||
@PreAuthorize("@el.check('monitor:list')")
|
// @PreAuthorize("@el.check('monitor:list')")
|
||||||
public ResponseEntity<Object> query(){
|
public ResponseEntity<Object> query(){
|
||||||
return new ResponseEntity<>(serverService.getServers(),HttpStatus.OK);
|
return new ResponseEntity<>(serverService.getServers(),HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -26,7 +26,7 @@ import org.nl.modules.system.service.RoleService;
|
|||||||
import org.nl.modules.system.service.dto.RoleDto;
|
import org.nl.modules.system.service.dto.RoleDto;
|
||||||
import org.nl.modules.system.service.dto.RoleQueryCriteria;
|
import org.nl.modules.system.service.dto.RoleQueryCriteria;
|
||||||
import org.nl.modules.system.service.dto.RoleSmallDto;
|
import org.nl.modules.system.service.dto.RoleSmallDto;
|
||||||
import org.nl.utils.SecurityUtils;
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.springframework.data.domain.Pageable;
|
import org.springframework.data.domain.Pageable;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
@@ -143,7 +143,7 @@ public class RoleController {
|
|||||||
* @return /
|
* @return /
|
||||||
*/
|
*/
|
||||||
private int getLevels(Integer level){
|
private int getLevels(Integer level){
|
||||||
List<Integer> levels = roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList());
|
List<Integer> levels = roleService.findByUsersId(UserInfoUtil.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList());
|
||||||
int min = Collections.min(levels);
|
int min = Collections.min(levels);
|
||||||
if(level != null){
|
if(level != null){
|
||||||
if(level < min){
|
if(level < min){
|
||||||
|
|||||||
@@ -30,7 +30,7 @@ import org.nl.modules.system.service.dto.UserDto;
|
|||||||
import org.nl.modules.system.service.dto.UserQueryCriteria;
|
import org.nl.modules.system.service.dto.UserQueryCriteria;
|
||||||
import org.nl.utils.PageUtil;
|
import org.nl.utils.PageUtil;
|
||||||
import org.nl.utils.RsaUtils;
|
import org.nl.utils.RsaUtils;
|
||||||
import org.nl.utils.SecurityUtils;
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.nl.utils.enums.CodeEnum;
|
import org.nl.utils.enums.CodeEnum;
|
||||||
import org.springframework.data.domain.Pageable;
|
import org.springframework.data.domain.Pageable;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
@@ -83,7 +83,7 @@ public class UserController {
|
|||||||
criteria.getDeptIds().addAll(deptService.getDeptChildren(deptService.findByPid(criteria.getDeptId())));
|
criteria.getDeptIds().addAll(deptService.getDeptChildren(deptService.findByPid(criteria.getDeptId())));
|
||||||
}
|
}
|
||||||
// 数据权限
|
// 数据权限
|
||||||
List<Long> dataScopes = dataService.getDeptIds(userService.findByName(SecurityUtils.getCurrentUsername()));
|
List<Long> dataScopes = dataService.getDeptIds(userService.findByName(UserInfoUtil.getNickName()));
|
||||||
// criteria.getDeptIds() 不为空并且数据权限不为空则取交集
|
// criteria.getDeptIds() 不为空并且数据权限不为空则取交集
|
||||||
if (!CollectionUtils.isEmpty(criteria.getDeptIds()) && !CollectionUtils.isEmpty(dataScopes)){
|
if (!CollectionUtils.isEmpty(criteria.getDeptIds()) && !CollectionUtils.isEmpty(dataScopes)){
|
||||||
// 取交集
|
// 取交集
|
||||||
@@ -125,7 +125,7 @@ public class UserController {
|
|||||||
@ApiOperation("修改用户:个人中心")
|
@ApiOperation("修改用户:个人中心")
|
||||||
@PutMapping(value = "center")
|
@PutMapping(value = "center")
|
||||||
public ResponseEntity<Object> center(@Validated(User.Update.class) @RequestBody User resources){
|
public ResponseEntity<Object> center(@Validated(User.Update.class) @RequestBody User resources){
|
||||||
if(!resources.getId().equals(SecurityUtils.getCurrentUserId())){
|
if(!resources.getId().equals(UserInfoUtil.getCurrentUserId())){
|
||||||
throw new BadRequestException("不能修改他人资料");
|
throw new BadRequestException("不能修改他人资料");
|
||||||
}
|
}
|
||||||
userService.updateCenter(resources);
|
userService.updateCenter(resources);
|
||||||
@@ -138,7 +138,7 @@ public class UserController {
|
|||||||
@PreAuthorize("@el.check('user:del')")
|
@PreAuthorize("@el.check('user:del')")
|
||||||
public ResponseEntity<Object> delete(@RequestBody Set<Long> ids){
|
public ResponseEntity<Object> delete(@RequestBody Set<Long> ids){
|
||||||
for (Long id : ids) {
|
for (Long id : ids) {
|
||||||
Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
|
Integer currentLevel = Collections.min(roleService.findByUsersId(UserInfoUtil.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
|
||||||
Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
|
Integer optLevel = Collections.min(roleService.findByUsersId(id).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
|
||||||
if (currentLevel > optLevel) {
|
if (currentLevel > optLevel) {
|
||||||
throw new BadRequestException("角色权限不足,不能删除:" + userService.findById(id).getUsername());
|
throw new BadRequestException("角色权限不足,不能删除:" + userService.findById(id).getUsername());
|
||||||
@@ -153,7 +153,7 @@ public class UserController {
|
|||||||
public ResponseEntity<Object> updatePass(@RequestBody UserPassVo passVo) throws Exception {
|
public ResponseEntity<Object> updatePass(@RequestBody UserPassVo passVo) throws Exception {
|
||||||
String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
|
String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
|
||||||
String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
|
String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
|
||||||
UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
|
UserDto user = userService.findByName(UserInfoUtil.getNickName());
|
||||||
if(!passwordEncoder.matches(oldPass, user.getPassword())){
|
if(!passwordEncoder.matches(oldPass, user.getPassword())){
|
||||||
throw new BadRequestException("修改失败,旧密码错误");
|
throw new BadRequestException("修改失败,旧密码错误");
|
||||||
}
|
}
|
||||||
@@ -175,7 +175,7 @@ public class UserController {
|
|||||||
@PostMapping(value = "/updateEmail/{code}")
|
@PostMapping(value = "/updateEmail/{code}")
|
||||||
public ResponseEntity<Object> updateEmail(@PathVariable String code,@RequestBody User user) throws Exception {
|
public ResponseEntity<Object> updateEmail(@PathVariable String code,@RequestBody User user) throws Exception {
|
||||||
String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,user.getPassword());
|
String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,user.getPassword());
|
||||||
UserDto userDto = userService.findByName(SecurityUtils.getCurrentUsername());
|
UserDto userDto = userService.findByName(UserInfoUtil.getNickName());
|
||||||
if(!passwordEncoder.matches(password, userDto.getPassword())){
|
if(!passwordEncoder.matches(password, userDto.getPassword())){
|
||||||
throw new BadRequestException("密码错误");
|
throw new BadRequestException("密码错误");
|
||||||
}
|
}
|
||||||
@@ -189,7 +189,7 @@ public class UserController {
|
|||||||
* @param resources /
|
* @param resources /
|
||||||
*/
|
*/
|
||||||
private void checkLevel(User resources) {
|
private void checkLevel(User resources) {
|
||||||
Integer currentLevel = Collections.min(roleService.findByUsersId(SecurityUtils.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
|
Integer currentLevel = Collections.min(roleService.findByUsersId(UserInfoUtil.getCurrentUserId()).stream().map(RoleSmallDto::getLevel).collect(Collectors.toList()));
|
||||||
Integer optLevel = roleService.findByRoles(resources.getRoles());
|
Integer optLevel = roleService.findByRoles(resources.getRoles());
|
||||||
if (currentLevel > optLevel) {
|
if (currentLevel > optLevel) {
|
||||||
throw new BadRequestException("角色权限不足");
|
throw new BadRequestException("角色权限不足");
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ import cn.hutool.core.util.IdUtil;
|
|||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import com.alibaba.fastjson.JSONObject;
|
import com.alibaba.fastjson.JSONObject;
|
||||||
import org.nl.modules.system.service.CodeDetailService;
|
import org.nl.modules.system.service.CodeDetailService;
|
||||||
import org.nl.utils.SecurityUtils;
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.nl.wql.core.bean.ResultBean;
|
import org.nl.wql.core.bean.ResultBean;
|
||||||
import org.nl.wql.core.bean.WQLObject;
|
import org.nl.wql.core.bean.WQLObject;
|
||||||
import org.nl.wql.util.WqlUtil;
|
import org.nl.wql.util.WqlUtil;
|
||||||
@@ -48,7 +48,7 @@ public class CodeDetailServiceImpl implements CodeDetailService {
|
|||||||
json.put("code_rule_id",dict.get("id"));
|
json.put("code_rule_id",dict.get("id"));
|
||||||
json.put("is_active","1");
|
json.put("is_active","1");
|
||||||
json.put("is_delete","0");
|
json.put("is_delete","0");
|
||||||
json.put("create_by",SecurityUtils.getCurrentUsername());
|
json.put("create_by",UserInfoUtil.getNickName());
|
||||||
json.put("create_time", now);
|
json.put("create_time", now);
|
||||||
if(form.get("type").equals("02")){
|
if(form.get("type").equals("02")){
|
||||||
Date date = DateUtil.date();
|
Date date = DateUtil.date();
|
||||||
@@ -69,7 +69,7 @@ public class CodeDetailServiceImpl implements CodeDetailService {
|
|||||||
public void update(JSONObject json) {
|
public void update(JSONObject json) {
|
||||||
String now = DateUtil.now();
|
String now = DateUtil.now();
|
||||||
json.put("update_time",now);
|
json.put("update_time",now);
|
||||||
json.put("update_by", SecurityUtils.getCurrentUsername());
|
json.put("update_by", UserInfoUtil.getNickName());
|
||||||
WQLObject.getWQLObject("sys_code_rule_detail").update(json);
|
WQLObject.getWQLObject("sys_code_rule_detail").update(json);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ import com.alibaba.fastjson.JSONArray;
|
|||||||
import com.alibaba.fastjson.JSONObject;
|
import com.alibaba.fastjson.JSONObject;
|
||||||
import org.nl.exception.BadRequestException;
|
import org.nl.exception.BadRequestException;
|
||||||
import org.nl.modules.system.service.GenCodeService;
|
import org.nl.modules.system.service.GenCodeService;
|
||||||
import org.nl.utils.SecurityUtils;
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.nl.wql.core.bean.ResultBean;
|
import org.nl.wql.core.bean.ResultBean;
|
||||||
import org.nl.wql.core.bean.WQLObject;
|
import org.nl.wql.core.bean.WQLObject;
|
||||||
import org.nl.wql.util.WqlUtil;
|
import org.nl.wql.util.WqlUtil;
|
||||||
@@ -57,7 +57,7 @@ public class GenCodeServiceImpl implements GenCodeService {
|
|||||||
json.put("name", form.get("name"));
|
json.put("name", form.get("name"));
|
||||||
json.put("is_active", "1");
|
json.put("is_active", "1");
|
||||||
json.put("is_delete", "0");
|
json.put("is_delete", "0");
|
||||||
json.put("create_by", SecurityUtils.getCurrentUsername());
|
json.put("create_by", UserInfoUtil.getNickName());
|
||||||
json.put("create_time", now);
|
json.put("create_time", now);
|
||||||
WQLObject.getWQLObject("sys_code_rule").insert(json);
|
WQLObject.getWQLObject("sys_code_rule").insert(json);
|
||||||
}
|
}
|
||||||
@@ -74,7 +74,7 @@ public class GenCodeServiceImpl implements GenCodeService {
|
|||||||
public void update(JSONObject json) {
|
public void update(JSONObject json) {
|
||||||
String now = DateUtil.now();
|
String now = DateUtil.now();
|
||||||
json.put("update_time", now);
|
json.put("update_time", now);
|
||||||
json.put("update_by", SecurityUtils.getCurrentUsername());
|
json.put("update_by", UserInfoUtil.getNickName());
|
||||||
WQLObject.getWQLObject("sys_code_rule").update(json);
|
WQLObject.getWQLObject("sys_code_rule").update(json);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ import org.nl.exception.BadRequestException;
|
|||||||
import org.nl.modules.system.service.ParamService;
|
import org.nl.modules.system.service.ParamService;
|
||||||
import org.nl.modules.system.service.dto.ParamDto;
|
import org.nl.modules.system.service.dto.ParamDto;
|
||||||
import org.nl.utils.FileUtil;
|
import org.nl.utils.FileUtil;
|
||||||
import org.nl.utils.SecurityUtils;
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.nl.wql.core.bean.ResultBean;
|
import org.nl.wql.core.bean.ResultBean;
|
||||||
import org.nl.wql.core.bean.WQLObject;
|
import org.nl.wql.core.bean.WQLObject;
|
||||||
import org.nl.wql.util.WqlUtil;
|
import org.nl.wql.util.WqlUtil;
|
||||||
@@ -73,7 +73,7 @@ public class ParamServiceImpl implements ParamService {
|
|||||||
@Override
|
@Override
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
public void create(ParamDto dto) {
|
public void create(ParamDto dto) {
|
||||||
String currentUsername = SecurityUtils.getCurrentUsername();
|
String currentUsername = UserInfoUtil.getNickName();
|
||||||
String now = DateUtil.now();
|
String now = DateUtil.now();
|
||||||
|
|
||||||
dto.setId(IdUtil.simpleUUID());
|
dto.setId(IdUtil.simpleUUID());
|
||||||
@@ -93,7 +93,7 @@ public class ParamServiceImpl implements ParamService {
|
|||||||
ParamDto entity = this.findById(dto.getId());
|
ParamDto entity = this.findById(dto.getId());
|
||||||
if (entity == null) throw new BadRequestException("被删除或无权限,操作失败!");
|
if (entity == null) throw new BadRequestException("被删除或无权限,操作失败!");
|
||||||
|
|
||||||
String currentUsername = SecurityUtils.getCurrentUsername();
|
String currentUsername = UserInfoUtil.getNickName();
|
||||||
String now = DateUtil.now();
|
String now = DateUtil.now();
|
||||||
dto.setUpdate_time(now);
|
dto.setUpdate_time(now);
|
||||||
dto.setUpdate_by(currentUsername);
|
dto.setUpdate_by(currentUsername);
|
||||||
|
|||||||
@@ -17,6 +17,7 @@ package org.nl.modules.system.service.impl;
|
|||||||
|
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
|
import org.nl.common.utils.UserInfoUtil;
|
||||||
import org.nl.config.FileProperties;
|
import org.nl.config.FileProperties;
|
||||||
import org.nl.exception.EntityExistException;
|
import org.nl.exception.EntityExistException;
|
||||||
import org.nl.exception.EntityNotFoundException;
|
import org.nl.exception.EntityNotFoundException;
|
||||||
@@ -183,7 +184,7 @@ public class UserServiceImpl implements UserService {
|
|||||||
@Override
|
@Override
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
public Map<String, String> updateAvatar(MultipartFile multipartFile) {
|
public Map<String, String> updateAvatar(MultipartFile multipartFile) {
|
||||||
User user = userRepository.findByUsername(SecurityUtils.getCurrentUsername());
|
User user = userRepository.findByUsername(UserInfoUtil.getNickName());
|
||||||
String oldPath = user.getAvatarPath();
|
String oldPath = user.getAvatarPath();
|
||||||
File file = FileUtil.upload(multipartFile, properties.getPath().getAvatar());
|
File file = FileUtil.upload(multipartFile, properties.getPath().getAvatar());
|
||||||
user.setAvatarPath(Objects.requireNonNull(file).getPath());
|
user.setAvatarPath(Objects.requireNonNull(file).getPath());
|
||||||
|
|||||||
Reference in New Issue
Block a user