Inicio Explorar Ayuda
Iniciar sesión
hanzhengyi
/
usky-power
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Explorar el Código

初步整合完成

yq hace 3 años
padre
5cbfcfd899
commit
a522dbb232
Se han modificado 45 ficheros con 3716 adiciones y 146 borrados
Dividir vista Mostrar estadísticas de diff
  1. 34 0
      fiveep-common/fiveep-common-spring/src/main/java/com/bizmatics/common/spring/util/ThreadUtils.java
  2. 78 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/BaseController.java
  3. 121 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysConfigController.java
  4. 155 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysDeptController.java
  5. 108 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysDictDataController.java
  6. 118 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysDictTypeController.java
  7. 95 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysLoginController.java
  8. 149 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysMenuController.java
  9. 81 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysNoticeController.java
  10. 118 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysPostController.java
  11. 131 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysProfileController.java
  12. 36 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysRegisterController.java
  13. 224 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysRoleController.java
  14. 215 0
      fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysUserController.java
  15. 37 0
      fiveep-controller/src/main/resources/i18n/messages.properties
  16. 6 0
      fiveep-service/pom.xml
  17. 1 1
      fiveep-service/src/main/java/com/bizmatics/service/aop/DataScopeAspect.java
  18. 23 0
      fiveep-service/src/main/java/com/bizmatics/service/config/CustomerDoubleSerialize.java
  19. 60 0
      fiveep-service/src/main/java/com/bizmatics/service/config/FilterConfig.java
  20. 147 0
      fiveep-service/src/main/java/com/bizmatics/service/config/SecurityConfig.java
  21. 46 0
      fiveep-service/src/main/java/com/bizmatics/service/config/security/filter/JwtAuthenticationTokenFilter.java
  22. 34 0
      fiveep-service/src/main/java/com/bizmatics/service/config/security/handle/AuthenticationEntryPointImpl.java
  23. 54 0
      fiveep-service/src/main/java/com/bizmatics/service/config/security/handle/LogoutSuccessHandlerImpl.java
  24. 0 141
      fiveep-service/src/main/java/com/bizmatics/service/constants/Constants.java
  25. 49 0
      fiveep-service/src/main/java/com/bizmatics/service/filter/RepeatableFilter.java
  26. 77 0
      fiveep-service/src/main/java/com/bizmatics/service/filter/RepeatedlyRequestWrapper.java
  27. 71 0
      fiveep-service/src/main/java/com/bizmatics/service/filter/XssFilter.java
  28. 106 0
      fiveep-service/src/main/java/com/bizmatics/service/filter/XssHttpServletRequestWrapper.java
  29. 1 1
      fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysConfigServiceImpl.java
  30. 128 0
      fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysLoginService.java
  31. 1 1
      fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysMenuServiceImpl.java
  32. 67 0
      fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysPermissionService.java
  33. 1 1
      fiveep-service/src/main/java/com/bizmatics/service/system/impl/TokenService.java
  34. 1 1
      fiveep-service/src/main/java/com/bizmatics/service/util/DictUtils.java
  35. 56 0
      fiveep-service/src/main/java/com/bizmatics/service/util/HttpHelper.java
  36. 18 0
      fiveep-service/src/main/java/com/bizmatics/service/util/LogUtils.java
  37. 13 0
      fiveep-service/src/main/java/com/bizmatics/service/util/SecurityUtils.java
  38. 38 0
      fiveep-service/src/main/java/com/bizmatics/service/util/SqlUtil.java
  39. 155 0
      fiveep-service/src/main/java/com/bizmatics/service/util/html/EscapeUtil.java
  40. 570 0
      fiveep-service/src/main/java/com/bizmatics/service/util/html/HTMLFilter.java
  41. 56 0
      fiveep-service/src/main/java/com/bizmatics/service/util/manager/AsyncManager.java
  42. 26 0
      fiveep-service/src/main/java/com/bizmatics/service/util/manager/MessageUtils.java
  43. 39 0
      fiveep-service/src/main/java/com/bizmatics/service/util/manager/ShutdownManager.java
  44. 103 0
      fiveep-service/src/main/java/com/bizmatics/service/util/manager/factory/AsyncFactory.java
  45. 69 0
      fiveep-service/src/main/java/com/bizmatics/service/vo/LoginBody.java

+ 34 - 0
fiveep-common/fiveep-common-spring/src/main/java/com/bizmatics/common/spring/util/ThreadUtils.java
Ver fichero 

@@ -4,6 +4,9 @@ import org.apache.commons.lang3.exception.ExceptionUtils;
 
 import org.slf4j.Logger;
 
 import org.slf4j.LoggerFactory;
 
 
+import java.util.concurrent.ExecutorService;
 
+import java.util.concurrent.TimeUnit;
 
+
 
 /**
 
  * @author barry chen
 
  * @date 2020/11/27 4:20 下午
 
@@ -21,4 +24,35 @@ public final class ThreadUtils extends org.apache.commons.lang3.ThreadUtils {
 
             LOG.error("thread sleep error", ExceptionUtils.getStackTrace(e));
 
         }
 
     }
 
+
 
+    /**
 
+     * 停止线程池
 
+     * 先使用shutdown, 停止接收新任务并尝试完成所有已存在任务.
 
+     * 如果超时, 则调用shutdownNow, 取消在workQueue中Pending的任务,并中断所有阻塞函数.
 
+     * 如果仍人超時,則強制退出.
 
+     * 另对在shutdown时线程本身被调用中断做了处理.
 
+     */
 
+    public static void shutdownAndAwaitTermination(ExecutorService pool)
 
+    {
 
+        if (pool != null && !pool.isShutdown())
 
+        {
 
+            pool.shutdown();
 
+            try
 
+            {
 
+                if (!pool.awaitTermination(120, TimeUnit.SECONDS))
 
+                {
 
+                    pool.shutdownNow();
 
+                    if (!pool.awaitTermination(120, TimeUnit.SECONDS))
 
+                    {
 
+
 
+                    }
 
+                }
 
+            }
 
+            catch (InterruptedException ie)
 
+            {
 
+                pool.shutdownNow();
 
+                Thread.currentThread().interrupt();
 
+            }
 
+        }
 
+    }
 
 }

+ 78 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/BaseController.java
Ver fichero 

@@ -0,0 +1,78 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.common.core.util.DateUtils;
 
+import com.bizmatics.model.page.PageDomain;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.page.TableSupport;
 
+import com.bizmatics.service.util.SqlUtil;
 
+import com.github.pagehelper.PageHelper;
 
+import com.github.pagehelper.PageInfo;
 
+import org.slf4j.Logger;
 
+import org.slf4j.LoggerFactory;
 
+import org.springframework.http.HttpStatus;
 
+import org.springframework.web.bind.WebDataBinder;
 
+import org.springframework.web.bind.annotation.InitBinder;
 
+
 
+import java.beans.PropertyEditorSupport;
 
+import java.util.Date;
 
+import java.util.List;
 
+import java.util.Objects;
 
+
 
+/**
 
+ * web层通用数据处理
 
+ */
 
+public class BaseController {
 
+    protected final Logger logger = LoggerFactory.getLogger(BaseController.class);
 
+
 
+    /**
 
+     * 将前台传递过来的日期格式的字符串,自动转化为Date类型
 
+     */
 
+    @InitBinder
 
+    public void initBinder(WebDataBinder binder) {
 
+        // Date 类型转换
 
+        binder.registerCustomEditor(Date.class, new PropertyEditorSupport() {
 
+            @Override
 
+            public void setAsText(String text) {
 
+                setValue(DateUtils.parseDate(text));
 
+            }
 
+        });
 
+    }
 
+
 
+    /**
 
+     * 设置请求分页数据
 
+     */
 
+    protected void startPage() {
 
+        PageDomain pageDomain = TableSupport.buildPageRequest();
 
+        Integer pageNum = pageDomain.getPageNum();
 
+        Integer pageSize = pageDomain.getPageSize();
 
+        if (Objects.nonNull(pageNum) && Objects.nonNull(pageSize)) {
 
+            String orderBy = SqlUtil.escapeOrderBySql(pageDomain.getOrderBy());
 
+            PageHelper.startPage(pageNum, pageSize, orderBy);
 
+        }
 
+    }
 
+
 
+    /**
 
+     * 响应请求分页数据
 
+     */
 
+    @SuppressWarnings({"rawtypes", "unchecked"})
 
+    protected TableDataInfo getDataTable(List<?> list) {
 
+        TableDataInfo rspData = new TableDataInfo();
 
+        rspData.setCode(HttpStatus.OK.value());
 
+        rspData.setRows(list);
 
+        rspData.setMsg("查询成功");
 
+        rspData.setTotal(new PageInfo(list).getTotal());
 
+        return rspData;
 
+    }
 
+
 
+    /**
 
+     * 响应返回结果
 
+     *
 
+     * @param rows 影响行数
 
+     * @return 操作结果
 
+     */
 
+    protected ApiResult toAjax(int rows) {
 
+        return rows > 0 ? ApiResult.success() : ApiResult.error(BusinessErrorCode.BIZ_MODIFY_FAIL.getCode(), BusinessErrorCode.BIZ_MODIFY_FAIL.getDefaultMessage());
 
+    }
 
+}

+ 121 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysConfigController.java
Ver fichero 

@@ -0,0 +1,121 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.system.SysConfig;
 
+import com.bizmatics.service.system.ISysConfigService;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.List;
 
+
 
+
 
+/**
 
+ * 参数配置 信息操作处理
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/config")
 
+public class SysConfigController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysConfigService configService;
 
+
 
+    /**
 
+     * 获取参数配置列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:config:list')")
 
+    @GetMapping("/list")
 
+    public TableDataInfo list(SysConfig config)
 
+    {
 
+        startPage();
 
+        List<SysConfig> list = configService.selectConfigList(config);
 
+        return getDataTable(list);
 
+    }
 
+    
+//    @PreAuthorize("@ss.hasPermi('system:config:export')")
 
+//    @GetMapping("/export")
 
+//    public ApiResult export(SysConfig config)
 
+//    {
 
+//        List<SysConfig> list = configService.selectConfigList(config);
 
+//        ExcelUtil<SysConfig> util = new ExcelUtil<SysConfig>(SysConfig.class);
 
+//        return util.exportExcel(list, "参数数据");
 
+//    }
 
+
 
+    /**
 
+     * 根据参数编号获取详细信息
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:config:query')")
 
+    @GetMapping(value = "/{configId}")
 
+    public ApiResult getInfo(@PathVariable Long configId)
 
+    {
 
+        return ApiResult.success(configService.selectConfigById(configId));
 
+    }
 
+
 
+    /**
 
+     * 根据参数键名查询参数值
 
+     */
 
+    @GetMapping(value = "/configKey/{configKey}")
 
+    public ApiResult getConfigKey(@PathVariable String configKey)
 
+    {
 
+        return ApiResult.success(configService.selectConfigByKey(configKey));
 
+    }
 
+
 
+    /**
 
+     * 新增参数配置
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:config:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysConfig config)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(configService.checkConfigKeyUnique(config)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增参数'" + config.getConfigName() + "'失败,参数键名已存在");
 
+        }
 
+        config.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(configService.insertConfig(config));
 
+    }
 
+
 
+    /**
 
+     * 修改参数配置
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:config:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysConfig config)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(configService.checkConfigKeyUnique(config)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改参数'" + config.getConfigName() + "'失败,参数键名已存在");
 
+        }
 
+        config.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(configService.updateConfig(config));
 
+    }
 
+
 
+    /**
 
+     * 删除参数配置
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:config:remove')")
 
+    @DeleteMapping("/{configIds}")
 
+    public ApiResult remove(@PathVariable Long[] configIds)
 
+    {
 
+        configService.deleteConfigByIds(configIds);
 
+        return ApiResult.success();
 
+    }
 
+
 
+    /**
 
+     * 刷新参数缓存
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:config:remove')")
 
+    @DeleteMapping("/refreshCache")
 
+    public ApiResult refreshCache()
 
+    {
 
+        configService.resetConfigCache();
 
+        return ApiResult.success();
 
+    }
 
+}

+ 155 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysDeptController.java
Ver fichero 

@@ -0,0 +1,155 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.system.SysDept;
 
+import com.bizmatics.service.system.ISysDeptService;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.apache.commons.lang3.ArrayUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.HashMap;
 
+import java.util.Iterator;
 
+import java.util.List;
 
+import java.util.Map;
 
+
 
+
 
+/**
 
+ * 部门信息
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/dept")
 
+public class SysDeptController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysDeptService deptService;
 
+
 
+    /**
 
+     * 获取部门列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dept:list')")
 
+    @GetMapping("/list")
 
+    public ApiResult list(SysDept dept)
 
+    {
 
+        List<SysDept> depts = deptService.selectDeptList(dept);
 
+        return ApiResult.success(depts);
 
+    }
 
+
 
+    /**
 
+     * 查询部门列表(排除节点)
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dept:list')")
 
+    @GetMapping("/list/exclude/{deptId}")
 
+    public ApiResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId)
 
+    {
 
+        List<SysDept> depts = deptService.selectDeptList(new SysDept());
 
+        Iterator<SysDept> it = depts.iterator();
 
+        while (it.hasNext())
 
+        {
 
+            SysDept d = (SysDept) it.next();
 
+            if (d.getDeptId().intValue() == deptId
 
+                    || ArrayUtils.contains(StringUtils.split(d.getAncestors(), ","), deptId + ""))
 
+            {
 
+                it.remove();
 
+            }
 
+        }
 
+        return ApiResult.success(depts);
 
+    }
 
+
 
+    /**
 
+     * 根据部门编号获取详细信息
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dept:query')")
 
+    @GetMapping(value = "/{deptId}")
 
+    public ApiResult getInfo(@PathVariable Long deptId)
 
+    {
 
+        return ApiResult.success(deptService.selectDeptById(deptId));
 
+    }
 
+
 
+    /**
 
+     * 获取部门下拉树列表
 
+     */
 
+    @GetMapping("/treeselect")
 
+    public ApiResult treeselect(SysDept dept)
 
+    {
 
+        List<SysDept> depts = deptService.selectDeptList(dept);
 
+        return ApiResult.success(deptService.buildDeptTreeSelect(depts));
 
+    }
 
+
 
+    /**
 
+     * 加载对应角色部门列表树
 
+     */
 
+    @GetMapping(value = "/roleDeptTreeselect/{roleId}")
 
+    public ApiResult roleDeptTreeselect(@PathVariable("roleId") Long roleId)
 
+    {
 
+        List<SysDept> depts = deptService.selectDeptList(new SysDept());
 
+        Map<String,Object> ajax = new HashMap<>();
 
+        ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId));
 
+        ajax.put("depts", deptService.buildDeptTreeSelect(depts));
 
+        return ApiResult.success(ajax);
 
+    }
 
+
 
+    /**
 
+     * 新增部门
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dept:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysDept dept)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(deptService.checkDeptNameUnique(dept)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增部门'" + dept.getDeptName() + "'失败,部门名称已存在");
 
+        }
 
+        dept.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(deptService.insertDept(dept));
 
+    }
 
+
 
+    /**
 
+     * 修改部门
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dept:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysDept dept)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(deptService.checkDeptNameUnique(dept)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改部门'" + dept.getDeptName() + "'失败,部门名称已存在");
 
+        }
 
+        else if (dept.getParentId().equals(dept.getDeptId()))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改部门'" + dept.getDeptName() + "'失败,上级部门不能是自己");
 
+        }
 
+        else if (StringUtils.equals(UserConstants.DEPT_DISABLE, dept.getStatus())
 
+                && deptService.selectNormalChildrenDeptById(dept.getDeptId()) > 0)
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "该部门包含未停用的子部门!");
 
+        }
 
+        dept.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(deptService.updateDept(dept));
 
+    }
 
+
 
+    /**
 
+     * 删除部门
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dept:remove')")
 
+    @DeleteMapping("/{deptId}")
 
+    public ApiResult remove(@PathVariable Long deptId)
 
+    {
 
+        if (deptService.hasChildByDeptId(deptId))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "存在下级部门,不允许删除");
 
+        }
 
+        if (deptService.checkDeptExistUser(deptId))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "部门存在用户,不允许删除");
 
+        }
 
+        return toAjax(deptService.deleteDeptById(deptId));
 
+    }
 
+}

+ 108 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysDictDataController.java
Ver fichero 

@@ -0,0 +1,108 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.system.SysDictData;
 
+import com.bizmatics.service.system.ISysDictDataService;
 
+import com.bizmatics.service.system.ISysDictTypeService;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.ArrayList;
 
+import java.util.List;
 
+import java.util.Objects;
 
+
 
+
 
+/**
 
+ * 数据字典信息
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/dict/data")
 
+public class SysDictDataController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysDictDataService dictDataService;
 
+
 
+    @Autowired
 
+    private ISysDictTypeService dictTypeService;
 
+
 
+    @PreAuthorize("@ss.hasPermi('system:dict:list')")
 
+    @GetMapping("/list")
 
+    public TableDataInfo list(SysDictData dictData)
 
+    {
 
+        startPage();
 
+        List<SysDictData> list = dictDataService.selectDictDataList(dictData);
 
+        return getDataTable(list);
 
+    }
 
+
 
+//    @PreAuthorize("@ss.hasPermi('system:dict:export')")
 
+//    @GetMapping("/export")
 
+//    public ApiResult export(SysDictData dictData)
 
+//    {
 
+//        List<SysDictData> list = dictDataService.selectDictDataList(dictData);
 
+//        ExcelUtil<SysDictData> util = new ExcelUtil<SysDictData>(SysDictData.class);
 
+//        return util.exportExcel(list, "字典数据");
 
+//    }
 
+
 
+    /**
 
+     * 查询字典数据详细
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:query')")
 
+    @GetMapping(value = "/{dictCode}")
 
+    public ApiResult getInfo(@PathVariable Long dictCode)
 
+    {
 
+        return ApiResult.success(dictDataService.selectDictDataById(dictCode));
 
+    }
 
+
 
+    /**
 
+     * 根据字典类型查询字典数据信息
 
+     */
 
+    @GetMapping(value = "/type/{dictType}")
 
+    public ApiResult dictType(@PathVariable String dictType)
 
+    {
 
+        List<SysDictData> data = dictTypeService.selectDictDataByType(dictType);
 
+        if (Objects.isNull(data))
 
+        {
 
+            data = new ArrayList<SysDictData>();
 
+        }
 
+        return ApiResult.success(data);
 
+    }
 
+
 
+    /**
 
+     * 新增字典类型
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysDictData dict)
 
+    {
 
+        dict.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(dictDataService.insertDictData(dict));
 
+    }
 
+
 
+    /**
 
+     * 修改保存字典类型
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysDictData dict)
 
+    {
 
+        dict.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(dictDataService.updateDictData(dict));
 
+    }
 
+
 
+    /**
 
+     * 删除字典类型
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
 
+    @DeleteMapping("/{dictCodes}")
 
+    public ApiResult remove(@PathVariable Long[] dictCodes)
 
+    {
 
+        dictDataService.deleteDictDataByIds(dictCodes);
 
+        return ApiResult.success();
 
+    }
 
+}

+ 118 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysDictTypeController.java
Ver fichero 

@@ -0,0 +1,118 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.system.SysDictType;
 
+import com.bizmatics.service.system.ISysDictTypeService;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.List;
 
+
 
+/**
 
+ * 数据字典信息
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/dict/type")
 
+public class SysDictTypeController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysDictTypeService dictTypeService;
 
+
 
+    @PreAuthorize("@ss.hasPermi('system:dict:list')")
 
+    @GetMapping("/list")
 
+    public TableDataInfo list(SysDictType dictType)
 
+    {
 
+        startPage();
 
+        List<SysDictType> list = dictTypeService.selectDictTypeList(dictType);
 
+        return getDataTable(list);
 
+    }
 
+
 
+//    @PreAuthorize("@ss.hasPermi('system:dict:export')")
 
+//    @GetMapping("/export")
 
+//    public ApiResult export(SysDictType dictType)
 
+//    {
 
+//        List<SysDictType> list = dictTypeService.selectDictTypeList(dictType);
 
+//        ExcelUtil<SysDictType> util = new ExcelUtil<SysDictType>(SysDictType.class);
 
+//        return util.exportExcel(list, "字典类型");
 
+//    }
 
+
 
+    /**
 
+     * 查询字典类型详细
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:query')")
 
+    @GetMapping(value = "/{dictId}")
 
+    public ApiResult getInfo(@PathVariable Long dictId)
 
+    {
 
+        return ApiResult.success(dictTypeService.selectDictTypeById(dictId));
 
+    }
 
+
 
+    /**
 
+     * 新增字典类型
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysDictType dict)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(dictTypeService.checkDictTypeUnique(dict)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增字典'" + dict.getDictName() + "'失败,字典类型已存在");
 
+        }
 
+        dict.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(dictTypeService.insertDictType(dict));
 
+    }
 
+
 
+    /**
 
+     * 修改字典类型
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysDictType dict)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(dictTypeService.checkDictTypeUnique(dict)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改字典'" + dict.getDictName() + "'失败,字典类型已存在");
 
+        }
 
+        dict.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(dictTypeService.updateDictType(dict));
 
+    }
 
+
 
+    /**
 
+     * 删除字典类型
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
 
+    @DeleteMapping("/{dictIds}")
 
+    public ApiResult remove(@PathVariable Long[] dictIds)
 
+    {
 
+        dictTypeService.deleteDictTypeByIds(dictIds);
 
+        return ApiResult.success();
 
+    }
 
+
 
+    /**
 
+     * 刷新字典缓存
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
 
+    @DeleteMapping("/refreshCache")
 
+    public ApiResult refreshCache()
 
+    {
 
+        dictTypeService.resetDictCache();
 
+        return ApiResult.success();
 
+    }
 
+
 
+    /**
 
+     * 获取字典选择框列表
 
+     */
 
+    @GetMapping("/optionselect")
 
+    public ApiResult optionselect()
 
+    {
 
+        List<SysDictType> dictTypes = dictTypeService.selectDictTypeAll();
 
+        return ApiResult.success(dictTypes);
 
+    }
 
+}

+ 95 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysLoginController.java
Ver fichero 

@@ -0,0 +1,95 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.model.system.SysMenu;
 
+import com.bizmatics.model.system.SysUser;
 
+import com.bizmatics.service.system.ISysMenuService;
 
+import com.bizmatics.service.system.impl.SysLoginService;
 
+import com.bizmatics.service.system.impl.SysPermissionService;
 
+import com.bizmatics.service.system.impl.TokenService;
 
+import com.bizmatics.service.util.LoginUser;
 
+import com.bizmatics.service.vo.LoginBody;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.web.bind.annotation.GetMapping;
 
+import org.springframework.web.bind.annotation.PostMapping;
 
+import org.springframework.web.bind.annotation.RequestBody;
 
+import org.springframework.web.bind.annotation.RestController;
 
+
 
+import java.util.HashMap;
 
+import java.util.List;
 
+import java.util.Map;
 
+import java.util.Set;
 
+
 
+
 
+/**
 
+ * 登录验证
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+public class SysLoginController
 
+{
 
+    @Autowired
 
+    private SysLoginService loginService;
 
+
 
+    @Autowired
 
+    private ISysMenuService menuService;
 
+
 
+    @Autowired
 
+    private SysPermissionService permissionService;
 
+
 
+    @Autowired
 
+    private TokenService tokenService;
 
+
 
+    /**
 
+     * 登录方法
 
+     * 
+     * @param loginBody 登录信息
 
+     * @return 结果
 
+     */
 
+    @PostMapping("/login")
 
+    public ApiResult login(@RequestBody LoginBody loginBody)
 
+    {
 
+        // 生成令牌
 
+        String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
 
+                loginBody.getUuid());
 
+        return ApiResult.success(token);
 
+    }
 
+
 
+    /**
 
+     * 获取用户信息
 
+     * 
+     * @return 用户信息
 
+     */
 
+    @GetMapping("getInfo")
 
+    public ApiResult getInfo()
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        SysUser user = loginUser.getUser();
 
+        // 角色集合
 
+        Set<String> roles = permissionService.getRolePermission(user);
 
+        // 权限集合
 
+        Set<String> permissions = permissionService.getMenuPermission(user);
 
+        Map<String,Object> ajax = new HashMap<>();
 
+        ajax.put("user", user);
 
+        ajax.put("roles", roles);
 
+        ajax.put("permissions", permissions);
 
+        return ApiResult.success(ajax);
 
+    }
 
+
 
+    /**
 
+     * 获取路由信息
 
+     * 
+     * @return 路由信息
 
+     */
 
+    @GetMapping("getRouters")
 
+    public ApiResult getRouters()
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        // 用户信息
 
+        SysUser user = loginUser.getUser();
 
+        List<SysMenu> menus = menuService.selectMenuTreeByUserId(user.getUserId());
 
+        return ApiResult.success(menuService.buildMenus(menus));
 
+    }
 
+}

+ 149 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysMenuController.java
Ver fichero 

@@ -0,0 +1,149 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.constants.CommonConst;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.system.SysMenu;
 
+import com.bizmatics.service.system.ISysMenuService;
 
+import com.bizmatics.service.system.impl.TokenService;
 
+import com.bizmatics.service.util.LoginUser;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.HashMap;
 
+import java.util.List;
 
+import java.util.Map;
 
+
 
+
 
+/**
 
+ * 菜单信息
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/menu")
 
+public class SysMenuController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysMenuService menuService;
 
+
 
+    @Autowired
 
+    private TokenService tokenService;
 
+
 
+    /**
 
+     * 获取菜单列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:menu:list')")
 
+    @GetMapping("/list")
 
+    public ApiResult list(SysMenu menu)
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        Long userId = loginUser.getUser().getUserId();
 
+        List<SysMenu> menus = menuService.selectMenuList(menu, userId);
 
+        return ApiResult.success(menus);
 
+    }
 
+
 
+    /**
 
+     * 根据菜单编号获取详细信息
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:menu:query')")
 
+    @GetMapping(value = "/{menuId}")
 
+    public ApiResult getInfo(@PathVariable Long menuId)
 
+    {
 
+        return ApiResult.success(menuService.selectMenuById(menuId));
 
+    }
 
+
 
+    /**
 
+     * 获取菜单下拉树列表
 
+     */
 
+    @GetMapping("/treeselect")
 
+    public ApiResult treeselect(SysMenu menu)
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        Long userId = loginUser.getUser().getUserId();
 
+        List<SysMenu> menus = menuService.selectMenuList(menu, userId);
 
+        return ApiResult.success(menuService.buildMenuTreeSelect(menus));
 
+    }
 
+
 
+    /**
 
+     * 加载对应角色菜单列表树
 
+     */
 
+    @GetMapping(value = "/roleMenuTreeselect/{roleId}")
 
+    public ApiResult roleMenuTreeselect(@PathVariable("roleId") Long roleId)
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        List<SysMenu> menus = menuService.selectMenuList(loginUser.getUser().getUserId());
 
+        Map<String,Object> ajax = new HashMap<>();
 
+        ajax.put("checkedKeys", menuService.selectMenuListByRoleId(roleId));
 
+        ajax.put("menus", menuService.buildMenuTreeSelect(menus));
 
+        return ApiResult.success(ajax);
 
+    }
 
+
 
+    /**
 
+     * 新增菜单
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:menu:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysMenu menu)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(menuService.checkMenuNameUnique(menu)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增菜单'" + menu.getMenuName() + "'失败,菜单名称已存在");
 
+        }
 
+        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame())
 
+        && !StringUtils.startsWithAny(menu.getPath(), CommonConst.HTTP_PREFIX, CommonConst.HTTPS_PREFIX))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增菜单'" + menu.getMenuName() + "'失败,地址必须以http(s)://开头");
 
+        }
 
+        menu.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(menuService.insertMenu(menu));
 
+    }
 
+
 
+    /**
 
+     * 修改菜单
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:menu:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysMenu menu)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(menuService.checkMenuNameUnique(menu)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改菜单'" + menu.getMenuName() + "'失败,菜单名称已存在");
 
+        }
 
+        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame())
 
+        && !StringUtils.startsWithAny(menu.getPath(), CommonConst.HTTP_PREFIX, CommonConst.HTTPS_PREFIX))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增菜单'" + menu.getMenuName() + "'失败,地址必须以http(s)://开头");
 
+        }
 
+        else if (menu.getMenuId().equals(menu.getParentId()))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增菜单'" + menu.getMenuName() + "'失败,上级菜单不能选择自己");
 
+        }
 
+        menu.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(menuService.updateMenu(menu));
 
+    }
 
+
 
+    /**
 
+     * 删除菜单
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:menu:remove')")
 
+    @DeleteMapping("/{menuId}")
 
+    public ApiResult remove(@PathVariable("menuId") Long menuId)
 
+    {
 
+        if (menuService.hasChildByMenuId(menuId))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "存在子菜单,不允许删除");
 
+        }
 
+        if (menuService.checkMenuExistRole(menuId))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "菜单已分配,不允许删除");
 
+        }
 
+        return toAjax(menuService.deleteMenuById(menuId));
 
+    }
 
+}

+ 81 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysNoticeController.java
Ver fichero 

@@ -0,0 +1,81 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.system.SysNotice;
 
+import com.bizmatics.service.system.ISysNoticeService;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.List;
 
+
 
+
 
+/**
 
+ * 公告 信息操作处理
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/notice")
 
+public class SysNoticeController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysNoticeService noticeService;
 
+
 
+    /**
 
+     * 获取通知公告列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:notice:list')")
 
+    @GetMapping("/list")
 
+    public TableDataInfo list(SysNotice notice)
 
+    {
 
+        startPage();
 
+        List<SysNotice> list = noticeService.selectNoticeList(notice);
 
+        return getDataTable(list);
 
+    }
 
+
 
+    /**
 
+     * 根据通知公告编号获取详细信息
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:notice:query')")
 
+    @GetMapping(value = "/{noticeId}")
 
+    public ApiResult getInfo(@PathVariable Long noticeId)
 
+    {
 
+        return ApiResult.success(noticeService.selectNoticeById(noticeId));
 
+    }
 
+
 
+    /**
 
+     * 新增通知公告
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:notice:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysNotice notice)
 
+    {
 
+        notice.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(noticeService.insertNotice(notice));
 
+    }
 
+
 
+    /**
 
+     * 修改通知公告
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:notice:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysNotice notice)
 
+    {
 
+        notice.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(noticeService.updateNotice(notice));
 
+    }
 
+
 
+    /**
 
+     * 删除通知公告
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:notice:remove')")
 
+    @DeleteMapping("/{noticeIds}")
 
+    public ApiResult remove(@PathVariable Long[] noticeIds)
 
+    {
 
+        return toAjax(noticeService.deleteNoticeByIds(noticeIds));
 
+    }
 
+}

+ 118 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysPostController.java
Ver fichero 

@@ -0,0 +1,118 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.system.SysPost;
 
+import com.bizmatics.service.system.ISysPostService;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.List;
 
+
 
+
 
+/**
 
+ * 岗位信息操作处理
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/post")
 
+public class SysPostController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysPostService postService;
 
+
 
+    /**
 
+     * 获取岗位列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:post:list')")
 
+    @GetMapping("/list")
 
+    public TableDataInfo list(SysPost post)
 
+    {
 
+        startPage();
 
+        List<SysPost> list = postService.selectPostList(post);
 
+        return getDataTable(list);
 
+    }
 
+
 
+//    @PreAuthorize("@ss.hasPermi('system:post:export')")
 
+//    @GetMapping("/export")
 
+//    public ApiResult export(SysPost post)
 
+//    {
 
+//        List<SysPost> list = postService.selectPostList(post);
 
+//        ExcelUtil<SysPost> util = new ExcelUtil<SysPost>(SysPost.class);
 
+//        return util.exportExcel(list, "岗位数据");
 
+//    }
 
+
 
+    /**
 
+     * 根据岗位编号获取详细信息
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:post:query')")
 
+    @GetMapping(value = "/{postId}")
 
+    public ApiResult getInfo(@PathVariable Long postId)
 
+    {
 
+        return ApiResult.success(postService.selectPostById(postId));
 
+    }
 
+
 
+    /**
 
+     * 新增岗位
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:post:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysPost post)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(postService.checkPostNameUnique(post)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增岗位'" + post.getPostName() + "'失败,岗位名称已存在");
 
+        }
 
+        else if (UserConstants.NOT_UNIQUE.equals(postService.checkPostCodeUnique(post)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增岗位'" + post.getPostName() + "'失败,岗位编码已存在");
 
+        }
 
+        post.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(postService.insertPost(post));
 
+    }
 
+
 
+    /**
 
+     * 修改岗位
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:post:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysPost post)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(postService.checkPostNameUnique(post)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改岗位'" + post.getPostName() + "'失败,岗位名称已存在");
 
+        }
 
+        else if (UserConstants.NOT_UNIQUE.equals(postService.checkPostCodeUnique(post)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改岗位'" + post.getPostName() + "'失败,岗位编码已存在");
 
+        }
 
+        post.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(postService.updatePost(post));
 
+    }
 
+
 
+    /**
 
+     * 删除岗位
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:post:remove')")
 
+    @DeleteMapping("/{postIds}")
 
+    public ApiResult remove(@PathVariable Long[] postIds)
 
+    {
 
+        return toAjax(postService.deletePostByIds(postIds));
 
+    }
 
+
 
+    /**
 
+     * 获取岗位选择框列表
 
+     */
 
+    @GetMapping("/optionselect")
 
+    public ApiResult optionselect()
 
+    {
 
+        List<SysPost> posts = postService.selectPostAll();
 
+        return ApiResult.success(posts);
 
+    }
 
+}

+ 131 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysProfileController.java
Ver fichero 

@@ -0,0 +1,131 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.system.SysUser;
 
+import com.bizmatics.service.system.ISysUserService;
 
+import com.bizmatics.service.system.impl.TokenService;
 
+import com.bizmatics.service.util.LoginUser;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.HashMap;
 
+import java.util.Map;
 
+
 
+
 
+/**
 
+ * 个人信息 业务处理
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/user/profile")
 
+public class SysProfileController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysUserService userService;
 
+
 
+    @Autowired
 
+    private TokenService tokenService;
 
+
 
+    /**
 
+     * 个人信息
 
+     */
 
+    @GetMapping
 
+    public ApiResult profile()
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        SysUser user = loginUser.getUser();
 
+        Map<String,Object> ajax = new HashMap<>();
 
+        ajax.put("roleGroup", userService.selectUserRoleGroup(loginUser.getUsername()));
 
+        ajax.put("postGroup", userService.selectUserPostGroup(loginUser.getUsername()));
 
+        return ApiResult.success(ajax);
 
+    }
 
+
 
+    /**
 
+     * 修改用户
 
+     */
 
+    @PutMapping
 
+    public ApiResult updateProfile(@RequestBody SysUser user)
 
+    {
 
+        if (StringUtils.isNotBlank(user.getPhonenumber())
 
+                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "手机号码已存在");
 
+        }
 
+        if (StringUtils.isNotEmpty(user.getEmail())
 
+                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "邮箱账号已存在");
 
+        }
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        SysUser sysUser = loginUser.getUser();
 
+        user.setUserId(sysUser.getUserId());
 
+        user.setPassword(null);
 
+        if (userService.updateUserProfile(user) > 0)
 
+        {
 
+            // 更新缓存用户信息
 
+            loginUser.getUser().setNickName(user.getNickName());
 
+            loginUser.getUser().setPhonenumber(user.getPhonenumber());
 
+            loginUser.getUser().setEmail(user.getEmail());
 
+            loginUser.getUser().setSex(user.getSex());
 
+            tokenService.setLoginUser(loginUser);
 
+            return ApiResult.success();
 
+        }
 
+        return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(),"修改个人信息异常,请联系管理员");
 
+    }
 
+
 
+    /**
 
+     * 重置密码
 
+     */
 
+    @PutMapping("/updatePwd")
 
+    public ApiResult updatePwd(String oldPassword, String newPassword)
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+        String userName = loginUser.getUsername();
 
+        String password = loginUser.getPassword();
 
+        if (!SecurityUtils.matchesPassword(oldPassword, password))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改密码失败,旧密码错误");
 
+        }
 
+        if (SecurityUtils.matchesPassword(newPassword, password))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新密码不能与旧密码相同");
 
+        }
 
+        if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0)
 
+        {
 
+            // 更新缓存用户密码
 
+            loginUser.getUser().setPassword(SecurityUtils.encryptPassword(newPassword));
 
+            tokenService.setLoginUser(loginUser);
 
+            return ApiResult.success();
 
+        }
 
+        return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改密码异常,请联系管理员");
 
+    }
 
+
 
+//    /**
 
+//     * 头像上传
 
+//     */
 
+//    @PostMapping("/avatar")
 
+//    public ApiResult avatar(@RequestParam("avatarfile") MultipartFile file) throws IOException
 
+//    {
 
+//        if (!file.isEmpty())
 
+//        {
 
+//            LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+//            String avatar = FileUploadUtils.upload(RuoYiConfig.getAvatarPath(), file);
 
+//            if (userService.updateUserAvatar(loginUser.getUsername(), avatar))
 
+//            {
 
+//                ApiResult ajax = ApiResult.success();
 
+//                ajax.put("imgUrl", avatar);
 
+//                // 更新缓存用户头像
 
+//                loginUser.getUser().setAvatar(avatar);
 
+//                tokenService.setLoginUser(loginUser);
 
+//                return ajax;
 
+//            }
 
+//        }
 
+//        return ApiResult.error("上传图片异常,请联系管理员");
 
+//    }
 
+}

+ 36 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysRegisterController.java
Ver fichero 

@@ -0,0 +1,36 @@
 
+//package com.bizmatics.controller.web.system;
 
+//
 
+//import com.bizmatics.common.core.bean.ApiResult;
 
+//import com.bizmatics.service.system.ISysConfigService;
 
+//import org.springframework.beans.factory.annotation.Autowired;
 
+//import org.springframework.util.StringUtils;
 
+//import org.springframework.web.bind.annotation.PostMapping;
 
+//import org.springframework.web.bind.annotation.RequestBody;
 
+//import org.springframework.web.bind.annotation.RestController;
 
+//
 
+//
 
+///**
 
+// * 注册验证
 
+// *
 
+// * @author ruoyi
 
+// */
 
+//@RestController
 
+//public class SysRegisterController extends BaseController
 
+//{
 
+//    @Autowired
 
+//    private SysRegisterService registerService;
 
+//
 
+//    @Autowired
 
+//    private ISysConfigService configService;
 
+//
 
+//    @PostMapping("/register")
 
+//    public ApiResult register(@RequestBody RegisterBody user)
 
+//    {
 
+//        if (!("true".equals(configService.selectConfigByKey("sys.account.registerUser"))))
 
+//        {
 
+//            return error("当前系统没有开启注册功能!");
 
+//        }
 
+//        String msg = registerService.register(user);
 
+//        return StringUtils.isEmpty(msg) ? success() : error(msg);
 
+//    }
 
+//}

+ 224 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysRoleController.java
Ver fichero 

@@ -0,0 +1,224 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.system.SysRole;
 
+import com.bizmatics.model.system.SysUser;
 
+import com.bizmatics.model.system.SysUserRole;
 
+import com.bizmatics.service.system.ISysRoleService;
 
+import com.bizmatics.service.system.ISysUserService;
 
+import com.bizmatics.service.system.impl.SysPermissionService;
 
+import com.bizmatics.service.system.impl.TokenService;
 
+import com.bizmatics.service.util.LoginUser;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.List;
 
+import java.util.Objects;
 
+
 
+
 
+/**
 
+ * 角色信息
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/role")
 
+public class SysRoleController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysRoleService roleService;
 
+
 
+    @Autowired
 
+    private TokenService tokenService;
 
+    
+    @Autowired
 
+    private SysPermissionService permissionService;
 
+    
+    @Autowired
 
+    private ISysUserService userService;
 
+
 
+    @PreAuthorize("@ss.hasPermi('system:role:list')")
 
+    @GetMapping("/list")
 
+    public TableDataInfo list(SysRole role)
 
+    {
 
+        startPage();
 
+        List<SysRole> list = roleService.selectRoleList(role);
 
+        return getDataTable(list);
 
+    }
 
+
 
+//    @PreAuthorize("@ss.hasPermi('system:role:export')")
 
+//    @GetMapping("/export")
 
+//    public ApiResult export(SysRole role)
 
+//    {
 
+//        List<SysRole> list = roleService.selectRoleList(role);
 
+//        ExcelUtil<SysRole> util = new ExcelUtil<SysRole>(SysRole.class);
 
+//        return util.exportExcel(list, "角色数据");
 
+//    }
 
+
 
+    /**
 
+     * 根据角色编号获取详细信息
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:query')")
 
+    @GetMapping(value = "/{roleId}")
 
+    public ApiResult getInfo(@PathVariable Long roleId)
 
+    {
 
+        return ApiResult.success(roleService.selectRoleById(roleId));
 
+    }
 
+
 
+    /**
 
+     * 新增角色
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysRole role)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增角色'" + role.getRoleName() + "'失败,角色名称已存在");
 
+        }
 
+        else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增角色'" + role.getRoleName() + "'失败,角色权限已存在");
 
+        }
 
+        role.setCreateBy(SecurityUtils.getUsername());
 
+        return toAjax(roleService.insertRole(role));
 
+
 
+    }
 
+
 
+    /**
 
+     * 修改保存角色
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysRole role)
 
+    {
 
+        roleService.checkRoleAllowed(role);
 
+        if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改角色'" + role.getRoleName() + "'失败,角色名称已存在");
 
+        }
 
+        else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改角色'" + role.getRoleName() + "'失败,角色权限已存在");
 
+        }
 
+        role.setUpdateBy(SecurityUtils.getUsername());
 
+        
+        if (roleService.updateRole(role) > 0)
 
+        {
 
+            // 更新缓存用户权限
 
+            LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+            if (Objects.nonNull(loginUser.getUser()) && !loginUser.getUser().isAdmin())
 
+            {
 
+                loginUser.setPermissions(permissionService.getMenuPermission(loginUser.getUser()));
 
+                loginUser.setUser(userService.selectUserByUserName(loginUser.getUser().getUserName()));
 
+                tokenService.setLoginUser(loginUser);
 
+            }
 
+            return ApiResult.success();
 
+        }
 
+        return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(),"修改角色'" + role.getRoleName() + "'失败,请联系管理员");
 
+    }
 
+
 
+    /**
 
+     * 修改保存数据权限
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
 
+    @PutMapping("/dataScope")
 
+    public ApiResult dataScope(@RequestBody SysRole role)
 
+    {
 
+        roleService.checkRoleAllowed(role);
 
+        return toAjax(roleService.authDataScope(role));
 
+    }
 
+
 
+    /**
 
+     * 状态修改
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
 
+    @PutMapping("/changeStatus")
 
+    public ApiResult changeStatus(@RequestBody SysRole role)
 
+    {
 
+        roleService.checkRoleAllowed(role);
 
+        role.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(roleService.updateRoleStatus(role));
 
+    }
 
+
 
+    /**
 
+     * 删除角色
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:remove')")
 
+    @DeleteMapping("/{roleIds}")
 
+    public ApiResult remove(@PathVariable Long[] roleIds)
 
+    {
 
+        return toAjax(roleService.deleteRoleByIds(roleIds));
 
+    }
 
+
 
+    /**
 
+     * 获取角色选择框列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:query')")
 
+    @GetMapping("/optionselect")
 
+    public ApiResult optionselect()
 
+    {
 
+        return ApiResult.success(roleService.selectRoleAll());
 
+    }
 
+
 
+    /**
 
+     * 查询已分配用户角色列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:list')")
 
+    @GetMapping("/authUser/allocatedList")
 
+    public TableDataInfo allocatedList(SysUser user)
 
+    {
 
+        startPage();
 
+        List<SysUser> list = userService.selectAllocatedList(user);
 
+        return getDataTable(list);
 
+    }
 
+
 
+    /**
 
+     * 查询未分配用户角色列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:list')")
 
+    @GetMapping("/authUser/unallocatedList")
 
+    public TableDataInfo unallocatedList(SysUser user)
 
+    {
 
+        startPage();
 
+        List<SysUser> list = userService.selectUnallocatedList(user);
 
+        return getDataTable(list);
 
+    }
 
+
 
+    /**
 
+     * 取消授权用户
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
 
+    @PutMapping("/authUser/cancel")
 
+    public ApiResult cancelAuthUser(@RequestBody SysUserRole userRole)
 
+    {
 
+        return toAjax(roleService.deleteAuthUser(userRole));
 
+    }
 
+
 
+    /**
 
+     * 批量取消授权用户
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
 
+    @PutMapping("/authUser/cancelAll")
 
+    public ApiResult cancelAuthUserAll(Long roleId, Long[] userIds)
 
+    {
 
+        return toAjax(roleService.deleteAuthUsers(roleId, userIds));
 
+    }
 
+
 
+    /**
 
+     * 批量选择用户授权
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
 
+    @PutMapping("/authUser/selectAll")
 
+    public ApiResult selectAuthUserAll(Long roleId, Long[] userIds)
 
+    {
 
+        return toAjax(roleService.insertAuthUsers(roleId, userIds));
 
+    }
 
+}

+ 215 - 0
fiveep-controller/src/main/java/com/bizmatics/controller/web/system/SysUserController.java
Ver fichero 

@@ -0,0 +1,215 @@
 
+package com.bizmatics.controller.web.system;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.core.exception.BusinessErrorCode;
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import com.bizmatics.model.constants.UserConstants;
 
+import com.bizmatics.model.page.TableDataInfo;
 
+import com.bizmatics.model.system.SysRole;
 
+import com.bizmatics.model.system.SysUser;
 
+import com.bizmatics.service.system.ISysPostService;
 
+import com.bizmatics.service.system.ISysRoleService;
 
+import com.bizmatics.service.system.ISysUserService;
 
+import com.bizmatics.service.system.impl.TokenService;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.validation.annotation.Validated;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.HashMap;
 
+import java.util.List;
 
+import java.util.Map;
 
+import java.util.Objects;
 
+import java.util.stream.Collectors;
 
+
 
+/**
 
+ * 用户信息
 
+ * 
+ * @author ruoyi
 
+ */
 
+@RestController
 
+@RequestMapping("/system/user")
 
+public class SysUserController extends BaseController
 
+{
 
+    @Autowired
 
+    private ISysUserService userService;
 
+
 
+    @Autowired
 
+    private ISysRoleService roleService;
 
+
 
+    @Autowired
 
+    private ISysPostService postService;
 
+
 
+    @Autowired
 
+    private TokenService tokenService;
 
+
 
+    /**
 
+     * 获取用户列表
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:list')")
 
+    @GetMapping("/list")
 
+    public TableDataInfo list(SysUser user)
 
+    {
 
+        startPage();
 
+        List<SysUser> list = userService.selectUserList(user);
 
+        return getDataTable(list);
 
+    }
 
+
 
+//    @PreAuthorize("@ss.hasPermi('system:user:export')")
 
+//    @GetMapping("/export")
 
+//    public ApiResult export(SysUser user)
 
+//    {
 
+//        List<SysUser> list = userService.selectUserList(user);
 
+//        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
 
+//        return util.exportExcel(list, "用户数据");
 
+//    }
 
+
 
+//    @PreAuthorize("@ss.hasPermi('system:user:import')")
 
+//    @PostMapping("/importData")
 
+//    public ApiResult importData(MultipartFile file, boolean updateSupport) throws Exception
 
+//    {
 
+//        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
 
+//        List<SysUser> userList = util.importExcel(file.getInputStream());
 
+//        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
 
+//        String operName = loginUser.getUsername();
 
+//        String message = userService.importUser(userList, updateSupport, operName);
 
+//        return ApiResult.success(message);
 
+//    }
 
+
 
+//    @GetMapping("/importTemplate")
 
+//    public ApiResult importTemplate()
 
+//    {
 
+//        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
 
+//        return util.importTemplateExcel("用户数据");
 
+//    }
 
+
 
+    /**
 
+     * 根据用户编号获取详细信息
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:query')")
 
+    @GetMapping(value = { "/", "/{userId}" })
 
+    public ApiResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
 
+    {
 
+        Map<String,Object> ajax = new HashMap<>();
 
+        List<SysRole> roles = roleService.selectRoleAll();
 
+        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
 
+        ajax.put("posts", postService.selectPostAll());
 
+        if (Objects.nonNull(userId))
 
+        {
 
+            ajax.put("data", userService.selectUserById(userId));
 
+            ajax.put("postIds", postService.selectPostListByUserId(userId));
 
+            ajax.put("roleIds", roleService.selectRoleListByUserId(userId));
 
+        }
 
+        return ApiResult.success(ajax);
 
+    }
 
+
 
+    /**
 
+     * 新增用户
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:add')")
 
+    @PostMapping
 
+    public ApiResult add(@Validated @RequestBody SysUser user)
 
+    {
 
+        if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName())))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增用户'" + user.getUserName() + "'失败,登录账号已存在");
 
+        }
 
+        else if (StringUtils.isNotBlank(user.getPhonenumber())
 
+                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增用户'" + user.getUserName() + "'失败,手机号码已存在");
 
+        }
 
+        else if (StringUtils.isNotBlank(user.getEmail())
 
+                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "新增用户'" + user.getUserName() + "'失败,邮箱账号已存在");
 
+        }
 
+        user.setCreateBy(SecurityUtils.getUsername());
 
+        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
 
+        return toAjax(userService.insertUser(user));
 
+    }
 
+
 
+    /**
 
+     * 修改用户
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:edit')")
 
+    @PutMapping
 
+    public ApiResult edit(@Validated @RequestBody SysUser user)
 
+    {
 
+        userService.checkUserAllowed(user);
 
+        if (StringUtils.isNotEmpty(user.getPhonenumber())
 
+                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改用户'" + user.getUserName() + "'失败,手机号码已存在");
 
+        }
 
+        else if (StringUtils.isNotEmpty(user.getEmail())
 
+                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
 
+        {
 
+            return ApiResult.error(BusinessErrorCode.BIZ_BUSINESS_ERROR.getCode(), "修改用户'" + user.getUserName() + "'失败,邮箱账号已存在");
 
+        }
 
+        user.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(userService.updateUser(user));
 
+    }
 
+
 
+    /**
 
+     * 删除用户
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:remove')")
 
+    @DeleteMapping("/{userIds}")
 
+    public ApiResult remove(@PathVariable Long[] userIds)
 
+    {
 
+        return toAjax(userService.deleteUserByIds(userIds));
 
+    }
 
+
 
+    /**
 
+     * 重置密码
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
 
+    @PutMapping("/resetPwd")
 
+    public ApiResult resetPwd(@RequestBody SysUser user)
 
+    {
 
+        userService.checkUserAllowed(user);
 
+        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
 
+        user.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(userService.resetPwd(user));
 
+    }
 
+
 
+    /**
 
+     * 状态修改
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:edit')")
 
+    @PutMapping("/changeStatus")
 
+    public ApiResult changeStatus(@RequestBody SysUser user)
 
+    {
 
+        userService.checkUserAllowed(user);
 
+        user.setUpdateBy(SecurityUtils.getUsername());
 
+        return toAjax(userService.updateUserStatus(user));
 
+    }
 
+
 
+    /**
 
+     * 根据用户编号获取授权角色
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:query')")
 
+    @GetMapping("/authRole/{userId}")
 
+    public ApiResult authRole(@PathVariable("userId") Long userId)
 
+    {
 
+        Map<String,Object> ajax = new HashMap<>();
 
+        SysUser user = userService.selectUserById(userId);
 
+        List<SysRole> roles = roleService.selectRolesByUserId(userId);
 
+        ajax.put("user", user);
 
+        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
 
+        return ApiResult.success(ajax);
 
+    }
 
+
 
+    /**
 
+     * 用户授权角色
 
+     */
 
+    @PreAuthorize("@ss.hasPermi('system:user:edit')")
 
+    @PutMapping("/authRole")
 
+    public ApiResult insertAuthRole(Long userId, Long[] roleIds)
 
+    {
 
+        userService.insertUserAuth(userId, roleIds);
 
+        return ApiResult.success();
 
+    }
 
+}

+ 37 - 0
fiveep-controller/src/main/resources/i18n/messages.properties
Ver fichero 

@@ -0,0 +1,37 @@
 
+#错误消息
 
+not.null=* 必须填写
 
+user.jcaptcha.error=验证码错误
 
+user.jcaptcha.expire=验证码已失效
 
+user.not.exists=用户不存在/密码错误
 
+user.password.not.match=用户不存在/密码错误
 
+user.password.retry.limit.count=密码输入错误{0}次
 
+user.password.retry.limit.exceed=密码输入错误{0}次,帐户锁定10分钟
 
+user.password.delete=对不起,您的账号已被删除
 
+user.blocked=用户已封禁,请联系管理员
 
+role.blocked=角色已封禁,请联系管理员
 
+user.logout.success=退出成功
 
+
 
+length.not.valid=长度必须在{min}到{max}个字符之间
 
+
 
+user.username.not.valid=* 2到20个汉字、字母、数字或下划线组成,且必须以非数字开头
 
+user.password.not.valid=* 5-50个字符
 
+
 
+user.email.not.valid=邮箱格式错误
 
+user.mobile.phone.number.not.valid=手机号格式错误
 
+user.login.success=登录成功
 
+user.register.success=注册成功
 
+user.notfound=请重新登录
 
+user.forcelogout=管理员强制退出,请重新登录
 
+user.unknown.error=未知错误,请重新登录
 
+
 
+##文件上传消息
 
+upload.exceed.maxSize=上传的文件大小超出限制的文件大小!<br/>允许的文件最大大小是:{0}MB!
 
+upload.filename.exceed.length=上传的文件名最长{0}个字符
 
+
 
+##权限
 
+no.permission=您没有数据的权限,请联系管理员添加权限 [{0}]
 
+no.create.permission=您没有创建数据的权限,请联系管理员添加权限 [{0}]
 
+no.update.permission=您没有修改数据的权限,请联系管理员添加权限 [{0}]
 
+no.delete.permission=您没有删除数据的权限,请联系管理员添加权限 [{0}]
 
+no.export.permission=您没有导出数据的权限,请联系管理员添加权限 [{0}]
 
+no.view.permission=您没有查看数据的权限,请联系管理员添加权限 [{0}]

+ 6 - 0
fiveep-service/pom.xml
Ver fichero 

@@ -78,6 +78,12 @@
 
             <version>1.21</version>
 
         </dependency>
 
 
+        <dependency>
 
+            <groupId>com.github.pagehelper</groupId>
 
+            <artifactId>pagehelper-spring-boot-starter</artifactId>
 
+            <version>1.3.1</version>
 
+        </dependency>
 
+
 
     </dependencies>

+ 1 - 1
fiveep-service/src/main/java/com/bizmatics/service/aop/DataScopeAspect.java
Ver fichero 

@@ -6,6 +6,7 @@ import com.bizmatics.common.spring.util.SpringContextUtils;
 
 import com.bizmatics.model.base.BaseEntity;
 
 import com.bizmatics.model.system.SysRole;
 
 import com.bizmatics.model.system.SysUser;
 
+import com.bizmatics.service.system.impl.TokenService;
 
 import com.bizmatics.service.util.LoginUser;
 
 import org.aspectj.lang.JoinPoint;
 
 import org.aspectj.lang.Signature;
 
@@ -13,7 +14,6 @@ import org.aspectj.lang.annotation.Aspect;
 
 import org.aspectj.lang.annotation.Before;
 
 import org.aspectj.lang.annotation.Pointcut;
 
 import org.aspectj.lang.reflect.MethodSignature;
 
-import org.springframework.security.core.token.TokenService;
 
 import org.springframework.stereotype.Component;
 
 
 import java.lang.reflect.Method;

+ 23 - 0
fiveep-service/src/main/java/com/bizmatics/service/config/CustomerDoubleSerialize.java
Ver fichero 

@@ -0,0 +1,23 @@
 
+package com.bizmatics.service.config;
 
+
 
+import com.fasterxml.jackson.core.JsonGenerator;
 
+import com.fasterxml.jackson.databind.JsonSerializer;
 
+import com.fasterxml.jackson.databind.SerializerProvider;
 
+
 
+import java.io.IOException;
 
+import java.text.DecimalFormat;
 
+
 
+/**
 
+ * @author yq
 
+ * @date 2021/7/23 11:12
 
+ */
 
+public class CustomerDoubleSerialize extends JsonSerializer<Double> {
 
+    //原本这里是  ##.00 ,带来的问题是如果数据库数据为0.00返回“ .00 “经评论指正,改为0.00
 
+    private DecimalFormat df = new DecimalFormat("0.00");
 
+    @Override
 
+    public void serialize(Double arg0, JsonGenerator arg1, SerializerProvider arg2) throws IOException {
 
+        if(arg0 != null) {
 
+            arg1.writeString(df.format(arg0));
 
+        }
 
+    }
 
+}

+ 60 - 0
fiveep-service/src/main/java/com/bizmatics/service/config/FilterConfig.java
Ver fichero 

@@ -0,0 +1,60 @@
 
+package com.bizmatics.service.config;
 
+
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import com.bizmatics.service.filter.RepeatableFilter;
 
+import com.bizmatics.service.filter.XssFilter;
 
+import org.springframework.beans.factory.annotation.Value;
 
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
 
+import org.springframework.context.annotation.Bean;
 
+import org.springframework.context.annotation.Configuration;
 
+
 
+import javax.servlet.DispatcherType;
 
+import java.util.HashMap;
 
+import java.util.Map;
 
+
 
+
 
+/**
 
+ * Filter配置
 
+ *
 
+ * @author ruoyi
 
+ */
 
+@Configuration
 
+@ConditionalOnProperty(value = "xss.enabled", havingValue = "true")
 
+public class FilterConfig
 
+{
 
+    @Value("${xss.excludes}")
 
+    private String excludes;
 
+
 
+    @Value("${xss.urlPatterns}")
 
+    private String urlPatterns;
 
+
 
+    @SuppressWarnings({ "rawtypes", "unchecked" })
 
+    @Bean
 
+    public FilterRegistrationBean xssFilterRegistration()
 
+    {
 
+        FilterRegistrationBean registration = new FilterRegistrationBean();
 
+        registration.setDispatcherTypes(DispatcherType.REQUEST);
 
+        registration.setFilter(new XssFilter());
 
+        registration.addUrlPatterns(StringUtils.split(urlPatterns, ","));
 
+        registration.setName("xssFilter");
 
+        registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE);
 
+        Map<String, String> initParameters = new HashMap<String, String>();
 
+        initParameters.put("excludes", excludes);
 
+        registration.setInitParameters(initParameters);
 
+        return registration;
 
+    }
 
+
 
+    @SuppressWarnings({ "rawtypes", "unchecked" })
 
+    @Bean
 
+    public FilterRegistrationBean someFilterRegistration()
 
+    {
 
+        FilterRegistrationBean registration = new FilterRegistrationBean();
 
+        registration.setFilter(new RepeatableFilter());
 
+        registration.addUrlPatterns("/*");
 
+        registration.setName("repeatableFilter");
 
+        registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE);
 
+        return registration;
 
+    }
 
+
 
+}

+ 147 - 0
fiveep-service/src/main/java/com/bizmatics/service/config/SecurityConfig.java
Ver fichero 

@@ -0,0 +1,147 @@
 
+package com.bizmatics.service.config;
 
+
 
+import com.bizmatics.service.config.security.filter.JwtAuthenticationTokenFilter;
 
+import com.bizmatics.service.config.security.handle.AuthenticationEntryPointImpl;
 
+import com.bizmatics.service.config.security.handle.LogoutSuccessHandlerImpl;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.context.annotation.Bean;
 
+import org.springframework.http.HttpMethod;
 
+import org.springframework.security.authentication.AuthenticationManager;
 
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 
+import org.springframework.security.config.http.SessionCreationPolicy;
 
+import org.springframework.security.core.userdetails.UserDetailsService;
 
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
+import org.springframework.security.web.authentication.logout.LogoutFilter;
 
+import org.springframework.web.filter.CorsFilter;
 
+
 
+
 
+/**
 
+ * spring security配置
 
+ * 
+ * @author ruoyi
 
+ */
 
+@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
 
+public class SecurityConfig extends WebSecurityConfigurerAdapter
 
+{
 
+    /**
 
+     * 自定义用户认证逻辑
 
+     */
 
+    @Autowired
 
+    private UserDetailsService userDetailsService;
 
+    
+    /**
 
+     * 认证失败处理类
 
+     */
 
+    @Autowired
 
+    private AuthenticationEntryPointImpl unauthorizedHandler;
 
+
 
+    /**
 
+     * 退出处理类
 
+     */
 
+    @Autowired
 
+    private LogoutSuccessHandlerImpl logoutSuccessHandler;
 
+
 
+    /**
 
+     * token认证过滤器
 
+     */
 
+    @Autowired
 
+    private JwtAuthenticationTokenFilter authenticationTokenFilter;
 
+    
+    /**
 
+     * 跨域过滤器
 
+     */
 
+    @Autowired
 
+    private CorsFilter corsFilter;
 
+    
+    /**
 
+     * 解决 无法直接注入 AuthenticationManager
 
+     *
 
+     * @return
 
+     * @throws Exception
 
+     */
 
+    @Bean
 
+    @Override
 
+    public AuthenticationManager authenticationManagerBean() throws Exception
 
+    {
 
+        return super.authenticationManagerBean();
 
+    }
 
+
 
+    /**
 
+     * anyRequest          |   匹配所有请求路径
 
+     * access              |   SpringEl表达式结果为true时可以访问
 
+     * anonymous           |   匿名可以访问
 
+     * denyAll             |   用户不能访问
 
+     * fullyAuthenticated  |   用户完全认证可以访问(非remember-me下自动登录)
 
+     * hasAnyAuthority     |   如果有参数,参数表示权限,则其中任何一个权限可以访问
 
+     * hasAnyRole          |   如果有参数,参数表示角色,则其中任何一个角色可以访问
 
+     * hasAuthority        |   如果有参数,参数表示权限,则其权限可以访问
 
+     * hasIpAddress        |   如果有参数,参数表示IP地址,如果用户IP和参数匹配,则可以访问
 
+     * hasRole             |   如果有参数,参数表示角色,则其角色可以访问
 
+     * permitAll           |   用户可以任意访问
 
+     * rememberMe          |   允许通过remember-me登录的用户访问
 
+     * authenticated       |   用户登录后可访问
 
+     */
 
+    @Override
 
+    protected void configure(HttpSecurity httpSecurity) throws Exception
 
+    {
 
+        httpSecurity
 
+                // CSRF禁用,因为不使用session
 
+                .csrf().disable()
 
+                // 认证失败处理类
 
+                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
 
+                // 基于token,所以不需要session
 
+                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
 
+                // 过滤请求
 
+                .authorizeRequests()
 
+                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
 
+                .antMatchers("/login", "/register", "/captchaImage").anonymous()
 
+                .antMatchers(
 
+                        HttpMethod.GET,
 
+                        "/",
 
+                        "/*.html",
 
+                        "/**/*.html",
 
+                        "/**/*.css",
 
+                        "/**/*.js",
 
+                        "/profile/**"
 
+                ).permitAll()
 
+                .antMatchers("/common/download**").anonymous()
 
+                .antMatchers("/common/download/resource**").anonymous()
 
+                .antMatchers("/swagger-ui.html").anonymous()
 
+                .antMatchers("/swagger-resources/**").anonymous()
 
+                .antMatchers("/webjars/**").anonymous()
 
+                .antMatchers("/*/api-docs").anonymous()
 
+                .antMatchers("/druid/**").anonymous()
 
+                // 除上面外的所有请求全部需要鉴权认证
 
+                .anyRequest().authenticated()
 
+                .and()
 
+                .headers().frameOptions().disable();
 
+        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
 
+        // 添加JWT filter
 
+        httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
 
+        // 添加CORS filter
 
+        httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
 
+        httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
 
+    }
 
+
 
+    /**
 
+     * 强散列哈希加密实现
 
+     */
 
+    @Bean
 
+    public BCryptPasswordEncoder bCryptPasswordEncoder()
 
+    {
 
+        return new BCryptPasswordEncoder();
 
+    }
 
+
 
+    /**
 
+     * 身份认证接口
 
+     */
 
+    @Override
 
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception
 
+    {
 
+        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
 
+    }
 
+}

+ 46 - 0
fiveep-service/src/main/java/com/bizmatics/service/config/security/filter/JwtAuthenticationTokenFilter.java
Ver fichero 

@@ -0,0 +1,46 @@
 
+package com.bizmatics.service.config.security.filter;
 
+
 
+import com.bizmatics.service.system.impl.TokenService;
 
+import com.bizmatics.service.util.LoginUser;
 
+import com.bizmatics.service.util.SecurityUtils;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
+import org.springframework.security.core.context.SecurityContextHolder;
 
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 
+import org.springframework.stereotype.Component;
 
+import org.springframework.web.filter.OncePerRequestFilter;
 
+
 
+import javax.servlet.FilterChain;
 
+import javax.servlet.ServletException;
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletResponse;
 
+import java.io.IOException;
 
+import java.util.Objects;
 
+
 
+
 
+/**
 
+ * token过滤器 验证token有效性
 
+ * 
+ * @author ruoyi
 
+ */
 
+@Component
 
+public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
 
+{
 
+    @Autowired
 
+    private TokenService tokenService;
 
+
 
+    @Override
 
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
 
+            throws ServletException, IOException
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(request);
 
+        if (Objects.nonNull(loginUser) && Objects.isNull(SecurityUtils.getAuthentication()))
 
+        {
 
+            tokenService.verifyToken(loginUser);
 
+            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
 
+            authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
 
+            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
 
+        }
 
+        chain.doFilter(request, response);
 
+    }
 
+}

+ 34 - 0
fiveep-service/src/main/java/com/bizmatics/service/config/security/handle/AuthenticationEntryPointImpl.java
Ver fichero 

@@ -0,0 +1,34 @@
 
+package com.bizmatics.service.config.security.handle;
 
+
 
+import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.common.spring.util.JsonUtils;
 
+import org.springframework.security.core.AuthenticationException;
 
+import org.springframework.security.web.AuthenticationEntryPoint;
 
+import org.springframework.stereotype.Component;
 
+
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletResponse;
 
+import java.io.IOException;
 
+import java.io.Serializable;
 
+
 
+
 
+/**
 
+ * 认证失败处理类 返回未授权
 
+ * 
+ * @author ruoyi
 
+ */
 
+@Component
 
+public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, Serializable
 
+{
 
+    private static final long serialVersionUID = -8970718410437077606L;
 
+
 
+    @Override
 
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
 
+            throws IOException
 
+    {
 
+        String msg = StringUtils.format("请求访问:{},认证失败,无法访问系统资源", request.getRequestURI());
 
+        ServletUtils.renderString(response, JsonUtils.toJson(ApiResult.error("401", "msg")));
 
+    }
 
+}

+ 54 - 0
fiveep-service/src/main/java/com/bizmatics/service/config/security/handle/LogoutSuccessHandlerImpl.java
Ver fichero 

@@ -0,0 +1,54 @@
 
+package com.bizmatics.service.config.security.handle;
 
+
 
+import com.bizmatics.common.core.bean.ApiResult;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.common.spring.util.JsonUtils;
 
+import com.bizmatics.model.constants.Constants;
 
+import com.bizmatics.service.system.impl.TokenService;
 
+import com.bizmatics.service.util.LoginUser;
 
+import com.bizmatics.service.util.manager.AsyncManager;
 
+import com.bizmatics.service.util.manager.factory.AsyncFactory;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.context.annotation.Configuration;
 
+import org.springframework.security.core.Authentication;
 
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
 
+
 
+import javax.servlet.ServletException;
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletResponse;
 
+import java.io.IOException;
 
+import java.util.Objects;
 
+
 
+
 
+/**
 
+ * 自定义退出处理类 返回成功
 
+ * 
+ * @author ruoyi
 
+ */
 
+@Configuration
 
+public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler
 
+{
 
+    @Autowired
 
+    private TokenService tokenService;
 
+
 
+    /**
 
+     * 退出处理
 
+     * 
+     * @return
 
+     */
 
+    @Override
 
+    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
 
+            throws IOException, ServletException
 
+    {
 
+        LoginUser loginUser = tokenService.getLoginUser(request);
 
+        if (Objects.nonNull(loginUser))
 
+        {
 
+            String userName = loginUser.getUsername();
 
+            // 删除用户缓存记录
 
+            tokenService.delLoginUser(loginUser.getToken());
 
+            // 记录用户退出日志
 
+            AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGOUT, "退出成功"));
 
+        }
 
+        ServletUtils.renderString(response, JsonUtils.toJson(ApiResult.success("退出成功")));
 
+    }
 
+}

+ 0 - 141
fiveep-service/src/main/java/com/bizmatics/service/constants/Constants.java
Ver fichero 

@@ -1,141 +0,0 @@
 
-package com.bizmatics.service.constants;
 
-
 
-import io.jsonwebtoken.Claims;
 
-
 
-/**
 
- * 通用常量信息
 
- * 
- * @author ruoyi
 
- */
 
-public class Constants
 
-{
 
-    /**
 
-     * UTF-8 字符集
 
-     */
 
-    public static final String UTF8 = "UTF-8";
 
-
 
-    /**
 
-     * GBK 字符集
 
-     */
 
-    public static final String GBK = "GBK";
 
-
 
-    /**
 
-     * http请求
 
-     */
 
-    public static final String HTTP = "http://";
 
-
 
-    /**
 
-     * https请求
 
-     */
 
-    public static final String HTTPS = "https://";
 
-
 
-    /**
 
-     * 通用成功标识
 
-     */
 
-    public static final String SUCCESS = "0";
 
-
 
-    /**
 
-     * 通用失败标识
 
-     */
 
-    public static final String FAIL = "1";
 
-
 
-    /**
 
-     * 登录成功
 
-     */
 
-    public static final String LOGIN_SUCCESS = "Success";
 
-
 
-    /**
 
-     * 注销
 
-     */
 
-    public static final String LOGOUT = "Logout";
 
-
 
-    /**
 
-     * 注册
 
-     */
 
-    public static final String REGISTER = "Register";
 
-
 
-    /**
 
-     * 登录失败
 
-     */
 
-    public static final String LOGIN_FAIL = "Error";
 
-
 
-    /**
 
-     * 验证码 redis key
 
-     */
 
-    public static final String CAPTCHA_CODE_KEY = "captcha_codes:";
 
-
 
-    /**
 
-     * 登录用户 redis key
 
-     */
 
-    public static final String LOGIN_TOKEN_KEY = "login_tokens:";
 
-    
-    /**
 
-     * 防重提交 redis key
 
-     */
 
-    public static final String REPEAT_SUBMIT_KEY = "repeat_submit:";
 
-
 
-    /**
 
-     * 验证码有效期(分钟)
 
-     */
 
-    public static final Integer CAPTCHA_EXPIRATION = 2;
 
-
 
-    /**
 
-     * 令牌
 
-     */
 
-    public static final String TOKEN = "token";
 
-
 
-    /**
 
-     * 令牌前缀
 
-     */
 
-    public static final String TOKEN_PREFIX = "Bearer ";
 
-
 
-    /**
 
-     * 令牌前缀
 
-     */
 
-    public static final String LOGIN_USER_KEY = "login_user_key";
 
-
 
-    /**
 
-     * 用户ID
 
-     */
 
-    public static final String JWT_USERID = "userid";
 
-
 
-    /**
 
-     * 用户名称
 
-     */
 
-    public static final String JWT_USERNAME = Claims.SUBJECT;
 
-
 
-    /**
 
-     * 用户头像
 
-     */
 
-    public static final String JWT_AVATAR = "avatar";
 
-
 
-    /**
 
-     * 创建时间
 
-     */
 
-    public static final String JWT_CREATED = "created";
 
-
 
-    /**
 
-     * 用户权限
 
-     */
 
-    public static final String JWT_AUTHORITIES = "authorities";
 
-
 
-    /**
 
-     * 参数管理 cache key
 
-     */
 
-    public static final String SYS_CONFIG_KEY = "sys_config:";
 
-
 
-    /**
 
-     * 字典管理 cache key
 
-     */
 
-    public static final String SYS_DICT_KEY = "sys_dict:";
 
-
 
-    /**
 
-     * 资源映射路径 前缀
 
-     */
 
-    public static final String RESOURCE_PREFIX = "/profile";
 
-
 
-    /**
 
-     * RMI 远程方法调用
 
-     */
 
-    public static final String LOOKUP_RMI = "rmi://";
 
-}

+ 49 - 0
fiveep-service/src/main/java/com/bizmatics/service/filter/RepeatableFilter.java
Ver fichero 

@@ -0,0 +1,49 @@
 
+package com.bizmatics.service.filter;
 
+
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import org.springframework.http.MediaType;
 
+
 
+import javax.servlet.*;
 
+import javax.servlet.http.HttpServletRequest;
 
+import java.io.IOException;
 
+
 
+
 
+/**
 
+ * Repeatable 过滤器
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class RepeatableFilter implements Filter
 
+{
 
+    @Override
 
+    public void init(FilterConfig filterConfig) throws ServletException
 
+    {
 
+
 
+    }
 
+
 
+    @Override
 
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
 
+            throws IOException, ServletException
 
+    {
 
+        ServletRequest requestWrapper = null;
 
+        if (request instanceof HttpServletRequest
 
+                && StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE))
 
+        {
 
+            requestWrapper = new RepeatedlyRequestWrapper((HttpServletRequest) request, response);
 
+        }
 
+        if (null == requestWrapper)
 
+        {
 
+            chain.doFilter(request, response);
 
+        }
 
+        else
 
+        {
 
+            chain.doFilter(requestWrapper, response);
 
+        }
 
+    }
 
+
 
+    @Override
 
+    public void destroy()
 
+    {
 
+
 
+    }
 
+}

+ 77 - 0
fiveep-service/src/main/java/com/bizmatics/service/filter/RepeatedlyRequestWrapper.java
Ver fichero 

@@ -0,0 +1,77 @@
 
+package com.bizmatics.service.filter;
 
+
 
+import com.bizmatics.service.util.HttpHelper;
 
+
 
+import javax.servlet.ReadListener;
 
+import javax.servlet.ServletInputStream;
 
+import javax.servlet.ServletResponse;
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletRequestWrapper;
 
+import java.io.BufferedReader;
 
+import java.io.ByteArrayInputStream;
 
+import java.io.IOException;
 
+import java.io.InputStreamReader;
 
+
 
+
 
+/**
 
+ * 构建可重复读取inputStream的request
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class RepeatedlyRequestWrapper extends HttpServletRequestWrapper
 
+{
 
+    private final byte[] body;
 
+
 
+    public RepeatedlyRequestWrapper(HttpServletRequest request, ServletResponse response) throws IOException
 
+    {
 
+        super(request);
 
+        request.setCharacterEncoding("UTF-8");
 
+        response.setCharacterEncoding("UTF-8");
 
+
 
+        body = HttpHelper.getBodyString(request).getBytes("UTF-8");
 
+    }
 
+
 
+    @Override
 
+    public BufferedReader getReader() throws IOException
 
+    {
 
+        return new BufferedReader(new InputStreamReader(getInputStream()));
 
+    }
 
+
 
+    @Override
 
+    public ServletInputStream getInputStream() throws IOException
 
+    {
 
+        final ByteArrayInputStream bais = new ByteArrayInputStream(body);
 
+        return new ServletInputStream()
 
+        {
 
+            @Override
 
+            public int read() throws IOException
 
+            {
 
+                return bais.read();
 
+            }
 
+
 
+            @Override
 
+            public int available() throws IOException
 
+            {
 
+                return body.length;
 
+            }
 
+
 
+            @Override
 
+            public boolean isFinished()
 
+            {
 
+                return false;
 
+            }
 
+
 
+            @Override
 
+            public boolean isReady()
 
+            {
 
+                return false;
 
+            }
 
+
 
+            @Override
 
+            public void setReadListener(ReadListener readListener)
 
+            {
 
+
 
+            }
 
+        };
 
+    }
 
+}

+ 71 - 0
fiveep-service/src/main/java/com/bizmatics/service/filter/XssFilter.java
Ver fichero 

@@ -0,0 +1,71 @@
 
+package com.bizmatics.service.filter;
 
+
 
+import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 
+
 
+import javax.servlet.*;
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletResponse;
 
+import java.io.IOException;
 
+import java.util.ArrayList;
 
+import java.util.List;
 
+
 
+
 
+/**
 
+ * 防止XSS攻击的过滤器
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class XssFilter implements Filter
 
+{
 
+    /**
 
+     * 排除链接
 
+     */
 
+    public List<String> excludes = new ArrayList<>();
 
+
 
+    @Override
 
+    public void init(FilterConfig filterConfig) throws ServletException
 
+    {
 
+        String tempExcludes = filterConfig.getInitParameter("excludes");
 
+        if (StringUtils.isNotBlank(tempExcludes))
 
+        {
 
+            String[] url = tempExcludes.split(",");
 
+            for (int i = 0; url != null && i < url.length; i++)
 
+            {
 
+                excludes.add(url[i]);
 
+            }
 
+        }
 
+    }
 
+
 
+    @Override
 
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
 
+            throws IOException, ServletException
 
+    {
 
+        HttpServletRequest req = (HttpServletRequest) request;
 
+        HttpServletResponse resp = (HttpServletResponse) response;
 
+        if (handleExcludeURL(req, resp))
 
+        {
 
+            chain.doFilter(request, response);
 
+            return;
 
+        }
 
+        XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) request);
 
+        chain.doFilter(xssRequest, response);
 
+    }
 
+
 
+    private boolean handleExcludeURL(HttpServletRequest request, HttpServletResponse response)
 
+    {
 
+        String url = request.getServletPath();
 
+        String method = request.getMethod();
 
+        // GET DELETE 不过滤
 
+        if (method == null || method.matches("GET") || method.matches("DELETE"))
 
+        {
 
+            return true;
 
+        }
 
+        return excludes.contains(url);
 
+    }
 
+
 
+    @Override
 
+    public void destroy()
 
+    {
 
+
 
+    }
 
+}

+ 106 - 0
fiveep-service/src/main/java/com/bizmatics/service/filter/XssHttpServletRequestWrapper.java
Ver fichero 

@@ -0,0 +1,106 @@
 
+package com.bizmatics.service.filter;
 
+
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import com.bizmatics.service.util.html.EscapeUtil;
 
+import org.apache.commons.io.IOUtils;
 
+import org.springframework.http.HttpHeaders;
 
+import org.springframework.http.MediaType;
 
+
 
+import javax.servlet.ReadListener;
 
+import javax.servlet.ServletInputStream;
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletRequestWrapper;
 
+import java.io.ByteArrayInputStream;
 
+import java.io.IOException;
 
+
 
+
 
+/**
 
+ * XSS过滤处理
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper
 
+{
 
+    /**
 
+     * @param request
 
+     */
 
+    public XssHttpServletRequestWrapper(HttpServletRequest request)
 
+    {
 
+        super(request);
 
+    }
 
+
 
+    @Override
 
+    public String[] getParameterValues(String name)
 
+    {
 
+        String[] values = super.getParameterValues(name);
 
+        if (values != null)
 
+        {
 
+            int length = values.length;
 
+            String[] escapseValues = new String[length];
 
+            for (int i = 0; i < length; i++)
 
+            {
 
+                // 防xss攻击和过滤前后空格
 
+                escapseValues[i] = EscapeUtil.clean(values[i]).trim();
 
+            }
 
+            return escapseValues;
 
+        }
 
+        return super.getParameterValues(name);
 
+    }
 
+
 
+    @Override
 
+    public ServletInputStream getInputStream() throws IOException
 
+    {
 
+        // 非json类型,直接返回
 
+        if (!isJsonRequest())
 
+        {
 
+            return super.getInputStream();
 
+        }
 
+
 
+        // 为空,直接返回
 
+        String json = IOUtils.toString(super.getInputStream(), "utf-8");
 
+        if (StringUtils.isBlank(json))
 
+        {
 
+            return super.getInputStream();
 
+        }
 
+
 
+        // xss过滤
 
+        json = EscapeUtil.clean(json).trim();
 
+        final ByteArrayInputStream bis = new ByteArrayInputStream(json.getBytes("utf-8"));
 
+        return new ServletInputStream()
 
+        {
 
+            @Override
 
+            public boolean isFinished()
 
+            {
 
+                return true;
 
+            }
 
+
 
+            @Override
 
+            public boolean isReady()
 
+            {
 
+                return true;
 
+            }
 
+
 
+            @Override
 
+            public void setReadListener(ReadListener readListener)
 
+            {
 
+            }
 
+
 
+            @Override
 
+            public int read() throws IOException
 
+            {
 
+                return bis.read();
 
+            }
 
+        };
 
+    }
 
+
 
+    /**
 
+     * 是否是Json请求
 
+     * 
+     *
 
+     */
 
+    public boolean isJsonRequest()
 
+    {
 
+        String header = super.getHeader(HttpHeaders.CONTENT_TYPE);
 
+        return StringUtils.startsWithIgnoreCase(header, MediaType.APPLICATION_JSON_VALUE);
 
+    }
 
+}

+ 1 - 1
fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysConfigServiceImpl.java
Ver fichero 

@@ -4,10 +4,10 @@ import com.bizmatics.common.core.exception.BusinessException;
 
 import com.bizmatics.common.core.util.Convert;
 
 import com.bizmatics.common.core.util.StringUtils;
 
 import com.bizmatics.common.spring.config.redis.RedisHelper;
 
+import com.bizmatics.model.constants.Constants;
 
 import com.bizmatics.model.constants.UserConstants;
 
 import com.bizmatics.model.system.SysConfig;
 
 import com.bizmatics.persistence.mapper.system.SysConfigMapper;
 
-import com.bizmatics.service.constants.Constants;
 
 import com.bizmatics.service.system.ISysConfigService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.stereotype.Service;

+ 128 - 0
fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysLoginService.java
Ver fichero 

@@ -0,0 +1,128 @@
 
+package com.bizmatics.service.system.impl;
 
+
 
+import com.bizmatics.common.core.exception.BusinessException;
 
+import com.bizmatics.common.mvc.utils.IpUtils;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.common.spring.config.redis.RedisHelper;
 
+import com.bizmatics.model.constants.Constants;
 
+import com.bizmatics.model.system.SysUser;
 
+import com.bizmatics.service.system.ISysConfigService;
 
+import com.bizmatics.service.system.ISysUserService;
 
+import com.bizmatics.service.util.LoginUser;
 
+import com.bizmatics.service.util.manager.AsyncManager;
 
+import com.bizmatics.service.util.manager.MessageUtils;
 
+import com.bizmatics.service.util.manager.factory.AsyncFactory;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.authentication.AuthenticationManager;
 
+import org.springframework.security.authentication.BadCredentialsException;
 
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
+import org.springframework.security.core.Authentication;
 
+import org.springframework.stereotype.Component;
 
+
 
+import javax.annotation.Resource;
 
+import java.util.Date;
 
+
 
+
 
+/**
 
+ * 登录校验方法
 
+ * 
+ * @author ruoyi
 
+ */
 
+@Component
 
+public class SysLoginService
 
+{
 
+    @Autowired
 
+    private TokenService tokenService;
 
+
 
+    @Resource
 
+    private AuthenticationManager authenticationManager;
 
+
 
+    @Autowired
 
+    private RedisHelper redisHelper;
 
+    
+    @Autowired
 
+    private ISysUserService userService;
 
+
 
+    @Autowired
 
+    private ISysConfigService configService;
 
+
 
+    /**
 
+     * 登录验证
 
+     * 
+     * @param username 用户名
 
+     * @param password 密码
 
+     * @param code 验证码
 
+     * @param uuid 唯一标识
 
+     * @return 结果
 
+     */
 
+    public String login(String username, String password, String code, String uuid)
 
+    {
 
+        boolean captchaOnOff = configService.selectCaptchaOnOff();
 
+        // 验证码开关
 
+        if (captchaOnOff)
 
+        {
 
+            validateCaptcha(username, code, uuid);
 
+        }
 
+        // 用户验证
 
+        Authentication authentication = null;
 
+        try
 
+        {
 
+            // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
 
+            authentication = authenticationManager
 
+                    .authenticate(new UsernamePasswordAuthenticationToken(username, password));
 
+        }
 
+        catch (Exception e)
 
+        {
 
+            if (e instanceof BadCredentialsException)
 
+            {
 
+                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
 
+                throw new BusinessException("添加异常");
 
+            }
 
+            else
 
+            {
 
+                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
 
+                throw new BusinessException(e.getMessage());
 
+            }
 
+        }
 
+        AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
 
+        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
 
+        recordLoginInfo(loginUser.getUser());
 
+        // 生成token
 
+        return tokenService.createToken(loginUser);
 
+    }
 
+
 
+    /**
 
+     * 校验验证码
 
+     * 
+     * @param username 用户名
 
+     * @param code 验证码
 
+     * @param uuid 唯一标识
 
+     * @return 结果
 
+     */
 
+    public void validateCaptcha(String username, String code, String uuid)
 
+    {
 
+        String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
 
+        String captcha = redisHelper.get(verifyKey).toString();
 
+        redisHelper.delete(verifyKey);
 
+        if (captcha == null)
 
+        {
 
+            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
 
+            throw new BusinessException("发送异常");
 
+        }
 
+        if (!code.equalsIgnoreCase(captcha))
 
+        {
 
+            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
 
+            throw new BusinessException("发送异常");
 
+        }
 
+    }
 
+
 
+    /**
 
+     * 记录登录信息
 
+     */
 
+    public void recordLoginInfo(SysUser user)
 
+    {
 
+        user.setLoginIp(IpUtils.getIpAddr(ServletUtils.getRequest()));
 
+        user.setLoginDate(new Date());
 
+        userService.updateUserProfile(user);
 
+    }
 
+}

+ 1 - 1
fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysMenuServiceImpl.java
Ver fichero 

@@ -2,6 +2,7 @@ package com.bizmatics.service.system.impl;
 
 
 import com.bizmatics.common.core.util.StringUtils;
 
 import com.bizmatics.model.base.TreeSelect;
 
+import com.bizmatics.model.constants.Constants;
 
 import com.bizmatics.model.constants.UserConstants;
 
 import com.bizmatics.model.system.SysMenu;
 
 import com.bizmatics.model.system.SysRole;
 
@@ -11,7 +12,6 @@ import com.bizmatics.model.vo.RouterVo;
 
 import com.bizmatics.persistence.mapper.system.SysMenuMapper;
 
 import com.bizmatics.persistence.mapper.system.SysRoleMapper;
 
 import com.bizmatics.persistence.mapper.system.SysRoleMenuMapper;
 
-import com.bizmatics.service.constants.Constants;
 
 import com.bizmatics.service.system.ISysMenuService;
 
 import com.bizmatics.service.util.SecurityUtils;
 
 import org.springframework.beans.factory.annotation.Autowired;

+ 67 - 0
fiveep-service/src/main/java/com/bizmatics/service/system/impl/SysPermissionService.java
Ver fichero 

@@ -0,0 +1,67 @@
 
+package com.bizmatics.service.system.impl;
 
+
 
+import com.bizmatics.model.system.SysUser;
 
+import com.bizmatics.service.system.ISysMenuService;
 
+import com.bizmatics.service.system.ISysRoleService;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.stereotype.Component;
 
+
 
+import java.util.HashSet;
 
+import java.util.Set;
 
+
 
+/**
 
+ * 用户权限处理
 
+ * 
+ * @author ruoyi
 
+ */
 
+@Component
 
+public class SysPermissionService
 
+{
 
+    @Autowired
 
+    private ISysRoleService roleService;
 
+
 
+    @Autowired
 
+    private ISysMenuService menuService;
 
+
 
+    /**
 
+     * 获取角色数据权限
 
+     * 
+     * @param user 用户信息
 
+     * @return 角色权限信息
 
+     */
 
+    public Set<String> getRolePermission(SysUser user)
 
+    {
 
+        Set<String> roles = new HashSet<String>();
 
+        // 管理员拥有所有权限
 
+        if (user.isAdmin())
 
+        {
 
+            roles.add("admin");
 
+        }
 
+        else
 
+        {
 
+            roles.addAll(roleService.selectRolePermissionByUserId(user.getUserId()));
 
+        }
 
+        return roles;
 
+    }
 
+
 
+    /**
 
+     * 获取菜单数据权限
 
+     * 
+     * @param user 用户信息
 
+     * @return 菜单权限信息
 
+     */
 
+    public Set<String> getMenuPermission(SysUser user)
 
+    {
 
+        Set<String> perms = new HashSet<String>();
 
+        // 管理员拥有所有权限
 
+        if (user.isAdmin())
 
+        {
 
+            perms.add("*:*:*");
 
+        }
 
+        else
 
+        {
 
+            perms.addAll(menuService.selectMenuPermsByUserId(user.getUserId()));
 
+        }
 
+        return perms;
 
+    }
 
+}

+ 1 - 1
fiveep-service/src/main/java/com/bizmatics/service/system/impl/TokenService.java
Ver fichero 

@@ -4,7 +4,7 @@ import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 
 import com.bizmatics.common.mvc.utils.IpUtils;
 
 import com.bizmatics.common.mvc.utils.ServletUtils;
 
 import com.bizmatics.common.spring.config.redis.RedisHelper;
 
-import com.bizmatics.service.constants.Constants;
 
+import com.bizmatics.model.constants.Constants;
 
 import com.bizmatics.service.util.AddressUtils;
 
 import com.bizmatics.service.util.IdUtils;
 
 import com.bizmatics.service.util.LoginUser;

+ 1 - 1
fiveep-service/src/main/java/com/bizmatics/service/util/DictUtils.java
Ver fichero 

@@ -2,8 +2,8 @@ package com.bizmatics.service.util;
 
 
 import com.bizmatics.common.core.util.StringUtils;
 
 import com.bizmatics.common.spring.config.redis.RedisHelper;
 
+import com.bizmatics.model.constants.Constants;
 
 import com.bizmatics.model.system.SysDictData;
 
-import com.bizmatics.service.constants.Constants;
 
 
 import java.util.Collection;
 
 import java.util.List;

+ 56 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/HttpHelper.java
Ver fichero 

@@ -0,0 +1,56 @@
 
+package com.bizmatics.service.util;
 
+
 
+import org.apache.commons.lang3.exception.ExceptionUtils;
 
+import org.slf4j.Logger;
 
+import org.slf4j.LoggerFactory;
 
+
 
+import javax.servlet.ServletRequest;
 
+import java.io.BufferedReader;
 
+import java.io.IOException;
 
+import java.io.InputStream;
 
+import java.io.InputStreamReader;
 
+import java.nio.charset.Charset;
 
+
 
+/**
 
+ * 通用http工具封装
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class HttpHelper
 
+{
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(HttpHelper.class);
 
+
 
+    public static String getBodyString(ServletRequest request)
 
+    {
 
+        StringBuilder sb = new StringBuilder();
 
+        BufferedReader reader = null;
 
+        try (InputStream inputStream = request.getInputStream())
 
+        {
 
+            reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8")));
 
+            String line = "";
 
+            while ((line = reader.readLine()) != null)
 
+            {
 
+                sb.append(line);
 
+            }
 
+        }
 
+        catch (IOException e)
 
+        {
 
+            LOGGER.warn("getBodyString出现问题!");
 
+        }
 
+        finally
 
+        {
 
+            if (reader != null)
 
+            {
 
+                try
 
+                {
 
+                    reader.close();
 
+                }
 
+                catch (IOException e)
 
+                {
 
+                    LOGGER.error(ExceptionUtils.getMessage(e));
 
+                }
 
+            }
 
+        }
 
+        return sb.toString();
 
+    }
 
+}

+ 18 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/LogUtils.java
Ver fichero 

@@ -0,0 +1,18 @@
 
+package com.bizmatics.service.util;
 
+
 
+/**
 
+ * 处理并记录日志文件
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class LogUtils
 
+{
 
+    public static String getBlock(Object msg)
 
+    {
 
+        if (msg == null)
 
+        {
 
+            msg = "";
 
+        }
 
+        return "[" + msg.toString() + "]";
 
+    }
 
+}

+ 13 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/SecurityUtils.java
Ver fichero 

@@ -1,6 +1,7 @@
 
 package com.bizmatics.service.util;
 
 
 import com.bizmatics.common.core.exception.BusinessException;
 
+import com.bizmatics.model.system.SysUser;
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
@@ -43,6 +44,18 @@ public class SecurityUtils
 
         }
 
     }
 
 
+    public static SysUser getUser(){
 
+        try
 
+        {
 
+            LoginUser loginUser = (LoginUser)getAuthentication().getPrincipal();
 
+            return loginUser.getUser();
 
+        }
 
+        catch (Exception e)
 
+        {
 
+            throw new BusinessException("获取用户信息异常");
 
+        }
 
+    }
 
+
 
     /**
 
      * 获取Authentication
 
      */

+ 38 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/SqlUtil.java
Ver fichero 

@@ -0,0 +1,38 @@
 
+package com.bizmatics.service.util;
 
+
 
+
 
+import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 
+import com.bizmatics.common.core.exception.BusinessException;
 
+
 
+/**
 
+ * sql操作工具类
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class SqlUtil
 
+{
 
+    /**
 
+     * 仅支持字母、数字、下划线、空格、逗号、小数点(支持多个字段排序)
 
+     */
 
+    public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,\\.]+";
 
+
 
+    /**
 
+     * 检查字符,防止注入绕过
 
+     */
 
+    public static String escapeOrderBySql(String value)
 
+    {
 
+        if (StringUtils.isNotBlank(value) && !isValidOrderBySql(value))
 
+        {
 
+            throw new BusinessException("参数不符合规范,不能进行查询");
 
+        }
 
+        return value;
 
+    }
 
+
 
+    /**
 
+     * 验证 order by 语法是否符合规范
 
+     */
 
+    public static boolean isValidOrderBySql(String value)
 
+    {
 
+        return value.matches(SQL_PATTERN);
 
+    }
 
+}

+ 155 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/html/EscapeUtil.java
Ver fichero 

@@ -0,0 +1,155 @@
 
+package com.bizmatics.service.util.html;
 
+
 
+import com.bizmatics.common.core.util.StringUtils;
 
+
 
+/**
 
+ * 转义和反转义工具类
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class EscapeUtil
 
+{
 
+    public static final String RE_HTML_MARK = "(<[^<]*?>)|(<[\\s]*?/[^<]*?>)|(<[^<]*?/[\\s]*?>)";
 
+
 
+    private static final char[][] TEXT = new char[64][];
 
+
 
+    static
 
+    {
 
+        for (int i = 0; i < 64; i++)
 
+        {
 
+            TEXT[i] = new char[] { (char) i };
 
+        }
 
+
 
+        // special HTML characters
 
+        TEXT['\''] = "&#039;".toCharArray(); // 单引号
 
+        TEXT['"'] = "&#34;".toCharArray(); // 双引号
 
+        TEXT['&'] = "&#38;".toCharArray(); // &符
 
+        TEXT['<'] = "&#60;".toCharArray(); // 小于号
 
+        TEXT['>'] = "&#62;".toCharArray(); // 大于号
 
+    }
 
+
 
+    /**
 
+     * 转义文本中的HTML字符为安全的字符
 
+     * 
+     * @param text 被转义的文本
 
+     * @return 转义后的文本
 
+     */
 
+    public static String escape(String text)
 
+    {
 
+        return encode(text);
 
+    }
 
+
 
+    /**
 
+     * 还原被转义的HTML特殊字符
 
+     * 
+     * @param content 包含转义符的HTML内容
 
+     * @return 转换后的字符串
 
+     */
 
+    public static String unescape(String content)
 
+    {
 
+        return decode(content);
 
+    }
 
+
 
+    /**
 
+     * 清除所有HTML标签,但是不删除标签内的内容
 
+     * 
+     * @param content 文本
 
+     * @return 清除标签后的文本
 
+     */
 
+    public static String clean(String content)
 
+    {
 
+        return new HTMLFilter().filter(content);
 
+    }
 
+
 
+    /**
 
+     * Escape编码
 
+     * 
+     * @param text 被编码的文本
 
+     * @return 编码后的字符
 
+     */
 
+    private static String encode(String text)
 
+    {
 
+        int len;
 
+        if ((text == null) || ((len = text.length()) == 0))
 
+        {
 
+            return StringUtils.EMPTY;
 
+        }
 
+        StringBuilder buffer = new StringBuilder(len + (len >> 2));
 
+        char c;
 
+        for (int i = 0; i < len; i++)
 
+        {
 
+            c = text.charAt(i);
 
+            if (c < 64)
 
+            {
 
+                buffer.append(TEXT[c]);
 
+            }
 
+            else
 
+            {
 
+                buffer.append(c);
 
+            }
 
+        }
 
+        return buffer.toString();
 
+    }
 
+
 
+    /**
 
+     * Escape解码
 
+     * 
+     * @param content 被转义的内容
 
+     * @return 解码后的字符串
 
+     */
 
+    public static String decode(String content)
 
+    {
 
+        if (StringUtils.isEmpty(content))
 
+        {
 
+            return content;
 
+        }
 
+
 
+        StringBuilder tmp = new StringBuilder(content.length());
 
+        int lastPos = 0, pos = 0;
 
+        char ch;
 
+        while (lastPos < content.length())
 
+        {
 
+            pos = content.indexOf("%", lastPos);
 
+            if (pos == lastPos)
 
+            {
 
+                if (content.charAt(pos + 1) == 'u')
 
+                {
 
+                    ch = (char) Integer.parseInt(content.substring(pos + 2, pos + 6), 16);
 
+                    tmp.append(ch);
 
+                    lastPos = pos + 6;
 
+                }
 
+                else
 
+                {
 
+                    ch = (char) Integer.parseInt(content.substring(pos + 1, pos + 3), 16);
 
+                    tmp.append(ch);
 
+                    lastPos = pos + 3;
 
+                }
 
+            }
 
+            else
 
+            {
 
+                if (pos == -1)
 
+                {
 
+                    tmp.append(content.substring(lastPos));
 
+                    lastPos = content.length();
 
+                }
 
+                else
 
+                {
 
+                    tmp.append(content.substring(lastPos, pos));
 
+                    lastPos = pos;
 
+                }
 
+            }
 
+        }
 
+        return tmp.toString();
 
+    }
 
+
 
+    public static void main(String[] args)
 
+    {
 
+        String html = "<script>alert(1);</script>";
 
+        // String html = "<scr<script>ipt>alert(\"XSS\")</scr<script>ipt>";
 
+        // String html = "<123";
 
+        // String html = "123>";
 
+        System.out.println(EscapeUtil.clean(html));
 
+        System.out.println(EscapeUtil.escape(html));
 
+        System.out.println(EscapeUtil.unescape(html));
 
+    }
 
+}

+ 570 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/html/HTMLFilter.java
Ver fichero 

@@ -0,0 +1,570 @@
 
+package com.bizmatics.service.util.html;
 
+
 
+import java.util.ArrayList;
 
+import java.util.Collections;
 
+import java.util.HashMap;
 
+import java.util.List;
 
+import java.util.Map;
 
+import java.util.concurrent.ConcurrentHashMap;
 
+import java.util.concurrent.ConcurrentMap;
 
+import java.util.regex.Matcher;
 
+import java.util.regex.Pattern;
 
+
 
+/**
 
+ * HTML过滤器,用于去除XSS漏洞隐患。
 
+ *
 
+ * @author ruoyi
 
+ */
 
+public final class HTMLFilter
 
+{
 
+    /**
 
+     * regex flag union representing /si modifiers in php
 
+     **/
 
+    private static final int REGEX_FLAGS_SI = Pattern.CASE_INSENSITIVE | Pattern.DOTALL;
 
+    private static final Pattern P_COMMENTS = Pattern.compile("<!--(.*?)-->", Pattern.DOTALL);
 
+    private static final Pattern P_COMMENT = Pattern.compile("^!--(.*)--$", REGEX_FLAGS_SI);
 
+    private static final Pattern P_TAGS = Pattern.compile("<(.*?)>", Pattern.DOTALL);
 
+    private static final Pattern P_END_TAG = Pattern.compile("^/([a-z0-9]+)", REGEX_FLAGS_SI);
 
+    private static final Pattern P_START_TAG = Pattern.compile("^([a-z0-9]+)(.*?)(/?)$", REGEX_FLAGS_SI);
 
+    private static final Pattern P_QUOTED_ATTRIBUTES = Pattern.compile("([a-z0-9]+)=([\"'])(.*?)\\2", REGEX_FLAGS_SI);
 
+    private static final Pattern P_UNQUOTED_ATTRIBUTES = Pattern.compile("([a-z0-9]+)(=)([^\"\\s']+)", REGEX_FLAGS_SI);
 
+    private static final Pattern P_PROTOCOL = Pattern.compile("^([^:]+):", REGEX_FLAGS_SI);
 
+    private static final Pattern P_ENTITY = Pattern.compile("&#(\\d+);?");
 
+    private static final Pattern P_ENTITY_UNICODE = Pattern.compile("&#x([0-9a-f]+);?");
 
+    private static final Pattern P_ENCODE = Pattern.compile("%([0-9a-f]{2});?");
 
+    private static final Pattern P_VALID_ENTITIES = Pattern.compile("&([^&;]*)(?=(;|&|$))");
 
+    private static final Pattern P_VALID_QUOTES = Pattern.compile("(>|^)([^<]+?)(<|$)", Pattern.DOTALL);
 
+    private static final Pattern P_END_ARROW = Pattern.compile("^>");
 
+    private static final Pattern P_BODY_TO_END = Pattern.compile("<([^>]*?)(?=<|$)");
 
+    private static final Pattern P_XML_CONTENT = Pattern.compile("(^|>)([^<]*?)(?=>)");
 
+    private static final Pattern P_STRAY_LEFT_ARROW = Pattern.compile("<([^>]*?)(?=<|$)");
 
+    private static final Pattern P_STRAY_RIGHT_ARROW = Pattern.compile("(^|>)([^<]*?)(?=>)");
 
+    private static final Pattern P_AMP = Pattern.compile("&");
 
+    private static final Pattern P_QUOTE = Pattern.compile("\"");
 
+    private static final Pattern P_LEFT_ARROW = Pattern.compile("<");
 
+    private static final Pattern P_RIGHT_ARROW = Pattern.compile(">");
 
+    private static final Pattern P_BOTH_ARROWS = Pattern.compile("<>");
 
+
 
+    // @xxx could grow large... maybe use sesat's ReferenceMap
 
+    private static final ConcurrentMap<String, Pattern> P_REMOVE_PAIR_BLANKS = new ConcurrentHashMap<>();
 
+    private static final ConcurrentMap<String, Pattern> P_REMOVE_SELF_BLANKS = new ConcurrentHashMap<>();
 
+
 
+    /**
 
+     * set of allowed html elements, along with allowed attributes for each element
 
+     **/
 
+    private final Map<String, List<String>> vAllowed;
 
+    /**
 
+     * counts of open tags for each (allowable) html element
 
+     **/
 
+    private final Map<String, Integer> vTagCounts = new HashMap<>();
 
+
 
+    /**
 
+     * html elements which must always be self-closing (e.g. "<img />")
 
+     **/
 
+    private final String[] vSelfClosingTags;
 
+    /**
 
+     * html elements which must always have separate opening and closing tags (e.g. "<b></b>")
 
+     **/
 
+    private final String[] vNeedClosingTags;
 
+    /**
 
+     * set of disallowed html elements
 
+     **/
 
+    private final String[] vDisallowed;
 
+    /**
 
+     * attributes which should be checked for valid protocols
 
+     **/
 
+    private final String[] vProtocolAtts;
 
+    /**
 
+     * allowed protocols
 
+     **/
 
+    private final String[] vAllowedProtocols;
 
+    /**
 
+     * tags which should be removed if they contain no content (e.g. "<b></b>" or "<b />")
 
+     **/
 
+    private final String[] vRemoveBlanks;
 
+    /**
 
+     * entities allowed within html markup
 
+     **/
 
+    private final String[] vAllowedEntities;
 
+    /**
 
+     * flag determining whether comments are allowed in input String.
 
+     */
 
+    private final boolean stripComment;
 
+    private final boolean encodeQuotes;
 
+    /**
 
+     * flag determining whether to try to make tags when presented with "unbalanced" angle brackets (e.g. "<b text </b>"
 
+     * becomes "<b> text </b>"). If set to false, unbalanced angle brackets will be html escaped.
 
+     */
 
+    private final boolean alwaysMakeTags;
 
+
 
+    /**
 
+     * Default constructor.
 
+     */
 
+    public HTMLFilter()
 
+    {
 
+        vAllowed = new HashMap<>();
 
+
 
+        final ArrayList<String> a_atts = new ArrayList<>();
 
+        a_atts.add("href");
 
+        a_atts.add("target");
 
+        vAllowed.put("a", a_atts);
 
+
 
+        final ArrayList<String> img_atts = new ArrayList<>();
 
+        img_atts.add("src");
 
+        img_atts.add("width");
 
+        img_atts.add("height");
 
+        img_atts.add("alt");
 
+        vAllowed.put("img", img_atts);
 
+
 
+        final ArrayList<String> no_atts = new ArrayList<>();
 
+        vAllowed.put("b", no_atts);
 
+        vAllowed.put("strong", no_atts);
 
+        vAllowed.put("i", no_atts);
 
+        vAllowed.put("em", no_atts);
 
+
 
+        vSelfClosingTags = new String[] { "img" };
 
+        vNeedClosingTags = new String[] { "a", "b", "strong", "i", "em" };
 
+        vDisallowed = new String[] {};
 
+        vAllowedProtocols = new String[] { "http", "mailto", "https" }; // no ftp.
 
+        vProtocolAtts = new String[] { "src", "href" };
 
+        vRemoveBlanks = new String[] { "a", "b", "strong", "i", "em" };
 
+        vAllowedEntities = new String[] { "amp", "gt", "lt", "quot" };
 
+        stripComment = true;
 
+        encodeQuotes = true;
 
+        alwaysMakeTags = false;
 
+    }
 
+
 
+    /**
 
+     * Map-parameter configurable constructor.
 
+     *
 
+     * @param conf map containing configuration. keys match field names.
 
+     */
 
+    @SuppressWarnings("unchecked")
 
+    public HTMLFilter(final Map<String, Object> conf)
 
+    {
 
+
 
+        assert conf.containsKey("vAllowed") : "configuration requires vAllowed";
 
+        assert conf.containsKey("vSelfClosingTags") : "configuration requires vSelfClosingTags";
 
+        assert conf.containsKey("vNeedClosingTags") : "configuration requires vNeedClosingTags";
 
+        assert conf.containsKey("vDisallowed") : "configuration requires vDisallowed";
 
+        assert conf.containsKey("vAllowedProtocols") : "configuration requires vAllowedProtocols";
 
+        assert conf.containsKey("vProtocolAtts") : "configuration requires vProtocolAtts";
 
+        assert conf.containsKey("vRemoveBlanks") : "configuration requires vRemoveBlanks";
 
+        assert conf.containsKey("vAllowedEntities") : "configuration requires vAllowedEntities";
 
+
 
+        vAllowed = Collections.unmodifiableMap((HashMap<String, List<String>>) conf.get("vAllowed"));
 
+        vSelfClosingTags = (String[]) conf.get("vSelfClosingTags");
 
+        vNeedClosingTags = (String[]) conf.get("vNeedClosingTags");
 
+        vDisallowed = (String[]) conf.get("vDisallowed");
 
+        vAllowedProtocols = (String[]) conf.get("vAllowedProtocols");
 
+        vProtocolAtts = (String[]) conf.get("vProtocolAtts");
 
+        vRemoveBlanks = (String[]) conf.get("vRemoveBlanks");
 
+        vAllowedEntities = (String[]) conf.get("vAllowedEntities");
 
+        stripComment = conf.containsKey("stripComment") ? (Boolean) conf.get("stripComment") : true;
 
+        encodeQuotes = conf.containsKey("encodeQuotes") ? (Boolean) conf.get("encodeQuotes") : true;
 
+        alwaysMakeTags = conf.containsKey("alwaysMakeTags") ? (Boolean) conf.get("alwaysMakeTags") : true;
 
+    }
 
+
 
+    private void reset()
 
+    {
 
+        vTagCounts.clear();
 
+    }
 
+
 
+    // ---------------------------------------------------------------
 
+    // my versions of some PHP library functions
 
+    public static String chr(final int decimal)
 
+    {
 
+        return String.valueOf((char) decimal);
 
+    }
 
+
 
+    public static String htmlSpecialChars(final String s)
 
+    {
 
+        String result = s;
 
+        result = regexReplace(P_AMP, "&amp;", result);
 
+        result = regexReplace(P_QUOTE, "&quot;", result);
 
+        result = regexReplace(P_LEFT_ARROW, "&lt;", result);
 
+        result = regexReplace(P_RIGHT_ARROW, "&gt;", result);
 
+        return result;
 
+    }
 
+
 
+    // ---------------------------------------------------------------
 
+
 
+    /**
 
+     * given a user submitted input String, filter out any invalid or restricted html.
 
+     *
 
+     * @param input text (i.e. submitted by a user) than may contain html
 
+     * @return "clean" version of input, with only valid, whitelisted html elements allowed
 
+     */
 
+    public String filter(final String input)
 
+    {
 
+        reset();
 
+        String s = input;
 
+
 
+        s = escapeComments(s);
 
+
 
+        s = balanceHTML(s);
 
+
 
+        s = checkTags(s);
 
+
 
+        s = processRemoveBlanks(s);
 
+
 
+        // s = validateEntities(s);
 
+
 
+        return s;
 
+    }
 
+
 
+    public boolean isAlwaysMakeTags()
 
+    {
 
+        return alwaysMakeTags;
 
+    }
 
+
 
+    public boolean isStripComments()
 
+    {
 
+        return stripComment;
 
+    }
 
+
 
+    private String escapeComments(final String s)
 
+    {
 
+        final Matcher m = P_COMMENTS.matcher(s);
 
+        final StringBuffer buf = new StringBuffer();
 
+        if (m.find())
 
+        {
 
+            final String match = m.group(1); // (.*?)
 
+            m.appendReplacement(buf, Matcher.quoteReplacement("<!--" + htmlSpecialChars(match) + "-->"));
 
+        }
 
+        m.appendTail(buf);
 
+
 
+        return buf.toString();
 
+    }
 
+
 
+    private String balanceHTML(String s)
 
+    {
 
+        if (alwaysMakeTags)
 
+        {
 
+            //
 
+            // try and form html
 
+            //
 
+            s = regexReplace(P_END_ARROW, "", s);
 
+            // 不追加结束标签
 
+            s = regexReplace(P_BODY_TO_END, "<$1>", s);
 
+            s = regexReplace(P_XML_CONTENT, "$1<$2", s);
 
+
 
+        }
 
+        else
 
+        {
 
+            //
 
+            // escape stray brackets
 
+            //
 
+            s = regexReplace(P_STRAY_LEFT_ARROW, "&lt;$1", s);
 
+            s = regexReplace(P_STRAY_RIGHT_ARROW, "$1$2&gt;<", s);
 
+
 
+            //
 
+            // the last regexp causes '<>' entities to appear
 
+            // (we need to do a lookahead assertion so that the last bracket can
 
+            // be used in the next pass of the regexp)
 
+            //
 
+            s = regexReplace(P_BOTH_ARROWS, "", s);
 
+        }
 
+
 
+        return s;
 
+    }
 
+
 
+    private String checkTags(String s)
 
+    {
 
+        Matcher m = P_TAGS.matcher(s);
 
+
 
+        final StringBuffer buf = new StringBuffer();
 
+        while (m.find())
 
+        {
 
+            String replaceStr = m.group(1);
 
+            replaceStr = processTag(replaceStr);
 
+            m.appendReplacement(buf, Matcher.quoteReplacement(replaceStr));
 
+        }
 
+        m.appendTail(buf);
 
+
 
+        // these get tallied in processTag
 
+        // (remember to reset before subsequent calls to filter method)
 
+        final StringBuilder sBuilder = new StringBuilder(buf.toString());
 
+        for (String key : vTagCounts.keySet())
 
+        {
 
+            for (int ii = 0; ii < vTagCounts.get(key); ii++)
 
+            {
 
+                sBuilder.append("</").append(key).append(">");
 
+            }
 
+        }
 
+        s = sBuilder.toString();
 
+
 
+        return s;
 
+    }
 
+
 
+    private String processRemoveBlanks(final String s)
 
+    {
 
+        String result = s;
 
+        for (String tag : vRemoveBlanks)
 
+        {
 
+            if (!P_REMOVE_PAIR_BLANKS.containsKey(tag))
 
+            {
 
+                P_REMOVE_PAIR_BLANKS.putIfAbsent(tag, Pattern.compile("<" + tag + "(\\s[^>]*)?></" + tag + ">"));
 
+            }
 
+            result = regexReplace(P_REMOVE_PAIR_BLANKS.get(tag), "", result);
 
+            if (!P_REMOVE_SELF_BLANKS.containsKey(tag))
 
+            {
 
+                P_REMOVE_SELF_BLANKS.putIfAbsent(tag, Pattern.compile("<" + tag + "(\\s[^>]*)?/>"));
 
+            }
 
+            result = regexReplace(P_REMOVE_SELF_BLANKS.get(tag), "", result);
 
+        }
 
+
 
+        return result;
 
+    }
 
+
 
+    private static String regexReplace(final Pattern regex_pattern, final String replacement, final String s)
 
+    {
 
+        Matcher m = regex_pattern.matcher(s);
 
+        return m.replaceAll(replacement);
 
+    }
 
+
 
+    private String processTag(final String s)
 
+    {
 
+        // ending tags
 
+        Matcher m = P_END_TAG.matcher(s);
 
+        if (m.find())
 
+        {
 
+            final String name = m.group(1).toLowerCase();
 
+            if (allowed(name))
 
+            {
 
+                if (false == inArray(name, vSelfClosingTags))
 
+                {
 
+                    if (vTagCounts.containsKey(name))
 
+                    {
 
+                        vTagCounts.put(name, vTagCounts.get(name) - 1);
 
+                        return "</" + name + ">";
 
+                    }
 
+                }
 
+            }
 
+        }
 
+
 
+        // starting tags
 
+        m = P_START_TAG.matcher(s);
 
+        if (m.find())
 
+        {
 
+            final String name = m.group(1).toLowerCase();
 
+            final String body = m.group(2);
 
+            String ending = m.group(3);
 
+
 
+            // debug( "in a starting tag, name='" + name + "'; body='" + body + "'; ending='" + ending + "'" );
 
+            if (allowed(name))
 
+            {
 
+                final StringBuilder params = new StringBuilder();
 
+
 
+                final Matcher m2 = P_QUOTED_ATTRIBUTES.matcher(body);
 
+                final Matcher m3 = P_UNQUOTED_ATTRIBUTES.matcher(body);
 
+                final List<String> paramNames = new ArrayList<>();
 
+                final List<String> paramValues = new ArrayList<>();
 
+                while (m2.find())
 
+                {
 
+                    paramNames.add(m2.group(1)); // ([a-z0-9]+)
 
+                    paramValues.add(m2.group(3)); // (.*?)
 
+                }
 
+                while (m3.find())
 
+                {
 
+                    paramNames.add(m3.group(1)); // ([a-z0-9]+)
 
+                    paramValues.add(m3.group(3)); // ([^\"\\s']+)
 
+                }
 
+
 
+                String paramName, paramValue;
 
+                for (int ii = 0; ii < paramNames.size(); ii++)
 
+                {
 
+                    paramName = paramNames.get(ii).toLowerCase();
 
+                    paramValue = paramValues.get(ii);
 
+
 
+                    // debug( "paramName='" + paramName + "'" );
 
+                    // debug( "paramValue='" + paramValue + "'" );
 
+                    // debug( "allowed? " + vAllowed.get( name ).contains( paramName ) );
 
+
 
+                    if (allowedAttribute(name, paramName))
 
+                    {
 
+                        if (inArray(paramName, vProtocolAtts))
 
+                        {
 
+                            paramValue = processParamProtocol(paramValue);
 
+                        }
 
+                        params.append(' ').append(paramName).append("=\"").append(paramValue).append("\"");
 
+                    }
 
+                }
 
+
 
+                if (inArray(name, vSelfClosingTags))
 
+                {
 
+                    ending = " /";
 
+                }
 
+
 
+                if (inArray(name, vNeedClosingTags))
 
+                {
 
+                    ending = "";
 
+                }
 
+
 
+                if (ending == null || ending.length() < 1)
 
+                {
 
+                    if (vTagCounts.containsKey(name))
 
+                    {
 
+                        vTagCounts.put(name, vTagCounts.get(name) + 1);
 
+                    }
 
+                    else
 
+                    {
 
+                        vTagCounts.put(name, 1);
 
+                    }
 
+                }
 
+                else
 
+                {
 
+                    ending = " /";
 
+                }
 
+                return "<" + name + params + ending + ">";
 
+            }
 
+            else
 
+            {
 
+                return "";
 
+            }
 
+        }
 
+
 
+        // comments
 
+        m = P_COMMENT.matcher(s);
 
+        if (!stripComment && m.find())
 
+        {
 
+            return "<" + m.group() + ">";
 
+        }
 
+
 
+        return "";
 
+    }
 
+
 
+    private String processParamProtocol(String s)
 
+    {
 
+        s = decodeEntities(s);
 
+        final Matcher m = P_PROTOCOL.matcher(s);
 
+        if (m.find())
 
+        {
 
+            final String protocol = m.group(1);
 
+            if (!inArray(protocol, vAllowedProtocols))
 
+            {
 
+                // bad protocol, turn into local anchor link instead
 
+                s = "#" + s.substring(protocol.length() + 1);
 
+                if (s.startsWith("#//"))
 
+                {
 
+                    s = "#" + s.substring(3);
 
+                }
 
+            }
 
+        }
 
+
 
+        return s;
 
+    }
 
+
 
+    private String decodeEntities(String s)
 
+    {
 
+        StringBuffer buf = new StringBuffer();
 
+
 
+        Matcher m = P_ENTITY.matcher(s);
 
+        while (m.find())
 
+        {
 
+            final String match = m.group(1);
 
+            final int decimal = Integer.decode(match).intValue();
 
+            m.appendReplacement(buf, Matcher.quoteReplacement(chr(decimal)));
 
+        }
 
+        m.appendTail(buf);
 
+        s = buf.toString();
 
+
 
+        buf = new StringBuffer();
 
+        m = P_ENTITY_UNICODE.matcher(s);
 
+        while (m.find())
 
+        {
 
+            final String match = m.group(1);
 
+            final int decimal = Integer.valueOf(match, 16).intValue();
 
+            m.appendReplacement(buf, Matcher.quoteReplacement(chr(decimal)));
 
+        }
 
+        m.appendTail(buf);
 
+        s = buf.toString();
 
+
 
+        buf = new StringBuffer();
 
+        m = P_ENCODE.matcher(s);
 
+        while (m.find())
 
+        {
 
+            final String match = m.group(1);
 
+            final int decimal = Integer.valueOf(match, 16).intValue();
 
+            m.appendReplacement(buf, Matcher.quoteReplacement(chr(decimal)));
 
+        }
 
+        m.appendTail(buf);
 
+        s = buf.toString();
 
+
 
+        s = validateEntities(s);
 
+        return s;
 
+    }
 
+
 
+    private String validateEntities(final String s)
 
+    {
 
+        StringBuffer buf = new StringBuffer();
 
+
 
+        // validate entities throughout the string
 
+        Matcher m = P_VALID_ENTITIES.matcher(s);
 
+        while (m.find())
 
+        {
 
+            final String one = m.group(1); // ([^&;]*)
 
+            final String two = m.group(2); // (?=(;|&|$))
 
+            m.appendReplacement(buf, Matcher.quoteReplacement(checkEntity(one, two)));
 
+        }
 
+        m.appendTail(buf);
 
+
 
+        return encodeQuotes(buf.toString());
 
+    }
 
+
 
+    private String encodeQuotes(final String s)
 
+    {
 
+        if (encodeQuotes)
 
+        {
 
+            StringBuffer buf = new StringBuffer();
 
+            Matcher m = P_VALID_QUOTES.matcher(s);
 
+            while (m.find())
 
+            {
 
+                final String one = m.group(1); // (>|^)
 
+                final String two = m.group(2); // ([^<]+?)
 
+                final String three = m.group(3); // (<|$)
 
+                // 不替换双引号为&quot;,防止json格式无效 regexReplace(P_QUOTE, "&quot;", two)
 
+                m.appendReplacement(buf, Matcher.quoteReplacement(one + two + three));
 
+            }
 
+            m.appendTail(buf);
 
+            return buf.toString();
 
+        }
 
+        else
 
+        {
 
+            return s;
 
+        }
 
+    }
 
+
 
+    private String checkEntity(final String preamble, final String term)
 
+    {
 
+
 
+        return ";".equals(term) && isValidEntity(preamble) ? '&' + preamble : "&amp;" + preamble;
 
+    }
 
+
 
+    private boolean isValidEntity(final String entity)
 
+    {
 
+        return inArray(entity, vAllowedEntities);
 
+    }
 
+
 
+    private static boolean inArray(final String s, final String[] array)
 
+    {
 
+        for (String item : array)
 
+        {
 
+            if (item != null && item.equals(s))
 
+            {
 
+                return true;
 
+            }
 
+        }
 
+        return false;
 
+    }
 
+
 
+    private boolean allowed(final String name)
 
+    {
 
+        return (vAllowed.isEmpty() || vAllowed.containsKey(name)) && !inArray(name, vDisallowed);
 
+    }
 
+
 
+    private boolean allowedAttribute(final String name, final String paramName)
 
+    {
 
+        return allowed(name) && (vAllowed.isEmpty() || vAllowed.get(name).contains(paramName));
 
+    }
 
+}

+ 56 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/manager/AsyncManager.java
Ver fichero 

@@ -0,0 +1,56 @@
 
+package com.bizmatics.service.util.manager;
 
+
 
+import com.bizmatics.common.spring.util.SpringContextUtils;
 
+import com.bizmatics.common.spring.util.ThreadUtils;
 
+
 
+import java.util.TimerTask;
 
+import java.util.concurrent.ScheduledExecutorService;
 
+import java.util.concurrent.TimeUnit;
 
+
 
+/**
 
+ * 异步任务管理器
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class AsyncManager
 
+{
 
+    /**
 
+     * 操作延迟10毫秒
 
+     */
 
+    private final int OPERATE_DELAY_TIME = 10;
 
+
 
+    /**
 
+     * 异步操作任务调度线程池
 
+     */
 
+    private ScheduledExecutorService executor = SpringContextUtils.getBean("scheduledExecutorService");
 
+
 
+    /**
 
+     * 单例模式
 
+     */
 
+    private AsyncManager(){}
 
+
 
+    private static AsyncManager me = new AsyncManager();
 
+
 
+    public static AsyncManager me()
 
+    {
 
+        return me;
 
+    }
 
+
 
+    /**
 
+     * 执行任务
 
+     * 
+     * @param task 任务
 
+     */
 
+    public void execute(TimerTask task)
 
+    {
 
+        executor.schedule(task, OPERATE_DELAY_TIME, TimeUnit.MILLISECONDS);
 
+    }
 
+
 
+    /**
 
+     * 停止任务线程池
 
+     */
 
+    public void shutdown()
 
+    {
 
+        ThreadUtils.shutdownAndAwaitTermination(executor);
 
+    }
 
+}

+ 26 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/manager/MessageUtils.java
Ver fichero 

@@ -0,0 +1,26 @@
 
+package com.bizmatics.service.util.manager;
 
+
 
+import com.bizmatics.common.spring.util.SpringContextUtils;
 
+import org.springframework.context.MessageSource;
 
+import org.springframework.context.i18n.LocaleContextHolder;
 
+
 
+/**
 
+ * 获取i18n资源文件
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class MessageUtils
 
+{
 
+    /**
 
+     * 根据消息键和参数 获取消息 委托给spring messageSource
 
+     *
 
+     * @param code 消息键
 
+     * @param args 参数
 
+     * @return 获取国际化翻译值
 
+     */
 
+    public static String message(String code, Object... args)
 
+    {
 
+        MessageSource messageSource = SpringContextUtils.getBean(MessageSource.class);
 
+        return messageSource.getMessage(code, args, LocaleContextHolder.getLocale());
 
+    }
 
+}

+ 39 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/manager/ShutdownManager.java
Ver fichero 

@@ -0,0 +1,39 @@
 
+package com.bizmatics.service.util.manager;
 
+
 
+import org.slf4j.Logger;
 
+import org.slf4j.LoggerFactory;
 
+import org.springframework.stereotype.Component;
 
+import javax.annotation.PreDestroy;
 
+
 
+/**
 
+ * 确保应用退出时能关闭后台线程
 
+ *
 
+ * @author ruoyi
 
+ */
 
+@Component
 
+public class ShutdownManager
 
+{
 
+    private static final Logger logger = LoggerFactory.getLogger("sys-user");
 
+
 
+    @PreDestroy
 
+    public void destroy()
 
+    {
 
+        shutdownAsyncManager();
 
+    }
 
+
 
+    /**
 
+     * 停止异步执行任务
 
+     */
 
+    private void shutdownAsyncManager()
 
+    {
 
+        try
 
+        {
 
+            logger.info("====关闭后台任务任务线程池====");
 
+            AsyncManager.me().shutdown();
 
+        }
 
+        catch (Exception e)
 
+        {
 
+            logger.error(e.getMessage(), e);
 
+        }
 
+    }
 
+}

+ 103 - 0
fiveep-service/src/main/java/com/bizmatics/service/util/manager/factory/AsyncFactory.java
Ver fichero 

@@ -0,0 +1,103 @@
 
+package com.bizmatics.service.util.manager.factory;
 
+
 
+import com.bizmatics.common.core.util.StringUtils;
 
+import com.bizmatics.common.mvc.utils.IpUtils;
 
+import com.bizmatics.common.mvc.utils.ServletUtils;
 
+import com.bizmatics.common.spring.util.SpringContextUtils;
 
+import com.bizmatics.model.constants.Constants;
 
+import com.bizmatics.model.system.SysLogininfor;
 
+import com.bizmatics.model.system.SysOperLog;
 
+import com.bizmatics.service.system.ISysLogininforService;
 
+import com.bizmatics.service.system.ISysOperLogService;
 
+import com.bizmatics.service.util.AddressUtils;
 
+import com.bizmatics.service.util.LogUtils;
 
+import eu.bitwalker.useragentutils.UserAgent;
 
+import org.slf4j.Logger;
 
+import org.slf4j.LoggerFactory;
 
+
 
+import java.util.TimerTask;
 
+
 
+/**
 
+ * 异步工厂(产生任务用)
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class AsyncFactory
 
+{
 
+    private static final Logger sys_user_logger = LoggerFactory.getLogger("sys-user");
 
+
 
+    /**
 
+     * 记录登录信息
 
+     * 
+     * @param username 用户名
 
+     * @param status 状态
 
+     * @param message 消息
 
+     * @param args 列表
 
+     * @return 任务task
 
+     */
 
+    public static TimerTask recordLogininfor(final String username, final String status, final String message,
 
+            final Object... args)
 
+    {
 
+        final UserAgent userAgent = UserAgent.parseUserAgentString(ServletUtils.getRequest().getHeader("User-Agent"));
 
+        final String ip = IpUtils.getIpAddr(ServletUtils.getRequest());
 
+        return new TimerTask()
 
+        {
 
+            @Override
 
+            public void run()
 
+            {
 
+                String address = AddressUtils.getRealAddressByIP(ip);
 
+                StringBuilder s = new StringBuilder();
 
+                s.append(LogUtils.getBlock(ip));
 
+                s.append(address);
 
+                s.append(LogUtils.getBlock(username));
 
+                s.append(LogUtils.getBlock(status));
 
+                s.append(LogUtils.getBlock(message));
 
+                // 打印信息到日志
 
+                sys_user_logger.info(s.toString(), args);
 
+                // 获取客户端操作系统
 
+                String os = userAgent.getOperatingSystem().getName();
 
+                // 获取客户端浏览器
 
+                String browser = userAgent.getBrowser().getName();
 
+                // 封装对象
 
+                SysLogininfor logininfor = new SysLogininfor();
 
+                logininfor.setUserName(username);
 
+                logininfor.setIpaddr(ip);
 
+                logininfor.setLoginLocation(address);
 
+                logininfor.setBrowser(browser);
 
+                logininfor.setOs(os);
 
+                logininfor.setMsg(message);
 
+                // 日志状态
 
+                if (StringUtils.equalsAny(status, Constants.LOGIN_SUCCESS, Constants.LOGOUT, Constants.REGISTER))
 
+                {
 
+                    logininfor.setStatus(Constants.SUCCESS);
 
+                }
 
+                else if (Constants.LOGIN_FAIL.equals(status))
 
+                {
 
+                    logininfor.setStatus(Constants.FAIL);
 
+                }
 
+                // 插入数据
 
+                SpringContextUtils.getBean(ISysLogininforService.class).insertLogininfor(logininfor);
 
+            }
 
+        };
 
+    }
 
+
 
+    /**
 
+     * 操作日志记录
 
+     * 
+     * @param operLog 操作日志信息
 
+     * @return 任务task
 
+     */
 
+    public static TimerTask recordOper(final SysOperLog operLog)
 
+    {
 
+        return new TimerTask()
 
+        {
 
+            @Override
 
+            public void run()
 
+            {
 
+                // 远程查询操作地点
 
+                operLog.setOperLocation(AddressUtils.getRealAddressByIP(operLog.getOperIp()));
 
+                SpringContextUtils.getBean(ISysOperLogService.class).insertOperlog(operLog);
 
+            }
 
+        };
 
+    }
 
+}

+ 69 - 0
fiveep-service/src/main/java/com/bizmatics/service/vo/LoginBody.java
Ver fichero 

@@ -0,0 +1,69 @@
 
+package com.bizmatics.service.vo;
 
+
 
+/**
 
+ * 用户登录对象
 
+ * 
+ * @author ruoyi
 
+ */
 
+public class LoginBody
 
+{
 
+    /**
 
+     * 用户名
 
+     */
 
+    private String username;
 
+
 
+    /**
 
+     * 用户密码
 
+     */
 
+    private String password;
 
+
 
+    /**
 
+     * 验证码
 
+     */
 
+    private String code;
 
+
 
+    /**
 
+     * 唯一标识
 
+     */
 
+    private String uuid = "";
 
+
 
+    public String getUsername()
 
+    {
 
+        return username;
 
+    }
 
+
 
+    public void setUsername(String username)
 
+    {
 
+        this.username = username;
 
+    }
 
+
 
+    public String getPassword()
 
+    {
 
+        return password;
 
+    }
 
+
 
+    public void setPassword(String password)
 
+    {
 
+        this.password = password;
 
+    }
 
+
 
+    public String getCode()
 
+    {
 
+        return code;
 
+    }
 
+
 
+    public void setCode(String code)
 
+    {
 
+        this.code = code;
 
+    }
 
+
 
+    public String getUuid()
 
+    {
 
+        return uuid;
 
+    }
 
+
 
+    public void setUuid(String uuid)
 
+    {
 
+        this.uuid = uuid;
 
+    }
 
+}