1修复没有账号锁定，密码次数限制功能

2修复修改用户，限制不能操作员工，只能操作外协

eladmin-system/src/main/java/me/zhengjie/modules/dm/appMenu/repository/DmAppMenuRepository.java

@@ -16,8 +16,12 @@
 package me.zhengjie.modules.dm.appMenu.repository;
 
 import me.zhengjie.modules.dm.appMenu.domain.DmAppMenu;
+import me.zhengjie.modules.dm.system.domain.DmSystem;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
+import org.springframework.data.jpa.repository.Query;
+
+import java.util.List;
 
 /**
 * @website https://el-admin.vip
@@ -25,4 +29,12 @@ import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
 * @date 2021-12-21
 **/
 public interface DmAppMenuRepository extends JpaRepository<DmAppMenu, Integer>, JpaSpecificationExecutor<DmAppMenu> {
+
+    /**
+     * 返回全部的APP菜单
+     * @return
+     */
+    @Query(value = "select a.* from dm_app_menu as a", nativeQuery = true)
+    List<DmAppMenu> getAppMenu();
+
 }

eladmin-system/src/main/java/me/zhengjie/modules/dm/appMenu/rest/DmAppMenuController.java

@@ -28,6 +28,7 @@ import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.annotations.*;
 import java.io.IOException;
+import java.util.List;
 import javax.servlet.http.HttpServletResponse;
 
 /**
@@ -84,4 +85,10 @@ public class DmAppMenuController {
         dmAppMenuService.deleteAll(ids);
         return new ResponseEntity<>(HttpStatus.OK);
     }
+
+    @ApiOperation("返回全部的APP菜单")
+    @GetMapping(value = "/lazy")
+    public ResponseEntity<Object> query(){
+        return new ResponseEntity<>(dmAppMenuService.getAppMenu(),HttpStatus.OK);
+    }
 }

eladmin-system/src/main/java/me/zhengjie/modules/dm/appMenu/service/DmAppMenuService.java

@@ -18,6 +18,8 @@ package me.zhengjie.modules.dm.appMenu.service;
 import me.zhengjie.modules.dm.appMenu.domain.DmAppMenu;
 import me.zhengjie.modules.dm.appMenu.service.dto.DmAppMenuDto;
 import me.zhengjie.modules.dm.appMenu.service.dto.DmAppMenuQueryCriteria;
+import me.zhengjie.modules.dm.system.domain.DmSystem;
+import me.zhengjie.modules.dm.system.service.dto.DmSystemDto;
 import org.springframework.data.domain.Pageable;
 import java.util.Map;
 import java.util.List;
@@ -80,4 +82,10 @@ public interface DmAppMenuService {
     * @throws IOException /
     */
     void download(List<DmAppMenuDto> all, HttpServletResponse response) throws IOException;
+
+    /**
+     * 返回全部的APP菜单
+     * @return DmAppMenu
+     */
+    List<DmAppMenuDto> getAppMenu();
 }

eladmin-system/src/main/java/me/zhengjie/modules/dm/appMenu/service/dto/DmAppMenuDto.java

@@ -42,6 +42,8 @@ public class DmAppMenuDto extends BaseEntity implements Serializable {
     /** 菜单路由 */
     private String route;
 
+    private Boolean leaf = true;
+
 //    /** 创建者 */
 //    private String createBy;
 //

eladmin-system/src/main/java/me/zhengjie/modules/dm/appMenu/service/impl/DmAppMenuServiceImpl.java

@@ -16,6 +16,8 @@
 package me.zhengjie.modules.dm.appMenu.service.impl;
 
 import me.zhengjie.modules.dm.appMenu.domain.DmAppMenu;
+import me.zhengjie.modules.dm.system.domain.DmSystem;
+import me.zhengjie.modules.dm.system.service.dto.DmSystemDto;
 import me.zhengjie.utils.ValidationUtil;
 import me.zhengjie.utils.FileUtil;
 import lombok.RequiredArgsConstructor;
@@ -107,4 +109,9 @@ public class DmAppMenuServiceImpl implements DmAppMenuService {
         }
         FileUtil.downloadExcel(list, response);
     }
+
+    @Override
+    public List<DmAppMenuDto> getAppMenu() {
+        return dmAppMenuMapper.toDto(dmAppMenuRepository.getAppMenu());
+    }
 }

eladmin-system/src/main/java/me/zhengjie/modules/dm/system/repository/DmSystemRepository.java

@@ -34,7 +34,7 @@ public interface DmSystemRepository extends JpaRepository<DmSystem, Integer>, Jp
     /**
      * 根据角色查询
      *
-     * @param roles
+     * @param roleIds
      * @return
      */
     @Query(value = "select s.* from dm_system as s left join dm_role_system as rs on s.id = rs.system_id left join sys_role as r on rs.role_id = r.role_id where r.role_id in (:roleIds) and if(:isMenu IS NULL,1=1,s.is_menu = :isMenu) GROUP BY id", nativeQuery = true)

eladmin-system/src/main/java/me/zhengjie/modules/dm/system/service/DmSystemService.java

@@ -83,7 +83,7 @@ public interface DmSystemService {
 
     /**
      * 根据角色查询
-     * @param roleId roleId
+     * @param roleIds roleId
      * @return DmSystem
      */
     List<DmSystem> findByRoleId(List<Long> roleIds,Long isMenu);

eladmin-system/src/main/java/me/zhengjie/modules/security/config/bean/CheckLoginNumber.java

@@ -0,0 +1,35 @@
+package me.zhengjie.modules.security.config.bean;
+
+import lombok.RequiredArgsConstructor;
+import me.zhengjie.utils.RedisUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.util.ObjectUtils;
+
+@Service
+@RequiredArgsConstructor
+public class CheckLoginNumber {
+
+    private final RedisUtils redisUtils;
+    
+    public Integer checkLoginTimes(String key, Integer errLimit) {
+        Object value = redisUtils.get(key);
+        Integer number = 0;
+        //第一次登陆失败
+        if (ObjectUtils.isEmpty(value)) {
+            //设置key
+            redisUtils.set(key, number);
+        } else {
+            number = (Integer) value;
+        }
+        //登陆失败未操作次数限制
+        System.out.println(number);
+        if (number <  errLimit) {
+            number++;
+            redisUtils.set(key, number);
+        }
+        //设置过期时间
+        redisUtils.expire(key, 1800);
+        return number;
+    }
+
+}

eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthorizationController.java

@@ -26,6 +26,7 @@ import me.zhengjie.annotation.rest.AnonymousGetMapping;
 import me.zhengjie.annotation.rest.AnonymousPostMapping;
 import me.zhengjie.config.RsaProperties;
 import me.zhengjie.exception.BadRequestException;
+import me.zhengjie.modules.security.config.bean.CheckLoginNumber;
 import me.zhengjie.modules.security.config.bean.LoginCodeEnum;
 import me.zhengjie.modules.security.config.bean.LoginProperties;
 import me.zhengjie.modules.security.config.bean.SecurityProperties;
@@ -33,6 +34,8 @@ import me.zhengjie.modules.security.security.TokenProvider;
 import me.zhengjie.modules.security.service.dto.AuthUserDto;
 import me.zhengjie.modules.security.service.dto.JwtUserDto;
 import me.zhengjie.modules.security.service.OnlineUserService;
+import me.zhengjie.modules.system.service.UserService;
+import me.zhengjie.modules.system.service.dto.UserDto;
 import me.zhengjie.service.LocalStorageService;
 import me.zhengjie.utils.RsaUtils;
 import me.zhengjie.utils.RedisUtils;
@@ -43,7 +46,9 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.ObjectUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import javax.annotation.Resource;
@@ -72,41 +77,68 @@ public class AuthorizationController {
     @Resource
     private LoginProperties loginProperties;
 
+    private final UserService userService;
+
+    private final CheckLoginNumber checkLoginNumber;
+
     @ApiOperation("登录授权")
     @AnonymousPostMapping(value = "/login")
     public ResponseEntity<Object> login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
-        // 密码解密
-        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
-        System.out.println("password:"+password);
-        // 查询验证码
-        String code = (String) redisUtils.get(authUser.getUuid());
-        // 清除验证码
-        redisUtils.del(authUser.getUuid());
-        if (StringUtils.isBlank(code)) {
-            throw new BadRequestException("验证码不存在或已过期");
-        }
-        if (StringUtils.isBlank(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
-            throw new BadRequestException("验证码错误");
-        }
-        UsernamePasswordAuthenticationToken authenticationToken =
-                new UsernamePasswordAuthenticationToken(authUser.getUsername(), password);
-        Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
-        SecurityContextHolder.getContext().setAuthentication(authentication);
-        // 生成令牌
-        String token = tokenProvider.createToken(authentication);
-        final JwtUserDto jwtUserDto = (JwtUserDto) authentication.getPrincipal();
-        // 保存在线信息
-        onlineUserService.save(jwtUserDto, token, request);
-        // 返回 token 与 用户信息
-        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
-            put("token", properties.getTokenStartWith() + token);
-            put("user", jwtUserDto);
-        }};
-        if (loginProperties.isSingleLogin()) {
-            //踢掉之前已经登录的token
-            onlineUserService.checkLoginOnUser(authUser.getUsername(), token);
+        //根据账号查询用户
+        UserDto userDto = userService.findByUsername(authUser.getUsername());
+        //如果账号不等于空，则验证登录次数限制
+        if(!ObjectUtils.isEmpty(userDto)){
+            //redis限制次数的key
+            String key = "SIGN_UP_LOGIN_COUNT_" + authUser.getUsername();
+            //获取当前半个小时内登录的次数
+            Integer number = (Integer) redisUtils.get(key);
+            //如果超过限制次数则返回账号锁定
+            if(!ObjectUtils.isEmpty(number) && number >= userDto.getErrLimit()){
+                throw new BadRequestException("账号已被锁定！");
+            }
+
+            // 密码解密
+            String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
+            System.out.println("password:"+password);
+            // 查询验证码
+            String code = (String) redisUtils.get(authUser.getUuid());
+            // 清除验证码
+            redisUtils.del(authUser.getUuid());
+            if (StringUtils.isBlank(code)) {
+                throw new BadRequestException("验证码不存在或已过期");
+            }
+            if (StringUtils.isBlank(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
+                checkLoginNumber.checkLoginTimes(key,userDto.getErrLimit());
+                throw new BadRequestException("验证码错误");
+            }
+            Authentication authentication = null;
+            try {
+                UsernamePasswordAuthenticationToken authenticationToken =
+                        new UsernamePasswordAuthenticationToken(authUser.getUsername(), password);
+                authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
+                SecurityContextHolder.getContext().setAuthentication(authentication);
+            } catch (AuthenticationException e) {
+                checkLoginNumber.checkLoginTimes(key,userDto.getErrLimit());
+                throw new BadRequestException("密码错误");
+            }
+            // 生成令牌
+            String token = tokenProvider.createToken(authentication);
+            final JwtUserDto jwtUserDto = (JwtUserDto) authentication.getPrincipal();
+            // 保存在线信息
+            onlineUserService.save(jwtUserDto, token, request);
+            // 返回 token 与 用户信息
+            Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
+                put("token", properties.getTokenStartWith() + token);
+                put("user", jwtUserDto);
+            }};
+            if (loginProperties.isSingleLogin()) {
+                //踢掉之前已经登录的token
+                onlineUserService.checkLoginOnUser(authUser.getUsername(), token);
+            }
+            return ResponseEntity.ok(authInfo);
+        } else {
+            throw new BadRequestException("账号不正确");
         }
-        return ResponseEntity.ok(authInfo);
     }
 
     @ApiOperation("单点登录授权")

eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Role.java

@@ -20,6 +20,7 @@ import io.swagger.annotations.ApiModelProperty;
 import lombok.Getter;
 import lombok.Setter;
 import me.zhengjie.base.BaseEntity;
+import me.zhengjie.modules.dm.appMenu.domain.DmAppMenu;
 import me.zhengjie.modules.dm.system.domain.DmSystem;
 import me.zhengjie.utils.enums.DataScopeEnum;
 
@@ -67,6 +68,13 @@ public class Role extends BaseEntity implements Serializable {
     @ApiModelProperty(value = "子系统", hidden = true)
     private Set<DmSystem> systems;
 
+    @ManyToMany(fetch=FetchType.EAGER)
+    @JoinTable(name = "dm_role_app",
+            joinColumns = {@JoinColumn(name = "role_id",referencedColumnName = "role_id")},
+            inverseJoinColumns = {@JoinColumn(name = "app_id",referencedColumnName = "id")})
+    @ApiModelProperty(value = "APP菜单", hidden = true)
+    private Set<DmAppMenu> appMenus;
+
     @ManyToMany(fetch=FetchType.EAGER)
     @JoinTable(name = "sys_roles_depts",
             joinColumns = {@JoinColumn(name = "role_id",referencedColumnName = "role_id")},

eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java

@@ -133,6 +133,17 @@ public class RoleController {
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
 
+    @Log("修改角色APP菜单")
+    @ApiOperation("修改角色APP菜单")
+    @PutMapping(value = "/appMenu")
+    @PreAuthorize("@el.check('roles:edit')")
+    public ResponseEntity<Object> updateAppMenu(@RequestBody Role resources){
+        RoleDto role = roleService.findById(resources.getId());
+        getLevels(role.getLevel());
+        roleService.updateAppMenu(resources,role);
+        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
+    }
+
     @Log("删除角色")
     @ApiOperation("删除角色")
     @DeleteMapping

eladmin-system/src/main/java/me/zhengjie/modules/system/service/RoleService.java

@@ -93,6 +93,13 @@ public interface RoleService {
      */
     void updateSystem(Role resources, RoleDto roleDTO);
 
+    /**
+     * 修改绑定的APP菜单
+     * @param resources /
+     * @param roleDTO /
+     */
+    void updateAppMenu(Role resources, RoleDto roleDTO);
+
     /**
      * 解绑菜单
      * @param id /

eladmin-system/src/main/java/me/zhengjie/modules/system/service/UserService.java

@@ -39,6 +39,13 @@ public interface UserService {
      */
     UserDto findById(String id);
 
+    /**
+     * 根据账号查询
+     * @param username 账号
+     * @return /
+     */
+    UserDto findByUsername(String username);
+
     /**
      * 新增用户
      * @param resources /

eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/RoleDto.java

@@ -18,6 +18,8 @@ package me.zhengjie.modules.system.service.dto;
 import lombok.Getter;
 import lombok.Setter;
 import me.zhengjie.base.BaseDTO;
+import me.zhengjie.modules.dm.appMenu.domain.DmAppMenu;
+import me.zhengjie.modules.dm.appMenu.service.dto.DmAppMenuDto;
 import me.zhengjie.modules.dm.system.domain.DmSystem;
 import me.zhengjie.modules.dm.system.service.dto.DmSystemDto;
 
@@ -41,6 +43,8 @@ public class RoleDto extends BaseDTO implements Serializable {
 
     private Set<DmSystemDto> systems;
 
+    private Set<DmAppMenuDto> appMenus;
+
     private Set<DeptDto> depts;
 
     private String name;

eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/RoleServiceImpl.java

@@ -159,6 +159,23 @@ public class RoleServiceImpl implements RoleService {
         roleRepository.save(role);
     }
 
+    @Override
+    public void updateAppMenu(Role resources, RoleDto roleDTO) {
+        Role role = roleMapper.toEntity(roleDTO);
+        List<User> users = new ArrayList<>();
+        List<Map<String,Object>> userMap = userRepository.findByRoleId2(role.getId());
+        for(Map<String,Object> map : userMap){
+            User user = new User();
+            user.setId(map.get("userId").toString());
+            user.setUsername(map.get("username").toString());
+            users.add(user);
+        }
+        // 更新菜单
+        role.setAppMenus(resources.getAppMenus());
+        delCaches(resources.getId(), users);
+        roleRepository.save(role);
+    }
+
     @Override
     @Transactional(rollbackFor = Exception.class)
     public void untiedMenu(String menuId) {

eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/UserServiceImpl.java

@@ -103,6 +103,11 @@ public class UserServiceImpl implements UserService {
         }
     }
 
+    @Override
+    public UserDto findByUsername(String username) {
+        return userMapper.toDto(userRepository.findByUsername(username));
+    }
+
     @Override
     @Transactional(rollbackFor = Exception.class)
     public void create(User resources) {