From 632b959324ddaa754b8c7aa88f38ec3c994e60f5 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期二, 05 十一月 2024 16:21:15 +0800
Subject: [PATCH] 优化无用户编号不校验数据权限
---
src/main/java/com/ruoyi/project/system/controller/SysProfileController.java | 59 +++++++++++++++++++++++++++--------------------------------
1 files changed, 27 insertions(+), 32 deletions(-)
diff --git a/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java b/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java
index d85d477..c67b454 100644
--- a/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java
+++ b/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java
@@ -1,6 +1,5 @@
package com.ruoyi.project.system.controller;
-import java.io.IOException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
@@ -10,11 +9,10 @@
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
-import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.file.FileUploadUtils;
+import com.ruoyi.common.utils.file.MimeTypeUtils;
import com.ruoyi.framework.aspectj.lang.annotation.Log;
import com.ruoyi.framework.aspectj.lang.enums.BusinessType;
import com.ruoyi.framework.config.RuoYiConfig;
@@ -46,7 +44,7 @@
@GetMapping
public AjaxResult profile()
{
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = getLoginUser();
SysUser user = loginUser.getUser();
AjaxResult ajax = AjaxResult.success(user);
ajax.put("roleGroup", userService.selectUserRoleGroup(loginUser.getUsername()));
@@ -61,31 +59,27 @@
@PutMapping
public AjaxResult updateProfile(@RequestBody SysUser user)
{
- if (StringUtils.isNotEmpty(user.getPhonenumber())
- && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
+ LoginUser loginUser = getLoginUser();
+ SysUser currentUser = loginUser.getUser();
+ currentUser.setNickName(user.getNickName());
+ currentUser.setEmail(user.getEmail());
+ currentUser.setPhonenumber(user.getPhonenumber());
+ currentUser.setSex(user.getSex());
+ if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(currentUser))
{
- return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
+ return error("淇敼鐢ㄦ埛'" + loginUser.getUsername() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
}
- else if (StringUtils.isNotEmpty(user.getEmail())
- && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
+ if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(currentUser))
{
- return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
+ return error("淇敼鐢ㄦ埛'" + loginUser.getUsername() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- SysUser sysUser = loginUser.getUser();
- user.setUserId(sysUser.getUserId());
- user.setPassword(null);
- if (userService.updateUserProfile(user) > 0)
+ if (userService.updateUserProfile(currentUser) > 0)
{
// 鏇存柊缂撳瓨鐢ㄦ埛淇℃伅
- loginUser.getUser().setNickName(user.getNickName());
- loginUser.getUser().setPhonenumber(user.getPhonenumber());
- loginUser.getUser().setEmail(user.getEmail());
- loginUser.getUser().setSex(user.getSex());
tokenService.setLoginUser(loginUser);
- return AjaxResult.success();
+ return success();
}
- return AjaxResult.error("淇敼涓汉淇℃伅寮傚父锛岃鑱旂郴绠$悊鍛�");
+ return error("淇敼涓汉淇℃伅寮傚父锛岃鑱旂郴绠$悊鍛�");
}
/**
@@ -95,25 +89,26 @@
@PutMapping("/updatePwd")
public AjaxResult updatePwd(String oldPassword, String newPassword)
{
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = getLoginUser();
String userName = loginUser.getUsername();
String password = loginUser.getPassword();
if (!SecurityUtils.matchesPassword(oldPassword, password))
{
- return AjaxResult.error("淇敼瀵嗙爜澶辫触锛屾棫瀵嗙爜閿欒");
+ return error("淇敼瀵嗙爜澶辫触锛屾棫瀵嗙爜閿欒");
}
if (SecurityUtils.matchesPassword(newPassword, password))
{
- return AjaxResult.error("鏂板瘑鐮佷笉鑳戒笌鏃у瘑鐮佺浉鍚�");
+ return error("鏂板瘑鐮佷笉鑳戒笌鏃у瘑鐮佺浉鍚�");
}
- if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0)
+ newPassword = SecurityUtils.encryptPassword(newPassword);
+ if (userService.resetUserPwd(userName, newPassword) > 0)
{
// 鏇存柊缂撳瓨鐢ㄦ埛瀵嗙爜
- loginUser.getUser().setPassword(SecurityUtils.encryptPassword(newPassword));
+ loginUser.getUser().setPassword(newPassword);
tokenService.setLoginUser(loginUser);
- return AjaxResult.success();
+ return success();
}
- return AjaxResult.error("淇敼瀵嗙爜寮傚父锛岃鑱旂郴绠$悊鍛�");
+ return error("淇敼瀵嗙爜寮傚父锛岃鑱旂郴绠$悊鍛�");
}
/**
@@ -121,12 +116,12 @@
*/
@Log(title = "鐢ㄦ埛澶村儚", businessType = BusinessType.UPDATE)
@PostMapping("/avatar")
- public AjaxResult avatar(@RequestParam("avatarfile") MultipartFile file) throws IOException
+ public AjaxResult avatar(@RequestParam("avatarfile") MultipartFile file) throws Exception
{
if (!file.isEmpty())
{
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- String avatar = FileUploadUtils.upload(RuoYiConfig.getAvatarPath(), file);
+ LoginUser loginUser = getLoginUser();
+ String avatar = FileUploadUtils.upload(RuoYiConfig.getAvatarPath(), file, MimeTypeUtils.IMAGE_EXTENSION);
if (userService.updateUserAvatar(loginUser.getUsername(), avatar))
{
AjaxResult ajax = AjaxResult.success();
@@ -137,6 +132,6 @@
return ajax;
}
}
- return AjaxResult.error("涓婁紶鍥剧墖寮傚父锛岃鑱旂郴绠$悊鍛�");
+ return error("涓婁紶鍥剧墖寮傚父锛岃鑱旂郴绠$悊鍛�");
}
}
--
Gitblit v1.9.3