From 632b959324ddaa754b8c7aa88f38ec3c994e60f5 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期二, 05 十一月 2024 16:21:15 +0800
Subject: [PATCH] 优化无用户编号不校验数据权限
---
src/main/java/com/ruoyi/project/system/controller/SysProfileController.java | 58 ++++++++++++++++++++++++++++++++++------------------------
1 files changed, 34 insertions(+), 24 deletions(-)
diff --git a/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java b/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java
index 8b0b38e..c67b454 100644
--- a/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java
+++ b/src/main/java/com/ruoyi/project/system/controller/SysProfileController.java
@@ -1,6 +1,5 @@
package com.ruoyi.project.system.controller;
-import java.io.IOException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
@@ -11,8 +10,9 @@
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.file.FileUploadUtils;
+import com.ruoyi.common.utils.file.MimeTypeUtils;
import com.ruoyi.framework.aspectj.lang.annotation.Log;
import com.ruoyi.framework.aspectj.lang.enums.BusinessType;
import com.ruoyi.framework.config.RuoYiConfig;
@@ -44,7 +44,7 @@
@GetMapping
public AjaxResult profile()
{
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = getLoginUser();
SysUser user = loginUser.getUser();
AjaxResult ajax = AjaxResult.success(user);
ajax.put("roleGroup", userService.selectUserRoleGroup(loginUser.getUsername()));
@@ -59,18 +59,27 @@
@PutMapping
public AjaxResult updateProfile(@RequestBody SysUser user)
{
- if (userService.updateUserProfile(user) > 0)
+ LoginUser loginUser = getLoginUser();
+ SysUser currentUser = loginUser.getUser();
+ currentUser.setNickName(user.getNickName());
+ currentUser.setEmail(user.getEmail());
+ currentUser.setPhonenumber(user.getPhonenumber());
+ currentUser.setSex(user.getSex());
+ if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(currentUser))
{
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- // 鏇存柊缂撳瓨鐢ㄦ埛淇℃伅
- loginUser.getUser().setNickName(user.getNickName());
- loginUser.getUser().setPhonenumber(user.getPhonenumber());
- loginUser.getUser().setEmail(user.getEmail());
- loginUser.getUser().setSex(user.getSex());
- tokenService.setLoginUser(loginUser);
- return AjaxResult.success();
+ return error("淇敼鐢ㄦ埛'" + loginUser.getUsername() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
}
- return AjaxResult.error("淇敼涓汉淇℃伅寮傚父锛岃鑱旂郴绠$悊鍛�");
+ if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(currentUser))
+ {
+ return error("淇敼鐢ㄦ埛'" + loginUser.getUsername() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
+ }
+ if (userService.updateUserProfile(currentUser) > 0)
+ {
+ // 鏇存柊缂撳瓨鐢ㄦ埛淇℃伅
+ tokenService.setLoginUser(loginUser);
+ return success();
+ }
+ return error("淇敼涓汉淇℃伅寮傚父锛岃鑱旂郴绠$悊鍛�");
}
/**
@@ -80,25 +89,26 @@
@PutMapping("/updatePwd")
public AjaxResult updatePwd(String oldPassword, String newPassword)
{
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = getLoginUser();
String userName = loginUser.getUsername();
String password = loginUser.getPassword();
if (!SecurityUtils.matchesPassword(oldPassword, password))
{
- return AjaxResult.error("淇敼瀵嗙爜澶辫触锛屾棫瀵嗙爜閿欒");
+ return error("淇敼瀵嗙爜澶辫触锛屾棫瀵嗙爜閿欒");
}
if (SecurityUtils.matchesPassword(newPassword, password))
{
- return AjaxResult.error("鏂板瘑鐮佷笉鑳戒笌鏃у瘑鐮佺浉鍚�");
+ return error("鏂板瘑鐮佷笉鑳戒笌鏃у瘑鐮佺浉鍚�");
}
- if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0)
+ newPassword = SecurityUtils.encryptPassword(newPassword);
+ if (userService.resetUserPwd(userName, newPassword) > 0)
{
// 鏇存柊缂撳瓨鐢ㄦ埛瀵嗙爜
- loginUser.getUser().setPassword(SecurityUtils.encryptPassword(newPassword));
+ loginUser.getUser().setPassword(newPassword);
tokenService.setLoginUser(loginUser);
- return AjaxResult.success();
+ return success();
}
- return AjaxResult.error("淇敼瀵嗙爜寮傚父锛岃鑱旂郴绠$悊鍛�");
+ return error("淇敼瀵嗙爜寮傚父锛岃鑱旂郴绠$悊鍛�");
}
/**
@@ -106,12 +116,12 @@
*/
@Log(title = "鐢ㄦ埛澶村儚", businessType = BusinessType.UPDATE)
@PostMapping("/avatar")
- public AjaxResult avatar(@RequestParam("avatarfile") MultipartFile file) throws IOException
+ public AjaxResult avatar(@RequestParam("avatarfile") MultipartFile file) throws Exception
{
if (!file.isEmpty())
{
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- String avatar = FileUploadUtils.upload(RuoYiConfig.getAvatarPath(), file);
+ LoginUser loginUser = getLoginUser();
+ String avatar = FileUploadUtils.upload(RuoYiConfig.getAvatarPath(), file, MimeTypeUtils.IMAGE_EXTENSION);
if (userService.updateUserAvatar(loginUser.getUsername(), avatar))
{
AjaxResult ajax = AjaxResult.success();
@@ -122,6 +132,6 @@
return ajax;
}
}
- return AjaxResult.error("涓婁紶鍥剧墖寮傚父锛岃鑱旂郴绠$悊鍛�");
+ return error("涓婁紶鍥剧墖寮傚父锛岃鑱旂郴绠$悊鍛�");
}
}
--
Gitblit v1.9.3