个人信息修改

kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/password/PasswordStoredEncryptApi.java

@@ -24,6 +24,8 @@
  */
 package cn.stylefeng.roses.kernel.auth.api.password;
 
+import cn.stylefeng.roses.kernel.auth.api.pojo.password.SaltedEncryptResult;
+
 /**
  * 密码存储时，将密码进行加密的api
  *
@@ -42,6 +44,16 @@ public interface PasswordStoredEncryptApi {
      */
     String encrypt(String originPassword);
 
+    /**
+     * 加密密码，通过密码 + 盐的方式
+     *
+     * @param originPassword 密码明文，待加密的密码
+     * @return 加密后的密码
+     * @author fengshuonan
+     * @since 2023/6/25 8:49
+     */
+    SaltedEncryptResult encryptWithSalt(String originPassword);
+
     /**
      * 校验密码加密前和加密后是否一致，多用于判断用户输入密码是否正确
      *
@@ -52,4 +64,12 @@ public interface PasswordStoredEncryptApi {
      */
     Boolean checkPassword(String encryptBefore, String encryptAfter);
 
+    /**
+     * 校验密码，通过密码 + 盐的方式
+     *
+     * @author fengshuonan
+     * @since 2023/6/25 8:51
+     */
+    Boolean checkPasswordWithSalt(String encryptBefore, String passwordSalt, String encryptAfter);
+
 }

kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/password/SaltedEncryptResult.java

@@ -0,0 +1,24 @@
+package cn.stylefeng.roses.kernel.auth.api.pojo.password;
+
+import lombok.Data;
+
+/**
+ * 密码加密结果
+ *
+ * @author fengshuonan
+ * @since 2023/6/25 8:48
+ */
+@Data
+public class SaltedEncryptResult {
+
+    /**
+     * 加密后的密码
+     */
+    private String encryptPassword;
+
+    /**
+     * 密码盐
+     */
+    private String passwordSalt;
+
+}

kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/LoginService.java

@@ -308,7 +308,8 @@ public class LoginService {
         }
 
         // 如果本次登录需要校验密码
-        Boolean checkResult = passwordStoredEncryptApi.checkPassword(loginRequest.getPassword(), userValidateInfo.getUserPasswordHexed());
+        Boolean checkResult = passwordStoredEncryptApi.checkPasswordWithSalt(loginRequest.getPassword(),
+                userValidateInfo.getUserPasswordSalt(), userValidateInfo.getUserPasswordHexed());
 
         // 校验用户表密码是否正确，如果正确则直接返回
         if (checkResult) {
@@ -323,7 +324,7 @@ public class LoginService {
                 String userTempSecretKey = tempSecretApi.getUserTempSecretKey(userValidateInfo.getUserId());
                 // 如果用户有临时秘钥，则校验秘钥是否正确
                 if (StrUtil.isNotBlank(userTempSecretKey)) {
-                    Boolean checkTempKeyResult = passwordStoredEncryptApi.checkPassword(loginRequest.getPassword(), userTempSecretKey);
+                    boolean checkTempKeyResult = loginRequest.getPassword().equals(userTempSecretKey);
                     if (checkTempKeyResult) {
                         return;
                     }

kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/password/BcryptPasswordStoredEncrypt.java

@@ -24,9 +24,12 @@
  */
 package cn.stylefeng.roses.kernel.auth.password;
 
+import cn.hutool.core.util.RandomUtil;
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.SecureUtil;
 import cn.hutool.crypto.digest.BCrypt;
 import cn.stylefeng.roses.kernel.auth.api.password.PasswordStoredEncryptApi;
+import cn.stylefeng.roses.kernel.auth.api.pojo.password.SaltedEncryptResult;
 
 /**
  * 基于BCrypt算法实现的密码加密解密器
@@ -45,9 +48,30 @@ public class BcryptPasswordStoredEncrypt implements PasswordStoredEncryptApi {
         return BCrypt.hashpw(originPassword, BCrypt.gensalt());
     }
 
+    @Override
+    public SaltedEncryptResult encryptWithSalt(String originPassword) {
+
+        SaltedEncryptResult saltedEncryptResult = new SaltedEncryptResult();
+
+        // 创建密码盐
+        String salt = RandomUtil.randomString(8);
+        saltedEncryptResult.setPasswordSalt(salt);
+
+        // 将原密码进行md5加密
+        String encryptAfter = SecureUtil.md5(originPassword + salt);
+        saltedEncryptResult.setEncryptPassword(encryptAfter);
+
+        return saltedEncryptResult;
+    }
+
     @Override
     public Boolean checkPassword(String encryptBefore, String encryptAfter) {
         return BCrypt.checkpw(encryptBefore, encryptAfter);
     }
 
+    @Override
+    public Boolean checkPasswordWithSalt(String encryptBefore, String passwordSalt, String encryptAfter) {
+        return SecureUtil.md5(encryptBefore + passwordSalt).equals(encryptAfter);
+    }
+
 }

kernel-s-sys/sys-api/src/main/java/cn/stylefeng/roses/kernel/sys/api/SysRoleServiceApi.java

@@ -0,0 +1,45 @@
+/*
+ * Copyright [2020-2030] [https://www.stylefeng.cn]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Guns采用APACHE LICENSE 2.0开源协议，您在使用过程中，需要注意以下几点：
+ *
+ * 1.请不要删除和修改根目录下的LICENSE文件。
+ * 2.请不要删除和修改Guns源码头部的版权声明。
+ * 3.请保留源码和相关描述文件的项目出处，作者声明等。
+ * 4.分发源码时候，请注明软件出处 https://gitee.com/stylefeng/guns
+ * 5.在修改包名，模块名称，项目代码等时，请注明软件出处 https://gitee.com/stylefeng/guns
+ * 6.若您的项目无法满足以上几点，可申请商业授权
+ */
+package cn.stylefeng.roses.kernel.sys.api;
+
+/**
+ * 角色信息相关的Api
+ *
+ * @author fengshuonan
+ * @since 2023/6/25 0:35
+ */
+public interface SysRoleServiceApi {
+
+    /**
+     * 获取系统默认角色id，查询方式为找到角色编码为employee的角色id
+     * <p>
+     * 一般在添加用户时用到
+     *
+     * @author fengshuonan
+     * @since 2023/6/25 0:35
+     */
+    Long getDefaultRoleId();
+
+}

kernel-s-sys/sys-api/src/main/java/cn/stylefeng/roses/kernel/sys/api/constants/SysConstants.java

@@ -52,6 +52,11 @@ public interface SysConstants {
      */
     String SUPER_ADMIN_ROLE_CODE = "superAdmin";
 
+    /**
+     * 默认用户的初始角色编码
+     */
+    String DEFAULT_ROLE_CODE = "employee";
+
     /**
      * 初始化超级管理员的监听器顺序
      */

kernel-s-sys/sys-api/src/main/java/cn/stylefeng/roses/kernel/sys/api/pojo/user/UserValidateDTO.java

@@ -48,6 +48,12 @@ public class UserValidateDTO {
     @ChineseDescription("加密后的密码")
     private String userPasswordHexed;
 
+    /**
+     * 密码盐，存在sys_user表的password_salt字段
+     */
+    @ChineseDescription("加密后的密码")
+    private String userPasswordSalt;
+
     /**
      * 用户状态，状态在UserStatusEnum维护
      */
@@ -57,9 +63,10 @@ public class UserValidateDTO {
     public UserValidateDTO() {
     }
 
-    public UserValidateDTO(Long userId, String userPasswordHexed, Integer userStatus) {
+    public UserValidateDTO(Long userId, String userPasswordHexed, String salt, Integer userStatus) {
         this.userId = userId;
         this.userPasswordHexed = userPasswordHexed;
+        this.userPasswordSalt = salt;
         this.userStatus = userStatus;
     }
 

kernel-s-sys/sys-business-hr/src/main/java/cn/stylefeng/roses/kernel/sys/modular/user/biz/UserIntegrationService.java

@@ -82,14 +82,15 @@ public class UserIntegrationService implements SysUserServiceApi {
     public UserValidateDTO getUserLoginValidateDTO(String account) {
         LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
         sysUserLambdaQueryWrapper.eq(SysUser::getAccount, account);
-        sysUserLambdaQueryWrapper.select(SysUser::getPassword, SysUser::getStatusFlag, SysUser::getUserId);
+        sysUserLambdaQueryWrapper.select(SysUser::getPassword, SysUser::getPasswordSalt, SysUser::getStatusFlag, SysUser::getUserId);
         SysUser sysUserServiceOne = this.sysUserService.getOne(sysUserLambdaQueryWrapper, false);
 
         if (sysUserServiceOne == null) {
             throw new ServiceException(SysUserExceptionEnum.ACCOUNT_NOT_EXIST);
         }
 
-        return new UserValidateDTO(sysUserServiceOne.getUserId(), sysUserServiceOne.getPassword(), sysUserServiceOne.getStatusFlag());
+        return new UserValidateDTO(sysUserServiceOne.getUserId(), sysUserServiceOne.getPassword(), sysUserServiceOne.getPasswordSalt(),
+                sysUserServiceOne.getStatusFlag());
     }
 
     @Override

kernel-s-sys/sys-business-hr/src/main/java/cn/stylefeng/roses/kernel/sys/modular/user/entity/SysUser.java

@@ -58,12 +58,19 @@ public class SysUser extends BaseExpandFieldEntity {
     private String account;
 
     /**
-     * 密码，加密方式为BCrypt
+     * 密码，加密方式：md5+盐
      */
     @TableField("password")
-    @ChineseDescription("密码，加密方式为BCrypt")
+    @ChineseDescription("密码，加密方式：md5+盐")
     private String password;
 
+    /**
+     * 密码盐，加密方式：md5+盐
+     */
+    @TableField("password_salt")
+    @ChineseDescription("密码盐，加密方式：md5+盐")
+    private String passwordSalt;
+
     /**
      * 头像，存的为文件id
      */

kernel-s-sys/sys-business-hr/src/main/java/cn/stylefeng/roses/kernel/sys/modular/user/service/SysUserRoleService.java

@@ -80,4 +80,12 @@ public interface SysUserRoleService extends IService<SysUserRole>, SysUserRoleSe
      */
     void bindRoles(SysUserRoleRequest sysUserRoleRequest);
 
+    /**
+     * 给用户添加默认的角色
+     *
+     * @author fengshuonan
+     * @since 2023/6/25 0:34
+     */
+    void bindUserDefaultRole(Long userId);
+
 }

kernel-s-sys/sys-business-hr/src/main/java/cn/stylefeng/roses/kernel/sys/modular/user/service/impl/SysUserRoleServiceImpl.java

@@ -6,6 +6,7 @@ import cn.stylefeng.roses.kernel.db.api.factory.PageFactory;
 import cn.stylefeng.roses.kernel.db.api.factory.PageResultFactory;
 import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
 import cn.stylefeng.roses.kernel.rule.exception.base.ServiceException;
+import cn.stylefeng.roses.kernel.sys.api.SysRoleServiceApi;
 import cn.stylefeng.roses.kernel.sys.api.callback.RemoveRoleCallbackApi;
 import cn.stylefeng.roses.kernel.sys.api.callback.RemoveUserCallbackApi;
 import cn.stylefeng.roses.kernel.sys.modular.user.entity.SysUserRole;
@@ -19,6 +20,7 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import javax.annotation.Resource;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
@@ -34,6 +36,9 @@ import java.util.stream.Collectors;
 public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUserRole> implements SysUserRoleService,
         RemoveUserCallbackApi, RemoveRoleCallbackApi {
 
+    @Resource
+    private SysRoleServiceApi sysRoleServiceApi;
+
     @Override
     public void add(SysUserRoleRequest sysUserRoleRequest) {
         SysUserRole sysUserRole = new SysUserRole();
@@ -86,6 +91,19 @@ public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUs
         this.saveBatch(newUserRoles);
     }
 
+    @Override
+    public void bindUserDefaultRole(Long userId) {
+
+        // 查询默认角色的角色id
+        Long defaultRoleId = sysRoleServiceApi.getDefaultRoleId();
+
+        // 给用户绑定默认角色
+        SysUserRole sysUserRole = new SysUserRole();
+        sysUserRole.setUserId(userId);
+        sysUserRole.setRoleId(defaultRoleId);
+        this.save(sysUserRole);
+    }
+
     @Override
     public List<SysUserRole> findList(SysUserRoleRequest sysUserRoleRequest) {
         LambdaQueryWrapper<SysUserRole> wrapper = this.createWrapper(sysUserRoleRequest);

kernel-s-sys/sys-business-hr/src/main/java/cn/stylefeng/roses/kernel/sys/modular/user/service/impl/SysUserServiceImpl.java

@@ -7,6 +7,7 @@ import cn.hutool.extra.spring.SpringUtil;
 import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
 import cn.stylefeng.roses.kernel.auth.api.password.PasswordStoredEncryptApi;
 import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
+import cn.stylefeng.roses.kernel.auth.api.pojo.password.SaltedEncryptResult;
 import cn.stylefeng.roses.kernel.db.api.factory.PageFactory;
 import cn.stylefeng.roses.kernel.db.api.factory.PageResultFactory;
 import cn.stylefeng.roses.kernel.db.api.pojo.entity.BaseEntity;
@@ -63,7 +64,9 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         BeanUtil.copyProperties(sysUserRequest, sysUser);
 
         // 将密码加密存储到库中
-        sysUser.setPassword(passwordStoredEncryptApi.encrypt(sysUser.getPassword()));
+        SaltedEncryptResult saltedEncryptResult = passwordStoredEncryptApi.encryptWithSalt(sysUser.getPassword());
+        sysUser.setPassword(saltedEncryptResult.getEncryptPassword());
+        sysUser.setPasswordSalt(saltedEncryptResult.getPasswordSalt());
 
         // 设置用户默认头像
         sysUser.setAvatar(FileConstants.DEFAULT_AVATAR_FILE_ID);
@@ -73,8 +76,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         // 更新用户的任职信息
         sysUserOrgService.updateUserOrg(sysUser.getUserId(), sysUserRequest.getUserOrgList());
 
-        // 添加用户一个默认角色 todo
+        // 添加用户一个默认角色
-
+        sysUserRoleService.bindUserDefaultRole(sysUser.getUserId());
     }
 
     @Override
@@ -147,8 +150,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         LambdaQueryWrapper<SysUser> wrapper = createWrapper(sysUserRequest);
 
         // 只查询需要的字段
-        wrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getAccount, SysUser::getSex,
+        wrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getAccount, SysUser::getSex, SysUser::getStatusFlag,
-                SysUser::getStatusFlag, BaseEntity::getCreateTime);
+                BaseEntity::getCreateTime);
 
         // 分页查询
         Page<SysUser> sysUserPage = this.page(PageFactory.defaultPage(), wrapper);
@@ -182,7 +185,11 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
 
         // 获取系统配置的默认密码
         String password = SysConfigExpander.getDefaultPassWord();
-        sysUser.setPassword(passwordStoredEncryptApi.encrypt(password));
+
+        // 密码加密后，存储到数据库中
+        SaltedEncryptResult saltedEncryptResult = passwordStoredEncryptApi.encryptWithSalt(password);
+        sysUser.setPassword(saltedEncryptResult.getEncryptPassword());
+        sysUser.setPasswordSalt(saltedEncryptResult.getPasswordSalt());
 
         this.updateById(sysUser);
     }
@@ -234,8 +241,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
 
         // 如果传递了组织机构id查询条件，则查询对应机构id下有哪些用户，再拼接用户查询条件
         if (ObjectUtil.isNotEmpty(sysUserRequest.getOrgIdCondition())) {
-            List<Long> orgUserIdList = this.sysUserOrgService.getOrgUserIdList(sysUserRequest.getOrgIdCondition(),
+            List<Long> orgUserIdList = this.sysUserOrgService.getOrgUserIdList(sysUserRequest.getOrgIdCondition(), true);
-                    true);
             queryWrapper.in(SysUser::getUserId, orgUserIdList);
         }
 
@@ -250,8 +256,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
      */
     private void baseRemoveUser(Set<Long> userIdList) {
         // 校验是否有其他业务绑定了用户信息
-        Map<String, RemoveUserCallbackApi> removeUserCallbackApiMap = SpringUtil.getBeansOfType(
+        Map<String, RemoveUserCallbackApi> removeUserCallbackApiMap = SpringUtil.getBeansOfType(RemoveUserCallbackApi.class);
-                RemoveUserCallbackApi.class);
         for (RemoveUserCallbackApi removeUserCallbackApi : removeUserCallbackApiMap.values()) {
             removeUserCallbackApi.validateHaveUserBind(userIdList);
         }

kernel-s-sys/sys-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/login/service/UserIndexInfoService.java

@@ -356,7 +356,6 @@ public class UserIndexInfoService {
      *
      * @param loginUser 登录用户
      * @param appId     指定的应用id
-     * @return true-用户有该应用下的权限，false-用户没有该应用下的权限
      * @author fengshuonan
      * @since 2023/6/21 16:23
      */

kernel-s-sys/sys-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/SysRoleService.java

@@ -1,6 +1,7 @@
 package cn.stylefeng.roses.kernel.sys.modular.role.service;
 
 import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
+import cn.stylefeng.roses.kernel.sys.api.SysRoleServiceApi;
 import cn.stylefeng.roses.kernel.sys.modular.role.entity.SysRole;
 import cn.stylefeng.roses.kernel.sys.modular.role.pojo.request.SysRoleRequest;
 import com.baomidou.mybatisplus.extension.service.IService;
@@ -13,7 +14,7 @@ import java.util.List;
  * @author fengshuonan
  * @date 2023/06/10 21:29
  */
-public interface SysRoleService extends IService<SysRole> {
+public interface SysRoleService extends IService<SysRole>, SysRoleServiceApi {
 
     /**
      * 新增

kernel-s-sys/sys-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/impl/SysRoleServiceImpl.java

@@ -12,6 +12,7 @@ import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
 import cn.stylefeng.roses.kernel.rule.enums.YesOrNotEnum;
 import cn.stylefeng.roses.kernel.rule.exception.base.ServiceException;
 import cn.stylefeng.roses.kernel.sys.api.callback.RemoveRoleCallbackApi;
+import cn.stylefeng.roses.kernel.sys.api.constants.SysConstants;
 import cn.stylefeng.roses.kernel.sys.modular.role.entity.SysRole;
 import cn.stylefeng.roses.kernel.sys.modular.role.enums.exception.SysRoleExceptionEnum;
 import cn.stylefeng.roses.kernel.sys.modular.role.mapper.SysRoleMapper;
@@ -117,6 +118,21 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
         return this.list(wrapper);
     }
 
+    @Override
+    public Long getDefaultRoleId() {
+
+        LambdaQueryWrapper<SysRole> sysRoleLambdaQueryWrapper = new LambdaQueryWrapper<>();
+        sysRoleLambdaQueryWrapper.eq(SysRole::getRoleCode, SysConstants.DEFAULT_ROLE_CODE);
+        sysRoleLambdaQueryWrapper.select(SysRole::getRoleId);
+        SysRole sysRole = this.getOne(sysRoleLambdaQueryWrapper, false);
+
+        if (sysRole != null) {
+            return sysRole.getRoleId();
+        }
+
+        return null;
+    }
+
     /**
      * 获取信息
      *
@@ -174,5 +190,4 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
         // 删除角色
         this.removeBatchByIds(roleIdList);
     }
-
 }