Search in sources :

Example 11 with SysUser

use of com.ruoyi.common.core.domain.entity.SysUser in project RuoYi-Flowable-Plus by KonBAI-Q.

the class SysUserServiceImpl method deleteUserByIds.

/**
 * 批量删除用户信息
 *
 * @param userIds 需要删除的用户ID
 * @return 结果
 */
@Override
@Transactional(rollbackFor = Exception.class)
public int deleteUserByIds(Long[] userIds) {
    for (Long userId : userIds) {
        checkUserAllowed(new SysUser(userId));
        checkUserDataScope(userId);
    }
    List<Long> ids = Arrays.asList(userIds);
    // 删除用户与角色关联
    userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().in(SysUserRole::getUserId, ids));
    // 删除用户与岗位表
    userPostMapper.delete(new LambdaQueryWrapper<SysUserPost>().in(SysUserPost::getUserId, ids));
    return baseMapper.deleteBatchIds(ids);
}
Also used : SysUser(com.ruoyi.common.core.domain.entity.SysUser) LambdaQueryWrapper(com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper) Transactional(org.springframework.transaction.annotation.Transactional)

Example 12 with SysUser

use of com.ruoyi.common.core.domain.entity.SysUser in project RuoYi-Vue-Plus by JavaLionLi.

the class SysLoginService method login.

/**
 * 登录验证
 *
 * @param username 用户名
 * @param password 密码
 * @param code     验证码
 * @param uuid     唯一标识
 * @return 结果
 */
public String login(String username, String password, String code, String uuid) {
    HttpServletRequest request = ServletUtils.getRequest();
    boolean captchaOnOff = configService.selectCaptchaOnOff();
    // 验证码开关
    if (captchaOnOff) {
        validateCaptcha(username, code, uuid, request);
    }
    // 获取用户登录错误次数(可自定义限制策略 例如: key + username + ip)
    Integer errorNumber = RedisUtils.getCacheObject(Constants.LOGIN_ERROR + username);
    // 锁定时间内登录 则踢出
    if (ObjectUtil.isNotNull(errorNumber) && errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) {
        asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request);
        throw new UserException("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME);
    }
    SysUser user = loadUserByUsername(username);
    if (!BCrypt.checkpw(password, user.getPassword())) {
        // 是否第一次
        errorNumber = ObjectUtil.isNull(errorNumber) ? 1 : errorNumber + 1;
        // 达到规定错误次数 则锁定登录
        if (errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) {
            RedisUtils.setCacheObject(Constants.LOGIN_ERROR + username, errorNumber, Constants.LOGIN_ERROR_LIMIT_TIME, TimeUnit.MINUTES);
            asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request);
            throw new UserException("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME);
        } else {
            // 未达到规定错误次数 则递增
            RedisUtils.setCacheObject(Constants.LOGIN_ERROR + username, errorNumber);
            asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.count", errorNumber), request);
            throw new UserException("user.password.retry.limit.count", errorNumber);
        }
    }
    // 登录成功 清空错误次数
    RedisUtils.deleteObject(Constants.LOGIN_ERROR + username);
    LoginUser loginUser = buildLoginUser(user);
    // 生成token
    LoginHelper.loginByDevice(loginUser, DeviceType.PC);
    asyncService.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"), request);
    recordLoginInfo(user.getUserId(), username);
    return StpUtil.getTokenValue();
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SysUser(com.ruoyi.common.core.domain.entity.SysUser) UserException(com.ruoyi.common.exception.user.UserException) LoginUser(com.ruoyi.common.core.domain.model.LoginUser)

Example 13 with SysUser

use of com.ruoyi.common.core.domain.entity.SysUser in project RuoYi-Vue-Plus by JavaLionLi.

the class SysLoginService method recordLoginInfo.

/**
 * 记录登录信息
 *
 * @param userId 用户ID
 */
public void recordLoginInfo(Long userId, String username) {
    SysUser sysUser = new SysUser();
    sysUser.setUserId(userId);
    sysUser.setLoginIp(ServletUtils.getClientIP());
    sysUser.setLoginDate(DateUtils.getNowDate());
    sysUser.setUpdateBy(username);
    userService.updateUserProfile(sysUser);
}
Also used : SysUser(com.ruoyi.common.core.domain.entity.SysUser)

Example 14 with SysUser

use of com.ruoyi.common.core.domain.entity.SysUser in project RuoYi-Vue-Plus by JavaLionLi.

the class SysUserServiceImpl method checkUserDataScope.

/**
 * 校验用户是否有数据权限
 *
 * @param userId 用户id
 */
@Override
public void checkUserDataScope(Long userId) {
    if (!LoginHelper.isAdmin()) {
        SysUser user = new SysUser();
        user.setUserId(userId);
        List<SysUser> users = this.selectUserList(user);
        if (CollUtil.isEmpty(users)) {
            throw new ServiceException("没有权限访问用户数据!");
        }
    }
}
Also used : SysUser(com.ruoyi.common.core.domain.entity.SysUser) ServiceException(com.ruoyi.common.exception.ServiceException)

Example 15 with SysUser

use of com.ruoyi.common.core.domain.entity.SysUser in project RuoYi-Vue-Plus by JavaLionLi.

the class SysRoleController method edit.

/**
 * 修改保存角色
 */
@ApiOperation("修改保存角色")
@SaCheckPermission("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.UPDATE)
@PutMapping
public R<Void> edit(@Validated @RequestBody SysRole role) {
    roleService.checkRoleAllowed(role);
    roleService.checkRoleDataScope(role.getRoleId());
    if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) {
        return R.fail("修改角色'" + role.getRoleName() + "'失败,角色名称已存在");
    } else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role))) {
        return R.fail("修改角色'" + role.getRoleName() + "'失败,角色权限已存在");
    }
    if (roleService.updateRole(role) > 0) {
        // 更新缓存用户权限
        LoginUser loginUser = getLoginUser();
        SysUser sysUser = userService.selectUserById(loginUser.getUserId());
        if (ObjectUtil.isNotNull(sysUser) && !sysUser.isAdmin()) {
            loginUser.setMenuPermission(permissionService.getMenuPermission(sysUser));
            LoginHelper.setLoginUser(loginUser);
        }
        return R.ok();
    }
    return R.fail("修改角色'" + role.getRoleName() + "'失败,请联系管理员");
}
Also used : SysUser(com.ruoyi.common.core.domain.entity.SysUser) LoginUser(com.ruoyi.common.core.domain.model.LoginUser) Log(com.ruoyi.common.annotation.Log) SaCheckPermission(cn.dev33.satoken.annotation.SaCheckPermission)

Aggregations

SysUser (com.ruoyi.common.core.domain.entity.SysUser)78 Log (com.ruoyi.common.annotation.Log)16 SysRole (com.ruoyi.common.core.domain.entity.SysRole)13 LoginUser (com.ruoyi.common.core.domain.model.LoginUser)13 GetMapping (org.springframework.web.bind.annotation.GetMapping)11 AjaxResult (com.ruoyi.common.core.domain.AjaxResult)10 ServiceException (com.ruoyi.common.exception.ServiceException)10 SaCheckPermission (cn.dev33.satoken.annotation.SaCheckPermission)8 ExcelUtil (com.ruoyi.common.utils.poi.ExcelUtil)8 Transactional (org.springframework.transaction.annotation.Transactional)8 UserConstants (com.ruoyi.common.constant.UserConstants)7 BaseController (com.ruoyi.common.core.controller.BaseController)7 TableDataInfo (com.ruoyi.common.core.page.TableDataInfo)7 BusinessType (com.ruoyi.common.enums.BusinessType)7 StringUtils (com.ruoyi.common.utils.StringUtils)7 ISysPostService (com.ruoyi.system.service.ISysPostService)7 ISysRoleService (com.ruoyi.system.service.ISysRoleService)7 ISysUserService (com.ruoyi.system.service.ISysUserService)7 List (java.util.List)7 Collectors (java.util.stream.Collectors)7