修改 put delete

新增密码强度

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java

@@ -5,14 +5,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
@@ -97,7 +90,7 @@ public class SysConfigController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:config:edit')")
     @Log(title = "参数管理", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysConfig config)
     {
         if (UserConstants.NOT_UNIQUE.equals(configService.checkConfigKeyUnique(config)))
@@ -113,7 +106,7 @@ public class SysConfigController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:config:remove')")
     @Log(title = "参数管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{configIds}")
+    @GetMapping("/delete/{configIds}")
     public AjaxResult remove(@PathVariable Long[] configIds)
     {
         configService.deleteConfigByIds(configIds);
@@ -125,7 +118,7 @@ public class SysConfigController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:config:remove')")
     @Log(title = "参数管理", businessType = BusinessType.CLEAN)
-    @DeleteMapping("/refreshCache")
+    @GetMapping("/refreshCache")
     public AjaxResult refreshCache()
     {
         configService.resetConfigCache();

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java

@@ -89,7 +89,7 @@ public class SysDeptController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:dept:edit')")
     @Log(title = "部门管理", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysDept dept)
     {
         Long deptId = dept.getDeptId();
@@ -115,7 +115,7 @@ public class SysDeptController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:dept:remove')")
     @Log(title = "部门管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{deptId}")
+    @GetMapping("/delete/{deptId}")
     public AjaxResult remove(@PathVariable Long deptId)
     {
         if (deptService.hasChildByDeptId(deptId))

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictDataController.java

@@ -100,7 +100,7 @@ public class SysDictDataController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:dict:edit')")
     @Log(title = "字典数据", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysDictData dict)
     {
         dict.setUpdateBy(getUsername());
@@ -112,7 +112,7 @@ public class SysDictDataController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:dict:remove')")
     @Log(title = "字典类型", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{dictCodes}")
+    @GetMapping("/delete/{dictCodes}")
     public AjaxResult remove(@PathVariable Long[] dictCodes)
     {
         dictDataService.deleteDictDataByIds(dictCodes);

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictTypeController.java

@@ -85,7 +85,7 @@ public class SysDictTypeController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:dict:edit')")
     @Log(title = "字典类型", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysDictType dict)
     {
         if (UserConstants.NOT_UNIQUE.equals(dictTypeService.checkDictTypeUnique(dict)))
@@ -101,7 +101,7 @@ public class SysDictTypeController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:dict:remove')")
     @Log(title = "字典类型", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{dictIds}")
+    @GetMapping("/delete/{dictIds}")
     public AjaxResult remove(@PathVariable Long[] dictIds)
     {
         dictTypeService.deleteDictTypeByIds(dictIds);
@@ -113,7 +113,7 @@ public class SysDictTypeController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:dict:remove')")
     @Log(title = "字典类型", businessType = BusinessType.CLEAN)
-    @DeleteMapping("/refreshCache")
+    @GetMapping("/refreshCache")
     public AjaxResult refreshCache()
     {
         dictTypeService.resetDictCache();

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysIndexController.java

@@ -24,6 +24,6 @@ public class SysIndexController
     @RequestMapping("/")
     public String index()
     {
-        return StringUtils.format("欢迎使用{}后台管理框架，当前版本：v{}，请通过前端地址访问。", ruoyiConfig.getName(), ruoyiConfig.getVersion());
+        return StringUtils.format("欢迎使用{}OA管理系统，当前版本：v{}，请通过前端地址访问。", ruoyiConfig.getName(), ruoyiConfig.getVersion());
     }
 }

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysMenuController.java

@@ -102,7 +102,7 @@ public class SysMenuController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:menu:edit')")
     @Log(title = "菜单管理", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysMenu menu)
     {
         if (UserConstants.NOT_UNIQUE.equals(menuService.checkMenuNameUnique(menu)))
@@ -126,7 +126,7 @@ public class SysMenuController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:menu:remove')")
     @Log(title = "菜单管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{menuId}")
+    @GetMapping("/delete/{menuId}")
     public AjaxResult remove(@PathVariable("menuId") Long menuId)
     {
         if (menuService.hasChildByMenuId(menuId))

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysNoticeController.java

@@ -71,7 +71,7 @@ public class SysNoticeController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:notice:edit')")
     @Log(title = "通知公告", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysNotice notice)
     {
         notice.setUpdateBy(getUsername());
@@ -83,7 +83,7 @@ public class SysNoticeController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:notice:remove')")
     @Log(title = "通知公告", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{noticeIds}")
+    @GetMapping("/delete/{noticeIds}")
     public AjaxResult remove(@PathVariable Long[] noticeIds)
     {
         return toAjax(noticeService.deleteNoticeByIds(noticeIds));

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysPostController.java

@@ -92,7 +92,7 @@ public class SysPostController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:post:edit')")
     @Log(title = "岗位管理", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysPost post)
     {
         if (UserConstants.NOT_UNIQUE.equals(postService.checkPostNameUnique(post)))
@@ -112,7 +112,7 @@ public class SysPostController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:post:remove')")
     @Log(title = "岗位管理", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{postIds}")
+    @GetMapping("/delete/{postIds}")
     public AjaxResult remove(@PathVariable Long[] postIds)
     {
         return toAjax(postService.deletePostByIds(postIds));

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java

@@ -24,6 +24,8 @@ import com.ruoyi.common.utils.file.MimeTypeUtils;
 import com.ruoyi.framework.web.service.TokenService;
 import com.ruoyi.system.service.ISysUserService;
 
+import static com.ruoyi.common.utils.SecurityUtils.checkStrongPwd;
+
 /**
  * 个人信息 业务处理
  * 
@@ -57,7 +59,7 @@ public class SysProfileController extends BaseController
      * 修改用户
      */
     @Log(title = "个人信息", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult updateProfile(@RequestBody SysUser user)
     {
         LoginUser loginUser = getLoginUser();
@@ -94,7 +96,7 @@ public class SysProfileController extends BaseController
      * 重置密码
      */
     @Log(title = "个人信息", businessType = BusinessType.UPDATE)
-    @PutMapping("/updatePwd")
+    @PostMapping("/updatePwd")
     public AjaxResult updatePwd(String oldPassword, String newPassword)
     {
         LoginUser loginUser = getLoginUser();
@@ -108,6 +110,10 @@ public class SysProfileController extends BaseController
         {
             return error("新密码不能与旧密码相同");
         }
+
+        if ("1".equals(checkStrongPwd(newPassword))) {
+            return AjaxResult.error("密码必须包含数字、大小写字母、特殊符号且大于8位");
+        }
         if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0)
         {
             // 更新缓存用户密码

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java

@@ -112,7 +112,7 @@ public class SysRoleController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:role:edit')")
     @Log(title = "角色管理", businessType = BusinessType.UPDATE)
-    @PutMapping
+    @PostMapping("/put")
     public AjaxResult edit(@Validated @RequestBody SysRole role)
     {
         roleService.checkRoleAllowed(role);
@@ -147,7 +147,7 @@ public class SysRoleController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:role:edit')")
     @Log(title = "角色管理", businessType = BusinessType.UPDATE)
-    @PutMapping("/dataScope")
+    @PostMapping("/dataScope")
     public AjaxResult dataScope(@RequestBody SysRole role)
     {
         roleService.checkRoleAllowed(role);
@@ -219,7 +219,7 @@ public class SysRoleController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:role:edit')")
     @Log(title = "角色管理", businessType = BusinessType.GRANT)
-    @PutMapping("/authUser/cancel")
+    @PostMapping("/authUser/cancel")
     public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole)
     {
         return toAjax(roleService.deleteAuthUser(userRole));
@@ -230,7 +230,7 @@ public class SysRoleController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:role:edit')")
     @Log(title = "角色管理", businessType = BusinessType.GRANT)
-    @PutMapping("/authUser/cancelAll")
+    @PostMapping("/authUser/cancelAll")
     public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds)
     {
         return toAjax(roleService.deleteAuthUsers(roleId, userIds));
@@ -241,7 +241,7 @@ public class SysRoleController extends BaseController
      */
     @PreAuthorize("@ss.hasPermi('system:role:edit')")
     @Log(title = "角色管理", businessType = BusinessType.GRANT)
-    @PutMapping("/authUser/selectAll")
+    @PostMapping("/authUser/selectAll")
     public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds)
     {
         roleService.checkRoleDataScope(roleId);

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java

@@ -7,14 +7,7 @@ import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
@@ -33,6 +26,8 @@ import com.ruoyi.system.service.ISysPostService;
 import com.ruoyi.system.service.ISysRoleService;
 import com.ruoyi.system.service.ISysUserService;
 
+import static com.ruoyi.common.utils.SecurityUtils.checkStrongPwd;
+
 /**
  * 用户信息
  * 
@@ -139,6 +134,9 @@ public class SysUserController extends BaseController
         {
             return error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
         }
+        else if ("1".equals(checkStrongPwd(user.getPassword()))) {
+            return AjaxResult.error("密码必须包含数字、大小写字母、特殊符号且大于8位");
+        }
         user.setCreateBy(getUsername());
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
         return toAjax(userService.insertUser(user));
@@ -196,6 +194,9 @@ public class SysUserController extends BaseController
     public AjaxResult resetPwd(@RequestBody SysUser user)
     {
         userService.checkUserAllowed(user);
+        if ("1".equals(checkStrongPwd(user.getPassword()))) {
+            return AjaxResult.error("密码必须包含数字、大小写字母、特殊符号且大于8位");
+        }
         userService.checkUserDataScope(user.getUserId());
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
         user.setUpdateBy(getUsername());
@@ -216,6 +217,33 @@ public class SysUserController extends BaseController
         return toAjax(userService.updateUserStatus(user));
     }
 
+    @PostMapping("/resetPwdLogin")
+    public AjaxResult resetPwdLogin(@RequestParam("userName") String userName, @RequestParam("oldPassword") String oldPassword, @RequestParam("newPassword") String newPassword) {
+        //userService.checkUserAllowed(user);
+        if ("admin".equals(userName)){
+            return AjaxResult.success("不允许操作超级管理员");
+        }
+        SysUser user = userService.selectUserByUserName(userName);
+        if (user == null){
+            return AjaxResult.success("当前用户不存在");
+        }
+        String password = user.getPassword();
+        if (!SecurityUtils.matchesPassword(oldPassword, password))
+        {
+            return AjaxResult.success("修改密码失败，旧密码错误");
+        }
+        if (SecurityUtils.matchesPassword(newPassword, password))
+        {
+            return AjaxResult.success("新密码不能与旧密码相同");
+        }
+
+        if ("1".equals(checkStrongPwd(newPassword))) {
+            return AjaxResult.success("密码必须包含数字、大小写字母、特殊符号且大于8位");
+        }
+        user.setPassword(SecurityUtils.encryptPassword(newPassword));
+        user.setUpdateBy(userName);
+        return toAjax(userService.resetPwdLogin(user));
+    }
     /**
      * 根据用户编号获取授权角色
      */

ruoyi-common/pom.xml

@@ -17,6 +17,12 @@
 
     <dependencies>
 
+        <!--计算经纬度-->
+        <dependency>
+            <groupId>org.gavaghan</groupId>
+            <artifactId>geodesy</artifactId>
+            <version>1.1.3</version>
+        </dependency>
         <!-- Spring框架基本的核心工具 -->
         <dependency>
             <groupId>org.springframework</groupId>

ruoyi-common/src/main/java/com/ruoyi/common/utils/PwdCheckUtil.java

@@ -0,0 +1,111 @@
+package com.ruoyi.common.utils;
+
+/**
+ * @Author: tjf
+ * @Date: 2022/10/10 9:24
+ * @Describe:
+ */
+public class PwdCheckUtil {
+    //定义特殊字符
+    public static String SPECIAL_CHAR = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
+
+    /**
+     * @brief   检测密码中字符长度
+     * @param[in] password            密码字符串
+     * @return  符合长度要求 返回true
+     */
+    public static boolean checkPasswordLength(String password, String minNum, String maxNum) {
+        boolean flag =false;
+        if (StringUtils.isBlank(maxNum))  {
+            minNum = StringUtils.isBlank(minNum) ? "0":minNum;
+            if (password.length() >= Integer.parseInt(minNum)) {
+                flag = true;
+            }
+        } else {
+            minNum = StringUtils.isBlank(minNum) ? "0":minNum;
+            if (password.length() >= Integer.parseInt(minNum) &&
+                    password.length() <= Integer.parseInt(maxNum)) {
+                flag = true;
+            }
+        }
+        return flag;
+    }
+
+    /**
+     * @brief   检测密码中是否包含数字
+     * @param[in] password            密码字符串
+     * @return  包含数字 返回true
+     */
+    public static boolean checkContainDigit(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isDigit(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * @brief   检测密码中是否包含字母（不区分大小写）
+     * @param[in] password            密码字符串
+     * @return  包含字母 返回true
+     */
+    public static boolean checkContainCase(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isLetter(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+
+    /**
+     * @brief   检测密码中是否包含小写字母
+     * @param[in] password            密码字符串
+     * @return  包含小写字母 返回true
+     */
+    public static boolean checkContainLowerCase(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isLowerCase(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+
+    /**
+     * @brief   检测密码中是否包含大写字母
+     * @param[in] password            密码字符串
+     * @return  包含大写字母 返回true
+     */
+    public static boolean checkContainUpperCase(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isUpperCase(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+
+    /**
+     * @brief   检测密码中是否包含特殊符号
+     * @param[in] password            密码字符串
+     * @return  包含特殊符号 返回true
+     */
+    public static boolean checkContainSpecialChar(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (SPECIAL_CHAR.indexOf(chPass[i]) != -1) {
+                return true;
+            }
+        }
+        return false;
+    }
+}

ruoyi-common/src/main/java/com/ruoyi/common/utils/SecurityUtils.java

@@ -1,5 +1,6 @@
 package com.ruoyi.common.utils;
 
+import jdk.internal.util.Preconditions;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@@ -117,4 +118,25 @@ public class SecurityUtils
     {
         return userId != null && 1L == userId;
     }
+
+    /**
+     * @brief   检测密码复杂度是否为 强
+     * @param[in] password  密码字符串
+     * @return  符合长度要求 返回true
+     */
+    public static String checkStrongPwd(String pwd) {
+        try {
+            if (!PwdCheckUtil.checkPasswordLength(pwd, "8", null)
+                    || !PwdCheckUtil.checkContainLowerCase(pwd)
+                    || !PwdCheckUtil.checkContainUpperCase(pwd)
+                    || !PwdCheckUtil.checkContainDigit(pwd)
+                    || !PwdCheckUtil.checkContainSpecialChar(pwd)
+            ) {
+                return "1";
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return "0";
+    }
 }

ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java

@@ -35,6 +35,13 @@ public interface SysUserMapper
      */
     public List<SysUser> selectUnallocatedList(SysUser user);
 
+    /**
+     * 登录页重置用户密码
+     * @param user
+     * @return
+     */
+    public int updateUserByUserName(SysUser user);
+
     /**
      * 通过用户名查询用户
      * 

ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java

@@ -34,6 +34,14 @@ public interface ISysUserService
      */
     public List<SysUser> selectUnallocatedList(SysUser user);
 
+    /**
+     * 登录页重置用户密码
+     *
+     * @param user 用户信息
+     * @return 结果
+     */
+    public int resetPwdLogin(SysUser user);
+
     /**
      * 通过用户名查询用户
      * 

ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java

@@ -100,6 +100,16 @@ public class SysUserServiceImpl implements ISysUserService
         return userMapper.selectUnallocatedList(user);
     }
 
+    /**
+     * 登录页重置用户密码
+     * @param user 用户信息
+     * @return
+     */
+    @Override
+    public int resetPwdLogin(SysUser user) {
+        return userMapper.updateUserByUserName(user);
+    }
+
     /**
      * 通过用户名查询用户
      * 

ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml

@@ -119,6 +119,15 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		<!-- 数据范围过滤 -->
 		${params.dataScope}
 	</select>
+
+	<update id="updateUserByUserName" parameterType="SysUser">
+		update sys_user
+		<set>
+			<if test="password != null and password != ''">password = #{password},</if>
+			update_time = sysdate()
+		</set>
+		where user_name = #{userName}
+	</update>
 	
 	<select id="selectUserByUserName" parameterType="String" resultMap="SysUserResult">
 	    <include refid="selectUserVo"/>