Upsoft pass testing

 git add --all src/*
 git add --all src/*
 git add push.sh
 git add push.sh
 git add pom.xml
 git add pom.xml
-git commit -m "FIX some conflicts"
+git commit -m "Upsoft pass testing"
 git push origin zhaoyue-dev2
 git push origin zhaoyue-dev2
 git status
 git status

@@ -2,6 +2,7 @@ package com.xkl.authorization.resolvers;
 
 
 import com.xkl.authorization.annotation.CurrentAdmin;
 import com.xkl.authorization.annotation.CurrentAdmin;
 import com.xkl.config.Constants;
 import com.xkl.config.Constants;
+import com.xkl.controller.uploadsoft.UpSoftAccountController;
 import com.xkl.domain.Admin;
 import com.xkl.domain.Admin;
 import com.xkl.repository.AdminRepository;
 import com.xkl.repository.AdminRepository;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -16,7 +17,8 @@ import org.springframework.web.multipart.support.MissingServletRequestPartExcept
 
 
 /**
 /**
  * 增加方法注入，将含有CurrentAdmin注解的方法参数注入当前登录用户
  * 增加方法注入，将含有CurrentAdmin注解的方法参数注入当前登录用户
- * @see  CurrentAdmin
+ *
+ * @see CurrentAdmin
  */
  */
 @Component
 @Component
 public class CurrentAdminMethodArgumentResolver implements HandlerMethodArgumentResolver {
 public class CurrentAdminMethodArgumentResolver implements HandlerMethodArgumentResolver {
@@ -37,10 +39,11 @@ public class CurrentAdminMethodArgumentResolver implements HandlerMethodArgument
     @Override
     @Override
     public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
     public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
         //取出鉴权时存入的登录用户Id
         //取出鉴权时存入的登录用户Id
-        Long currentAdminId = (Long) webRequest.getAttribute(Constants.CURRENT_USER_ID, RequestAttributes.SCOPE_REQUEST);
+        String currentAdminId = ((String) webRequest.getAttribute(Constants.CURRENT_USER_ID, RequestAttributes.SCOPE_REQUEST)).replace(UpSoftAccountController.UPSOFT_TOKEN_PREFIX, "");
         if (currentAdminId != null) {
         if (currentAdminId != null) {
             //从数据库中查询并返回
             //从数据库中查询并返回
-            return adminRepository.findOne(currentAdminId);
+            Admin admin = adminRepository.findByIdAndStatus(Long.parseLong(currentAdminId), Constants.STATUS_OK);
+            return admin;
         }
         }
         throw new MissingServletRequestPartException(Constants.CURRENT_USER_ID);
         throw new MissingServletRequestPartException(Constants.CURRENT_USER_ID);
     }
     }

@@ -63,4 +63,9 @@ public interface Constants {
     public static final int LOWER = 1;
     public static final int LOWER = 1;
     public static final int HIGHER = 2;
     public static final int HIGHER = 2;
 
 
+    public static final int STATUS_BAD = 0;
+    public static final boolean STATUS_BAD2 = false;
+    public static final int STATUS_OK = 1;
+    public static final boolean STATUS_OK2= true;
+
 }
 }

@@ -4,6 +4,7 @@ import com.xkl.authorization.annotation.Authorization;
 import com.xkl.authorization.annotation.CurrentUser;
 import com.xkl.authorization.annotation.CurrentUser;
 import com.xkl.authorization.manager.ITokenManager;
 import com.xkl.authorization.manager.ITokenManager;
 import com.xkl.authorization.model.TokenModel;
 import com.xkl.authorization.model.TokenModel;
+import com.xkl.config.Constants;
 import com.xkl.config.ResultStatus;
 import com.xkl.config.ResultStatus;
 import com.xkl.domain.User;
 import com.xkl.domain.User;
 import com.xkl.model.ResultModel;
 import com.xkl.model.ResultModel;
@@ -44,7 +45,7 @@ public class TokenController {
         Assert.notNull(username, "username can not be empty");
         Assert.notNull(username, "username can not be empty");
         Assert.notNull(password, "password can not be empty");
         Assert.notNull(password, "password can not be empty");
 
 
-        User user = userRepository.findByLoginAccount(username);
+        User user = userRepository.findByLoginAccountAndStatus(username, Constants.STATUS_OK2);
 
 
         if (user == null) {  //用户不存在
         if (user == null) {  //用户不存在
             return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
             return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);

@@ -4,6 +4,7 @@ import com.xkl.authorization.annotation.Authorization;
 import com.xkl.authorization.annotation.CurrentUser;
 import com.xkl.authorization.annotation.CurrentUser;
 import com.xkl.authorization.annotation.Sign;
 import com.xkl.authorization.annotation.Sign;
 import com.xkl.authorization.manager.ITokenManager;
 import com.xkl.authorization.manager.ITokenManager;
+import com.xkl.config.Constants;
 import com.xkl.config.ResultStatus;
 import com.xkl.config.ResultStatus;
 import com.xkl.domain.User;
 import com.xkl.domain.User;
 import com.xkl.domain.XklMemberEntity;
 import com.xkl.domain.XklMemberEntity;
@@ -49,7 +50,7 @@ public class UserInfoController {
         Assert.notNull(username, "username can not be empty");
         Assert.notNull(username, "username can not be empty");
         Assert.notNull(password, "password can not be empty");
         Assert.notNull(password, "password can not be empty");
 
 
-        User user = userRepository.findByLoginAccount(username);
+        User user = userRepository.findByLoginAccountAndStatus(username, Constants.STATUS_OK2);
         if (user != null ) {  //用户已注册
         if (user != null ) {  //用户已注册
             return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.NOT_FOUND);
             return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.NOT_FOUND);
         }else{
         }else{

 package com.xkl.controller.uploadsoft;
 package com.xkl.controller.uploadsoft;
 
 
-import com.wordnik.swagger.annotations.*;
+import com.wordnik.swagger.annotations.Api;
+import com.wordnik.swagger.annotations.ApiImplicitParam;
+import com.wordnik.swagger.annotations.ApiImplicitParams;
+import com.wordnik.swagger.annotations.ApiOperation;
 import com.xkl.authorization.annotation.Authorization;
 import com.xkl.authorization.annotation.Authorization;
 import com.xkl.authorization.annotation.CurrentAdmin;
 import com.xkl.authorization.annotation.CurrentAdmin;
-import com.xkl.authorization.annotation.CurrentUser;
 import com.xkl.authorization.manager.ITokenManager;
 import com.xkl.authorization.manager.ITokenManager;
 import com.xkl.authorization.model.TokenModel;
 import com.xkl.authorization.model.TokenModel;
 import com.xkl.config.Constants;
 import com.xkl.config.Constants;
 import com.xkl.config.ResultStatus;
 import com.xkl.config.ResultStatus;
-import com.xkl.domain.AMPMachine;
 import com.xkl.domain.Admin;
 import com.xkl.domain.Admin;
 import com.xkl.model.ResultModel;
 import com.xkl.model.ResultModel;
 import com.xkl.repository.AMPMachineRepository;
 import com.xkl.repository.AMPMachineRepository;
 import com.xkl.repository.AdminRepository;
 import com.xkl.repository.AdminRepository;
 import com.xkl.security.SecurityTool;
 import com.xkl.security.SecurityTool;
-import org.hibernate.validator.constraints.SafeHtml;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.http.ResponseEntity;
@@ -40,7 +40,7 @@ public class UpSoftAccountController {
     @Autowired
     @Autowired
     private ITokenManager tokenManager;
     private ITokenManager tokenManager;
 
 
-    private static final String UPSOFT_TOKEN_PREFIX = "UPSOFTTOKEN";
+    public static final String UPSOFT_TOKEN_PREFIX = "UPSOFTTOKEN";
 
 
     @RequestMapping(method = RequestMethod.POST)
     @RequestMapping(method = RequestMethod.POST)
     @ApiOperation(value = "报告上传软件登录", notes = "login")
     @ApiOperation(value = "报告上传软件登录", notes = "login")
@@ -57,13 +57,16 @@ public class UpSoftAccountController {
 //                ampMachine.getStatus() != 1) {//用户无效
 //                ampMachine.getStatus() != 1) {//用户无效
 //            return new ResponseEntity<>(ResultModel.error(ResultStatus.AMP_KEY_ERROR), HttpStatus.NOT_FOUND);
 //            return new ResponseEntity<>(ResultModel.error(ResultStatus.AMP_KEY_ERROR), HttpStatus.NOT_FOUND);
 //        }
 //        }
-
-        Admin admin = adminRepository.findByAccount(account);
+        Admin admin = adminRepository.findByAccountAndStatus(account, Constants.STATUS_OK);
+        //未注册
+        if (admin == null) {
+            //提示用户名或密码错误
+            return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
+        }
         String salt = admin.getSalt();
         String salt = admin.getSalt();
         String pass_in_db = admin.getPwd();
         String pass_in_db = admin.getPwd();
         String calcuPass = SecurityTool.getPassword(account, password, salt);
         String calcuPass = SecurityTool.getPassword(account, password, salt);
-        if (admin == null ||  //未注册
-                !calcuPass.equals(pass_in_db) ||//密码错误
+        if (!calcuPass.equals(pass_in_db) ||//密码错误
                 admin.getStatus() != 1) {//用户无效
                 admin.getStatus() != 1) {//用户无效
             //提示用户名或密码错误
             //提示用户名或密码错误
             return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
             return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
@@ -85,17 +88,20 @@ public class UpSoftAccountController {
         return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
         return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
     }
     }
 
 
-    @RequestMapping(value = "/upsoft/modpwd", method = RequestMethod.PUT)
+    @RequestMapping(method = RequestMethod.PUT)
     @Authorization
     @Authorization
     @ApiOperation(value = "报告上传软件修改密码")
     @ApiOperation(value = "报告上传软件修改密码")
     @ApiImplicitParams({
     @ApiImplicitParams({
             @ApiImplicitParam(name = "authorization", value = "请以如下格式输入登录返回信息：adminId_tokens", required = true, dataType = "string", paramType = "header"),
             @ApiImplicitParam(name = "authorization", value = "请以如下格式输入登录返回信息：adminId_tokens", required = true, dataType = "string", paramType = "header"),
     })
     })
     public ResponseEntity<ResultModel> modpwd(@CurrentAdmin Admin admin, @RequestParam String newpwd) {
     public ResponseEntity<ResultModel> modpwd(@CurrentAdmin Admin admin, @RequestParam String newpwd) {
-
-        admin = adminRepository.findById(admin.getId());
-        admin.setPwd(newpwd);
+        Assert.notNull(newpwd, "password can not be empty");
+        String salt = SecurityTool.genSalt();
+        String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt);
+        admin.setPwd(pass2Db);
+        admin.setSalt(salt);
         adminRepository.save(admin);
         adminRepository.save(admin);
+        tokenManager.deleteToken(UPSOFT_TOKEN_PREFIX + admin.getId());
         return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
         return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
     }
     }
 }
 }

@@ -9,7 +9,8 @@ import org.springframework.data.repository.CrudRepository;
  */
  */
 public interface AdminRepository extends CrudRepository<Admin, Long> {
 public interface AdminRepository extends CrudRepository<Admin, Long> {
 
 
-    public Admin findByAccount(String account);
-    public Admin findById(long id);
+//    public Admin findByAccount(String account);
+    public Admin findByAccountAndStatus(String account,int status);
+    public Admin findByIdAndStatus(long id,int status);
 
 
 }
 }

@@ -10,7 +10,7 @@ import org.springframework.data.repository.CrudRepository;
  * @see AMPReport
  * @see AMPReport
  */
  */
 public interface ReportRepository extends CrudRepository<AMPReport, Long> {
 public interface ReportRepository extends CrudRepository<AMPReport, Long> {
-    public AMPReport findByMd5(String md5);
+    public AMPReport findByMd5AndStatus(String md5,int status);
 
 
     public AMPReport findById(int id);
     public AMPReport findById(int id);
 
 

@@ -8,6 +8,5 @@ import org.springframework.data.repository.CrudRepository;
  * @see com.xkl.domain.User
  * @see com.xkl.domain.User
  */
  */
 public interface UserRepository extends CrudRepository<User, Long> {
 public interface UserRepository extends CrudRepository<User, Long> {
-
-    public User findByLoginAccount(String username);
+    public User findByLoginAccountAndStatus(String username,boolean status);
 }
 }

@@ -53,14 +53,14 @@ public class ReportService implements IReportService {
     public ResponseEntity<ResultModel> save(Admin admin, String json_report) {
     public ResponseEntity<ResultModel> save(Admin admin, String json_report) {
         // 验证存在性
         // 验证存在性
         String reportMd5 = SecurityTool.encode("MD5", json_report);
         String reportMd5 = SecurityTool.encode("MD5", json_report);
-        // 验证是否有对应的会员
+        // 验证是无对应的会员，rediskey
         String reportWithNoUser = reportMd5 + "Member";
         String reportWithNoUser = reportMd5 + "Member";
-        // 验证报告格式是否有问题
+        // 验证报告格式有问题，rediskey
         String reportWrongFormat = reportMd5 + "Format";
         String reportWrongFormat = reportMd5 + "Format";
         /*
         /*
          * 如果已经处理过的报告，不再进行处理。
          * 如果已经处理过的报告，不再进行处理。
          */
          */
-        AMPReport report = reportRepository.findByMd5(reportMd5);
+        AMPReport report = reportRepository.findByMd5AndStatus(reportMd5, Constants.STATUS_OK);
         if (report != null && report.getStatus() > 0) {
         if (report != null && report.getStatus() > 0) {
             // 返回，报告已存在。
             // 返回，报告已存在。
             return new ResponseEntity<>(ResultModel.ok(new ReportIdModel(report.getId())), HttpStatus.OK);
             return new ResponseEntity<>(ResultModel.ok(new ReportIdModel(report.getId())), HttpStatus.OK);
@@ -86,7 +86,7 @@ public class ReportService implements IReportService {
         /*
         /*
          * 检验会员存在性
          * 检验会员存在性
          */
          */
-        User user = userRepository.findByLoginAccount(reportData.getAmpReport().getAccount_str());
+        User user = userRepository.findByLoginAccountAndStatus(reportData.getAmpReport().getAccount_str(), Constants.STATUS_OK2);
         if (user == null) {
         if (user == null) {
             redis.boundValueOps(reportWithNoUser).set("");
             redis.boundValueOps(reportWithNoUser).set("");
             // 返回，报告对应会员不存在。
             // 返回，报告对应会员不存在。
@@ -112,9 +112,9 @@ public class ReportService implements IReportService {
     public ResponseEntity<ResultModel> delete(Admin admin, long report_id) {
     public ResponseEntity<ResultModel> delete(Admin admin, long report_id) {
         //  1. 得到report，验证报告存在性
         //  1. 得到report，验证报告存在性
         AMPReport report = reportRepository.findById((int) report_id);
         AMPReport report = reportRepository.findById((int) report_id);
-        if (report == null) {
+        if (report == null || report.getStatus() == 0) {
             // 报告不存在，返回
             // 报告不存在，返回
-            return new ResponseEntity<>(ResultModel.error(ResultStatus.REPORT_INVALID__ERROR), HttpStatus.NOT_FOUND);
+            return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
         }
         }
 
 
         // 2. 验证admin
         // 2. 验证admin