Authored by zhaoyue

Upsoft pass testing

1 git add --all src/* 1 git add --all src/*
2 git add push.sh 2 git add push.sh
3 git add pom.xml 3 git add pom.xml
4 -git commit -m "FIX some conflicts" 4 +git commit -m "Upsoft pass testing"
5 git push origin zhaoyue-dev2 5 git push origin zhaoyue-dev2
6 git status 6 git status
@@ -2,6 +2,7 @@ package com.xkl.authorization.resolvers; @@ -2,6 +2,7 @@ package com.xkl.authorization.resolvers;
2 2
3 import com.xkl.authorization.annotation.CurrentAdmin; 3 import com.xkl.authorization.annotation.CurrentAdmin;
4 import com.xkl.config.Constants; 4 import com.xkl.config.Constants;
  5 +import com.xkl.controller.uploadsoft.UpSoftAccountController;
5 import com.xkl.domain.Admin; 6 import com.xkl.domain.Admin;
6 import com.xkl.repository.AdminRepository; 7 import com.xkl.repository.AdminRepository;
7 import org.springframework.beans.factory.annotation.Autowired; 8 import org.springframework.beans.factory.annotation.Autowired;
@@ -16,7 +17,8 @@ import org.springframework.web.multipart.support.MissingServletRequestPartExcept @@ -16,7 +17,8 @@ import org.springframework.web.multipart.support.MissingServletRequestPartExcept
16 17
17 /** 18 /**
18 * 增加方法注入,将含有CurrentAdmin注解的方法参数注入当前登录用户 19 * 增加方法注入,将含有CurrentAdmin注解的方法参数注入当前登录用户
19 - * @see CurrentAdmin 20 + *
  21 + * @see CurrentAdmin
20 */ 22 */
21 @Component 23 @Component
22 public class CurrentAdminMethodArgumentResolver implements HandlerMethodArgumentResolver { 24 public class CurrentAdminMethodArgumentResolver implements HandlerMethodArgumentResolver {
@@ -37,10 +39,11 @@ public class CurrentAdminMethodArgumentResolver implements HandlerMethodArgument @@ -37,10 +39,11 @@ public class CurrentAdminMethodArgumentResolver implements HandlerMethodArgument
37 @Override 39 @Override
38 public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception { 40 public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
39 //取出鉴权时存入的登录用户Id 41 //取出鉴权时存入的登录用户Id
40 - Long currentAdminId = (Long) webRequest.getAttribute(Constants.CURRENT_USER_ID, RequestAttributes.SCOPE_REQUEST); 42 + String currentAdminId = ((String) webRequest.getAttribute(Constants.CURRENT_USER_ID, RequestAttributes.SCOPE_REQUEST)).replace(UpSoftAccountController.UPSOFT_TOKEN_PREFIX, "");
41 if (currentAdminId != null) { 43 if (currentAdminId != null) {
42 //从数据库中查询并返回 44 //从数据库中查询并返回
43 - return adminRepository.findOne(currentAdminId); 45 + Admin admin = adminRepository.findByIdAndStatus(Long.parseLong(currentAdminId), Constants.STATUS_OK);
  46 + return admin;
44 } 47 }
45 throw new MissingServletRequestPartException(Constants.CURRENT_USER_ID); 48 throw new MissingServletRequestPartException(Constants.CURRENT_USER_ID);
46 } 49 }
@@ -63,4 +63,9 @@ public interface Constants { @@ -63,4 +63,9 @@ public interface Constants {
63 public static final int LOWER = 1; 63 public static final int LOWER = 1;
64 public static final int HIGHER = 2; 64 public static final int HIGHER = 2;
65 65
  66 + public static final int STATUS_BAD = 0;
  67 + public static final boolean STATUS_BAD2 = false;
  68 + public static final int STATUS_OK = 1;
  69 + public static final boolean STATUS_OK2= true;
  70 +
66 } 71 }
@@ -4,6 +4,7 @@ import com.xkl.authorization.annotation.Authorization; @@ -4,6 +4,7 @@ import com.xkl.authorization.annotation.Authorization;
4 import com.xkl.authorization.annotation.CurrentUser; 4 import com.xkl.authorization.annotation.CurrentUser;
5 import com.xkl.authorization.manager.ITokenManager; 5 import com.xkl.authorization.manager.ITokenManager;
6 import com.xkl.authorization.model.TokenModel; 6 import com.xkl.authorization.model.TokenModel;
  7 +import com.xkl.config.Constants;
7 import com.xkl.config.ResultStatus; 8 import com.xkl.config.ResultStatus;
8 import com.xkl.domain.User; 9 import com.xkl.domain.User;
9 import com.xkl.model.ResultModel; 10 import com.xkl.model.ResultModel;
@@ -44,7 +45,7 @@ public class TokenController { @@ -44,7 +45,7 @@ public class TokenController {
44 Assert.notNull(username, "username can not be empty"); 45 Assert.notNull(username, "username can not be empty");
45 Assert.notNull(password, "password can not be empty"); 46 Assert.notNull(password, "password can not be empty");
46 47
47 - User user = userRepository.findByLoginAccount(username); 48 + User user = userRepository.findByLoginAccountAndStatus(username, Constants.STATUS_OK2);
48 49
49 if (user == null) { //用户不存在 50 if (user == null) { //用户不存在
50 return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND); 51 return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
@@ -4,6 +4,7 @@ import com.xkl.authorization.annotation.Authorization; @@ -4,6 +4,7 @@ import com.xkl.authorization.annotation.Authorization;
4 import com.xkl.authorization.annotation.CurrentUser; 4 import com.xkl.authorization.annotation.CurrentUser;
5 import com.xkl.authorization.annotation.Sign; 5 import com.xkl.authorization.annotation.Sign;
6 import com.xkl.authorization.manager.ITokenManager; 6 import com.xkl.authorization.manager.ITokenManager;
  7 +import com.xkl.config.Constants;
7 import com.xkl.config.ResultStatus; 8 import com.xkl.config.ResultStatus;
8 import com.xkl.domain.User; 9 import com.xkl.domain.User;
9 import com.xkl.domain.XklMemberEntity; 10 import com.xkl.domain.XklMemberEntity;
@@ -49,7 +50,7 @@ public class UserInfoController { @@ -49,7 +50,7 @@ public class UserInfoController {
49 Assert.notNull(username, "username can not be empty"); 50 Assert.notNull(username, "username can not be empty");
50 Assert.notNull(password, "password can not be empty"); 51 Assert.notNull(password, "password can not be empty");
51 52
52 - User user = userRepository.findByLoginAccount(username); 53 + User user = userRepository.findByLoginAccountAndStatus(username, Constants.STATUS_OK2);
53 if (user != null ) { //用户已注册 54 if (user != null ) { //用户已注册
54 return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.NOT_FOUND); 55 return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.NOT_FOUND);
55 }else{ 56 }else{
1 package com.xkl.controller.uploadsoft; 1 package com.xkl.controller.uploadsoft;
2 2
3 -import com.wordnik.swagger.annotations.*; 3 +import com.wordnik.swagger.annotations.Api;
  4 +import com.wordnik.swagger.annotations.ApiImplicitParam;
  5 +import com.wordnik.swagger.annotations.ApiImplicitParams;
  6 +import com.wordnik.swagger.annotations.ApiOperation;
4 import com.xkl.authorization.annotation.Authorization; 7 import com.xkl.authorization.annotation.Authorization;
5 import com.xkl.authorization.annotation.CurrentAdmin; 8 import com.xkl.authorization.annotation.CurrentAdmin;
6 -import com.xkl.authorization.annotation.CurrentUser;  
7 import com.xkl.authorization.manager.ITokenManager; 9 import com.xkl.authorization.manager.ITokenManager;
8 import com.xkl.authorization.model.TokenModel; 10 import com.xkl.authorization.model.TokenModel;
9 import com.xkl.config.Constants; 11 import com.xkl.config.Constants;
10 import com.xkl.config.ResultStatus; 12 import com.xkl.config.ResultStatus;
11 -import com.xkl.domain.AMPMachine;  
12 import com.xkl.domain.Admin; 13 import com.xkl.domain.Admin;
13 import com.xkl.model.ResultModel; 14 import com.xkl.model.ResultModel;
14 import com.xkl.repository.AMPMachineRepository; 15 import com.xkl.repository.AMPMachineRepository;
15 import com.xkl.repository.AdminRepository; 16 import com.xkl.repository.AdminRepository;
16 import com.xkl.security.SecurityTool; 17 import com.xkl.security.SecurityTool;
17 -import org.hibernate.validator.constraints.SafeHtml;  
18 import org.springframework.beans.factory.annotation.Autowired; 18 import org.springframework.beans.factory.annotation.Autowired;
19 import org.springframework.http.HttpStatus; 19 import org.springframework.http.HttpStatus;
20 import org.springframework.http.ResponseEntity; 20 import org.springframework.http.ResponseEntity;
@@ -40,7 +40,7 @@ public class UpSoftAccountController { @@ -40,7 +40,7 @@ public class UpSoftAccountController {
40 @Autowired 40 @Autowired
41 private ITokenManager tokenManager; 41 private ITokenManager tokenManager;
42 42
43 - private static final String UPSOFT_TOKEN_PREFIX = "UPSOFTTOKEN"; 43 + public static final String UPSOFT_TOKEN_PREFIX = "UPSOFTTOKEN";
44 44
45 @RequestMapping(method = RequestMethod.POST) 45 @RequestMapping(method = RequestMethod.POST)
46 @ApiOperation(value = "报告上传软件登录", notes = "login") 46 @ApiOperation(value = "报告上传软件登录", notes = "login")
@@ -57,13 +57,16 @@ public class UpSoftAccountController { @@ -57,13 +57,16 @@ public class UpSoftAccountController {
57 // ampMachine.getStatus() != 1) {//用户无效 57 // ampMachine.getStatus() != 1) {//用户无效
58 // return new ResponseEntity<>(ResultModel.error(ResultStatus.AMP_KEY_ERROR), HttpStatus.NOT_FOUND); 58 // return new ResponseEntity<>(ResultModel.error(ResultStatus.AMP_KEY_ERROR), HttpStatus.NOT_FOUND);
59 // } 59 // }
60 -  
61 - Admin admin = adminRepository.findByAccount(account); 60 + Admin admin = adminRepository.findByAccountAndStatus(account, Constants.STATUS_OK);
  61 + //未注册
  62 + if (admin == null) {
  63 + //提示用户名或密码错误
  64 + return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
  65 + }
62 String salt = admin.getSalt(); 66 String salt = admin.getSalt();
63 String pass_in_db = admin.getPwd(); 67 String pass_in_db = admin.getPwd();
64 String calcuPass = SecurityTool.getPassword(account, password, salt); 68 String calcuPass = SecurityTool.getPassword(account, password, salt);
65 - if (admin == null || //未注册  
66 - !calcuPass.equals(pass_in_db) ||//密码错误 69 + if (!calcuPass.equals(pass_in_db) ||//密码错误
67 admin.getStatus() != 1) {//用户无效 70 admin.getStatus() != 1) {//用户无效
68 //提示用户名或密码错误 71 //提示用户名或密码错误
69 return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND); 72 return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
@@ -85,17 +88,20 @@ public class UpSoftAccountController { @@ -85,17 +88,20 @@ public class UpSoftAccountController {
85 return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK); 88 return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
86 } 89 }
87 90
88 - @RequestMapping(value = "/upsoft/modpwd", method = RequestMethod.PUT) 91 + @RequestMapping(method = RequestMethod.PUT)
89 @Authorization 92 @Authorization
90 @ApiOperation(value = "报告上传软件修改密码") 93 @ApiOperation(value = "报告上传软件修改密码")
91 @ApiImplicitParams({ 94 @ApiImplicitParams({
92 @ApiImplicitParam(name = "authorization", value = "请以如下格式输入登录返回信息:adminId_tokens", required = true, dataType = "string", paramType = "header"), 95 @ApiImplicitParam(name = "authorization", value = "请以如下格式输入登录返回信息:adminId_tokens", required = true, dataType = "string", paramType = "header"),
93 }) 96 })
94 public ResponseEntity<ResultModel> modpwd(@CurrentAdmin Admin admin, @RequestParam String newpwd) { 97 public ResponseEntity<ResultModel> modpwd(@CurrentAdmin Admin admin, @RequestParam String newpwd) {
95 -  
96 - admin = adminRepository.findById(admin.getId());  
97 - admin.setPwd(newpwd); 98 + Assert.notNull(newpwd, "password can not be empty");
  99 + String salt = SecurityTool.genSalt();
  100 + String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt);
  101 + admin.setPwd(pass2Db);
  102 + admin.setSalt(salt);
98 adminRepository.save(admin); 103 adminRepository.save(admin);
  104 + tokenManager.deleteToken(UPSOFT_TOKEN_PREFIX + admin.getId());
99 return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK); 105 return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
100 } 106 }
101 } 107 }
@@ -9,7 +9,8 @@ import org.springframework.data.repository.CrudRepository; @@ -9,7 +9,8 @@ import org.springframework.data.repository.CrudRepository;
9 */ 9 */
10 public interface AdminRepository extends CrudRepository<Admin, Long> { 10 public interface AdminRepository extends CrudRepository<Admin, Long> {
11 11
12 - public Admin findByAccount(String account);  
13 - public Admin findById(long id); 12 +// public Admin findByAccount(String account);
  13 + public Admin findByAccountAndStatus(String account,int status);
  14 + public Admin findByIdAndStatus(long id,int status);
14 15
15 } 16 }
@@ -10,7 +10,7 @@ import org.springframework.data.repository.CrudRepository; @@ -10,7 +10,7 @@ import org.springframework.data.repository.CrudRepository;
10 * @see AMPReport 10 * @see AMPReport
11 */ 11 */
12 public interface ReportRepository extends CrudRepository<AMPReport, Long> { 12 public interface ReportRepository extends CrudRepository<AMPReport, Long> {
13 - public AMPReport findByMd5(String md5); 13 + public AMPReport findByMd5AndStatus(String md5,int status);
14 14
15 public AMPReport findById(int id); 15 public AMPReport findById(int id);
16 16
@@ -8,6 +8,5 @@ import org.springframework.data.repository.CrudRepository; @@ -8,6 +8,5 @@ import org.springframework.data.repository.CrudRepository;
8 * @see com.xkl.domain.User 8 * @see com.xkl.domain.User
9 */ 9 */
10 public interface UserRepository extends CrudRepository<User, Long> { 10 public interface UserRepository extends CrudRepository<User, Long> {
11 -  
12 - public User findByLoginAccount(String username); 11 + public User findByLoginAccountAndStatus(String username,boolean status);
13 } 12 }
@@ -53,14 +53,14 @@ public class ReportService implements IReportService { @@ -53,14 +53,14 @@ public class ReportService implements IReportService {
53 public ResponseEntity<ResultModel> save(Admin admin, String json_report) { 53 public ResponseEntity<ResultModel> save(Admin admin, String json_report) {
54 // 验证存在性 54 // 验证存在性
55 String reportMd5 = SecurityTool.encode("MD5", json_report); 55 String reportMd5 = SecurityTool.encode("MD5", json_report);
56 - // 验证是否有对应的会员 56 + // 验证是无对应的会员,rediskey
57 String reportWithNoUser = reportMd5 + "Member"; 57 String reportWithNoUser = reportMd5 + "Member";
58 - // 验证报告格式是否有问题 58 + // 验证报告格式有问题,rediskey
59 String reportWrongFormat = reportMd5 + "Format"; 59 String reportWrongFormat = reportMd5 + "Format";
60 /* 60 /*
61 * 如果已经处理过的报告,不再进行处理。 61 * 如果已经处理过的报告,不再进行处理。
62 */ 62 */
63 - AMPReport report = reportRepository.findByMd5(reportMd5); 63 + AMPReport report = reportRepository.findByMd5AndStatus(reportMd5, Constants.STATUS_OK);
64 if (report != null && report.getStatus() > 0) { 64 if (report != null && report.getStatus() > 0) {
65 // 返回,报告已存在。 65 // 返回,报告已存在。
66 return new ResponseEntity<>(ResultModel.ok(new ReportIdModel(report.getId())), HttpStatus.OK); 66 return new ResponseEntity<>(ResultModel.ok(new ReportIdModel(report.getId())), HttpStatus.OK);
@@ -86,7 +86,7 @@ public class ReportService implements IReportService { @@ -86,7 +86,7 @@ public class ReportService implements IReportService {
86 /* 86 /*
87 * 检验会员存在性 87 * 检验会员存在性
88 */ 88 */
89 - User user = userRepository.findByLoginAccount(reportData.getAmpReport().getAccount_str()); 89 + User user = userRepository.findByLoginAccountAndStatus(reportData.getAmpReport().getAccount_str(), Constants.STATUS_OK2);
90 if (user == null) { 90 if (user == null) {
91 redis.boundValueOps(reportWithNoUser).set(""); 91 redis.boundValueOps(reportWithNoUser).set("");
92 // 返回,报告对应会员不存在。 92 // 返回,报告对应会员不存在。
@@ -112,9 +112,9 @@ public class ReportService implements IReportService { @@ -112,9 +112,9 @@ public class ReportService implements IReportService {
112 public ResponseEntity<ResultModel> delete(Admin admin, long report_id) { 112 public ResponseEntity<ResultModel> delete(Admin admin, long report_id) {
113 // 1. 得到report,验证报告存在性 113 // 1. 得到report,验证报告存在性
114 AMPReport report = reportRepository.findById((int) report_id); 114 AMPReport report = reportRepository.findById((int) report_id);
115 - if (report == null) { 115 + if (report == null || report.getStatus() == 0) {
116 // 报告不存在,返回 116 // 报告不存在,返回
117 - return new ResponseEntity<>(ResultModel.error(ResultStatus.REPORT_INVALID__ERROR), HttpStatus.NOT_FOUND); 117 + return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
118 } 118 }
119 119
120 // 2. 验证admin 120 // 2. 验证admin