更新当前信息需校验当前密码

2022-08-12 12:07:04 +08:00 · 2022-08-12 12:07:04 +08:00 · e0fde0cf0f
parent 318107dbd7
commit e0fde0cf0f
2 changed files with 13 additions and 3 deletions
--- a/server/like-admin/src/main/java/com/hxkj/admin/service/system/impl/SystemAuthAdminServiceImpl.java
+++ b/server/like-admin/src/main/java/com/hxkj/admin/service/system/impl/SystemAuthAdminServiceImpl.java
@ -20,6 +20,7 @@ import com.hxkj.common.config.GlobalConfig;
 import com.hxkj.common.core.PageResult;
 import com.hxkj.common.entity.system.SystemAuthAdmin;
 import com.hxkj.common.entity.system.SystemAuthMenu;
+import com.hxkj.common.exception.OperateException;
 import com.hxkj.common.mapper.system.SystemAuthAdminMapper;
 import com.hxkj.common.mapper.system.SystemAuthMenuMapper;
 import com.hxkj.common.utils.*;
@ -318,7 +319,7 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {
     */
    @Override
    public void upInfo(SystemAuthAdminParam systemAuthAdminParam, Integer adminId) {
-        String[] field = {"id", "username", "nickname"};
+        String[] field = {"id", "username", "nickname", "password", "salt"};
        SystemAuthAdmin model = systemAuthAdminMapper.selectOne(new QueryWrapper<SystemAuthAdmin>()
                .select(field)
                .eq("id", adminId)
@ -327,6 +328,11 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {

        Assert.notNull(model, "账号不存在了!");

+        String currPassword = ToolsUtil.makeMd5(systemAuthAdminParam.getCurrPassword() + model.getSalt());
+        if (!currPassword.equals(model.getPassword())) {
+            throw new OperateException("当前密码不正确!");
+        }
+
        model.setNickname(systemAuthAdminParam.getNickname());
        model.setAvatar( UrlUtil.toRelativeUrl(systemAuthAdminParam.getAvatar()));
        model.setUpdateTime(System.currentTimeMillis() / 1000);
@ -360,7 +366,7 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {
                .select(field)
                .eq("id", id)
                .eq("is_delete", 0)
-                .last("limit 1")), "账号已不存在！");
+                .last("limit 1")), "账号已不存在!");

        Assert.isFalse(id == 1, "系统管理员不允许删除");

@ -390,7 +396,7 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {
                .eq("is_delete", 0)
                .last("limit 1"));

-        Assert.notNull(systemAuthAdmin, "账号已不存在！");
+        Assert.notNull(systemAuthAdmin, "账号已不存在!");

        Integer disable = systemAuthAdmin.getIsDisable() == 1 ? 0 : 1;
        systemAuthAdmin.setIsDisable(disable);
--- a/server/like-admin/src/main/java/com/hxkj/admin/validate/system/SystemAuthAdminParam.java
+++ b/server/like-admin/src/main/java/com/hxkj/admin/validate/system/SystemAuthAdminParam.java
@ -44,6 +44,10 @@ public class SystemAuthAdminParam implements Serializable {
    @Length(min = 6, max = 32, message = "密码必须在6~32个字符内", groups = {create.class})
    private String password;

+    @NotEmpty(message = "当前密码不能为空", groups = {upInfo.class})
+    @Length(min = 6, max = 32, message = "当前密码错误", groups = {upInfo.class})
+    private String currPassword;
+
    @NotNull(message = "请选择状态", groups = {create.class, update.class})
    @IntegerContains(values = {0, 1}, message = "isDisable参数不在合法值内", groups = {create.class, update.class})
    private Integer isDisable;