11111

backend/pom.xml

@@ -55,13 +55,13 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
             <version>${spring-boot.version}</version>
-            <exclusions>
-                <!--排除tomcat依赖-->
-                <exclusion>
-                    <artifactId>spring-boot-starter-tomcat</artifactId>
-                    <groupId>org.springframework.boot</groupId>
-                </exclusion>
-            </exclusions>
+<!--            <exclusions>-->
+<!--                &lt;!&ndash;排除tomcat依赖&ndash;&gt;-->
+<!--                <exclusion>-->
+<!--                    <artifactId>spring-boot-starter-tomcat</artifactId>-->
+<!--                    <groupId>org.springframework.boot</groupId>-->
+<!--                </exclusion>-->
+<!--            </exclusions>-->
         </dependency>
         <!--mysql 驱动-->
         <dependency>

backend/src/main/java/com/jiayue/ssi/config/WebConfig.java

@@ -1,7 +1,9 @@
 package com.jiayue.ssi.config;
 
 import com.jiayue.ssi.constant.CacheConstants;
+import com.jiayue.ssi.entity.SysBlacklist;
 import com.jiayue.ssi.interceptor.TokenStatusInterceptor;
+import com.jiayue.ssi.service.SysBlacklistService;
 import com.jiayue.ssi.service.SysParameterService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -21,6 +23,8 @@ import java.util.List;
 public class WebConfig implements WebMvcConfigurer {
     @Autowired
     SysParameterService sysParameterService;
+    @Autowired
+    SysBlacklistService sysBlacklistService;
 
     @Override
     public void addInterceptors(InterceptorRegistry registry){
@@ -37,4 +41,16 @@ public class WebConfig implements WebMvcConfigurer {
         String useSendMail = sysParameterService.queryByKey("useSendMail", "true");
         CacheConstants.use_send_mail = Boolean.parseBoolean(useSendMail);
     }
+
+    /**
+     * 加载黑名单
+     */
+    @Bean
+    public void initBlackList() {
+        // 加载上报对象缓存
+        List<SysBlacklist> sysBlacklists = sysBlacklistService.list();
+        for (SysBlacklist sysBlacklist:sysBlacklists){
+            CacheConstants.blacklistMap.put(sysBlacklist.getIp(),sysBlacklist.getId());
+        }
+    }
 }

backend/src/main/java/com/jiayue/ssi/controller/SysApproveController.java

@@ -1,13 +1,19 @@
 package com.jiayue.ssi.controller;
 
+import cn.hutool.json.JSONUtil;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.jiayue.ssi.annotation.OperateLog;
+import com.jiayue.ssi.backenum.ApproveOperaterEnum;
 import com.jiayue.ssi.backenum.ApproveStatusEnum;
 import com.jiayue.ssi.backenum.AuditType;
 import com.jiayue.ssi.backenum.BusinessType;
+import com.jiayue.ssi.constant.ApproveConstants;
 import com.jiayue.ssi.constant.CustomException;
 import com.jiayue.ssi.entity.SysApprove;
+import com.jiayue.ssi.entity.SysUser;
 import com.jiayue.ssi.service.SysApproveService;
 import com.jiayue.ssi.util.*;
 import lombok.extern.slf4j.Slf4j;
@@ -16,6 +22,8 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+
 /**
  * 审批接口
  *
@@ -46,6 +54,18 @@ public class SysApproveController {
                 wrapper.eq("approve_result", approveResult);
             }
             Page<SysApprove> result = sysApproveService.page(new Page<>(currentPage, pageSize), wrapper);
+            List<SysApprove> records = result.getRecords();
+            //遍历对象数组的方法
+            records.forEach(
+                    record -> {
+                        if (record.getModuleName().equals(ApproveConstants.MODULE_NAME_USER)){
+                            SysUser sysUser = JSONUtil.toBean(record.getParameterContent(),SysUser.class);
+                            if (record.getOperation().equals(String.valueOf(ApproveOperaterEnum.DELETE.getCode()))){
+                                record.setParameterContent("{账号："+sysUser.getUsername()+"}");
+                            }
+                        }
+                    }
+            );
             return ResponseVO.success(result);
         } catch (Exception e) {
             throw new CustomException("获取所有审批异常", e);

backend/src/main/java/com/jiayue/ssi/controller/SysLogininforController.java

@@ -49,7 +49,7 @@ public class SysLogininforController {
             }
             if (StringUtils.isNotEmpty(userName)) {
                 if (userName.length() > 50) {
-                    return ResponseVO.fail("用户名称长度不能超过50个字符！");
+                    return ResponseVO.fail("用户账号长度不能超过50个字符！");
                 }
             }
             QueryWrapper<SysLogininfor> wrapper = new QueryWrapper<>();

backend/src/main/java/com/jiayue/ssi/controller/SysUserController.java

@@ -206,7 +206,7 @@ public class SysUserController {
         try {
             SysUser existUser = sysUserService.getById(user.getId());
             if (existUser == null) {
-                return ResponseVO.fail("非法访问不能修改!");
+                return ResponseVO.fail("id为空不能修改!");
             }
 
             // 获取审批表是否存在此操作
@@ -294,6 +294,18 @@ public class SysUserController {
         if (StringUtils.isEmpty(id)) {
             return ResponseVO.fail("重置密码缺失id!");
         }
+        // 获取审批表是否存在此操作
+        QueryWrapper<SysApprove> wrapper = new QueryWrapper<>();
+        // 条件：待审批
+        wrapper.eq("approve_status", ApproveStatusEnum.DSP.getCode());
+        // 条件：删除操作
+        wrapper.eq("master_id", id);
+        // 条件：实体名
+        wrapper.eq("entity_name", "SysUser");
+        List<SysApprove> list = sysApproveService.list(wrapper);
+        if (list.size() > 0) {
+            return ResponseVO.fail("此记录存在未审批的操作,不能进行修改！");
+        }
         // id获取用户
         SysUser sysUser = sysUserService.getById(id);
         if (sysUser == null) {
@@ -330,7 +342,7 @@ public class SysUserController {
             // id获取用户
             SysUser sysUser = sysUserService.getById(id);
             if (sysUser == null) {
-                return ResponseVO.fail("不能删除用户！");
+                return ResponseVO.fail("id为空不能删除用户！");
             }
 
             // 获取审批表是否存在此操作
@@ -368,6 +380,18 @@ public class SysUserController {
             if (StringUtils.isEmpty(id)) {
                 return ResponseVO.fail("修改密码缺失id!");
             }
+            // 获取审批表是否存在此操作
+            QueryWrapper<SysApprove> wrapper = new QueryWrapper<>();
+            // 条件：待审批
+            wrapper.eq("approve_status", ApproveStatusEnum.DSP.getCode());
+            // 条件：删除操作
+            wrapper.eq("master_id", id);
+            // 条件：实体名
+            wrapper.eq("entity_name", "SysUser");
+            List<SysApprove> list = sysApproveService.list(wrapper);
+            if (list.size() > 0) {
+                return ResponseVO.fail("此记录存在未审批的操作,不能进行修改！");
+            }
             // id获取用户
             SysUser sysUser = sysUserService.getById(id);
             if (sysUser == null) {
@@ -427,6 +451,18 @@ public class SysUserController {
             if (StringUtils.isEmpty(id)) {
                 return ResponseVO.fail("id不能为空!");
             }
+            // 获取审批表是否存在此操作
+            QueryWrapper<SysApprove> wrapper = new QueryWrapper<>();
+            // 条件：待审批
+            wrapper.eq("approve_status", ApproveStatusEnum.DSP.getCode());
+            // 条件：删除操作
+            wrapper.eq("master_id", id);
+            // 条件：实体名
+            wrapper.eq("entity_name", "SysUser");
+            List<SysApprove> list = sysApproveService.list(wrapper);
+            if (list.size() > 0) {
+                return ResponseVO.fail("此记录存在未审批的操作,不能进行修改！");
+            }
             // id获取用户
             SysUser sysUser = sysUserService.getById(id);
             if (sysUser == null) {
@@ -459,6 +495,18 @@ public class SysUserController {
             if (userId == null) {
                 return ResponseVO.fail("用户id不能为空!");
             }
+            // 获取审批表是否存在此操作
+            QueryWrapper<SysApprove> wrapper = new QueryWrapper<>();
+            // 条件：待审批
+            wrapper.eq("approve_status", ApproveStatusEnum.DSP.getCode());
+            // 条件：删除操作
+            wrapper.eq("master_id", userId);
+            // 条件：实体名
+            wrapper.eq("entity_name", "SysUser");
+            List<SysApprove> list = sysApproveService.list(wrapper);
+            if (list.size() > 0) {
+                return ResponseVO.fail("此记录存在未审批的操作,不能进行修改！");
+            }
             sysUserService.insertUserAuth(userId, roleId);
             return ResponseVO.success("分配角色成功");
         } catch (Exception e) {

backend/src/main/java/com/jiayue/ssi/filter/InterfaceLimitFilter.java

@@ -42,7 +42,7 @@ public class InterfaceLimitFilter extends OncePerRequestFilter {
             response.setHeader("Access-Control-Allow-Origin", "*");
             response.setStatus(410);
             response.setContentType("text/html;charset=utf-8");
-            response.getWriter().write("请求过于频繁导致IP被锁定，请联系管理员！");
+            response.getWriter().write("IP已进黑名单，请联系管理员！");
             return;
         }
         else{
@@ -60,7 +60,7 @@ public class InterfaceLimitFilter extends OncePerRequestFilter {
                 response.setHeader("Access-Control-Allow-Origin", "*");
                 response.setStatus(410);
                 response.setContentType("text/html;charset=utf-8");
-                response.getWriter().write("请求过于频繁导致IP被锁定，请联系管理员！");
+                response.getWriter().write("IP已进黑名单，请联系管理员！");
                 return;
             }
             filterChain.doFilter(request, response);

backend/src/main/java/com/jiayue/ssi/filter/JwtAuthenticationTokenFilter.java

@@ -66,6 +66,10 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
             if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
                 UserDetails userDetails = userServiceImpl.loadUserByUsername(username);
                 SysUser user = (SysUser) userDetails;
+                if (user.getStatus().equals("2")){
+                    ResponseInfo.doResponse(response, "账号已注销，不能登录！", 403);
+                    return;
+                }
                 if (user.getExpDate() != null) {
                     // 判断账号截止日期
                     Date lastDate = DateUtils.getDayLastTime(user.getExpDate());
@@ -89,6 +93,10 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
                 try {
                     UserDetails userDetails = userServiceImpl.loadUserByUsername(request.getParameter("username"));
                     SysUser user = (SysUser) userDetails;
+                    if (user.getStatus().equals("2")){
+                        ResponseInfo.doResponse(response, "账号已注销，不能登录！", 403);
+                        return;
+                    }
                     if (user.getExpDate() != null) {
                         // 判断账号截止日期
                         Date lastDate = DateUtils.getDayLastTime(user.getExpDate());

backend/src/main/java/com/jiayue/ssi/filter/VerifySmFilter.java

@@ -6,9 +6,11 @@ import com.jiayue.ssi.constant.Constants;
 import com.jiayue.ssi.constant.SecretKeyConstants;
 import com.jiayue.ssi.factory.LoginFactory;
 import com.jiayue.ssi.servlet.ParameterRequestWrapper;
+import com.jiayue.ssi.util.IPUtils;
 import com.jiayue.ssi.util.JwtTokenUtil;
 import com.jiayue.ssi.util.ResponseInfo;
 import com.jiayue.ssi.util.SM2CryptUtils;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.core.annotation.Order;
 import org.springframework.web.filter.OncePerRequestFilter;
@@ -28,6 +30,7 @@ import java.util.Map;
  * @since 2023/02/27
  */
 @Order(4)
+@Slf4j
 public class VerifySmFilter extends OncePerRequestFilter {
     private String defaultFilterProcessUrl = "/user/login";
 
@@ -178,7 +181,7 @@ public class VerifySmFilter extends OncePerRequestFilter {
             ParameterRequestWrapper pr = new ParameterRequestWrapper(initWrapper, stringToMap, decryptStr);
             filterChain.doFilter(pr, response);
         } catch (Exception e) {
-            e.printStackTrace();
+            log.error(IPUtils.getIpAddr(request)+"访问系统失败",e);
             ResponseInfo.doResponse(response, "访问失败,联系管理员！", 401);
             return;
         }

backend/src/main/java/com/jiayue/ssi/util/InterfaceLimitUtil.java

@@ -23,7 +23,7 @@ public class InterfaceLimitUtil {
      * @param value 允许请求的次数
      * @return boolean true:允许通过 false:不通过
      */
-    public static boolean checkInterface(HttpServletRequest request,long time,int value){
+    public synchronized static boolean checkInterface(HttpServletRequest request,long time,int value){
         ExpiringMap<String, Integer> uc = interfaceLimitMap.getOrDefault(request.getRequestURI(), ExpiringMap.builder().variableExpiration().build());
         Integer uCount = uc.getOrDefault(IPUtils.getIpAddr(request), 0);
         if (uCount >= value) { // 超过次数，不执行目标方法

ui/src/views/auditManager/logininfo/index.vue

@@ -10,11 +10,11 @@
           style="width: 240px;"
         />
       </el-form-item>
-      <el-form-item label="用户名称" prop="userName">
+      <el-form-item label="用户账号" prop="userName">
         <el-input
           maxlength="50"
           v-model="queryParams.userName"
-          placeholder="请输入用户名称"
+          placeholder="请输入用户账号"
           clearable
           style="width: 240px;"
         />

ui/src/views/sysManager/roleManager/index.vue

@@ -94,7 +94,7 @@
         :radio-config="{trigger: 'row'}"
       >
         <vxe-column type="radio" width="60"/>
-<!--        <vxe-table-column field="roleId" title="角色编号"/>-->
+        <!--        <vxe-table-column field="roleId" title="角色编号"/>-->
         <vxe-table-column field="roleName" title="角色名称"/>
         <vxe-table-column field="roleType" title="类型" :formatter="typeFormat"/>
         <vxe-table-column field="roleKey" title="字符标识"/>
@@ -245,7 +245,7 @@ export default {
         {value: '0', label: '正常'},
         {value: '1', label: '停用'}
       ],
-      edit:false,
+      edit: false,
       showTable: true,
       // 遮罩层
       loading: true,
@@ -345,7 +345,7 @@ export default {
       return belongTo
     },
     /** 查询角色列表 */
-    getList(){
+    getList() {
       this.loading = true;
       var searchParams = {
         currentPage: this.currentPage,
@@ -411,7 +411,7 @@ export default {
       }
       this.$axios.get('/sysMenuController/roleMenuTreeselect',
         {params: param}).then((res) => {
-          console.log(res.data)
+        console.log(res.data)
         this.menuOptions = res.data.menus;
         return res.data
       }).catch((error) => {
@@ -447,29 +447,29 @@ export default {
       }
       this.edit = false,
       this.menuExpand = false,
-        this.menuNodeAll = false,
-        this.deptExpand = true,
-        this.deptNodeAll = false,
-        this.form = {
-          roleId: undefined,
-          roleName: undefined,
-          roleKey: undefined,
-          roleSort: 0,
-          status: "0",
-          roleType: "0",
-          menuIds: [],
-          deptIds: [],
-          menuCheckStrictly: true,
-          deptCheckStrictly: true,
-          remark: undefined
-        };
+      this.menuNodeAll = false,
+      this.deptExpand = true,
+      this.deptNodeAll = false,
+      this.form = {
+        roleId: undefined,
+        roleName: undefined,
+        roleKey: undefined,
+        roleSort: 0,
+        status: "0",
+        roleType: "0",
+        menuIds: [],
+        deptIds: [],
+        menuCheckStrictly: true,
+        deptCheckStrictly: true,
+        remark: undefined
+      };
       this.resetForm("form");
     },
     /** 搜索按钮操作 */
-    handleQuery:debounce(function(){
+    handleQuery: debounce(function () {
       this.queryParams.pageNum = 1;
       this.getList();
-    },1000),
+    }, 1000),
     /** 重置按钮操作 */
     resetQuery() {
       this.dateRange = [];
@@ -527,10 +527,10 @@ export default {
       this.getMenuTreeselect();
       this.open = true;
       this.title = "添加角色";
-      this.edit=false;
+      this.edit = false;
     }, 500),
     /** 修改按钮操作 */
-    handleUpdate:debounce(function () {
+    handleUpdate: debounce(function () {
       this.reset();
       const _selectData = this.$refs.xTable.getRadioRecord(true)
       if (_selectData == null) {
@@ -541,32 +541,32 @@ export default {
         return
       }
 
-      if (_selectData.roleKey=='system' || _selectData.roleKey=='audit'){
-        this.edit=true;
+      if (_selectData.roleKey == 'system' || _selectData.roleKey == 'audit') {
+        this.edit = true;
       }
 
       const roleId = _selectData.roleId
       // const roleMenu = this.getRoleMenuTreeselect(roleId);
-        var param = {
-          roleId: roleId
-        }
-        this.$axios.get('/sysRoleController/getInfo',
-          {params: param}).then((res2) => {
-          this.form = res2.data;
-          this.open = true;
-          this.$axios.get('/sysMenuController/roleMenuTreeselect',
-            {params: param}).then((res) => {
-            this.menuOptions = res.data.menus;
-            let checkedKeys = res.data.checkedKeys
-            console.log(checkedKeys)
-            checkedKeys.forEach((v) => {
-              this.$nextTick(() => {
-                this.$refs.menu.setChecked(v, true, false);
-              })
+      var param = {
+        roleId: roleId
+      }
+      this.$axios.get('/sysRoleController/getInfo',
+        {params: param}).then((res2) => {
+        this.form = res2.data;
+        this.open = true;
+        this.$axios.get('/sysMenuController/roleMenuTreeselect',
+          {params: param}).then((res) => {
+          this.menuOptions = res.data.menus;
+          let checkedKeys = res.data.checkedKeys
+          console.log(checkedKeys)
+          checkedKeys.forEach((v) => {
+            this.$nextTick(() => {
+              this.$refs.menu.setChecked(v, true, false);
             })
           })
         })
-        this.title = "修改角色";
+      })
+      this.title = "修改角色";
     }, 1000),
     /** 选择角色权限范围触发 */
     dataScopeSelectChange(value) {
@@ -583,8 +583,8 @@ export default {
     submitForm: debounce(function () {
       this.$refs["form"].validate(valid => {
         if (valid) {
-          if (this.form.roleKey.trim()=='system' || this.form.roleKey.trim()=='audit'){
-            if (this.form.builtIn!='0'){
+          if (this.form.roleKey.trim() == 'system' || this.form.roleKey.trim() == 'audit') {
+            if (this.form.builtIn != '0') {
               // 不是内置用户则拦截
               this.$message({
                 type: 'warning',
@@ -645,7 +645,7 @@ export default {
       }
     },
     /** 删除按钮操作 */
-    handleDelete(){
+    handleDelete() {
       const _selectData = this.$refs.xTable.getRadioRecord(true)
       if (_selectData == null) {
         this.$message({
@@ -655,7 +655,7 @@ export default {
         return
       }
 
-      if (_selectData.roleKey=='system' || _selectData.roleKey=='audit'){
+      if (_selectData.roleKey == 'system' || _selectData.roleKey == 'audit') {
         this.$message({
           type: 'warning',
           message: '内置角色不能删除!'
@@ -675,7 +675,7 @@ export default {
     /**
      * 删除提交
      */
-    doDelete:debounce(function(_selectData){
+    doDelete: debounce(function (_selectData) {
       const param = {
         roleId: _selectData.roleId
       }
@@ -699,7 +699,7 @@ export default {
         });
         this.loading = false
       })
-    },1000)
+    }, 1000)
   }
 };
 </script>
@@ -710,6 +710,6 @@ export default {
   margin-top: 5px;
   border: 1px solid #e5e6e7;
   background: #FFFFFF none;
-  border-radius:4px;
+  border-radius: 4px;
 }
 </style>

ui/src/views/sysManager/userManager/index.vue

@@ -271,6 +271,15 @@ export default {
   name: "User",
   data() {
     return {
+      id: undefined,
+      username: undefined,
+      nickname: undefined,
+      phonenumber: undefined,
+      mailbox: undefined,
+      status: "0",
+      usertype: "0",
+      remark: undefined,
+      expDate: undefined,
       // 角色表格数据
       jsuserid:'',
       roleList: [],
@@ -439,7 +448,7 @@ export default {
         remark: undefined,
         expDate: undefined
       };
-      this.resetForm("form");
+      // this.resetForm("form");
     },
     /** 搜索按钮操作 */
     handleQuery:debounce(function(){
@@ -600,7 +609,8 @@ export default {
     /** 修改按钮操作 */
     handleUpdate() {
       this.reset();
-      const _selectData = this.$refs.userTable.getRadioRecord(true)
+      let _selectData = this.$refs.userTable.getRadioRecord(true)
+      console.log(_selectData)
       if (_selectData == null) {
         this.$message({
           type: 'warning',