用户管理和审核修改

backend/src/main/java/com/jiayue/ssi/aspectj/AgainVerifyAspect.java

@@ -2,7 +2,9 @@ package com.jiayue.ssi.aspectj;
 
 import cn.hutool.crypto.SmUtil;
 import com.jiayue.ssi.annotation.AgainVerify;
+import com.jiayue.ssi.constant.SecretKeyConstants;
 import com.jiayue.ssi.util.ResponseVO;
+import com.jiayue.ssi.util.SM2CryptUtils;
 import com.jiayue.ssi.util.SecurityContextUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.aspectj.lang.ProceedingJoinPoint;
@@ -50,7 +52,7 @@ public class AgainVerifyAspect {
             log.error("鉴别操作加密密码失败",e);
             return ResponseVO.fail("鉴别失败,不能操作");
         }
-        if (!decryptPassword.equals(SecurityContextUtil.getSysUser().getPassword())) {
+        if (!decryptPassword.equals(SM2CryptUtils.decrypt(SecurityContextUtil.getSysUser().getPassword(), SecretKeyConstants.SERVER_PRIVATE_KEY))) {
             log.error("鉴别失败,不能操作");
             return ResponseVO.fail("鉴别失败,不能操作");
         }

backend/src/main/java/com/jiayue/ssi/backenum/ApproveOperaterEnum.java

@@ -17,14 +17,17 @@ public enum ApproveOperaterEnum {
      */
     INSERT(0, "新增"),
     /**
-     * 已连接
+     * 修改
      */
     UPDATE(1, "修改"),
     /**
      * 删除
      */
-    DELETE(2, "删除");
-
+    DELETE(2, "删除"),
+    /**
+     * 删除
+     */
+    APPROVE(3, "授权");
     private Integer code;
     private String message;
 }

backend/src/main/java/com/jiayue/ssi/config/MyAuthenticationProvider.java

@@ -1,6 +1,8 @@
 package com.jiayue.ssi.config;
 
 import cn.hutool.crypto.SmUtil;
+import com.jiayue.ssi.constant.SecretKeyConstants;
+import com.jiayue.ssi.util.SM2CryptUtils;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
@@ -40,7 +42,7 @@ public class MyAuthenticationProvider extends DaoAuthenticationProvider {
 //                this.logger.debug("Authentication failed: password does not match stored value");
 //                throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
 //            }
-            if (!decryptPassword.equals(userDetails.getPassword())) {
+            if (!decryptPassword.equals(SM2CryptUtils.decrypt(userDetails.getPassword(), SecretKeyConstants.SERVER_PRIVATE_KEY))) {
                 this.logger.debug("Authentication failed: password does not match stored value");
                 throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
             }

backend/src/main/java/com/jiayue/ssi/controller/SysApproveController.java

@@ -1,5 +1,6 @@
 package com.jiayue.ssi.controller;
 
+import cn.hutool.core.util.DesensitizedUtil;
 import cn.hutool.core.util.NumberUtil;
 import cn.hutool.json.JSONUtil;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@@ -11,16 +12,20 @@ import com.jiayue.ssi.backenum.AuditType;
 import com.jiayue.ssi.backenum.BusinessType;
 import com.jiayue.ssi.constant.ApproveConstants;
 import com.jiayue.ssi.constant.CustomException;
+import com.jiayue.ssi.constant.SecretKeyConstants;
 import com.jiayue.ssi.entity.SysApprove;
 import com.jiayue.ssi.entity.SysUser;
 import com.jiayue.ssi.service.SysApproveService;
+import com.jiayue.ssi.service.SysUserService;
 import com.jiayue.ssi.util.*;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.time.DateFormatUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
+import java.text.DateFormat;
 import java.util.List;
 
 /**
@@ -35,6 +40,8 @@ import java.util.List;
 public class SysApproveController {
     @Autowired
     SysApproveService sysApproveService;
+    @Autowired
+    SysUserService sysUserService;
 
     /**
      * 获取用户分页信息
@@ -85,9 +92,135 @@ public class SysApproveController {
             records.forEach(
                     record -> {
                         if (record.getModuleName().equals(ApproveConstants.MODULE_NAME_USER)){
-                            SysUser sysUser = JSONUtil.toBean(record.getParameterContent(),SysUser.class);
-                            if (record.getOperation().equals(String.valueOf(ApproveOperaterEnum.DELETE.getCode()))){
-                                record.setParameterContent("{账号："+sysUser.getUsername()+"}");
+                            if (record.getOperation().equals(String.valueOf(ApproveOperaterEnum.INSERT.getCode()))){
+                                // 敏感数据先解密
+                                String idcard = SM2CryptUtils.decrypt(record.getIdcard(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String nickname = SM2CryptUtils.decrypt(record.getNickname(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String mailbox = SM2CryptUtils.decrypt(record.getMailbox(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String phonenumber = SM2CryptUtils.decrypt(record.getPhonenumber(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                // 脱密处理
+                                idcard = DesensitizedUtil.idCardNum(idcard,5,2);
+                                nickname = DesensitizedUtil.chineseName(nickname);
+                                mailbox = DesensitizedUtil.email(mailbox);
+                                phonenumber = DesensitizedUtil.mobilePhone(phonenumber);
+                                // 封装新增操作
+                                StringBuffer parameterContent = new StringBuffer("");
+                                parameterContent.append("账号："+record.getUsername());
+                                parameterContent.append(",身份证号码："+idcard);
+                                if ("0".equals(record.getUsertype())){
+                                    parameterContent.append(",用户类型：管理员");
+                                }
+                                else {
+                                    parameterContent.append(",用户类型：业务用户");
+                                }
+
+                                parameterContent.append(",姓名："+nickname);
+                                parameterContent.append(",邮箱："+mailbox);
+                                parameterContent.append(",手机号码："+phonenumber);
+                                if (record.getExpDate()==null){
+
+                                }
+                                else {
+                                    parameterContent.append(",账号有效期："+DateFormatUtils.format(record.getExpDate(),"yyyy-MM-dd"));
+                                }
+                                record.setParameterContent(parameterContent.toString());
+                            }
+                            else if (record.getOperation().equals(String.valueOf(ApproveOperaterEnum.UPDATE.getCode()))){
+                                // 根据用户主键ID获取用户表里原有数据
+                                StringBuffer parameterContent = new StringBuffer("");
+                                String oldInfo = record.getParameterContent();
+                                SysUser oldSysUser = JSONUtil.toBean(oldInfo,SysUser.class);
+                                parameterContent.append("修改前内容：\n");
+                                String oldidcard = SM2CryptUtils.decrypt(oldSysUser.getIdcard(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String oldnickname = SM2CryptUtils.decrypt(oldSysUser.getNickname(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String oldmailbox = SM2CryptUtils.decrypt(oldSysUser.getMailbox(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String oldphonenumber = SM2CryptUtils.decrypt(oldSysUser.getPhonenumber(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                // 脱密处理
+                                String tmidcard = DesensitizedUtil.idCardNum(oldidcard,5,2);
+                                String tmnickname = DesensitizedUtil.chineseName(oldnickname);
+                                String tmailbox = DesensitizedUtil.email(oldmailbox);
+                                String tmphonenumber = DesensitizedUtil.mobilePhone(oldphonenumber);
+                                parameterContent.append("账号："+oldSysUser.getUsername());
+                                parameterContent.append(",身份证号码："+tmidcard);
+                                if ("0".equals(oldSysUser.getUsertype())){
+                                    parameterContent.append(",用户类型：管理员");
+                                }
+                                else {
+                                    parameterContent.append(",用户类型：业务用户");
+                                }
+                                parameterContent.append(",姓名："+tmnickname);
+                                parameterContent.append(",邮箱："+tmailbox);
+                                parameterContent.append(",手机号码："+tmphonenumber);
+                                if (oldSysUser.getExpDate()==null){
+                                }
+                                else {
+                                    parameterContent.append(",账号有效期："+DateFormatUtils.format(oldSysUser.getExpDate(),"yyyy-MM-dd"));
+                                }
+                                parameterContent.append("\n");
+
+                                // 审批表里的记录敏感数据先解密
+                                String idcard = SM2CryptUtils.decrypt(record.getIdcard(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String nickname = SM2CryptUtils.decrypt(record.getNickname(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String mailbox = SM2CryptUtils.decrypt(record.getMailbox(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String phonenumber = SM2CryptUtils.decrypt(record.getPhonenumber(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                // 脱密处理
+                                idcard = DesensitizedUtil.idCardNum(idcard,5,2);
+                                nickname = DesensitizedUtil.chineseName(nickname);
+                                mailbox = DesensitizedUtil.email(mailbox);
+                                phonenumber = DesensitizedUtil.mobilePhone(phonenumber);
+                                parameterContent.append("修改后内容：\n");
+                                parameterContent.append("账号："+record.getUsername());
+                                parameterContent.append(",身份证号码："+idcard);
+                                if ("0".equals(record.getUsertype())){
+                                    parameterContent.append(",用户类型：管理员");
+                                }
+                                else {
+                                    parameterContent.append(",用户类型：业务用户");
+                                }
+
+                                parameterContent.append(",姓名："+nickname);
+                                parameterContent.append(",邮箱："+mailbox);
+                                parameterContent.append(",手机号码："+phonenumber);
+                                if (record.getExpDate()==null){
+
+                                }
+                                else {
+                                    parameterContent.append(",账号有效期："+DateFormatUtils.format(record.getExpDate(),"yyyy-MM-dd"));
+                                }
+                                record.setParameterContent(parameterContent.toString());
+                            }
+                            else if (record.getOperation().equals(String.valueOf(ApproveOperaterEnum.DELETE.getCode()))){
+                                // 敏感数据先解密
+                                String idcard = SM2CryptUtils.decrypt(record.getIdcard(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String nickname = SM2CryptUtils.decrypt(record.getNickname(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String mailbox = SM2CryptUtils.decrypt(record.getMailbox(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                String phonenumber = SM2CryptUtils.decrypt(record.getPhonenumber(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                                // 脱密处理
+                                idcard = DesensitizedUtil.idCardNum(idcard,5,2);
+                                nickname = DesensitizedUtil.chineseName(nickname);
+                                mailbox = DesensitizedUtil.email(mailbox);
+                                phonenumber = DesensitizedUtil.mobilePhone(phonenumber);
+                                // 封装新增操作
+                                StringBuffer parameterContent = new StringBuffer("");
+                                parameterContent.append("账号："+record.getUsername());
+                                parameterContent.append(",身份证号码："+idcard);
+                                if ("0".equals(record.getUsertype())){
+                                    parameterContent.append(",用户类型：管理员");
+                                }
+                                else {
+                                    parameterContent.append(",用户类型：业务用户");
+                                }
+
+                                parameterContent.append(",姓名："+nickname);
+                                parameterContent.append(",邮箱："+mailbox);
+                                parameterContent.append(",手机号码："+phonenumber);
+                                if (record.getExpDate()==null){
+
+                                }
+                                else {
+                                    parameterContent.append(",账号有效期："+DateFormatUtils.format(record.getExpDate(),"yyyy-MM-dd"));
+                                }
+                                record.setParameterContent(parameterContent.toString());
                             }
                         }
                     }

backend/src/main/java/com/jiayue/ssi/controller/SysUserController.java

@@ -4,17 +4,21 @@ import cn.hutool.core.lang.Validator;
 import cn.hutool.core.util.IdcardUtil;
 import cn.hutool.core.util.NumberUtil;
 import cn.hutool.crypto.SmUtil;
+import cn.hutool.json.JSONUtil;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.jiayue.ssi.annotation.AgainVerify;
 import com.jiayue.ssi.annotation.OperateLog;
 import com.jiayue.ssi.annotation.PreventReplay;
+import com.jiayue.ssi.backenum.ApproveOperaterEnum;
 import com.jiayue.ssi.backenum.ApproveStatusEnum;
 import com.jiayue.ssi.backenum.AuditType;
 import com.jiayue.ssi.backenum.BusinessType;
 import com.jiayue.ssi.config.SendMailUtil;
+import com.jiayue.ssi.constant.ApproveConstants;
 import com.jiayue.ssi.constant.CacheConstants;
 import com.jiayue.ssi.constant.CustomException;
+import com.jiayue.ssi.constant.SecretKeyConstants;
 import com.jiayue.ssi.entity.*;
 import com.jiayue.ssi.service.*;
 import com.jiayue.ssi.service.impl.SysPermissionService;
@@ -26,6 +30,7 @@ import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * 用户信息接口
@@ -60,31 +65,9 @@ public class SysUserController {
     @GetMapping(value = "/getAll")
     @PreAuthorize("@ss.hasPermi('system:user:list')")
     @PreventReplay
-    public ResponseVO getAll(String currentPage, String pageSize, String username, String phonenumber,
+    public ResponseVO getAll(String username, String phonenumber,
                              String status) throws CustomException {
         try {
-            Integer cp;
-            if (StringUtils.isNotEmpty(currentPage)) {
-                if (NumberUtil.isInteger(currentPage)) {
-                    cp = Integer.parseInt(currentPage);
-                } else {
-                    return ResponseVO.fail("currentPage不是整数！");
-                }
-            } else {
-                return ResponseVO.fail("currentPage不能是空！");
-            }
-
-            Integer ps;
-            if (StringUtils.isNotEmpty(pageSize)) {
-                if (NumberUtil.isInteger(pageSize)) {
-                    ps = Integer.parseInt(pageSize);
-                } else {
-                    return ResponseVO.fail("pageSize不是整数！");
-                }
-            } else {
-                return ResponseVO.fail("pageSize不能是空！");
-            }
-
             if (StringUtils.isNotEmpty(username)) {
                 if (username.length() > 20) {
                     return ResponseVO.fail("用户账号长度不能超过20个字符！");
@@ -95,90 +78,30 @@ public class SysUserController {
                     return ResponseVO.fail("手机号码长度不能超过11个字符！");
                 }
             }
-            QueryWrapper<SysUser> wrapper = new QueryWrapper<>();
+
+            // 查询全部
+            List<SysUser> sysUserList = sysUserService.queryAllUserByDecrypt();
+
+            // 根据查询条件过滤结果
             if (StringUtils.isNotEmpty(username)) {
-                wrapper.eq("username", username);
+                sysUserList =  sysUserList.stream().filter(user -> username.equals(user.getUsername())).collect(Collectors.toList());
             }
             if (StringUtils.isNotEmpty(phonenumber)) {
-                wrapper.eq("AES_DECRYPT(UNHEX(phonenumber), '" + new String(AesUtils.key) + "')", phonenumber);
+                sysUserList =  sysUserList.stream().filter(user -> phonenumber.equals(user.getPhonenumber())).collect(Collectors.toList());
             }
             if (StringUtils.isNotEmpty(status)) {
-                wrapper.eq("status", status);
+                sysUserList =  sysUserList.stream().filter(user -> status.equals(user.getStatus())).collect(Collectors.toList());
             }
 
             SysRole sysRole = sysRoleService.selectRoleListByUserId();
-            if ("YWGL".equals(sysRole.getRoleKey())) {
+            if ("YWGL".equals(sysRole.getRoleKey())){
                 // 业务管理员员
-                wrapper.eq("usertype", "1");
-            }
-
-            Page<SysUser> result = sysUserService.page(new Page<>(cp, ps), wrapper);
-            List<SysUser> records = result.getRecords();
-            //遍历对象数组的方法
-            records.forEach(
-                    record -> {
-                        record.setMailbox(AesUtils.decryptStr(record.getMailbox()));
-                        record.setPhonenumber(AesUtils.decryptStr(record.getPhonenumber()));
-                        record.setNickname(AesUtils.decryptStr(record.getNickname()));
-                        record.setIdcard(AesUtils.decryptStr(record.getIdcard()));
-                    }
-            );
-            return ResponseVO.success(result);
-        } catch (Exception e) {
-            throw new CustomException("获取所有用户异常", e);
-        }
-    }
-
-    /**
-     * 获取用户分页信息(查询在线用户使用 其中屏蔽了状态为注销的用户)
-     *
-     * @return 用户信息
-     */
-    @GetMapping(value = "/getUserByHealthy")
-    @PreAuthorize("@ss.hasPermi('monitor:onLine:list')")
-    @PreventReplay
-    public ResponseVO getUserByHealthy(String currentPage, String pageSize, String onLineStatus) throws CustomException {
-        try {
-            Integer cp;
-            if (StringUtils.isNotEmpty(currentPage)) {
-                if (NumberUtil.isInteger(currentPage)) {
-                    cp = Integer.parseInt(currentPage);
-                } else {
-                    return ResponseVO.fail("currentPage不是整数！");
-                }
-            } else {
-                return ResponseVO.fail("currentPage不能是空！");
+                sysUserList =  sysUserList.stream().filter(user -> "1".equals(user.getUsertype())).collect(Collectors.toList());
             }
 
-            Integer ps;
-            if (StringUtils.isNotEmpty(pageSize)) {
-                if (NumberUtil.isInteger(pageSize)) {
-                    ps = Integer.parseInt(pageSize);
-                } else {
-                    return ResponseVO.fail("pageSize不是整数！");
-                }
-            } else {
-                return ResponseVO.fail("pageSize不能是空！");
-            }
-            QueryWrapper<SysUser> wrapper = new QueryWrapper<>();
-            wrapper.ne("status", "2");
-            if (StringUtils.isNotEmpty(onLineStatus)) {
-                wrapper.eq("online_status", onLineStatus);
-            }
-            Page<SysUser> result = sysUserService.page(new Page<>(cp, ps), wrapper);
-            List<SysUser> records = result.getRecords();
-            //遍历对象数组的方法
-            records.forEach(
-                    record -> {
-                        record.setMailbox(AesUtils.decryptStr(record.getMailbox()));
-                        record.setPhonenumber(AesUtils.decryptStr(record.getPhonenumber()));
-                        record.setNickname(AesUtils.decryptStr(record.getNickname()));
-                        record.setIdcard(AesUtils.decryptStr(record.getIdcard()));
-                    }
-            );
-            return ResponseVO.success(result);
+            return ResponseVO.success(sysUserList);
         } catch (Exception e) {
-            throw new CustomException("获取用户异常", e);
+            throw new CustomException("获取所有用户异常", e);
         }
     }
 
@@ -194,9 +117,9 @@ public class SysUserController {
             // 权限集合
             Set<String> permissions = sysPermissionService.getMenuPermission(sysUser.getId());
             Map<String, Object> map = new HashMap<>();
-            sysUser.setMailbox(AesUtils.decryptStr(sysUser.getMailbox()));
-            sysUser.setPhonenumber(AesUtils.decryptStr(sysUser.getPhonenumber()));
-            sysUser.setNickname(AesUtils.decryptStr(sysUser.getNickname()));
+            sysUser.setMailbox(SM2CryptUtils.decrypt(sysUser.getMailbox(), SecretKeyConstants.SERVER_PRIVATE_KEY));
+            sysUser.setPhonenumber(SM2CryptUtils.decrypt(sysUser.getPhonenumber(), SecretKeyConstants.SERVER_PRIVATE_KEY));
+            sysUser.setNickname(SM2CryptUtils.decrypt(sysUser.getNickname(), SecretKeyConstants.SERVER_PRIVATE_KEY));
             map.put("sysUser", sysUser);
             map.put("permissions", permissions);
             return ResponseVO.success(map);
@@ -214,28 +137,29 @@ public class SysUserController {
     @PreventReplay
     public ResponseVO addUser(@RequestBody SysUser user) throws CustomException {
         try {
+            String username="";
+            SysApprove sysApprove = new SysApprove();
             if (StringUtils.isEmpty(user.getUsername()) || StringUtils.isEmpty(user.getUsername().trim())) {
                 return ResponseVO.fail("用户账号不能为空!");
-            } else {
-                String username = user.getUsername().trim();
-                if (username.contains(" ")) {
+            }
+            else {
+                username = user.getUsername().trim();
+                if (username.contains(" ")){
                     return ResponseVO.fail("账号中不能含有空格！");
                 }
-                if (sysUserService.queryUserName(username) != null) {
-                    return ResponseVO.fail(username + "账号已存在！");
-                } else {
-                    String regExp = "^[^0-9][\\w_]{4,19}$";
-                    if (!username.matches(regExp)) {
-                        return ResponseVO.fail("用户账号长度必须是5-20位，只能包含字母、数字和下划线，不能数字开头！");
-                    }
+
+                String regExp = "^[^0-9][\\w_]{4,19}$";
+                if (!username.matches(regExp)) {
+                    return ResponseVO.fail("用户账号长度必须是5-20位，只能包含字母、数字和下划线，不能数字开头！");
                 }
+                sysApprove.setUsername(username);
             }
 
             if (!IdcardUtil.isValidCard(user.getIdcard())) {
                 return ResponseVO.fail("身份证无效！");
             }
-            // 加密邮箱
-            user.setIdcard(AesUtils.encryptHex(user.getIdcard()).toUpperCase());
+            // sm2加密身份证
+            sysApprove.setIdcard(SM2CryptUtils.encrypt(user.getIdcard(), SecretKeyConstants.SERVER_PUBLIC_KEY));
 
             if (StringUtils.isEmpty(user.getPhonenumber())) {
                 return ResponseVO.fail("手机号码不能为空！");
@@ -243,7 +167,7 @@ public class SysUserController {
                 return ResponseVO.fail("请输入正确的手机号码！");
             }
             // 加密手机号
-            user.setPhonenumber(AesUtils.encryptHex(user.getPhonenumber()).toUpperCase());
+            sysApprove.setPhonenumber(SM2CryptUtils.encrypt(user.getPhonenumber(), SecretKeyConstants.SERVER_PUBLIC_KEY));
 
             if (StringUtils.isEmpty(user.getNickname()) || StringUtils.isEmpty(user.getNickname().trim())) {
                 return ResponseVO.fail("姓名不能为空！");
@@ -253,7 +177,7 @@ public class SysUserController {
                     return ResponseVO.fail("姓名长度不能超过30个字符！");
                 }
                 // 加密姓名
-                user.setNickname(AesUtils.encryptHex(nickName).toUpperCase());
+                sysApprove.setNickname(SM2CryptUtils.encrypt(nickName, SecretKeyConstants.SERVER_PUBLIC_KEY));
             }
 
             if (StringUtils.isEmpty(user.getMailbox())) {
@@ -264,23 +188,61 @@ public class SysUserController {
                 return ResponseVO.fail("邮箱长度不能超过50个字符！");
             }
             // 加密邮箱
-            user.setMailbox(AesUtils.encryptHex(user.getMailbox()).toUpperCase());
+            sysApprove.setMailbox(SM2CryptUtils.encrypt(user.getMailbox(), SecretKeyConstants.SERVER_PUBLIC_KEY));
 
-            if (user.getExpDate() != null) {
+            if (user.getExpDate()!=null){
                 // 判断临时账号有效期不能超过30天
                 Calendar calendar = Calendar.getInstance();
                 // 将当前日期增加30天
                 calendar.add(Calendar.DAY_OF_MONTH, 29);
                 // 获取增加30天后的日期
                 Date endDate = calendar.getTime();
-                if (!user.getExpDate().before(endDate)) {
+                if (!user.getExpDate().before(endDate)){
                     return ResponseVO.fail("账号有效期不能超过30天！");
                 }
+                sysApprove.setExpDate(user.getExpDate());
+            }
+
+            // 新增时先判断审批表里待审批-新增中是否存在相同账号、身份证
+            QueryWrapper<SysApprove> wrapper = new QueryWrapper<>();
+            // 新增操作类型
+            wrapper.eq("operation", "0");
+            // 待审批
+            wrapper.eq("approve_status", "0");
+            List<SysApprove> sysApproveList = sysApproveService.list(wrapper);
+            for (SysApprove sysApprove1:sysApproveList){
+                String approveUsername = sysApprove1.getUsername();
+                String approveIdcard = SM2CryptUtils.decrypt(sysApprove1.getIdcard(), SecretKeyConstants.SERVER_PRIVATE_KEY);
+                if (username.equals(approveUsername)){
+                    return ResponseVO.fail("账号"+username + "在待审批，不能再次新增！");
+                }
+                if (user.getIdcard().equals(approveIdcard)){
+                    return ResponseVO.fail("身份证"+user.getIdcard() + "在待审批中，不能再次新增！");
+                }
             }
 
-            boolean bo = sysUserService.save(user);
+            List<SysUser> sysUserList = sysUserService.queryAllUserByDecrypt();
+            for (SysUser sysUser:sysUserList){
+                if (username.equals(sysUser.getUsername())){
+                    return ResponseVO.fail("账号"+username + "存在，不能再次新增！");
+                }
+                if (user.getIdcard().equals(sysUser.getIdcard())){
+                    return ResponseVO.fail("身份证"+user.getIdcard() + "存在，不能再次新增！");
+                }
+            }
+
+            sysApprove.setUsertype(user.getUsertype());
+            sysApprove.setStatus("0");
+
+            // 用户新增插入审批表
+            sysApprove.setModuleName(ApproveConstants.MODULE_NAME_USER);
+            sysApprove.setOperation(String.valueOf(ApproveOperaterEnum.INSERT.getCode()));
+            sysApprove.setApproveStatus(String.valueOf(ApproveStatusEnum.DSP.getCode()));
+            sysApprove.setEntityName("SysUser");
+
+            boolean bo = sysApproveService.save(sysApprove);
             if (bo) {
-                return ResponseVO.success("添加用户信息成功");
+                return ResponseVO.success("添加用户信息成功,请联系审核管理员进行审核！");
             } else {
                 log.error("添加用户信息失败");
                 return ResponseVO.fail("添加用户信息失败");
@@ -297,6 +259,7 @@ public class SysUserController {
      * @return 执行结果
      */
     @PostMapping(value = "/updateUser")
+    @AgainVerify
     @OperateLog(title = "用户管理", businessType = BusinessType.UPDATE, auditType = AuditType.SYS)
     @PreAuthorize("@ss.hasPermi('system:user:edit')")
     @PreventReplay
@@ -319,29 +282,27 @@ public class SysUserController {
             if (list.size() > 0) {
                 return ResponseVO.fail("此记录存在未审批的操作,不能进行修改！");
             }
-
+            String username = "";
+            SysApprove sysApprove = new SysApprove();
             if (StringUtils.isEmpty(user.getUsername()) || StringUtils.isEmpty(user.getUsername().trim())) {
                 return ResponseVO.fail("用户账号不能为空!");
-            } else {
-                String username = user.getUsername().trim();
-                if (username.contains(" ")) {
+            } else{
+                username = user.getUsername().trim();
+                if (username.contains(" ")){
                     return ResponseVO.fail("账号中不能含有空格！");
                 }
                 String regExp = "^[^0-9][\\w_]{4,19}$";
-                if (!username.matches(regExp)) {
+                if (!username.matches(regExp)){
                     return ResponseVO.fail("用户账号长度必须是5-20位，只能包含字母、数字和下划线，不能数字开头！");
-                } else if (!existUser.getUsername().equals(username)) {
-                    if (sysUserService.queryUserName(username) != null) {
-                        return ResponseVO.fail(username + "账号已存在！");
-                    }
                 }
+                sysApprove.setUsername(username);
             }
 
             if (!IdcardUtil.isValidCard(user.getIdcard())) {
                 return ResponseVO.fail("身份证无效！");
             }
-            // 加密邮箱
-            user.setIdcard(AesUtils.encryptHex(user.getIdcard()).toUpperCase());
+            // sm2加密身份证
+            sysApprove.setIdcard(SM2CryptUtils.encrypt(user.getIdcard(), SecretKeyConstants.SERVER_PUBLIC_KEY));
 
             if (StringUtils.isEmpty(user.getMailbox())) {
                 return ResponseVO.fail("邮箱不能为空!");
@@ -351,7 +312,7 @@ public class SysUserController {
                 return ResponseVO.fail("邮箱长度不能超过50个字符！");
             }
             // 加密邮箱
-            user.setMailbox(AesUtils.encryptHex(user.getMailbox()).toUpperCase());
+            sysApprove.setMailbox(SM2CryptUtils.encrypt(user.getMailbox(), SecretKeyConstants.SERVER_PUBLIC_KEY));
 
             if (StringUtils.isEmpty(user.getPhonenumber())) {
                 return ResponseVO.fail("手机号码不能为空！");
@@ -359,7 +320,7 @@ public class SysUserController {
                 return ResponseVO.fail("请输入正确的手机号码！");
             }
             // 加密手机号
-            user.setPhonenumber(AesUtils.encryptHex(user.getPhonenumber()).toUpperCase());
+            sysApprove.setPhonenumber(SM2CryptUtils.encrypt(user.getPhonenumber(), SecretKeyConstants.SERVER_PUBLIC_KEY));
 
             if (StringUtils.isEmpty(user.getNickname()) || StringUtils.isEmpty(user.getNickname().trim())) {
                 return ResponseVO.fail("姓名不能为空！");
@@ -369,31 +330,40 @@ public class SysUserController {
                     return ResponseVO.fail("姓名长度不能超过30个字符！");
                 }
                 // 加密姓名
-                user.setNickname(AesUtils.encryptHex(nickName).toUpperCase());
-            }
-
-            if ("0".equals(user.getStatus())) {
-                user.setErrNum(0);
-                user.setLockTime(0L);
+                sysApprove.setNickname(SM2CryptUtils.encrypt(nickName, SecretKeyConstants.SERVER_PUBLIC_KEY));
             }
 
-            if (user.getExpDate() == null) {
+            if (user.getExpDate()==null) {
                 user.setExpDate(null);
-            } else {
+            }
+            else{
                 // 判断临时账号有效期不能超过30天
                 Calendar calendar = Calendar.getInstance();
                 // 将当前日期增加30天
                 calendar.add(Calendar.DAY_OF_MONTH, 29);
                 // 获取增加30天后的日期
                 Date endDate = calendar.getTime();
-                if (!user.getExpDate().before(endDate)) {
+                if (!user.getExpDate().before(endDate)){
                     return ResponseVO.fail("账号有效期不能超过30天！");
                 }
-            }
-
-            boolean bo = sysUserService.updateUser(user);
+                sysApprove.setExpDate(user.getExpDate());
+            }
+
+            sysApprove.setUsertype(user.getUsertype());
+            sysApprove.setStatus(user.getStatus());
+            sysApprove.setMasterId(String.valueOf(user.getId()));
+            // 将修改前信息存入
+            sysApprove.setParameterContent(JSONUtil.parse(existUser).toString());
+            // 用户新增插入审批表
+            sysApprove.setModuleName(ApproveConstants.MODULE_NAME_USER);
+            sysApprove.setOperation(String.valueOf(ApproveOperaterEnum.UPDATE.getCode()));
+            sysApprove.setApproveStatus(String.valueOf(ApproveStatusEnum.DSP.getCode()));
+            sysApprove.setEntityName("SysUser");
+
+            // 更改用户表signstr为1
+            boolean bo = sysUserService.addUserByApprove(user.getId(),sysApprove);
             if (bo) {
-                return ResponseVO.success("修改用户信息成功");
+                return ResponseVO.success("修改用户信息成功,等待审核管理员进行审核！");
             } else {
                 log.error("修改用户信息失败");
                 return ResponseVO.fail("修改用户信息失败");
@@ -424,7 +394,7 @@ public class SysUserController {
         wrapper.eq("entity_name", "SysUser");
         List<SysApprove> list = sysApproveService.list(wrapper);
         if (list.size() > 0) {
-            return ResponseVO.fail("此记录存在未审批的操作,不能进行修改！");
+            return ResponseVO.fail("此记录存在未审批的操作,不能初始/重置密码！");
         }
         // id获取用户
         SysUser sysUser = sysUserService.getById(id);
@@ -434,19 +404,20 @@ public class SysUserController {
 
         SysPolicy sysPolicy = sysPolicyService.getOne(new QueryWrapper<>());
         // 生成8位初始密码
-        String randomPwd = RandomRulePwd.createPwd(sysPolicy.getPasswordRule(), 8);
-        log.info("用户名：" + sysUser.getUsername() + " 初始/重置密码：" + randomPwd);
-        // 加密密码
+        String randomPwd = RandomRulePwd.createPwd(sysPolicy.getPasswordRule(),8);
+        log.info("发送邮箱重置密码后台输出======> 用户名："+sysUser.getUsername()+" 初始/重置密码："+randomPwd);
+        // SM3加密密码
         String sm3password = SmUtil.sm3(randomPwd).toUpperCase();
-        // 签名
-        String signstr = SmUtil.sm3(sm3password).toUpperCase();
-        boolean bo = sysUserService.resetPassword(Integer.parseInt(id), sm3password, signstr);
+        // 再对密码sm2
+        String sm2password = SM2CryptUtils.encrypt(sm3password,SecretKeyConstants.SERVER_PUBLIC_KEY);
+
+        boolean bo = sysUserService.resetPassword(Integer.parseInt(id), sm2password);
         if (!bo) {
             return ResponseVO.fail("密码生成失败！");
         }
         try {
-            String[] mailArray = {AesUtils.decryptStr(sysUser.getMailbox())};
-            sendMailUtil.executeSendMail(mailArray, "系统登录密码", "密码：" + randomPwd);
+//            String[] mailArray = {AesUtils.decryptStr(sysUser.getMailbox())};
+//            sendMailUtil.executeSendMail(mailArray, "系统登录密码", "密码：" + randomPwd);
         } catch (Exception e) {
 //            log.error("用户名："+sysUser.getUsername()+",邮箱验证码发送失败！",e);
             return ResponseVO.fail("发送邮箱失败");
@@ -531,15 +502,13 @@ public class SysUserController {
                 return ResponseVO.fail("找不到用户,修改密码失败！");
             }
 
-            if (newPassword == null || newPassword.length() < 8 || newPassword.length() > 20) {
+            if (newPassword == null) {
                 // 返回密码长度问题
                 return ResponseVO.fail("密码长度需要8~20位之间！");
             }
 
             if (StringUtils.isEmpty(oldPassword)) {
                 return ResponseVO.fail("旧密码不能为空!");
-            } else if (!(sysUser.getPassword().equals(SmUtil.sm3(oldPassword).toUpperCase()) && sysUser.getSignstr().equals(SmUtil.sm3(sysUser.getPassword()).toUpperCase()))) {
-                return ResponseVO.fail("旧密码不正确或验签失败！");
             }
 
             if (StringUtils.isEmpty(newPassword)) {
@@ -550,7 +519,7 @@ public class SysUserController {
                 return ResponseVO.fail("新密码两次输入的密码不一致！");
             }
 
-            if (newPassword.contains(" ")) {
+            if (newPassword.contains(" ")){
                 return ResponseVO.fail("新密码中不能含有空格！");
             }
 
@@ -563,15 +532,16 @@ public class SysUserController {
             }
 
             SysPolicy sysPolicy = sysPolicyService.getOne(new QueryWrapper<>());
-            String ruleInfo = PasswordRuleUtil.ruleRegx(sysPolicy.getPasswordRule(), newPassword);
-            if (!"true".equals(ruleInfo)) {
+            String ruleInfo = PasswordRuleUtil.ruleRegx(sysPolicy.getPasswordRule(),newPassword);
+            if (!"true".equals(ruleInfo)){
                 return ResponseVO.fail(ruleInfo);
             }
 
             // 新密码加密
             String sm3newpwd = SmUtil.sm3(newPassword).toUpperCase();
-            sysUser.setPassword(sm3newpwd);
-            sysUser.setSignstr(SmUtil.sm3(sm3newpwd).toUpperCase());
+            // 再次sm2加密
+            String sm2password = SM2CryptUtils.encrypt(sm3newpwd,SecretKeyConstants.SERVER_PUBLIC_KEY);
+            sysUser.setPassword(sm2password);
             sysUser.setLastUpdatePwdTime(new Date());
             boolean bo = sysUserService.updateById(sysUser);
             if (!bo) {
@@ -637,26 +607,19 @@ public class SysUserController {
     @PreventReplay
     public ResponseVO authRole(String userId, String roleId) throws CustomException {
         try {
-            Long userid;
-            if (StringUtils.isNotEmpty(userId)) {
-                if (NumberUtil.isLong(userId)) {
-                    userid = Long.parseLong(userId);
-                } else {
-                    return ResponseVO.fail("用户id不是类型不对！");
-                }
-            } else {
-                return ResponseVO.fail("用户id不能为空！");
+            if (StringUtils.isEmpty(userId)) {
+                return ResponseVO.fail("id不能为空!");
+            }
+            // id获取用户
+            SysUser sysUser = sysUserService.getById(userId);
+            if (sysUser == null) {
+                return ResponseVO.fail("id为空不能授权用户！");
             }
 
-            Long roleid;
-            if (StringUtils.isNotEmpty(roleId)) {
-                if (NumberUtil.isLong(roleId)) {
-                    roleid = Long.parseLong(roleId);
-                } else {
-                    return ResponseVO.fail("角色id不是类型不对！");
-                }
-            } else {
-                return ResponseVO.fail("角色id不能为空！");
+            // id获取用户
+            SysRole sysRole = sysRoleService.getById(roleId);
+            if (sysRole == null) {
+                return ResponseVO.fail("角色id为空不能授权用户！");
             }
 
             // 获取审批表是否存在此操作
@@ -671,11 +634,30 @@ public class SysUserController {
             if (list.size() > 0) {
                 return ResponseVO.fail("此记录存在未审批的操作,不能进行修改！");
             }
-            sysUserService.insertUserAuth(userid, roleid);
-            return ResponseVO.success("分配角色成功");
+
+            SysApprove sysApprove = new SysApprove();
+            sysApprove.setMasterId(userId);
+            sysApprove.setUsername(sysUser.getUsername());
+            sysApprove.setRoleId(roleId);
+            sysApprove.setParameterContent("授权用户账号："+sysUser.getUsername()+",分配角色："+sysRole.getRoleName());
+            // 用户新增插入审批表
+            sysApprove.setModuleName(ApproveConstants.MODULE_NAME_USER);
+            sysApprove.setOperation(String.valueOf(ApproveOperaterEnum.APPROVE.getCode()));
+            sysApprove.setApproveStatus(String.valueOf(ApproveStatusEnum.DSP.getCode()));
+            sysApprove.setEntityName("SysUser");
+
+            // 更改用户表signstr为1
+            boolean bo = sysUserService.addUserByApprove(Long.parseLong(userId),sysApprove);
+            if (bo) {
+                return ResponseVO.success("授权用户信息成功,等待审核管理员进行审核！");
+            } else {
+                log.error("授权用户信息失败");
+                return ResponseVO.fail("授权用户信息失败");
+            }
         } catch (Exception e) {
             throw new CustomException("分配角色异常", e);
         }
+//        return ResponseVO.success("分配角色成功");
     }
 
     /**
@@ -712,11 +694,69 @@ public class SysUserController {
             SysUser sysUser = SecurityContextUtil.getSysUser();
             String upwd = CacheConstants.usernamePasswordMap.get(sysUser.getUsername());
             SysPolicy sysPolicy = sysPolicyService.getOne(new QueryWrapper<>());
-            String ruleInfo = PasswordRuleUtil.ruleRegx(sysPolicy.getPasswordRule(), upwd);
+            String ruleInfo = PasswordRuleUtil.ruleRegx(sysPolicy.getPasswordRule(),upwd);
             return ResponseVO.success(ruleInfo);
         } catch (Exception e) {
             throw new CustomException("检测用户密码是否符合规则异常", e);
         }
     }
+    /**
+     * 注销用户信息
+     */
+    @PostMapping(value = "/logOffUser")
+    @AgainVerify
+    @OperateLog(title = "用户管理", businessType = BusinessType.DELETE, auditType = AuditType.SYS)
+    @PreAuthorize("@ss.hasPermi('system:user:logoff')")
+    @PreventReplay
+    public ResponseVO logOffUser(String id) throws CustomException {
+        try {
+            if (StringUtils.isEmpty(id)) {
+                return ResponseVO.fail("id不能为空!");
+            }
+            // id获取用户
+            SysUser sysUser = sysUserService.getById(id);
+            if (sysUser == null) {
+                return ResponseVO.fail("id为空不能删除用户！");
+            }
 
+            // 获取审批表是否存在此操作
+            QueryWrapper<SysApprove> wrapper = new QueryWrapper<>();
+            // 条件：待审批
+            wrapper.eq("approve_status", ApproveStatusEnum.DSP.getCode());
+            // 条件：删除操作
+            wrapper.eq("master_id", id);
+            // 条件：实体名
+            wrapper.eq("entity_name", "SysUser");
+            List<SysApprove> list = sysApproveService.list(wrapper);
+            if (list.size() > 0) {
+                return ResponseVO.fail("此记录存在未审批的操作,不能注销！");
+            }
+
+            // 根据id改变状态为注销，提交到审核
+            SysApprove sysApprove = new SysApprove();
+            sysApprove.setUsername(sysUser.getUsername());
+            sysApprove.setNickname(sysUser.getNickname());
+            sysApprove.setIdcard(sysUser.getIdcard());
+            sysApprove.setMailbox(sysUser.getMailbox());
+            sysApprove.setPhonenumber(sysUser.getPhonenumber());
+            sysApprove.setUsertype(sysUser.getUsertype());
+            sysApprove.setStatus(sysUser.getStatus());
+            sysApprove.setMasterId(String.valueOf(sysUser.getId()));
+            sysApprove.setParameterContent(JSONUtil.parse(sysUser).toString());
+            // 用户新增插入审批表
+            sysApprove.setModuleName(ApproveConstants.MODULE_NAME_USER);
+            sysApprove.setOperation(String.valueOf(ApproveOperaterEnum.DELETE.getCode()));
+            sysApprove.setApproveStatus(String.valueOf(ApproveStatusEnum.DSP.getCode()));
+            sysApprove.setEntityName("SysUser");
+            boolean bo = sysUserService.addUserByApprove(Long.parseLong(id),sysApprove);
+            if (bo) {
+                return ResponseVO.success("注销用户成功,等待审核管理员进行审核！");
+            } else {
+                log.error("注销用户失败");
+                return ResponseVO.fail("注销用户失败");
+            }
+        } catch (Exception e) {
+            throw new CustomException("注销用户异常", e);
+        }
+    }
 }

backend/src/main/java/com/jiayue/ssi/controller/UserLoginController.java

@@ -128,10 +128,10 @@ public class UserLoginController {
                 String mailRandom = RandomRulePwd.createPwd(sysPolicy.getPasswordRule(),6);
                 // uuid存入缓存，失效时间4分钟
                 LocalCache.set(mailKey, mailRandom, 60000 * 4);
-                log.info("动态口令后台输出======> 用户名："+username+"  动态口令："+mailRandom+"  ");
+                log.info("发送邮箱动态口令后台输出======> 用户名："+username+"  动态口令："+mailRandom+"  ");
                 try {
-                    String[] mailArray = {AesUtils.decryptStr(sysUser.getMailbox())};
-                    sendMailUtil.executeSendMail(mailArray, "邮箱验证码", "口令：" + mailRandom + ",有效期4分钟。");
+//                    String[] mailArray = {AesUtils.decryptStr(sysUser.getMailbox())};
+//                    sendMailUtil.executeSendMail(mailArray, "邮箱验证码", "口令：" + mailRandom + ",有效期4分钟。");
                 } catch (Exception e) {
 //                    log.error("用户名："+username+",邮箱验证码发送失败！",e);
                     return ResponseVO.fail("邮箱验证码发送失败！");

backend/src/main/java/com/jiayue/ssi/entity/SysApprove.java

@@ -1,11 +1,11 @@
 package com.jiayue.ssi.entity;
 
-import com.baomidou.mybatisplus.annotation.IdType;
-import com.baomidou.mybatisplus.annotation.TableId;
-import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.annotation.*;
+import com.fasterxml.jackson.annotation.JsonFormat;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 
+import java.util.Date;
 import java.util.List;
 
 /**
@@ -46,7 +46,45 @@ public class SysApprove extends BaseEntity{
      */
     private String parameterContent;
     /**
-     * 主键ID号
+     * 用户表主键ID号
      */
     private String masterId;
+    /**
+     * 用户账号
+     */
+    private String username;
+    /**
+     * 身份证号
+     */
+    private String idcard;
+    /**
+     * 用户姓名
+     */
+    private String nickname;
+    /**
+     * 账号状态（0正常、1锁定（休眠）、2注销）
+     */
+    private String status;
+    /**
+     * 邮箱
+     */
+    private String mailbox;
+    /**
+     * 手机号码
+     */
+    private String phonenumber;
+    /**
+     * 用户类型（0管理员、1业务用户）
+     */
+    private String usertype;
+    /**
+     * 分配角色ID
+     */
+    private String roleId;
+    /**
+     * 账号有效期
+     */
+    @TableField(value = "exp_date",fill = FieldFill.INSERT_UPDATE)
+    @JsonFormat(pattern = "yyyy-MM-dd",timezone="GMT+8")
+    private Date expDate;
 }

backend/src/main/java/com/jiayue/ssi/entity/SysUser.java

@@ -78,7 +78,7 @@ public class SysUser extends BaseEntity implements UserDetails {
      */
     private String usertype;
     /**
-     * 签名
+     * 判别页面是否需要刷新数据标识（0正常 1需要刷新），由于审批后，用户页面一直不刷新会导致数据不一致。修改操作和注销操作时用
      */
     private String signstr;
 

backend/src/main/java/com/jiayue/ssi/handler/CustomAuthenticationFailureHandler.java

@@ -19,7 +19,10 @@ import com.jiayue.ssi.service.SysAlarmService;
 import com.jiayue.ssi.service.SysPolicyService;
 import com.jiayue.ssi.service.SysUserService;
 import com.jiayue.ssi.util.AesUtils;
+import com.jiayue.ssi.util.DateUtils;
+import com.jiayue.ssi.util.IPUtils;
 import com.jiayue.ssi.util.LocalCache;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@@ -31,6 +34,7 @@ import org.springframework.stereotype.Component;
 * @date 2023/2/16
 */
 @Component("customAuthenticationFailureHandler")
+@Slf4j
 public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
     @Autowired
     SysUserService sysUserService;
@@ -98,19 +102,20 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
 
                     // 通知系统管理员
                     if ("0".equals(noticeWay)){
-                        List<SysUser> sysUserList = sysUserService.selectUserByRole("1");
-                        if (sysUserList.size()>0){
-                            String[] mailArray = new String[sysUserList.size()];
-                            for (int i=0;i<sysUserList.size();i++){
-                                mailArray[i] = AesUtils.decryptStr(sysUserList.get(i).getMailbox());
-                            }
-                            try {
-                                // 发送邮件
-                                sendMailUtil.executeSendMail(mailArray,"账号【"+user.getUsername()+"】登录失败","账号【"+user.getUsername()+"】登录失败"+errCount+"次，锁定账号！");
-                            } catch (Exception ex) {
-                                System.out.println("邮箱验证码发送失败！");
-                            }
-                        }
+                        log.info("发送邮箱通知系统管理员后台输出======> "+"账号【"+user.getUsername()+"】登录失败"+errCount+"次，锁定账号！");
+//                        List<SysUser> sysUserList = sysUserService.selectUserByRole("1");
+//                        if (sysUserList.size()>0){
+//                            String[] mailArray = new String[sysUserList.size()];
+//                            for (int i=0;i<sysUserList.size();i++){
+//                                mailArray[i] = AesUtils.decryptStr(sysUserList.get(i).getMailbox());
+//                            }
+//                            try {
+//                                // 发送邮件
+//                                sendMailUtil.executeSendMail(mailArray,"账号【"+user.getUsername()+"】登录失败","账号【"+user.getUsername()+"】登录失败"+errCount+"次，锁定账号！");
+//                            } catch (Exception ex) {
+//                                System.out.println("邮箱验证码发送失败！");
+//                            }
+//                        }
                     }
                     else if ("1".equals(noticeWay)){
                         // 告警

backend/src/main/java/com/jiayue/ssi/handler/CustomAuthenticationSuccessHandler.java

@@ -23,6 +23,7 @@ import com.jiayue.ssi.service.SysPolicyService;
 import com.jiayue.ssi.service.SysUserService;
 import com.jiayue.ssi.util.*;
 import eu.bitwalker.useragentutils.UserAgent;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -39,6 +40,7 @@ import cn.hutool.json.JSONUtil;
 * @date 2023/2/16
 */
 @Component("customAuthenticationSuccessHandler")
+@Slf4j
 public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
     @Autowired
     JwtTokenUtil jwtTokenUtil;
@@ -103,20 +105,23 @@ public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthent
 
             // 通知系统管理员
             if ("0".equals(noticeWay)){
-                List<SysUser> sysUserList = sysUserService.selectUserByRole("1");
-                if (sysUserList.size()>0){
-                    String[] mailArray = new String[sysUserList.size()];
-                    for (int i=0;i<sysUserList.size();i++){
-                        // 邮箱解密
-                        mailArray[i] = AesUtils.decryptStr(sysUserList.get(i).getMailbox());
-                    }
-                    try {
-                        // 发送邮件
-                        sendMailUtil.executeSendMail(mailArray,"账号【"+sysUser.getUsername()+"】多点登录","本次登录时间："+DateUtils.getTime()+",登录IP:"+IPUtils.getIpAddr(request));
-                    } catch (Exception ex) {
-                        System.out.println("邮箱验证码发送失败！");
-                    }
-                }
+                log.info("多点登录发送邮箱通知系统管理员后台输出======> "+"账号【"+sysUser.getUsername()+"】多点登录","本次登录时间："+DateUtils.getTime()+",登录IP:"+IPUtils.getIpAddr(request));
+//                List<SysUser> sysUserList = sysUserService.selectUserByRole("1");
+//                if (sysUserList.size()>0){
+////                    String[] mailArray = new String[sysUserList.size()];
+//                    for (int i=0;i<sysUserList.size();i++){
+//
+//                        // 邮箱解密
+////                        mailArray[i] = AesUtils.decryptStr(sysUserList.get(i).getMailbox());
+//                    }
+//                    try {
+//                        // 发送邮件
+////                        sendMailUtil.executeSendMail(mailArray,"账号【"+sysUser.getUsername()+"】多点登录","本次登录时间："+DateUtils.getTime()+",登录IP:"+IPUtils.getIpAddr(request));
+//
+//                    } catch (Exception ex) {
+//                        System.out.println("邮箱验证码发送失败！");
+//                    }
+//                }
             }
             else if ("1".equals(noticeWay)){
                 // 告警

backend/src/main/java/com/jiayue/ssi/mapper/SysUserMapper.java

@@ -26,9 +26,8 @@ public interface SysUserMapper extends BaseMapper<SysUser> {
      * 更改密码
      *
      * @param password 新密码
-     * @param signstr 签名
      * @return 结果
      */
-    @Update("update sys_user t set t.password=#{password},t.signstr=#{signstr},t.last_update_pwd_time=null where t.id=#{id}")
-    public int resetPassword(Long id, String password,String signstr);
+    @Update("update sys_user t set t.password=#{password},t.last_update_pwd_time=null where t.id=#{id}")
+    public int resetPassword(Long id, String password);
 }

backend/src/main/java/com/jiayue/ssi/service/SysUserService.java

@@ -1,7 +1,11 @@
 package com.jiayue.ssi.service;
 
 import com.baomidou.mybatisplus.extension.service.IService;
+import com.jiayue.ssi.entity.SysApprove;
 import com.jiayue.ssi.entity.SysUser;
+import org.springframework.transaction.annotation.Propagation;
+import org.springframework.transaction.annotation.Transactional;
+
 import java.util.List;
 
 /**
@@ -55,10 +59,9 @@ public interface SysUserService extends IService<SysUser> {
      * 初始/重置密码
      * @param id            主键id
      * @param initPassword  初始密码
-     * @param signstr  签名
      * @return
      */
-    boolean resetPassword(Integer id,String initPassword,String signstr);
+    boolean resetPassword(Integer id,String initPassword);
     /**
      * 解锁用户
      * @param id
@@ -78,4 +81,16 @@ public interface SysUserService extends IService<SysUser> {
      * @return
      */
     List<SysUser> selectUserByRole(String roleId);
+    /**
+     * 获取全部用户数据，并且字段解密后的
+     * @return
+     */
+    List<SysUser> queryAllUserByDecrypt();
+    /**
+     * 新增用户
+     * @param id
+     * @param sysApprove
+     * @return
+     */
+    boolean addUserByApprove(Long id, SysApprove sysApprove);
 }

backend/src/main/java/com/jiayue/ssi/service/impl/SysApproveServiceImpl.java

@@ -1,8 +1,5 @@
 package com.jiayue.ssi.service.impl;
 
-import cn.hutool.json.JSONUtil;
-import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
-import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.jiayue.ssi.backenum.ApproveOperaterEnum;
 import com.jiayue.ssi.backenum.ApproveStatusEnum;
@@ -13,6 +10,7 @@ import com.jiayue.ssi.entity.SysUser;
 import com.jiayue.ssi.mapper.SysApproveMapper;
 import com.jiayue.ssi.mapper.SysUserMapper;
 import com.jiayue.ssi.service.SysApproveService;
+import com.jiayue.ssi.service.SysUserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
@@ -28,6 +26,8 @@ import org.springframework.transaction.annotation.Transactional;
 public class SysApproveServiceImpl extends ServiceImpl<SysApproveMapper, SysApprove> implements SysApproveService {
     @Autowired
     SysUserMapper sysUserMapper;
+    @Autowired
+    SysUserService sysUserService;
 
     /**
      * 审核提交
@@ -42,16 +42,58 @@ public class SysApproveServiceImpl extends ServiceImpl<SysApproveMapper, SysAppr
         newsysApprove.setApproveResult(sysApprove.getApproveResult());
         this.updateById(newsysApprove);
 
-        if ("0".equals(newsysApprove.getApproveResult())){
-            // 审核通过，执行业务操作。
-            if (newsysApprove.getModuleName().equals(ApproveConstants.MODULE_NAME_USER)){
-                SysUser sysUser = JSONUtil.toBean(newsysApprove.getParameterContent(),SysUser.class);
-                if (newsysApprove.getOperation().equals(String.valueOf(ApproveOperaterEnum.DELETE.getCode()))){
-                    // 用户管理删除操作
-                    LambdaUpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<SysUser>().lambda();
-                    updateWrapper.eq(SysUser::getId, sysUser.getId()).set(SysUser::getDelFlag, 1);
-                    sysUserMapper.update(new SysUser(), updateWrapper);
+        if (newsysApprove.getModuleName().equals(ApproveConstants.MODULE_NAME_USER)){
+            // 新增操作
+            if (newsysApprove.getOperation().equals(String.valueOf(ApproveOperaterEnum.INSERT.getCode()))){
+                if ("0".equals(newsysApprove.getApproveResult())){
+                    // 新增审核通过
+                    SysUser sysUser = new SysUser();
+                    sysUser.setUsername(newsysApprove.getUsername());
+                    sysUser.setIdcard(newsysApprove.getIdcard());
+                    sysUser.setUsertype(newsysApprove.getUsertype());
+                    sysUser.setNickname(newsysApprove.getNickname());
+                    sysUser.setMailbox(newsysApprove.getMailbox());
+                    sysUser.setPhonenumber(newsysApprove.getPhonenumber());
+                    sysUser.setStatus(newsysApprove.getStatus());
+                    sysUser.setExpDate(newsysApprove.getExpDate());
+                    sysUser.setSignstr("0");
+                    sysUserMapper.insert(sysUser);
+                }
+            }
+            else if (newsysApprove.getOperation().equals(String.valueOf(ApproveOperaterEnum.UPDATE.getCode()))){
+                // 修改操作
+                SysUser sysUser = new SysUser();
+                sysUser.setId(Long.parseLong(newsysApprove.getMasterId()));
+                if ("0".equals(newsysApprove.getApproveResult())){
+                    // 审核通过，修改姓名、邮箱、手机号、有效日期
+                    sysUser.setNickname(newsysApprove.getNickname());
+                    sysUser.setMailbox(newsysApprove.getMailbox());
+                    sysUser.setPhonenumber(newsysApprove.getPhonenumber());
+                    sysUser.setExpDate(newsysApprove.getExpDate());
+                }
+                sysUser.setSignstr("0");
+                sysUserMapper.updateById(sysUser);
+            }
+            else if (newsysApprove.getOperation().equals(String.valueOf(ApproveOperaterEnum.DELETE.getCode()))){
+                // 注销操作
+                SysUser sysUser = new SysUser();
+                sysUser.setId(Long.parseLong(newsysApprove.getMasterId()));
+                if ("0".equals(newsysApprove.getApproveResult())){
+                    // 审核通过，修改姓名、邮箱、手机号、有效日期
+                    sysUser.setStatus("2");
+                }
+                sysUser.setSignstr("0");
+                sysUserMapper.updateById(sysUser);
+            }
+            else if (newsysApprove.getOperation().equals(String.valueOf(ApproveOperaterEnum.APPROVE.getCode()))){
+                // 授权操作
+                SysUser sysUser = new SysUser();
+                sysUser.setId(Long.parseLong(newsysApprove.getMasterId()));
+                if ("0".equals(newsysApprove.getApproveResult())){
+                    sysUserService.insertUserAuth(Long.parseLong(newsysApprove.getMasterId()), Long.parseLong(newsysApprove.getRoleId()));
                 }
+                sysUser.setSignstr("0");
+                sysUserMapper.updateById(sysUser);
             }
         }
     }

backend/src/main/java/com/jiayue/ssi/service/impl/SysUserServiceImpl.java

@@ -8,13 +8,16 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.jiayue.ssi.backenum.ApproveOperaterEnum;
 import com.jiayue.ssi.backenum.ApproveStatusEnum;
 import com.jiayue.ssi.constant.ApproveConstants;
+import com.jiayue.ssi.constant.SecretKeyConstants;
 import com.jiayue.ssi.entity.SysApprove;
 import com.jiayue.ssi.entity.SysUser;
 import com.jiayue.ssi.entity.SysUserRole;
 import com.jiayue.ssi.mapper.SysApproveMapper;
 import com.jiayue.ssi.mapper.SysUserMapper;
 import com.jiayue.ssi.mapper.SysUserRoleMapper;
+import com.jiayue.ssi.service.SysApproveService;
 import com.jiayue.ssi.service.SysUserService;
+import com.jiayue.ssi.util.SM2CryptUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
@@ -37,6 +40,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
     SysUserRoleMapper sysUserRoleMapper;
     @Autowired
     SysApproveMapper sysApproveMapper;
+    @Autowired
+    SysApproveService sysApproveService;
 
     /**
      * 获取所有用户
@@ -133,17 +138,12 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
      * 初始/重置密码
      * @param id            主键id
      * @param initPassword  初始密码
-     * @param signstr  签名
      * @return
      */
     @Override
     @Transactional(propagation= Propagation.REQUIRED, rollbackFor = Exception.class)
-    public boolean resetPassword(Integer id,String initPassword,String signstr) {
-        int count = sysUserMapper.resetPassword(Long.parseLong(id+""),initPassword,signstr);
-
-//        LambdaUpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<SysUser>().lambda();
-//        updateWrapper.eq(SysUser::getId, id).set(SysUser::getLastUpdatePwdTime, null).set(SysUser::getPassword,initPassword);
-//        int count = sysUserMapper.resetPasswo.update(new SysUser(), updateWrapper);
+    public boolean resetPassword(Integer id,String initPassword) {
+        int count = sysUserMapper.resetPassword(Long.parseLong(id+""),initPassword);
         if (count > 0) {
             return true;
         }
@@ -196,4 +196,37 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         return sysUserMapper.selectUserByRole(roleId);
 
     }
+
+    /**
+     * 获取全部用户数据，并且字段解密后的
+     * @return
+     */
+    @Override
+    public List<SysUser> queryAllUserByDecrypt(){
+        // 查询全部
+        List<SysUser> sysUserList = this.list();
+        for (SysUser sysUser:sysUserList){
+            sysUser.setMailbox(SM2CryptUtils.decrypt(sysUser.getMailbox(), SecretKeyConstants.SERVER_PRIVATE_KEY));
+            sysUser.setPhonenumber(SM2CryptUtils.decrypt(sysUser.getPhonenumber(), SecretKeyConstants.SERVER_PRIVATE_KEY));
+            sysUser.setNickname(SM2CryptUtils.decrypt(sysUser.getNickname(), SecretKeyConstants.SERVER_PRIVATE_KEY));
+            sysUser.setIdcard(SM2CryptUtils.decrypt(sysUser.getIdcard(), SecretKeyConstants.SERVER_PRIVATE_KEY));
+        }
+        return sysUserList;
+    }
+
+    /**
+     * 新增用户
+     * @param id
+     * @param sysApprove
+     * @return
+     */
+    @Override
+    @Transactional(propagation= Propagation.REQUIRED, rollbackFor = Exception.class)
+    public boolean addUserByApprove(Long id,SysApprove sysApprove) {
+        LambdaUpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<SysUser>().lambda();
+        updateWrapper.eq(SysUser::getId, id).set(SysUser::getSignstr, "1");
+        sysUserMapper.update(new SysUser(), updateWrapper);
+        boolean bo = sysApproveService.save(sysApprove);
+        return bo;
+    }
 }

backend/src/main/java/com/jiayue/ssi/util/SM2CryptUtils.java

@@ -114,10 +114,14 @@ public class SM2CryptUtils {
 //        String base = "1276559e024c4f9b5c46f662ac51d69779bf4f9d278ef5215fbc36b5e4fc6da894545003694e4e71a01592edef940d6d13e88f8a09a9d91bdb214990b36ea34e";
 //        System.out.println(verifySign(SecretKeyConstants.SERVER_PUBLIC_KEY,"测试",base));
 
-        String b = encrypt("测试的","0460ff8c8c306fe62f6f9d11c5c82c30d10bbbc703da094e423072cac7dc663c97fad52eccb34f311f47a07f280de157ba4f2aa659cabe749121384b9376ea2ed2");
-        System.out.println(b);
+
 //        String a = decrypt("ABC759C8C9FD55DFC92990580057A528073B0D498EFA0EDECE70DC55BF2DE0CCA1F5EC7E6F1FBD13586C3BA12F2A2795B82312A2FCFAA3A95323BAEE8690E4BD0E38F7C41024720098DFA16F2A7DCF27CD3C4750106A1C9B9A20FEA54E1C709D0AD2D3217152","E33C8730110B13828F2B04122831E62E71E4E990C7D277C4FA37EB68DCE25E33");
 //        System.out.println(a);
 
+
+        String a="Xsl147258";
+        String b=SmUtil.sm3(a).toUpperCase();
+        System.out.println(b);
+        System.out.println(SM2CryptUtils.encrypt(b, SecretKeyConstants.SERVER_PUBLIC_KEY));
     }
 }

ui/src/views/examineManager/sysApprove/index.vue

@@ -58,7 +58,8 @@
             <vxe-table-column field="operation" title="执行操作" :formatter="operationFormat"/>
             <vxe-table-column field="approveStatus" title="审核状态" :formatter="approveStatusFormat"/>
             <vxe-table-column field="approveResult" title="审核结果" :formatter="approveResultFormat"/>
-            <vxe-table-column field="parameterContent" title="操作内容"/>
+            <vxe-table-column field="parameterContent" title="内容">
+            </vxe-table-column>
             <vxe-table-column title="操作" width="320">
               <template slot-scope="scope" v-if="scope.row.approveStatus == 0">
                 <el-button
@@ -116,7 +117,8 @@ export default {
       operationOptions: [
         {value: '0', label: '新增'},
         {value: '1', label: '修改'},
-        {value: '2', label: '删除'}
+        {value: '2', label: '删除'},
+        {value: '3', label: '授权'}
       ],
       // 遮罩层
       loading: true,
@@ -167,6 +169,8 @@ export default {
           belongTo = "修改"
         } else if (cellValue == "2") {
           belongTo = "删除"
+        } else if (cellValue == "3") {
+          belongTo = "授权"
         }
       }
       return belongTo

ui/src/views/sysManager/userManager/index.vue

@@ -65,15 +65,26 @@
             >修改
             </el-button>
           </el-col>
+<!--          <el-col :span="1.5">-->
+<!--            <el-button-->
+<!--              type="danger"-->
+<!--              plain-->
+<!--              icon="el-icon-delete"-->
+<!--              size="mini"-->
+<!--              @click="handleDelete"-->
+<!--              v-hasPermi="['system:user:remove']"-->
+<!--            >删除-->
+<!--            </el-button>-->
+<!--          </el-col>-->
           <el-col :span="1.5">
             <el-button
               type="danger"
               plain
               icon="el-icon-delete"
               size="mini"
-              @click="handleDelete"
-              v-hasPermi="['system:user:remove']"
-            >删除
+              @click="handleLogOff"
+              v-hasPermi="['system:user:logoff']"
+            >注销
             </el-button>
           </el-col>
           <el-col :span="1.5">
@@ -90,6 +101,7 @@
         </el-row>
         <div style="padding-top: 10px">
           <vxe-table
+            :row-style="setRowClass"
             ref="userTable"
             align="center"
             :loading="loading"
@@ -97,12 +109,11 @@
             auto-resize
             border
             resizable
-            export-config
             highlight-current-row
             show-overflow
             max-height="700"
-            :data="userList"
             :radio-config="{trigger: 'row'}"
+            :data="userList.slice((currentPage-1)*pageSize,currentPage*pageSize)"
           >
             <vxe-column type="radio" width="60"/>
             <vxe-table-column field="username" title="用户账号"/>
@@ -136,6 +147,7 @@
               </template>
             </vxe-table-column>
           </vxe-table>
+
           <vxe-pager
             v-show="showTable"
             perfect
@@ -144,7 +156,6 @@
             :total="total"
             :page-sizes="[10,50,100]"
             :layouts="['PrevJump', 'PrevPage','JumpNumber', 'NextPage', 'NextJump', 'Sizes', 'FullJump', 'Total']"
-            @page-change="handlePageChange"
           >
           </vxe-pager>
         </div>
@@ -162,6 +173,25 @@
             </el-form-item>
           </el-col>
           <el-col :span="12">
+            <el-form-item label="身份证号码" prop="idcard">
+              <el-input style="width: 220px" v-model="form.idcard" placeholder="请输入身份证号码" maxlength="18" :disabled="edit"/>
+            </el-form-item>
+          </el-col>
+        </el-row>
+        <el-row>
+          <el-col :span="12">
+            <el-form-item label="用户类型">
+              <el-select style="width: 220px" v-model="form.usertype" placeholder="请选择类型" :disabled="edit">
+                <el-option
+                  v-for="item in typeOptions"
+                  :key="item.value"
+                  :label="item.label"
+                  :value="item.value"
+                ></el-option>
+              </el-select>
+            </el-form-item>
+          </el-col>
+          <el-col :span="12">
             <el-form-item label="用户姓名" prop="nickname">
               <el-input style="width: 220px" v-model="form.nickname" placeholder="请输入用户姓名" maxlength="30"/>
             </el-form-item>
@@ -181,48 +211,17 @@
         </el-row>
         <el-row>
           <el-col :span="12">
-            <el-form-item label="身份证号码" prop="idcard">
-              <el-input style="width: 220px" v-model="form.idcard" placeholder="请输入身份证号码" maxlength="18"/>
-            </el-form-item>
-          </el-col>
-          <el-col :span="12">
-            <el-form-item label="账号有效期">
+            <el-form-item label="账号截止日期">
               <el-date-picker
                 value-format="yyyy-MM-dd"
                 v-model="form.expDate"
                 type="date"
-                placeholder="请选择账号有效期"
+                placeholder="请选择账号截止日期"
                 :picker-options="pickerOptions">
               </el-date-picker>
             </el-form-item>
           </el-col>
         </el-row>
-        <el-row>
-          <el-col :span="12">
-            <el-form-item label="用户状态">
-              <el-select style="width: 220px" v-model="form.status" placeholder="请选择状态">
-                <el-option
-                  v-for="item in statusOptions"
-                  :key="item.value"
-                  :label="item.label"
-                  :value="item.value"
-                ></el-option>
-              </el-select>
-            </el-form-item>
-          </el-col>
-          <el-col :span="12">
-            <el-form-item label="用户类型">
-              <el-select style="width: 220px" v-model="form.usertype" placeholder="请选择类型">
-                <el-option
-                  v-for="item in typeOptions"
-                  :key="item.value"
-                  :label="item.label"
-                  :value="item.value"
-                ></el-option>
-              </el-select>
-            </el-form-item>
-          </el-col>
-        </el-row>
       </el-form>
       <div slot="footer" class="dialog-footer">
         <el-button type="primary" @click="submitForm">确 定</el-button>
@@ -325,7 +324,7 @@ export default {
       // 总条数
       total: 0,
       // 用户表格数据
-      userList: null,
+      userList: [],
       // 弹出层标题
       title: "",
       // 角色分配弹出层标题
@@ -377,11 +376,115 @@ export default {
     this.getList()
   },
   methods: {
-    handlePageChange({currentPage, pageSize}) {
-      this.currentPage = currentPage
-      this.pageSize = pageSize
-      this.getList()
+    setRowClass({row, rowIndex}){
+      if(row.signstr === '1'){
+        return "background: #FFEFD5";
+      }
+    },
+    // 注销操作
+    handleLogOff(){
+      let _selectData = this.$refs.userTable.getRadioRecord(true)
+      if (_selectData == null) {
+        this.$message({
+          type: 'warning',
+          message: '请选择记录!'
+        });
+        return
+      }
+      if (_selectData.id == 1) {
+        this.$message({
+          type: 'warning',
+          message: '内置系统管理员用户不能注销!'
+        });
+        return
+      }
+      if (_selectData.id == 2) {
+        this.$message({
+          type: 'warning',
+          message: '内置审计管理员用户不能注销!'
+        });
+        return
+      }
+      if (_selectData.status == 2) {
+        this.$message({
+          type: 'warning',
+          message: '已注销的账号不能再次注销!'
+        });
+        return
+      }
+      if (_selectData.signstr == '1') {
+        this.$message({
+          type: 'warning',
+          message: '存在待审核，审核管理员审核后请刷新列表'
+        });
+        return
+      }
+      this.$prompt('请输入登录密码', '鉴别操作', {
+        confirmButtonText: '确定',
+        cancelButtonText: '取消',
+        inputType: 'password',
+        inputValidator: (val) => {
+          if (val === null || val.length < 1 || val.length > 20) {
+            return false;
+          }
+        },
+        inputErrorMessage: '不能为空,最多可录入20个字符',
+        beforeClose(action, instance, done) {
+          if (action === "confirm") {
+            instance.$refs["confirm"].$el.onclick = (function (e) {
+              e = e || window.event;
+              if (e.detail != 0) {
+                done();
+              }
+            })();
+          } else {
+            done();
+          }
+        }
+      }).then(async ({value}) => {
+        this.doLogoff(_selectData, value)
+      }).catch((e) => {
+      })
     },
+    /**
+     * 注销提交
+     */
+    doLogoff: debounce(async function (_selectData, againPwd) {
+      let sysTime
+      let lk
+      await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
+        sysTime = res.data.sysTime
+        lk = res.data.lk
+      }).catch((error) => {
+      })
+
+      const param = {
+        id: _selectData.id,
+        againPwd: againPwd,
+        sysTime: sysTime,
+        lk: lk
+      }
+      await this.$axios.post('/sysUserController/logOffUser', param).then((res) => {
+        if (res.code == 0) {
+          this.$message({
+            type: 'success',
+            message: res.data
+          });
+          this.getList();
+        } else {
+          this.$message({
+            type: 'error',
+            message: res.data
+          });
+        }
+      }).catch((error) => {
+        this.$message({
+          type: 'error',
+          message: '删除失败!'
+        });
+        this.loading = false
+      })
+    }, 500),
     // 列表状态格式化
     statusFormat({cellValue}) {
       let belongTo = '未知的类型'
@@ -437,8 +540,8 @@ export default {
       }
       await this.$axios.get('/sysUserController/getAll',
         {params: searchParams}).then((res) => {
-        this.userList = res.data.records
-        this.total = res.data.total
+        this.userList = res.data
+        this.total = res.data.length
 
         if (res.data.records == '') {
           this.showTable = false
@@ -464,6 +567,7 @@ export default {
     },
     // 取消按钮
     cancel() {
+      this.getList()
       this.open = false;
       this.reset();
     },
@@ -504,37 +608,73 @@ export default {
     submitForm: debounce(function () {
       this.$refs["form"].validate(async valid => {
         if (valid) {
-          let sysTime
-          let lk
-          await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
-            sysTime = res.data.sysTime
-            lk = res.data.lk
-          }).catch((error) => {
-          })
-
-          this.form.sysTime = sysTime
-          this.form.lk = lk
           if (this.form.id != undefined) {
-            // 更新操作
-            await this.$axios.post('/sysUserController/updateUser', this.form).then((res) => {
-              if (res.code == 0) {
-                this.$message.success('修改成功')
-                this.open = false;
-                this.reset();
-                this.getList();
+            this.$prompt('请输入登录密码', '鉴别操作', {
+              confirmButtonText: '确定',
+              cancelButtonText: '取消',
+              inputType: 'password',
+              inputValidator: (val) => {
+                if (val === null || val.length < 1 || val.length > 20) {
+                  return false;
+                }
+              },
+              inputErrorMessage: '不能为空,最多可录入20个字符',
+              beforeClose(action, instance, done) {
+                if (action === "confirm") {
+                  instance.$refs["confirm"].$el.onclick = (function (e) {
+                    e = e || window.event;
+                    if (e.detail != 0) {
+                      done();
+                    }
+                  })();
+                } else {
+                  done();
+                }
               }
-              if (res.code == 1) {
-                this.$message.error(res.data)
-              }
-              this.loading = false
-            }).catch((error) => {
-              // this.$message.error(error)
-              this.loading = false
+            }).then(async ({value}) => {
+              let sysTime
+              let lk
+              await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
+                sysTime = res.data.sysTime
+                lk = res.data.lk
+              }).catch((error) => {
+              })
+              this.form.sysTime = sysTime
+              this.form.lk = lk
+              this.form.againPwd = value
+
+              // 更新操作
+              await this.$axios.post('/sysUserController/updateUser', this.form).then((res) => {
+                if (res.code == 0) {
+                  this.$message.success(res.data)
+                  this.open = false;
+                  this.reset();
+                  this.getList();
+                }
+                if (res.code == 1) {
+                  this.$message.error(res.data)
+                }
+                this.loading = false
+              }).catch((error) => {
+                // this.$message.error(error)
+                this.loading = false
+              })
+            }).catch((e) => {
             })
           } else {
+            let sysTime
+            let lk
+            await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
+              sysTime = res.data.sysTime
+              lk = res.data.lk
+            }).catch((error) => {
+            })
+
+            this.form.sysTime = sysTime
+            this.form.lk = lk
             await this.$axios.post('/sysUserController/addUser', this.form).then((res) => {
               if (res.code == 0) {
-                this.$message.success('新增成功')
+                this.$message.success(res.data)
                 this.open = false;
                 this.reset();
                 this.getList();
@@ -553,6 +693,20 @@ export default {
     }, 1000),
     /** 重置密码按钮操作 */
     handleResetPwd(row) {
+      if (row.signstr == '1') {
+        this.$message({
+          type: 'warning',
+          message: '存在待审核，审核管理员审核后请刷新列表'
+        });
+        return
+      }
+      if (row.status == '2') {
+        this.$message({
+          type: 'warning',
+          message: '已注销的账号不能初始/重置密码!'
+        });
+        return
+      }
       this.$confirm('创建密码并发送到邮箱：' + row.mailbox, '提示', {
         confirmButtonText: '确定',
         cancelButtonText: '取消',
@@ -733,6 +887,13 @@ export default {
         });
         return
       }
+      if (_selectData.signstr == '1') {
+        this.$message({
+          type: 'warning',
+          message: '存在待审核，审核管理员审核后请刷新列表'
+        });
+        return
+      }
       this.form = _selectData;
       this.open = true;
       this.title = "修改用户";
@@ -748,17 +909,17 @@ export default {
         });
         return
       }
-      if (_selectData.status == 2) {
+      if (_selectData.status !== '1') {
         this.$message({
           type: 'warning',
-          message: '注销的账号不能操作!'
+          message: '只能对【锁定】状态的进行解锁!'
         });
         return
       }
-      if (_selectData.status !== '1') {
+      if (_selectData.signstr == '1') {
         this.$message({
           type: 'warning',
-          message: '只能对【锁定】状态的进行解锁!'
+          message: '存在待审核，审核管理员审核后请刷新列表'
         });
         return
       }
@@ -887,6 +1048,34 @@ export default {
     },
     /** 分配角色操作 */
     handleAuthRole: debounce(function (row) {
+      if (row.id == 1) {
+        this.$message({
+          type: 'warning',
+          message: '内置系统管理员不能修改!'
+        });
+        return
+      }
+      if (row.id == 2) {
+        this.$message({
+          type: 'warning',
+          message: '内置审计管理员不能修改!'
+        });
+        return
+      }
+      if (row.status == '2') {
+        this.$message({
+          type: 'warning',
+          message: '注销的账号不能操作!'
+        });
+        return
+      }
+      if (row.signstr == '1') {
+        this.$message({
+          type: 'warning',
+          message: '存在待审核，审核管理员审核后请刷新列表'
+        });
+        return
+      }
       this.jsuserid = row.id
       this.jsusername = row.username
       this.jsnickname = row.nickname
@@ -948,9 +1137,10 @@ export default {
         if (res.code == 0) {
           this.$message({
             type: 'success',
-            message: '角色分配成功!'
+            message: res.data
           });
           this.jscancel()
+          this.getList()
         } else {
           this.$message({
             type: 'error',