v3.4.6

2023-05-31 10:19:05 +08:00
parent 1b65a7a9e5
commit 9c621c75cd
238 changed files with 9905 additions and 4034 deletions
--- a/system/Tnb.Systems/Permission/UsersCurrentService.cs
+++ b/system/Tnb.Systems/Permission/UsersCurrentService.cs
@@ -17,6 +17,7 @@ using JNPF.Systems.Entitys.Model.UsersCurrent;
 using JNPF.Systems.Entitys.Permission;
 using JNPF.Systems.Entitys.System;
 using JNPF.Systems.Interfaces.Permission;
+using JNPF.Systems.Interfaces.System;
 using Mapster;
 using Microsoft.AspNetCore.Mvc;
 using SqlSugar;
@@ -50,11 +51,21 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
    /// </summary>
    private readonly ICacheManager _cacheManager;

+    /// <summary>
+    /// 系统配置.
+    /// </summary>
+    private readonly ISysConfigService _sysConfigService;
+
    /// <summary>
    /// 用户管理.
    /// </summary>
    private readonly IUserManager _userManager;

+    /// <summary>
+    /// 操作权限服务.
+    /// </summary>
+    private readonly OnlineUserService _onlineUserService;
+
    /// <summary>
    /// 初始化一个<see cref="UsersCurrentService"/>类型的新实例.
    /// </summary>
@@ -63,12 +74,16 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
        IAuthorizeService authorizeService,
        IOrganizeService organizeService,
        ICacheManager cacheManager,
+        ISysConfigService sysConfigService,
+        OnlineUserService onlineUserService,
        IUserManager userManager)
    {
        _repository = userRepository;
        _authorizeService = authorizeService;
        _organizeService = organizeService;
        _cacheManager = cacheManager;
+        _sysConfigService = sysConfigService;
+        _onlineUserService = onlineUserService;
        _userManager = userManager;
    }

@@ -126,7 +141,7 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
                position = string.Empty,
                positionId = a.PositionId,
                organizeId = a.OrganizeId,
-                manager = SqlFunc.Subqueryable<UserEntity>().Where(x => x.Id.Equals(a.Id)).Select(x => SqlFunc.MergeString(x.RealName, "/", x.Account)),
+                manager = SqlFunc.Subqueryable<UserEntity>().Where(x => x.Id.Equals(a.ManagerId)).Select(x => SqlFunc.MergeString(x.RealName, "/", x.Account)),
                roleId = string.Empty,
                roleIds = a.RoleId,
                creatorTime = a.CreatorTime,
@@ -305,6 +320,7 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
        if (MD5Encryption.Encrypt(input.oldPassword + user.Secretkey) != user.Password.ToLower())
            throw Oops.Oh(ErrorCode.D5007);
        string? imageCode = await GetCode(input.timestamp);
+        await PwdStrategy(input);
        if (!input.code.ToLower().Equals(imageCode.ToLower()))
        {
            throw Oops.Oh(ErrorCode.D5015);
@@ -312,15 +328,14 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
        else
        {
            await DelCode(input.timestamp);
-            await DelUserInfo(string.Format("{0}_{1}", _userManager.TenantId, user.Id));
+            await DelUserInfo(_userManager.TenantId, user.Id);
+            await _onlineUserService.ForcedOffline(user.Id);
        }
-
        user.Password = MD5Encryption.Encrypt(input.password + user.Secretkey);
        user.ChangePasswordDate = DateTime.Now;
        user.LastModifyTime = DateTime.Now;
        user.LastModifyUserId = _userManager.UserId;
-        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new
-        {
+        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new {
            it.Password,
            it.ChangePasswordDate,
            it.LastModifyUserId,
@@ -341,8 +356,7 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
        userInfo.IsAdministrator = Convert.ToInt32(_userManager.IsAdministrator);
        userInfo.LastModifyTime = DateTime.Now;
        userInfo.LastModifyUserId = _userManager.UserId;
-        int isOk = await _repository.AsUpdateable(userInfo).UpdateColumns(it => new
-        {
+        int isOk = await _repository.AsUpdateable(userInfo).UpdateColumns(it => new {
            it.RealName,
            it.Signature,
            it.Gender,
@@ -376,8 +390,7 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
        user.Theme = input.theme;
        user.LastModifyTime = DateTime.Now;
        user.LastModifyUserId = _userManager.UserId;
-        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new
-        {
+        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new {
            it.Theme,
            it.LastModifyUserId,
            it.LastModifyTime
@@ -396,8 +409,7 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
        user.Language = input.language;
        user.LastModifyTime = DateTime.Now;
        user.LastModifyUserId = _userManager.UserId;
-        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new
-        {
+        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new {
            it.Language,
            it.LastModifyUserId,
            it.LastModifyTime
@@ -416,8 +428,7 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
        user.HeadIcon = name;
        user.LastModifyTime = DateTime.Now;
        user.LastModifyUserId = _userManager.UserId;
-        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new
-        {
+        int isOk = await _repository.AsUpdateable(user).UpdateColumns(it => new {
            it.HeadIcon,
            it.LastModifyUserId,
            it.LastModifyTime
@@ -468,8 +479,17 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
                if (input.menuType.Equals(1))
                {
                    // 系统下没有菜单不允许切换.
-                    if (!await _repository.AsSugarClient().Queryable<ModuleEntity>().AnyAsync(x => x.SystemId.Equals(input.majorId) && x.DeleteMark == null && x.Category.Equals("App")))
-                        throw Oops.Oh(ErrorCode.D4009);
+                    var mList = await _repository.AsSugarClient().Queryable<ModuleEntity>().Where(x => x.SystemId.Equals(input.majorId) && x.DeleteMark == null && x.Category.Equals("App")).Select(x => x.Id).ToListAsync();
+                    if (!mList.Any()) throw Oops.Oh(ErrorCode.D4009);
+
+                    List<string>? roleList = await _userManager.GetUserOrgRoleIds(userInfo.RoleId, userInfo.OrganizeId);
+
+                    // 非管理员 没有任何权限 切换失败
+                    if (!_userManager.IsAdministrator && !_repository.AsSugarClient().Queryable<AuthorizeEntity>()
+                        .Where(x => x.ObjectType == "Role" && x.ItemType == "module" && roleList.Contains(x.ObjectId))
+                        .Where(x => mList.Contains(x.ItemId)).Any())
+                        throw Oops.Oh(ErrorCode.D5023);
+
                    userInfo.SystemId = input.majorId;
                }
                else
@@ -501,8 +521,7 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,

        userInfo.LastModifyTime = DateTime.Now;
        userInfo.LastModifyUserId = _userManager.UserId;
-        int isOk = await _repository.AsUpdateable(userInfo).UpdateColumns(it => new
-        {
+        int isOk = await _repository.AsUpdateable(userInfo).UpdateColumns(it => new {
            it.OrganizeId,
            it.PositionId,
            it.LastModifyUserId,
@@ -709,14 +728,48 @@ public class UsersCurrentService : IUsersCurrentService, IDynamicApiController,
    /// <summary>
    /// 删除用户登录信息缓存.
    /// </summary>
+    /// <param name="tenantId">租户ID.</param>
    /// <param name="userId">用户ID.</param>
    /// <returns></returns>
-    private Task<bool> DelUserInfo(string userId)
+    private Task<bool> DelUserInfo(string tenantId, string userId)
    {
-        string? cacheKey = string.Format("{0}{1}", CommonConst.CACHEKEYUSER, userId);
+        string? cacheKey = string.Format("{0}:{1}:{2}", tenantId, CommonConst.CACHEKEYUSER, userId);
        _cacheManager.DelAsync(cacheKey);
        return Task.FromResult(true);
    }

+    /// <summary>
+    /// 密码策略验证.
+    /// </summary>
+    /// <returns></returns>
+    private async Task PwdStrategy(UsersCurrentActionsModifyPasswordInput input)
+    {
+        // 系统配置信息
+        var sysInfo = await _sysConfigService.GetInfo();
+        // 禁用旧密码
+        if (sysInfo.disableOldPassword == 1 && sysInfo.disableTheNumberOfOldPasswords > 0)
+        {
+            var oldPwdList = _repository.AsSugarClient().Queryable<UserOldPasswordEntity>().Where(x => x.UserId == _userManager.UserId).OrderByDescending(o => o.CreatorTime).Take(sysInfo.disableTheNumberOfOldPasswords).ToList();
+            if (oldPwdList.Any())
+            {
+                foreach (var item in oldPwdList)
+                {
+                    if (MD5Encryption.Encrypt(input.password + item.Secretkey) == item.OldPassword.ToLower())
+                        throw Oops.Oh(ErrorCode.D5026);
+                }
+            }
+        }
+
+        // 保存旧密码数据
+        var oldPwdEntity = new UserOldPasswordEntity();
+        oldPwdEntity.Id = SnowflakeIdHelper.NextId();
+        oldPwdEntity.UserId = _userManager.UserId;
+        oldPwdEntity.Account = _userManager.Account;
+        oldPwdEntity.OldPassword = MD5Encryption.Encrypt(input.password + _userManager.User.Secretkey);
+        oldPwdEntity.Secretkey = _userManager.User.Secretkey;
+        oldPwdEntity.CreatorTime = DateTime.Now;
+        oldPwdEntity.TenantId = _userManager.TenantId;
+        _repository.AsSugarClient().Insertable(oldPwdEntity).ExecuteCommand();
+    }
    #endregion
 }