From 20c30d26f8bab22a4cb6b6459962fa92d6da490f Mon Sep 17 00:00:00 2001
From: cy <1664593601@qq.com>
Date: 星期一, 27 十一月 2023 14:20:29 +0800
Subject: [PATCH] feat: 漏洞修改
---
consum-base/src/main/java/com/consum/base/controller/FinSysTenantUserController.java | 65 +++++++++++++-------------------
1 files changed, 26 insertions(+), 39 deletions(-)
diff --git a/consum-base/src/main/java/com/consum/base/controller/FinSysTenantUserController.java b/consum-base/src/main/java/com/consum/base/controller/FinSysTenantUserController.java
index edae61d..f03df71 100644
--- a/consum-base/src/main/java/com/consum/base/controller/FinSysTenantUserController.java
+++ b/consum-base/src/main/java/com/consum/base/controller/FinSysTenantUserController.java
@@ -1,5 +1,6 @@
package com.consum.base.controller;
+import cn.hutool.core.util.ReflectUtil;
import com.alibaba.excel.EasyExcel;
import com.alibaba.excel.annotation.ExcelProperty;
import com.alibaba.excel.context.AnalysisContext;
@@ -30,38 +31,22 @@
import com.iplatform.model.po.S_role;
import com.iplatform.model.po.S_user_core;
import com.walker.db.page.GenericPager;
-import com.walker.infrastructure.utils.CollectionUtils;
-import com.walker.infrastructure.utils.DateUtils;
-import com.walker.infrastructure.utils.NumberGenerator;
-import com.walker.infrastructure.utils.PhoneNumberUtils;
-import com.walker.infrastructure.utils.StringUtils;
+import com.walker.infrastructure.utils.*;
import com.walker.web.ResponseValue;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
-import java.io.IOException;
-import java.lang.reflect.Field;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
-import java.util.Optional;
-import java.util.Set;
import org.apache.commons.compress.utils.Lists;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
+
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.util.*;
/**
* @Description 绯荤粺鐢ㄦ埛
@@ -174,8 +159,10 @@
try {
Field fieldDatas = GenericPager.class.getDeclaredField("datas");
- fieldDatas.setAccessible(true);
- fieldDatas.set(pager, resultList);
+// fieldDatas.setAccessible(true);
+// fieldDatas.set(pager, resultList);
+ ReflectUtil.setFieldValue(pager, fieldDatas, resultList);
+
} catch (Exception e) {
e.printStackTrace();
}
@@ -227,11 +214,11 @@
user.setSysUserId(NumberGenerator.getLongSequenceNumber());
// 鍔犲瘑鎵嬫満鍙�
String key = PlatformRSAUtils.AES_KEY;
- String pwdPhone = "";
+ String encPhone = "";
if (user.getUserPhone() != null) {
- pwdPhone = AESUtils.encryptStrAES(user.getUserPhone(), key);
+ encPhone = AESUtils.encryptStrAES(user.getUserPhone(), key);
}
- user.setUserPhone(pwdPhone);
+ user.setUserPhone(encPhone);
//鎬庝箞鑾峰彇宸︿晶鏈烘瀯鏍戞暟鎹�
user.setSysDeptId(3L); //瀵瑰簲骞冲彴鏈烘瀯id 榛樿涓哄钩鍙扮鐞�
this.finSysTenantUserService.insert(user);
@@ -245,7 +232,7 @@
userCore.setNick_name(user.getUserName());
//鐢ㄦ埛绫诲瀷 鍏堥粯璁よ缃负2
userCore.setUser_type(2);
- userCore.setPhonenumber(pwdPhone);
+ userCore.setPhonenumber(encPhone);
userCore.setSex(user.getSex().toString());
//鍒濆鍖栧瘑鐮� 123456
String pws = this.getArgumentVariable(ArgumentsConstants.KEY_SECURITY_PASSWORD_INIT).getStringValue();
@@ -427,8 +414,8 @@
user.setRemark("鎵归噺瀵煎叆");
// 鍔犲瘑鎵嬫満鍙�
String key = PlatformRSAUtils.AES_KEY;
- String pwdPhone = AESUtils.encryptStrAES(data.getUserPhone(), key);
- user.setUserPhone(pwdPhone);
+ String encPhone = AESUtils.encryptStrAES(data.getUserPhone(), key);
+ user.setUserPhone(encPhone);
user.setIsDelete(1);
//鎬庝箞鑾峰彇宸︿晶鏈烘瀯鏍戞暟鎹�
@@ -551,11 +538,11 @@
return ResponseValue.error("鍙傛暟涓虹┖");
}
String key = PlatformRSAUtils.AES_KEY;
- String pwdPhone = "";
+ String encPhone = "";
if (user.getUserPhone() != null) {
- pwdPhone = AESUtils.encryptStrAES(user.getUserPhone(), key);
+ encPhone = AESUtils.encryptStrAES(user.getUserPhone(), key);
}
- user.setUserPhone(pwdPhone);
+ user.setUserPhone(encPhone);
// 1.鏇存柊绯荤粺鐢ㄦ埛 FIN_SYS_TENANT_USER
finSysTenantUserService.update(user);
// 2.鏇存柊骞冲彴鐢ㄦ埛 S_USER_CORE
@@ -786,10 +773,10 @@
// 鍔犲瘑鎵嬫満鍙�
String key = PlatformRSAUtils.AES_KEY;
String userPhone = user.getUserPhone();
- String pwdPhone = "";
+ String encPhone = "";
if (userPhone != null) {
- pwdPhone = AESUtils.encryptStrAES(userPhone, key);
- user.setUserPhone(pwdPhone);
+ encPhone = AESUtils.encryptStrAES(userPhone, key);
+ user.setUserPhone(encPhone);
}
this.finSysTenantUserService.insert(user);
@@ -883,12 +870,12 @@
updUser.setEmail(user.getEmail());
updUser.setUserName(user.getUserName());
updUser.setSex(user.getSex());
- String pwdPhone = "";
+ String encPhone = "";
if (user.getUserPhone() != null) {
String key = PlatformRSAUtils.AES_KEY;
- pwdPhone = AESUtils.encryptStrAES(user.getUserPhone(), key);
+ encPhone = AESUtils.encryptStrAES(user.getUserPhone(), key);
}
- updUser.setUserPhone(pwdPhone);
+ updUser.setUserPhone(encPhone);
// 1.鏇存柊绯荤粺鐢ㄦ埛 FIN_SYS_TENANT_USER
finSysTenantUserService.update(updUser);
// 2.鏇存柊骞冲彴鐢ㄦ埛 S_USER_CORE
--
Gitblit v1.9.1