Merge remote-tracking branch 'origin/release_v5.0.2'

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/OrgController.java

@@ -9,6 +9,7 @@ import cn.com.qmth.examcloud.commons.exception.ExamCloudRuntimeException;
 import cn.com.qmth.examcloud.commons.exception.StatusException;
 import cn.com.qmth.examcloud.commons.helpers.DynamicEnum;
 import cn.com.qmth.examcloud.commons.helpers.DynamicEnumManager;
+import cn.com.qmth.examcloud.commons.helpers.poi.ExcelWriter;
 import cn.com.qmth.examcloud.commons.util.JsonUtil;
 import cn.com.qmth.examcloud.commons.util.PathUtil;
 import cn.com.qmth.examcloud.commons.util.RegExpUtil;
@@ -455,6 +456,25 @@ public class OrgController extends ControllerSupport {
         return ret;
     }
 
+    // @Naked
+    @GetMapping("/sub/org/export")
+    @ApiOperation(value = "导出学习中心（Excel）")
+    public void subOrgExport(@RequestParam Long rootOrgId) throws Exception {
+        List<OrgEntity> list = orgRepo.findByParentId(rootOrgId);
+        List<Object[]> lines = new ArrayList<>();
+        for (OrgEntity info : list) {
+            lines.add(new Object[]{info.getName(), info.getCode(), info.getContacts(), info.getTelephone(),
+                    info.getEnable() ? "是" : "否"});
+        }
+
+        String filePath = systemConfig.getTempDataDir() + File.separator + System.currentTimeMillis() + ".xlsx";
+        File file = new File(filePath);
+        ExcelWriter.write(new String[]{"机构名称", "机构代码", "联系人", "联系电话", "是否启用"},
+                new Class[]{String.class, String.class, String.class, String.class, String.class}, lines, new File(filePath));
+        exportFile("学习中心列表.xlsx", file);
+        FileUtils.deleteQuietly(file);
+    }
+
     /**
      * 方法注释
      *

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/UserController.java

@@ -11,6 +11,7 @@ import cn.com.qmth.examcloud.commons.util.SHA256;
 import cn.com.qmth.examcloud.core.basic.api.controller.bean.UserDomain;
 import cn.com.qmth.examcloud.core.basic.api.controller.bean.UserFormDomain;
 import cn.com.qmth.examcloud.core.basic.base.constants.BasicConsts;
+import cn.com.qmth.examcloud.core.basic.base.util.BaseUtil;
 import cn.com.qmth.examcloud.core.basic.dao.OrgRepo;
 import cn.com.qmth.examcloud.core.basic.dao.RoleRepo;
 import cn.com.qmth.examcloud.core.basic.dao.UserRepo;
@@ -30,7 +31,6 @@ import com.google.common.collect.Maps;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.collections.CollectionUtils;
-import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
@@ -535,6 +535,11 @@ public class UserController extends ControllerSupport {
 
         trim(userForm, true);
         userForm.setId(null);
+
+        if (!BaseUtil.checkPassword(userForm.getPassword())) {
+            throw new StatusException("密码至少包含大写字母、小写字母、数字、特殊符号中的三种，且长度限制在6-10位！");
+        }
+
         Map<String, Object> ret = saveUser(userForm);
 
         ReportsUtil.report(new AdminOperateReport(accessUser.getRootOrgId(), accessUser.getUserId(), AdminOperateType.TYPE6.getDesc(), "用户ID:" + ret.get("userId")));
@@ -736,26 +741,36 @@ public class UserController extends ControllerSupport {
                 throw new StatusException("150410", "超级管理员账号不允许修改");
             }
             UserEntity user = GlobalHelper.getEntity(userRepo, userId, UserEntity.class);
+            if (user == null) {
+                continue;
+            }
+
+            user.setPasswordWeak(true);
             user.setPassword(ByteUtil.toHexAscii(SHA256.encode(user.getLoginName() + BasicConsts.DEFAULT_PASSWORD)));
             userRepo.save(user);
         }
         User accessUser = getAccessUser();
         ReportsUtil.report(new AdminOperateReport(accessUser.getRootOrgId(), accessUser.getUserId(), AdminOperateType.TYPE8.getDesc(), "用户ID:" + id));
     }
-    
+
     @ApiOperation(value = "批量重置用户密码", notes = "重置密码")
     @PostMapping("/resetPass")
     @Transactional
     public void resetPassBatch(@RequestParam Long[] ids) {
-    	if(ids==null||ids.length==0) {
-    		throw new StatusException("用户ID不能为空");
-    	}
+        if (ids == null || ids.length == 0) {
+            throw new StatusException("用户ID不能为空");
+        }
         for (Long userId : ids) {
             if (isSuperAdmin(userId)) {
                 throw new StatusException("150410", "超级管理员账号不允许修改");
             }
             UserEntity user = GlobalHelper.getEntity(userRepo, userId, UserEntity.class);
+            if (user == null) {
+                continue;
+            }
+
             user.setPassword(ByteUtil.toHexAscii(SHA256.encode(user.getLoginName() + BasicConsts.DEFAULT_PASSWORD)));
+            user.setPasswordWeak(true);
             userRepo.save(user);
         }
         User accessUser = getAccessUser();
@@ -774,6 +789,10 @@ public class UserController extends ControllerSupport {
                 throw new StatusException("150410", "超级管理员账号不允许修改");
             }
             UserEntity user = GlobalHelper.getEntity(userRepo, userId, UserEntity.class);
+            if (user == null) {
+                continue;
+            }
+
             user.setEnable(true);
             userRepo.save(user);
             ret.add(user.getId() + ":" + user.getName());
@@ -795,6 +814,10 @@ public class UserController extends ControllerSupport {
                 throw new StatusException("150410", "超级管理员账号不允许修改");
             }
             UserEntity user = GlobalHelper.getEntity(userRepo, userId, UserEntity.class);
+            if (user == null) {
+                continue;
+            }
+
             user.setEnable(false);
             userRepo.save(user);
             ret.add(user.getId() + ":" + user.getName());
@@ -816,12 +839,17 @@ public class UserController extends ControllerSupport {
     public void updatePass(@RequestParam String password) {
         User accessUser = getAccessUser();
         Long userId = accessUser.getUserId();
-        if (password.length() < 6) {
-            throw new StatusException("150411", "密码长度至少6位");
+
+        // if (password.length() < 6) {
+        //     throw new StatusException("150411", "密码长度至少6位");
+        // }
+        if (!BaseUtil.checkPassword(password)) {
+            throw new StatusException("密码至少包含大写字母、小写字母、数字、特殊符号中的三种，且长度限制在6-10位！");
         }
+
         UserEntity user = GlobalHelper.getEntity(userRepo, userId, UserEntity.class);
-        String realPassword = StringEscapeUtils.unescapeJavaScript(password);
-        byte[] bytes = SHA256.encode(user.getLoginName() + realPassword);
+        // String realPassword = StringEscapeUtils.unescapeJavaScript(password);
+        byte[] bytes = SHA256.encode(user.getLoginName() + password);
         String encodePassword = ByteUtil.toHexAscii(bytes);
         int ret = userRepo.updatePasswordById(userId, encodePassword);
         if (ret == 0) {

examcloud-core-basic-base/src/main/java/cn/com/qmth/examcloud/core/basic/base/util/BaseUtil.java

@@ -2,4 +2,20 @@ package cn.com.qmth.examcloud.core.basic.base.util;
 
 public class BaseUtil {
 
+    /**
+     * 密码规则：至少包含大写字母、小写字母、数字、符号中的三种，密码长度限制在6-10位
+     */
+    public static final String reg = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\W_]+$)(?![a-z0-9]+$)(?![a-z\\W_]+$)(?![0-9\\W_]+$)[a-zA-Z0-9\\W_]{6,10}$";
+
+    public static boolean checkPassword(String str) {
+        return check(str, reg);
+    }
+
+    public static boolean check(String str, String reg) {
+        if (str != null && str.matches(reg)) {
+            return true;
+        }
+        return false;
+    }
+
 }

examcloud-core-basic-dao/src/main/java/cn/com/qmth/examcloud/core/basic/dao/OrgRepo.java

@@ -33,4 +33,6 @@ public interface OrgRepo extends JpaRepository<OrgEntity, Long>,
 
     List<OrgEntity> findByIdIn(Set<Long> orgIds);
 
+    List<OrgEntity> findByParentId(Long rootOrgId);
+
 }

examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/AuthServiceImpl.java

@@ -360,8 +360,8 @@ public class AuthServiceImpl implements AuthService {
             setSecurityIp(user, orgId);
         }
 
-        log.warn("{}_LOGIN_IN#{}#{}#{}#{}", rootOrgName, user.getKey(), accountType, accountValue,
-                student != null ? student.getIdentityNumber() : "");
+        log.warn("{}_LOGIN_IN#{}#{}#{}#{}_IP{}", rootOrgName, user.getKey(), accountType, accountValue,
+                student != null ? student.getIdentityNumber() : "", clientIp);
 
         return user;
     }

examcloud-core-basic-starter/assembly.xml

@@ -1,10 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.2.0 https://maven.apache.org/xsd/assembly-2.2.0.xsd">
+
 	<id>distribution</id>
 	<formats>
 		<format>zip</format>
 	</formats>
+
 	<fileSets>
 		<fileSet>
 			<directory>${project.basedir}/src/main/resources</directory>
@@ -20,6 +22,7 @@
 			<fileMode>0777</fileMode>
 		</fileSet>
 	</fileSets>
+
 	<dependencySets>
 		<dependencySet>
 			<useProjectArtifact>true</useProjectArtifact>

examcloud-core-basic-starter/pom.xml

@@ -71,6 +71,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-assembly-plugin</artifactId>
+                <version>${maven-assembly-version}</version>
                 <configuration>
                     <finalName>examcloud-core-basic</finalName>
                     <skipAssembly>${skipAssembly}</skipAssembly>
@@ -83,7 +84,7 @@
                         <id>make-assembly</id>
                         <phase>install</phase>
                         <goals>
-                            <goal>assembly</goal>
+                            <goal>single</goal>
                         </goals>
                     </execution>
                 </executions>

examcloud-core-basic-starter/src/main/resources/org-properties.xml

@@ -228,4 +228,10 @@
         <desc>百度人脸比对通过阈值</desc>
         <valueType>LONG</valueType>
     </enum>
+    <enum>
+        <id>38</id>
+        <name>PC_CLIENT_FACE_THRESHOLD</name>
+        <desc>C端人脸识别阈值</desc>
+        <valueType>LONG</valueType>
+    </enum>
 </enums>