|
|
@@ -146,6 +146,14 @@ public class AuthServiceImpl implements AuthService {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+ String accessibleRootOrgIds = PropertiesUtil.getString("$auth.accessibleRootOrgIds");
|
|
|
+ if (StringUtils.isNotBlank(accessibleRootOrgIds)) {
|
|
|
+ accessibleRootOrgIds = "," + accessibleRootOrgIds + ",";
|
|
|
+ if (!accessibleRootOrgIds.contains("," + rootOrg.getId() + ",")) {
|
|
|
+ throw new StatusException("B-001101", "顶级机构登陆限制");
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
User user = new User();
|
|
|
user.setRootOrgId(rootOrg.getId());
|
|
|
user.setRootOrgName(rootOrg.getName());
|
|
|
@@ -179,7 +187,8 @@ public class AuthServiceImpl implements AuthService {
|
|
|
}
|
|
|
// 学生身份证号登录
|
|
|
else if (AccountType.STUDENT_IDENTITY_NUMBER.equals(accountTypeEnum)) {
|
|
|
- student = studentRepo.findByIdentityNumberAndRootOrgId(accountValue, rootOrg.getId());
|
|
|
+ student = studentRepo.findByIdentityNumberAndRootOrgId(accountValue,
|
|
|
+ rootOrg.getId());
|
|
|
}
|
|
|
|
|
|
if (null == student) {
|
|
|
@@ -238,8 +247,8 @@ public class AuthServiceImpl implements AuthService {
|
|
|
* @param ip
|
|
|
*/
|
|
|
private void whenPasswordError(AccountType accountType, String accountValue, String ip) {
|
|
|
- String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_").append(accountValue)
|
|
|
- .append("_").append(ip).toString();
|
|
|
+ String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_")
|
|
|
+ .append(accountValue).append("_").append(ip).toString();
|
|
|
|
|
|
Integer times = redisClient.get(key, Integer.class);
|
|
|
if (null != times) {
|
|
|
@@ -261,8 +270,8 @@ public class AuthServiceImpl implements AuthService {
|
|
|
* @return
|
|
|
*/
|
|
|
private boolean limited(AccountType accountType, String accountValue, String ip) {
|
|
|
- String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_").append(accountValue)
|
|
|
- .append("_").append(ip).toString();
|
|
|
+ String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_")
|
|
|
+ .append(accountValue).append("_").append(ip).toString();
|
|
|
|
|
|
Integer times = redisClient.get(key, Integer.class);
|
|
|
|
|
|
@@ -376,7 +385,8 @@ public class AuthServiceImpl implements AuthService {
|
|
|
private String buildUserKey(User user) {
|
|
|
Long rootOrgId = user.getRootOrgId();
|
|
|
UserType userType = user.getUserType();
|
|
|
- String key = StringUtil.join("U_", userType.getCode(), "_", rootOrgId, "_", user.getUserId());
|
|
|
+ String key = StringUtil.join("U_", userType.getCode(), "_", rootOrgId, "_",
|
|
|
+ user.getUserId());
|
|
|
return key;
|
|
|
}
|
|
|
|
|
|
@@ -406,8 +416,8 @@ public class AuthServiceImpl implements AuthService {
|
|
|
}
|
|
|
|
|
|
@Override
|
|
|
- public User thirdPartyAccess(Long rootOrgId, String loginName, String appId, String timestamp, String token,
|
|
|
- String clientIp) throws StatusException {
|
|
|
+ public User thirdPartyAccess(Long rootOrgId, String loginName, String appId, String timestamp,
|
|
|
+ String token, String clientIp) throws StatusException {
|
|
|
|
|
|
OrgEntity rootOrg = orgRepo.findOne(rootOrgId);
|
|
|
if (null == rootOrg) {
|
|
|
@@ -506,7 +516,8 @@ public class AuthServiceImpl implements AuthService {
|
|
|
if (null == roleEntity) {
|
|
|
throw new StatusException("B-002002", "roleId is wrong. roleId=" + roleId);
|
|
|
}
|
|
|
- Role role = new Role(roleEntity.getId(), roleEntity.getCode(), roleEntity.getName());
|
|
|
+ Role role = new Role(roleEntity.getId(), roleEntity.getCode(),
|
|
|
+ roleEntity.getName());
|
|
|
roleList.add(role);
|
|
|
}
|
|
|
}
|
WANG