【CHG】手机号脱敏，增加工号登录

railway-admin/src/main/java/com/railway/web/controller/system/SysProfileController.java

@@ -1,7 +1,6 @@
 package com.railway.web.controller.system;
 
 import com.railway.common.annotation.Log;
-import com.railway.common.constant.UserConstants;
 import com.railway.common.core.controller.BaseController;
 import com.railway.common.core.domain.AjaxResult;
 import com.railway.common.core.domain.entity.SysRole;
@@ -75,13 +74,9 @@ public class SysProfileController extends BaseController {
   @Log(title = "个人信息", businessType = BusinessType.UPDATE)
   @PutMapping
   public AjaxResult updateProfile(@RequestBody SysUser user) {
-    if (StringUtils.isNotEmpty(user.getPhone())
-        && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
-      return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
-    }
-    if (StringUtils.isNotEmpty(user.getEmail())
-        && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
-      return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+    AjaxResult result = userService.checkUserUnique(user);
+    if (StringUtils.isNotNull(result)) {
+      return result;
     }
     LoginUser loginUser = getLoginUser();
     SysUser sysUser = loginUser.getUser();

railway-admin/src/main/java/com/railway/web/controller/system/SysUserController.java

@@ -1,7 +1,6 @@
 package com.railway.web.controller.system;
 
 import com.railway.common.annotation.Log;
-import com.railway.common.constant.UserConstants;
 import com.railway.common.core.controller.BaseController;
 import com.railway.common.core.domain.AjaxResult;
 import com.railway.common.core.domain.entity.SysRole;
@@ -127,14 +126,9 @@ public class SysUserController extends BaseController {
   @Log(title = "用户管理", businessType = BusinessType.INSERT)
   @PostMapping
   public AjaxResult add(@Validated @RequestBody SysUser user) {
-    if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName()))) {
-      return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
-    } else if (StringUtils.isNotEmpty(user.getPhone())
-        && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
-      return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，手机号码已存在");
-    } else if (StringUtils.isNotEmpty(user.getEmail())
-        && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
-      return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+    AjaxResult result = userService.checkUserUnique(user);
+    if (StringUtils.isNotNull(result)) {
+      return result;
     }
     user.setCreateBy(getUsername());
     return toAjax(userService.insertUser(user));
@@ -149,12 +143,9 @@ public class SysUserController extends BaseController {
   @PutMapping
   public AjaxResult edit(@Validated @RequestBody SysUser user) {
     userService.checkUserAllowed(user);
-    if (StringUtils.isNotEmpty(user.getPhone())
-        && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
-      return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
-    } else if (StringUtils.isNotEmpty(user.getEmail())
-        && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
-      return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+    AjaxResult result = userService.checkUserUnique(user);
+    if (StringUtils.isNotNull(result)) {
+      return result;
     }
     user.setUpdateBy(getUsername());
     return toAjax(userService.updateUser(user));

railway-common/src/main/java/com/railway/common/utils/PhoneUtils.java

@@ -0,0 +1,49 @@
+package com.railway.common.utils;
+
+/**
+ * 手机号码处理工具类
+ *
+ * @author zhaomn
+ */
+public class PhoneUtils {
+
+  private PhoneUtils() {
+  }
+
+  /**
+   * 手机号格式校验正则
+   */
+  public static final String PHONE_REGEX = "^1(3[0-9]|4[57]|5[0-35-9]|7[0135678]|8[0-9])\\d{8}$";
+
+  /**
+   * 手机号脱敏筛选正则
+   */
+  public static final String PHONE_BLUR_REGEX = "(\\d{3})\\d{4}(\\d{4})";
+
+  /**
+   * 手机号脱敏替换正则
+   */
+  public static final String PHONE_BLUR_REPLACE_REGEX = "$1****$2";
+
+  /**
+   * 手机号格式校验
+   */
+  public static boolean checkPhone(String phone) {
+    if (StringUtils.isEmpty(phone)) {
+      return false;
+    }
+    return phone.matches(PHONE_REGEX);
+  }
+
+  /**
+   * 手机号脱敏处理
+   */
+  public static String blurPhone(String phone) {
+    boolean checkFlag = checkPhone(phone);
+    if (!checkFlag) {
+      throw new IllegalArgumentException("手机号格式不正确!");
+    }
+    return phone.replaceAll(PHONE_BLUR_REGEX, PHONE_BLUR_REPLACE_REGEX);
+  }
+
+}

railway-framework/src/main/java/com/railway/framework/web/service/UserDetailsServiceImpl.java

@@ -33,6 +33,9 @@ public class UserDetailsServiceImpl implements UserDetailsService {
   @Override
   public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
     SysUser user = userService.selectUserByUserName(username);
+    if(StringUtils.isNull(user)){
+      user = userService.selectUserByNickName(username);
+    }
     if (StringUtils.isNull(user)) {
       log.info("登录用户：{} 不存在.", username);
       throw new ServiceException("登录用户：" + username + " 不存在");

railway-system/src/main/java/com/railway/system/mapper/SysUserMapper.java

@@ -45,6 +45,14 @@ public interface SysUserMapper {
    */
   SysUser selectUserByUserName(String userName);
 
+  /**
+   * 通过工号查询用户
+   *
+   * @param nickName 工号
+   * @return 用户对象信息
+   */
+  SysUser selectUserByNickName(String nickName);
+
   /**
    * 通过用户ID查询用户
    *
@@ -119,6 +127,14 @@ public interface SysUserMapper {
    */
   int checkUserNameUnique(String userName);
 
+  /**
+   * 校验工号码是否唯一
+   *
+   * @param nickName 工号
+   * @return 结果
+   */
+  SysUser checkNickNameUnique(String nickName);
+
   /**
    * 校验手机号码是否唯一
    *

railway-system/src/main/java/com/railway/system/service/ISysUserService.java

@@ -1,5 +1,6 @@
 package com.railway.system.service;
 
+import com.railway.common.core.domain.AjaxResult;
 import com.railway.common.core.domain.entity.SysUser;
 import java.util.List;
 
@@ -42,6 +43,14 @@ public interface ISysUserService {
    */
   SysUser selectUserByUserName(String userName);
 
+  /**
+   * 通过工号查询用户
+   *
+   * @param nickName 工号
+   * @return 用户对象信息
+   */
+  SysUser selectUserByNickName(String nickName);
+
   /**
    * 通过用户ID查询用户
    *
@@ -66,6 +75,14 @@ public interface ISysUserService {
    */
   String selectUserPostGroup(String userName);
 
+  /**
+   * 校验用户是否唯一
+   *
+   * @param user 用户信息
+   * @return 结果
+   */
+  AjaxResult checkUserUnique(SysUser user);
+
   /**
    * 校验用户名称是否唯一
    *
@@ -74,6 +91,14 @@ public interface ISysUserService {
    */
   String checkUserNameUnique(String userName);
 
+  /**
+   * 校验工号是否唯一
+   *
+   * @param user 用户信息
+   * @return 结果
+   */
+  String checkNickNameUnique(SysUser user);
+
   /**
    * 校验手机号码是否唯一
    *

railway-system/src/main/java/com/railway/system/service/impl/SysUserServiceImpl.java

@@ -2,9 +2,11 @@ package com.railway.system.service.impl;
 
 import com.railway.common.annotation.DataScope;
 import com.railway.common.constant.UserConstants;
+import com.railway.common.core.domain.AjaxResult;
 import com.railway.common.core.domain.entity.SysRole;
 import com.railway.common.core.domain.entity.SysUser;
 import com.railway.common.exception.ServiceException;
+import com.railway.common.utils.PhoneUtils;
 import com.railway.common.utils.SecurityUtils;
 import com.railway.common.utils.StringUtils;
 import com.railway.common.utils.spring.SpringUtils;
@@ -71,6 +73,13 @@ public class SysUserServiceImpl implements ISysUserService {
             .collect(Collectors.joining(","));
         sysUser.setRoleName(roleName);
       }
+      // 手机号脱敏
+      String phone = sysUser.getPhone();
+      try {
+        phone = PhoneUtils.blurPhone(sysUser.getPhone());
+      } catch (IllegalArgumentException ignored) {
+      }
+      sysUser.setPhone(phone);
     }
     return users;
   }
@@ -110,6 +119,17 @@ public class SysUserServiceImpl implements ISysUserService {
     return userMapper.selectUserByUserName(userName);
   }
 
+  /**
+   * 通过工号查询用户
+   *
+   * @param nickName 工号
+   * @return 用户对象信息
+   */
+  @Override
+  public SysUser selectUserByNickName(String nickName) {
+    return userMapper.selectUserByUserName(nickName);
+  }
+
   /**
    * 通过用户ID查询用户
    *
@@ -159,6 +179,34 @@ public class SysUserServiceImpl implements ISysUserService {
     return idsStr.toString();
   }
 
+  /**
+   * 校验用户是否唯一
+   *
+   * @param user 用户信息
+   * @return 结果
+   */
+  @Override
+  public AjaxResult checkUserUnique(SysUser user) {
+    String tips = "修改用户'";
+    if(StringUtils.isNull(user.getUserId())){
+      tips = "新增用户'";
+      if (UserConstants.NOT_UNIQUE.equals(checkUserNameUnique(user.getUserName()))) {
+        return AjaxResult.error(tips + user.getUserName() + "'失败，登录账号已存在");
+      }
+    }
+    if (StringUtils.isNotEmpty(user.getNickName())
+        && UserConstants.NOT_UNIQUE.equals(checkPhoneUnique(user))) {
+      return AjaxResult.error(tips + user.getUserName() + "'失败，手机号码已存在");
+    } else if (StringUtils.isNotEmpty(user.getPhone())
+        && UserConstants.NOT_UNIQUE.equals(checkNickNameUnique(user))) {
+      return AjaxResult.error(tips + user.getUserName() + "'失败，工已存在");
+    } else if (StringUtils.isNotEmpty(user.getEmail())
+        && UserConstants.NOT_UNIQUE.equals(checkEmailUnique(user))) {
+      return AjaxResult.error(tips + user.getUserName() + "'失败，邮箱账号已存在");
+    }
+    return null;
+  }
+
   /**
    * 校验用户名称是否唯一
    *
@@ -174,6 +222,22 @@ public class SysUserServiceImpl implements ISysUserService {
     return UserConstants.UNIQUE;
   }
 
+  /**
+   * 校验工号是否唯一
+   *
+   * @param user 用户信息
+   * @return 结果
+   */
+  @Override
+  public String checkNickNameUnique(SysUser user) {
+    long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
+    SysUser info = userMapper.checkNickNameUnique(user.getNickName());
+    if (StringUtils.isNotNull(info) && info.getUserId() != userId) {
+      return UserConstants.NOT_UNIQUE;
+    }
+    return UserConstants.UNIQUE;
+  }
+
   /**
    * 校验用户名称是否唯一
    *
@@ -274,7 +338,7 @@ public class SysUserServiceImpl implements ISysUserService {
    * @return 结果
    */
   @Override
-  @Transactional
+  @Transactional(rollbackFor = Exception.class)
   public int updateUser(SysUser user) {
     Long userId = user.getUserId();
     // 删除用户与角色关联
@@ -295,7 +359,7 @@ public class SysUserServiceImpl implements ISysUserService {
    * @param roleIds 角色组
    */
   @Override
-  @Transactional
+  @Transactional(rollbackFor = Exception.class)
   public void insertUserAuth(Long userId, Long[] roleIds) {
     userRoleMapper.deleteUserRoleByUserId(userId);
     insertUserRole(userId, roleIds);

railway-system/src/main/resources/mapper/system/SysUserMapper.xml

@@ -70,6 +70,16 @@
     <if test="userId != null and userId != 0">
       AND u.user_id = #{userId}
     </if>
+    <if test="roleId != null and roleId != 0">
+      AND u.role_id = #{roleId}
+    </if>
+    <if test="searchValue != null and searchValue != 0">
+      AND (
+      u.real_name like concat('%', #{searchValue}, '%')
+      OR u.phone like concat('%', #{searchValue}, '%')
+      OR d.dept_name like concat('%', #{searchValue}, '%')
+      )
+    </if>
     <if test="userName != null and userName != ''">
       AND u.user_name like concat('%', #{userName}, '%')
     </if>
@@ -138,6 +148,12 @@
     where u.user_name = #{userName}
   </select>
 
+
+  <select id="selectUserByNickName" parameterType="String" resultMap="SysUserResult">
+    <include refid="selectUserVo"/>
+    where u.nick_name = #{nickName}
+  </select>
+
   <select id="selectUserById" parameterType="Long" resultMap="SysUserResult">
     <include refid="selectUserVo"/>
     where u.user_id = #{userId}
@@ -151,6 +167,10 @@
     select count(1) from sys_user where user_name = #{userName} limit 1
   </select>
 
+  <select id="checkNickNameUnique" parameterType="String" resultMap="SysUserResult">
+    select user_id, nick_name from sys_user where nick_name = #{nickName} limit 1
+  </select>
+
   <select id="checkPhoneUnique" parameterType="String" resultMap="SysUserResult">
     select user_id, phone from sys_user where phone = #{phone} limit 1
   </select>