河北安全测评整改需求

2024-07-22 13:53:04 +08:00
parent 6fa63a7f3e
commit ec051827ac
15 changed files with 254 additions and 76 deletions
--- a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/FunctionController.java
+++ b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/FunctionController.java
@@ -132,7 +132,7 @@ public class FunctionController extends BaseController {
        return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS,list,methodDescribe);
    }

-    @OperateInfo(operateType = OperateType.UPDATE)
+    @OperateInfo(operateType = OperateType.UPDATE,info = LogEnum.SYSTEM_MEDIUM)
    @PostMapping("/assignFunctionByRoleIndexes")
    @ApiOperation("角色分配菜单")
    @ApiImplicitParam(name = "roleFunctionComponent", value = "角色信息", required = true)
--- a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/PassWordRuleController.java
+++ b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/PassWordRuleController.java
@@ -65,7 +65,7 @@ public class PassWordRuleController extends BaseController {
    }


-    @OperateInfo(info = LogEnum.BUSINESS_COMMON)
+    @OperateInfo(info = LogEnum.SYSTEM_SERIOUS)
    @ApiOperation("解锁超级管理员")
    @RequestMapping(value = "/unlockRoot", method = RequestMethod.POST)
    public HttpResult<Boolean> unlockRoot() {
--- a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/UserController.java
+++ b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/UserController.java
@@ -373,7 +373,7 @@ public class UserController extends BaseController {
        return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, publicKey, methodDescribe);
    }

-    @OperateInfo(operateType = OperateType.UPDATE)
+    @OperateInfo(operateType = OperateType.UPDATE,info = LogEnum.SYSTEM_SERIOUS)
    @PutMapping("/updateUserLoginErrorTimes/{loginName}")
    @ApiOperation("更新用户登录认证密码错误次数")
    @ApiImplicitParam(name = "loginName", value = "登录名", required = true)
@@ -391,7 +391,7 @@ public class UserController extends BaseController {
     *
     * @param password 确认密码
     */
-    @OperateInfo
+    @OperateInfo(operateType = OperateType.AUTHENTICATE,info = LogEnum.SYSTEM_SERIOUS)
    @GetMapping("/passwordConfirm")
    @ApiOperation("密码二次确认")
    @ApiImplicitParam(name = "password", value = "确认密码")
--- a/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/PassWordRuleServiceImpl.java
+++ b/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/PassWordRuleServiceImpl.java
@@ -3,8 +3,10 @@ package com.njcn.user.service.impl;
 import com.njcn.common.pojo.enums.common.DataStateEnum;
 import com.njcn.redis.utils.RedisUtil;
 import com.njcn.user.pojo.param.PassWordRuleParam;
+import com.njcn.user.pojo.po.AuthClient;
 import com.njcn.user.pojo.po.User;
 import com.njcn.user.pojo.po.UserStrategy;
+import com.njcn.user.service.IAuthClientService;
 import com.njcn.user.service.IUserService;
 import com.njcn.user.service.IUserStrategyService;
 import com.njcn.user.service.PassWordRuleService;
@@ -24,6 +26,8 @@ import org.springframework.transaction.annotation.Transactional;
 public class PassWordRuleServiceImpl implements PassWordRuleService {

    private final IUserStrategyService iUserStrategyService;
+
+    private final IAuthClientService iAuthClientService;
    private final RedisUtil redisUtil;

    private final IUserService userService;
@@ -36,13 +40,14 @@ public class PassWordRuleServiceImpl implements PassWordRuleService {
                .set(UserStrategy::getLimitPwdTimes,passWordRuleParam.getErrorsCount())
                .set(UserStrategy::getLimitPwdDate,passWordRuleParam.getPasswordExpirationDays())
                .set(UserStrategy::getLockPwdCheck,passWordRuleParam.getReleaseTime())
-                .set(UserStrategy::getLockPwdTime,passWordRuleParam.getSessionTime()).update();
-
-        redisUtil.saveByKey("mixedCheckFlag",passWordRuleParam.getMixedCheckFlag());
-        redisUtil.saveByKey("doubleCheckFlag",passWordRuleParam.getDoubleCheckFlag());
-        redisUtil.saveByKey("mixedCaseCheckFlag",passWordRuleParam.getMixedCaseCheckFlag());
-        redisUtil.saveByKey("minPasswordLength",passWordRuleParam.getMinPasswordLength());
+                .set(UserStrategy::getMaxNum,passWordRuleParam.getMaxUseUser())
+                .set(UserStrategy::getSleep,passWordRuleParam.getSleepDay())
+                .update();

+        iAuthClientService.lambdaUpdate()
+                .set(AuthClient::getRefreshTokenValidity,passWordRuleParam.getSessionRefreshTime())
+                .set(AuthClient::getAccessTokenValidity,passWordRuleParam.getSessionTime())
+                .update();
        return true;
    }

@@ -53,14 +58,13 @@ public class PassWordRuleServiceImpl implements PassWordRuleService {

        passWordRuleParam.setErrorsCount(userStrategy.getLimitPwdTimes());
        passWordRuleParam.setReleaseTime(userStrategy.getLockPwdCheck());
-        passWordRuleParam.setSessionTime(userStrategy.getLockPwdTime());
-        passWordRuleParam.setMinPasswordLength((Integer)(redisUtil.getObjectByKey("minPasswordLength")));
        passWordRuleParam.setPasswordExpirationDays(userStrategy.getLimitPwdDate());
-        passWordRuleParam.setMixedCheckFlag((Integer)(redisUtil.getObjectByKey("mixedCheckFlag")));
-        passWordRuleParam.setDoubleCheckFlag((Integer)(redisUtil.getObjectByKey("doubleCheckFlag")));
-        passWordRuleParam.setMixedCaseCheckFlag((Integer)(redisUtil.getObjectByKey("mixedCaseCheckFlag")));
-
+        passWordRuleParam.setMaxUseUser(userStrategy.getMaxNum());
+        passWordRuleParam.setSleepDay(userStrategy.getSleep());

+        AuthClient authClient = iAuthClientService.lambdaQuery().last(" limit 1").one();
+        passWordRuleParam.setSessionTime(authClient.getAccessTokenValidity());
+        passWordRuleParam.setSessionRefreshTime(authClient.getRefreshTokenValidity());
        return passWordRuleParam;
    }