后台账号数据隔离、授权手机号验证多次提交、加盟短信模板更换

e2c7c1a0 · zhenjie · fa6f2972 · e2c7c1a0 · e2c7c1a0 · e2c7c1a0
--- a/cms-common/cms-common-model/src/main/java/com/mmc/iuav/user/model/qo/BUserAccountQO.java
+++ b/cms-common/cms-common-model/src/main/java/com/mmc/iuav/user/model/qo/BUserAccountQO.java
@@ -47,10 +47,13 @@ public class BUserAccountQO implements Serializable {
    @ApiModelProperty(value = "用户id集合")
    private List<Integer> userIds;

+    @ApiModelProperty(value = "单位id")
+    private Integer companyInfoId;
+
    @ApiModelProperty(value = "推荐单位id")
    private Integer rcdCompanyId;

-    @ApiModelProperty(value="单位集合", hidden = true)
+    @ApiModelProperty(value = "单位集合", hidden = true)
    private List<Integer> companys;

    @ApiModelProperty(value = "页码", required = true)

--- a/cms-common/cms-common-util/src/main/java/com/mmc/iuav/response/ResultEnum.java
+++ b/cms-common/cms-common-util/src/main/java/com/mmc/iuav/response/ResultEnum.java
@@ -59,6 +59,7 @@ public enum ResultEnum implements BaseErrorInfoInterface {
    DELETE_ADMIN_ERROR("8011", "禁止删除超级管理员角色账号"),
    DELETE_YOURSELF_ERROR("8011", "禁止删除自己的账号"),
    FRANCHISEE_ACCOUNT_MORE_THAN_ONE_ERROR("8012", "绑定企业为加盟公司，禁止使用该单位"),
+    NO_RIGHT_UPDATE_ERROR("8013", "无权限操作"),

    ID_INFO_AND_ID_card_MISMATCH("3904", "身份信息与身份证不匹配"),
    INTERFACE_ACCESS_EXCEPTION("36894", "接口访问异常/次数用尽"),

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/BackUserAccountController.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/BackUserAccountController.java
@@ -32,8 +32,9 @@ public class BackUserAccountController extends BaseController {
    @ApiOperation(value = "账号-新增")
    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
    @PostMapping("insertBAccount")
-    public ResultBody insertBAccount(@Validated(value = {Create.class}) @RequestBody BUserAccountVO bUserAccountVO) {
-        return backUserAccountService.insertBAccount(bUserAccountVO);
+    public ResultBody insertBAccount(@Validated(value = {Create.class}) @RequestBody BUserAccountVO bUserAccountVO,
+                                     HttpServletRequest request) {
+        return backUserAccountService.insertBAccount(bUserAccountVO, this.getUserLoginInfoFromRedis(request));
    }

    @ApiOperation(value = "账号-修改")
@@ -47,14 +48,15 @@ public class BackUserAccountController extends BaseController {
    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
    @GetMapping("removeBAccount")
    public ResultBody disableBAccount(@RequestParam Integer userAccountId, HttpServletRequest request) {
-        return backUserAccountService.disableBAccount(userAccountId, this.getUserLoginInfoFromRedis(request).getUserAccountId());
+        return backUserAccountService.disableBAccount(userAccountId, this.getUserLoginInfoFromRedis(request));
    }

    @ApiOperation(value = "账号-列表")
    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
    @PostMapping("listBAccountPage")
-    public ResultBody<BackUserAccountVO> listBAccountPage(@ApiParam(value = "账号查询QO", required = true) @RequestBody BUserAccountQO bUserAccountQO) {
-        return backUserAccountService.listBAccountPage(bUserAccountQO);
+    public ResultBody<BackUserAccountVO> listBAccountPage(@ApiParam(value = "账号查询QO", required = true) @RequestBody BUserAccountQO bUserAccountQO,
+                                                          HttpServletRequest request) {
+        return backUserAccountService.listBAccountPage(bUserAccountQO, this.getUserLoginInfoFromRedis(request));
    }

    @ApiOperation(value = "账号-后台用户列表-内部调用", hidden = true)

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/BackUserAccountService.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/BackUserAccountService.java
@@ -18,9 +18,10 @@ public interface BackUserAccountService {
     * 添加后台用户
     *
     * @param bUserAccountVO
+     * @param loginSuccessDTO
     * @return
     */
-    ResultBody insertBAccount(BUserAccountVO bUserAccountVO);
+    ResultBody insertBAccount(BUserAccountVO bUserAccountVO, LoginSuccessDTO loginSuccessDTO);

    /**
     * 添加后台用户信息
@@ -35,18 +36,19 @@ public interface BackUserAccountService {
     * 禁用后台用户
     *
     * @param accountId
-     * @param backUserAccountId
+     * @param loginSuccessDTO
     * @return
     */
-    ResultBody disableBAccount(Integer accountId, Integer backUserAccountId);
+    ResultBody disableBAccount(Integer accountId, LoginSuccessDTO loginSuccessDTO);

    /**
     * 后台用户列表
     *
     * @param bUserAccountQO
+     * @param loginSuccessDTO
     * @return
     */
-    ResultBody<BackUserAccountVO> listBAccountPage(BUserAccountQO bUserAccountQO);
+    ResultBody<BackUserAccountVO> listBAccountPage(BUserAccountQO bUserAccountQO, LoginSuccessDTO loginSuccessDTO);

    /**
     * 内部远程调用查询用户信息

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/BackUserAccountServiceImpl.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/BackUserAccountServiceImpl.java
@@ -52,7 +52,10 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {

    @Transactional
    @Override
-    public ResultBody insertBAccount(BUserAccountVO bUserAccountVO) {
+    public ResultBody insertBAccount(BUserAccountVO bUserAccountVO, LoginSuccessDTO loginSuccessDTO) {
+        if (loginSuccessDTO != null && loginSuccessDTO.getCompanyInfoVO().getCompanyType().equals(CompanyTypeEnums.FRANCHISEE.getType())) {
+            return ResultBody.error(ResultEnum.NO_RIGHT_UPDATE_ERROR);
+        }
        if (!bUserAccountVO.getPassWord().equals(bUserAccountVO.getAlertPwd())) {
            // 两次密码不一致
            return ResultBody.error(ResultEnum.PWD_ALERT_ERROR);
@@ -141,16 +144,19 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
    }

    @Override
-    public ResultBody disableBAccount(Integer accountId, Integer backUserAccountId) {
+    public ResultBody disableBAccount(Integer accountId, LoginSuccessDTO loginSuccessDTO) {
+        CompanyInfoVO companyInfoVO = companyService.getCompanyInfoByBackUserAccountId(accountId);
+        if (companyInfoVO.getCompanyType().equals(CompanyTypeEnums.FRANCHISEE.getType())) {
+            return ResultBody.error(ResultEnum.NO_RIGHT_UPDATE_ERROR);
+        }
        BackUserAccountDO backUserAccountDO = backUserAccountDao.getBackUserAccountDO(accountId);
        RoleInfoDO roleInfoDO = roleDao.getRoleInfoByUserId(accountId);
        if (roleInfoDO.getSuperAdmin().equals(RoleEnums.ADMIN.getId())) {
            return ResultBody.error(ResultEnum.DELETE_ADMIN_ERROR);
        }
-        if (accountId.toString().equals(backUserAccountId.toString())) {
+        if (accountId.toString().equals(loginSuccessDTO.getUserAccountId().toString())) {
            return ResultBody.error(ResultEnum.DELETE_YOURSELF_ERROR);
        }
-        CompanyInfoVO companyInfoVO = companyService.getCompanyInfoByBackUserAccountId(accountId);
        if (companyInfoVO != null && companyInfoVO.getCompanyType().equals(CompanyTypeEnums.FRANCHISEE.getType())) {
            // 加盟企业的账号，需要把对应的成员和后台账号解绑
            companyService.unbindingAllUsers(companyInfoVO.getId());
@@ -162,7 +168,10 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
    }

    @Override
-    public ResultBody<BackUserAccountVO> listBAccountPage(BUserAccountQO param) {
+    public ResultBody<BackUserAccountVO> listBAccountPage(BUserAccountQO param, LoginSuccessDTO loginSuccessDTO) {
+        if (loginSuccessDTO.getCompanyInfoVO().getCompanyType().equals(CompanyTypeEnums.FRANCHISEE.getType())) {
+            param.setCompanyInfoId(loginSuccessDTO.getCompanyInfoVO().getId());
+        }
        int count = backUserAccountDao.countListBackUserAccount(param);
        if (count == 0) {
            return ResultBody.success(PageResult.buildPage(param.getPageNo(), param.getPageSize(), count));

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/CooperationServiceImpl.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/CooperationServiceImpl.java
@@ -24,9 +24,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
 import java.util.stream.Collectors;

 /**
@@ -192,14 +190,12 @@ public class CooperationServiceImpl implements CooperationService {
            // 审批通过生成后台对应的账号
            BUserAccountVO bUserAccountVO = this.generateBackUserAccountVO(userApplyTag);
            log.info("check apply cooperation tag, bUserAccountVO:{}", JSONObject.toJSONString(bUserAccountVO));
-            ResultBody resultBody = backUserAccountService.insertBAccount(bUserAccountVO);
+            ResultBody resultBody = backUserAccountService.insertBAccount(bUserAccountVO, null);
            if (!resultBody.getCode().equals(ResultEnum.SUCCESS.getResultCode())) {
                // 生成账号失败处理
                throw new BizException(ResultEnum.COOPERATION_CHECK_NOT_PASS_ERROR);
            }
-            Map<String, String> param = new HashMap<String, String>();
-            param.put("password", bUserAccountVO.getPassWord());
-            SmsUtil.sendPassCooperationApply(JSONObject.toJSONString(param), bUserAccountVO.getPhoneNum());
+            SmsUtil.sendPassCooperationApply(null, bUserAccountVO.getPhoneNum());
        } else {
            SmsUtil.sendNotPassCooperationApply(account.getPhoneNum());
            cooperationDao.updateApplyTagStatus(id, 2);

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/UserAccountServiceImpl.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/UserAccountServiceImpl.java
@@ -32,6 +32,7 @@ import com.mmc.iuav.user.service.CompanyAuthService;
 import com.mmc.iuav.user.service.RealNameAuthService;
 import com.mmc.iuav.user.service.UserAccountService;
 import com.mmc.iuav.user.service.WxService;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -46,6 +47,7 @@ import java.util.stream.Collectors;
 * @author: zj
 * @Date: 2023/5/16 13:48
 */
+@Slf4j
 @Service
 public class UserAccountServiceImpl implements UserAccountService {

@@ -183,7 +185,12 @@ public class UserAccountServiceImpl implements UserAccountService {
    @Transactional
    @Override
    public ResultBody getUserPhoneNumber(Integer id, String code, Integer rcdUserId) {
+        UserAccountDO userAccountDO = userServiceDao.getUserAccountById(id);
+        if (userAccountDO.getPhoneNum() != null) {
+            return ResultBody.success();
+        }
        String userPhoneNumber = wxService.getUserPhoneNumber(id, code);
+        log.info("授权手机号，用户：{}，手机号：{}", id, userPhoneNumber);
        if (StringUtils.isBlank(userPhoneNumber)) {
            return ResultBody.error(ResultEnum.AUTH_PHONE_NUMBER_ERROR);
        }
@@ -209,7 +216,6 @@ public class UserAccountServiceImpl implements UserAccountService {
        return ResultBody.success();
    }

-    
    private void extracted(Integer id) {
        UserPointsVO userPointsVO = new UserPointsVO(id, NumberOfUserPoints.match(0).getMessage());
        //积分

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/util/SmsUtil.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/util/SmsUtil.java
@@ -22,6 +22,7 @@ public class SmsUtil {
     */
    private static String COOPERATION_TEMPLATE_PASS_CODE_0 = "SMS_461986130";
    private static String COOPERATION_TEMPLATE_PASS_CODE_2 = "SMS_462240459";
+    private static String COOPERATION_TEMPLATE_PASS_CODE_3 = "SMS_462620535";

    /**
     * 加盟审核未通过

--- a/csm-service/cms-service-user/src/main/resources/mapper/BackUserAccountDao.xml
+++ b/csm-service/cms-service-user/src/main/resources/mapper/BackUserAccountDao.xml
@@ -112,6 +112,7 @@
    <select id="countListBackUserAccount" resultType="java.lang.Integer"
            parameterType="com.mmc.iuav.user.model.qo.BUserAccountQO">
        select count(*) from back_user_account bua
+        inner join company_back_user cbu on cbu.back_user_account_id = bua.id
        left join user_role_rel urr on urr.back_user_account_id = bua.id
        where bua.disable = 0
        <if test=" keyword != null and keyword != '' ">
@@ -133,6 +134,9 @@
        <if test="roleId != null">
            and urr.role_id = #{roleId}
        </if>
+        <if test="companyInfoId != null">
+            and cbu.company_info_id = #{companyInfoId}
+        </if>
    </select>

    <select id="listBackUserAccount" resultMap="backUserAccountResultMap"
@@ -157,6 +161,8 @@
        ri.role_no
        FROM
        back_user_account bua
+        inner join company_back_user cbu on cbu.back_user_account_id = bua.id
+        inner join company_info ci on ci.id = cbu.company_info_id
        left join user_role_rel urr on urr.back_user_account_id = bua.id
        left join role_info ri on ri.id = urr.role_id
        WHERE
@@ -180,6 +186,11 @@
        <if test="roleId != null">
            and urr.role_id = #{roleId}
        </if>
+        <if test="companyInfoId != null">
+            and cbu.company_info_id = #{companyInfoId}
+        </if>
+        order by bua.id desc
+        limit #{pageNo}, #{pageSize}
    </select>

    <select id="feignListBackUserAccount" resultMap="backUserAccountResultMap"