Fix v3.4 beta3 (#651)

* be: styles * be: tempAuth 无权访问 * be: login logs
2024-09-20 07:25:54 +08:00 · 2023-08-24 17:17:19 +08:00 · 2023-08-24 17:17:19 +08:00 · 21644dc79f
parent 9ed70e501a
commit 21644dc79f
8 changed files with 37 additions and 24 deletions
--- a/src/main/java/com/rebuild/web/user/UserSettingsController.java
+++ b/src/main/java/com/rebuild/web/user/UserSettingsController.java
@ -15,6 +15,7 @@ import cn.devezhao.persist4j.engine.ID;
 import com.alibaba.fastjson.JSONObject;
 import com.rebuild.api.RespBody;
 import com.rebuild.core.Application;
+import com.rebuild.core.DefinedException;
 import com.rebuild.core.metadata.EntityHelper;
 import com.rebuild.core.privileges.UserService;
 import com.rebuild.core.privileges.bizz.User;
@ -25,7 +26,6 @@ import com.rebuild.core.support.VerfiyCode;
 import com.rebuild.core.support.i18n.I18nUtils;
 import com.rebuild.core.support.i18n.Language;
 import com.rebuild.core.support.integration.SMSender;
-import com.rebuild.utils.CommonsUtils;
 import com.rebuild.web.BaseController;
 import com.rebuild.web.user.signup.LoginController;
 import org.apache.commons.lang.StringUtils;
@ -51,16 +51,19 @@ public class UserSettingsController extends BaseController {

    @GetMapping("/user")
    public ModelAndView pageUser(HttpServletRequest request) {
+        throwIfTempAuth(request);
+        final ID user = getRequestUser(request);
+
        ModelAndView mv = createModelAndView("/settings/user-settings");

-        User user = Application.getUserStore().getUser(getRequestUser(request));
-        mv.getModelMap().put("user", user);
+        User ub = Application.getUserStore().getUser(user);
+        mv.getModelMap().put("user", ub);

        String dingtalkCorpid = RebuildConfiguration.get(ConfigurationItem.DingtalkCorpid);
        if (dingtalkCorpid != null) {
            Object[] dingtalkUser = Application.createQueryNoFilter(
                    "select appUser from ExternalUser where bindUser = ? and appId = ?")
-                    .setParameter(1, user.getId())
+                    .setParameter(1, ub.getId())
                    .setParameter(2, dingtalkCorpid)
                    .unique();
            if (dingtalkUser != null) mv.getModelMap().put("dingtalkUser", dingtalkUser[0]);
@ -69,7 +72,7 @@ public class UserSettingsController extends BaseController {
        if (wxworkCorpid != null) {
            Object[] wxworkUser = Application.createQueryNoFilter(
                    "select appUser from ExternalUser where bindUser = ? and appId = ?")
-                    .setParameter(1, user.getId())
+                    .setParameter(1, ub.getId())
                    .setParameter(2, wxworkCorpid)
                    .unique();
            if (wxworkUser != null) mv.getModelMap().put("wxworkUser", wxworkUser[0]);
@ -94,16 +97,13 @@ public class UserSettingsController extends BaseController {
        String content = Language.L("你的邮箱验证码是 : **%s**", vcode);
        String sentid = SMSender.sendMail(email, subject, content);

-        if (sentid != null) {
-            return RespBody.ok();
-        } else {
-            return RespBody.errorl("操作失败，请稍后重试");
-        }
+        if (sentid != null) return RespBody.ok();
+        return RespBody.errorl("操作失败，请稍后重试");
    }

    @RequestMapping("/user/save-email")
    public RespBody saveEmail(HttpServletRequest request) {
-        ID user = getRequestUser(request);
+        final ID user = getRequestUser(request);
        String email = getParameterNotNull(request, "email");
        String vcode = getParameterNotNull(request, "vcode");

@ -202,6 +202,7 @@ public class UserSettingsController extends BaseController {

    @PostMapping("/user/temp-auth")
    public RespBody tempAuth(HttpServletRequest request) {
+        throwIfTempAuth(request);
        final ID user = getRequestUser(request);
        final String token = CodecUtils.randomCode(40);
        Application.getCommonsCache().putx(LoginController.SK_TEMP_AUTH + token, user, 60 * 5);
@ -209,4 +210,9 @@ public class UserSettingsController extends BaseController {
        String url = RebuildConfiguration.getHomeUrl("/user/login/temp-auth?token=" + token);
        return RespBody.ok(url);
    }
+
+    private void throwIfTempAuth(HttpServletRequest request) {
+        Object tempAuth = ServletUtils.getSessionAttribute(request, LoginController.SK_TEMP_AUTH);
+        if (tempAuth != null) throw new DefinedException(Language.L("无权访问该页面"));
+    }
 }
--- a/src/main/java/com/rebuild/web/user/signup/LoginAction.java
+++ b/src/main/java/com/rebuild/web/user/signup/LoginAction.java
@ -54,6 +54,8 @@ public class LoginAction extends BaseController {
    private static final String SK_SHOW_TOUR = "showStartTour";
    private static final String SK_SHOW_GUIDE = "showStartGuide";

+    public static final String SK_TEMP_AUTH = "rbTempAuth";
+
    protected static final String PREFIX_2FA = "2FA:";
    protected static final String PREFIX_ALT = "ALT:";

@ -149,6 +151,8 @@ public class LoginAction extends BaseController {
                if (os.getDeviceType() != null && os.getDeviceType() == DeviceType.MOBILE) uaClear += " [Mobile]";
            }

+            if (request.getAttribute(SK_TEMP_AUTH) != null) uaClear += " [TempAuth]";
+
        } catch (Exception ex) {
            log.warn("Unknown user-agent : {}", ua);
            uaClear = "UNKNOW";
--- a/src/main/java/com/rebuild/web/user/signup/LoginController.java
+++ b/src/main/java/com/rebuild/web/user/signup/LoginController.java
@ -53,8 +53,6 @@ import java.util.Map;
@RequestMapping("/user/")
 public class LoginController extends LoginAction {

-    public static final String SK_TEMP_AUTH = "rbTempAuth";
-
    @GetMapping("login")
    public ModelAndView checkLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
        final String homeUrl = "../dashboard/home";
@ -231,10 +229,11 @@ public class LoginController extends LoginAction {
            return new ModelAndView("redirect:/user/login?error=TempAuth");
        }

+        request.setAttribute(SK_TEMP_AUTH, token);
        loginSuccessed(request, response, (ID) loginUserId, false);

        request.getSession().setMaxInactiveInterval(60 * 5);
-        request.getSession().setAttribute(SK_TEMP_AUTH, "true");
+        request.getSession().setAttribute(SK_TEMP_AUTH, token);

        return new ModelAndView("redirect:/dashboard/home");
    }
--- a/src/main/resources/web/admin/system-cfg.html
+++ b/src/main/resources/web/admin/system-cfg.html
@ -311,11 +311,11 @@
                <div class="card-body pt-4">
                  <button class="btn btn-danger btn-lg w-100">[[${bundle.L('开启维护计划')}]]</button>
                  <div class="note">
-                    <dl class="row mb-0 mt-1" style="line-height: 1.7">
-                      <dt class="col-4 pr-0">[[${bundle.L('计划维护时间')}]]</dt>
-                      <dd class="col-8 pl-0"></dd>
-                      <dt class="col-4 pr-0">[[${bundle.L('维护原因')}]]</dt>
-                      <dd class="col-8 pl-0"></dd>
+                    <dl class="mb-0 mt-1" style="line-height: 1.7">
+                      <dt>[[${bundle.L('计划维护时间')}]]</dt>
+                      <dd></dd>
+                      <dt>[[${bundle.L('维护原因')}]]</dt>
+                      <dd></dd>
                    </dl>
                  </div>
                </div>
--- a/src/main/resources/web/assets/css/rb-page.css
+++ b/src/main/resources/web/assets/css/rb-page.css
@ -855,7 +855,7 @@ body.view-body {
 }

 .select2-container--default .select2-selection--multiple .select2-search--inline .select2-search__field {
-  width: 100% !important;
+  /*width: 100% !important;*/
 }

 .select2-container--default.select2-container--focus .select2-selection.select2-selection--multiple {
--- a/src/main/resources/web/assets/js/admin/syscfg-g.js
+++ b/src/main/resources/web/assets/js/admin/syscfg-g.js
@ -54,8 +54,8 @@ $(document).ready(() => {
          })
        })

-      $mm.find('.note .col-8:eq(0)').text(_data.startTime.substr(0, 16) + ' ~ ' + _data.endTime.substr(0, 16))
-      $mm.find('.note .col-8:eq(1)').text(_data.note || $L('无'))
+      $mm.find('.note dd:eq(0)').text(_data.startTime.substr(0, 16) + ' ~ ' + _data.endTime.substr(0, 16))
+      $mm.find('.note dd:eq(1)').text(_data.note || $L('无'))
      $mm.find('.note').show()
    } else {
      $mm.find('.btn').on('click', () => {
--- a/src/main/resources/web/assets/js/user-settings.js
+++ b/src/main/resources/web/assets/js/user-settings.js
@ -90,7 +90,11 @@ $(document).ready(function () {
        $(`<td class="text-muted">${idx + 1}.</td>`).appendTo($tr)
        $(`<td>${this[0].split('UTC')[0]}</td>`).appendTo($tr)
        $(`<td>${this[1]}</td>`).appendTo($tr)
-        $(`<td>${this[2].replace(/\[Mobile]/i, `<i class="support-plat2 mdi mdi-cellphone-marker" title="${$L('手机登录')}"></i>`)}</td>`).appendTo($tr)
+
+        const uaRich = this[2]
+          .replace(/\[Mobile]/i, `<i class="support-plat2 mdi mdi-cellphone-marker fs-16" title="${$L('手机登录')}"></i>`)
+          .replace(/\[TempAuth]/i, `<i class="support-plat2 mdi mdi-account-alert text-danger fs-18" title="${$L('临时授权')}"></i>`)
+        $(`<td>${uaRich}</td>`).appendTo($tr)
      })

      $('#logs tbody>tr').each(function () {
--- a/src/main/resources/web/settings/user-settings.html
+++ b/src/main/resources/web/settings/user-settings.html
@ -207,7 +207,7 @@
                      <thead>
                        <tr>
                          <th width="50"></th>
-                          <th>[[${bundle.L('登录时间')}]]</th>
+                          <th width="24%">[[${bundle.L('登录时间')}]]</th>
                          <th>[[${bundle.L('IP 地址')}]]</th>
                          <th>[[${bundle.L('客户端')}]]</th>
                        </tr>