mirror of
https://github.com/getrebuild/rebuild.git
synced 2024-09-20 07:25:54 +08:00
Fix v3.4 beta3 (#651)
* be: styles * be: tempAuth 无权访问 * be: login logs
This commit is contained in:
parent
9ed70e501a
commit
21644dc79f
|
@ -15,6 +15,7 @@ import cn.devezhao.persist4j.engine.ID;
|
|||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.rebuild.api.RespBody;
|
||||
import com.rebuild.core.Application;
|
||||
import com.rebuild.core.DefinedException;
|
||||
import com.rebuild.core.metadata.EntityHelper;
|
||||
import com.rebuild.core.privileges.UserService;
|
||||
import com.rebuild.core.privileges.bizz.User;
|
||||
|
@ -25,7 +26,6 @@ import com.rebuild.core.support.VerfiyCode;
|
|||
import com.rebuild.core.support.i18n.I18nUtils;
|
||||
import com.rebuild.core.support.i18n.Language;
|
||||
import com.rebuild.core.support.integration.SMSender;
|
||||
import com.rebuild.utils.CommonsUtils;
|
||||
import com.rebuild.web.BaseController;
|
||||
import com.rebuild.web.user.signup.LoginController;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
|
@ -51,16 +51,19 @@ public class UserSettingsController extends BaseController {
|
|||
|
||||
@GetMapping("/user")
|
||||
public ModelAndView pageUser(HttpServletRequest request) {
|
||||
throwIfTempAuth(request);
|
||||
final ID user = getRequestUser(request);
|
||||
|
||||
ModelAndView mv = createModelAndView("/settings/user-settings");
|
||||
|
||||
User user = Application.getUserStore().getUser(getRequestUser(request));
|
||||
mv.getModelMap().put("user", user);
|
||||
User ub = Application.getUserStore().getUser(user);
|
||||
mv.getModelMap().put("user", ub);
|
||||
|
||||
String dingtalkCorpid = RebuildConfiguration.get(ConfigurationItem.DingtalkCorpid);
|
||||
if (dingtalkCorpid != null) {
|
||||
Object[] dingtalkUser = Application.createQueryNoFilter(
|
||||
"select appUser from ExternalUser where bindUser = ? and appId = ?")
|
||||
.setParameter(1, user.getId())
|
||||
.setParameter(1, ub.getId())
|
||||
.setParameter(2, dingtalkCorpid)
|
||||
.unique();
|
||||
if (dingtalkUser != null) mv.getModelMap().put("dingtalkUser", dingtalkUser[0]);
|
||||
|
@ -69,7 +72,7 @@ public class UserSettingsController extends BaseController {
|
|||
if (wxworkCorpid != null) {
|
||||
Object[] wxworkUser = Application.createQueryNoFilter(
|
||||
"select appUser from ExternalUser where bindUser = ? and appId = ?")
|
||||
.setParameter(1, user.getId())
|
||||
.setParameter(1, ub.getId())
|
||||
.setParameter(2, wxworkCorpid)
|
||||
.unique();
|
||||
if (wxworkUser != null) mv.getModelMap().put("wxworkUser", wxworkUser[0]);
|
||||
|
@ -94,16 +97,13 @@ public class UserSettingsController extends BaseController {
|
|||
String content = Language.L("你的邮箱验证码是 : **%s**", vcode);
|
||||
String sentid = SMSender.sendMail(email, subject, content);
|
||||
|
||||
if (sentid != null) {
|
||||
return RespBody.ok();
|
||||
} else {
|
||||
return RespBody.errorl("操作失败,请稍后重试");
|
||||
}
|
||||
if (sentid != null) return RespBody.ok();
|
||||
return RespBody.errorl("操作失败,请稍后重试");
|
||||
}
|
||||
|
||||
@RequestMapping("/user/save-email")
|
||||
public RespBody saveEmail(HttpServletRequest request) {
|
||||
ID user = getRequestUser(request);
|
||||
final ID user = getRequestUser(request);
|
||||
String email = getParameterNotNull(request, "email");
|
||||
String vcode = getParameterNotNull(request, "vcode");
|
||||
|
||||
|
@ -202,6 +202,7 @@ public class UserSettingsController extends BaseController {
|
|||
|
||||
@PostMapping("/user/temp-auth")
|
||||
public RespBody tempAuth(HttpServletRequest request) {
|
||||
throwIfTempAuth(request);
|
||||
final ID user = getRequestUser(request);
|
||||
final String token = CodecUtils.randomCode(40);
|
||||
Application.getCommonsCache().putx(LoginController.SK_TEMP_AUTH + token, user, 60 * 5);
|
||||
|
@ -209,4 +210,9 @@ public class UserSettingsController extends BaseController {
|
|||
String url = RebuildConfiguration.getHomeUrl("/user/login/temp-auth?token=" + token);
|
||||
return RespBody.ok(url);
|
||||
}
|
||||
|
||||
private void throwIfTempAuth(HttpServletRequest request) {
|
||||
Object tempAuth = ServletUtils.getSessionAttribute(request, LoginController.SK_TEMP_AUTH);
|
||||
if (tempAuth != null) throw new DefinedException(Language.L("无权访问该页面"));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -54,6 +54,8 @@ public class LoginAction extends BaseController {
|
|||
private static final String SK_SHOW_TOUR = "showStartTour";
|
||||
private static final String SK_SHOW_GUIDE = "showStartGuide";
|
||||
|
||||
public static final String SK_TEMP_AUTH = "rbTempAuth";
|
||||
|
||||
protected static final String PREFIX_2FA = "2FA:";
|
||||
protected static final String PREFIX_ALT = "ALT:";
|
||||
|
||||
|
@ -149,6 +151,8 @@ public class LoginAction extends BaseController {
|
|||
if (os.getDeviceType() != null && os.getDeviceType() == DeviceType.MOBILE) uaClear += " [Mobile]";
|
||||
}
|
||||
|
||||
if (request.getAttribute(SK_TEMP_AUTH) != null) uaClear += " [TempAuth]";
|
||||
|
||||
} catch (Exception ex) {
|
||||
log.warn("Unknown user-agent : {}", ua);
|
||||
uaClear = "UNKNOW";
|
||||
|
|
|
@ -53,8 +53,6 @@ import java.util.Map;
|
|||
@RequestMapping("/user/")
|
||||
public class LoginController extends LoginAction {
|
||||
|
||||
public static final String SK_TEMP_AUTH = "rbTempAuth";
|
||||
|
||||
@GetMapping("login")
|
||||
public ModelAndView checkLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
final String homeUrl = "../dashboard/home";
|
||||
|
@ -231,10 +229,11 @@ public class LoginController extends LoginAction {
|
|||
return new ModelAndView("redirect:/user/login?error=TempAuth");
|
||||
}
|
||||
|
||||
request.setAttribute(SK_TEMP_AUTH, token);
|
||||
loginSuccessed(request, response, (ID) loginUserId, false);
|
||||
|
||||
request.getSession().setMaxInactiveInterval(60 * 5);
|
||||
request.getSession().setAttribute(SK_TEMP_AUTH, "true");
|
||||
request.getSession().setAttribute(SK_TEMP_AUTH, token);
|
||||
|
||||
return new ModelAndView("redirect:/dashboard/home");
|
||||
}
|
||||
|
|
|
@ -311,11 +311,11 @@
|
|||
<div class="card-body pt-4">
|
||||
<button class="btn btn-danger btn-lg w-100">[[${bundle.L('开启维护计划')}]]</button>
|
||||
<div class="note">
|
||||
<dl class="row mb-0 mt-1" style="line-height: 1.7">
|
||||
<dt class="col-4 pr-0">[[${bundle.L('计划维护时间')}]]</dt>
|
||||
<dd class="col-8 pl-0"></dd>
|
||||
<dt class="col-4 pr-0">[[${bundle.L('维护原因')}]]</dt>
|
||||
<dd class="col-8 pl-0"></dd>
|
||||
<dl class="mb-0 mt-1" style="line-height: 1.7">
|
||||
<dt>[[${bundle.L('计划维护时间')}]]</dt>
|
||||
<dd></dd>
|
||||
<dt>[[${bundle.L('维护原因')}]]</dt>
|
||||
<dd></dd>
|
||||
</dl>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -855,7 +855,7 @@ body.view-body {
|
|||
}
|
||||
|
||||
.select2-container--default .select2-selection--multiple .select2-search--inline .select2-search__field {
|
||||
width: 100% !important;
|
||||
/*width: 100% !important;*/
|
||||
}
|
||||
|
||||
.select2-container--default.select2-container--focus .select2-selection.select2-selection--multiple {
|
||||
|
|
|
@ -54,8 +54,8 @@ $(document).ready(() => {
|
|||
})
|
||||
})
|
||||
|
||||
$mm.find('.note .col-8:eq(0)').text(_data.startTime.substr(0, 16) + ' ~ ' + _data.endTime.substr(0, 16))
|
||||
$mm.find('.note .col-8:eq(1)').text(_data.note || $L('无'))
|
||||
$mm.find('.note dd:eq(0)').text(_data.startTime.substr(0, 16) + ' ~ ' + _data.endTime.substr(0, 16))
|
||||
$mm.find('.note dd:eq(1)').text(_data.note || $L('无'))
|
||||
$mm.find('.note').show()
|
||||
} else {
|
||||
$mm.find('.btn').on('click', () => {
|
||||
|
|
|
@ -90,7 +90,11 @@ $(document).ready(function () {
|
|||
$(`<td class="text-muted">${idx + 1}.</td>`).appendTo($tr)
|
||||
$(`<td>${this[0].split('UTC')[0]}</td>`).appendTo($tr)
|
||||
$(`<td>${this[1]}</td>`).appendTo($tr)
|
||||
$(`<td>${this[2].replace(/\[Mobile]/i, `<i class="support-plat2 mdi mdi-cellphone-marker" title="${$L('手机登录')}"></i>`)}</td>`).appendTo($tr)
|
||||
|
||||
const uaRich = this[2]
|
||||
.replace(/\[Mobile]/i, `<i class="support-plat2 mdi mdi-cellphone-marker fs-16" title="${$L('手机登录')}"></i>`)
|
||||
.replace(/\[TempAuth]/i, `<i class="support-plat2 mdi mdi-account-alert text-danger fs-18" title="${$L('临时授权')}"></i>`)
|
||||
$(`<td>${uaRich}</td>`).appendTo($tr)
|
||||
})
|
||||
|
||||
$('#logs tbody>tr').each(function () {
|
||||
|
|
|
@ -207,7 +207,7 @@
|
|||
<thead>
|
||||
<tr>
|
||||
<th width="50"></th>
|
||||
<th>[[${bundle.L('登录时间')}]]</th>
|
||||
<th width="24%">[[${bundle.L('登录时间')}]]</th>
|
||||
<th>[[${bundle.L('IP 地址')}]]</th>
|
||||
<th>[[${bundle.L('客户端')}]]</th>
|
||||
</tr>
|
||||
|
|
Loading…
Reference in a new issue