Merge branch 'master' into feature/20171201-real-ip

src/main/java/cn/quantgroup/xyqb/Constants.java

@@ -87,4 +87,14 @@ public interface Constants {
       String AVATAR_DEFAULT = "https://avatar.xyqb.com/default_avatar.png";
   }
 
+
+
+  interface Sms {
+    String VERIFICATION_CODE = "尊敬的用户，您本次的验证码为：%s，有效期10分钟。"; // 随机验证码
+    String BINDCARD_SMS = "用户您好，您已绑卡成功，将会在1-5个工作日内收到借款，请耐心等待。如有疑问，请致电400-002-0061，感谢您对我们的支持";//绑卡成功后的短信文案
+    String REPAY_SMS = "用户您好，您在信用钱包的本期账单已还款成功，保持良好的信用可升级为VIP用户，享更多特权，感谢您对信用钱包的支持";
+  }
+
+  String AES_KEY = "ScnmRBhuQpo9kBdn";
+
 }

src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java

@@ -30,7 +30,6 @@ import java.io.IOException;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.UUID;
-import sun.management.counter.LongCounter;
 
 /**
  * 类名称：ImgCaptchaController

src/main/java/cn/quantgroup/xyqb/controller/external/user/InnerController.java

 package cn.quantgroup.xyqb.controller.external.user;
 
 import cn.quantgroup.user.enums.Relation;
+
+import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.aspect.accessable.IpValidator;
 import cn.quantgroup.xyqb.aspect.logcaller.LogHttpCaller;
 import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.*;
 import cn.quantgroup.xyqb.entity.enumerate.*;
 import cn.quantgroup.xyqb.model.*;
+import cn.quantgroup.xyqb.repository.IUserDetailRepository;
 import cn.quantgroup.xyqb.service.api.IUserApiService;
 import cn.quantgroup.xyqb.service.auth.IIdCardService;
 import cn.quantgroup.xyqb.service.http.IHttpService;
 import cn.quantgroup.xyqb.service.session.ISessionService;
 import cn.quantgroup.xyqb.service.user.*;
 import cn.quantgroup.xyqb.service.wechat.IWechatService;
+import cn.quantgroup.xyqb.util.AESUtil;
 import cn.quantgroup.xyqb.util.IPUtil;
 import cn.quantgroup.xyqb.util.MqUtils;
 import cn.quantgroup.xyqb.util.ValidationUtil;
@@ -36,6 +40,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import java.sql.Timestamp;
 import java.text.ParseException;
@@ -954,4 +959,89 @@ public class InnerController implements IBaseController {
     return JsonResult.buildSuccessResult(null, userList);
   }
 
+  @RequestMapping("/forbiddenUserWeChat")
+  public JsonResult forbiddenUserWeChat(@RequestParam Long userId, @RequestParam String reason, @RequestParam String content) {
+    if (StringUtils.isBlank(reason) || null == userId || userId <= 0) {
+      return JsonResult.buildErrorStateResult("参数有误", null);
+    }
+    //密文
+    if (null != content) {
+      content = content.replaceAll(" ", "+");
+    }
+    String str = AESUtil.decryptAfterBase64Decode(content, Constants.AES_KEY);
+    if (null == str || !str.equals(userId.toString())) {
+      return JsonResult.buildErrorStateResult("解密有误", null);
+    }
+    int affectedRows=wechatService.forbiddenUserWeChat(userId);
+    LOGGER.info("用户微信禁用,userId:{},禁用的原因reason:{},受影响的行数affectedRows:{}",userId,reason,affectedRows);
+    return JsonResult.buildSuccessResult("用户禁用微信成功", affectedRows);
+  }
+
+  @RequestMapping("/updateIdCard")
+  public JsonResult updateIdCard(@RequestParam(required = false)String name, @RequestParam(required = false)String idNo,
+                                 @RequestParam String phoneNo, @RequestParam String reason, @RequestParam String content) {
+    //密文
+    if (null != content) {
+      content = content.replaceAll(" ", "+");
+    }
+    String str = AESUtil.decryptAfterBase64Decode(content, Constants.AES_KEY);
+    if (null == str || !str.equals(phoneNo)) {
+      return JsonResult.buildErrorStateResult("解密有误", null);
+    }
+    if(StringUtils.isBlank(name) && StringUtils.isBlank(idNo)){
+      return JsonResult.buildErrorStateResult("不能全为空", null);
+    }
+    if ( StringUtils.isBlank(phoneNo) || StringUtils.isBlank(reason)) {
+      return JsonResult.buildErrorStateResult("参数有误", null);
+    }
+    if (!ValidationUtil.validatePhoneNo(phoneNo)) {
+      LOGGER.info("手机号有误, phoneNo:{}", phoneNo);
+      return JsonResult.buildErrorStateResult("用户手机号错误", null);
+    }
+    int affectedRows=userDetailService.updateIdCard(name, idNo, phoneNo);
+    LOGGER.info("更新用户的信息,name;{},idNo:{},phoneNo:{},操作的理由reason:{},受影响的行数affectedRows:{}", name, idNo, phoneNo, reason,affectedRows);
+    ImmutableMap.Builder<String, String> builder = ImmutableMap.builder();
+    builder.put("phoneNo", phoneNo);
+    builder.put("name", name);
+    builder.put("idNo", idNo);
+    builder.put("reason", reason);
+    builder.put("content", content);
+    LOGGER.info("去清除函谷关的缓存");
+    Map<String, String> param = builder.build();
+    httpService.get(hanguguanUrl.concat("/innerapi/updateIdCard"), param);
+    return JsonResult.buildSuccessResult("修改用户身份证号或姓名成功", affectedRows);
+  }
+
+  @RequestMapping("/forbiddenUserOrNot")
+  public JsonResult forbiddenUserOrNot(@RequestParam String phoneNo, @RequestParam Boolean enable,
+                                       @RequestParam String reason, @RequestParam String content) {
+    if (StringUtils.isBlank(phoneNo) || StringUtils.isBlank(reason)) {
+      return JsonResult.buildErrorStateResult("参数有误", null);
+    }
+    //密文
+    if (null != content) {
+      content = content.replaceAll(" ", "+");
+    }
+    String str = AESUtil.decryptAfterBase64Decode(content, Constants.AES_KEY);
+    if (null == str || !str.equals(phoneNo)) {
+      return JsonResult.buildErrorStateResult("解密有误", null);
+    }
+    if (!ValidationUtil.validatePhoneNo(phoneNo)) {
+      LOGGER.info("用户手机号错误, phoneNo:{}", phoneNo);
+      return JsonResult.buildErrorStateResult("用户手机号错误", null);
+    }
+
+    int affectedRows=userService.forbiddenUser(enable, phoneNo);
+    LOGGER.info("禁用或者重启用户的理由,reason:{},手机号phoneNo:{},受影响的行数affectedRows:{}", reason, phoneNo,affectedRows);
+    ImmutableMap.Builder<String, String> builder = ImmutableMap.builder();
+    builder.put("phoneNo", phoneNo);
+    builder.put("enable", String.valueOf(enable));
+    builder.put("reason", reason);
+    builder.put("content", content);
+    LOGGER.info("去清除函谷关的缓存");
+    Map<String, String> param = builder.build();
+    httpService.get(hanguguanUrl.concat("/innerapi/forbiddenUserOrNot"), param);
+    return JsonResult.buildSuccessResult("用户禁用或重启成功成功", affectedRows);
+  }
+
 }
\ No newline at end of file

src/main/java/cn/quantgroup/xyqb/repository/IUserDetailRepository.java

@@ -39,4 +39,14 @@ public interface IUserDetailRepository extends JpaRepository<UserDetail, Long>,J
   @Modifying
   @Query(value = "select * from user_detail where gender!=1 and gender!=2 and id_no is not null", nativeQuery = true)
   List<UserDetail> selectUserDetailsBy();
+
+  @Transactional
+  @Modifying
+  @Query(value = "update user_detail set id_no=?1,gender=?2 where phone_no=?3", nativeQuery = true)
+  int updateIdNoByPhoneNo(String idNo, int gender, String phoneNo);
+
+  @Transactional
+  @Modifying
+  @Query(value = "update user_detail set name=?1 where phone_no=?2", nativeQuery = true)
+  int updateNameByPhoneNo(String name, String phoneNo);
 }

src/main/java/cn/quantgroup/xyqb/repository/IUserRepository.java

@@ -3,7 +3,9 @@ package cn.quantgroup.xyqb.repository;
 import cn.quantgroup.xyqb.entity.User;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
+import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
+import org.springframework.transaction.annotation.Transactional;
 
 import java.util.List;
 
@@ -23,4 +25,9 @@ public interface IUserRepository extends JpaRepository<User, Long>, JpaSpecifica
   @Query(value ="select * from user where created_at>=?1 and created_at<?2 ", nativeQuery = true)
   List<User> findRegisterUserByTime(String beginTime,String endTime);
 
+  @Transactional
+  @Modifying
+  @Query(value = "update user set enable=?1 where phone_no=?2", nativeQuery = true)
+  int forbiddenUser(Boolean enable, String phoneNo);
+
 }

src/main/java/cn/quantgroup/xyqb/repository/IWeChatUserRepository.java

@@ -3,6 +3,8 @@ package cn.quantgroup.xyqb.repository;
 
 import cn.quantgroup.xyqb.entity.WechatUserInfo;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
+import org.springframework.transaction.annotation.Transactional;
 
 /**
  * Created by 11 on 2017/1/18.
@@ -13,4 +15,8 @@ public interface IWeChatUserRepository extends JpaRepository<WechatUserInfo, Lon
   WechatUserInfo findByPhoneNo(String phoneNo);
 
   WechatUserInfo findByUserId(Long userId);
+
+  @Transactional
+  @Modifying
+  int removeByUserId(Long userId);
 }

src/main/java/cn/quantgroup/xyqb/service/user/IUserDetailService.java

@@ -36,4 +36,14 @@ public interface IUserDetailService {
    */
 
   void fixedIdNoAndGender();
+
+  /**
+   * 更新用户的身份证号
+   *
+   * @param name name
+   * @param idNo idNo
+   * @param phoneNo phoneNo
+   * @return 受影响的行数
+   */
+  int updateIdCard(String name, String idNo, String phoneNo);
 }

src/main/java/cn/quantgroup/xyqb/service/user/IUserService.java

@@ -70,4 +70,11 @@ public interface IUserService {
 
   List<User> findRegisterUserByTime(String beginTime,String endTime);
 
+  /**
+   * 禁用用户
+   *
+   * @param phoneNo 电话号码
+   */
+  int forbiddenUser(Boolean enable,String phoneNo);
+
 }

src/main/java/cn/quantgroup/xyqb/service/user/impl/UserDetailServiceImpl.java

 package cn.quantgroup.xyqb.service.user.impl;
 
-import cn.quantgroup.xyqb.controller.ExceptionHandlingController;
 import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.entity.UserDetail;
 import cn.quantgroup.xyqb.model.Gender;
-import cn.quantgroup.xyqb.model.UserQueryInfo;
+import cn.quantgroup.xyqb.model.IdCardInfo;
 import cn.quantgroup.xyqb.repository.IUserDetailRepository;
 import cn.quantgroup.xyqb.repository.IUserRepository;
 import cn.quantgroup.xyqb.service.auth.IIdCardService;
 import cn.quantgroup.xyqb.service.user.IUserDetailService;
 import cn.quantgroup.xyqb.service.user.vo.UserDetailVO;
+import cn.quantgroup.xyqb.util.ValidationUtil;
 import com.google.common.collect.Maps;
 import java.text.ParseException;
 import java.util.ArrayList;
@@ -20,7 +20,6 @@ import javax.persistence.criteria.CriteriaBuilder;
 import javax.persistence.criteria.CriteriaQuery;
 import javax.persistence.criteria.Predicate;
 import javax.persistence.criteria.Root;
-import javax.transaction.Transactional;
 
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
@@ -29,7 +28,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
-import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Sort;
 import org.springframework.data.jpa.domain.Specification;
 import org.springframework.stereotype.Service;
@@ -205,4 +203,24 @@ public class UserDetailServiceImpl implements IUserDetailService {
       LOGGER.info("修复用户老数据身份证号完成");
     }
   }
+
+  @Override
+  public int updateIdCard(String name, String idNo, String phoneNo) {
+    UserDetail userDetail = userDetailRepository.findByPhoneNo(phoneNo);
+    if (null != userDetail) {
+      if (!StringUtils.isBlank(idNo)) {
+        try {
+          IdCardInfo idCardInfo = idCardService.getIdCardInfo(idNo);
+          return userDetailRepository.updateIdNoByPhoneNo(idCardInfo.getIdNo(), idCardInfo.getGender().ordinal(), phoneNo);
+        } catch (ParseException e) {
+          LOGGER.error("用户的身份证错误，phoneNo:{},e:{}", phoneNo, e);
+          return 0;
+        }
+      }
+      if (!StringUtils.isBlank(name) && ValidationUtil.validateChinese(name)) {
+        return userDetailRepository.updateNameByPhoneNo(name, phoneNo);
+      }
+    }
+    return 0;
+  }
 }

src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java

@@ -396,4 +396,11 @@ public class UserServiceImpl implements IUserService {
       count++;
     }
   }
+
+  @Override
+  @CacheEvict(value = "usercache", key = "'xyqbuser' + #phoneNo", cacheManager = "cacheManager")
+  public int forbiddenUser(Boolean enable, String phoneNo) {
+    return userRepository.forbiddenUser(enable, phoneNo);
+  }
+
 }

src/main/java/cn/quantgroup/xyqb/service/wechat/IWechatService.java

@@ -18,4 +18,6 @@ public interface IWechatService {
   WechatUserInfo saveWechatUserInfo(WechatUserInfo userInfo);
 
   WechatUserInfo queryOpenIdByUserId(Long userId);
+
+  int forbiddenUserWeChat(Long userId);
 }

src/main/java/cn/quantgroup/xyqb/service/wechat/impl/WechatServiceImpl.java

@@ -138,4 +138,10 @@ public class WechatServiceImpl implements IWechatService {
   public WechatUserInfo queryOpenIdByUserId(Long userId) {
     return weChatUserRepository.findByUserId(userId);
   }
+
+
+  @Override
+  public int forbiddenUserWeChat(Long userId) {
+    return weChatUserRepository.removeByUserId(userId);
+  }
 }

src/main/java/cn/quantgroup/xyqb/util/AESUtil.java

+package cn.quantgroup.xyqb.util;
+
+import org.apache.commons.codec.binary.Base64;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+
+/**
+ * AES编码器工具
+ * 使用AES加密解密 AES-128-ECB加密
+ * @version 1.0
+ */
+public class AESUtil {
+
+    /**
+     * KEY算法
+     */
+    private static final String KEY_ALGORITHM = "AES";
+
+    /**
+     * 加密算法
+     * "/算法/模式/补码方式"
+     */
+    private static final String CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding";
+
+    /**
+     * 编码格式
+     */
+    private static final String DATA_ENCODING = "utf-8";
+
+    /**
+     * 数据解密，返回字符串
+     * @param data 待解密的数据
+     * @param key  解密使用的KEY
+     * @return 解密之后的数据
+     */
+    public static String decryptAfterBase64Decode(String data, String key) {
+        try {
+            byte[] bytes = decryptAfterBase64DecodeToByte(data, key);
+            if (bytes != null && bytes.length > 0){
+                return new String(bytes, DATA_ENCODING);
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 数据解密，返回字节数据
+     * @param data
+     * @param key
+     * @return
+     */
+    public static byte[] decryptAfterBase64DecodeToByte(String data, String key) {
+        try {
+            if (key == null || "".equals(key.trim().length())) {
+                return null;
+            }
+            byte[] raw = key.getBytes(DATA_ENCODING);
+            SecretKeySpec skeySpec = new SecretKeySpec(raw, KEY_ALGORITHM);
+            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
+            cipher.init(Cipher.DECRYPT_MODE, skeySpec);
+            byte[] encrypted1 = new Base64().decode(data);
+            byte[] original = cipher.doFinal(encrypted1);
+            return original;
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+}