下线相关接口

ad1a937f · 李健华 · 1a5f0ea3 · ad1a937f · ad1a937f · ad1a937f
Commit ad1a937f authored May 31, 2022 by 李健华
16 changed files
--- a/src/main/java/cn/quantgroup/xyqb/aspect/forbidden/AccessForbiddenAspect.java
+++ b/src/main/java/cn/quantgroup/xyqb/aspect/forbidden/AccessForbiddenAspect.java
+package cn.quantgroup.xyqb.aspect.forbidden;
+import cn.quantgroup.xyqb.exception.AccessForbiddenException;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.annotation.Pointcut;
+import org.springframework.stereotype.Component;
+@Aspect
+@Component
+@Slf4j
+public class AccessForbiddenAspect {
+    @Pointcut("@annotation(cn.quantgroup.xyqb.aspect.forbidden.AccessForbiddenValidator)")
+    public void pointCutAt() {
+    }
+    @Before("pointCutAt()")
+    private void before() throws Throwable {
+        throw new AccessForbiddenException("禁止访问，接口已下线");
+    }
+}
--- a/src/main/java/cn/quantgroup/xyqb/aspect/forbidden/AccessForbiddenValidator.java
+++ b/src/main/java/cn/quantgroup/xyqb/aspect/forbidden/AccessForbiddenValidator.java
+package cn.quantgroup.xyqb.aspect.forbidden;
+public @interface AccessForbiddenValidator {
+}
--- a/src/main/java/cn/quantgroup/xyqb/controller/ExceptionHandlingController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/ExceptionHandlingController.java
@@ -197,4 +197,9 @@ public class ExceptionHandlingController implements IBaseController {
    public JsonResult<?> handleUserDeregisterException(UserRegisterLoginException e) {
        return JsonResult.buildErrorStateResult(e.getMessage(), null);
    }
+    @ExceptionHandler(AccessForbiddenException.class)
+    public JsonResult<?> handleAccessForbiddenException(AccessForbiddenException e) {
+        return JsonResult.buildErrorStateResult(e.getMessage(), null);
+    }
 }
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
 package cn.quantgroup.xyqb.controller.external;
-import cn.quantgroup.security.AESEncryption;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.aspect.accessable.IpValidator;
 import cn.quantgroup.xyqb.aspect.captcha.CaptchaFiniteValidator;
 import cn.quantgroup.xyqb.aspect.captcha.LoginInterceptor;
+import cn.quantgroup.xyqb.aspect.forbidden.AccessForbiddenValidator;
 import cn.quantgroup.xyqb.aspect.limit.PasswordFreeAccessValidator;
 import cn.quantgroup.xyqb.aspect.lock.PasswordErrorFiniteValidator;
 import cn.quantgroup.xyqb.controller.IBaseController;
@@ -14,7 +14,6 @@ import cn.quantgroup.xyqb.exception.VerificationCodeErrorException;
 import cn.quantgroup.xyqb.model.*;
 import cn.quantgroup.xyqb.model.session.SessionStruct;
 import cn.quantgroup.xyqb.model.session.SessionValue;
-import cn.quantgroup.xyqb.repository.IUserRepository;
 import cn.quantgroup.xyqb.service.http.IHttpService;
 import cn.quantgroup.xyqb.service.merchant.IMerchantService;
 import cn.quantgroup.xyqb.service.register.IUserRegisterService;
@@ -23,7 +22,10 @@ import cn.quantgroup.xyqb.service.sms.ISmsService;
 import cn.quantgroup.xyqb.service.user.*;
 import cn.quantgroup.xyqb.service.wechat.IWechatService;
 import cn.quantgroup.xyqb.session.XyqbSessionContextHolder;
-import cn.quantgroup.xyqb.util.*;
+import cn.quantgroup.xyqb.util.IpUtil;
+import cn.quantgroup.xyqb.util.PasswordUtil;
+import cn.quantgroup.xyqb.util.TenantUtil;
+import cn.quantgroup.xyqb.util.ValidationUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.alibaba.fastjson.TypeReference;
@@ -580,6 +582,7 @@ public class UserController implements IBaseController {
     * @return
     * @yapi http://yapi.quantgroups.com/project/17/interface/api/267
     */
+    @AccessForbiddenValidator
    @PasswordFreeAccessValidator
    @RequestMapping("/center/index")
    @ApiOperation(value = "用户中心首页", notes = "用户中心首页显示头像, 昵称, 姓名", httpMethod = "POST")

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/querylog/UserQueryLogController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/querylog/UserQueryLogController.java
 package cn.quantgroup.xyqb.controller.internal.querylog;
-import java.io.OutputStream;
-import java.text.SimpleDateFormat;
-import java.time.LocalDateTime;
-import java.util.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import cn.quantgroup.xyqb.exception.UserQueryLogException;
-import cn.quantgroup.xyqb.util.encrypt.Rsa;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.poi.hssf.usermodel.*;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.data.domain.Page;
-import org.springframework.util.CollectionUtils;
-import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
-import com.google.gson.*;
-import io.swagger.annotations.ApiOperation;
 import cn.quantgroup.xyqb.Constants;
+import cn.quantgroup.xyqb.aspect.forbidden.AccessForbiddenValidator;
 import cn.quantgroup.xyqb.entity.Address;
 import cn.quantgroup.xyqb.entity.UserDetail;
 import cn.quantgroup.xyqb.entity.UserQueryLog;
+import cn.quantgroup.xyqb.exception.UserQueryLogException;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.PageModel;
 import cn.quantgroup.xyqb.model.UserQueryInfo;
@@ -39,6 +16,26 @@ import cn.quantgroup.xyqb.service.user.IUserQueryLogService;
 import cn.quantgroup.xyqb.util.IdcardValidator;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import cn.quantgroup.xyqb.util.encrypt.Md5Util;
+import cn.quantgroup.xyqb.util.encrypt.Rsa;
+import com.google.gson.*;
+import io.swagger.annotations.ApiOperation;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.poi.hssf.usermodel.*;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.domain.Page;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.OutputStream;
+import java.text.SimpleDateFormat;
+import java.time.LocalDateTime;
+import java.util.*;
 /**
 * Created by zenglibin on 17/06/13.
@@ -129,6 +126,7 @@ public class UserQueryLogController {
 	/**
 	 * @yapi http://yapi.quantgroups.com/project/17/interface/api/261
 	 */
+    @AccessForbiddenValidator
    @RequestMapping("/queryUserInfo")
    @ApiOperation(value = "给运营系统提供的查询用户信息的接口", notes = "给运营系统提供的查询用户信息的接口", httpMethod = "POST")
    public JsonResult queryForResult(HttpServletRequest request, String key, String keyValues, String columns, Integer pageId, Integer pageSize) {

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/AppController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/AppController.java
@@ -63,9 +63,8 @@ public class AppController implements IBaseController {
    @AuthorizationPoint
    @RequestMapping("/auth/v1/login")
    public JsonResult authLoginV1(
-            String idNo
+            String name,
-            , String name
+            @RequestParam(required = true) String key,
-            , @RequestParam(required = true) String key,
            @RequestParam(required = true) Long createdFrom,
            @RequestParam(required = false) Long registerFrom,
            @RequestParam(required = true) Long channelId,
@@ -89,7 +88,7 @@ public class AppController implements IBaseController {
                if (user == null) {
                    // 未注册过
                    isRegister = true;
-                    user = userRegisterService.register(registerFrom, phoneNumber, idNo, name, channelId, createdFrom, tenantId);
+                    user = userRegisterService.register(registerFrom, phoneNumber, name, channelId, createdFrom, tenantId);
                }
                // 无论是否注册过都添加映射
                oauthLoginInfoService.addLoginInfo(user, tenantId);

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
@@ -5,6 +5,7 @@ import cn.quantgroup.tech.db.TargetDataSource;
 import cn.quantgroup.user.enums.*;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.aspect.accessable.IpValidator;
+import cn.quantgroup.xyqb.aspect.forbidden.AccessForbiddenValidator;
 import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.controller.internal.user.resp.UserFullResp;
 import cn.quantgroup.xyqb.entity.*;
@@ -53,7 +54,6 @@ import javax.validation.constraints.Min;
 import javax.validation.constraints.NotNull;
 import java.io.UnsupportedEncodingException;
 import java.text.ParseException;
-import java.text.SimpleDateFormat;
 import java.util.*;
 import java.util.stream.Collectors;
@@ -261,6 +261,7 @@ public class InnerController implements IBaseController {
 	/**
 	 * @yapi http://yapi.quantgroups.com/project/17/interface/api/227
 	 */
+    @AccessForbiddenValidator
    @RequestMapping("/userInfo/search/phone")
    @ApiOperation(httpMethod = "POST", value = "根据手机号查询用户详细信息")
    public JsonResult findUserInfoByPhone(@RequestParam(value = "phone") String phone) {
@@ -421,6 +422,7 @@ public class InnerController implements IBaseController {
     * 根据用户id查询用户的详细信息
     * @yapi http://yapi.quantgroups.com/project/17/interface/api/237
     */
+    @AccessForbiddenValidator
    @RequestMapping("/user_detail/search/userId")
    @ApiOperation(httpMethod = "POST", value = "查询用户详情")
    public JsonResult findUserDetailByUserId(Long userId, Integer tenantId) {
@@ -466,6 +468,7 @@ public class InnerController implements IBaseController {
 	/**
 	 * @yapi http://yapi.quantgroups.com/project/17/interface/api/235
 	 */
+    @AccessForbiddenValidator
    @RequestMapping("/user_detail/search/phone")
    @ApiOperation(httpMethod = "POST", value = "查询用户详情")
    public JsonResult findUserDetailByPhone(String phoneNo, Integer tenantId) {
@@ -731,6 +734,7 @@ public class InnerController implements IBaseController {
     * @param idNo    - 身份证号
     * @return JsonResult<List < UserDetail>>
     */
+    @AccessForbiddenValidator
    @RequestMapping("/user_detail/search_list")
    @ApiOperation(httpMethod = "POST", value = "按照姓名、份证号或手机号查询用户实名信息 - 精确查询，供客服用，不限制入参正确性")
    @TargetDataSource(type = DSType.SLAVE)

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/center/UserCenterController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/center/UserCenterController.java
@@ -2,6 +2,7 @@ package cn.quantgroup.xyqb.controller.internal.user.center;
 import cn.quantgroup.user.enums.*;
 import cn.quantgroup.xyqb.Constants;
+import cn.quantgroup.xyqb.aspect.forbidden.AccessForbiddenValidator;
 import cn.quantgroup.xyqb.aspect.limit.PasswordFreeAccessValidator;
 import cn.quantgroup.xyqb.aspect.lock.RedisLock;
 import cn.quantgroup.xyqb.entity.*;
@@ -185,6 +186,7 @@ public class UserCenterController {
     * @param phoneNo
     * @return
     */
+    @AccessForbiddenValidator
    @PasswordFreeAccessValidator
    @RequestMapping("/personalData")
    @ApiOperation(value = "查询个人资料信息", notes = "查询个人资料信息", httpMethod = "POST")
@@ -228,6 +230,7 @@ public class UserCenterController {
     * @param contactJson 要保存的联系人json串
     * @return
     */
+    @AccessForbiddenValidator
    @RequestMapping("/contacts/save")
    @ApiOperation(value = "保存用户联系人", notes = "保存用户联系人", httpMethod = "POST")
    public JsonResult saveUserContact(String phoneNo, String contactJson) {
@@ -327,6 +330,7 @@ public class UserCenterController {
     * @param phoneNo
     * @return
     */
+    @AccessForbiddenValidator
    @RequestMapping("/searchContacts/phoneNo")
    @ApiOperation(value = "查询用户联系人", notes = "查询用户联系人", httpMethod = "POST")
    public JsonResult searchUserContacts(String phoneNo) {
@@ -351,6 +355,7 @@ public class UserCenterController {
     * @param maritalStatus   婚姻状态
     * @return
     */
+    @AccessForbiddenValidator
    @RequestMapping("/save/userExtInfo")
    @RedisLock(prefix = "lock:user:ext:", key = "#this[0]")
    @ApiOperation(value = "保存用户经济学历等信息", notes = "保存用户经济学历等信息", httpMethod = "POST")

--- a/src/main/java/cn/quantgroup/xyqb/entity/UserHashMapping.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/UserHashMapping.java
@@ -4,9 +4,10 @@ import cn.quantgroup.xyqb.util.HashUtil;
 import lombok.Data;
 import lombok.NoArgsConstructor;
-import javax.persistence.*;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Table;
 import java.io.Serializable;
-import java.sql.Timestamp;
 @Data
 @Entity
@@ -25,22 +26,13 @@ public class UserHashMapping extends BaseEntity implements Serializable {
    @Column(name = "phone_no_md5")
    private String phoneNoMd5;
-    @Column(name = "id_no_md5")
-    private String idNoMd5;
    @Column(name = "phone_no_md5_short")
    private Long phoneNoMd5Short;
-    @Column(name = "id_no_md5_short")
-    private Long idNoMd5Short;
    public void setPhoneNoMd5(String phoneNoMd5) {
        this.phoneNoMd5 = phoneNoMd5;
        this.phoneNoMd5Short = HashUtil.crc32(phoneNoMd5);
    }
-    public void setIdNoMd5(String idNoMd5) {
-        this.idNoMd5 = idNoMd5;
-        this.idNoMd5Short = HashUtil.crc32(idNoMd5);
-    }
 }
\ No newline at end of file
--- a/src/main/java/cn/quantgroup/xyqb/event/PhoneHashEventListener.java
+++ b/src/main/java/cn/quantgroup/xyqb/event/PhoneHashEventListener.java
@@ -49,7 +49,7 @@ public class PhoneHashEventListener implements ApplicationListener<RegisterEvent
        }
        UserHashMapping userHashMapping = userHashMappingRepository.findByUserId(userId);
-        if (userHashMapping != null && userHashMapping.getIdNoMd5() != null) {
+        if (userHashMapping != null) {
            //已存在的用户, 并且已存在身份证号
            return;
        }
@@ -62,11 +62,6 @@ public class PhoneHashEventListener implements ApplicationListener<RegisterEvent
        userHashMapping.setPhoneNoMd5(phoneNoMd5);
-        //如果有身份证号. 更新一下
-        if (StringUtils.isNotEmpty(idNo)) {
-            idNo = idNo.toUpperCase();
-            userHashMapping.setIdNoMd5(Md5Util.build(idNo));
-        }
        try {
            userHashMappingRepository.saveAndFlush(userHashMapping);

--- a/src/main/java/cn/quantgroup/xyqb/event/UserDetailHashEventListener.java
+++ b/src/main/java/cn/quantgroup/xyqb/event/UserDetailHashEventListener.java
@@ -44,8 +44,6 @@ public class UserDetailHashEventListener implements ApplicationListener<UserDeta
        userHashMapping.setPhoneNoMd5(Md5Util.build(phoneNo));
        //可能存在身份证号修改. 搞一下.
-        String idNo = userDetail.getIdNo().toUpperCase();
-        userHashMapping.setIdNoMd5(Md5Util.build(idNo));
        try {
            userHashMappingRepository.save(userHashMapping);
        } catch (PersistenceException e) {

--- a/src/main/java/cn/quantgroup/xyqb/exception/AccessForbiddenException.java
+++ b/src/main/java/cn/quantgroup/xyqb/exception/AccessForbiddenException.java
+package cn.quantgroup.xyqb.exception;
+/**
+ * 接口下线异常
+ *
+ * @author killer
+ * @date 2021年12月29日14:31:02
+ */
+public class AccessForbiddenException extends RuntimeException {
+    private static final long serialVersionUID = -1L;
+    public AccessForbiddenException(String msg, Throwable t) {
+        super(msg, t);
+    }
+    public AccessForbiddenException(String msg) {
+        super(msg);
+    }
+}
--- a/src/main/java/cn/quantgroup/xyqb/repository/IUserHashMappingRepository.java
+++ b/src/main/java/cn/quantgroup/xyqb/repository/IUserHashMappingRepository.java
@@ -4,15 +4,13 @@ import cn.quantgroup.xyqb.entity.UserHashMapping;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.transaction.annotation.Transactional;
-import java.util.List;
 public interface IUserHashMappingRepository extends JpaRepository<UserHashMapping, Long> {
    UserHashMapping findByPhoneNoMd5ShortAndPhoneNoMd5(Long phoneNoMd5Short, String phoneNoMd5);
-    UserHashMapping findByIdNoMd5ShortAndIdNoMd5(Long idNoMd5Short, String idNoMd5);
+//    UserHashMapping findByIdNoMd5ShortAndIdNoMd5(Long idNoMd5Short, String idNoMd5);
-    List<UserHashMapping> findByIdNoMd5AndIdNoMd5Short(String idNoMd5, Long idNoMd5Short);
+//    List<UserHashMapping> findByIdNoMd5AndIdNoMd5Short(String idNoMd5, Long idNoMd5Short);
    UserHashMapping findByUserId(Long userId);

--- a/src/main/java/cn/quantgroup/xyqb/service/register/IUserRegisterService.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/register/IUserRegisterService.java
@@ -30,6 +30,7 @@ public interface IUserRegisterService {
    User register(Long registerFrom, String phoneNo, String idNo, String name, Long channelId, Long btRegisterChannelId);
    User register(Long registerFrom, String phoneNo, String idNo, String name, Long channelId, Long btRegisterChannelId, Integer tenantId);
+    User register(Long registerFrom, String phoneNo, String name, Long channelId, Long btRegisterChannelId, Integer tenantId);
    /**

--- a/src/main/java/cn/quantgroup/xyqb/service/register/impl/UserRegisterServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/register/impl/UserRegisterServiceImpl.java
@@ -284,4 +284,27 @@ public class UserRegisterServiceImpl implements IUserRegisterService {
            throw new UserRegisterLoginException("距离上次销户时间小于90天，无法再次注册");
        }
    }
+    @Transactional(rollbackFor = Exception.class)
+    @Override
+    public User register(Long registerFrom, String phoneNo, String name, Long channelId, Long btRegisterChannelId, Integer tenantId) {
+        deregisterCheck(phoneNo);
+        UserRegisterParam userRegisterParam = UserRegisterParam.builder()
+                .registerFrom(registerFrom)
+                .phoneNo(phoneNo)
+                .name(name)
+                .channelId(channelId)
+                .btRegisterChannelId(btRegisterChannelId)
+                .sendSuccessSms(true)
+                .sendAppSms(true)
+                .sendSuccessMq(true)
+                .build();
+        User user = saveUser(userRegisterParam);
+        if (tenantId == null || tenantId.equals(TenantUtil.TENANT_DEFAULT)) {
+            applicationEventPublisher.publishEvent(new RegisterEvent(this, userRegisterParam));
+        }
+        return user;
+    }
 }
--- a/src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java
@@ -278,8 +278,6 @@ public class UserServiceImpl implements IUserService, IBaseController {
        UserHashMapping userHashMapping;
        if (FindByMd5Enum.PHONENO.getType() == type) {
            userHashMapping = userHashMappingRepository.findByPhoneNoMd5ShortAndPhoneNoMd5(value, md5Value);
-        } else if (FindByMd5Enum.IDNO.getType() == type) {
-            userHashMapping = userHashMappingRepository.findByIdNoMd5ShortAndIdNoMd5(value, md5Value);
        } else {
            userHashMapping = null;
            UserHashPhoneNoIdNoMapping userHashPhoneNoIdNoMapping = userHashPhoneNoIdNoMappingRepository.findFirstByPhoneNoIdNoMd5(md5Value);
@@ -302,12 +300,6 @@ public class UserServiceImpl implements IUserService, IBaseController {
        UserHashMapping userHashMapping = null;
        if (FindByMd5Enum.PHONENO.getType() == type) {
            userHashMapping = userHashMappingRepository.findByPhoneNoMd5ShortAndPhoneNoMd5(value, md5Value);
-        } else if (FindByMd5Enum.IDNO.getType() == type) {
-            List<UserHashMapping> userHashMappings = userHashMappingRepository.findByIdNoMd5AndIdNoMd5Short(md5Value, value);
-            if (!CollectionUtils.isEmpty(userHashMappings)) {
-                //如果多个只返回最新的
-                userHashMapping = userHashMappings.stream().max(Comparator.comparing(UserHashMapping::getId)).orElse(null);
-            }
        } else {
            userHashMapping = null;
            UserHashPhoneNoIdNoMapping userHashPhoneNoIdNoMapping = userHashPhoneNoIdNoMappingRepository.findFirstByPhoneNoIdNoMd5(md5Value);