Showing
1 changed file
with
55 additions
and
12 deletions
| ... | ... | @@ -21,6 +21,7 @@ import org.thingsboard.server.common.data.id.*; |
| 21 | 21 | import org.thingsboard.server.common.data.plugin.ComponentLifecycleEvent; |
| 22 | 22 | import org.thingsboard.server.common.data.security.Authority; |
| 23 | 23 | import org.thingsboard.server.common.data.security.UserCredentials; |
| 24 | +import org.thingsboard.server.common.data.security.event.UserAuthDataChangedEvent; | |
| 24 | 25 | import org.thingsboard.server.common.data.yunteng.common.AddGroup; |
| 25 | 26 | import org.thingsboard.server.common.data.yunteng.common.DeleteGroup; |
| 26 | 27 | import org.thingsboard.server.common.data.yunteng.common.UpdateGroup; |
| ... | ... | @@ -50,6 +51,7 @@ import javax.servlet.http.HttpServletResponse; |
| 50 | 51 | import java.io.IOException; |
| 51 | 52 | import java.util.HashMap; |
| 52 | 53 | import java.util.List; |
| 54 | +import java.util.Objects; | |
| 53 | 55 | import java.util.UUID; |
| 54 | 56 | |
| 55 | 57 | import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*; |
| ... | ... | @@ -113,8 +115,8 @@ public class TkUserController extends AbstractUserAccount { |
| 113 | 115 | queryMap.put(PAGE_SIZE, pageSize); |
| 114 | 116 | queryMap.put(PAGE, page); |
| 115 | 117 | queryMap.put(ORDER_FILED, orderBy); |
| 116 | - queryMap.put("realName",realName); | |
| 117 | - queryMap.put("username",username); | |
| 118 | + queryMap.put("realName", realName); | |
| 119 | + queryMap.put("username", username); | |
| 118 | 120 | if (null != roleType && roleType.equals(RoleEnum.TENANT_ADMIN)) { |
| 119 | 121 | queryMap.put("roleType", roleType.name()); |
| 120 | 122 | } else { |
| ... | ... | @@ -200,7 +202,7 @@ public class TkUserController extends AbstractUserAccount { |
| 200 | 202 | createTBUser( |
| 201 | 203 | tbUser, userDTO, customer.getTenantId(), customer.getId(), Authority.CUSTOMER_USER); |
| 202 | 204 | // 激活CUSTOMER_USER的管理员 |
| 203 | - activeTBUser(tbUser.getId(), userDTO.getPassword(),null,false); | |
| 205 | + activeTBUser(tbUser.getId(), userDTO.getPassword(), null, false); | |
| 204 | 206 | } |
| 205 | 207 | return ResponseEntity.ok( |
| 206 | 208 | userService.saveAccount( |
| ... | ... | @@ -211,7 +213,8 @@ public class TkUserController extends AbstractUserAccount { |
| 211 | 213 | getCurrentUser().getCurrentTenantId())); |
| 212 | 214 | } |
| 213 | 215 | |
| 214 | - @PreAuthorize("@check.checkPermissions({'SYS_ADMIN','PLATFORM_ADMIN'},{'api:yt:user:saveTenantAdmin:post'})") | |
| 216 | + @PreAuthorize( | |
| 217 | + "@check.checkPermissions({'SYS_ADMIN','PLATFORM_ADMIN'},{'api:yt:user:saveTenantAdmin:post'})") | |
| 215 | 218 | @PostMapping("save_tenant_admin") |
| 216 | 219 | public UserDTO saveTenantAdmin(@Validated(AddGroup.class) @RequestBody UserDTO userDTO) |
| 217 | 220 | throws ThingsboardException { |
| ... | ... | @@ -230,14 +233,20 @@ public class TkUserController extends AbstractUserAccount { |
| 230 | 233 | if (null == userDTO.getId()) { |
| 231 | 234 | tbUser = createTBUser(tbUser, userDTO, tenantId, customerId, Authority.TENANT_ADMIN); |
| 232 | 235 | // 激活租户管理员 |
| 233 | - activeTBUser(tbUser.getId(), accountProperties.getDefaultPassword(),tbUser.getTenantId(),true); | |
| 236 | + activeTBUser( | |
| 237 | + tbUser.getId(), accountProperties.getDefaultPassword(), tbUser.getTenantId(), true); | |
| 234 | 238 | } |
| 235 | 239 | } catch (Exception e) { |
| 236 | 240 | throw handleException(e); |
| 237 | 241 | } |
| 238 | - | |
| 239 | - return userService.saveTenantAdmin( | |
| 240 | - userDTO, getCurrentUser().isPtSysadmin(), tenantId.getId().toString()); | |
| 242 | + UserDTO result = | |
| 243 | + userService.saveTenantAdmin( | |
| 244 | + userDTO, getCurrentUser().isPtSysadmin(), tenantId.getId().toString()); | |
| 245 | + userService.updateTenantAdminUserCredentials( | |
| 246 | + List.of(new UserId(UUID.fromString(result.getTbUser()))), | |
| 247 | + userDTO.getTenantId(), | |
| 248 | + userDTO.isEnabled(),false); | |
| 249 | + return result; | |
| 241 | 250 | } |
| 242 | 251 | |
| 243 | 252 | @DeleteMapping |
| ... | ... | @@ -318,6 +327,40 @@ public class TkUserController extends AbstractUserAccount { |
| 318 | 327 | getCurrentUser().getCurrentTenantId(), |
| 319 | 328 | getCurrentUser().isPtTenantAdmin())); |
| 320 | 329 | } |
| 330 | + | |
| 331 | + @PostMapping("/reset_password/{userId}") | |
| 332 | + @ApiOperation(value = "重置客户密码") | |
| 333 | + @PreAuthorize( | |
| 334 | + "@check.checkPermissions({'SYS_ADMIN','TENANT_ADMIN'},{'api:yt:user:resetPassword'})") | |
| 335 | + public ResponseResult resetPassword(@PathVariable("userId") String userId) | |
| 336 | + throws ThingsboardException { | |
| 337 | + boolean isSysAdmin = getCurrentUser().isSystemAdmin(); | |
| 338 | + Integer level = isSysAdmin ? 1 : 3; | |
| 339 | + // 检查平台、客户账号 | |
| 340 | + UserDTO user = userService.checkAccount(userId, level); | |
| 341 | + if (null == user) { | |
| 342 | + throw new TkDataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage()); | |
| 343 | + } | |
| 344 | + String tenantId = getCurrentUser().getCurrentTenantId(); | |
| 345 | + if (!Objects.equals(user.getTenantId(), tenantId) && !isSysAdmin) { | |
| 346 | + throw new TkDataValidationException(ErrorMessage.NOT_BELONG_CURRENT_TENANT.getMessage()); | |
| 347 | + } | |
| 348 | + // update | |
| 349 | + String resetPassword = accountProperties.getDefaultPassword(); | |
| 350 | + if (!isSysAdmin) { | |
| 351 | + // 租户才需要改tb的凭证 | |
| 352 | + SecurityUser securityUser = new SecurityUser(); | |
| 353 | + securityUser.setId(new UserId(UUID.fromString(user.getTbUser()))); | |
| 354 | + securityUser.setTenantId(TenantId.fromUUID(UUID.fromString(user.getTenantId()))); | |
| 355 | + updatePassword(resetPassword, securityUser); | |
| 356 | + } | |
| 357 | + userService.resetPassword(userId, tenantId, resetPassword); | |
| 358 | + if(isSysAdmin){ | |
| 359 | + eventPublisher.publishEvent(new UserAuthDataChangedEvent(new UserId(UUID.fromString(userId)))); | |
| 360 | + } | |
| 361 | + return ResponseResult.success(ErrorMessage.RESET_PASSWORD_SUCCESS.getMessage()); | |
| 362 | + } | |
| 363 | + | |
| 321 | 364 | /** |
| 322 | 365 | * 创建租户用户 |
| 323 | 366 | * |
| ... | ... | @@ -353,17 +396,17 @@ public class TkUserController extends AbstractUserAccount { |
| 353 | 396 | * @param userId 用户ID |
| 354 | 397 | * @throws ThingsboardException tb运行异常 |
| 355 | 398 | */ |
| 356 | - private void activeTBUser(UserId userId, String password,TenantId tenantId ,boolean isPtAdmin) throws ThingsboardException { | |
| 399 | + private void activeTBUser(UserId userId, String password, TenantId tenantId, boolean isPtAdmin) | |
| 400 | + throws ThingsboardException { | |
| 357 | 401 | try { |
| 358 | 402 | // 1、获取UserCredentials 并获取activateToken |
| 359 | - if(!isPtAdmin){ | |
| 403 | + if (!isPtAdmin) { | |
| 360 | 404 | User user = checkUserId(userId, Operation.READ); |
| 361 | 405 | userId = user.getId(); |
| 362 | 406 | SecurityUser authUser = getCurrentUser(); |
| 363 | 407 | tenantId = authUser.getTenantId(); |
| 364 | 408 | } |
| 365 | - UserCredentials userCredentials = | |
| 366 | - tbUserService.findUserCredentialsByUserId(tenantId, userId); | |
| 409 | + UserCredentials userCredentials = tbUserService.findUserCredentialsByUserId(tenantId, userId); | |
| 367 | 410 | // 2、进行激活 |
| 368 | 411 | String encodedPassword = passwordEncoder.encode(password); |
| 369 | 412 | UserCredentials credentials = | ... | ... |