feat: 合并yunteng的IOT代码

+package org.thingsboard.server.controller.yunteng;
+
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.util.Assert;
+import org.springframework.web.bind.annotation.*;
+import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.yunteng.dto.RoleDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.controller.BaseController;
+import org.thingsboard.server.dao.yunteng.service.RoleService;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Set;
+
+import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
+
+
+@RestController
+@RequestMapping("api/v1/role")
+@RequiredArgsConstructor
+public class RoleController extends BaseController {
+
+  private final RoleService roleService;
+
+  @GetMapping(params = {PAGE_SIZE, PAGE})
+  public PageData<RoleDTO> pageRole(
+      @RequestParam(PAGE_SIZE) int pageSize,
+      @RequestParam(PAGE) int page,
+      @RequestParam(value = "roleName", required = false) String roleName,
+      @RequestParam(value = "status", required = false) Integer status,
+      @RequestParam(value = "roleType", required = false) RoleEnum roleType,
+      @RequestParam(value = ORDER_FILED, required = false) String orderBy,
+      @RequestParam(value = ORDER_TYPE, required = false) OrderTypeEnum orderType) throws ThingsboardException {
+    HashMap<String, Object> queryMap = new HashMap<>();
+    queryMap.put(PAGE_SIZE, pageSize);
+    queryMap.put(PAGE, page);
+    queryMap.put(ORDER_FILED, orderBy);
+    queryMap.put("roleName", roleName);
+    if (status != null) {
+      queryMap.put("status", status == 1);
+    }
+    if(roleType !=null){
+      queryMap.put("roleType", roleType.name());
+    }
+    if (orderType != null) {
+      queryMap.put(ORDER_TYPE, orderType.name());
+    }
+    return roleService.page(getCurrentUser().isSysadmin(), getCurrentUser().isPlatformAdmin(), getCurrentUser().getCurrentTenantId(),queryMap);
+  }
+
+  @DeleteMapping
+  public void deleteRole(@RequestBody String[] ids) throws ThingsboardException {
+    roleService.deleteRole(ids,getCurrentUser().getCurrentTenantId());
+  }
+
+  @GetMapping("/me/permissions")
+  public Set<String> getPermissions() throws ThingsboardException {
+    return roleService.getPermissions(getCurrentUser().isSysadmin(), getCurrentUser().isTenantAdmin(), getCurrentUser().getCurrentTenantId(), getCurrentUser().getCurrentUserId());
+  }
+
+  @PutMapping("updateRoleStatus/{roleId}/{status}")
+  public void updateRoleStatus(
+      @PathVariable("roleId") String roleId, @PathVariable("status") int status) throws ThingsboardException {
+    Assert.isTrue(status == 0 || status == 1, "role status is not correct");
+    roleService.updateRoleStatus(roleId, status, getCurrentUser().isSysadmin() ,getCurrentUser().getCurrentTenantId());
+  }
+
+  @PostMapping("saveOrUpdateRoleInfoWithMenu")
+  public RoleDTO saveOrUpdateRoleInfoWithMenu(@RequestBody RoleReqDTO roleReqDTO) throws ThingsboardException {
+    return roleService.saveOrUpdateRoleInfoWithMenu(
+        roleReqDTO,
+        getCurrentUser().isSysadmin(),
+        getCurrentUser().isPlatformAdmin(),
+        getCurrentUser().getCurrentTenantId());
+  }
+
+  @PostMapping("/find/list")
+  public List<RoleDTO> findRoleInfoList(@RequestBody RoleDTO roleDTO) throws ThingsboardException {
+    return roleService.findRoleInfo(getCurrentUser().isTenantAdmin(), getCurrentUser().getCurrentTenantId(),getCurrentUser().getCurrentUserId(), roleDTO);
+  }
+}

+package org.thingsboard.server.controller.yunteng;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.util.Assert;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.yunteng.common.UpdateGroup;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.dto.MenuDTO;
+import org.thingsboard.server.common.data.yunteng.dto.TenantDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.TenantReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.controller.BaseController;
+import org.thingsboard.server.dao.yunteng.service.MenuService;
+import org.thingsboard.server.dao.yunteng.service.YtTenantService;
+import org.thingsboard.server.dao.yunteng.service.YtUserService;
+
+import java.net.URI;
+import java.util.*;
+
+import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
+
+@RestController
+@RequestMapping("api/v1/admin")
+@RequiredArgsConstructor
+@PreAuthorize("hasAnyRole('SYS_ADMIN','PLATFORM_ADMIN')")
+public class YtAdminController extends BaseController {
+
+  private final YtTenantService ytTenantService;
+  private final MenuService menuService;
+  private final YtUserService userService;
+
+  @PostMapping("/tenant")
+  public ResponseEntity<TenantDTO> saveTenant(@RequestBody TenantReqDTO tenantReqDTO) {
+    TenantDTO newTenant = ytTenantService.createNewTenant(tenantReqDTO);
+    URI location =
+        ServletUriComponentsBuilder.fromCurrentRequest()
+            .path("/tenant/getById/{id}")
+            .buildAndExpand(newTenant.getId())
+            .toUri();
+    return ResponseEntity.created(location).body(newTenant);
+  }
+
+  @GetMapping(
+      path = "tenant/page",
+      params = {PAGE_SIZE, PAGE})
+  public PageData<TenantDTO> pageUser(
+      @RequestParam(PAGE_SIZE) int pageSize,
+      @RequestParam(PAGE) int page,
+      @RequestParam(value = "tenantName", required = false) String tenantName,
+      @RequestParam(value = ORDER_FILED, required = false) String orderBy,
+      @RequestParam(value = ORDER_TYPE, required = false) OrderTypeEnum orderType) {
+    HashMap<String, Object> queryMap = new HashMap<>();
+    queryMap.put(PAGE_SIZE, pageSize);
+    queryMap.put(PAGE, page);
+    queryMap.put(ORDER_FILED, orderBy);
+    if (orderType != null) {
+      queryMap.put(ORDER_TYPE, orderType.name());
+    }
+    queryMap.put("tenantName", tenantName);
+    return ytTenantService.page(queryMap);
+  }
+
+  @PutMapping("/tenant")
+  public TenantDTO updateTenant(@RequestBody TenantDTO tenantDTO) {
+    Assert.notNull(tenantDTO, "tenant cannot be null");
+    Assert.notNull(tenantDTO.getId(), "tenant id cannot be null when update");
+    return ytTenantService.updateTenant(tenantDTO);
+  }
+
+  @GetMapping("/tenant/roles/{tenantCode}")
+  public ResponseEntity<List<String>> getTenantRolesByTenantCode(
+      @PathVariable("tenantCode") String tenantCode) {
+    return ResponseEntity.ok(ytTenantService.getTenantRolesByTenantCode(tenantCode));
+  }
+
+  @DeleteMapping("/tenant")
+  public void deleteTenant(@RequestBody String[] ids) {
+    Assert.notNull(ids, "ids cannot be null");
+    if (ids.length == 0) {
+      throw new DataValidationException("id cannot be empty");
+    }
+    ytTenantService.deleteTenants(ids);
+  }
+
+  @DeleteMapping("/user/deleteTenantAdmin")
+  public void deleteTenantAdmin(@RequestBody String[] ids) throws ThingsboardException {
+    Assert.notNull(ids, "ids cannot be null");
+    userService.deleteUser(
+        new HashSet<>(Arrays.asList(ids)),
+        getCurrentUser().isSysadmin(),
+        getCurrentUser().getCurrentTenantId());
+  }
+
+  @GetMapping("/tenant/getById/{id}")
+  public ResponseEntity<TenantDTO> getTenant(@PathVariable("id") String id) {
+    return ResponseEntity.of(ytTenantService.findById(id));
+  }
+
+  @PostMapping("/tenant/adminUser")
+  public ResponseEntity<UserDTO> createTenantAdmin(
+      @RequestParam(value = "sendEmail", required = false, defaultValue = "false")
+          boolean sendEmail,
+      @RequestParam(value = "sendMsg", required = false, defaultValue = "false") boolean sendMsg,
+      @RequestBody UserDTO userDTO)
+      throws ThingsboardException {
+    UserDTO newUserDTO =
+        userService.saveAccount(
+            userDTO,
+            sendEmail,
+            sendMsg,
+            getCurrentUser().isSysadmin(),
+            getCurrentUser().getCurrentTenantId());
+    Optional<UserDTO> optional =
+        userService.getUser(
+            newUserDTO.getId(),
+            getCurrentUser().isSysadmin(),
+            getCurrentUser().getCurrentTenantId());
+    return ResponseEntity.ok(optional.get());
+  }
+
+  @GetMapping("/menu/getAll")
+  public ResponseEntity<List<MenuDTO>> getMenus() throws ThingsboardException {
+    return ResponseEntity.ok(menuService.getAllMenus(getCurrentUser().getCurrentTenantId()));
+  }
+
+  @GetMapping("me/menus")
+  public ResponseEntity<List<MenuDTO>> getMyMenus() throws ThingsboardException {
+    return ResponseEntity.ok(
+        menuService.getMyMenus(
+            getCurrentUser().getCurrentTenantId(),
+            getCurrentUser().getCurrentUserId(),
+            getCurrentUser().isSysadmin(), getCurrentUser().isTenantAdmin()));
+  }
+
+  @PutMapping("/menu/assign/{tenantCode}")
+  public void assignMenuToTenant(
+      @RequestBody String[] menuIds, @PathVariable("tenantCode") String tenantCode) throws ThingsboardException {
+    menuService.assignMenuToTenant(getCurrentUser().getCurrentTenantId(), menuIds);
+  }
+
+  @PostMapping("tenant/updateOrCreateTenant")
+  public TenantDTO updateOrCreateTenant(
+      @Validated(UpdateGroup.class) @RequestBody TenantReqDTO tenantReqDTO) {
+    return ytTenantService.updateOrCreateTenant(tenantReqDTO);
+  }
+}

+package org.thingsboard.server.controller.yunteng;
+
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiResponse;
+import io.swagger.annotations.ApiResponses;
+import lombok.RequiredArgsConstructor;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.util.Assert;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.common.DeleteGroup;
+import org.thingsboard.server.common.data.yunteng.utils.Demo;
+import org.thingsboard.server.common.data.yunteng.utils.ExcelUtil;
+import org.thingsboard.server.common.data.yunteng.dto.DeleteDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserInfoDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.AccountReqDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleOrOrganizationReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.common.data.yunteng.utils.tools.ResponseResult;
+import org.thingsboard.server.controller.BaseController;
+import org.thingsboard.server.dao.yunteng.service.YtUserService;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.URI;
+import java.util.HashMap;
+import java.util.List;
+
+import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
+
+@RestController
+@RequestMapping("api/v1/user")
+@RequiredArgsConstructor
+@Api(value = "用户接口")
+public class YtUserController extends BaseController {
+
+  private final YtUserService userService;
+
+  @GetMapping("{userId}")
+  public ResponseEntity<UserDTO> getUser(@PathVariable("userId") String userId)
+      throws ThingsboardException {
+    return ResponseEntity.of(
+        userService.getUser(
+            userId, getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId()));
+  }
+
+  @GetMapping("me/info")
+  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = UserInfoDTO.class)})
+  @ApiOperation(value = "获取当前用户信息")
+  public UserInfoDTO myInfo() throws ThingsboardException {
+    return userService.me(
+        getCurrentUser().getCurrentUserId(),
+        getCurrentUser().getCurrentTenantId(),
+        getCurrentUser().getRoles());
+  }
+
+  @GetMapping(
+      path = "page",
+      params = {PAGE_SIZE, PAGE})
+  public PageData<UserDTO> pageUser(
+      @RequestParam(PAGE_SIZE) int pageSize,
+      @RequestParam(PAGE) int page,
+      @RequestParam(value = "realName", required = false) String realName,
+      @RequestParam(value = "username", required = false) String username,
+      @RequestParam(value = "tenantCode", required = false) String tenantCode,
+      @RequestParam(value = "roleType", required = false) RoleEnum roleType,
+      @RequestParam(value = ORDER_FILED, required = false) String orderBy,
+      @RequestParam(value = ORDER_TYPE, required = false) OrderTypeEnum orderType)
+      throws ThingsboardException {
+    HashMap<String, Object> queryMap = new HashMap<>();
+    queryMap.put(PAGE_SIZE, pageSize);
+    queryMap.put(PAGE, page);
+    queryMap.put(ORDER_FILED, orderBy);
+    queryMap.put("realName", realName);
+    queryMap.put("username", username);
+    if (getCurrentUser().isSysadmin()) {
+      if (StringUtils.isEmpty(tenantCode)) {
+        tenantCode = getCurrentUser().getCurrentTenantId();
+      }
+      queryMap.put("tenantCode", tenantCode);
+    }
+    if (null != roleType) {
+      queryMap.put("roleType", roleType.name());
+    }
+    if (orderType != null) {
+      queryMap.put(ORDER_TYPE, orderType.name());
+    }
+    return userService.page(
+        queryMap,
+        getCurrentUser().isSysadmin(),
+        getCurrentUser().isPlatformAdmin(),
+        getCurrentUser().isTenantAdmin(),
+        getCurrentUser().getCurrentTenantId());
+  }
+
+  @PutMapping
+  public UserDTO updateUser(@RequestBody UserDTO userDTO) throws ThingsboardException {
+    return userService.updateUser(
+        userDTO, getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId());
+  }
+
+  @PostMapping
+  public ResponseEntity<UserDTO> addUser(
+      @RequestParam(value = "sendEmail", required = false, defaultValue = "false")
+          boolean sendEmail,
+      @RequestParam(value = "sendMsg", required = false, defaultValue = "false") boolean sendMsg,
+      @Validated({AddGroup.class}) @RequestBody UserDTO userDTO)
+      throws ThingsboardException {
+    UserDTO newUserDTO =
+        userService.saveAccount(
+            userDTO,
+            sendEmail,
+            sendMsg,
+            getCurrentUser().isSysadmin(),
+            getCurrentUser().getCurrentTenantId());
+    URI location =
+        ServletUriComponentsBuilder.fromCurrentRequest()
+            .path("{id}")
+            .buildAndExpand(newUserDTO.getId())
+            .toUri();
+    return ResponseEntity.created(location).body(newUserDTO);
+  }
+
+  @PreAuthorize("hasRole('SYS_ADMIN')")
+  @PostMapping("saveTenantAdmin")
+  public UserDTO saveTenantAdmin(@RequestBody UserDTO userDTO) throws ThingsboardException {
+    Assert.isTrue(StringUtils.isNotBlank(userDTO.getTenantCode()), "tenant code must exist");
+    Assert.notNull(userDTO.getUsername(), "username must exist");
+    Assert.notNull(userDTO.getRealName(), "real name must exist");
+    return userService.saveTenantAdmin(
+        userDTO, getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId());
+  }
+
+  @DeleteMapping
+  public void deleteUser(@Validated({DeleteGroup.class}) @RequestBody DeleteDTO deleteDTO)
+      throws ThingsboardException {
+    userService.deleteUser(
+        deleteDTO.getIds(), getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId());
+  }
+
+  @RequestMapping(
+      value = "/{userId}/activationLink",
+      method = RequestMethod.GET,
+      produces = "text/plain")
+  public String getActivationLink(
+      @PathVariable("userId") String strUserId, HttpServletRequest request) {
+
+    return null;
+  }
+
+  @GetMapping("getGroupUserByGroupId/{groupId}")
+  public ResponseEntity<List<UserDTO>> getGroupUserByGroupId(
+      @PathVariable("groupId") String groupId) throws ThingsboardException {
+    return ResponseEntity.of(
+        userService.getOrganizationUserByOrganizationId(
+            groupId, getCurrentUser().getCurrentTenantId()));
+  }
+
+  @Demo("这是一个演示的请求，查询当前用户，并将其导出到excel,参照完毕请务必删除")
+  @GetMapping("export")
+  public void export(HttpServletResponse response) throws IOException, ThingsboardException {
+    UserInfoDTO me =
+        userService.me(
+            getCurrentUser().getCurrentUserId(),
+            getCurrentUser().getCurrentTenantId(),
+            getCurrentUser().getRoles());
+    ExcelUtil.exportExcel(response, "用户信息", "user info", List.of(me), UserInfoDTO.class);
+  }
+
+  @GetMapping("/accountExist/{username}")
+  public ResponseResult<UserDTO> accountExist(@PathVariable String username)
+      throws ThingsboardException {
+    return ResponseResult.success(
+        userService.accountExist(username, getCurrentUser().getCurrentTenantId()));
+  }
+
+  @PostMapping("/relation")
+  public String[] getUserRoleOrGroup(
+      @Validated @RequestBody RoleOrOrganizationReqDTO roleOrGroupReqDTO) {
+    return userService.getUserRoleOrOrganization(roleOrGroupReqDTO);
+  }
+
+  @PostMapping("/reset")
+  @ApiOperation(value = "修改密码")
+  public ResponseResult<Boolean> changePassword(@RequestBody AccountReqDTO accountReqDTO) {
+    return ResponseResult.success(userService.changePassword(accountReqDTO));
+  }
+}

@@ -20,13 +20,16 @@ import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.stereotype.Component;
 import org.springframework.stereotype.Component;
-import org.thingsboard.server.service.security.auth.TokenOutdatingService;
 import org.thingsboard.server.service.security.auth.JwtAuthenticationToken;
 import org.thingsboard.server.service.security.auth.JwtAuthenticationToken;
+import org.thingsboard.server.service.security.auth.TokenOutdatingService;
 import org.thingsboard.server.service.security.exception.JwtExpiredTokenException;
 import org.thingsboard.server.service.security.exception.JwtExpiredTokenException;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.RawAccessJwtToken;
 import org.thingsboard.server.service.security.model.token.RawAccessJwtToken;
 
 
+/**
+ * Jwt身份提供者
+ */
 @Component
 @Component
 @RequiredArgsConstructor
 @RequiredArgsConstructor
 public class JwtAuthenticationProvider implements AuthenticationProvider {
 public class JwtAuthenticationProvider implements AuthenticationProvider {
@@ -34,11 +37,18 @@ public class JwtAuthenticationProvider implements AuthenticationProvider {
     private final JwtTokenFactory tokenFactory;
     private final JwtTokenFactory tokenFactory;
     private final TokenOutdatingService tokenOutdatingService;
     private final TokenOutdatingService tokenOutdatingService;
 
 
+    /**
+     * 进行身份鉴定
+     * @param authentication 证明
+     * @return 证明
+     * @throws AuthenticationException 身份验证异常
+     */
     @Override
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
         RawAccessJwtToken rawAccessToken = (RawAccessJwtToken) authentication.getCredentials();
         RawAccessJwtToken rawAccessToken = (RawAccessJwtToken) authentication.getCredentials();
         SecurityUser securityUser = tokenFactory.parseAccessJwtToken(rawAccessToken);
         SecurityUser securityUser = tokenFactory.parseAccessJwtToken(rawAccessToken);
 
 
+        //token失效了 过时了
         if (tokenOutdatingService.isOutdated(rawAccessToken, securityUser.getId())) {
         if (tokenOutdatingService.isOutdated(rawAccessToken, securityUser.getId())) {
             throw new JwtExpiredTokenException("Token is outdated");
             throw new JwtExpiredTokenException("Token is outdated");
         }
         }

@@ -33,15 +33,15 @@ import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.common.data.security.Authority;
-import org.thingsboard.server.service.security.auth.TokenOutdatingService;
-import org.thingsboard.server.common.data.security.UserCredentials;
-import org.thingsboard.server.dao.customer.CustomerService;
-import org.thingsboard.server.dao.user.UserService;
 import org.thingsboard.server.service.security.auth.RefreshAuthenticationToken;
 import org.thingsboard.server.service.security.auth.RefreshAuthenticationToken;
+import org.thingsboard.server.service.security.auth.TokenOutdatingService;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.RawAccessJwtToken;
 import org.thingsboard.server.service.security.model.token.RawAccessJwtToken;
+import org.thingsboard.server.common.data.security.UserCredentials;
+import org.thingsboard.server.dao.customer.CustomerService;
+import org.thingsboard.server.dao.user.UserService;
 
 
 import java.util.UUID;
 import java.util.UUID;
 
 

@@ -17,6 +17,14 @@ package org.thingsboard.server.service.security.auth.jwt.extractor;
 
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequest;
 
 
+/**
+ * 令牌器接口
+ */
 public interface TokenExtractor {
 public interface TokenExtractor {
+    /**
+     * 提取令牌
+     * @param request 请求
+     * @return 令牌
+     */
     public String extract(HttpServletRequest request);
     public String extract(HttpServletRequest request);
 }
 }

@@ -16,7 +16,6 @@
 package org.thingsboard.server.service.security.auth.oauth2;
 package org.thingsboard.server.service.security.auth.oauth2;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@@ -26,7 +25,6 @@ import org.thingsboard.server.common.data.id.CustomerId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
-import org.thingsboard.server.utils.MiscUtils;
 
 
 import javax.servlet.ServletException;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequest;

@@ -31,10 +31,10 @@ import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.oauth2.OAuth2Registration;
 import org.thingsboard.server.common.data.oauth2.OAuth2Registration;
 import org.thingsboard.server.common.data.security.model.JwtToken;
 import org.thingsboard.server.common.data.security.model.JwtToken;
 import org.thingsboard.server.dao.oauth2.OAuth2Service;
 import org.thingsboard.server.dao.oauth2.OAuth2Service;
+import org.thingsboard.server.service.security.system.SystemSecurityService;
 import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
 import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
-import org.thingsboard.server.service.security.system.SystemSecurityService;
 
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpServletResponse;

 /**
 /**
  * Copyright © 2016-2021 The Thingsboard Authors
  * Copyright © 2016-2021 The Thingsboard Authors
  *
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
  *
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
  *
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
  * limitations under the License.
  */
  */
 package org.thingsboard.server.service.security.auth.rest;
 package org.thingsboard.server.service.security.auth.rest;
 
 
 import lombok.extern.slf4j.Slf4j;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.InsufficientAuthenticationException;
-import org.springframework.security.authentication.LockedException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.authentication.*;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Component;
 import org.springframework.stereotype.Component;
 import org.springframework.util.Assert;
 import org.springframework.util.Assert;
 import org.thingsboard.server.common.data.Customer;
 import org.thingsboard.server.common.data.Customer;
@@ -36,167 +31,331 @@ import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.common.data.security.UserCredentials;
 import org.thingsboard.server.common.data.security.UserCredentials;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.core.cache.CacheUtils;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.CodeTTL;
+import org.thingsboard.server.common.data.yunteng.enums.MessageTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.MsgTemplatePurposeEnum;
 import org.thingsboard.server.dao.audit.AuditLogService;
 import org.thingsboard.server.dao.audit.AuditLogService;
 import org.thingsboard.server.dao.customer.CustomerService;
 import org.thingsboard.server.dao.customer.CustomerService;
-import org.thingsboard.server.dao.user.UserService;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
+import org.thingsboard.server.dao.user.UserService;
+import org.thingsboard.server.dao.yunteng.service.YtUserService;
 import ua_parser.Client;
 import ua_parser.Client;
 
 
+import java.time.LocalDateTime;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
 import java.util.UUID;
 import java.util.UUID;
 
 
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.CacheConfigKey.MOBILE_LOGIN_SMS_CODE;
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.DEFAULT_DELIMITER;
 
 
 @Component
 @Component
 @Slf4j
 @Slf4j
 public class RestAuthenticationProvider implements AuthenticationProvider {
 public class RestAuthenticationProvider implements AuthenticationProvider {
 
 
-    private final SystemSecurityService systemSecurityService;
-    private final UserService userService;
-    private final CustomerService customerService;
-    private final AuditLogService auditLogService;
-
-    @Autowired
-    public RestAuthenticationProvider(final UserService userService,
-                                      final CustomerService customerService,
-                                      final SystemSecurityService systemSecurityService,
-                                      final AuditLogService auditLogService) {
-        this.userService = userService;
-        this.customerService = customerService;
-        this.systemSecurityService = systemSecurityService;
-        this.auditLogService = auditLogService;
-    }
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        Assert.notNull(authentication, "No authentication data provided");
-
-        Object principal = authentication.getPrincipal();
-        if (!(principal instanceof UserPrincipal)) {
-            throw new BadCredentialsException("Authentication Failed. Bad user principal.");
-        }
+  private final SystemSecurityService systemSecurityService;
+  private final UserService userService;
+  private final CustomerService customerService;
+  private final AuditLogService auditLogService;
 
 
-        UserPrincipal userPrincipal =  (UserPrincipal) principal;
-        if (userPrincipal.getType() == UserPrincipal.Type.USER_NAME) {
-            String username = userPrincipal.getValue();
-            String password = (String) authentication.getCredentials();
-            return authenticateByUsernameAndPassword(authentication, userPrincipal, username, password);
-        } else {
-            String publicId = userPrincipal.getValue();
-            return authenticateByPublicId(userPrincipal, publicId);
-        }
+  @Autowired
+  public RestAuthenticationProvider(
+      final UserService userService,
+      final CustomerService customerService,
+      final SystemSecurityService systemSecurityService,
+      final AuditLogService auditLogService) {
+    this.userService = userService;
+    this.customerService = customerService;
+    this.systemSecurityService = systemSecurityService;
+    this.auditLogService = auditLogService;
+  }
+
+  @Override
+  public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+    Assert.notNull(authentication, "No authentication data provided");
+
+    Object principal = authentication.getPrincipal();
+    if (!(principal instanceof UserPrincipal)) {
+      throw new BadCredentialsException("Authentication Failed. Bad user principal.");
     }
     }
 
 
-    private Authentication authenticateByUsernameAndPassword(Authentication authentication, UserPrincipal userPrincipal, String username, String password) {
-        User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, username);
-        if (user == null) {
-            throw new UsernameNotFoundException("User not found: " + username);
-        }
+    UserPrincipal userPrincipal = (UserPrincipal) principal;
+    if (userPrincipal.getType() == UserPrincipal.Type.USER_NAME) {
+      String username = userPrincipal.getValue();
+      String password = (String) authentication.getCredentials();
+      String ytUserName = username;
+      UserDetailsDTO ytDetailDTO = new UserDetailsDTO();
+      if (!FastIotConstants.EMAIL_PATTERN.matcher(username).matches()) {
+        username += FastIotConstants.DEFAULT_EMAIL_SUFFIX_FOR_TB;
+        ytDetailDTO = ytUserDetailsByUserName(ytUserName, password).get();
+      }
+      return authenticateByUsernameAndPassword(
+          ytDetailDTO, authentication, userPrincipal, username, password);
+    } else if (userPrincipal.getType() == UserPrincipal.Type.SMS_CODE) {
+      return ytUserDetailsByPhone(
+          authentication,
+          userPrincipal,
+          userPrincipal.getValue(),
+          (String) authentication.getCredentials());
+    } else {
+      String publicId = userPrincipal.getValue();
+      return authenticateByPublicId(userPrincipal, publicId);
+    }
+  }
 
 
-        try {
+  private Authentication authenticateByUsernameAndPassword(
+      UserDetailsDTO ytDetailDTO,
+      Authentication authentication,
+      UserPrincipal userPrincipal,
+      String username,
+      String password) {
 
 
-            UserCredentials userCredentials = userService.findUserCredentialsByUserId(TenantId.SYS_TENANT_ID, user.getId());
-            if (userCredentials == null) {
-                throw new UsernameNotFoundException("User credentials not found");
-            }
+    // TODO 先验证sys_user账号密码是否正确，正确后，在账号后面加上后缀验证TB用户是否正确
+    Object principal = authentication.getPrincipal();
+    if (!(principal instanceof UserPrincipal)) {
+      throw new BadCredentialsException("Authentication Failed. Bad user principal.");
+    }
 
 
-            try {
-                systemSecurityService.validateUserCredentials(user.getTenantId(), userCredentials, username, password);
-            } catch (LockedException e) {
-                logLoginAction(user, authentication, ActionType.LOCKOUT, null);
-                throw e;
-            }
+    User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, username);
+    if (user == null) {
+      throw new UsernameNotFoundException("User not found: " + username);
+    }
 
 
-            if (user.getAuthority() == null)
-                throw new InsufficientAuthenticationException("User has no authority assigned");
+    try {
 
 
-            SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled(), userPrincipal);
-            logLoginAction(user, authentication, ActionType.LOGIN, null);
-            return new UsernamePasswordAuthenticationToken(securityUser, null, securityUser.getAuthorities());
-        } catch (Exception e) {
-            logLoginAction(user, authentication, ActionType.LOGIN, e);
-            throw e;
-        }
+      UserCredentials userCredentials =
+          userService.findUserCredentialsByUserId(TenantId.SYS_TENANT_ID, user.getId());
+      if (userCredentials == null) {
+        throw new UsernameNotFoundException("User credentials not found");
+      }
+
+      try {
+        systemSecurityService.validateUserCredentials(
+            user.getTenantId(), userCredentials, username, password);
+      } catch (LockedException e) {
+        logLoginAction(user, authentication, ActionType.LOCKOUT, null);
+        throw e;
+      }
+
+      if (user.getAuthority() == null)
+        throw new InsufficientAuthenticationException("User has no authority assigned");
+
+      user.setUserDetailsDTO(ytDetailDTO);
+      SecurityUser securityUser =
+          new SecurityUser(user, userCredentials.isEnabled(), userPrincipal);
+      logLoginAction(user, authentication, ActionType.LOGIN, null);
+      return new UsernamePasswordAuthenticationToken(
+          securityUser, null, securityUser.getAuthorities());
+    } catch (Exception e) {
+      logLoginAction(user, authentication, ActionType.LOGIN, e);
+      throw e;
     }
     }
+  }
 
 
-    private Authentication authenticateByPublicId(UserPrincipal userPrincipal, String publicId) {
-        CustomerId customerId;
-        try {
-            customerId = new CustomerId(UUID.fromString(publicId));
-        } catch (Exception e) {
-            throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
-        }
-        Customer publicCustomer = customerService.findCustomerById(TenantId.SYS_TENANT_ID, customerId);
-        if (publicCustomer == null) {
-            throw new UsernameNotFoundException("Public entity not found: " + publicId);
-        }
-        if (!publicCustomer.isPublic()) {
-            throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
-        }
-        User user = new User(new UserId(EntityId.NULL_UUID));
-        user.setTenantId(publicCustomer.getTenantId());
-        user.setCustomerId(publicCustomer.getId());
-        user.setEmail(publicId);
-        user.setAuthority(Authority.CUSTOMER_USER);
-        user.setFirstName("Public");
-        user.setLastName("Public");
-
-        SecurityUser securityUser = new SecurityUser(user, true, userPrincipal);
-
-        return new UsernamePasswordAuthenticationToken(securityUser, null, securityUser.getAuthorities());
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
-    }
-
-    private void logLoginAction(User user, Authentication authentication, ActionType actionType, Exception e) {
-        String clientAddress = "Unknown";
-        String browser = "Unknown";
-        String os = "Unknown";
-        String device = "Unknown";
-        if (authentication != null && authentication.getDetails() != null) {
-            if (authentication.getDetails() instanceof RestAuthenticationDetails) {
-                RestAuthenticationDetails details = (RestAuthenticationDetails)authentication.getDetails();
-                clientAddress = details.getClientAddress();
-                if (details.getUserAgent() != null) {
-                    Client userAgent = details.getUserAgent();
-                    if (userAgent.userAgent != null) {
-                        browser = userAgent.userAgent.family;
-                        if (userAgent.userAgent.major != null) {
-                            browser += " " + userAgent.userAgent.major;
-                            if (userAgent.userAgent.minor != null) {
-                                browser += "." + userAgent.userAgent.minor;
-                                if (userAgent.userAgent.patch != null) {
-                                    browser += "." + userAgent.userAgent.patch;
-                                }
-                            }
-                        }
-                    }
-                    if (userAgent.os != null) {
-                        os = userAgent.os.family;
-                        if (userAgent.os.major != null) {
-                            os += " " + userAgent.os.major;
-                            if (userAgent.os.minor != null) {
-                                os += "." + userAgent.os.minor;
-                                if (userAgent.os.patch != null) {
-                                    os += "." + userAgent.os.patch;
-                                    if (userAgent.os.patchMinor != null) {
-                                        os += "." + userAgent.os.patchMinor;
-                                    }
-                                }
-                            }
-                        }
-                    }
-                    if (userAgent.device != null) {
-                        device = userAgent.device.family;
-                    }
+  private Authentication authenticateByPublicId(UserPrincipal userPrincipal, String publicId) {
+    CustomerId customerId;
+    try {
+      customerId = new CustomerId(UUID.fromString(publicId));
+    } catch (Exception e) {
+      throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
+    }
+    Customer publicCustomer = customerService.findCustomerById(TenantId.SYS_TENANT_ID, customerId);
+    if (publicCustomer == null) {
+      throw new UsernameNotFoundException("Public entity not found: " + publicId);
+    }
+    if (!publicCustomer.isPublic()) {
+      throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
+    }
+    User user = new User(new UserId(EntityId.NULL_UUID));
+    user.setTenantId(publicCustomer.getTenantId());
+    user.setCustomerId(publicCustomer.getId());
+    user.setEmail(publicId);
+    user.setAuthority(Authority.CUSTOMER_USER);
+    user.setFirstName("Public");
+    user.setLastName("Public");
+
+    SecurityUser securityUser = new SecurityUser(user, true, userPrincipal);
+
+    return new UsernamePasswordAuthenticationToken(
+        securityUser, null, securityUser.getAuthorities());
+  }
+
+  @Override
+  public boolean supports(Class<?> authentication) {
+    return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
+  }
+
+  private void logLoginAction(
+      User user, Authentication authentication, ActionType actionType, Exception e) {
+    String clientAddress = "Unknown";
+    String browser = "Unknown";
+    String os = "Unknown";
+    String device = "Unknown";
+    if (authentication != null && authentication.getDetails() != null) {
+      if (authentication.getDetails() instanceof RestAuthenticationDetails) {
+        RestAuthenticationDetails details = (RestAuthenticationDetails) authentication.getDetails();
+        clientAddress = details.getClientAddress();
+        if (details.getUserAgent() != null) {
+          Client userAgent = details.getUserAgent();
+          if (userAgent.userAgent != null) {
+            browser = userAgent.userAgent.family;
+            if (userAgent.userAgent.major != null) {
+              browser += " " + userAgent.userAgent.major;
+              if (userAgent.userAgent.minor != null) {
+                browser += "." + userAgent.userAgent.minor;
+                if (userAgent.userAgent.patch != null) {
+                  browser += "." + userAgent.userAgent.patch;
+                }
+              }
+            }
+          }
+          if (userAgent.os != null) {
+            os = userAgent.os.family;
+            if (userAgent.os.major != null) {
+              os += " " + userAgent.os.major;
+              if (userAgent.os.minor != null) {
+                os += "." + userAgent.os.minor;
+                if (userAgent.os.patch != null) {
+                  os += "." + userAgent.os.patch;
+                  if (userAgent.os.patchMinor != null) {
+                    os += "." + userAgent.os.patchMinor;
+                  }
                 }
                 }
+              }
             }
             }
+          }
+          if (userAgent.device != null) {
+            device = userAgent.device.family;
+          }
         }
         }
-        auditLogService.logEntityAction(
-                user.getTenantId(), user.getCustomerId(), user.getId(),
-                user.getName(), user.getId(), null, actionType, e, clientAddress, browser, os, device);
+      }
+    }
+    auditLogService.logEntityAction(
+        user.getTenantId(),
+        user.getCustomerId(),
+        user.getId(),
+        user.getName(),
+        user.getId(),
+        null,
+        actionType,
+        e,
+        clientAddress,
+        browser,
+        os,
+        device);
+  }
+
+  @Autowired private YtUserService ytUserService;
+  @Autowired private CacheUtils cacheUtils;
+  @Autowired private PasswordEncoder passwordEncoder;
+
+  private Optional<UserDetailsDTO> ytUserDetailsByUserName(String username, String password) {
+    List<UserDetailsDTO> users = ytUserService.findUserDetailsByUsername(username);
+
+    if (users.isEmpty()) {
+      throw new UsernameNotFoundException("User not found: " + username);
+    }
+    Optional<UserDetailsDTO> optionalUser =
+        users.stream()
+            .filter(user -> passwordEncoder.matches(password, user.getPassword()))
+            .findAny();
+    if (optionalUser.isEmpty()) {
+      throw new BadCredentialsException("Authentication Failed. Username or Password not valid.");
+    }
+    if (doValidate(optionalUser)) {
+      return optionalUser;
+    }
+    return Optional.empty();
+  }
+
+  private Authentication ytUserDetailsByPhone(
+      Authentication authentication, UserPrincipal userPrincipal, String phoneNumber, String code) {
+    List<UserDetailsDTO> users = ytUserService.getUserByPhoneNumber(phoneNumber);
+    if (users.isEmpty()) {
+      throw new UsernameNotFoundException("phone number not found: " + phoneNumber);
+    }
+    String key =
+        MsgTemplatePurposeEnum.FOR_LOGIN.name()
+            + DEFAULT_DELIMITER
+            + MessageTypeEnum.PHONE_MESSAGE.name()
+            + DEFAULT_DELIMITER
+            + phoneNumber;
+
+    boolean correct =
+        cacheUtils
+            .get(MOBILE_LOGIN_SMS_CODE, key)
+            .map(
+                o -> {
+                  CodeTTL codeTTL = (CodeTTL) o;
+                  if (System.currentTimeMillis() - codeTTL.getSendTs() < 5 * 60 * 1000) {
+                    return Objects.equals(codeTTL.getCode(), code);
+                  } else {
+                    return false;
+                  }
+                })
+            .orElse(false);
+    Optional<UserDetailsDTO> optionalUser;
+    if (!correct) {
+      optionalUser = Optional.empty();
+    } else {
+      optionalUser = Optional.of(users.get(0));
+    }
+    if (optionalUser.isEmpty()) {
+      throw new BadCredentialsException("验证码不正确");
+    }
+
+    String tbEmail =
+        optionalUser.get().getUsername() + FastIotConstants.DEFAULT_EMAIL_SUFFIX_FOR_TB;
+    User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, tbEmail);
+    if (user == null) {
+      throw new UsernameNotFoundException("User not found: " + tbEmail);
+    }
+
+    try {
+      if (user.getAuthority() == null)
+        throw new InsufficientAuthenticationException("User has no authority assigned");
+
+      user.setUserDetailsDTO(optionalUser.get());
+      SecurityUser securityUser = new SecurityUser(user, true, userPrincipal);
+      logLoginAction(user, authentication, ActionType.LOGIN, null);
+      return new UsernamePasswordAuthenticationToken(
+          securityUser, null, securityUser.getAuthorities());
+    } catch (Exception e) {
+      logLoginAction(user, authentication, ActionType.LOGIN, e);
+      throw e;
+    }
+  }
+
+  private boolean doValidate(Optional<UserDetailsDTO> optionalUser) {
+    UserDetailsDTO detailsDTO = optionalUser.get();
+    boolean tenantEnabled = detailsDTO.getTenant().isEnabled();
+    if (!tenantEnabled) {
+      throw new LockedException("tenant has been disabled");
+    }
+    Optional.ofNullable(detailsDTO.getTenant().getTenantExpireTime())
+        .ifPresent(
+            expireTime -> {
+              if (LocalDateTime.now().isAfter(expireTime)) {
+                throw new AccountExpiredException("tenant has expired");
+              }
+            });
+    Optional.ofNullable(detailsDTO.getAccountExpireTime())
+        .ifPresent(
+            expireTime -> {
+              if (LocalDateTime.now().isAfter(expireTime)) {
+                throw new AccountExpiredException("user account has expired");
+              }
+            });
+    boolean enabled = detailsDTO.isEnabled();
+    if (!enabled) {
+      throw new LockedException("account has been disabled");
     }
     }
+    return true;
+  }
 }
 }

@@ -24,9 +24,9 @@ import org.springframework.security.web.WebAttributes;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.stereotype.Component;
 import org.springframework.stereotype.Component;
 import org.thingsboard.server.common.data.security.model.JwtToken;
 import org.thingsboard.server.common.data.security.model.JwtToken;
-import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
+import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
 
 
 import javax.servlet.ServletException;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequest;

@@ -28,7 +28,6 @@ import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.thingsboard.server.service.security.exception.AuthMethodNotSupportedException;
 import org.thingsboard.server.service.security.exception.AuthMethodNotSupportedException;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 
 

 /**
 /**
  * Copyright © 2016-2021 The Thingsboard Authors
  * Copyright © 2016-2021 The Thingsboard Authors
  *
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
  *
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
  *
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
  * limitations under the License.
  */
  */
 package org.thingsboard.server.service.security.model;
 package org.thingsboard.server.service.security.model;
 
 
+import lombok.Getter;
+import lombok.Setter;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.thingsboard.server.common.data.User;
 import org.thingsboard.server.common.data.User;
 import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.id.UserId;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailRoleDTO;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
 
 
+import java.time.LocalDateTime;
 import java.util.Collection;
 import java.util.Collection;
+import java.util.Optional;
+import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 import java.util.stream.Stream;
 
 
 public class SecurityUser extends User {
 public class SecurityUser extends User {
 
 
-    private static final long serialVersionUID = -797397440703066079L;
+  private static final long serialVersionUID = -797397440703066079L;
 
 
-    private Collection<GrantedAuthority> authorities;
-    private boolean enabled;
-    private UserPrincipal userPrincipal;
+  private Collection<GrantedAuthority> authorities;
+  private boolean enabled;
+  private UserPrincipal userPrincipal;
+  @Getter
+  private String currentTenantId;
+  @Getter
+  private String currentUserId;
+  @Getter @Setter private LocalDateTime userExpireTime;
+  @Getter @Setter private LocalDateTime tenantExpireTime;
+  @Getter @Setter private boolean sysadmin = false;
+  @Getter @Setter private boolean tenantAdmin = false;
+  @Getter @Setter private boolean platformAdmin = false;
+  @Getter @Setter private Set<String> roles;
 
 
-    public SecurityUser() {
-        super();
-    }
+  public SecurityUser() {
+    super();
+  }
 
 
-    public SecurityUser(UserId id) {
-        super(id);
-    }
+  public SecurityUser(UserId id) {
+    super(id);
+  }
 
 
-    public SecurityUser(User user, boolean enabled, UserPrincipal userPrincipal) {
-        super(user);
-        this.enabled = enabled;
-        this.userPrincipal = userPrincipal;
-    }
+  public SecurityUser(User user, boolean enabled, UserPrincipal userPrincipal) {
+    super(user);
+    this.enabled = enabled;
+    this.userPrincipal = userPrincipal;
+    this.currentTenantId = user.getTenantId().getId().toString();
+    this.currentUserId = user.getUserDetailsDTO().getId();
+    Optional.ofNullable(user.getUserDetailsDTO().getRoles()).map(roleDTOS -> {
+      this.roles =
+              roleDTOS.stream()
+                      .map(UserDetailRoleDTO::getRoleType)
+                      .map(RoleEnum::name)
+                      .collect(Collectors.toSet());
+      this.sysadmin =
+              this.roles.stream().anyMatch(role -> role.equals(RoleEnum.ROLE_SYS_ADMIN.name()));
+      this.tenantAdmin =
+              this.roles.stream().anyMatch(role -> role.equals(RoleEnum.ROLE_TENANT_ADMIN.name()));
+      this.platformAdmin =
+              this.roles.stream().anyMatch(role -> role.equals(RoleEnum.ROLE_PLATFORM_ADMIN.name()));
+      return roleDTOS;
+    });
 
 
-    public Collection<GrantedAuthority> getAuthorities() {
-        if (authorities == null) {
-            authorities = Stream.of(SecurityUser.this.getAuthority())
-                    .map(authority -> new SimpleGrantedAuthority(authority.name()))
-                    .collect(Collectors.toList());
-        }
-        return authorities;
-    }
+  }
 
 
-    public boolean isEnabled() {
-        return enabled;
+  public Collection<GrantedAuthority> getAuthorities() {
+    if (authorities == null) {
+      authorities =
+          Stream.of(SecurityUser.this.getAuthority())
+              .map(authority -> new SimpleGrantedAuthority(authority.name()))
+              .collect(Collectors.toList());
     }
     }
+    return authorities;
+  }
 
 
-    public UserPrincipal getUserPrincipal() {
-        return userPrincipal;
-    }
+  public boolean isEnabled() {
+    return enabled;
+  }
 
 
-    public void setEnabled(boolean enabled) {
-        this.enabled = enabled;
-    }
+  public UserPrincipal getUserPrincipal() {
+    return userPrincipal;
+  }
 
 
-    public void setUserPrincipal(UserPrincipal userPrincipal) {
-        this.userPrincipal = userPrincipal;
-    }
+  public void setEnabled(boolean enabled) {
+    this.enabled = enabled;
+  }
 
 
+  public void setUserPrincipal(UserPrincipal userPrincipal) {
+    this.userPrincipal = userPrincipal;
+  }
 }
 }

@@ -37,7 +37,8 @@ public class UserPrincipal implements Serializable {
 
 
     public enum Type {
     public enum Type {
         USER_NAME,
         USER_NAME,
-        PUBLIC_ID
+        PUBLIC_ID,
+        SMS_CODE
     }
     }
 
 
 }
 }

@@ -15,10 +15,8 @@
  */
  */
 package org.thingsboard.server.service.security.permission;
 package org.thingsboard.server.service.security.permission;
 
 
-import org.thingsboard.server.common.data.HasCustomerId;
 import org.thingsboard.server.common.data.HasTenantId;
 import org.thingsboard.server.common.data.HasTenantId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.EntityId;
-import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.SecurityUser;
 
 
 import java.util.Arrays;
 import java.util.Arrays;

@@ -22,7 +22,6 @@ import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Header;
 import io.jsonwebtoken.Header;
 import io.jsonwebtoken.Jwt;
 import io.jsonwebtoken.Jwt;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.Jwts;
-import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.StringUtils;

@@ -15,81 +15,27 @@
  */
  */
 package org.thingsboard.server.controller;
 package org.thingsboard.server.controller;
 
 
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Header;
-import io.jsonwebtoken.Jwt;
-import io.jsonwebtoken.Jwts;
 import lombok.extern.slf4j.Slf4j;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
-import org.hamcrest.Matcher;
-import org.junit.After;
 import org.junit.Assert;
 import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.rules.TestRule;
-import org.junit.rules.TestWatcher;
-import org.junit.runner.Description;
 import org.junit.runner.RunWith;
 import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootContextLoader;
 import org.springframework.boot.test.context.SpringBootContextLoader;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.web.server.LocalServerPort;
 import org.springframework.boot.web.server.LocalServerPort;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.MediaType;
-import org.springframework.http.converter.HttpMessageConverter;
-import org.springframework.http.converter.StringHttpMessageConverter;
-import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
-import org.springframework.mock.http.MockHttpInputMessage;
-import org.springframework.mock.http.MockHttpOutputMessage;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.junit4.SpringRunner;
-import org.springframework.test.web.servlet.MockMvc;
-import org.springframework.test.web.servlet.MvcResult;
-import org.springframework.test.web.servlet.ResultActions;
-import org.springframework.test.web.servlet.ResultMatcher;
-import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-import org.springframework.web.context.WebApplicationContext;
-import org.thingsboard.server.common.data.BaseData;
-import org.thingsboard.server.common.data.Customer;
-import org.thingsboard.server.common.data.Tenant;
-import org.thingsboard.server.common.data.User;
-import org.thingsboard.server.common.data.id.TenantId;
-import org.thingsboard.server.common.data.id.UUIDBased;
-import org.thingsboard.server.common.data.page.PageLink;
-import org.thingsboard.server.common.data.page.TimePageLink;
-import org.thingsboard.server.common.data.security.Authority;
-import org.thingsboard.server.config.ThingsboardSecurityConfiguration;
-import org.thingsboard.server.service.mail.TestMailService;
-import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRequest;
-import org.thingsboard.server.service.security.auth.rest.LoginRequest;
 
 
-import java.io.IOException;
 import java.net.URI;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URISyntaxException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Comparator;
-import java.util.List;
 
 
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.asyncDispatch;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.request;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-import static org.springframework.test.web.servlet.setup.MockMvcBuilders.webAppContextSetup;
 
 
 @ActiveProfiles("test")
 @ActiveProfiles("test")
 @RunWith(SpringRunner.class)
 @RunWith(SpringRunner.class)

@@ -24,7 +24,7 @@ import static org.hamcrest.Matchers.*;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 
 
 
 
-public abstract class BaseAdminControllerTest extends AbstractControllerTest {
+public abstract class BaseYtAdminControllerTest extends AbstractControllerTest {
 
 
     @Test
     @Test
     public void testFindAdminSettingsByKey() throws Exception {
     public void testFindAdminSettingsByKey() throws Exception {

@@ -15,12 +15,12 @@
  */
  */
 package org.thingsboard.server.controller.sql;
 package org.thingsboard.server.controller.sql;
 
 
-import org.thingsboard.server.controller.BaseAdminControllerTest;
+import org.thingsboard.server.controller.BaseYtAdminControllerTest;
 import org.thingsboard.server.dao.service.DaoSqlTest;
 import org.thingsboard.server.dao.service.DaoSqlTest;
 
 
 /**
 /**
  * Created by Valerii Sosliuk on 6/28/2017.
  * Created by Valerii Sosliuk on 6/28/2017.
  */
  */
 @DaoSqlTest
 @DaoSqlTest
-public class AdminControllerSqlTest extends BaseAdminControllerTest {
+public class YtAdminControllerSqlTest extends BaseYtAdminControllerTest {
 }
 }

@@ -100,6 +100,78 @@
             <groupId>io.swagger</groupId>
             <groupId>io.swagger</groupId>
             <artifactId>swagger-annotations</artifactId>
             <artifactId>swagger-annotations</artifactId>
         </dependency>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-autoconfigure</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context-support</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.data</groupId>
+            <artifactId>spring-data-redis</artifactId>
+        </dependency>
+
+        <!--阿里短信SDK -->
+        <dependency>
+            <groupId>com.aliyun</groupId>
+            <artifactId>aliyun-java-sdk-core</artifactId>
+            <version>${aliyun.sdk.core}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.aliyun</groupId>
+            <artifactId>aliyun-java-sdk-dysmsapi</artifactId>
+            <version>${aliyun.sdk.dysmsapi}</version>
+        </dependency>
+        <!-- 邮件发送 -->
+        <dependency>
+            <groupId>com.sun.mail</groupId>
+            <artifactId>jakarta.mail</artifactId>
+            <version>${jakarta.mail.version}</version>
+        </dependency>
+
+        <!--minio-->
+        <dependency>
+            <groupId>io.minio</groupId>
+            <artifactId>minio</artifactId>
+            <version>${io.minio.version}</version>
+        </dependency>
+        <!--alibaba easyExcel-->
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>easyexcel</artifactId>
+            <version>${com.alibaba.easyexcel.version}</version>
+        </dependency>
+        <!-- aspectj -->
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjweaver</artifactId>
+            <version>1.9.6</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.thingsboard.common</groupId>
+            <artifactId>util</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjrt</artifactId>
+            <version>1.9.6</version>
+        </dependency>
     </dependencies>
     </dependencies>
 
 
     <build>
     <build>

 /**
 /**
  * Copyright © 2016-2021 The Thingsboard Authors
  * Copyright © 2016-2021 The Thingsboard Authors
  *
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
  *
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
  *
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
  * limitations under the License.
  */
  */
 package org.thingsboard.server.common.data;
 package org.thingsboard.server.common.data;
@@ -21,6 +19,8 @@ import com.fasterxml.jackson.databind.JsonNode;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.EqualsAndHashCode;
 import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
 import org.thingsboard.server.common.data.id.CustomerId;
 import org.thingsboard.server.common.data.id.CustomerId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.id.TenantId;
@@ -28,167 +28,202 @@ import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.common.data.validation.Length;
 import org.thingsboard.server.common.data.validation.Length;
 import org.thingsboard.server.common.data.validation.NoXss;
 import org.thingsboard.server.common.data.validation.NoXss;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailRoleDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO;
+
+import java.util.Set;
 
 
 @ApiModel
 @ApiModel
 @EqualsAndHashCode(callSuper = true)
 @EqualsAndHashCode(callSuper = true)
-public class User extends SearchTextBasedWithAdditionalInfo<UserId> implements HasName, HasTenantId, HasCustomerId {
-
-    private static final long serialVersionUID = 8250339805336035966L;
-
-    private TenantId tenantId;
-    private CustomerId customerId;
-    private String email;
-    private Authority authority;
-    @NoXss
-    @Length(fieldName = "first name")
-    private String firstName;
-    @NoXss
-    @Length(fieldName = "last name")
-    private String lastName;
-
-    public User() {
-        super();
-    }
-
-    public User(UserId id) {
-        super(id);
-    }
-
-    public User(User user) {
-        super(user);
-        this.tenantId = user.getTenantId();
-        this.customerId = user.getCustomerId();
-        this.email = user.getEmail();
-        this.authority = user.getAuthority();
-        this.firstName = user.getFirstName();
-        this.lastName = user.getLastName();
-    }
-
-
-    @ApiModelProperty(position = 1, value = "JSON object with the User Id. " +
-            "Specify this field to update the device. " +
-            "Referencing non-existing User Id will cause error. " +
-            "Omit this field to create new customer." )
-    @Override
-    public UserId getId() {
-        return super.getId();
-    }
-
-    @ApiModelProperty(position = 2, value = "Timestamp of the user creation, in milliseconds", example = "1609459200000", readOnly = true)
-    @Override
-    public long getCreatedTime() {
-        return super.getCreatedTime();
-    }
-
-    @ApiModelProperty(position = 3, value = "JSON object with the Tenant Id.", readOnly = true)
-    public TenantId getTenantId() {
-        return tenantId;
-    }
-
-    public void setTenantId(TenantId tenantId) {
-        this.tenantId = tenantId;
-    }
-
-    @ApiModelProperty(position = 4, value = "JSON object with the Customer Id.", readOnly = true)
-    public CustomerId getCustomerId() {
-        return customerId;
-    }
-
-    public void setCustomerId(CustomerId customerId) {
-        this.customerId = customerId;
-    }
-
-    @ApiModelProperty(position = 5, required = true, value = "Email of the user", example = "user@example.com")
-    public String getEmail() {
-        return email;
-    }
-
-    public void setEmail(String email) {
-        this.email = email;
-    }
-
-    @ApiModelProperty(position = 6, readOnly = true, value = "Duplicates the email of the user, readonly", example = "user@example.com")
-    @Override
-    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
-    public String getName() {
-        return email;
-    }
-
-    @ApiModelProperty(position = 7, required = true, value = "Authority", example = "SYS_ADMIN, TENANT_ADMIN or CUSTOMER_USER")
-    public Authority getAuthority() {
-        return authority;
-    }
-
-    public void setAuthority(Authority authority) {
-        this.authority = authority;
-    }
-
-    @ApiModelProperty(position = 8, required = true, value = "First name of the user", example = "John")
-    public String getFirstName() {
-        return firstName;
-    }
-
-    public void setFirstName(String firstName) {
-        this.firstName = firstName;
-    }
-
-    @ApiModelProperty(position = 9, required = true, value = "Last name of the user", example = "Doe")
-    public String getLastName() {
-        return lastName;
-    }
-
-    public void setLastName(String lastName) {
-        this.lastName = lastName;
-    }
-
-    @ApiModelProperty(position = 10, value = "Additional parameters of the user", dataType = "com.fasterxml.jackson.databind.JsonNode")
-    @Override
-    public JsonNode getAdditionalInfo() {
-        return super.getAdditionalInfo();
-    }
-
-    @Override
-    public String getSearchText() {
-        return getEmail();
-    }
-
-    @Override
-    public String toString() {
-        StringBuilder builder = new StringBuilder();
-        builder.append("User [tenantId=");
-        builder.append(tenantId);
-        builder.append(", customerId=");
-        builder.append(customerId);
-        builder.append(", email=");
-        builder.append(email);
-        builder.append(", authority=");
-        builder.append(authority);
-        builder.append(", firstName=");
-        builder.append(firstName);
-        builder.append(", lastName=");
-        builder.append(lastName);
-        builder.append(", additionalInfo=");
-        builder.append(getAdditionalInfo());
-        builder.append(", createdTime=");
-        builder.append(createdTime);
-        builder.append(", id=");
-        builder.append(id);
-        builder.append("]");
-        return builder.toString();
-    }
-
-    @JsonIgnore
-    public boolean isSystemAdmin() {
-        return tenantId == null || EntityId.NULL_UUID.equals(tenantId.getId());
-    }
-
-    @JsonIgnore
-    public boolean isTenantAdmin() {
-        return !isSystemAdmin() && (customerId == null || EntityId.NULL_UUID.equals(customerId.getId()));
-    }
-
-    @JsonIgnore
-    public boolean isCustomerUser() {
-        return !isSystemAdmin() && !isTenantAdmin();
-    }
+public class User extends SearchTextBasedWithAdditionalInfo<UserId>
+    implements HasName, HasTenantId, HasCustomerId {
+
+  private static final long serialVersionUID = 8250339805336035966L;
+
+  private TenantId tenantId;
+  private CustomerId customerId;
+  private String email;
+  private Authority authority;
+
+  @NoXss
+  @Length(fieldName = "first name")
+  private String firstName;
+
+  @NoXss
+  @Length(fieldName = "last name")
+  private String lastName;
+  /** 平台的用户详情 */
+  @Getter @Setter private UserDetailsDTO userDetailsDTO;
+
+  public User() {
+    super();
+  }
+
+  public User(UserId id) {
+    super(id);
+  }
+
+  public User(User user) {
+    super(user);
+    this.tenantId = user.getTenantId();
+    this.customerId = user.getCustomerId();
+    this.email = user.getEmail();
+    this.authority = user.getAuthority();
+    this.firstName = user.getFirstName();
+    this.lastName = user.getLastName();
+  }
+
+  @ApiModelProperty(
+      position = 1,
+      value =
+          "JSON object with the User Id. "
+              + "Specify this field to update the device. "
+              + "Referencing non-existing User Id will cause error. "
+              + "Omit this field to create new customer.")
+  @Override
+  public UserId getId() {
+    return super.getId();
+  }
+
+  @ApiModelProperty(
+      position = 2,
+      value = "Timestamp of the user creation, in milliseconds",
+      example = "1609459200000",
+      readOnly = true)
+  @Override
+  public long getCreatedTime() {
+    return super.getCreatedTime();
+  }
+
+  @ApiModelProperty(position = 3, value = "JSON object with the Tenant Id.", readOnly = true)
+  public TenantId getTenantId() {
+    return tenantId;
+  }
+
+  public void setTenantId(TenantId tenantId) {
+    this.tenantId = tenantId;
+  }
+
+  @ApiModelProperty(position = 4, value = "JSON object with the Customer Id.", readOnly = true)
+  public CustomerId getCustomerId() {
+    return customerId;
+  }
+
+  public void setCustomerId(CustomerId customerId) {
+    this.customerId = customerId;
+  }
+
+  @ApiModelProperty(
+      position = 5,
+      required = true,
+      value = "Email of the user",
+      example = "user@example.com")
+  public String getEmail() {
+    return email;
+  }
+
+  public void setEmail(String email) {
+    this.email = email;
+  }
+
+  @ApiModelProperty(
+      position = 6,
+      readOnly = true,
+      value = "Duplicates the email of the user, readonly",
+      example = "user@example.com")
+  @Override
+  @JsonProperty(access = JsonProperty.Access.READ_ONLY)
+  public String getName() {
+    return email;
+  }
+
+  @ApiModelProperty(
+      position = 7,
+      required = true,
+      value = "Authority",
+      example = "SYS_ADMIN, TENANT_ADMIN or CUSTOMER_USER")
+  public Authority getAuthority() {
+    return authority;
+  }
+
+  public void setAuthority(Authority authority) {
+    this.authority = authority;
+  }
+
+  @ApiModelProperty(
+      position = 8,
+      required = true,
+      value = "First name of the user",
+      example = "John")
+  public String getFirstName() {
+    return firstName;
+  }
+
+  public void setFirstName(String firstName) {
+    this.firstName = firstName;
+  }
+
+  @ApiModelProperty(position = 9, required = true, value = "Last name of the user", example = "Doe")
+  public String getLastName() {
+    return lastName;
+  }
+
+  public void setLastName(String lastName) {
+    this.lastName = lastName;
+  }
+
+  @ApiModelProperty(
+      position = 10,
+      value = "Additional parameters of the user",
+      dataType = "com.fasterxml.jackson.databind.JsonNode")
+  @Override
+  public JsonNode getAdditionalInfo() {
+    return super.getAdditionalInfo();
+  }
+
+  @Override
+  public String getSearchText() {
+    return getEmail();
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder builder = new StringBuilder();
+    builder.append("User [tenantId=");
+    builder.append(tenantId);
+    builder.append(", customerId=");
+    builder.append(customerId);
+    builder.append(", email=");
+    builder.append(email);
+    builder.append(", authority=");
+    builder.append(authority);
+    builder.append(", firstName=");
+    builder.append(firstName);
+    builder.append(", lastName=");
+    builder.append(lastName);
+    builder.append(", additionalInfo=");
+    builder.append(getAdditionalInfo());
+    builder.append(", createdTime=");
+    builder.append(createdTime);
+    builder.append(", id=");
+    builder.append(id);
+    builder.append("]");
+    return builder.toString();
+  }
+
+  @JsonIgnore
+  public boolean isSystemAdmin() {
+    return tenantId == null || EntityId.NULL_UUID.equals(tenantId.getId());
+  }
+
+  @JsonIgnore
+  public boolean isTenantAdmin() {
+    return !isSystemAdmin()
+        && (customerId == null || EntityId.NULL_UUID.equals(customerId.getId()));
+  }
+
+  @JsonIgnore
+  public boolean isCustomerUser() {
+    return !isSystemAdmin() && !isTenantAdmin();
+  }
 }
 }

+package org.thingsboard.server.common.data.yunteng.common;
+
+public interface AddGroup {
+}

+package org.thingsboard.server.common.data.yunteng.common;
+
+import org.thingsboard.server.common.data.yunteng.dto.SysDictItemDTO;
+
+public interface CommonService {
+  /**
+   * 通过dict表的Code和dictItem的codeText查询字典表的值
+   *
+   * @param dictCode 字典表Code
+   * @param codeValue 字典Item表文本值
+   * @return 返回字典Item表
+   */
+  SysDictItemDTO getDictValueByCodeAndText(String dictCode, String codeValue);
+
+  /**
+   * 生成DeviceToken
+   * @return 返回DeviceToken
+   */
+  String generateDeviceToken(String tenantId);
+}

+package org.thingsboard.server.common.data.yunteng.common;
+
+public interface DeleteGroup {
+}

+package org.thingsboard.server.common.data.yunteng.common;
+
+public interface UpdateGroup {
+}

+package org.thingsboard.server.common.data.yunteng.common.aspect;
+
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.springframework.stereotype.Component;
+import org.thingsboard.common.util.JacksonUtil;
+import org.thingsboard.server.common.data.yunteng.common.CommonService;
+import org.thingsboard.server.common.data.yunteng.common.aspect.annotation.AutoDict;
+import org.thingsboard.server.common.data.yunteng.dto.SysDictItemDTO;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.common.data.yunteng.utils.tools.ResponseResult;
+
+import java.lang.reflect.Field;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.ArrayList;
+import java.util.List;
+
+@Aspect
+@Component
+@Slf4j
+@RequiredArgsConstructor
+public class SysDictAspect {
+
+  private final CommonService commonService;
+
+  /** 表对应字段加上_dictText即可显示出文本 */
+  private static final String DICT_TEXT_SUFFIX = "DictText";
+
+  /** 定义切入点 */
+  @Pointcut("execution(* com.codeez..*.*Controller.*(..))")
+  public void exudeService() {}
+
+  /**
+   * 执行环绕通知
+   *
+   * @param joinPoint 切面
+   * @return 返回类型： Object
+   */
+  @Around("exudeService()")
+  public Object aroundAdvise(ProceedingJoinPoint joinPoint) throws Throwable {
+    // 执行切点环绕通知，获取执行方法的返回值
+    Object returnObject = joinPoint.proceed();
+    return parseDictValue(returnObject);
+  }
+
+  /**
+   * 解析数据字典值
+   *
+   * @param returnObject 数据字典Code对应的值
+   */
+  private Object parseDictValue(Object returnObject) throws IllegalAccessException {
+    if (returnObject instanceof ResponseResult) {
+      Object object = ((ResponseResult<?>) returnObject).getData();
+      if(null != object){
+        ObjectNode objectNode = getObjectNode(object, ((ResponseResult) returnObject).getData());
+        if(null == objectNode){
+          return returnObject;
+        }
+        returnObject = ResponseResult.success(objectNode);
+      }
+    }
+    if (returnObject instanceof PageData) {
+      Object object = returnObject;
+      List<ObjectNode> list = new ArrayList<>();
+      for (Object obj : ((PageData<?>) object).getItems()) {
+        ObjectNode objectNode = getObjectNode(obj, obj);
+        if(null == objectNode){
+          return returnObject;
+        }
+        list.add(objectNode);
+      }
+      returnObject =new PageData<>(list, ((PageData<?>) object).getTotal());
+    }
+    return returnObject;
+  }
+
+  /**
+   * 通过dict表的Code和dictItem的codeText查询字典表的值
+   *
+   * @param code dict表的Code
+   * @param codeText dictItem的codeText
+   * @return 返回Item的值
+   */
+  private String getDictText(String code, Object codeText) {
+    SysDictItemDTO sysDictItemDTO =
+        commonService.getDictValueByCodeAndText(code, codeText.toString());
+    return sysDictItemDTO != null ? sysDictItemDTO.getItemText() : null;
+  }
+
+  /**
+   * 获取添加字段后的ObjectNode
+   *
+   * @param object 对象
+   * @param sourceObject 源对象
+   * @return 添加字段后的ObjectNode
+   */
+  private ObjectNode getObjectNode(Object object, Object sourceObject)
+      throws IllegalAccessException {
+    ObjectNode objectNode = null;
+    for (Field field : ReflectUtils.getAllDeclaredFields(object.getClass())) {
+      // 忽略修饰符访问检查
+      field.setAccessible(true);
+      if (field.getAnnotation(AutoDict.class) != null) {
+        String dictCode = field.getAnnotation(AutoDict.class).dictCode();
+        // 如果dictCode为空字符串，则循环下一个
+        if (StringUtils.isEmpty(dictCode)) {
+          log.debug("dictCode为空字符串的字段为{}", field.getName());
+          continue;
+        }
+        Object codeText = field.get(object);
+        if (null != codeText) {
+          String textValue = getDictText(dictCode, codeText);
+          JsonNode jsonNode = JacksonUtil.toJsonNode(JacksonUtil.toString(sourceObject));
+          if(null == objectNode){
+            objectNode = (ObjectNode) jsonNode;
+          }
+          objectNode.put(field.getName() + DICT_TEXT_SUFFIX, textValue);
+        }
+      }
+      if(field.getType().getName().equals("java.time.LocalDateTime")){
+        Object content = field.get(object);
+        if(null != content && null !=objectNode){
+          DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
+          objectNode.put(field.getName(),fmt.format((LocalDateTime)content));
+        }
+      }
+    }
+    return objectNode;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.common.aspect.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 字典注解
+ */
+@Target(ElementType.FIELD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface AutoDict {
+    /**
+     * 字典Code
+     * @return 返回类型 String
+     */
+    String dictCode();
+}

+package org.thingsboard.server.common.data.yunteng.config.email;
+
+import lombok.Data;
+
+@Data
+public class EmailConfiguration {
+
+  /** 配置服务器 */
+  private String host;
+
+  /** 配置端口 */
+  private Integer port;
+
+  /** 配置用户名 */
+  private String username;
+
+  /** 配置密码 */
+  private String password;
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+import lombok.extern.slf4j.Slf4j;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+
+@Slf4j
+public abstract class AbstractSmsSender implements SmsSender {
+
+  protected void validatePhoneNumber(String phoneNumber) {
+    phoneNumber = phoneNumber.trim();
+    if (!FastIotConstants.CHINA_MOBILE_PATTERN.matcher(phoneNumber).matches()) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonSubTypes;
+import com.fasterxml.jackson.annotation.JsonTypeInfo;
+import org.thingsboard.server.common.data.yunteng.config.sms.ali.AliSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.config.sms.tencent.TencentSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.enums.SmsProviderTypeEnum;
+
+@JsonTypeInfo(use = JsonTypeInfo.Id.NAME, include = JsonTypeInfo.As.PROPERTY, property = "type")
+@JsonSubTypes({
+  @JsonSubTypes.Type(value = AliSmsProviderConfiguration.class, name = "ALI_CLOUD"),
+  @JsonSubTypes.Type(value = TencentSmsProviderConfiguration.class, name = "TENCENT_CLOUD")
+})
+public interface SmsProviderConfiguration {
+
+  @JsonIgnore
+  SmsProviderTypeEnum getType();
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+import java.util.LinkedHashMap;
+
+public interface SmsSender {
+    String sendSms(String phone, String templateCode, LinkedHashMap<String,String> param,String signName);
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+public interface SmsSenderFactory {
+  SmsSender createSmsSender(SmsProviderConfiguration config);
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.common.data.yunteng.config.sms.ali.AliSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.config.sms.ali.AliSmsSender;
+import org.thingsboard.server.common.data.yunteng.config.sms.tencent.TencentSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.config.sms.tencent.TencentSmsSender;
+
+@Component
+public class YtDefaultSmsSenderFactory implements SmsSenderFactory {
+  @Override
+  public SmsSender createSmsSender(
+      SmsProviderConfiguration config) {
+    switch (config.getType()) {
+      case ALI_CLOUD:
+        return new AliSmsSender(
+            (AliSmsProviderConfiguration) config);
+      case TENCENT_CLOUD:
+        return new TencentSmsSender(
+            (TencentSmsProviderConfiguration) config);
+      default:
+        throw new RuntimeException("Unknown SMS provider type " + config.getType());
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.ali;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.config.sms.SmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.enums.SmsProviderTypeEnum;
+
+@Data
+public class AliSmsProviderConfiguration implements SmsProviderConfiguration {
+
+  /** 阿里云AccessKeyId */
+  private String accessKeyId;
+
+  /** 阿里云AccessKeySecret */
+  private String accessKeySecret;
+
+  @Override
+  public SmsProviderTypeEnum getType() {
+    return SmsProviderTypeEnum.ALI_CLOUD;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.ali;
+
+import com.aliyuncs.DefaultAcsClient;
+import com.aliyuncs.IAcsClient;
+import com.aliyuncs.dysmsapi.model.v20170525.SendSmsRequest;
+import com.aliyuncs.dysmsapi.model.v20170525.SendSmsResponse;
+import com.aliyuncs.exceptions.ClientException;
+import com.aliyuncs.http.MethodType;
+import com.aliyuncs.profile.DefaultProfile;
+import com.aliyuncs.profile.IClientProfile;
+import lombok.Data;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.thingsboard.common.util.JacksonUtil;
+import org.thingsboard.server.common.data.yunteng.config.sms.AbstractSmsSender;
+import org.thingsboard.server.common.data.yunteng.core.exception.FastIotException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.enums.ResponseCodeEnum;
+
+import java.util.LinkedHashMap;
+
+@Slf4j
+public class AliSmsSender extends AbstractSmsSender {
+
+  /** 阿里云短信参数配置 */
+  private final AliSmsProviderConfiguration config;
+
+  private IClientProfile profile;
+
+  public AliSmsSender(AliSmsProviderConfiguration config) {
+    if (StringUtils.isEmpty(config.getAccessKeyId())
+        || StringUtils.isEmpty(config.getAccessKeyId())) {
+      throw new FastIotException(ErrorMessage.INVALID_PARAMETER);
+    }
+    this.config = config;
+    initProfile();
+  }
+
+  /** 使用AK&SK初始化账号Client */
+  private void initProfile() {
+    String endpoint = "dysmsapi.aliyuncs.com";
+    String product = "Dysmsapi";
+    String regionId = "cn-shanghai";
+    profile =
+        DefaultProfile.getProfile(regionId, config.getAccessKeyId(), config.getAccessKeySecret());
+    DefaultProfile.addEndpoint(regionId, product, endpoint);
+  }
+
+  @Override
+  public String sendSms(
+      String phone, String templateCode, LinkedHashMap<String, String> param, String signName) {
+    validatePhoneNumber(phone);
+    IAcsClient client = new DefaultAcsClient(profile);
+    SendSmsRequest request = new SendSmsRequest();
+    request.setSysMethod(MethodType.POST);
+    request.setPhoneNumbers(phone);
+    request.setSignName(signName);
+    request.setTemplateCode(templateCode);
+    // 有参数的时候才处理
+    if (!param.isEmpty()) {
+      request.setTemplateParam(JacksonUtil.toString(param));
+    }
+    try {
+      SendSmsResponse response = client.getAcsResponse(request);
+      return response.getCode().equalsIgnoreCase(ResponseCodeEnum.OK.name())
+          ? ResponseCodeEnum.SUCCESS.name()
+          : response.getMessage();
+    } catch (ClientException e) {
+      e.printStackTrace();
+      return e.getMessage();
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.tencent;
+
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.config.sms.SmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.enums.SmsProviderTypeEnum;
+
+@Data
+public class TencentSmsProviderConfiguration implements SmsProviderConfiguration {
+
+  /** 腾讯云AppId */
+  private String appId;
+
+  /** 腾讯云appKey */
+  private String appKey;
+
+  @Override
+  public SmsProviderTypeEnum getType() {
+    return SmsProviderTypeEnum.TENCENT_CLOUD;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.tencent;
+
+
+import lombok.extern.slf4j.Slf4j;
+import org.thingsboard.server.common.data.yunteng.config.sms.AbstractSmsSender;
+
+import java.util.LinkedHashMap;
+
+@Slf4j
+public class TencentSmsSender extends AbstractSmsSender {
+
+  public TencentSmsSender(TencentSmsProviderConfiguration config) {}
+
+  @Override
+  public String sendSms(
+      String phone, String templateCode, LinkedHashMap<String, String> param, String signName) {
+    return "";
+  }
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+import java.util.regex.Pattern;
+
+public interface FastIotConstants {
+
+  class DefaultOrder {
+    public static final String CREATE_TIME="create_time";
+  }
+
+  String MOBILE =
+      "^[1](([3][0-9])|([4][0,1,4-9])|([5][0-3,5-9])|([6][2,5,6,7])|([7][0-8])|([8][0-9])|([9][0-3,5-9]))[0-9]{8}$";
+  String EMAIL = "^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,}$";
+  Pattern EMAIL_PATTERN = Pattern.compile(EMAIL, Pattern.CASE_INSENSITIVE);
+  Pattern CHINA_MOBILE_PATTERN = Pattern.compile(MOBILE);
+
+  class ConfigJSONKey {
+    public static final String BASE_URL = "baseUrl";
+  }
+
+  String DEFAULT_DELIMITER = "#";
+
+  class StateValue {
+    /** 禁用 */
+    public static final int DISABLE = 0;
+    /** 启用 */
+    public static final int ENABLE = 1;
+
+    /** 删除成功 */
+    public static final String DELETE_SUCCESS = "删除成功";
+
+    /** 删除失败 */
+    public static final String DELETE_FAILED = "删除成功";
+  }
+
+  class LevelValue {
+    /** 超级管理员 */
+    public static final int IS_ADMIN=0;
+
+    /** 系统平台其他管理员 */
+    public static final int IS_OTHER_ADMIN = 1;
+
+    /** 租户管理员 */
+    public static final int IS_TENANT_ADMIN = 2;
+
+    /** 普通用户 */
+    public static final int IS_NORMAL = 3;
+  }
+
+  interface CacheConfigKey {
+    String CACHE_CONFIG_KEY = "FAST_IOT_CACHE";
+    String USER_PERMISSION_PREFIX = "user_permission_for_";
+    String MOBILE_LOGIN_SMS_CODE = "mobile_login_sms_code";
+    String DEFAULT_RULE_CHAIN = "default_rule_chain";
+  }
+
+  String DEFAULT_EMAIL_SUFFIX_FOR_TB ="@yunteng.com";
+
+  interface TBCacheConfig {
+    String TB_CACHE_CONFIG_KEY = "TB_CONNECT_CACHE";
+    String EXISTING_TENANT = "EXISTING_TENANT";
+  }
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+public final class ModelConstants {
+  public static class Table {
+    /** 系统用户表 */
+    public static final String USER_TABLE_NAME = "sys_user";
+    /** 租户表 */
+    public static final String TENANT_TABLE_NAME = "sys_tenant";
+    /** 租户菜单表 */
+    public static final String TENANT_MENU_TABLE_NAME = "sys_tenant_menu";
+    /** 租户角色表 */
+    public static final String TENANT_ROLE_TABLE_NAME = "sys_tenant_role";
+    /** 菜单表 */
+    public static final String MENU_TABLE_NAME = "sys_menu";
+    /** 角色表 */
+    public static final String ROLE_TABLE_NAME = "sys_role";
+    /** 用户角色关系表 */
+    public static final String USER_ROLE_TABLE_NAME = "sys_user_role";
+    /** 系统用户设置表 */
+    public static final String ADMIN_SETTING_TABLE_NAME = "sys_admin_setting";
+    /** 字典表 */
+    public static final String DICT_TABLE_NAME = "sys_dict";
+    /** 字典值表 */
+    public static final String DICT_ITEM_TABLE_NAME = "sys_dict_item";
+    /** 消息字典表 */
+    public static final String MESSAGE_CONFIG_TABLE_NAME = "message_config";
+    /** 消息模板表 */
+    public static final String MESSAGE_TEMPLATE_TABLE_NAME = "message_template";
+    /** 短信发送记录表 */
+    public static final String SMS_LOG_TABLE_NAME = "sms_log";
+    /** 邮件发送记录表 */
+    public static final String MAIL_LOG_TABLE_NAME = "mail_log";
+    /** 限流表 */
+    public static final String RATE_LIMIT_TABLE_NAME = "sys_rate_limit";
+    /** 系统部门表 */
+    public static final String DEPT_TABLE_NAME = "sys_dept";
+    /** 组织表 */
+    public static final String IOTFS_ORGANIZATION_TABLE_NAME = "iotfs_organization";
+    /** 用户与组织映射表 */
+    public static final String IOTFS_USER_ORGANIZATION_MAPPING_TABLE_NAME = "iotfs_user_organization_mapping";
+    /** 设备表 */
+    public static final String IOTFS_DEVICE_TABLE_NAME = "iotfs_device";
+    /** 设备配置表 */
+    public static final String IOTFS_DEVICE_PROFILE_TABLE_NAME = "iotfs_device_profile";
+    /** 设备类型表 */
+    public static final String IOTFS_DEVICE_TYPE_TABLE_NAME = "iotfs_device_type";
+    /** 告警配置表 */
+    public static final String IOTFS_ALARM_PROFILE_TABLE_NAME = "iotfs_alarm_profile";
+    /** 告警联系人 */
+    public static final String IOTFS_ALARM_CONTACT_TABLE_NAME = "iotfs_alarm_contact";
+  }
+
+  public static class TableFields {
+    public static final String TENANT_ID = "tenant_id";
+  }
+
+  public static class TablePropertyMapping {
+    public static final String ID = "id";
+    public static final String CREATE_TIME = "createTime";
+    public static final String UPDATE_TIME = "updateTime";
+    public static final String CREATOR = "creator";
+    public static final String UPDATER = "updater";
+    public static final String UPDATE = "update";
+    public static final String TENANT_CODE = "tenantCode";
+    public static final String PASSWORD = "password";
+    public static final String ACTIVATE_TOKEN = "activateToken";
+    public static final String TB_DEVICE_ID = "tbDeviceId";
+    public static final String DEVICE_STATE = "deviceState";
+    public static final String ACTIVE_TIME = "activeTime";
+  }
+
+  public static class AdminSettingConfigKey {
+    public static final String GENERAL_SETTING = "general";
+  }
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+public class QueryConstant {
+  public static final String PAGE_SIZE = "pageSize";
+  public static final String PAGE = "page";
+  public static final String ORDER_FILED = "orderFiled";
+  public static final String ORDER_TYPE = "orderType";
+  public static final String CREATE_TIME="createTime";
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+public final class SecurityConstant {
+    public static final String ROLE="role";
+    public static final String USER_ID="userId";
+    public static final String USER_NAME="username";
+    public static final String DISPLAY_NAME="displayName";
+    public static final String TENANT_CODE ="tenantCode";
+    public static final String TENANT_NAME="tenantName";
+    public static final String JWT_TOKEN_HEADER_PARAM="X-Authorization";
+}

+package org.thingsboard.server.common.data.yunteng.core;
+
+public enum RequestMethod {
+  GET,
+  HEAD,
+  POST,
+  PUT,
+  PATCH,
+  DELETE,
+  OPTIONS,
+  TRACE
+}

+package org.thingsboard.server.common.data.yunteng.core;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.springframework.util.Assert;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+
+import java.io.Serializable;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class Result implements Serializable {
+  private static final long serialVersionUID = -7460365055472356522L;
+  private String msg = "success";
+  private int code = -1;
+  private Object data;
+
+  public static Result ok(Object data) {
+    return new Result("success", 0, data);
+  }
+
+  public static Result error() {
+    return error(ErrorMessage.OPERATION_FAILED.getCode(), ErrorMessage.OPERATION_FAILED);
+  }
+
+  public static Result error(ErrorMessage ntlErrorMessage) {
+    return error(ntlErrorMessage.getCode(), ntlErrorMessage);
+  }
+
+  public static Result error(int code, ErrorMessage ntlErrorMessage) {
+    Assert.isTrue(code != 0, "error code should not be zero in error response!");
+    return new Result(ntlErrorMessage.getMessage(), code, null);
+  }
+
+  public static Result error(String msg) {
+    return new Result(msg, -1, null);
+  }
+
+  public static Result error(int code, String msg) {
+    Assert.isTrue(code != 0, "error code should not be zero in error response!");
+    return new Result(msg, code, null);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.cache;
+
+import org.springframework.cache.CacheManager;
+import org.springframework.stereotype.Component;
+
+import java.util.Objects;
+import java.util.Optional;
+
+@Component
+public class CacheUtils {
+
+  private final String COMMON_STORE_AREA = "yun-teng-iot-common";
+
+  private final CacheManager cacheManager;
+
+  public CacheUtils(CacheManager cacheManager) {
+    this.cacheManager = cacheManager;
+  }
+
+  public void put(String key, Object value) {
+    Objects.requireNonNull(cacheManager.getCache(COMMON_STORE_AREA)).put(key, value);
+  }
+
+  public void put(String cacheName, String key, Object value) {
+    Objects.requireNonNull(cacheManager.getCache(cacheName)).put(key, value);
+  }
+
+  public void invalidateCacheName(String cacheName) {
+    Objects.requireNonNull(cacheManager.getCache(cacheName)).invalidate();
+  }
+  public void invalidate(String key) {
+    Objects.requireNonNull(cacheManager.getCache(COMMON_STORE_AREA)).evictIfPresent(key);
+  }
+
+  public void invalidate(String cacheName, String key) {
+    Objects.requireNonNull(cacheManager.getCache(cacheName)).evictIfPresent(key);
+  }
+
+  @SuppressWarnings("unchecked")
+  public <T> Optional<T> get(String key) {
+    return Optional.ofNullable(
+            Objects.requireNonNull(cacheManager.getCache(COMMON_STORE_AREA)).get(key))
+        .map(v -> (T) v.get());
+  }
+
+  @SuppressWarnings("unchecked")
+  public <T> Optional<T> get(String cacheName, String key) {
+    return Optional.ofNullable(Objects.requireNonNull(cacheManager.getCache(cacheName)).get(key))
+        .map(v -> (T) v.get());
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.event;
+
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationEvent;
+
+public class RateLimitChangeEvent extends ApplicationEvent {
+  private static final long serialVersionUID = 5948179374091197232L;
+
+  /**
+   * Create a new ContextStartedEvent.
+   *
+   * @param source the {@code ApplicationContext} that the event is raised for (must not be {@code
+   *     null})
+   */
+  public RateLimitChangeEvent(ApplicationContext source) {
+    super(source);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class DTOCreationException extends RuntimeException {
+
+  private static final long serialVersionUID = 5255597864949518781L;
+
+  public DTOCreationException(String message) {
+    super(message);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+import lombok.Getter;
+
+public class DataValidationException extends RuntimeException {
+  private static final long serialVersionUID = 3556952261254572635L;
+
+  @Getter public boolean log = false;
+
+  public DataValidationException(String message) {
+    super(message);
+  }
+
+  public DataValidationException(String message, boolean log) {
+    super(message);
+    this.log = log;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class EntityCreationException extends RuntimeException {
+
+  private static final long serialVersionUID = 5255597864949518781L;
+
+  public EntityCreationException(String message) {
+    super(message);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+import lombok.Getter;
+import org.springframework.http.HttpStatus;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+
+public class FastIotException extends RuntimeException {
+  private static final long serialVersionUID = 4036257507478854844L;
+
+  @Getter private final HttpStatus httpStatus;
+
+  @Getter private final ErrorMessage error;
+
+  public FastIotException(ErrorMessage errorMessage) {
+    super(errorMessage.getMessage());
+    this.httpStatus = HttpStatus.INTERNAL_SERVER_ERROR;
+    this.error = errorMessage;
+  }
+
+  public FastIotException(ErrorMessage errorMessage, HttpStatus httpStatus) {
+    super(errorMessage.getMessage());
+    this.httpStatus = httpStatus;
+    this.error = errorMessage;
+  }
+
+  public FastIotException() {
+    super(ErrorMessage.INTERNAL_ERROR.getMessage());
+    this.error = ErrorMessage.INTERNAL_ERROR;
+    this.httpStatus = HttpStatus.INTERNAL_SERVER_ERROR;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class FileNotFoundException extends RuntimeException{
+    private static final long serialVersionUID = 3466865879043055822L;
+
+    public FileNotFoundException(String message) {
+    super(message);
+    }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class FileStorageException extends  RuntimeException{
+    private static final long serialVersionUID = -8866081834891143120L;
+
+    public FileStorageException(String message) {
+        super(message);
+    }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class NoneTenantAssetException extends RuntimeException {
+  private static final long serialVersionUID = 9135599998185288967L;
+
+  public NoneTenantAssetException(String message) {
+    super(message);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class TooManyRequestException extends RuntimeException {
+  private static final long serialVersionUID = 1055141330426574861L;
+
+  public TooManyRequestException() {
+    super();
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.message;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+
+@JsonFormat(shape = JsonFormat.Shape.OBJECT)
+public enum ErrorMessage {
+  // ERROR STARTS FROM HERE
+  INTERNAL_ERROR(500000, "internal error"),
+  OPERATION_FAILED(500001, "operation failed"),
+  NO_PERMISSION(403001, "no permission"),
+  ACCOUNT_DISABLED(403002, "account disabled"),
+  ACCESS_DENIED(403003, "access denied"),
+  AUTHENTICATION_METHOD_NOT_SUPPORTED(403004, "authentication method not supported"),
+  USERNAME_PASSWORD_INCORRECT(401001, "incorrect username or password"),
+  TOKEN_EXPIRED(401002, "token has expired"),
+  NONE_TENANT_ASSET(401003, "not current tenant asset"),
+  AUTHENTICATION_FAILED_ACCOUNT_EXPIRED(401003, "account has expired"),
+  BAD_PARAMETER(400000, "query parameters not valid"),
+  INVALID_PARAMETER(400001, "invalid parameters"),
+  TOO_MANY_REQUEST(429001, "too many requests"),
+  EXIST_ENABLE_TEMPLATE(400002,"存在已启用相同类型及用途的模板"),
+  NOT_SET_PASSWORD_TEMPLATE(400003,"未设置用于密码重置的模板"),
+  PROVIDE_CORRECT_PHONE_NUMBER(400004,"请提供正确的电话号码"),
+  PROVIDE_CORRECT_EMAIL(400005,"请提供正确的邮箱"),
+  PHONE_NUMBER_OR_EMAIL_REQUIRED(400006,"必须提供电话或者邮箱"),
+  NAME_ALREADY_EXISTS(400007,"名称已存在"),
+  ROLE_IN_USE(400008,"该角色还存在用户使用"),
+  NONE_DEFAULT_RULE_CHAIN(400009,"该租户不存在默认的规则链"),
+  TENANT_MISMATCHING(400010,"租户不匹配"),
+  GET_CURRENT_USER_EXCEPTION(400011,"获取当前用户信息异常"),
+  CONNECT_TO_TB_ERROR(500001,"与TB联系错误"),
+  HAVE_NO_PERMISSION(500002,"没有修改权限");
+  private final int code;
+  private String message;
+
+  ErrorMessage(int code, String message) {
+    this.code = code;
+    this.message = message;
+  }
+
+  public ErrorMessage setMessage(String message) {
+    this.message = message;
+    return this;
+  }
+
+  public int getCode() {
+    return code;
+  }
+
+  public String getMessage() {
+    return message;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+@ConfigurationProperties(prefix = "file.storage.local")
+@Component
+@Data
+public class FileStorageProperties {
+  private String type;
+  private String uploadDir;
+  private String downloadPath;
+  private String uploadPath;
+  private boolean randomFileName;
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.multipart.MultipartFile;
+import org.thingsboard.server.common.data.yunteng.dto.FileUploadResponse;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public interface FileStorageService {
+
+  /**
+   * 上传文件
+   *
+   * @param file 待上传文件
+   * @return {@link FileUploadResponse} 实例对象
+   */
+  FileUploadResponse upload(MultipartFile file);
+
+  /**
+   * 下载文件
+   *
+   * @param fileName 待下载文件名
+   * @param response {@link HttpServletResponse}
+   */
+  ResponseEntity<?> download(
+      String fileName, HttpServletRequest request, HttpServletResponse response);
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.UrlResource;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+import org.springframework.util.StringUtils;
+import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.thingsboard.server.common.data.yunteng.core.exception.FileNotFoundException;
+import org.thingsboard.server.common.data.yunteng.core.exception.FileStorageException;
+import org.thingsboard.server.common.data.yunteng.dto.FileUploadResponse;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.StandardCopyOption;
+import java.util.Objects;
+
+@Service
+@Slf4j
+@ConditionalOnExpression("'${file.storage.type}'=='local'")
+public class LocalFileStorageService implements FileStorageService {
+
+  private final FileStorageProperties fileStorageProperties;
+  private final Path fileStorageLocation;
+
+  @Value("${file.storage.local.staticUrl}")
+  private String ossFileUrl;
+
+  @Autowired
+  public LocalFileStorageService(FileStorageProperties fileStorageProperties) {
+    this.fileStorageProperties = fileStorageProperties;
+    this.fileStorageLocation =
+        Paths.get(fileStorageProperties.getUploadDir()).toAbsolutePath().normalize();
+    try {
+      Files.createDirectories(this.fileStorageLocation);
+    } catch (Exception e) {
+      throw new RuntimeException(
+          "Could not create the directory where the uploaded files will be stored.");
+    }
+  }
+
+  public String storeFile(MultipartFile file) {
+    // Normalize file name
+    String fileName = StringUtils.cleanPath(Objects.requireNonNull(file.getOriginalFilename()));
+
+    try {
+      // random fileName if needed
+      if (fileStorageProperties.isRandomFileName()) {
+        if (fileName.contains(".")) {
+          fileName =
+              RandomStringUtils.randomAlphabetic(15)
+                  + fileName.substring(fileName.lastIndexOf("."));
+        } else {
+          fileName = RandomStringUtils.randomAlphabetic(15);
+        }
+      }
+      // Check if the file's name contains invalid characters
+      if (fileName.contains("..")) {
+        throw new FileStorageException(
+            "Sorry! Filename contains invalid path sequence " + fileName);
+      }
+
+      // Copy file to the target location (Replacing existing file with the same name)
+      Path targetLocation = this.fileStorageLocation.resolve(fileName);
+      Files.copy(file.getInputStream(), targetLocation, StandardCopyOption.REPLACE_EXISTING);
+
+      return fileName;
+    } catch (IOException ex) {
+      throw new FileStorageException("Could not store file " + fileName + ". Please try again!");
+    }
+  }
+
+  public Resource loadFileAsResource(String fileName) {
+    try {
+      Path filePath = this.fileStorageLocation.resolve(fileName).normalize();
+      Resource resource = new UrlResource(filePath.toUri());
+      if (resource.exists()) {
+        return resource;
+      } else {
+        throw new FileNotFoundException("File not found " + fileName);
+      }
+    } catch (MalformedURLException ex) {
+      throw new FileNotFoundException("File not found " + fileName);
+    }
+  }
+
+  @Override
+  public FileUploadResponse upload(MultipartFile file) {
+    String fileName = this.storeFile(file);
+    String fileDownloadPath =
+        ServletUriComponentsBuilder.fromCurrentRequestUri()
+            .path(fileStorageProperties.getDownloadPath())
+            .path(fileName)
+            .toUriString();
+    String realDownloadPath = fileDownloadPath.replace(fileStorageProperties.getUploadPath(), "");
+    String ossStaticPath =
+        ServletUriComponentsBuilder.fromCurrentContextPath().toUriString() + ossFileUrl;
+    ossStaticPath = ossStaticPath.replace("**", fileName);
+    return new FileUploadResponse(
+        fileName, realDownloadPath, file.getContentType(), file.getSize(), ossStaticPath);
+  }
+
+  @Override
+  public ResponseEntity<?> download(
+      String fileName, HttpServletRequest request, HttpServletResponse response) {
+    Resource resource = this.loadFileAsResource(fileName);
+    String contentType = null;
+    try {
+      contentType = request.getServletContext().getMimeType(resource.getFile().getAbsolutePath());
+    } catch (IOException ex) {
+      log.info("Could not determine file type.");
+    }
+
+    // Fallback to the default content type if type could not be determined
+    if (contentType == null) {
+      contentType = "application/octet-stream";
+    }
+
+    return ResponseEntity.ok()
+        .contentType(MediaType.parseMediaType(contentType))
+        .header(
+            HttpHeaders.CONTENT_DISPOSITION,
+            "attachment; filename=\"" + resource.getFilename() + "\"")
+        .body(resource);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * @author 徐浩然
+ * @desc minio配置文件
+ * @date 2021/12/1-15:35
+ */
+@ConfigurationProperties(prefix = "file.storage.minio")
+@Component
+@Data
+public class MinioFileStorageProperties {
+  /** minio储存地址 */
+  private String minioUrl;
+  /** minio账户 */
+  private String minioName;
+  /** minio访问密码 */
+  private String minioPass;
+  /** minio储存桶名称 */
+  private String bucketName;
+
+  private boolean randomFileName;
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import io.minio.*;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+import org.springframework.util.StringUtils;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.multipart.MultipartFile;
+import org.thingsboard.server.common.data.yunteng.core.exception.FileStorageException;
+import org.thingsboard.server.common.data.yunteng.dto.FileUploadResponse;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.Objects;
+
+@Service
+@Slf4j
+@ConditionalOnExpression("'${file.storage.type}'=='minio'")
+public class MinioFileStorageService implements FileStorageService {
+
+  private final MinioFileStorageProperties fileStorageProperties;
+  private MinioClient minioClient;
+
+  @Autowired
+  public MinioFileStorageService(MinioFileStorageProperties fileStorageProperties) {
+    this.fileStorageProperties = fileStorageProperties;
+    // 创建客户端对象
+    this.minioClient =
+        MinioClient.builder()
+            .endpoint(fileStorageProperties.getMinioUrl())
+            .credentials(fileStorageProperties.getMinioName(), fileStorageProperties.getMinioPass())
+            .build();
+    // 创建储存桶
+    checkBucket();
+  }
+
+  // 储存文件
+  public String storeFile(MultipartFile file) {
+    // Normalize file name
+    String fileName = StringUtils.cleanPath(Objects.requireNonNull(file.getOriginalFilename()));
+    // random fileName if needed
+    if (fileStorageProperties.isRandomFileName()) {
+      if (fileName.contains(".")) {
+        fileName =
+            RandomStringUtils.randomAlphabetic(15) + fileName.substring(fileName.lastIndexOf("."));
+      } else {
+        fileName = RandomStringUtils.randomAlphabetic(15);
+      }
+    }
+    // Check if the file's name contains invalid characters
+    if (fileName.contains("..")) {
+      throw new FileStorageException("Sorry! Filename contains invalid path sequence " + fileName);
+    }
+
+    // 储存
+    try {
+      checkBucket();
+      PutObjectArgs build =
+          PutObjectArgs.builder()
+              .bucket(fileStorageProperties.getBucketName())
+              .object(fileName)
+              .contentType(file.getContentType())
+              .stream(file.getInputStream(), file.getInputStream().available(), -1)
+              .build();
+      minioClient.putObject(build);
+      return fileName;
+    } catch (Exception ex) {
+      ex.printStackTrace();
+      throw new FileStorageException("Could not store file " + fileName + ". Please try again!");
+    }
+  }
+
+  @Override
+  public FileUploadResponse upload(MultipartFile file) {
+    String fileName = this.storeFile(file);
+    String staticPath = getPath(fileName);
+    String realDownloadPath = null;
+    try {
+      // 获取request
+      HttpServletRequest request =
+          ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+      // 生成下载接口的地址
+      realDownloadPath =
+          request.getRequestURL().toString().replace("upload", "downloadFile/" + fileName);
+    } catch (Exception e) {
+      e.printStackTrace();
+      log.info("Could not upload file " + fileName + ". Please try again!");
+    }
+    return new FileUploadResponse(
+        fileName, realDownloadPath, file.getContentType(), file.getSize(), staticPath);
+  }
+
+  @Override
+  public ResponseEntity<?> download(
+      String fileName, HttpServletRequest request, HttpServletResponse response) {
+    // get object given the bucket and object name
+    try (
+    // 获取文件流
+    InputStream inputStream =
+            minioClient.getObject(
+                GetObjectArgs.builder()
+                    .bucket(fileStorageProperties.getBucketName())
+                    .object(fileName)
+                    .build());
+        // 获取输出流
+        OutputStream outputStream = response.getOutputStream(); ) {
+      // 清空
+      response.reset();
+      // 写入流
+      byte[] buffer = inputStream.readAllBytes();
+      outputStream.write(buffer);
+      outputStream.flush();
+      // 配置header
+      response.addHeader(HttpHeaders.CONTENT_DISPOSITION, "attachment;filename=" + fileName);
+      response.addHeader(HttpHeaders.CONTENT_LENGTH, String.valueOf(buffer.length));
+      return ResponseEntity.status(HttpStatus.OK).body("download...");
+    } catch (Exception e) {
+      // 找不到文件时会抛出异常
+      String err = fileName + "file not found";
+      log.info(err);
+      return ResponseEntity.status(HttpStatus.NOT_FOUND).body(err);
+    }
+  }
+
+  // 检查储存桶情况
+  private void checkBucket() {
+    try {
+      // 桶是否存在
+      boolean exists =
+          minioClient.bucketExists(
+              BucketExistsArgs.builder().bucket(fileStorageProperties.getBucketName()).build());
+      if (!exists) {
+        // 不存在创建
+        minioClient.makeBucket(
+            MakeBucketArgs.builder().bucket(fileStorageProperties.getBucketName()).build());
+        // 设置储存桶策略
+        String str =
+            "{\"Statement\": [{\"Action\": [\"s3:GetBucketLocation\",\"s3:ListBucket\"],\"Effect\": \"Allow\",\"Principal\": \"*\",\"Resource\": \"arn:aws:s3:::%\"},{\"Action\": \"s3:GetObject\",\"Effect\": \"Allow\",\"Principal\": \"*\",\"Resource\": \"arn:aws:s3:::%/*\"}],\"Version\": \"2012-10-17\"}";
+        String replace = str.replace("%", fileStorageProperties.getBucketName());
+        minioClient.setBucketPolicy(
+            SetBucketPolicyArgs.builder()
+                .bucket(fileStorageProperties.getBucketName())
+                .config(replace)
+                .build());
+      }
+    } catch (Exception e) {
+      log.error(e.getMessage(), e);
+    }
+  }
+
+  /**
+   * @param fileName 文件名
+   * @return 文件访问地址
+   */
+  @NotNull
+  private String getPath(String fileName) {
+    return fileStorageProperties
+        .getMinioUrl()
+        .concat("/")
+        .concat(fileStorageProperties.getBucketName())
+        .concat("/")
+        .concat(fileName);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+
+@Data
+public class AlarmProfileDTO extends TenantDTO {
+  /** 告警联系人 通知多人“,”号分隔 */
+  private String alarmContactId;
+  /** 设备配置ID */
+  private String deviceProfileId;
+  /** 消息通知方式：多种方式“,”号分隔 MessageTypeEnum */
+  private String messageMode;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import org.springframework.beans.BeanUtils;
+import org.thingsboard.server.common.data.yunteng.common.UpdateGroup;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.core.exception.EntityCreationException;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+
+import javax.validation.constraints.NotEmpty;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.time.LocalDateTime;
+
+@Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class BaseDTO {
+  @NotEmpty(message = "ID不能为空或者空字符串",groups = {UpdateGroup.class})
+  private String id;
+  /**创建用户*/
+  private String creator;
+  /**创建时间*/
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime createTime;
+  /**更新用户*/
+  private String updater;
+  /**更新时间*/
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime updateTime;
+  @JsonIgnore
+  public <E> void copyToEntity(E entity, String... ignoreProperties) {
+    if (ignoreProperties.length == 0) {
+      BeanUtils.copyProperties(
+          this,
+          entity,
+          ModelConstants.TablePropertyMapping.CREATE_TIME,
+          ModelConstants.TablePropertyMapping.UPDATE_TIME,
+          ModelConstants.TablePropertyMapping.CREATOR,
+          ModelConstants.TablePropertyMapping.UPDATER);
+    } else {
+      BeanUtils.copyProperties(this, entity, ignoreProperties);
+    }
+  }
+
+  @JsonIgnore
+  @SuppressWarnings("unchecked")
+  public <E> E getEntity(Class<E> clazz) {
+    Constructor<?> constructor = ReflectUtils.getEmptyParameterConstructor(clazz);
+    if (constructor != null) {
+      try {
+        E e = (E) constructor.newInstance();
+        BeanUtils.copyProperties(this, e);
+        return e;
+      } catch (InstantiationException | IllegalAccessException | InvocationTargetException e) {
+        throw new EntityCreationException(
+            "try to get entity from class [" + clazz.getName() + "] failed " + e.getMessage());
+      }
+    } else {
+      throw new EntityCreationException(
+          "try to get entity from class [" + clazz.getName() + "] failed");
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.DeleteGroup;
+
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
+import java.util.Set;
+
+@Data
+public class DeleteDTO {
+  /** 删除主键IDS */
+  @NotNull(
+      message = "IDS不能为空",
+      groups = {DeleteGroup.class})
+  @Size(
+      min = 1,
+      message = "删除至少需要一个id",
+      groups = {DeleteGroup.class})
+  private Set<String> ids;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.databind.JsonNode;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.security.DeviceCredentialsType;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceState;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceTypeEnum;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.time.LocalDateTime;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class DeviceDTO extends TenantDTO {
+  private String name;
+  /**
+   * 包含字段:
+   *
+   * <ul/>
+   *   <li>gateway 网关，bool类型
+   *   <li>description 描述字段
+   */
+  private JsonNode deviceInfo;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime activeTime;
+
+  private DeviceState deviceState = DeviceState.INACTIVE;
+
+  @NotEmpty(
+      message = "设备配置ID不能为空或者空字符串",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备配置", required = true)
+  private String profileId;
+
+  @NotEmpty(
+      message = "设备唯一编号不能为空或空字符串",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备唯一编号", required = true)
+  private String deviceToken;
+  // 不用序列化给前端
+  @JsonIgnore private String tbDeviceId;
+  private String deviceTypeId;
+
+  @NotEmpty(
+      message = "所属组织不能为空或者空字符串",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备组织", required = true)
+  private String organizationId;
+  /** 标签 */
+  private String label;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime lastConnectTime;
+
+  private DeviceProfileDTO deviceProfile;
+  private OrganizationDTO organizationDTO;
+
+  @NotNull(
+      message = "设备类型不能为空",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备类型：GATEWAY,DIRECT_CONNECTION,SENSOR", required = true)
+  private DeviceTypeEnum deviceType;
+  /** 设备凭证 */
+  private DeviceCredentialsType deviceCredentials;
+  /** 告警状态：0：正常 1：告警 */
+  private Integer alarmStatus;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.DeviceTransportType;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+
+import javax.validation.constraints.NotEmpty;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class DeviceProfileDTO extends TenantDTO {
+  @NotEmpty(message = "设备配置名称不能为空或者空字符串", groups = AddGroup.class)
+  @ApiModelProperty(value = "设备配置名称")
+  private String name;
+
+  private String description;
+  /** 转换脚本：TCP才会使用 */
+  private String convertJs;
+
+  @NotEmpty(message = "传输协议不能为空或者空字符串", groups = AddGroup.class)
+  @ApiModelProperty(value = "传输协议", required = true)
+  @NotEmpty(message = "传输协议不能为空或者二空字符串")
+  private DeviceTransportType transportType;
+  /** TB的设备配置文件 */
+  private String tbProfileId;
+
+  private JsonNode alarms;
+  /** 告警配置 */
+  private AlarmProfileDTO alarmProfile;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+
+@Data
+@AllArgsConstructor
+public class FileUploadResponse {
+  private String fileName;
+  private String fileDownloadUri;
+  private String fileType;
+  private long size;
+  private String fileStaticUri;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.enums.MenuTypeEnum;
+
+import java.time.LocalDateTime;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Objects;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class MenuDTO extends BaseDTO implements Comparable<MenuDTO> {
+  private String id;
+  /**
+   * if menu type is system default, the menu name can be null; if menu type is not system default,
+   * menu name is user defined
+   */
+  private String name;
+
+  //  @JsonIgnore
+  private String parentId;
+  private List<MenuDTO> children;
+  private String path;
+  //  @JsonIgnore
+  private MenuTypeEnum type;
+  private String permission;
+  private Integer sort;
+  @JsonIgnore private String tenantCode;
+  private String component;
+  private JsonNode meta;
+  @JsonIgnore private String alias;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String redirect;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private Boolean caseSensitive;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime createTime;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime updateTime;
+
+  public MenuDTO() {
+    this.children = new ArrayList<>();
+  }
+
+  @Override
+  public int compareTo(MenuDTO o) {
+    return Objects.requireNonNullElse(this.getSort(), 0)
+        - Objects.requireNonNullElse(o.getSort(), 0);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.common.aspect.annotation.AutoDict;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class MessageConfigDTO extends TenantDTO {
+
+  /** 配置名称 */
+  private String configName;
+  /** 短信平台类型 */
+  @AutoDict(dictCode = "platform_type")
+  private String platformType;
+
+  /** 消息类型 */
+  @AutoDict(dictCode = "message_type")
+  private String messageType;
+
+  /** json配置 */
+  private JsonNode config;
+
+  /** 状态：0禁用 1启用 */
+  private Integer status;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.common.aspect.annotation.AutoDict;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class MessageTemplateDTO extends TenantDTO {
+  /** 模板名称 */
+  private String templateName;
+
+  /** 模板签名 */
+  private String signName;
+
+  /** 模板CODE */
+  private String templateCode;
+
+  /** 消息配置 */
+  private String messageConfigId;
+
+  /**消息配置信息*/
+  private MessageConfigDTO messageConfig;
+
+  /**消息类型*/
+  private String messageType;
+
+  /** 模板用途 */
+  @AutoDict(dictCode = "template_purpose")
+  private String templatePurpose;
+
+  /** 状态：0禁用 1启用 */
+  private Integer status;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.utils.tree.TreeDTO;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class OrganizationDTO extends TenantDTO implements TreeDTO<OrganizationDTO> {
+  private String parentId;
+  private String name;
+  private int sort;
+  private List<OrganizationDTO> children;
+  private String remark;
+
+  public OrganizationDTO() {
+    this.children = new ArrayList<>();
+  }
+
+  @Override
+  public int compareTo(OrganizationDTO o) {
+    return this.getSort() - o.getSort();
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import lombok.Data;
+
+@Data
+public class PlainRolesDTO {
+  private String roleId;
+  private String roleName;
+
+  @Override
+  public String toString() {
+    return "角色ID:" + roleId + " " + "角色名:" + roleName;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonAlias;
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.time.LocalDateTime;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class RoleDTO extends TenantDTO {
+  private String name;
+  private String remark;
+  private LocalDateTime createTime;
+  private String roleType;
+  private String code;
+  @JsonFormat(shape = JsonFormat.Shape.NUMBER)
+  @JsonAlias({"status", "enabled"})
+  @JsonProperty("status")
+  private boolean enabled = true;
+  private String[] roleIds;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+
+import javax.validation.constraints.NotEmpty;
+
+@Data
+public class SysDictDTO extends TenantDTO{
+
+    /** 字典名称 */
+    @NotEmpty(message = "字典名称不能为空或空字符串",groups = {AddGroup.class})
+    private String dictName;
+
+    /** 字典编码 */
+    @NotEmpty(message = "字典编码不能为空或空字符串",groups = {AddGroup.class})
+    private String dictCode;
+
+    /** 字典描述 */
+    private String description;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+
+import javax.validation.constraints.NotEmpty;
+
+@Data
+public class SysDictItemDTO extends BaseDTO{
+    /** 字典ID */
+    @NotEmpty(message = "字典表ID不能为空或空字符串",groups = {AddGroup.class})
+    private String dictId;
+
+    /** 字典文本 */
+    @NotEmpty(message = "字典Item文本不能为空或空字符串",groups = {AddGroup.class})
+    private String itemText;
+
+    /** 字典值 */
+    @NotEmpty(message = "字典Item文本值不能为空或空字符串",groups = {AddGroup.class})
+    private String itemValue;
+
+    /** 字典描述 */
+    private String description;
+
+    /** 字典排序 默认排序1*/
+    private Integer sort;
+
+    /** 字典状态 默认状态1 启用*/
+    private Integer status;
+
+    /** 租户Code */
+    private String tenantCode;
+
+    /**字典*/
+    private SysDictDTO sysDict;
+
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.enums.TenantStatusEnum;
+
+import java.time.LocalDateTime;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class TenantDTO extends BaseDTO {
+  private String name;
+  private String icon;
+  private String tenantCode;
+  private boolean enabled;
+  private String description;
+  private String defaultConfig;
+  /** TB的租户ID */
+  private String tenantId;
+  /** 租户角色 */
+  private String[] roleIds;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private TenantStatusEnum tenantStatus;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime tenantExpireTime;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.enums.UserStatusEnum;
+
+import javax.validation.constraints.NotEmpty;
+import java.time.LocalDateTime;
+import java.util.Set;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class UserDTO extends BaseDTO {
+
+  @NotEmpty(message = "用户名不能为空或字符串", groups = AddGroup.class)
+  private String username;
+
+  @NotEmpty(message = "姓名不能为空或字符串", groups = AddGroup.class)
+  private String realName;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  @NotEmpty(message = "密码不能为空或空字符串", groups = AddGroup.class)
+  private String password;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String activateToken;
+
+  /** 所辖组织ids */
+  private String[] organizationIds;
+
+  /** 角色ids */
+  private String[] roleIds;
+
+  private String phoneNumber;
+  private String email;
+  private String avatar;
+  private boolean enabled;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime accountExpireTime;
+
+  private boolean hasPassword;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String tenantCode;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String tenantName;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private UserStatusEnum userStatusEnum;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private Set<PlainRolesDTO> roles;
+
+  private String deptId;
+
+  /** 0：超级管理员；1：租户账号；2：租户下的账号 */
+  private Integer level;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+
+@Data
+public class UserDetailRoleDTO {
+    private RoleEnum roleType;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+import java.util.Set;
+
+/** for authentication */
+@Data
+public class UserDetailsDTO implements Serializable {
+
+  private static final long serialVersionUID = -515966143236266646L;
+  private String id;
+  private String username;
+  private String password;
+  private boolean enabled;
+  private LocalDateTime accountExpireTime;
+  private TenantDTO tenant;
+  private String tenantId;
+  private Set<UserDetailRoleDTO> roles;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.alibaba.excel.annotation.ExcelIgnore;
+import com.alibaba.excel.annotation.ExcelProperty;
+import com.alibaba.excel.converters.Converter;
+import com.alibaba.excel.converters.WriteConverterContext;
+import com.alibaba.excel.enums.CellDataTypeEnum;
+import com.alibaba.excel.metadata.data.WriteCellData;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import org.apache.commons.lang3.StringUtils;
+
+import java.util.Set;
+
+@Data
+public class UserInfoDTO {
+  @ExcelProperty("用户Id")
+  @ApiModelProperty(value = "用户ID")
+  private String userId;
+
+  @ApiModelProperty(value = "姓名")
+  private String realName;
+
+  @ExcelIgnore
+  @ApiModelProperty(value = "头像")
+  private String avatar;
+
+  @ApiModelProperty(value = "租户Code")
+  private String tenantCode;
+
+  @ApiModelProperty(value = "租户名称")
+  private String tenantName;
+
+  @ApiModelProperty(value = "主页地址")
+  private String homePath;
+  /** default: true */
+  @ApiModelProperty(value = "是否需要重置密码")
+  private boolean needSetPwd = true;
+
+  /** 添加SetConverter,将Set字符串或者对象转成字符串，对象转成字符串会调用其toString方法，请重写toString方法 */
+  @ExcelProperty(converter = SetConverter.class)
+  private Set<String> roles;
+
+  @ExcelProperty(converter = SetConverter.class)
+  private Set<PlainRolesDTO> plainRoles;
+
+  public static class SetConverter implements Converter<Set<?>> {
+    @Override
+    public Class<?> supportJavaTypeKey() {
+      return Set.class;
+    }
+
+    @Override
+    public WriteCellData<?> convertToExcelData(WriteConverterContext<Set<?>> context)
+        throws Exception {
+      return new WriteCellData<>(
+          CellDataTypeEnum.STRING, StringUtils.join(context.getValue(), ","));
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+
+import java.io.Serializable;
+
+@Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class UserRoleDTO implements Serializable {
+    private static final long serialVersionUID = -6930831157503627224L;
+    /** 用户ID */
+    private String userId;
+    /** 角色ID */
+    private String roleId;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+@Data
+@ApiModel(value = "密码修改")
+public class AccountReqDTO {
+
+    @ApiModelProperty(value = "用户ID",required = true)
+    private String userId;
+    @ApiModelProperty(value = "旧密码,旧密码为空表示设置初始密码")
+    private String password;
+    @ApiModelProperty(value = "新密码",required = true)
+    private String resetPassword;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Getter;
+
+@Getter
+public class CodeLoginRequest {
+  private final String phoneNumber;
+  private final String code;
+
+  @JsonCreator
+  public CodeLoginRequest(
+      @JsonProperty("phoneNumber") String phoneNumber, @JsonProperty("code") String code) {
+    this.phoneNumber = phoneNumber;
+    this.code = code;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class CodeTTL {
+  private String code;
+  private long sendTs;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.io.File;
+
+@Data
+@RequiredArgsConstructor
+public class EmailReqDTO{
+
+  /** 接收人 */
+  @NotEmpty(message = "缺少邮件接收人")
+  private String[] to;
+
+  /** 抄送人 */
+  private String[] cc;
+
+  /** 密送人 */
+  private String[] bcc;
+
+  /** 主题 */
+  @NotNull(message = "主题不能为空")
+  private String subject;
+
+  /** 内容 */
+  @NotEmpty(message ="内容不能为空")
+  private String body;
+
+  /** 附件 */
+  private File[] files;
+
+  /** 邮件格式：TEXT或者HTML */
+  @NotEmpty(message ="邮件格式不能为空")
+  private String emailFormatEnum;
+
+  /** 模板ID */
+  @NotEmpty(message ="模板ID不能为空")
+  private String id;
+
+  /**备注*/
+  private String remark;
+
+  /**用途*/
+  private String templatePurpose;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class LoginRequest {
+  private final String username;
+  private final String password;
+
+  @JsonCreator
+  public LoginRequest(
+      @JsonProperty("username") String username, @JsonProperty("password") String password) {
+    this.username = username;
+    this.password = password;
+  }
+
+  public String getUsername() {
+    return username;
+  }
+
+  public String getPassword() {
+    return password;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+import java.io.Serializable;
+
+@Data
+public class RoleOrOrganizationReqDTO implements Serializable {
+
+  private static final long serialVersionUID = -5917331728153319765L;
+  /** 是否查询关联角色 */
+  private boolean queryRole;
+
+  /** 是否查询关联组织 */
+  private boolean queryOrganization;
+
+  /** 用户ID */
+  @NotEmpty(message = "用户ID不能为空或者空字符串")
+  private String userId;
+
+  /** 角色或组织的ID */
+  private String id;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+
+import java.util.List;
+
+@Data
+public class RoleReqDTO {
+  private String id;
+  private String name;
+  private String remark;
+  private RoleEnum roleType;
+  private int status;
+  private List<String> menu;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.enums.MessageTypeEnum;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+
+@Data
+public class SendResetPasswordEmailMsg {
+  @NotNull(message = "用户ID不能为空")
+  private String userId;
+
+  @NotEmpty(message = "消息类型不能为空字符串")
+  private MessageTypeEnum messageTypeEnum;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Pattern;
+import java.util.LinkedHashMap;
+
+@Data
+public class SmsReqDTO {
+
+  /** 模板参数 */
+  private LinkedHashMap<String, String> params;
+
+  /** 手机号码 */
+  @Pattern(regexp = FastIotConstants.MOBILE, message = "请输入正确的手机号")
+  private String phoneNumbers;
+
+  /** 模板ID */
+  @NotNull(message = "模板ID不能为空")
+  private String id;
+
+  /** 备注 */
+  private String remark;
+
+  /** 用途 */
+  private String templatePurpose;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.enums.TenantStatusEnum;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.time.LocalDateTime;
+
+@Data
+public class TenantReqDTO {
+  private String id;
+  private String icon;
+
+  @NotEmpty(message = "租户名称不能为空或空字符串", groups = AddGroup.class)
+  private String name;
+
+  private boolean enabled;
+  private String description;
+
+  @NotNull(message = "角色不能为空", groups = AddGroup.class)
+  private String[] roleIds;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime tenantExpireTime;
+
+  private String tenantCode;
+  private String defaultConfig;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private TenantStatusEnum tenantStatus;
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/**
+ * 设备凭证
+ */
+public enum DeviceCredentialsEnum {
+    ACCESS_TOKEN,
+    X509_CERTIFICATE,
+    MQTT_BASIC,
+    LWM2M_CREDENTIALS
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum DeviceState {
+  INACTIVE,
+  ONLINE,
+  OFFLINE
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum DeviceTypeEnum {
+    GATEWAY,
+    DIRECT_CONNECTION,
+    SENSOR
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum MenuTypeEnum {
+  SYSADMIN,
+  CUSTOM
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 消息类型枚举值 */
+public enum MessageTypeEnum {
+  EMAIL_MESSAGE,
+  PHONE_MESSAGE,
+  DING_TALK_MESSAGE,
+  WECHAT_MESSAGE
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum MsgTemplatePurposeEnum {
+  FOR_LOGIN,
+  FOR_FORGET_PASSWORD,
+  FOR_SET_PASSWORD,
+  FOR_ALARM_NOTICE,
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum OrderTypeEnum {
+  ASC,
+  DESC
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum RateLimitType {
+  /**
+   * 对所有请求进行限制
+   */
+  ALL,
+  /**
+   * 根据登录的用户限制
+   */
+  USER,
+  /**
+   * 根据IP限制
+   */
+  IP
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 请求响应枚举值 */
+public enum ResponseCodeEnum {
+  SUCCESS,
+  FAILED,
+  SENDING,
+  OK
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum RoleEnum {
+  /**
+   * 超级管理员
+   */
+  ROLE_SYS_ADMIN,
+  /**
+   * 租户管理员
+   */
+  ROLE_TENANT_ADMIN,
+  /**
+   * 租户下普通用户
+   */
+  ROLE_NORMAL_USER,
+  /**
+   * 平台系统管理员
+   */
+  ROLE_PLATFORM_ADMIN;
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 短信平台枚举值 */
+public enum SmsProviderTypeEnum {
+  ALI_CLOUD,
+  TENCENT_CLOUD
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 租户状态 */
+public enum TenantStatusEnum {
+  NORMAL,
+  DISABLED,
+  EXPIRED
+}