package com.product.admin.service;
|
|
import com.product.admin.config.CmnConst;
|
import com.product.admin.config.SystemCode;
|
import com.product.admin.service.idel.IPasswordSecurityService;
|
import com.product.core.config.Global;
|
import com.product.core.entity.DataTableEntity;
|
import com.product.core.transfer.Transactional;
|
import com.product.email.service.SendEmailService;
|
import com.product.text.message.util.HttpSmsSendUtil;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Component;
|
|
import com.product.core.dao.BaseDao;
|
import com.product.core.entity.FieldSetEntity;
|
import com.product.core.exception.BaseException;
|
import com.product.core.service.support.AbstractBaseService;
|
|
import java.io.IOException;
|
import java.util.Date;
|
|
/**
|
* Copyright LX-BASE
|
* @Title: PasswordSecurityService
|
* @Project: LX-BASE-SERVER
|
* @Date: 2020-05-30 17:29
|
* @Author: ZhouJie
|
* @Description: 密码安全设置
|
*/
|
@Component
|
public class PasswordSecurityService extends AbstractBaseService implements IPasswordSecurityService {
|
@Autowired
|
public BaseDao baseDao;
|
@Autowired
|
public SendEmailService sendEmailService;
|
|
/**
|
* @Date: 2020-05-30 13:53
|
* @Author: ZhouJie
|
* @Description: 查询密码强度信息
|
*/
|
public FieldSetEntity findPwdSecurityInfo(String org_level_uuid) throws BaseException {
|
|
FieldSetEntity fs = null;
|
baseDao.getFieldSetEntityByFilter(CmnConst.PRODUCT_SYS_PASSWORD_SECURITY,CmnConst.ORG_LEVEL_UUID+" = ? ",new Object[]{ org_level_uuid },true);
|
// if(fs == null){
|
// fs = baseDao.getFieldSetEntityByFilter(CmnConst.PRODUCT_SYS_PASSWORD_SECURITY,CmnConst.UUID+" = ? ",new Object[]{ "security_uuid_01" },true);
|
// if(fs == null) {
|
// throw new BaseException(SystemCode.SYSTEM_PASSWORD_SECURITY_SET.getValue(), SystemCode.SYSTEM_PASSWORD_SECURITY_SET.getText(), this.getClass(),"checkNewPwd");
|
// }
|
// }
|
DataTableEntity t = baseDao.listTable(CmnConst.PRODUCT_SYS_PASSWORD_SECURITY, CmnConst.ORG_LEVEL_UUID + " = ? or "+CmnConst.ORG_LEVEL_UUID+" is null or "+CmnConst.ORG_LEVEL_UUID+"='' ", new Object[]{org_level_uuid}, CmnConst.ORG_LEVEL_UUID+" desc ");
|
if(t!=null && t.getRows()>0) {
|
fs=t.getFieldSetEntity(0);
|
}
|
if (fs == null) {
|
fs = baseDao.getFieldSetEntity(CmnConst.PRODUCT_SYS_PASSWORD_SECURITY, "security_uuid_01", false);
|
}
|
if(fs == null) {
|
throw new BaseException(SystemCode.SYSTEM_PASSWORD_SECURITY_NOT_FIND.getValue(), SystemCode.SYSTEM_PASSWORD_SECURITY_NOT_FIND.getText());
|
}
|
return fs;
|
}
|
/**
|
* @Date: 2020-10-09 13:53
|
* @Author: ZhouJie
|
* @Description: 新增密码强度信息
|
*/
|
@Transactional
|
public String addSecurity(FieldSetEntity fse) throws BaseException {
|
FieldSetEntity fsorg = baseDao.getFieldSetEntity(CmnConst.PRODUCT_SYS_ORG_LEVELS,fse.getString("org_level_uuid"),false);
|
DataTableEntity dt = fse.getSubDataTable(CmnConst.PRODUCT_SYS_PASSWORD_SECURITY_ETAILS);
|
if(dt != null && dt.getRows()>0){
|
for(int i= 0 ; i<dt.getRows() ; i++){
|
FieldSetEntity fsu = dt.getFieldSetEntity(i);
|
fsu.remove("uuid");
|
fsu.remove("account_lock_id");
|
fsu.remove("security_uuid");
|
}
|
}
|
//新增密码强度
|
fse.setValue(CmnConst.ORG_LEVEL_UUID,fse.getString(CmnConst.ORG_LEVEL_UUID));
|
fse.remove("security_id");
|
fse.remove("uuid");
|
fse.remove("security_uuid");
|
fse.remove("updated_by");
|
fse.remove("updated_utc_datetime");
|
return baseDao.add(fse);
|
}
|
|
/**
|
* @Date: 2020-10-09 15:53
|
* @Author: ZhouJie
|
* @Description: 修改密码强度信息
|
*/
|
@Transactional
|
public boolean updateSecurity(FieldSetEntity fs) throws BaseException {
|
return baseDao.update(fs);
|
}
|
|
/**
|
* 密码强度更新频率提醒
|
*/
|
public void updateFrequency() throws BaseException{
|
Date now = new Date();//当前时间
|
long day = 0;//最近一次修改密码距今天数
|
int limitDay = 0;//公司/组织密码更新频率天数
|
Date udate = null;//员工创建时间/员工最新修改密码时间
|
Date fedate = null;//第一次发送密码频率提示消息时间
|
int userid = 0;
|
DataTableEntity dt = baseDao.listTable(CmnConst.PRODUCT_SYS_PASSWORD_SECURITY," org_level_uuid <>?",new Object[]{""});
|
if(dt!=null && dt.getRows()>0){
|
for (int i = 0; i < dt.getRows(); i++) {
|
FieldSetEntity fss = dt.getFieldSetEntity(i);
|
limitDay = fss.getInteger("security_update_frequency_day");
|
DataTableEntity dtstaff = baseDao.listTable("product_sys_staffs"," org_level_uuid=? ",new Object[]{fss.getString("org_level_uuid")} );
|
if(dtstaff!=null && dtstaff.getRows()>0 && fss.getInteger("security_update_frequency")==1){
|
for (int j = 0; j < dtstaff.getRows(); j++) {
|
FieldSetEntity fsstaff = dtstaff.getFieldSetEntity(j);
|
userid = fsstaff.getInteger("user_id");
|
FieldSetEntity fuser = baseDao.getFieldSetEntityByFilter(CmnConst.PRODUCT_SYS_USERS,"user_id=?",new Object[]{userid},false);
|
udate = fsstaff.getDate("created_utc_datetime");
|
fedate = fuser.getDate("first_email_time");
|
String sql = " select user_id,MAX(created_utc_datetime) created_utc_datetime FROM product_sys_password_security_history where user_id=? GROUP BY user_id ";
|
//判断员工是否修改过密码
|
DataTableEntity dthistory = baseDao.listTable(sql,new Object[]{userid});
|
if(dthistory!=null && dthistory.getRows()>0){
|
for (int k = 0; k < dthistory.getRows(); k++) {
|
udate = dthistory.getFieldSetEntity(k).getDate("created_utc_datetime");
|
}
|
}
|
day = (now.getTime() - udate.getTime()) / (1000 * 60 * 60 * 24);
|
if(day>=limitDay){
|
if(fedate==null || "".equals(fedate)){
|
fuser.setValue("first_email_time",new Date());
|
baseDao.update(fuser);
|
}
|
try {
|
sendMessage(fuser,fss);
|
} catch (Exception e) {
|
continue;
|
}
|
}
|
}
|
}
|
}
|
}
|
}
|
/**
|
* 密码强度更新频率消息发送
|
*/
|
public void sendMessage(FieldSetEntity fs,FieldSetEntity fss) throws IOException {
|
Date now = new Date();//当前时间
|
int lastDay = Integer.parseInt(Global.getSystemConfig("password.security.day",""));//提示n天后未改密码,锁定账号
|
Date fedate = fs.getDate("first_email_time");
|
long day = (now.getTime() - fedate.getTime()) / (1000 * 60 * 60 * 24);
|
if (fs.getInteger("status") == 1 && fss.getInteger("security_notice_email")==1) {
|
if (day<lastDay) {
|
sendEmailService.parseMailTemplate("MMGXPLTX", fs);
|
}
|
if (day==lastDay) {
|
sendEmailService.parseMailTemplate("MMPLSDTX", fs);
|
}
|
if (day>lastDay) {
|
fs.setValue("status", 0);
|
fs.setValue("first_email_time","");
|
baseDao.update(fs);
|
sendEmailService.parseMailTemplate("MMPLSDTZ", fs);
|
}
|
}
|
if(fs.getInteger("status") == 1 && fss.getInteger("security_notice_sms")==1 && fss.getString("user_phone_number") != null){
|
if (day<lastDay) {
|
HttpSmsSendUtil.sendMsg(fss.getString("user_phone_number"),"账号"+fss.getString("user_account")+"的密码安全设定时间已到期,为了您的账户安全,请您尽快登陆修改密码!");
|
}
|
if (day==lastDay) {
|
HttpSmsSendUtil.sendMsg(fss.getString("user_phone_number"),"账号"+fss.getString("user_account")+"的密码安全设定时间已到期,请您尽快登陆修改密码,若24小时内您仍未修改密码账号将被锁定!");
|
}
|
if (day>lastDay) {
|
fs.setValue("status", 0);
|
fs.setValue("first_email_time","因未按时修改密码,账号"+fss.getString("user_account")+"已被锁定,解锁请联系管理员处理!");
|
baseDao.update(fs);
|
HttpSmsSendUtil.sendMsg(fss.getString("user_phone_number"),"");
|
}
|
}
|
}
|
|
|
|
}
|
