支持修改密码

disconf-web/bin/sql/url_resources.txt

@@ -20,6 +20,7 @@
 /account/session        会话      1000    1000    1000
 /account/signin         登录      1000    1000    1000
 /account/signout        登出      1000    1000    1000
+/account/password       修改密码   0100    0100    0000
 
 #
 # config / client

disconf-web/html/assets/js/modify_password.js

@@ -0,0 +1,35 @@
+var appId = -1;
+var envId = -1;
+var version = "";
+getSession();
+
+// 提交
+$("#item_submit").on("click", function (e) {
+    $("#error").addClass("hide");
+    var old_password = $("#old_password").val();
+    var new_password = $("#new_password").val();
+    var new_password_2 = $("#new_password_2").val();
+
+    // 验证
+    if (!old_password || !new_password || !new_password_2) {
+        $("#error").removeClass("hide");
+        $("#error").html("表单不能为空或填写格式错误！");
+        return;
+    }
+    $.ajax({
+        type: "PUT",
+        url: "/api/account/password",
+        data: {
+            "old_password": old_password,
+            "new_password": new_password,
+            "new_password_2": new_password_2
+        }
+    }).done(function (data) {
+        $("#error").removeClass("hide");
+        if (data.success === "true") {
+            $("#error").html(data.result);
+        } else {
+            Util.input.whiteError($("#error"), data);
+        }
+    });
+});

disconf-web/html/index.html

@@ -62,6 +62,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/login.html

@@ -62,6 +62,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/main.html

@@ -60,6 +60,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/mainTpl/modifypassword.tpl.html

@@ -0,0 +1,64 @@
+<%= page.basehead %>
+
+<title>Disconf - 分布式配置管理平台</title>
+
+<%= page.head %>
+
+<div id="Wrapper" class="clearfix">
+    <div id="Main" style="margin-top:50px;">
+        <div class="container-fluid">
+
+            <div class="row-fluid">
+                <ul class="breadcrumb" style="background-color:#fff;">
+                    <li>
+                        <a href="/main.html">配置</a>
+                    </li>
+                    <li class="active">
+                        / 修改密码
+                    </li>
+                </ul>
+            </div>
+
+            <div class="row-fluid">
+
+                <div class="span12">
+
+                    <div class="content oz">
+
+                        <form id="form" class="private-form clearfix">
+                            <h2 class="autoPush-detail-title">修改密码</h2>
+
+                            <div class="private-item">
+                                <span class="private-item-key">原密码：</span>
+                                <input id="old_password" type="text" class="private-item-value"/>
+                            </div>
+
+                            <div class="private-item">
+                                <span class="private-item-key">新密码：</span>
+                                <input id="new_password" type="password" class="private-item-value"/>
+                            </div>
+
+                            <div class="private-item">
+                                <span class="private-item-key">新密码(重复)：</span>
+                                <input id="new_password_2" type="password" class="private-item-value"/>
+                            </div>
+
+                            <div id="error" class="alert alert-warning hide" role="alert">
+                                表单选项不能为空或填写格式错误！
+                            </div>
+                            <div class="private-item" style="text-align:center">
+                                <a id="item_submit" class="btn btn-primary"> 修改 </a>
+                            </div>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<%= page.foot %>
+
+<script src="assets/js/modify_password.js"></script>
+
+<%= page.basefoot %>

disconf-web/html/modifyFile.html

@@ -62,6 +62,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/modifyItem.html

@@ -62,6 +62,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/newapp.html

@@ -62,6 +62,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/newconfig_file.html

@@ -62,6 +62,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/newconfig_item.html

@@ -62,6 +62,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/html/unitTpl/head.html.tpl

@@ -54,6 +54,12 @@
                                     </ul>
                                 </li>
                                 &nbsp;&nbsp;&nbsp;&nbsp;
+                                <li style="display:inline;">
+                                    <a href="/modifypassword.html">
+                                        <span class="zu-top-nav-link" >修改密码</span>
+                                    </a>
+                                </li>
+                                &nbsp;&nbsp;&nbsp;&nbsp;
                                 <li style="display:inline;">
                                     <a href="#" id="signout">
                                         <span class="zu-top-nav-link" >退出</span>

disconf-web/sql/20160701/20160701.sql

@@ -1,3 +1,8 @@
 ALTER TABLE `config_history`
 ADD COLUMN `update_by` BIGINT(20) NULL DEFAULT NULL
 AFTER `create_time`;
+
+INSERT INTO `role_resource` (`role_id`, `url_pattern`, `url_description`, `method_mask`) VALUES
+  (1,'/api/account/password' , '修改密码' , '0100'),
+  (2,'/api/account/password' , '修改密码' , '0100'),
+  (3,'/api/account/password' , '修改密码' , '0000');

disconf-web/src/main/java/com/baidu/disconf/web/service/user/form/PasswordModifyForm.java

@@ -0,0 +1,36 @@
+package com.baidu.disconf.web.service.user.form;
+
+import javax.validation.constraints.NotNull;
+
+import org.hibernate.validator.constraints.NotEmpty;
+
+import com.baidu.dsp.common.form.RequestFormBase;
+
+import lombok.Data;
+
+/**
+ * @author liaoqiqi
+ * @version 2014-1-24
+ */
+@Data
+public class PasswordModifyForm extends RequestFormBase {
+
+    /**
+     *
+     */
+    @NotNull(message = "password.empty")
+    @NotEmpty(message = "password.empty")
+    private String old_password;
+    public static final String OLD_PASSWORD = "old_password";
+
+    @NotNull(message = "password.empty")
+    @NotEmpty(message = "password.empty")
+    private String new_password;
+    public static final String NEW_PASSWORD = "new_password";
+
+    @NotNull(message = "password.empty")
+    @NotEmpty(message = "password.empty")
+    private String new_password_2;
+    public static final String NEW_PASSWORD_2 = "new_password_2";
+
+}

disconf-web/src/main/java/com/baidu/disconf/web/service/user/service/UserMgr.java

@@ -45,4 +45,10 @@ public interface UserMgr {
      */
     String addOneAppForUser(Long userId, int appId);
 
+    /**
+     * 修改密码
+     *
+     * @param newPassword
+     */
+    void modifyPassword(Long userId, String newPassword);
 }

disconf-web/src/main/java/com/baidu/disconf/web/service/user/service/impl/UserMgrImpl.java

@@ -9,6 +9,7 @@
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
 
+import com.baidu.disconf.web.service.sign.utils.SignUtils;
 import com.baidu.disconf.web.service.user.bo.User;
 import com.baidu.disconf.web.service.user.dao.UserDao;
 import com.baidu.disconf.web.service.user.dto.Visitor;
@@ -102,6 +103,25 @@ public String addOneAppForUser(Long userId, int appId) {
         return ownAppIds;
     }
 
+    /**
+     * @param newPassword
+     */
+    @Override
+    public void modifyPassword(Long userId, String newPassword) {
+
+        String passwordWithSalt = SignUtils.createPassword(newPassword);
+
+        User user = userDao.get(userId);
+        user.setPassword(passwordWithSalt);
+
+        userDao.update(user);
+    }
+
+    /**
+     * @param userId
+     *
+     * @return
+     */
     @Override
     public User getUser(Long userId) {
 

disconf-web/src/main/java/com/baidu/disconf/web/web/auth/UserController.java

@@ -14,6 +14,8 @@
 import com.baidu.disconf.web.service.sign.form.SigninForm;
 import com.baidu.disconf.web.service.sign.service.SignMgr;
 import com.baidu.disconf.web.service.user.bo.User;
+import com.baidu.disconf.web.service.user.dto.Visitor;
+import com.baidu.disconf.web.service.user.form.PasswordModifyForm;
 import com.baidu.disconf.web.service.user.service.UserMgr;
 import com.baidu.disconf.web.service.user.vo.VisitorVo;
 import com.baidu.disconf.web.web.auth.constant.LoginConstant;
@@ -24,6 +26,7 @@
 import com.baidu.dsp.common.constant.WebConstants;
 import com.baidu.dsp.common.controller.BaseController;
 import com.baidu.dsp.common.vo.JsonObjectBase;
+import com.baidu.ub.common.commons.ThreadContext;
 
 /**
  * @author liaoqiqi
@@ -122,4 +125,28 @@ public JsonObjectBase signout(HttpServletRequest request) {
 
         return buildSuccess("ok", "ok");
     }
+
+    /**
+     * 修改密码
+     *
+     * @param
+     *
+     * @return
+     */
+    @RequestMapping(value = "/password", method = RequestMethod.PUT)
+    @ResponseBody
+    public JsonObjectBase password(@Valid PasswordModifyForm passwordModifyForm, HttpServletRequest request) {
+
+        // 校验
+        authValidator.validatePasswordModify(passwordModifyForm);
+
+        // 修改
+        Visitor visitor = ThreadContext.getSessionVisitor();
+        userMgr.modifyPassword(visitor.getLoginUserId(), passwordModifyForm.getNew_password());
+
+        // re login
+        redisLogin.logout(request);
+
+        return buildSuccess("修改成功，请重新登录");
+    }
 }

disconf-web/src/main/java/com/baidu/disconf/web/web/auth/validator/AuthValidator.java

@@ -6,8 +6,11 @@
 import com.baidu.disconf.web.service.sign.form.SigninForm;
 import com.baidu.disconf.web.service.sign.service.SignMgr;
 import com.baidu.disconf.web.service.user.bo.User;
+import com.baidu.disconf.web.service.user.dto.Visitor;
+import com.baidu.disconf.web.service.user.form.PasswordModifyForm;
 import com.baidu.disconf.web.service.user.service.UserMgr;
 import com.baidu.dsp.common.exception.FieldException;
+import com.baidu.ub.common.commons.ThreadContext;
 
 /**
  * 权限验证
@@ -42,4 +45,23 @@ public void validateLogin(SigninForm signinForm) {
             throw new FieldException(SigninForm.PASSWORD, "password.not.right", null);
         }
     }
+
+    /**
+     * 验证密码更新
+     */
+    public void validatePasswordModify(PasswordModifyForm passwordModifyForm) {
+
+        Visitor visitor = ThreadContext.getSessionVisitor();
+
+        User user = userMgr.getUser(visitor.getLoginUserId());
+
+        // 校验密码
+        if (!signMgr.validate(user.getPassword(), passwordModifyForm.getOld_password())) {
+            throw new FieldException(PasswordModifyForm.OLD_PASSWORD, "password.not.right", null);
+        }
+
+        if (!passwordModifyForm.getNew_password().equals(passwordModifyForm.getNew_password_2())) {
+            throw new FieldException(PasswordModifyForm.NEW_PASSWORD, "two.password.not.equal", null);
+        }
+    }
 }