elink-star
/
epmet-oper-lingshan
12
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

新增用户漏洞

master
dai 3 years ago
parent
4a13b5966d
commit
b1d3aedaf0
1 changed files with 216 additions and 130 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 346
      epmet-oper-web/src/views/modules/sys/user-add-or-update.vue

346
epmet-oper-web/src/views/modules/sys/user-add-or-update.vue
View File

@ -1,74 +1,91 @@
<template> <template>
<el-dialog :visible.sync="visible" <el-dialog
:title="!dataForm.id ? $t('add') : $t('update')" :visible.sync="visible"
:close-on-click-modal="false" :title="!dataForm.id ? $t('add') : $t('update')"
:close-on-press-escape="false"> :close-on-click-modal="false"
<el-form :model="dataForm" :close-on-press-escape="false"
:rules="dataRule" >
ref="dataForm" <el-form
@keyup.enter.native="dataFormSubmitHandle()" :model="dataForm"
label-width="120px"> :rules="dataRule"
<el-form-item prop="username" ref="dataForm"
:label="$t('user.username')"> @keyup.enter.native="dataFormSubmitHandle()"
<el-input v-model="dataForm.realName" label-width="120px"
:placeholder="$t('user.username')"></el-input> >
<el-form-item prop="realName" :label="$t('user.username')">
<el-input
v-model="dataForm.realName"
:placeholder="$t('user.username')"
></el-input>
</el-form-item> </el-form-item>
<!-- <el-form-item prop="deptName" :label="$t('user.deptName')">--> <!-- <el-form-item prop="deptName" :label="$t('user.deptName')">-->
<!-- <ren-dept-tree v-model="dataForm.deptId" :placeholder="$t('dept.title')" :dept-name.sync="dataForm.deptName"></ren-dept-tree>--> <!-- <ren-dept-tree v-model="dataForm.deptId" :placeholder="$t('dept.title')" :dept-name.sync="dataForm.deptName"></ren-dept-tree>-->
<!-- </el-form-item>--> <!-- </el-form-item>-->
<el-form-item v-if="!dataForm.id" <el-form-item
prop="password" v-if="!dataForm.id"
:label="$t('user.password')" prop="password"
:class="{ 'is-required': !dataForm.id }"> :label="$t('user.password')"
<el-input v-model="dataForm.password" :class="{ 'is-required': !dataForm.id }"
type="password" >
:placeholder="$t('user.password')"></el-input> <el-input
v-model="dataForm.password"
type="password"
placeholder="密码必须8-20个字符,而且同时包含大小写字母和数字"
></el-input>
</el-form-item> </el-form-item>
<el-form-item v-if="!dataForm.id" <el-form-item
prop="confirmPassword" v-if="!dataForm.id"
:label="$t('user.confirmPassword')" prop="confirmPassword"
:class="{ 'is-required': !dataForm.id }"> :label="$t('user.confirmPassword')"
<el-input v-model="dataForm.confirmPassword" :class="{ 'is-required': !dataForm.id }"
type="password" >
:placeholder="$t('user.confirmPassword')"></el-input> <el-input
v-model="dataForm.confirmPassword"
type="password"
:placeholder="$t('user.confirmPassword')"
></el-input>
</el-form-item> </el-form-item>
<!-- <el-form-item prop="realName" :label="$t('user.realName')">--> <!-- <el-form-item prop="realName" :label="$t('user.realName')">-->
<!-- <el-input v-model="dataForm.realName" :placeholder="$t('user.realName')"></el-input>--> <!-- <el-input v-model="dataForm.realName" :placeholder="$t('user.realName')"></el-input>-->
<!-- </el-form-item>--> <!-- </el-form-item>-->
<el-form-item prop="gender" <el-form-item prop="gender" :label="$t('user.gender')" size="mini">
:label="$t('user.gender')"
size="mini">
<el-radio-group v-model="dataForm.gender"> <el-radio-group v-model="dataForm.gender">
<el-radio :label="0">{{ $t('user.gender0') }}</el-radio> <el-radio :label="0">{{ $t('user.gender0') }}</el-radio>
<el-radio :label="1">{{ $t('user.gender1') }}</el-radio> <el-radio :label="1">{{ $t('user.gender1') }}</el-radio>
<el-radio :label="2">{{ $t('user.gender2') }}</el-radio> <el-radio :label="2">{{ $t('user.gender2') }}</el-radio>
</el-radio-group> </el-radio-group>
</el-form-item> </el-form-item>
<el-form-item prop="email" <el-form-item prop="email" :label="$t('user.email')">
:label="$t('user.email')"> <el-input
<el-input v-model="dataForm.email" v-model="dataForm.email"
:placeholder="$t('user.email')"></el-input> :placeholder="$t('user.email')"
></el-input>
</el-form-item> </el-form-item>
<el-form-item prop="phone" <el-form-item prop="phone" :label="$t('user.mobile')">
:label="$t('user.mobile')"> <el-input
<el-input v-model="dataForm.phone" v-model="dataForm.phone"
:placeholder="$t('user.mobile')"></el-input> :placeholder="$t('user.mobile')"
></el-input>
</el-form-item> </el-form-item>
<el-form-item prop="roleIdList" <el-form-item
:label="$t('user.roleIdList')" prop="roleIdList"
class="role-list"> :label="$t('user.roleIdList')"
<el-select v-model="dataForm.roleIdList" class="role-list"
multiple >
:placeholder="$t('user.roleIdList')"> <el-select
<el-option v-for="role in roleList" v-model="dataForm.roleIdList"
:key="role.id" multiple
:label="role.name" :placeholder="$t('user.roleIdList')"
:value="role.id"></el-option> >
<el-option
v-for="role in roleList"
:key="role.id"
:label="role.name"
:value="role.id"
></el-option>
</el-select> </el-select>
</el-form-item> </el-form-item>
<el-form-item prop="status" <el-form-item prop="status" :label="$t('user.status')" size="mini">
:label="$t('user.status')"
size="mini">
<el-radio-group v-model="dataForm.status"> <el-radio-group v-model="dataForm.status">
<el-radio :label="0">{{ $t('user.status0') }}</el-radio> <el-radio :label="0">{{ $t('user.status0') }}</el-radio>
<el-radio :label="1">{{ $t('user.status1') }}</el-radio> <el-radio :label="1">{{ $t('user.status1') }}</el-radio>
@ -77,12 +94,13 @@
</el-form> </el-form>
<template slot="footer"> <template slot="footer">
<el-button @click="visible = false">{{ $t('cancel') }}</el-button> <el-button @click="visible = false">{{ $t('cancel') }}</el-button>
<el-button type="primary" <el-button
v-if="canSave" type="primary"
@click="dataFormSubmitHandle()">{{ $t('confirm') }}</el-button> v-if="canSave"
<el-button type="primary" @click="dataFormSubmitHandle()"
v-else >{{ $t('confirm') }}</el-button
disabled>{{ $t('confirm') }}</el-button> >
<el-button type="primary" v-else disabled>{{ $t('confirm') }}</el-button>
</template> </template>
</el-dialog> </el-dialog>
</template> </template>
@ -90,8 +108,10 @@
<script> <script>
import debounce from 'lodash/debounce' import debounce from 'lodash/debounce'
import { isEmail, isMobile } from '@/utils/validate' import { isEmail, isMobile } from '@/utils/validate'
import { encryptedData } from '@/utils'
export default { export default {
data () { data() {
return { return {
visible: false, visible: false,
canSave: true, canSave: true,
@ -111,11 +131,18 @@ export default {
} }
}, },
computed: { computed: {
dataRule () { dataRule() {
var validatePassword = (rule, value, callback) => { var validatePassword = (rule, value, callback) => {
if (!this.dataForm.id && !/\S/.test(value)) { if (!this.dataForm.id && !/\S/.test(value)) {
return callback(new Error(this.$t('validate.required'))) return callback(new Error(this.$t('validate.required')))
} }
let regex = new RegExp('(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z]).{8,20}')
if (!regex.test(value)) {
return callback(
new Error('密码必须8-20个字符,而且同时包含大小写字母和数字')
)
}
callback() callback()
} }
var validateConfirmPassword = (rule, value, callback) => { var validateConfirmPassword = (rule, value, callback) => {
@ -129,120 +156,179 @@ export default {
} }
var validateEmail = (rule, value, callback) => { var validateEmail = (rule, value, callback) => {
if (!isEmail(value)) { if (!isEmail(value)) {
return callback(new Error(this.$t('validate.format', { 'attr': this.$t('user.email') }))) return callback(
new Error(
this.$t('validate.format', { attr: this.$t('user.email') })
)
)
} }
callback() callback()
} }
var validateMobile = (rule, value, callback) => { var validateMobile = (rule, value, callback) => {
if (!isMobile(value)) { if (!isMobile(value)) {
return callback(new Error(this.$t('validate.format', { 'attr': this.$t('user.mobile') }))) return callback(
new Error(
this.$t('validate.format', { attr: this.$t('user.mobile') })
)
)
} }
callback() callback()
} }
return { return {
realName: [ realName: [
{ required: true, message: this.$t('validate.required'), trigger: 'blur' } {
], required: true,
password: [ message: this.$t('validate.required'),
{ validator: validatePassword, trigger: 'blur' } trigger: 'blur'
}
], ],
password: [{ validator: validatePassword, trigger: 'blur' }],
confirmPassword: [ confirmPassword: [
{ validator: validateConfirmPassword, trigger: 'blur' } { validator: validateConfirmPassword, trigger: 'blur' }
], ],
email: [ email: [
{ required: true, message: this.$t('validate.required'), trigger: 'blur' }, {
required: true,
message: this.$t('validate.required'),
trigger: 'blur'
},
{ validator: validateEmail, trigger: 'blur' } { validator: validateEmail, trigger: 'blur' }
], ],
phone: [ phone: [
{ required: true, message: this.$t('validate.required'), trigger: 'blur' }, {
required: true,
message: this.$t('validate.required'),
trigger: 'blur'
},
{ validator: validateMobile, trigger: 'blur' } { validator: validateMobile, trigger: 'blur' }
] ]
} }
} }
}, },
methods: { methods: {
init () { init() {
this.visible = true this.visible = true
this.dataForm.deptId = '' this.dataForm.deptId = ''
this.$nextTick(() => { this.$nextTick(() => {
this.$refs['dataForm'].resetFields() this.$refs['dataForm'].resetFields()
this.roleIdListDefault = [] this.roleIdListDefault = []
Promise.all([ Promise.all([this.getRoleList()]).then(() => {
this.getRoleList()
]).then(() => {
if (this.dataForm.id) { if (this.dataForm.id) {
this.getInfo() this.getInfo()
} }
}) })
}) })
//
this.getPubKey()
},
//
getPubKey() {
this.$http
.post('/auth/govweb/getKey')
.then(({ data: res }) => {
if (res.code !== 0) {
return this.$message.error(res.msg)
}
this.pubKey = res.data // ;
})
.catch(() => {})
}, },
// //
getRoleList () { getRoleList() {
return this.$http.get('/oper/access/operrole/list').then(({ data: res }) => { return this.$http
if (res.code !== 0) { .get('/oper/access/operrole/list')
return this.$message.error(res.msg) .then(({ data: res }) => {
} if (res.code !== 0) {
this.roleList = res.data return this.$message.error(res.msg)
}).catch(() => { }) }
this.roleList = res.data
})
.catch(() => {})
}, },
// //
getInfo () { getInfo() {
this.$http.get(`/epmetuser/operuser/${this.dataForm.id}`).then(({ data: res }) => { this.$http
if (res.code !== 0) { .get(`/epmetuser/operuser/${this.dataForm.id}`)
return this.$message.error(res.msg) .then(({ data: res }) => {
} if (res.code !== 0) {
this.dataForm = { return this.$message.error(res.msg)
...this.dataForm,
...res.data,
roleIdList: []
}
// ,
for (var i = 0; i < res.data.roleIdList.length; i++) {
if (this.roleList.filter(item => item.id === res.data.roleIdList[i])[0]) {
this.dataForm.roleIdList.push(res.data.roleIdList[i])
continue
} }
this.roleIdListDefault.push(res.data.roleIdList[i]) this.dataForm = {
} ...this.dataForm,
}).catch(() => { }) ...res.data,
roleIdList: []
}
// ,
for (var i = 0; i < res.data.roleIdList.length; i++) {
if (
this.roleList.filter(
(item) => item.id === res.data.roleIdList[i]
)[0]
) {
this.dataForm.roleIdList.push(res.data.roleIdList[i])
continue
}
this.roleIdListDefault.push(res.data.roleIdList[i])
}
})
.catch(() => {})
}, },
// //
dataFormSubmitHandle: debounce(function() { dataFormSubmitHandle: debounce(
function () {
this.$refs['dataForm'].validate((valid) => { this.$refs['dataForm'].validate((valid) => {
if (!valid) { if (!valid) {
return false return false
}
if (!this.canSave) {
return;
}
this.canSave = false;
setTimeout(() => {
this.canSave = true //
}, 2000)
this.$http[!this.dataForm.id ? 'post' : 'put']('/epmetuser/operuser', {
...this.dataForm,
roleIdList: [
...this.dataForm.roleIdList,
...this.roleIdListDefault
]
}).then(({ data: res }) => {
if (res.code !== 0) {
return this.$message.error(res.msg)
} }
this.$message({ if (!this.canSave) {
message: this.$t('prompt.success'), return
type: 'success', }
duration: 500, this.canSave = false
onClose: () => { setTimeout(() => {
this.visible = false this.canSave = true //
this.$emit('refreshDataList') }, 2000)
const { pubKey } = this
this.$http[!this.dataForm.id ? 'post' : 'put'](
'/epmetuser/operuser',
{
...this.dataForm,
roleIdList: [
...this.dataForm.roleIdList,
...this.roleIdListDefault
],
password: encryptedData(pubKey, this.dataForm.password),
confirmPassword: encryptedData(
pubKey,
this.dataForm.confirmPassword
),
email: encryptedData(pubKey, this.dataForm.email),
phone: encryptedData(pubKey, this.dataForm.phone)
} }
}) )
}).catch(() => { }) .then(({ data: res }) => {
}) if (res.code !== 0) {
}, 1000, { 'leading': true, 'trailing': false }) return this.$message.error(res.msg)
}
this.$message({
message: this.$t('prompt.success'),
type: 'success',
duration: 500,
onClose: () => {
this.visible = false
this.$emit('refreshDataList')
}
})
})
.catch(() => {})
})
},
1000,
{ leading: true, trailing: false }
)
} }
} }
</script> </script>

Write Preview
Loading…
Cancel
Save