smart_assess.git

			@@ -2,19 +2,23 @@

			import cn.hutool.core.codec.Base64;
			import cn.hutool.core.util.ObjectUtil;
			import com.alibaba.fastjson.JSONObject;
			import com.baomidou.mybatisplus.core.toolkit.Wrappers;
			import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
			import com.gkhy.assess.common.api.CommonPage;
			import com.gkhy.assess.common.constant.CacheConstant;
			import com.gkhy.assess.common.domain.CustomerUsernamePasswordToken;
			import com.gkhy.assess.common.domain.vo.AccountVO;
			import com.gkhy.assess.common.domain.vo.LoginBody;
			import com.gkhy.assess.common.enums.AttachTypeEnum;
			import com.gkhy.assess.common.enums.DeleteFlagEnum;
			import com.gkhy.assess.common.enums.UserIdentityEnum;
			import com.gkhy.assess.common.exception.ApiException;
			import com.gkhy.assess.common.utils.*;
			import com.gkhy.assess.system.domain.SysAgency;
			import com.gkhy.assess.system.domain.SysAttach;
			import com.gkhy.assess.system.domain.SysUser;
			import com.gkhy.assess.system.mapper.SysAgencyMapper;
			import com.gkhy.assess.system.domain.*;
			import com.gkhy.assess.system.domain.vo.PersonProjectVO;
			import com.gkhy.assess.system.mapper.AssProjectMapper;
			import com.gkhy.assess.system.mapper.SysUserFaceMapper;
			import com.gkhy.assess.system.mapper.SysUserMapper;
			import com.gkhy.assess.system.service.SysAgencyService;
			import com.gkhy.assess.system.service.SysAttachService;
			@@ -24,6 +28,7 @@
			import org.apache.shiro.SecurityUtils;
			import org.apache.shiro.authc.*;
			import org.apache.shiro.subject.Subject;
			import org.checkerframework.checker.units.qual.A;
			import org.springframework.beans.BeanUtils;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.stereotype.Service;
			@@ -31,9 +36,8 @@

			import javax.servlet.http.HttpServletRequest;
			import javax.validation.Validator;
			import java.util.ArrayList;
			import java.util.List;
			import java.util.Objects;
			import java.util.*;
			import java.util.stream.Collectors;


			/**
			@@ -55,19 +59,25 @@

			@Autowired
			private HttpServletRequest request;
			@Autowired
			private SysAgencyMapper agencyMapper;

			@Autowired
			private SysAgencyService agencyService;
			@Autowired
			private SysAttachService attachService;

			@Autowired
			private SysUserFaceMapper userFaceMapper;
			@Autowired
			private AssProjectMapper projectMapper;

			@Override
			public AccountVO login(LoginBody loginBody) {
			if(loginBody.getIdentity()==null){
			throw new ApiException("请选择登录用户身份");
			}
			// 验证码校验
			// validateCaptcha(loginBody.getUsername(), loginBody.getCode(), loginBody.getUuid());
			UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(loginBody.getUsername(), Base64.decodeStr(loginBody.getPassword()), false);
			validateCaptcha(loginBody.getUsername(), loginBody.getCode(), loginBody.getUuid());
			// UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(loginBody.getUsername(), Base64.decodeStr(loginBody.getPassword()), false);
			CustomerUsernamePasswordToken usernamePasswordToken=new CustomerUsernamePasswordToken(loginBody.getUsername(), Base64.decodeStr(loginBody.getPassword()),loginBody.getIdentity());
			Subject subject= SecurityUtils.getSubject();
			String msg ;
			try {
			@@ -75,10 +85,53 @@
			SysUser sysUser = (SysUser) subject.getPrincipal();
			AccountVO accountVO = new AccountVO();
			BeanUtils.copyProperties(sysUser, accountVO);

			String token = JwtTokenUtil.sign(sysUser.getUsername(),sysUser.getPassword());
			if(sysUser.getAgencyId()!=null){
			SysAgency agency=agencyService.getOne(Wrappers.<SysAgency>lambdaQuery()
			.select(SysAgency::getId,SysAgency::getName)
			.eq(SysAgency::getId,sysUser.getAgencyId()));
			accountVO.setAgentName(agency.getName());
			accountVO.setAgentId(agency.getId());
			}
			String token = JwtTokenUtil.sign(sysUser.getUsername(),sysUser.getPassword(),loginBody.getIdentity());
			accountVO.setToken(token);
			cacheUserToken(sysUser.getUsername(),token);
			cacheUserToken(sysUser.getUsername(),sysUser.getIdentity(),token);
			return accountVO;
			}catch (UnknownAccountException \| IncorrectCredentialsException uae){
			throw new ApiException("用户名/密码错误，请重新输入");
			} catch (LockedAccountException lae) { // 账号已被锁定
			msg = "账号已被锁定";
			throw new ApiException(msg);
			}catch (AuthenticationException ae) { // 其他身份验证异常
			msg = "用户认证失败:"+ae.getMessage();
			throw new ApiException(msg);
			}
			}



			@Override
			public AccountVO appLogin(LoginBody loginBody) {
			// app端只能是专家用户登录
			loginBody.setIdentity(UserIdentityEnum.EXPERT.getCode());
			CustomerUsernamePasswordToken usernamePasswordToken = new CustomerUsernamePasswordToken(loginBody.getUsername(), Base64.decodeStr(loginBody.getPassword()), loginBody.getIdentity());
			Subject subject= SecurityUtils.getSubject();
			String msg ;
			try {
			subject.login(usernamePasswordToken);
			SysUser sysUser = (SysUser) subject.getPrincipal();
			AccountVO accountVO = new AccountVO();
			BeanUtils.copyProperties(sysUser, accountVO);
			if(sysUser.getAgencyId()!=null){
			SysAgency agency=agencyService.getOne(Wrappers.<SysAgency>lambdaQuery()
			.select(SysAgency::getId,SysAgency::getName)
			.eq(SysAgency::getId,sysUser.getAgencyId()));
			accountVO.setAgentName(agency.getName());
			accountVO.setAgentId(agency.getId());
			}
			String token = JwtTokenUtil.sign(sysUser.getUsername(),sysUser.getPassword(),loginBody.getIdentity());
			accountVO.setToken(token);
			cacheUserToken(sysUser.getUsername(),sysUser.getIdentity(),token);
			accountVO.setIdPhoto(sysUser.getIdPhoto());
			return accountVO;
			}catch (UnknownAccountException \| IncorrectCredentialsException uae){
			throw new ApiException("用户名/密码错误，请重新输入");
			@@ -95,16 +148,15 @@
			* 清空旧的登录信息，保证同时只有一个用户再登录，后登录用户会挤掉前一个用户
			* @param username
			*/
			public void cacheUserToken(String username,String newToken){

			// String userKey = redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN + ":" + username);
			// String oldToken = (String) redisUtils.get(userKey);
			// if (StrUtil.isNotBlank(oldToken)) {
			// String oldTokenkey = redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN + ":" + JwtTokenUtil.md5Encode(oldToken));
			// redisUtils.del(oldTokenkey);
			// redisUtils.del(userKey);
			// }
			// redisUtils.set(userKey, newToken,(JwtTokenUtil.EXPIRATION*2/1000)+2);
			public void cacheUserToken(String username,Integer identity,String newToken){
			String userKey = redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN + ":" + username+"_"+identity);
			String oldToken = (String) redisUtils.get(userKey);
			if (StringUtils.isNotBlank(oldToken)) {
			String oldTokenkey = redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN + ":" + JwtTokenUtil.md5Encode(oldToken));
			redisUtils.del(oldTokenkey);
			redisUtils.del(userKey);
			}
			redisUtils.set(userKey, newToken,(JwtTokenUtil.EXPIRATION*2/1000)+2);


			String tokenKey= redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN+":"+JwtTokenUtil.md5Encode(newToken));
			@@ -112,6 +164,7 @@
			redisUtils.set(tokenKey,newToken);
			redisUtils.expire(tokenKey,JwtTokenUtil.EXPIRATION*2/1000);
			}


			/**
			* 校验验证码
			@@ -142,9 +195,15 @@
			@Override
			public void logout() {
			String jwtToken = request.getHeader(JwtTokenUtil.USER_LOGIN_TOKEN);
			String key= redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN+":"+JwtTokenUtil.md5Encode(jwtToken));
			//删除redis缓存
			redisUtils.del(key);
			if(StringUtils.isNotBlank(jwtToken)){
			String username=JwtTokenUtil.getUsername(jwtToken);
			Integer identity=JwtTokenUtil.getIdentity(jwtToken);
			String userKey = redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN + ":" + username+"_"+identity);
			String tokenKey= redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN+":"+JwtTokenUtil.md5Encode(jwtToken));
			//删除redis缓存
			redisUtils.del(tokenKey);
			redisUtils.del(userKey);
			}
			}

			@Override
			@@ -163,14 +222,31 @@

			@Override
			public CommonPage<SysUser> expertList(SysUser user) {
			SysUser currentUser= ShiroUtils.getSysUser();
			if(!currentUser.getIdentity().equals(UserIdentityEnum.MONITOR.getCode())){
			//机构用户只能查看本机构的专家
			if(currentUser.getAgencyId()==null){
			throw new ApiException("用户机构id为空");
			}
			user.setAgencyId(currentUser.getAgencyId());
			}
			PageUtil.startPage();
			List<SysUser> users=baseMapper.expertList(user);
			if(users.size()>0) {
			//统计用户参与项目的信息
			List<Long> userIds = users.stream().map(item -> item.getId()).collect(Collectors.toList());
			List<PersonProjectVO> personProjectVOList = projectMapper.getProjectByPersonIds(userIds);
			Map<Long, PersonProjectVO> maps = personProjectVOList.stream().collect(Collectors.toMap(PersonProjectVO::getPersonId, a -> a));
			for (SysUser sysUser : users) {
			sysUser.setPersonProjectVO(maps.get(sysUser.getId()));
			}
			}
			return CommonPage.restPage(users);
			}

			@Override
			public SysUser getUserByUsername(String username) {
			String key=redisUtils.generateKey(CacheConstant.SYS_USER_NAME+":"+username);
			public SysUser getUserByUsername(String username,Integer identity) {
			String key=redisUtils.generateKey(CacheConstant.SYS_USER_NAME + ":" + username+"_"+identity);
			SysUser sysUser =null;
			if(redisUtils.hasKey(key)){
			sysUser= (SysUser) redisUtils.get(key);
			@@ -181,19 +257,20 @@
			return sysUser;
			}

			public void delCacheByUsername(String username){
			String key=redisUtils.generateKey(CacheConstant.SYS_USER_NAME+":"+username);
			@Override
			public void delCacheByUsername(String username,Integer identity){
			String key=redisUtils.generateKey(CacheConstant.SYS_USER_NAME+":"+username+"_"+identity);
			redisUtils.del(key);
			}

			@Override
			public SysUser getUserByUsernamePhone(String username) {
			String key=redisUtils.generateKey(CacheConstant.SYS_USER_NAME+":"+username);
			public SysUser getUserByUsernamePhone(String username,Integer identity) {
			String key=redisUtils.generateKey(CacheConstant.SYS_USER_NAME+":"+username+"_"+identity);
			SysUser sysUser =null;
			if(redisUtils.hasKey(key)){
			sysUser= (SysUser) redisUtils.get(key);
			}else {
			sysUser = baseMapper.getUserByUsernamePhone(username);
			sysUser = baseMapper.getUserByUsernamePhone(username,identity);
			redisUtils.set(key,sysUser,10*60);
			}
			return sysUser;
			@@ -211,13 +288,15 @@
			if(!checkUsernameUnique(new SysUser().setUsername(user.getUsername()))){
			throw new ApiException("用户名已存在");
			}
			if(!checkPhoneUnique(new SysUser().setUsername(user.getPhone()))){
			if(!checkPhoneUnique(new SysUser().setUsername(user.getPhone()).setIdentity(UserIdentityEnum.MONITOR.getCode()))){
			throw new ApiException("手机号已存在");
			}
			String originPsword=Base64.decodeStr(user.getPassword());
			validatorPassword(originPsword);
			//密码生成规则:md5(username+password+salt)
			user.setPassword(JwtTokenUtil.encryptPassword(user.getUsername(),originPsword,user.getSalt()));
			user.setIdentity(UserIdentityEnum.MONITOR.getCode());
			user.setCreateBy(ShiroUtils.getSysUser().getUsername());
			boolean b=save(user);
			if(!b){
			throw new ApiException("创建监管用户信息失败");
			@@ -232,7 +311,7 @@
			if(!checkUsernameUnique(new SysUser().setUsername(user.getUsername()))){
			throw new ApiException("用户名已存在");
			}
			if(!checkPhoneUnique(new SysUser().setUsername(user.getPhone()))){
			if(!checkPhoneUnique(new SysUser().setUsername(user.getPhone()).setIdentity(UserIdentityEnum.AGENCY.getCode()))){
			throw new ApiException("手机号已存在");
			}
			String originPsword=Base64.decodeStr(user.getPassword());
			@@ -246,15 +325,18 @@
			if(!agencyService.checkAgencyNameUnique(new SysAgency().setName(agency.getName()))){
			throw new ApiException("机构名称已存在");
			}
			int i=agencyMapper.insert(agency);
			if(i<1){
			agency.setCreateBy(ShiroUtils.getSysUser()!=null?ShiroUtils.getSysUser().getUsername():"");
			boolean b=agencyService.save(agency);
			if(!b){
			throw new ApiException("保存机构信息失败");
			}

			//创建机构用户
			user.setIdentity(UserIdentityEnum.AGENCY.getCode());
			user.setAgencyId(agency.getId());
			user.setPassword(JwtTokenUtil.encryptPassword(user.getUsername(),originPsword,user.getSalt()));

			boolean b=save(user);
			user.setCreateBy(ShiroUtils.getSysUser()!=null?ShiroUtils.getSysUser().getUsername():"");
			b=save(user);
			if(!b){
			throw new ApiException("创建机构用户信息失败");
			}
			@@ -264,18 +346,28 @@
			@Override
			@Transactional(rollbackFor = RuntimeException.class)
			public int addExpert(SysUser user) {
			user.setIdentity(UserIdentityEnum.EXPERT.getCode());
			checkUserAllowed(user);
			//校验用户信息
			if(!checkUsernameUnique(new SysUser().setUsername(user.getUsername()))){
			throw new ApiException("用户名已存在");
			}
			if(!checkPhoneUnique(new SysUser().setUsername(user.getPhone()))){
			if(!checkPhoneUnique(new SysUser().setUsername(user.getPhone()).setIdentity(UserIdentityEnum.EXPERT.getCode()))){
			throw new ApiException("手机号已存在");
			}
			String major=user.getMajor();
			List<Integer> majors=new ArrayList<>();
			JSONObject jsonObject=JSONObject.parseObject(major);
			jsonObject.forEach((key,value)-> {
			majors.add(Integer.valueOf(key));
			});
			user.setMajor(StringUtils.join(",",majors));
			user.setCertificateNo(major);
			String originPsword=Base64.decodeStr(user.getPassword());
			validatorPassword(originPsword);
			user.setIdentity(UserIdentityEnum.EXPERT.getCode());
			user.setCreateBy(ShiroUtils.getSysUser().getUsername());
			user.setPassword(JwtTokenUtil.encryptPassword(user.getUsername(),originPsword,user.getSalt()));

			boolean b=save(user);
			if(!b){
			throw new ApiException("创建专家信息失败");
			@@ -322,22 +414,31 @@
			@Override
			@Transactional(rollbackFor = RuntimeException.class)
			public int deleteUserById(Long userId) {
			SysUser user=getUserById(userId);
			if(user==null){
			throw new ApiException("用户不存在");
			}
			SysUser currentUser=ShiroUtils.getSysUser();
			SysUser user=checkUserDataScope(userId);
			if(Objects.equals(ShiroUtils.getUserId(), userId)){
			throw new ApiException("不能删除自己账号");
			}
			//机构用户,将机构信息设置成删除状态
			if(user.getIdentity().equals(UserIdentityEnum.AGENCY.getCode())){
			if(user.getAgencyId()==null){
			throw new ApiException("获取机构id为空");
			if(user.getIdentity().equals(UserIdentityEnum.AGENCY.getCode())\|\|user.getIdentity().equals(UserIdentityEnum.MONITOR.getCode())){
			if(!currentUser.getIdentity().equals(UserIdentityEnum.MONITOR.getCode())){
			throw new ApiException("没有权限，只有监管用户才能操作");
			}
			agencyMapper.deleteAgencyById(user.getAgencyId());
			//机构用户,将机构信息设置成删除状态
			if(user.getIdentity().equals(UserIdentityEnum.AGENCY.getCode())) {
			if (user.getAgencyId() == null) {
			throw new ApiException("获取机构id为空");
			}
			SysAgency agency=new SysAgency().setId(user.getAgencyId());
			agency.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			agency.setDelFlag(DeleteFlagEnum.DELETED.getCode());
			agencyService.updateById(agency);
			}
			}
			delCacheByUsername(user.getUsername());
			return baseMapper.deleteUserById(userId);
			delCacheByUsername(user.getUsername(),user.getIdentity());
			user=new SysUser().setId(userId);
			user.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			user.setDelFlag(DeleteFlagEnum.DELETED.getCode());
			return baseMapper.updateById(user);
			}

			@Override
			@@ -346,11 +447,12 @@
			if(!checkUsernameUnique(user)){
			throw new ApiException("用户名已存在");
			}
			if(!checkPhoneUnique(user)){
			if(!checkPhoneUnique(user.setIdentity(UserIdentityEnum.MONITOR.getCode()))){
			throw new ApiException("手机号已存在");
			}
			delCacheByUsername(user.getUsername());
			delCacheByUsername(user.getUsername(),UserIdentityEnum.MONITOR.getCode());
			user.setPassword(null);
			user.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			boolean b=updateById(user);
			if(!b){
			throw new ApiException("更新监管用户信息失败");
			@@ -366,7 +468,7 @@
			if(!checkUsernameUnique(user)){
			throw new ApiException("用户名已存在");
			}
			if(!checkPhoneUnique(user)){
			if(!checkPhoneUnique(user.setIdentity(UserIdentityEnum.AGENCY.getCode()))){
			throw new ApiException("手机号已存在");
			}
			SysAgency agency=user.getAgency();
			@@ -379,9 +481,11 @@
			throw new ApiException("机构名称已存在");
			}

			delCacheByUsername(user.getUsername());
			delCacheByUsername(user.getUsername(),UserIdentityEnum.AGENCY.getCode());
			agency.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			agencyService.updateById(agency);
			user.setPassword(null);
			user.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			boolean b=updateById(user);
			if(!b){
			throw new ApiException("更新用户失败");
			@@ -391,20 +495,31 @@

			@Override
			public int editExpert(SysUser user) {
			checkUserDataScope(user.getId());
			//校验用户信息
			if(!checkUsernameUnique(user)){
			throw new ApiException("用户名已存在");
			}
			if(!checkPhoneUnique(user)){
			if(!checkPhoneUnique(user.setIdentity(UserIdentityEnum.EXPERT.getCode()))){
			throw new ApiException("手机号已存在");
			}
			user.setPassword(null);
			boolean b=updateById(user);
			if(!b){
			throw new ApiException("更新专家信息失败");
			String major=user.getMajor();
			if(StringUtils.isNotBlank(major)){
			List<Integer> majors=new ArrayList<>();
			JSONObject jsonObject=JSONObject.parseObject(major);
			jsonObject.forEach((key,value)-> {
			majors.add(Integer.valueOf(key));
			});
			user.setMajor(StringUtils.join(",",majors));
			user.setCertificateNo(major);
			}
			//刪除旧数据
			attachService.deleteAttachsByUserId(user.getId(),null);
			user.setPassword(null);
			user.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			int row=baseMapper.updateById(user);

			List<SysAttach> existAttaches=attachService.getAttachsByUserId(user.getId(),null);
			// 刪除旧数据
			// attachService.deleteAttachsByUserId(user.getId(),null);

			List<SysAttach> socialAttach=user.getSocialAttach();
			List<SysAttach> medicalAttach=user.getMedicalAttach();
			@@ -425,9 +540,20 @@
			attach.setUserId(user.getId());
			attaches.add(attach);
			}
			attachService.saveBatch(attaches);
			delCacheByUsername(user.getUsername());
			return 1;
			attachService.saveOrUpdateBatch(attaches);

			List<Long> newIds=attaches.stream().map(SysAttach::getId).collect(Collectors.toList());
			List<Long> delIds=new ArrayList<>();
			for(SysAttach attach:existAttaches){
			if(!newIds.contains(attach.getId())){
			delIds.add(attach.getId());
			}
			}
			if(!delIds.isEmpty()){
			attachService.deleteAttachsByIds(delIds);
			}
			delCacheByUsername(user.getUsername(),UserIdentityEnum.EXPERT.getCode());
			return row;
			}


			@@ -435,11 +561,10 @@
			public boolean resetUserPwd(SysUser user) {
			String originPsword=Base64.decodeStr(user.getPassword());
			validatorPassword(originPsword);
			checkUserAllowed(user);
			SysUser oldUser=checkUserDataScope(user.getId());
			SysUser newUser=new SysUser().setId(user.getId()).setPassword(JwtTokenUtil.encryptPassword(oldUser.getUsername(),originPsword,oldUser.getSalt()));
			newUser.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			delCacheByUsername(oldUser.getUsername());
			delCacheByUsername(oldUser.getUsername(),oldUser.getIdentity());
			return updateById(newUser);
			}

			@@ -456,8 +581,11 @@

			@Override
			public boolean checkPhoneUnique(SysUser user) {
			if(user.getIdentity()==null){
			throw new ApiException("用户身份不能为空");
			}
			Long userId = user.getId()==null ? -1L : user.getId();
			SysUser info = baseMapper.checkPhoneUnique(user.getPhone());
			SysUser info = baseMapper.checkPhoneUnique(user.getPhone(),user.getIdentity());
			if (info!=null && info.getId().longValue() != userId.longValue())
			{
			return false;
			@@ -478,7 +606,15 @@

			@Override
			public void checkUserAllowed(SysUser user) {

			SysUser currentUser=ShiroUtils.getSysUser();
			if(!Objects.equals(currentUser.getIdentity(), UserIdentityEnum.MONITOR.getCode())){
			if(Objects.equals(user.getIdentity(), UserIdentityEnum.MONITOR.getCode())){
			throw new ApiException("无权操作监管用户");
			}
			if(!Objects.equals(currentUser.getAgencyId(), user.getAgencyId())){
			throw new ApiException("无权操作其他机构用户");
			}
			}
			}

			@Override
			@@ -486,81 +622,32 @@
			if(userId==null){
			throw new ApiException("用户id为空！");
			}
			SysUser user = baseMapper.getUserById(userId);
			SysUser user = getById(userId);
			if (ObjectUtil.isNull(user))
			{
			throw new ApiException("用户数据不存在！");
			}
			checkUserAllowed(user);
			return user;
			}

			@Override
			public String importUser(List<SysUser> userList,Boolean isUpdateSupport) {
			if(ObjectUtil.isEmpty(userList)\|\|userList.size()==0){
			throw new ApiException("导入用户数据不能为空");
			}
			int successNum=0;
			int failureNum=0;
			StringBuilder successMsg=new StringBuilder();
			StringBuilder failureMsg=new StringBuilder();
			String password=configService.getConfigByKey("sys.user.initPassword");
			for(SysUser user:userList){
			try {
			SysUser u = baseMapper.getUserByUsername(user.getUsername());
			if (ObjectUtil.isNull(u)) {
			BeanValidators.validateWithException(validator, user);
			user.setPassword(JwtTokenUtil.md5Encode(user.getUsername() + password));
			user.setCreateBy("");
			save(user);
			successNum++;
			successMsg.append("<br/>" + successNum + "、账号 " + user.getUsername() + " 导入成功");
			} else if (isUpdateSupport) {
			BeanValidators.validateWithException(validator, user);
			checkUserAllowed(u);
			checkUserDataScope(u.getId());
			user.setId(u.getId());
			user.setUpdateBy("");
			updateById(user);
			successNum++;
			successMsg.append("<br/>" + successNum + "、账号 " + user.getUsername() + " 更新成功");
			} else {
			failureNum++;
			failureMsg.append("<br/>" + failureNum + "、账号 " + user.getUsername() + " 已存在");
			}
			}catch (Exception e){
			failureNum++;
			String msg = "<br/>" + failureNum + "、账号 " + user.getUsername() + " 导入失败：";
			failureMsg.append(msg + e.getMessage());
			log.error(msg, e);
			}
			}
			if (failureNum > 0){
			failureMsg.insert(0, "很抱歉，导入失败！共 " + failureNum + " 条数据格式不正确，错误如下：");
			throw new ApiException(failureMsg.toString());
			}else{
			successMsg.insert(0, "恭喜您，数据已全部导入成功！共 " + successNum + " 条，数据如下：");
			}

			return successMsg.toString();
			}

			@Override
			public boolean changeUserStatus(SysUser user) {
			checkUserAllowed(user);
			SysUser existUser=checkUserDataScope(user.getId());
			SysUser su=new SysUser().setId(user.getId()).setStatus(user.getStatus());
			su.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			delCacheByUsername(existUser.getUsername());
			delCacheByUsername(existUser.getUsername(),existUser.getIdentity());
			return updateById(su);
			}

			@Override
			public boolean changeApprove(SysUser user) {
			checkUserAllowed(user);
			SysUser existUser=checkUserDataScope(user.getId());
			SysUser su=new SysUser().setId(user.getId()).setState(user.getState());
			su.setUpdateBy(ShiroUtils.getSysUser().getUsername());
			delCacheByUsername(existUser.getUsername());
			delCacheByUsername(existUser.getUsername(),existUser.getIdentity());
			return updateById(su);
			}
			}