密码加密时修改时校对bug修复#397

ac6830b0 · NoSubject · 9d4851fd · ac6830b0
Showing with 24 addition and 16 deletion

o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java ...ion/assemble/personal/jaxrs/person/ActionSetPassword.java +24 -16

未找到文件。
--- a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java
+++ b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java
@@ -56,18 +56,19 @@ class ActionSetPassword extends BaseAction {
 				if (StringUtils.isEmpty(wi.getConfirmPassword())) {
 					throw new ExceptionConfirmPasswordEmpty();
 				}
+				/*
 				if (!StringUtils.equals(wi.getNewPassword(), wi.getConfirmPassword())) {
 					throw new ExceptionTwicePasswordNotMatch();
 				}
 				if (StringUtils.equals(wi.getNewPassword(), wi.getOldPassword())) {
 					throw new ExceptionNewPasswordSameAsOldPassword();
-				}
-				
+				}*/
+
 				String oldPassword = wi.getOldPassword();
 				String newPassword = wi.getNewPassword();
 				String confirmPassword = wi.getConfirmPassword();
 				String isEncrypted = wi.getIsEncrypted();
-				
+
 				//RSA解秘
 				if (!StringUtils.isEmpty(isEncrypted)) {
 					if(isEncrypted.trim().equalsIgnoreCase("y")) {
@@ -76,8 +77,15 @@ class ActionSetPassword extends BaseAction {
 						confirmPassword = this.decryptRSA(confirmPassword);
 					}
 				}
-				
-				
+
+				if (!StringUtils.equals(newPassword, confirmPassword)) {
+					throw new ExceptionTwicePasswordNotMatch();
+				}
+				if (StringUtils.equals(newPassword, oldPassword)) {
+					throw new ExceptionNewPasswordSameAsOldPassword();
+				}
+
+
 				if (BooleanUtils.isTrue(Config.person().getSuperPermission())
 						&& StringUtils.equals(Config.token().getPassword(), oldPassword)) {
 					logger.info("user{name:" + person.getName() + "} use superPermission.");
@@ -90,8 +98,8 @@ class ActionSetPassword extends BaseAction {
 						throw new ExceptionInvalidPassword(Config.person().getPasswordRegexHint());
 					}
 				}
-				
-				
+
+
 				emc.beginTransaction(Person.class);
 				business.person().setPassword(person, wi.getNewPassword());
 				emc.commit();
@@ -104,8 +112,8 @@ class ActionSetPassword extends BaseAction {
 			return result;
 		}
 	}
-	
-	
+
+
 		public  String decryptRSA(String strDecrypt) {
 			String privateKey;
 			String decrypt = null;
@@ -117,7 +125,7 @@ class ActionSetPassword extends BaseAction {
 			}
 			return decrypt;
 		}
-	
+
 		public  String  getPrivateKey() {
 			 String privateKey = "";
 			 try {
@@ -131,19 +139,19 @@ class ActionSetPassword extends BaseAction {
 		}

 	public static class Wi extends GsonPropertyObject {
-		
+
 		@FieldDescribe("原密码")
 		private String oldPassword;
-		
+
 		@FieldDescribe("新密码")
 		private String newPassword;
-		
+
 		@FieldDescribe("确认新密码")
-		private String confirmPassword;	
-		
+		private String confirmPassword;
+
 		@FieldDescribe("是否启用加密,默认不加密,启用(y)。注意:使用加密先要在服务器运行 create encrypt key")
 		private String isEncrypted;
-		
+
 		public String getOldPassword() {
 			return oldPassword;
 		}