Index: forgon-core/src/main/java/com/forgon/directory/action/PersonalSettingAction.java =================================================================== diff -u -r23521 -r29164 --- forgon-core/src/main/java/com/forgon/directory/action/PersonalSettingAction.java (.../PersonalSettingAction.java) (revision 23521) +++ forgon-core/src/main/java/com/forgon/directory/action/PersonalSettingAction.java (.../PersonalSettingAction.java) (revision 29164) @@ -11,6 +11,7 @@ import com.forgon.directory.acegi.tools.AcegiHelper; import com.forgon.directory.service.PersonalSettingManager; +import com.forgon.exception.SystemException; import com.forgon.security.model.User; import com.forgon.tools.StrutsParamUtils; import com.forgon.tools.StrutsResponseUtils; @@ -52,8 +53,8 @@ public void save() { Long id = AcegiHelper.getLoginUser().getUserId(); User user = personalSettingManager.getUserByproperty("id", id); - JSONObject jSONObject = null; - + JSONObject jSONObject = new JSONObject(); + jSONObject.put("success", true); // if(newPassword.length()<6){ // jSONObject = new JSONObject(); // jSONObject.put("success", false); @@ -66,13 +67,17 @@ user.setPasswd(newPassword); try{ personalSettingManager.modifyPersonalPassWord(user); + }catch(SystemException e){ + jSONObject.put("success", false); + jSONObject.put("message", e.getMessage()); }catch (Exception e) { - passwdEquals = false; + jSONObject.put("success", false); + jSONObject.put("message", e.getMessage()); } + }else{ + jSONObject.put("success", passwdEquals); + jSONObject.put("message", "旧密码不正确,请重新填写!"); } - jSONObject = new JSONObject(); - jSONObject.put("success", passwdEquals); - jSONObject.put("message", "旧密码不正确,请重新填写!"); // } StrutsResponseUtils.output(jSONObject); } Index: ssts-web/src/main/webapp/js/common.js =================================================================== diff -u -r29163 -r29164 --- ssts-web/src/main/webapp/js/common.js (.../common.js) (revision 29163) +++ ssts-web/src/main/webapp/js/common.js (.../common.js) (revision 29164) @@ -2123,26 +2123,50 @@ /** * 检查密码复杂度的要求,根据配置项进行检查。条件包括最小长度、是否需要包含数字、大写字母、小写字母等 * @param pwd + * @param loginUser 当前登录用户账号;如果不传,就在后台判断密码是否可以包含账号 * @return {success:false, msg:"密码必须包含字母和数字,长度最小为8位!"} */ -function testPasswordReg(pwd) { +function testPasswordReg(pwd, loginUser) { /*simon:update needBeStrongPwdWhenModifyPwd当修改密码时,密码是否一定为强密码*/ + //needBeStrongPwdWhenModifyPwd :{'minPwdLength':8,'containLetter':true,'containUppercaseLetter':false,'containLowerCaseLetter':false,'containSpecialChar':true,'containNumber':true,'passwordNotContainLoginName':true} var pwdConfig = sstsConfig.needBeStrongPwdWhenModifyPwd; - var obj = {"success":false, "msg":"密码必须包含字母和数字,长度最小为8位!"}; + var msg = "密码必须包含字母和数字,长度最小为8位!"; + var obj = {"success":false, "msg":msg}; if ( !isUndefinedOrNullOrEmpty(pwdConfig)) { - var minPwdLength = 6; + var minPwdLength = pwdConfig.minPwdLength; + var containLetter = pwdConfig.containLetter; + var containUppercaseLetter = pwdConfig.containUppercaseLetter; + var containLowerCaseLetter = pwdConfig.containLowerCaseLetter; + var containSpecialChar = pwdConfig.containSpecialChar; + var containNumber = pwdConfig.containNumber; + var passwordNotContainLoginName = pwdConfig.passwordNotContainLoginName; + + minPwdLength = isUndefinedOrNullOrEmpty(minPwdLength) ? 6 : minPwdLength; if (!isUndefinedOrNullOrEmpty(pwdConfig.minPwdLength)){ minPwdLength = pwdConfig.minPwdLength; } - if (pwd.length < minPwdLength || !/[0-9]+/.test(pwd) || !/[a-zA-Z]+/.test(pwd)) { - obj.success = false; - } else { - obj.success = true; - } + if(pwd.length < minPwdLength){ + obj.msg = "密码长度最小为8位!"; + }else if((containNumber && !/[0-9]+/.test(pwd)) || (containLetter && !/[a-zA-Z]+/.test(pwd))){ + obj.msg = "密码必须包含字母和数字!"; + }else if((containUppercaseLetter && !/[A-Z]+/.test(pwd)) || (containLowerCaseLetter && !/[a-z]+/.test(pwd))){ + obj.msg = "密码必须包含大写字母和小写字母!"; + }else if((containSpecialChar && !/[^A-Za-z0-9]/.test(pwd))){ + obj.msg = "密码必须包含特殊字符!"; + }else if(!isUndefinedOrNullOrEmpty(loginUser)){ + var tempPwd = pwd.toLowerCase(); + var tempLoginUser = loginUser.toLowerCase(); + if(passwordNotContainLoginName && tempPwd.indexOf(tempLoginUser) == 0){ + obj.msg = "密码不可以包含账号!"; + } + }else{ + obj.success = true; + } + } else { obj.success = false; } Index: forgon-core/src/main/java/com/forgon/directory/service/PersonalSettingManagerImpl.java =================================================================== diff -u -r21531 -r29164 --- forgon-core/src/main/java/com/forgon/directory/service/PersonalSettingManagerImpl.java (.../PersonalSettingManagerImpl.java) (revision 21531) +++ forgon-core/src/main/java/com/forgon/directory/service/PersonalSettingManagerImpl.java (.../PersonalSettingManagerImpl.java) (revision 29164) @@ -2,9 +2,15 @@ import java.util.List; +import net.sf.json.JSONObject; + +import org.apache.commons.lang.StringUtils; + import com.forgon.directory.mailremotemanager.service.RemoteManagerClient; +import com.forgon.exception.SystemException; import com.forgon.security.model.User; import com.forgon.security.service.UserManager; +import com.forgon.tools.util.ConfigUtils; /** * @author yuanbin @@ -38,6 +44,16 @@ } public void modifyPersonalPassWord(User user) { + // QYSRMYY-26 要求修改密码时需要强密码 + String needBeStrongPwdWhenModifyPwd = ConfigUtils.getSystemSetConfigByName("needBeStrongPwdWhenModifyPwd"); + if(StringUtils.isNotBlank(needBeStrongPwdWhenModifyPwd)){ + JSONObject json = JSONObject.fromObject(needBeStrongPwdWhenModifyPwd); + // passwordNotContainLoginName(密码包含账号):值为true密码不可以包含账号,值为false时可以包含账号 + Boolean passwordNotContainLoginName = json.optBoolean("passwordNotContainLoginName", false); + if(passwordNotContainLoginName && user.getPasswd().toLowerCase().indexOf(user.getName().toLowerCase()) != -1){ + throw new SystemException("密码不可以包含账号!"); + } + } if (remoteManagerClient != null) { remoteManagerClient.setPassword(user.getName(), user.getPasswd()); }