fix: 修复个人设置中修改密码失败的问题

2020-09-30 16:24:07 +08:00 · 2020-09-30 16:24:07 +08:00 · 794af4605e
parent 81d64b5932
commit 794af4605e
1 changed files with 13 additions and 15 deletions
--- a/backend/src/main/java/io/metersphere/service/UserService.java
+++ b/backend/src/main/java/io/metersphere/service/UserService.java
@ -487,20 +487,18 @@ public class UserService {

    /*修改当前用户用户密码*/
    private User updateCurrentUserPwd(EditPassWordRequest request) {
-        if (SessionUtils.getUser() != null) {
-            User user = userMapper.selectByPrimaryKey(SessionUtils.getUser().getId());
-            String pwd = user.getPassword();
-            String prepwd = CodingUtil.md5(request.getPassword(), "utf-8");
-            String newped = request.getNewpassword();
-            if (StringUtils.isNotBlank(prepwd)) {
-                if (prepwd.trim().equals(pwd.trim())) {
-                    user.setPassword(CodingUtil.md5(newped));
-                    user.setUpdateTime(System.currentTimeMillis());
-                    return user;
-                }
-            }
-            MSException.throwException(Translator.get("password_modification_failed"));
+        String oldPassword = CodingUtil.md5(request.getPassword(), "utf-8");
+        String newPassword = request.getNewpassword();
+        UserExample userExample = new UserExample();
+        userExample.createCriteria().andIdEqualTo(SessionUtils.getUser().getId()).andPasswordEqualTo(oldPassword);
+        List<User> users = userMapper.selectByExample(userExample);
+        if (!CollectionUtils.isEmpty(users)) {
+            User user = users.get(0);
+            user.setPassword(CodingUtil.md5(newPassword));
+            user.setUpdateTime(System.currentTimeMillis());
+            return user;
        }
+        MSException.throwException(Translator.get("password_modification_failed"));
        return null;
    }

@ -512,8 +510,8 @@ public class UserService {
    /*管理员修改用户密码*/
    private User updateUserPwd(EditPassWordRequest request) {
        User user = userMapper.selectByPrimaryKey(request.getId());
-        String newped = request.getNewpassword();
-        user.setPassword(CodingUtil.md5(newped));
+        String newPassword = request.getNewpassword();
+        user.setPassword(CodingUtil.md5(newPassword));
        user.setUpdateTime(System.currentTimeMillis());
        return user;
    }