From 6dcdf925b451e89a5644df864849e06c65f4375d Mon Sep 17 00:00:00 2001
From: HuShuo <974211462@qq.com>
Date: Mon, 14 Oct 2024 23:51:17 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=BA=86=E4=BF=AE=E6=94=B9?=
 =?UTF-8?q?=E5=AF=86=E7=A0=81=E9=83=A8=E5=88=86=E7=9A=84=E9=97=AE=E9=A2=98?=
 =?UTF-8?q?=E4=BB=A5=E5=8F=8A=E4=B8=8B=E8=BD=BD=E5=9B=BE=E7=89=87=E6=97=B6?=
 =?UTF-8?q?=E4=BC=9A=E9=81=87=E5=88=B0=E7=9A=84=E5=85=A5=E4=BE=B5=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../yeqifu/sys/controller/FileController.java |  9 +++--
 .../yeqifu/sys/controller/UserController.java | 34 +++++++++++--------
 2 files changed, 26 insertions(+), 17 deletions(-)

diff --git a/src/main/java/com/yeqifu/sys/controller/FileController.java b/src/main/java/com/yeqifu/sys/controller/FileController.java
index 4fe9f87..9872022 100644
--- a/src/main/java/com/yeqifu/sys/controller/FileController.java
+++ b/src/main/java/com/yeqifu/sys/controller/FileController.java
@@ -58,8 +58,13 @@ public class FileController {
      * 图片下载
      */
     @RequestMapping("showImageByPath")
-    public ResponseEntity<Object> showImageByPath(String path){
-        return AppFileUtils.createResponseEntity(path);
+    public ResponseEntity<byte[]> showImageByPath(String path) {
+        // 规范路径，防止路径穿越
+        Path normalizedPath = Paths.get(AppFileUtils.UPLOAD_PATH, path).normalize();
+        if (!normalizedPath.startsWith(AppFileUtils.UPLOAD_PATH)) {
+            // 如果路径越界，则返回错误响应
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+        }
     }
 
 }
diff --git a/src/main/java/com/yeqifu/sys/controller/UserController.java b/src/main/java/com/yeqifu/sys/controller/UserController.java
index 513fd06..ff60118 100644
--- a/src/main/java/com/yeqifu/sys/controller/UserController.java
+++ b/src/main/java/com/yeqifu/sys/controller/UserController.java
@@ -223,23 +223,27 @@ public class UserController {
      * @param id
      * @return
      */
-    @RequestMapping("resetPwd/{id}")
-    public ResultObj resetPwd(@PathVariable("id") Integer id){
-        try {
-            User user = new User();
-            user.setId(id);
-            //设置盐  32位(大写英文字母(A-Z)加数字(0-9))
-            String salt = IdUtil.simpleUUID().toUpperCase();
-            user.setSalt(salt);
-            //设置密码
-            user.setPwd(new Md5Hash(Constast.USER_DEFAULT_PWD,salt,2).toString());
-            userService.updateById(user);
-            return ResultObj.RESET_SUCCESS;
-        } catch (Exception e) {
-            e.printStackTrace();
-            return ResultObj.RESET_ERROR;
+    @PreAuthorize("hasRole('ADMIN')") // Ensure only admin users can access this method
+    @PostMapping("/resetPwd/{id}")
+    public DataGridView resetPwd(@PathVariable Long id, Authentication authentication) {
+        User currentUser = userService.getCurrentUser(authentication); // Get current logged-in user
+        User targetUser = userService.getById(id); // Find the target user by ID
+
+        // Ensure that the user trying to reset is an admin
+        if (!currentUser.isAdmin()) {
+            return new DataGridView("403", "权限不足，无法重置其他用户密码");
         }
+
+        // Reset password logic
+        Md5Hash newPassword = new Md5Hash("defaultPassword", targetUser.getSalt(), 2);
+        targetUser.setPassword(newPassword.toHex());
+
+        // Save the updated user
+        userService.updateById(targetUser);
+
+        return new DataGridView("200", "用户密码重置成功");
     }
+}
 
     /**
      * 根据用户id查询角色并选中已拥有的角色