预制卡下单问题修复

6b557a6e · 罗承锋 · 0044d2cc · 6b557a6e · 6b557a6e · 6b557a6e
Commit 6b557a6e authored Feb 23, 2021 by 罗承锋
4 changed files
--- a/apply-net/src/main/java/com/winsun/controller/SyncController.java
+++ b/apply-net/src/main/java/com/winsun/controller/SyncController.java
@@ -3,8 +3,6 @@ package com.winsun.controller;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
 import com.baomidou.mybatisplus.mapper.Wrapper;
-import com.netflix.discovery.converters.Auto;
-import com.winsun.auth.core.common.model.ResponseData;
 import com.winsun.bean.*;
 import com.winsun.mapper.*;
 import com.winsun.utils.EThreeDES;
@@ -12,8 +10,12 @@ import com.winsun.utils.MD5Utils;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import javax.crypto.IllegalBlockSizeException;
 import java.io.IOException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
@@ -53,11 +55,14 @@ public class SyncController {
     * 无人厅订单同步
     * @return {"msg":"同步成功", "result":0}
     */
-    @PostMapping("/orderPush")
+    @PostMapping(value = "/orderPush", produces= "application/json")
-    public JSONObject UnmannedHallOrderSync(@RequestParam("param") String param) {
+    public JSONObject UnmannedHallOrderSync(@RequestBody String param) {
+        JSONObject jsonObject1 = JSONObject.parseObject(param);
        JSONObject resultJson = new JSONObject();
        try {
-            log.info("获取报文：" + param);
+            log.info("获取报文：" + jsonObject1.get("param"));
            // 查询key 密匙 （需要配置化，可随时修改）
            Wrapper<AppConfig> wrapper = new EntityWrapper<>();
            wrapper.eq("app_name", "随身厅");
@@ -80,7 +85,7 @@ public class SyncController {
            // 解密3DES
            byte[] bytes = null;
            try {
-                bytes = EThreeDES.deBase64(param);
+                bytes = EThreeDES.deBase64(jsonObject1.get("param").toString());
            } catch (IOException e) {
                log.info("订单同步解密失败：");
                e.printStackTrace();
@@ -88,7 +93,17 @@ public class SyncController {
                resultJson.put("msg", "数据解密失败");
                return resultJson;
            }
-            byte[] paramByte = EThreeDES.decryptMode(appConfig.getAppSecret().getBytes(), bytes);
+            byte[] paramByte = null;
+            try {
+                paramByte = EThreeDES.decryptMode(appConfig.getAppSecret().getBytes(), bytes);
+            }catch (IllegalBlockSizeException e) {
+                log.info("订单同步解密失败：");
+                e.printStackTrace();
+                resultJson.put("result", "1");
+                resultJson.put("msg", "Input length must be multiple of 8 when decrypting with padded cipher");
+                return resultJson;
+            }
            JSONObject paramJson = JSONObject.parseObject(new String(paramByte));
            log.info("3DES解密参数：" + paramJson.toJSONString());
@@ -141,7 +156,7 @@ public class SyncController {
            }
            // 查询合伙人信息
-            String username = jsonObject.getString("username");
+            String username = jsonObject.getString("userName");
            Wrapper<SysUser> sysUserWrapper = new EntityWrapper<>();
            sysUserWrapper.eq("account", username);
            List<SysUser> sysUsers = sysUserMapper.selectList(sysUserWrapper);
@@ -164,6 +179,12 @@ public class SyncController {
            Map<String, Object> school = maps.get(0);
+            if (!schools.get(0).getId().equals(school.get("id"))) {
+                resultJson.put("result", "1");
+                resultJson.put("msg", "合伙人学校与下单学校不匹配");
+                return resultJson;
+            }
            // 组装hhr_order
            Order order = new Order();
            String uuid = UUID.randomUUID().toString();
@@ -217,7 +238,7 @@ public class SyncController {
        }catch(Exception e) {
            log.info("订单同步失败：");
            resultJson.put("result", "1");
-            resultJson.put("msg", "未知异常");
+            resultJson.put("msg", e.toString());
            e.printStackTrace();
            return resultJson;
        } finally{

--- a/common/src/main/java/com/winsun/utils/EThreeDES.java
+++ b/common/src/main/java/com/winsun/utils/EThreeDES.java
@@ -43,7 +43,7 @@ public class EThreeDES {
    //src为加密后的缓冲区
    //3DES解密
-    public static byte[] decryptMode(byte[] keybyte, byte[] src) {
+    public static byte[] decryptMode(byte[] keybyte, byte[] src) throws Exception {
        try {
            //生成密钥
            SecretKey deskey = new SecretKeySpec(keybyte, Algorithm);
@@ -56,8 +56,6 @@ public class EThreeDES {
            e1.printStackTrace();
        } catch (javax.crypto.NoSuchPaddingException e2) {
            e2.printStackTrace();
-        } catch (Exception e3) {
-            e3.printStackTrace();
        }
        return null;
    }
@@ -160,8 +158,8 @@ public class EThreeDES {
        //解密
        String dBase64 = eBase64;
        byte[] dBy = EThreeDES.deBase64(dBase64);
-        byte[] srcBytes = EThreeDES.decryptMode(KEY.getBytes(), dBy);
+//        byte[] srcBytes = EThreeDES.decryptMode(KEY.getBytes(), dBy);
-        System.out.println("3DES解密后的字符串:" + new String(srcBytes,"utf-8"));
+//        System.out.println("3DES解密后的字符串:" + new String(srcBytes,"utf-8"));
    }

--- a/service-manager/src/main/java/com/winsun/controller/ImgController.java
+++ b/service-manager/src/main/java/com/winsun/controller/ImgController.java
 package com.winsun.controller;
+import com.winsun.auth.core.annotion.Permission;
 import com.winsun.constant.FilePath;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
@@ -20,7 +21,7 @@ import java.io.FileInputStream;
 public class ImgController {
    //menuname = "图片路径"  只支持jpeg 和 png
-    @RequestMapping( value = "/images/**",produces ={MediaType.IMAGE_JPEG_VALUE,MediaType.IMAGE_PNG_VALUE} )
+    @Permission(menuname = "图片查询", value =  "/images/**", produces ={MediaType.IMAGE_JPEG_VALUE,MediaType.IMAGE_PNG_VALUE})
    public byte[] getbackground(HttpServletRequest request) {
        byte[] bytes={};
        request.getServletPath();

--- a/service-manager/src/main/java/com/winsun/controller/OrderController.java
+++ b/service-manager/src/main/java/com/winsun/controller/OrderController.java
@@ -261,7 +261,7 @@ public class OrderController extends BaseController {
                            updateOrder.setMsg(msg);
                            try {
                                // 添加操作记录
-                                appMapper.inserOrderHis(order.getId(), "审核失败!", new Date(), "智能平台");
+                                appMapper.inserOrderHis(order.getId(), msg, new Date(), "智能平台");
                            } catch (Exception e) {
                                e.printStackTrace();
                            }