拦截器加白名单

e6517937 · 伍思炜 · 556ce5c3 · e6517937 · e6517937 · e6517937
Commit e6517937 authored Mar 16, 2022 by 伍思炜
6 changed files
--- a/common/src/main/resources/com/winsun/mapper/mapping/SysUserMapper.xml
+++ b/common/src/main/resources/com/winsun/mapper/mapping/SysUserMapper.xml
@@ -31,7 +31,7 @@
            LEFT JOIN sys_menu sm ON sr.menuid = sm.id
        WHERE
            sr.roleid in
-            <foreach collection="roleIds" item="role" open="(" close=")">
+            <foreach collection="roleIds" item="role" separator="," open="(" close=")">
                #{role}
            </foreach>
    </select>

--- a/core-service/src/main/java/com/winsun/item/modular/config/LoginApplicaionConfig.java
+++ b/core-service/src/main/java/com/winsun/item/modular/config/LoginApplicaionConfig.java
@@ -41,7 +41,33 @@ public class LoginApplicaionConfig extends WebMvcConfigurationSupport {
        registry.addInterceptor(changePwdInterceptor).addPathPatterns("/mgr/changeOtherPwd");
        List<String> s = new ArrayList<>();
        s.add("/login");
+        s.add("/sys/logout");
+        s.add("/logout");
+        s.add("/GetPermissionList");
+        s.add("/menu/getMenus");
        s.add("/getPhoneCode");
+        s.add("/getPhoneCodeY");
+        s.add("/cloud/**");
+        s.add("/appInfo/**");
+        s.add("mgr/queryUserInuse");
+        s.add("mgr/getUserListByRoleIdAndDeptId");
+        s.add("mgr/userByUerId");
+        s.add("mgr/releaseUser");
+        s.add("/dept/selectDeptList");
+        s.add("/dept/selectDept");
+        s.add("/role/roleLable");
+        s.add("/area/selectTaskAreaRel");
+        s.add("/forgerpw/verificationCode");
+        s.add("/forgerpw/changePwd");
+        s.add("/forgerpw/bindingAccount");
+        s.add("/forgerpw/defaultLogin");
+        s.add("/forgerpw/weixinLogin");
+        s.add("/forgerpw/weixinUnbundling");
+        s.add("/forgerpw/selectAddress");
+        s.add("/forgerpw/selectSchool");
+        s.add("/forgerpw/openHall");
+        s.add("/forgerpw/registeredAccount");
+        s.add("/Personal/**");
        registry.addInterceptor(authIntercept).excludePathPatterns(s);
        super.addInterceptors(registry);
    }

--- a/service-manager/src/main/java/com/winsun/controller/NewUserController.java
+++ b/service-manager/src/main/java/com/winsun/controller/NewUserController.java
@@ -13,6 +13,7 @@ import com.winsun.mapper.HhrUserMapper;
 import com.winsun.mapper.SchoolMapper;
 import com.winsun.mapper.SysUserMapper;
 import com.winsun.mapper.UserSchoolMapper;
+import com.winsun.utils.DesensitizationUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -50,11 +51,12 @@ public class NewUserController extends BaseController {
    /**
     * 新用户审核删除
+     *
     * @param id 需要删除的id
     * @return
     */
    @Permission(menuname = "删除正则信息", value = "delete", method = RequestMethod.POST)
-    public ResponseData<String> deleteProduct(@RequestParam(name="id", required = false) String id,@RequestParam(name="isdel", required = false) String isdel) {
+    public ResponseData<String> deleteProduct(@RequestParam(name = "id", required = false) String id, @RequestParam(name = "isdel", required = false) String isdel) {
        ShiroUser user = getShiroUser();
        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员"))) {
            return ResponseData.error("无数据权限");
@@ -64,7 +66,7 @@ public class NewUserController extends BaseController {
        //Map<String, Object> dataMapping = new HashMap<>();
        //dataMapping.put("is_del", isdel);
        //lzKpiMapper.updateForSet(MyBatisPlusUpdateUtils.toUpdateSet(dataMapping), wrapper);
-        if(StringUtils.isNotBlank(id)){
+        if (StringUtils.isNotBlank(id)) {
            /*lzWageMpapper.deleteById(id);*/
            return ResponseData.success("操作成功！");
        }
@@ -73,12 +75,13 @@ public class NewUserController extends BaseController {
    /**
     * 修改新用户审核状态
+     *
     * @param ids
     * @param status
     * @return
     */
    @Permission(menuname = "修改新用户审核信息", value = "update", method = RequestMethod.POST)
-    public ResponseData<String> updateProduct(@RequestParam("ids") String ids,@RequestParam("status") String status) {
+    public ResponseData<String> updateProduct(@RequestParam("ids") String ids, @RequestParam("status") String status) {
        ShiroUser user = getShiroUser();
        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "县分管理员（订单）"))) {
            return ResponseData.error("无数据权限");
@@ -92,12 +95,11 @@ public class NewUserController extends BaseController {
        SysUser sysUser = new SysUser();
        sysUser.setStatus(status);
        wrapper.in("id", list);
-        sysUserMapper.update(sysUser,wrapper);
+        sysUserMapper.update(sysUser, wrapper);
        return ResponseData.success("修改成功！");
    }
    /**
-     *
     * @param account
     * @param name
     * @param status
@@ -109,7 +111,7 @@ public class NewUserController extends BaseController {
     * @return
     */
    @Permission(menuname = "查询新用户审核信息", value = "list", method = RequestMethod.POST)
-    public ResponseData<Page<Map<String,Object>>> listProduct(
+    public ResponseData<Page<Map<String, Object>>> listProduct(
            @RequestParam(name = "account", required = false) String account,
            @RequestParam(name = "name", required = false) String name,
            @RequestParam(name = "status", required = false) String status,
@@ -122,22 +124,22 @@ public class NewUserController extends BaseController {
        if (!user.getRoleNames().stream().anyMatch(roleName -> StringUtils.equalsAny(roleName, "超级管理员", "县分管理员（订单）"))) {
            return ResponseData.error("无数据权限");
        }
-        Page<Map<String,Object>> page = new Page<>(pageNo, pageSize);
+        Page<Map<String, Object>> page = new Page<>(pageNo, pageSize);
-        List<Map<String,Object>> list = new ArrayList<>();
+        List<Map<String, Object>> list = new ArrayList<>();
        Wrapper<SysUser> sysUserWrapper = new EntityWrapper<>();
-        sysUserWrapper.like(StringUtils.isNotBlank(account),"account",account, SqlLike.DEFAULT);
+        sysUserWrapper.like(StringUtils.isNotBlank(account), "account", account, SqlLike.DEFAULT);
-        sysUserWrapper.like(StringUtils.isNotBlank(name),"name",name, SqlLike.DEFAULT);
+        sysUserWrapper.like(StringUtils.isNotBlank(name), "name", name, SqlLike.DEFAULT);
-        sysUserWrapper.eq("status",'4');
+        sysUserWrapper.eq("status", '4');
-        if(StringUtils.isNotBlank(createtime)){
+        if (StringUtils.isNotBlank(createtime)) {
            String[] dates = createtime.split("\\,");
-            if(!createtime.equals(",")){
+            if (!createtime.equals(",")) {
-                sysUserWrapper.between("createtime",dates[0],dates[1]);
+                sysUserWrapper.between("createtime", dates[0], dates[1]);
            }
        }
        List<SysUser> sysUserList = sysUserMapper.selectList(sysUserWrapper);
-        if(sysUserList.size()==0){
+        if (sysUserList.size() == 0) {
            page.setRecords(new ArrayList<>());
            page.setTotal(0);
            return ResponseData.success(page);
@@ -147,10 +149,10 @@ public class NewUserController extends BaseController {
            userIds0.add(sysUser.getId());
        }
        Wrapper<UserSchool> userSchoolWrapper = new EntityWrapper<>();
-        userSchoolWrapper.in("user_id",userIds0);
+        userSchoolWrapper.in("user_id", userIds0);
        userSchoolWrapper.groupBy("user_id");
        List<UserSchool> userSchools = userSchoolMapper.selectList(userSchoolWrapper);
-        if(userSchools.size()==0){
+        if (userSchools.size() == 0) {
            page.setRecords(new ArrayList<>());
            page.setTotal(0);
            return ResponseData.success(page);
@@ -160,11 +162,11 @@ public class NewUserController extends BaseController {
            schoolIds.add(userSchool.getSchoolId());
        }
        Wrapper<School> schoolWrapper = new EntityWrapper<>();
-        schoolWrapper.in("id",schoolIds);
+        schoolWrapper.in("id", schoolIds);
-        schoolWrapper.eq(StringUtils.isNotBlank(substName),"sub_name",substName);
+        schoolWrapper.eq(StringUtils.isNotBlank(substName), "sub_name", substName);
-        schoolWrapper.eq(StringUtils.isNotBlank(salesSchool),"school_name",salesSchool);
+        schoolWrapper.eq(StringUtils.isNotBlank(salesSchool), "school_name", salesSchool);
        List<School> schoolList = schoolMapper.selectList(schoolWrapper);
-        if(schoolList.size()==0){
+        if (schoolList.size() == 0) {
            page.setRecords(new ArrayList<>());
            page.setTotal(0);
            return ResponseData.success(page);
@@ -176,16 +178,16 @@ public class NewUserController extends BaseController {
        }
        for (UserSchool us : userSchools) {
            for (Integer s : schoolIds0) {
-                if(us.getSchoolId().equals(s.toString())){
+                if (us.getSchoolId().equals(s.toString())) {
                    userIds.add(us.getUserId());
                }
            }
        }
        Wrapper<HhrUser> hhrUserWrapper = new EntityWrapper<>();
-        hhrUserWrapper.in("id",userIds);
+        hhrUserWrapper.in("id", userIds);
        List<HhrUser> hhrUserList = hhrUserMapper.selectList(hhrUserWrapper);
-        if(hhrUserList.size()==0){
+        if (hhrUserList.size() == 0) {
            page.setRecords(new ArrayList<>());
            page.setTotal(0);
            return ResponseData.success(page);
@@ -196,92 +198,105 @@ public class NewUserController extends BaseController {
        }*/
        for (String id : userIds) {
-            Map<String,Object> objectMap = new HashMap<>();
+            Map<String, Object> objectMap = new HashMap<>();
-            objectMap.put("id",id);
+            objectMap.put("id", id);
            for (UserSchool userSchool : userSchools) {
-                if(userSchool.getUserId().equals(id)){
+                if (userSchool.getUserId().equals(id)) {
                    Wrapper<School> wrapper = new EntityWrapper<>();
-                    wrapper.eq("id",userSchool.getSchoolId());
+                    wrapper.eq("id", userSchool.getSchoolId());
                    School school = schoolMapper.selectList(wrapper).get(0);
-                    objectMap.put("subName",school.getSubName());
+                    objectMap.put("subName", school.getSubName());
-                    objectMap.put("schoolName",school.getSchoolName());
+                    objectMap.put("schoolName", school.getSchoolName());
                    break;
                }
            }
            for (SysUser sysUser : sysUserList) {
-                if(sysUser.getId().equals(id)){
+                if (sysUser.getId().equals(id)) {
-                    objectMap.put("account",sysUser.getAccount());
+                    objectMap.put("account", sysUser.getAccount());
-                    objectMap.put("name",sysUser.getName());
+                    objectMap.put("name", sysUser.getName());
-                    objectMap.put("phone",sysUser.getPhone());
+                    objectMap.put("phone", sysUser.getPhone());
-                    objectMap.put("sex",sysUser.getSex());
+                    objectMap.put("sex", sysUser.getSex());
-                    objectMap.put("status",sysUser.getStatus());
+                    objectMap.put("status", sysUser.getStatus());
-                    objectMap.put("createtime",sysUser.getCreatetime());
+                    objectMap.put("createtime", sysUser.getCreatetime());
-                    objectMap.put("updateTime",sysUser.getUpdateTime());
+                    objectMap.put("updateTime", sysUser.getUpdateTime());
                    break;
                }
            }
            for (HhrUser hhrUser : hhrUserList) {
-                if(hhrUser.getId().equals(id)){
+                if (hhrUser.getId().equals(id)) {
-                    objectMap.put("idCard",hhrUser.getIdCard());
+                    objectMap.put("idCard", hhrUser.getIdCard());
-                    objectMap.put("grade",hhrUser.getGrade());
+                    objectMap.put("grade", hhrUser.getGrade());
-                    objectMap.put("idcardImgUrl",hhrUser.getIdcardImgUrl());
+                    objectMap.put("idcardImgUrl", hhrUser.getIdcardImgUrl());
-                    objectMap.put("studentImgUrl",hhrUser.getStudentImgUrl());
+                    objectMap.put("studentImgUrl", hhrUser.getStudentImgUrl());
-                    objectMap.put("position",hhrUser.getPosition());
+                    objectMap.put("position", hhrUser.getPosition());
                    break;
                }
            }
            list.add(objectMap);
        }
-        List<Map<String,Object>> dataList = new ArrayList<>();
+        List<Map<String, Object>> dataList = new ArrayList<>();
-        if(list.size() < pageSize) {
+        if (list.size() < pageSize) {
            dataList = list;
-        }else {
+        } else {
-            dataList = list.subList((pageNo-1)*pageSize, pageNo*pageSize);
+            dataList = list.subList((pageNo - 1) * pageSize, pageNo * pageSize);
+        }
+        for (Map<String, Object> map : dataList) {
+            if (map.get("account") != null && StringUtils.isNotBlank(map.get("account").toString())) {
+                map.put("account", DesensitizationUtil.desensitizedPhoneNumber(map.get("account").toString()));
+            }
+            if (map.get("idCard") != null && StringUtils.isNotBlank(map.get("idCard").toString())){
+                map.put("idCard", DesensitizationUtil.desensitizedIdNumber2(map.get("idCard").toString()));
+            }
+            if (map.get("phone") != null && StringUtils.isNotBlank(map.get("phone").toString())) {
+                map.put("phone", DesensitizationUtil.desensitizedPhoneNumber(map.get("phone").toString()));
+            }
        }
        page.setRecords(dataList);
        return ResponseData.success(page, "查询成功！");
    }
    /**
-     *
     * @return
     */
    @Permission(menuname = "初始用户信息", value = "initUsers", method = RequestMethod.POST)
-    public ResponseData<List<SysUser>> initUsers(){
+    public ResponseData<List<SysUser>> initUsers() {
        List<String> list = new ArrayList<>();
        list.add("241");
        list.add("242");
        Wrapper<SysUser> hhrUserWrapper = new EntityWrapper<>();
-        hhrUserWrapper.in("roleid",list);
+        hhrUserWrapper.in("roleid", list);
        List<SysUser> hhrUserList = sysUserMapper.selectList(hhrUserWrapper);
        return ResponseData.success(hhrUserList);
    }
    /**
     * 多个地方公用初始县分
+     *
     * @param substName
     * @return
     */
    @Permission(menuname = "初始县分", value = "initSubstName", method = RequestMethod.POST)
-    public ResponseData<List<School>> initSubstName(@RequestParam(name = "substName", required = false) String substName){
+    public ResponseData<List<School>> initSubstName(@RequestParam(name = "substName", required = false) String substName) {
        Wrapper<School> schoolWrapper = new EntityWrapper<>();
        schoolWrapper.setSqlSelect("sub_name subName,school_name schoolName");
        schoolWrapper.groupBy("sub_name");
-        schoolWrapper.orderBy("sub_name",false);
+        schoolWrapper.orderBy("sub_name", false);
        List<School> list = schoolMapper.selectList(schoolWrapper);
        return ResponseData.success(list);
    }
    /**
     * 多个地方公用初始学校
+     *
     * @param substName
     * @return
     */
    @Permission(menuname = "初始学校", value = "getSchoolNames", method = RequestMethod.POST)
-    public ResponseData<List<School>> getSchoolNames(@RequestParam(name = "substName", required = false) String substName){
+    public ResponseData<List<School>> getSchoolNames(@RequestParam(name = "substName", required = false) String substName) {
        Wrapper<School> schoolWrapper = new EntityWrapper<>();
-        schoolWrapper.eq(StringUtils.isNotBlank(substName),"sub_name",substName);
+        schoolWrapper.eq(StringUtils.isNotBlank(substName), "sub_name", substName);
        schoolWrapper.groupBy("school_name");
        List<School> list = schoolMapper.selectList(schoolWrapper);
        return ResponseData.success(list);

--- a/service-manager/src/main/java/com/winsun/controller/PartnerController.java
+++ b/service-manager/src/main/java/com/winsun/controller/PartnerController.java
@@ -48,8 +48,8 @@ public class PartnerController extends BaseController {
    private DataAuthUtil dataAuthUtil;
    @Autowired
-	public PartnerController(PartnerMapper partnerMapper,SysUserMapper sysUserMapper,
+    public PartnerController(PartnerMapper partnerMapper, SysUserMapper sysUserMapper,
-							 HhrUserMapper hhrUserMapper,SchoolMapper schoolMapper,
+                             HhrUserMapper hhrUserMapper, SchoolMapper schoolMapper,
                             HhrSupervisorSchoolMapper hhrSupervisorSchoolMapper) {
        PartnerController.partnerMapper = partnerMapper;
        PartnerController.sysUserMapper = sysUserMapper;
@@ -66,47 +66,47 @@ public class PartnerController extends BaseController {
                                              @RequestParam("schoolId") String schoolId, @RequestParam("roleId") String roleId,
                                              @RequestParam("ysm") String ysm, @RequestParam("schools") Integer[] schools,
                                              @RequestParam("subNames") String[] subNames, @RequestParam("subName") String subName,
-												@RequestParam(name = "position",required = false) String position,
+                                              @RequestParam(name = "position", required = false) String position,
                                              @RequestParam(name = "parentId", required = false) String parentId,
                                              @RequestParam(name = "parentIds", required = false) String parentIds) {
-		try{
+        try {
            SysUser user = sysUserMapper.selectById(id);
            password = StringUtils.isNotBlank(password) ? MD5Utils.md5(password, user.getSalt()) : user.getPassword();
            parentId = null == parentId ? "" : parentId.replaceAll("null", "");
            parentIds = null == parentIds ? "" : parentIds.replaceAll("null", "");
-			if (StringUtils.isBlank(ysm)||"null".equals(ysm)) {
+            if (StringUtils.isBlank(ysm) || "null".equals(ysm)) {
                ysm = "1";
            }
            School school = schoolMapper.selectById(schoolId);
-			if (StringUtils.isEmpty(subName) || !subName.equals(school.getSubName())){
+            if (StringUtils.isEmpty(subName) || !subName.equals(school.getSubName())) {
                return ResponseData.error("修改失败");
            }
-			if (phone.contains("*")){
+            if (phone.contains("*")) {
                phone = "";
            }
-			if(account.contains("*")){
+            if (account.contains("*")) {
                account = "";
            }
-			if(idCard.contains("*")){
+            if (idCard.contains("*")) {
                idCard = "";
            }
-			int updateSysUse = partnerMapper.updateSysUser(phone, name, account, sex, password,roleId, id, subName);
+            int updateSysUse = partnerMapper.updateSysUser(phone, name, account, sex, password, roleId, id, subName);
-			int updateHhUser = partnerMapper.updateHhUser(ysm, grade, idCard,position,parentId,parentIds,id);
+            int updateHhUser = partnerMapper.updateHhUser(ysm, grade, idCard, position, parentId, parentIds, id);
            int updateSchoolRef = partnerMapper.updateSchoolRef(schoolId, id);
            // 获取县分下的学校
            if (subNames != null && subNames.length > 0) {
                Integer[] subNamesSchool = null;
                Wrapper<School> schoolWrapper = new EntityWrapper<>();
-				schoolWrapper.in(subNames != null && subNames.length > 0,"sub_name",subNames);
+                schoolWrapper.in(subNames != null && subNames.length > 0, "sub_name", subNames);
                schoolWrapper.groupBy("school_name");
                List<School> list = schoolMapper.selectList(schoolWrapper);
                if (list != null && list.size() != 0) {
                    subNamesSchool = new Integer[list.size()];
-				}else{
+                } else {
                    subNamesSchool = new Integer[0];
                }
-				for(int i = 0; i < list.size(); ++i) {
+                for (int i = 0; i < list.size(); ++i) {
                    subNamesSchool[i] = list.get(i).getId();
                }
                Integer[] temp = schools;
@@ -120,7 +120,7 @@ public class PartnerController extends BaseController {
            HhrSupervisorSchool hhrSupervisorSchool = null;
            // 更新当前院校配置
-			for(Integer sId : schools) {
+            for (Integer sId : schools) {
                hhrSupervisorSchool = new HhrSupervisorSchool();
                hhrSupervisorSchool.setUserId(Integer.parseInt(id));
                hhrSupervisorSchool.setSchool(sId + "");
@@ -129,7 +129,7 @@ public class PartnerController extends BaseController {
            if (updateSysUse == 1 && updateHhUser == 1 && updateSchoolRef == 1) {
                return ResponseData.success("修改完毕！");
            }
-		}catch (Exception e){
+        } catch (Exception e) {
            e.printStackTrace();
            return ResponseData.error("修改失败");
        }
@@ -142,7 +142,7 @@ public class PartnerController extends BaseController {
                                                               @RequestParam("school") String school,
                                                               @RequestParam("name") String name, @RequestParam("substName") String substName,
                                                               @RequestParam("account") String account, @RequestParam("roleid") String roleid,
-			@RequestParam("isActive") String isActive,@RequestParam("isUpload") String isUpload,
+                                                               @RequestParam("isActive") String isActive, @RequestParam("isUpload") String isUpload,
                                                               @RequestParam("status") String status,
                                                               @RequestParam(name = "pageNo", required = false) int pageIndex,
                                                               @RequestParam(name = "pageSize", required = false) int pageSize) {
@@ -150,11 +150,11 @@ public class PartnerController extends BaseController {
        ShiroUser user = getShiroUser();
        Wrapper<HhrUser> wrapperHhr = new EntityWrapper<HhrUser>();
-		wrapperHhr.eq(StringUtils.isNotBlank(id),"id",id);
+        wrapperHhr.eq(StringUtils.isNotBlank(id), "id", id);
        wrapperHhr.eq(StringUtils.isNotBlank(isActive), "is_active", isActive);
-		if(StringUtils.isNotBlank(isUpload) && "1".equals(isUpload)) {
+        if (StringUtils.isNotBlank(isUpload) && "1".equals(isUpload)) {
            wrapperHhr.isNotNull("idcard_img_url");
-		}else if(StringUtils.isNotBlank(isUpload) && "0".equals(isUpload)) {
+        } else if (StringUtils.isNotBlank(isUpload) && "0".equals(isUpload)) {
            wrapperHhr.isNull("idcard_img_url");
        }
@@ -167,7 +167,7 @@ public class PartnerController extends BaseController {
        List<HhrSupervisorSchool> hhrSupervisorSchools = hhrSupervisorSchoolMapper.selectList(wrapper);
        Wrapper<SysUser> wrapperSys = new EntityWrapper<SysUser>();
-		wrapperSys.eq(StringUtils.isNotBlank(id),"id",id);
+        wrapperSys.eq(StringUtils.isNotBlank(id), "id", id);
        wrapperSys.like(StringUtils.isNotBlank(name), "name", name, SqlLike.DEFAULT);
        wrapperSys.eq(StringUtils.isNotBlank(roleid), "roleid", roleid);
        wrapperSys.eq(StringUtils.isNotBlank(account), "account", account);
@@ -189,40 +189,40 @@ public class PartnerController extends BaseController {
 //			sysList.add(BeanMap.create(sysUser));
 //		}
-		for(int i=0; i<sysUserList.size(); i++) {
+        for (int i = 0; i < sysUserList.size(); i++) {
            SysUser sysUser = sysUserList.get(i);
            String sysUserId = sysUser.getId();
-			String schoolRefId = (String)refMap.get(sysUserId);
+            String schoolRefId = (String) refMap.get(sysUserId);
            Map<String, Object> dataMap = new HashMap<String, Object>();
            Integer fxsCount = 0;
            // 添加合伙人基础数据
-			for(HhrUser hhrUser : hhrUserList) {
+            for (HhrUser hhrUser : hhrUserList) {
                String hhrUserId = hhrUser.getId();
-				if(sysUserId.equals(hhrUserId)) {
+                if (sysUserId.equals(hhrUserId)) {
-					dataMap.put("grade",hhrUser.getGrade());
+                    dataMap.put("grade", hhrUser.getGrade());
-					dataMap.put("parentId",hhrUser.getParentId());
+                    dataMap.put("parentId", hhrUser.getParentId());
-					dataMap.put("position",hhrUser.getPosition());
+                    dataMap.put("position", hhrUser.getPosition());
-					dataMap.put("idCard",hhrUser.getIdCard());
+                    dataMap.put("idCard", hhrUser.getIdCard());
-					dataMap.put("ysm",hhrUser.getYsm());
+                    dataMap.put("ysm", hhrUser.getYsm());
-					dataMap.put("isActive",hhrUser.getIsActive());
+                    dataMap.put("isActive", hhrUser.getIsActive());
-					dataMap.put("idCardImgUrl",hhrUser.getIdcardImgUrl());
+                    dataMap.put("idCardImgUrl", hhrUser.getIdcardImgUrl());
-					dataMap.put("studentImgUrl",hhrUser.getStudentImgUrl());
+                    dataMap.put("studentImgUrl", hhrUser.getStudentImgUrl());
-					if(StringUtils.isNotBlank(hhrUser.getFxs())){
+                    if (StringUtils.isNotBlank(hhrUser.getFxs())) {
-						dataMap.put("fxs",hhrUser.getFxs());
+                        dataMap.put("fxs", hhrUser.getFxs());
-						fxsCount = hhrUser.getFxs().length() == 0?0:hhrUser.getFxs().split(",").length;
+                        fxsCount = hhrUser.getFxs().length() == 0 ? 0 : hhrUser.getFxs().split(",").length;
-						dataMap.put("fxsCount",fxsCount);
+                        dataMap.put("fxsCount", fxsCount);
-					}else {
+                    } else {
-						dataMap.put("fxs","");
+                        dataMap.put("fxs", "");
-						dataMap.put("fxsCount",fxsCount);
+                        dataMap.put("fxsCount", fxsCount);
-					}
+                    }
-					dataMap.put("hasHhr","0");
+                    dataMap.put("hasHhr", "0");
                    break;
                }
            }
            // 添加院校配置数据
-			for(HhrSupervisorSchool hhrSupervisorSchool : hhrSupervisorSchools) {
+            for (HhrSupervisorSchool hhrSupervisorSchool : hhrSupervisorSchools) {
                if (sysUserId.equals(hhrSupervisorSchool.getUserId() + "")) {
                    dataMap.put("schools", hhrSupervisorSchool.getSchool());
                    break;
@@ -230,12 +230,12 @@ public class PartnerController extends BaseController {
            }
            // 添加用户所属学校数据
-			for(School schoolEntity : schoolList) {
+            for (School schoolEntity : schoolList) {
                String schoolId = Integer.toString(schoolEntity.getId());
-				if(null != schoolRefId && schoolRefId.equals(schoolId)) {
+                if (null != schoolRefId && schoolRefId.equals(schoolId)) {
-					dataMap.put("substName",schoolEntity.getSubName());
+                    dataMap.put("substName", schoolEntity.getSubName());
-					dataMap.put("school",schoolEntity.getSchoolName());
+                    dataMap.put("school", schoolEntity.getSchoolName());
-					dataMap.put("schoolId",schoolEntity.getId());
+                    dataMap.put("schoolId", schoolEntity.getId());
                    dataMap.put("id", sysUserId);
                    break;
                }
@@ -243,7 +243,7 @@ public class PartnerController extends BaseController {
            // 需要两个数据表都匹配到，才添加  添加系统用户数据
-			if(null != dataMap.get("id") && null != dataMap.get("hasHhr")) {
+            if (null != dataMap.get("id") && null != dataMap.get("hasHhr")) {
                dataMap.put("name", sysUser.getName());
                dataMap.put("account", sysUser.getAccount());
                dataMap.put("phone", sysUser.getPhone());
@@ -256,20 +256,20 @@ public class PartnerController extends BaseController {
        }
        // 数据权限控制
        newList = dataAuthUtil.authDeal(newList, user);
-		List<Map<String, Object>> dataList = new ArrayList<Map<String,Object>>();
+        List<Map<String, Object>> dataList = new ArrayList<Map<String, Object>>();
-		if(newList.size() < pageIndex*pageSize) {
+        if (newList.size() < pageIndex * pageSize) {
-			dataList = newList.subList((pageIndex-1)*pageSize, newList.size());
+            dataList = newList.subList((pageIndex - 1) * pageSize, newList.size());
-		}else {
+        } else {
-			dataList = newList.subList((pageIndex-1)*pageSize, pageIndex*pageSize);
+            dataList = newList.subList((pageIndex - 1) * pageSize, pageIndex * pageSize);
        }
        for (Map<String, Object> map : dataList) {
-			if (StringUtils.isNotBlank(map.get("phone").toString())){
+            if (map.get("phone") != null && StringUtils.isNotBlank(map.get("phone").toString())) {
                map.put("phone", DesensitizationUtil.desensitizedPhoneNumber(map.get("phone").toString()));
            }
-			if (StringUtils.isNotBlank(map.get("account").toString())){
+            if (map.get("account") != null && StringUtils.isNotBlank(map.get("account").toString())) {
                map.put("account", DesensitizationUtil.desensitizedPhoneNumber(map.get("account").toString()));
            }
-			if (StringUtils.isNotBlank(map.get("idCard").toString())){
+            if (map.get("idCard") != null && StringUtils.isNotBlank(map.get("idCard").toString())) {
                map.put("idCard", DesensitizationUtil.desensitizedIdNumber(map.get("idCard").toString()));
            }
        }
@@ -282,26 +282,26 @@ public class PartnerController extends BaseController {
    public ResponseData<String> addPartner(@RequestParam("account") String account, @RequestParam("name") String name,
                                           @RequestParam("idCard") String idCard, @RequestParam("sex") String sex, @RequestParam("grade") String grade,
                                           @RequestParam("password") String password, @RequestParam("schoolId") String schoolId,
-			@RequestParam("roleId") String roleId,@RequestParam("phone") String phone,
+                                           @RequestParam("roleId") String roleId, @RequestParam("phone") String phone,
-			@RequestParam(name = "position",required = false) String position,
+                                           @RequestParam(name = "position", required = false) String position,
                                           @RequestParam(name = "parentId", required = false) String parentId,
-			@RequestParam(name = "parentIds", required = false) String parentIds){
+                                           @RequestParam(name = "parentIds", required = false) String parentIds) {
        Wrapper<SysUser> userWrapper = new EntityWrapper<SysUser>();
        userWrapper.eq("account", account);
        userWrapper.ne("status", "3");
        List<SysUser> accountList = sysUserMapper.selectList(userWrapper);
-		if(accountList.size() > 0) {
+        if (accountList.size() > 0) {
            return ResponseData.error("账号已存在");
        }
        Wrapper<HhrUser> hhrWrapper = new EntityWrapper<HhrUser>();
        hhrWrapper.eq("id_card", idCard);
        List<HhrUser> hhrList = hhrUserMapper.selectList(hhrWrapper);
-		if(hhrList.size() > 0) {
+        if (hhrList.size() > 0) {
-			for(HhrUser hhrUser : hhrList) {
+            for (HhrUser hhrUser : hhrList) {
                SysUser sysUser = sysUserMapper.selectById(hhrUser.getId());
-				if(!sysUser.getStatus().equals("3")) {
+                if (!sysUser.getStatus().equals("3")) {
                    // 判断剔除已删除的用户
                    return ResponseData.error("身份证已存在");
                }
@@ -309,7 +309,6 @@ public class PartnerController extends BaseController {
        }
        // String salt = Integer.toString((int)(Math.random()*100000));
        String salt = MD5Utils.getRandomString(5);
        password = MD5Utils.md5(password, salt);
@@ -331,7 +330,7 @@ public class PartnerController extends BaseController {
 //				new Date(), new Date());
        if (num > 0) {
-			List<Map<String,Object>> userList = partnerMapper.selectSysUser(account);
+            List<Map<String, Object>> userList = partnerMapper.selectSysUser(account);
            Map<String, Object> userMap = userList.get(0);
            String userId = userMap.get("id").toString();
            HhrUser hhrUser = new HhrUser();
@@ -358,10 +357,10 @@ public class PartnerController extends BaseController {
    @Permission(menuname = "更新分销商信息", value = "pushFxyList", method = RequestMethod.POST)
-	public ResponseData pushFxyList(@RequestParam("id") String id,@RequestParam("fxy") String fxy) {
+    public ResponseData pushFxyList(@RequestParam("id") String id, @RequestParam("fxy") String fxy) {
        Wrapper<HhrUser> wrapper = new EntityWrapper<>();
-		wrapper.eq("id",id);
+        wrapper.eq("id", id);
-		if("".equals(id)){
+        if ("".equals(id)) {
            return ResponseData.error("参数出错");
        }
        HhrUser hhrUser = new HhrUser();
@@ -369,12 +368,13 @@ public class PartnerController extends BaseController {
        hhrUser.setFxs(fxy);
        try {
            hhrUserMapper.updateById(hhrUser);
-		}catch (Exception e){
+        } catch (Exception e) {
            e.printStackTrace();
            return ResponseData.error("参数出错");
        }
        return ResponseData.success("更新完毕！");
    }
    @Permission(menuname = "获取学子公司职位下级成员", value = "getXzUserList", method = RequestMethod.POST)
    public ResponseData<List<HhrUser>> getXzUserList(@RequestParam("position") String position) {
        ShiroUser user = getShiroUser();
@@ -392,9 +392,9 @@ public class PartnerController extends BaseController {
        wrapperSys.setSqlSelect("id,name ");
        List<SysUser> sysList = sysUserMapper.selectList(wrapperSys);
-		for(HhrUser hhrUser : list) {
+        for (HhrUser hhrUser : list) {
-			for(SysUser sysUser :sysList) {
+            for (SysUser sysUser : sysList) {
-				if(hhrUser.getId().equals(sysUser.getId())) {
+                if (hhrUser.getId().equals(sysUser.getId())) {
                    hhrUser.setName(sysUser.getName());
                    break;
                }
@@ -418,7 +418,7 @@ public class PartnerController extends BaseController {
                               @RequestParam("school") String school,
                               @RequestParam("name") String name, @RequestParam("substName") String substName,
                               @RequestParam("account") String account, @RequestParam("roleid") String roleid,
-			@RequestParam("isActive") String isActive,@RequestParam("isUpload") String isUpload,
+                               @RequestParam("isActive") String isActive, @RequestParam("isUpload") String isUpload,
                               @RequestParam("status") String status) {
        ShiroUser user = getShiroUser();
@@ -427,9 +427,9 @@ public class PartnerController extends BaseController {
                + " (case when is_active = 1 then '活跃' when is_active = 0 then '不活跃' else '' end) isActive  ");
        wrapperHhr.eq(StringUtils.isNotBlank(id), "id", id);
        wrapperHhr.eq(StringUtils.isNotBlank(isActive), "is_active", isActive);
-		if(StringUtils.isNotBlank(isUpload) && "1".equals(isUpload)) {
+        if (StringUtils.isNotBlank(isUpload) && "1".equals(isUpload)) {
            wrapperHhr.isNotNull("idcard_img_url");
-		}else if(StringUtils.isNotBlank(isUpload) && "0".equals(isUpload)) {
+        } else if (StringUtils.isNotBlank(isUpload) && "0".equals(isUpload)) {
            wrapperHhr.isNull("idcard_img_url");
        }
@@ -460,42 +460,42 @@ public class PartnerController extends BaseController {
 //			sysList.add(BeanMap.create(sysUser));
 //		}
-		for(int i=0; i<sysUserList.size(); i++) {
+        for (int i = 0; i < sysUserList.size(); i++) {
            SysUser sysUser = sysUserList.get(i);
            String sysUserId = sysUser.getId();
-			String schoolRefId = (String)refMap.get(sysUserId);
+            String schoolRefId = (String) refMap.get(sysUserId);
            Map<String, Object> dataMap = new HashMap<String, Object>();
-			for(Map<String, Object> hhrMap : hhrUserList) {
+            for (Map<String, Object> hhrMap : hhrUserList) {
                String hhrUserId = hhrMap.get("id").toString();
-				if(sysUserId.equals(hhrUserId)) {
+                if (sysUserId.equals(hhrUserId)) {
                    dataMap.put("grade", hhrMap.get("grade"));
                    dataMap.put("parentId", hhrMap.get("parentId"));
                    dataMap.put("position", hhrMap.get("position"));
                    dataMap.put("idCard", hhrMap.get("idCard"));
                    dataMap.put("ysm", hhrMap.get("ysm"));
-					dataMap.put("isActive",hhrMap.get("isActive"));
+                    dataMap.put("isActive", hhrMap.get("isActive"));
                    dataMap.put("idCardImgUrl", hhrMap.get("idCardImgUrl"));
                    dataMap.put("studentImgUrl", hhrMap.get("studentImgUrl"));
-					dataMap.put("hasHhr","0");
+                    dataMap.put("hasHhr", "0");
                    break;
                }
            }
-			for(School schoolEntity : schoolList) {
+            for (School schoolEntity : schoolList) {
                String schoolId = Integer.toString(schoolEntity.getId());
-				if(null != schoolRefId && schoolRefId.equals(schoolId)) {
+                if (null != schoolRefId && schoolRefId.equals(schoolId)) {
-					dataMap.put("substName",schoolEntity.getSubName());
+                    dataMap.put("substName", schoolEntity.getSubName());
-					dataMap.put("school",schoolEntity.getSchoolName());
+                    dataMap.put("school", schoolEntity.getSchoolName());
-					dataMap.put("schoolId",schoolEntity.getId());
+                    dataMap.put("schoolId", schoolEntity.getId());
                    dataMap.put("id", sysUserId);
                    break;
                }
            }
            // 需要两个数据表都匹配到，才添加
-			if(null != dataMap.get("id") && null != dataMap.get("hasHhr")) {
+            if (null != dataMap.get("id") && null != dataMap.get("hasHhr")) {
                dataMap.put("name", sysUser.getName());
                dataMap.put("account", sysUser.getAccount());
                dataMap.put("phone", sysUser.getPhone());
@@ -536,7 +536,7 @@ public class PartnerController extends BaseController {
        sysUser.setStatus("3");
        int num = sysUserMapper.updateById(sysUser);
-		if(num > 0) {
+        if (num > 0) {
            return ResponseData.success("删除成功");
        }

--- a/service-manager/src/main/java/com/winsun/controller/school/SchoolAllocationController.java
+++ b/service-manager/src/main/java/com/winsun/controller/school/SchoolAllocationController.java
@@ -45,7 +45,7 @@ public class SchoolAllocationController extends BaseController {
            @RequestParam("account") String account,
            @RequestParam("schoolId") String schoolId) {
-        if(StringUtils.isBlank(account) || "undefined".equals(account)){
+        if (StringUtils.isBlank(account) || "undefined".equals(account)) {
            return ResponseData.error("账号不能为空！！!");
        }
        List<String> list = Arrays.asList(account.split(","));
@@ -54,7 +54,7 @@ public class SchoolAllocationController extends BaseController {
            wrapperUser.eq("account", acc);
            //wrapperUser.eq(column, params);
            List<SysUser> userList = sysUserMapper.selectList(wrapperUser);
-            if (userList.size() > 0){
+            if (userList.size() > 0) {
                schoolMapper.addSupervisorSchool(userList.get(0).getId(), schoolId);
                return ResponseData.success("添加成功！");
            }
@@ -67,7 +67,7 @@ public class SchoolAllocationController extends BaseController {
        int num = schoolMapper.deleteSupervisorSchool(id);
-        if (num == 1){
+        if (num == 1) {
            return ResponseData.success("删除成功！");
        }
        return ResponseData.error("删除失败");
@@ -75,7 +75,6 @@ public class SchoolAllocationController extends BaseController {
    }
    /**
-     *
     * @param account
     * @param name
     * @param substName
@@ -85,22 +84,22 @@ public class SchoolAllocationController extends BaseController {
     * @return
     */
    @Permission(menuname = "查询学校分配", value = "findByList", method = RequestMethod.POST)
-    public ResponseData<Page<Map<String,Object>>> listSchool(
+    public ResponseData<Page<Map<String, Object>>> listSchool(
            @RequestParam("account") String account, @RequestParam("name") String name,
            @RequestParam("substName") String substName, @RequestParam("schoolName") String schoolName,
            @RequestParam(name = "pageNo", required = false) int pageIndex,
            @RequestParam(name = "pageSize", required = false) int pageSize) {
-        List<Map<String, Object>> dataList = sysUserMapper.schoolAllocationList(account,name,substName,schoolName);
+        List<Map<String, Object>> dataList = sysUserMapper.schoolAllocationList(account, name, substName, schoolName);
        Page<Map<String, Object>> page = new Page<>(pageIndex, pageSize);
-        List<Map<String, Object>> newList = new ArrayList<Map<String,Object>>();
+        List<Map<String, Object>> newList = new ArrayList<Map<String, Object>>();
-        if(pageIndex*pageSize > dataList.size()) {
+        if (pageIndex * pageSize > dataList.size()) {
-        	newList = dataList.subList((pageIndex-1)*pageSize, dataList.size());
+            newList = dataList.subList((pageIndex - 1) * pageSize, dataList.size());
-        }else {
+        } else {
-        	newList = dataList.subList((pageIndex-1)*pageSize, pageIndex*pageSize);
+            newList = dataList.subList((pageIndex - 1) * pageSize, pageIndex * pageSize);
        }
        for (Map<String, Object> map : newList) {
-            if (StringUtils.isNotBlank(map.get("account").toString())){
+            if (map.get("account") != null && StringUtils.isNotBlank(map.get("account").toString())) {
                map.put("account", DesensitizationUtil.desensitizedPhoneNumber(map.get("account").toString()));
            }
        }
@@ -110,5 +109,4 @@ public class SchoolAllocationController extends BaseController {
    }
 }
--- a/service-manager/src/main/java/com/winsun/intercept/AuthConfigurationSupport.java
+++ b/service-manager/src/main/java/com/winsun/intercept/AuthConfigurationSupport.java
@@ -25,7 +25,13 @@ public class AuthConfigurationSupport extends WebMvcConfigurationSupport {
        log.info("配置拦截中");
        List<String> s = new ArrayList<>();
        s.add("/login");
+        s.add("/logout");
        s.add("/getPhoneCode");
+        s.add("/hhrUser/getOrderList");
+        s.add("/hhrUser/getSallesList");
+        s.add("/PersonalCenter/**");
        registry.addInterceptor(authIntercept).excludePathPatterns(s);
        super.addInterceptors(registry);
    }