Yangwl
/
IntelligentTireSystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

管理员用户&角色不允许操作

Browse Source
master
sxile 6 years ago
parent b1fcf4723a
commit dbae5c6438
10 changed files with 82 additions and 16 deletions
Show Stats Download Patch File Download Diff File

3
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
Unescape Escape View File

@ -121,6 +121,7 @@ public class SysRoleController extends BaseController
@ResponseBody @ResponseBody
public AjaxResult editSave(@Validated SysRole role) public AjaxResult editSave(@Validated SysRole role)
{ {
roleService.checkRoleAllowed(role);
if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
{ {
return error("修改角色'" + role.getRoleName() + "'失败,角色名称已存在"); return error("修改角色'" + role.getRoleName() + "'失败,角色名称已存在");
@ -153,6 +154,7 @@ public class SysRoleController extends BaseController
@ResponseBody @ResponseBody
public AjaxResult authDataScopeSave(SysRole role) public AjaxResult authDataScopeSave(SysRole role)
{ {
roleService.checkRoleAllowed(role);
role.setUpdateBy(ShiroUtils.getLoginName()); role.setUpdateBy(ShiroUtils.getLoginName());
if (roleService.authDataScope(role) > 0) if (roleService.authDataScope(role) > 0)
{ {
@ -216,6 +218,7 @@ public class SysRoleController extends BaseController
@ResponseBody @ResponseBody
public AjaxResult changeStatus(SysRole role) public AjaxResult changeStatus(SysRole role)
{ {
roleService.checkRoleAllowed(role);
return toAjax(roleService.changeStatus(role)); return toAjax(roleService.changeStatus(role));
} }

9
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
Unescape Escape View File

@ -159,11 +159,8 @@ public class SysUserController extends BaseController
@ResponseBody @ResponseBody
public AjaxResult editSave(@Validated SysUser user) public AjaxResult editSave(@Validated SysUser user)
{ {
if (StringUtils.isNotNull(user.getUserId()) && SysUser.isAdmin(user.getUserId())) userService.checkUserAllowed(user);
{ if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
return error("不允许修改超级管理员用户");
}
else if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{ {
return error("修改用户'" + user.getLoginName() + "'失败,手机号码已存在"); return error("修改用户'" + user.getLoginName() + "'失败,手机号码已存在");
} }
@ -190,6 +187,7 @@ public class SysUserController extends BaseController
@ResponseBody @ResponseBody
public AjaxResult resetPwdSave(SysUser user) public AjaxResult resetPwdSave(SysUser user)
{ {
userService.checkUserAllowed(user);
user.setSalt(ShiroUtils.randomSalt()); user.setSalt(ShiroUtils.randomSalt());
user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt())); user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt()));
if (userService.resetUserPwd(user) > 0) if (userService.resetUserPwd(user) > 0)
@ -258,6 +256,7 @@ public class SysUserController extends BaseController
@ResponseBody @ResponseBody
public AjaxResult changeStatus(SysUser user) public AjaxResult changeStatus(SysUser user)
{ {
userService.checkUserAllowed(user);
return toAjax(userService.changeStatus(user)); return toAjax(userService.changeStatus(user));
} }
} }

1
ruoyi-framework/src/main/java/com/ruoyi/framework/config/MyBatisConfig.java
Unescape Escape View File

@ -5,7 +5,6 @@ import java.util.ArrayList;
import java.util.HashSet; import java.util.HashSet;
import java.util.List; import java.util.List;
import javax.sql.DataSource; import javax.sql.DataSource;
import org.apache.ibatis.io.VFS; import org.apache.ibatis.io.VFS;
import org.apache.ibatis.session.SqlSessionFactory; import org.apache.ibatis.session.SqlSessionFactory;
import org.mybatis.spring.SqlSessionFactoryBean; import org.mybatis.spring.SqlSessionFactoryBean;

1
ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java
Unescape Escape View File

@ -19,7 +19,6 @@ import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import com.ruoyi.common.exception.user.CaptchaException; import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.RoleBlockedException; import com.ruoyi.common.exception.user.RoleBlockedException;
import com.ruoyi.common.exception.user.UserBlockedException; import com.ruoyi.common.exception.user.UserBlockedException;

20
ruoyi-system/src/main/java/com/ruoyi/system/domain/SysRole.java
Unescape Escape View File

@ -52,6 +52,16 @@ public class SysRole extends BaseEntity
/** 部门组(数据权限) */ /** 部门组(数据权限) */
private Long[] deptIds; private Long[] deptIds;
public SysRole()
{
}
public SysRole(Long roleId)
{
this.roleId = roleId;
}
public Long getRoleId() public Long getRoleId()
{ {
return roleId; return roleId;
@ -62,6 +72,16 @@ public class SysRole extends BaseEntity
this.roleId = roleId; this.roleId = roleId;
} }
public boolean isAdmin()
{
return isAdmin(this.roleId);
}
public static boolean isAdmin(Long roleId)
{
return roleId != null && 1L == roleId;
}
public String getDataScope() public String getDataScope()
{ {
return dataScope; return dataScope;

10
ruoyi-system/src/main/java/com/ruoyi/system/domain/SysUser.java
Unescape Escape View File

@ -93,6 +93,16 @@ public class SysUser extends BaseEntity
/** 岗位组 */ /** 岗位组 */
private Long[] postIds; private Long[] postIds;
public SysUser()
{
}
public SysUser(Long userId)
{
this.userId = userId;
}
public Long getUserId() public Long getUserId()
{ {
return userId; return userId;

8
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java
Unescape Escape View File

@ -108,6 +108,13 @@ public interface ISysRoleService
*/ */
public String checkRoleKeyUnique(SysRole role); public String checkRoleKeyUnique(SysRole role);
/**
*
*
* @param role
*/
public void checkRoleAllowed(SysRole role);
/** /**
* ID使 * ID使
* *
@ -123,6 +130,7 @@ public interface ISysRoleService
* @return * @return
*/ */
public int changeStatus(SysRole role); public int changeStatus(SysRole role);
/** /**
* *
* *

8
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java
Unescape Escape View File

@ -139,12 +139,20 @@ public interface ISysUserService
*/ */
public String checkEmailUnique(SysUser user); public String checkEmailUnique(SysUser user);
/**
*
*
* @param user
*/
public void checkUserAllowed(SysUser user);
/** /**
* ID * ID
* *
* @param userId ID * @param userId ID
* @return * @return
*/ */
public String selectUserRoleGroup(Long userId); public String selectUserRoleGroup(Long userId);
/** /**

14
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
Unescape Escape View File

@ -150,6 +150,7 @@ public class SysRoleServiceImpl implements ISysRoleService
Long[] roleIds = Convert.toLongArray(ids); Long[] roleIds = Convert.toLongArray(ids);
for (Long roleId : roleIds) for (Long roleId : roleIds)
{ {
checkRoleAllowed(new SysRole(roleId));
SysRole role = selectRoleById(roleId); SysRole role = selectRoleById(roleId);
if (countUserRoleByRoleId(roleId) > 0) if (countUserRoleByRoleId(roleId) > 0)
{ {
@ -293,6 +294,19 @@ public class SysRoleServiceImpl implements ISysRoleService
return UserConstants.ROLE_KEY_UNIQUE; return UserConstants.ROLE_KEY_UNIQUE;
} }
/**
*
*
* @param role
*/
public void checkRoleAllowed(SysRole role)
{
if (StringUtils.isNotNull(role.getRoleId()) && role.isAdmin())
{
throw new BusinessException("不允许操作超级管理员角色");
}
}
/** /**
* ID使 * ID使
* *

22
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
Unescape Escape View File

@ -167,10 +167,7 @@ public class SysUserServiceImpl implements ISysUserService
Long[] userIds = Convert.toLongArray(ids); Long[] userIds = Convert.toLongArray(ids);
for (Long userId : userIds) for (Long userId : userIds)
{ {
if (SysUser.isAdmin(userId)) checkUserAllowed(new SysUser(userId));
{
throw new BusinessException("不允许删除超级管理员用户");
}
} }
return userMapper.deleteUserByIds(userIds); return userMapper.deleteUserByIds(userIds);
} }
@ -345,6 +342,19 @@ public class SysUserServiceImpl implements ISysUserService
return UserConstants.USER_EMAIL_UNIQUE; return UserConstants.USER_EMAIL_UNIQUE;
} }
/**
*
*
* @param user
*/
public void checkUserAllowed(SysUser user)
{
if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin())
{
throw new BusinessException("不允许操作超级管理员用户");
}
}
/** /**
* *
* *
@ -465,10 +475,6 @@ public class SysUserServiceImpl implements ISysUserService
@Override @Override
public int changeStatus(SysUser user) public int changeStatus(SysUser user)
{ {
if (SysUser.isAdmin(user.getUserId()))
{
throw new BusinessException("不允许修改超级管理员用户");
}
return userMapper.updateUser(user); return userMapper.updateUser(user);
} }
} }

Write Preview
Loading…
Cancel
Save