From 21215e15d0940757bdbd320eb3a75fe809e5a6e7 Mon Sep 17 00:00:00 2001 From: RuoYi Date: Thu, 3 Oct 2019 09:45:41 +0800 Subject: [PATCH] =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98=E7=94=A8=E6=88=B7&?= =?UTF-8?q?=E8=A7=92=E8=89=B2=E4=B8=8D=E5=85=81=E8=AE=B8=E6=93=8D=E4=BD=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 2 +- .../controller/system/SysRoleController.java | 3 +++ .../controller/system/SysUserController.java | 10 ++++----- .../ruoyi/framework/config/MyBatisConfig.java | 1 - .../framework/shiro/realm/UserRealm.java | 1 - .../java/com/ruoyi/system/domain/SysRole.java | 20 +++++++++++++++++ .../java/com/ruoyi/system/domain/SysUser.java | 10 +++++++++ .../ruoyi/system/service/ISysRoleService.java | 10 ++++++++- .../ruoyi/system/service/ISysUserService.java | 7 ++++++ .../service/impl/SysRoleServiceImpl.java | 14 ++++++++++++ .../service/impl/SysUserServiceImpl.java | 22 ++++++++++++------- 11 files changed, 82 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 2e28de74..c9ccb6e3 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ 10. 登录日志:系统登录日志记录查询包含登录异常。 11. 在线用户:当前系统中活跃用户状态监控。 12. 定时任务:在线(添加、修改、删除)任务调度包含执行结果日志。 -13. 代码生成:前后端代码的生成(java、html、xml、sql)支持CRUD下载 。 +13. 代码生成:前后端代码的生成(java、html、xml、sql)支持CRUD下载 。 14. 系统接口:根据业务代码自动生成相关的api接口文档。 15. 服务监控:监视当前系统CPU、内存、磁盘、堆栈等相关信息。 16. 在线构建器:拖动表单元素生成相应的HTML代码。 diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java index 66532db8..0f7379d1 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java @@ -121,6 +121,7 @@ public class SysRoleController extends BaseController @ResponseBody public AjaxResult editSave(@Validated SysRole role) { + roleService.checkRoleAllowed(role); if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) { return error("修改角色'" + role.getRoleName() + "'失败,角色名称已存在"); @@ -153,6 +154,7 @@ public class SysRoleController extends BaseController @ResponseBody public AjaxResult authDataScopeSave(SysRole role) { + roleService.checkRoleAllowed(role); role.setUpdateBy(ShiroUtils.getLoginName()); if (roleService.authDataScope(role) > 0) { @@ -216,6 +218,7 @@ public class SysRoleController extends BaseController @ResponseBody public AjaxResult changeStatus(SysRole role) { + roleService.checkRoleAllowed(role); return toAjax(roleService.changeStatus(role)); } diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java index 4a98acf7..76fc16b8 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java @@ -18,7 +18,6 @@ import com.ruoyi.common.core.controller.BaseController; import com.ruoyi.common.core.domain.AjaxResult; import com.ruoyi.common.core.page.TableDataInfo; import com.ruoyi.common.enums.BusinessType; -import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.poi.ExcelUtil; import com.ruoyi.framework.shiro.service.SysPasswordService; import com.ruoyi.framework.util.ShiroUtils; @@ -159,11 +158,8 @@ public class SysUserController extends BaseController @ResponseBody public AjaxResult editSave(@Validated SysUser user) { - if (StringUtils.isNotNull(user.getUserId()) && SysUser.isAdmin(user.getUserId())) - { - return error("不允许修改超级管理员用户"); - } - else if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) + userService.checkUserAllowed(user); + if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { return error("修改用户'" + user.getLoginName() + "'失败,手机号码已存在"); } @@ -190,6 +186,7 @@ public class SysUserController extends BaseController @ResponseBody public AjaxResult resetPwdSave(SysUser user) { + userService.checkUserAllowed(user); user.setSalt(ShiroUtils.randomSalt()); user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt())); if (userService.resetUserPwd(user) > 0) @@ -258,6 +255,7 @@ public class SysUserController extends BaseController @ResponseBody public AjaxResult changeStatus(SysUser user) { + userService.checkUserAllowed(user); return toAjax(userService.changeStatus(user)); } } \ No newline at end of file diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/MyBatisConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/MyBatisConfig.java index 80131249..7ecfd9d3 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/MyBatisConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/MyBatisConfig.java @@ -5,7 +5,6 @@ import java.util.ArrayList; import java.util.HashSet; import java.util.List; import javax.sql.DataSource; - import org.apache.ibatis.io.VFS; import org.apache.ibatis.session.SqlSessionFactory; import org.mybatis.spring.SqlSessionFactoryBean; diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java index 258efba3..7554f7c1 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java @@ -19,7 +19,6 @@ import org.apache.shiro.subject.PrincipalCollection; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; - import com.ruoyi.common.exception.user.CaptchaException; import com.ruoyi.common.exception.user.RoleBlockedException; import com.ruoyi.common.exception.user.UserBlockedException; diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysRole.java b/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysRole.java index a639621d..bb3f549e 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysRole.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysRole.java @@ -52,6 +52,16 @@ public class SysRole extends BaseEntity /** 部门组(数据权限) */ private Long[] deptIds; + public SysRole() + { + + } + + public SysRole(Long roleId) + { + this.roleId = roleId; + } + public Long getRoleId() { return roleId; @@ -62,6 +72,16 @@ public class SysRole extends BaseEntity this.roleId = roleId; } + public boolean isAdmin() + { + return isAdmin(this.roleId); + } + + public static boolean isAdmin(Long roleId) + { + return roleId != null && 1L == roleId; + } + public String getDataScope() { return dataScope; diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysUser.java b/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysUser.java index c1e5ac96..43994ef3 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysUser.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysUser.java @@ -93,6 +93,16 @@ public class SysUser extends BaseEntity /** 岗位组 */ private Long[] postIds; + public SysUser() + { + + } + + public SysUser(Long userId) + { + this.userId = userId; + } + public Long getUserId() { return userId; diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java index 0c8d30ee..1d51d6b7 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java @@ -108,6 +108,13 @@ public interface ISysRoleService */ public String checkRoleKeyUnique(SysRole role); + /** + * 校验角色是否允许操作 + * + * @param role 角色信息 + */ + public void checkRoleAllowed(SysRole role); + /** * 通过角色ID查询角色使用数量 * @@ -123,6 +130,7 @@ public interface ISysRoleService * @return 结果 */ public int changeStatus(SysRole role); + /** * 取消授权用户角色 * @@ -139,7 +147,7 @@ public interface ISysRoleService * @return 结果 */ public int deleteAuthUsers(Long roleId, String userIds); - + /** * 批量选择授权用户角色 * diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java index db9ee61c..8ab240a1 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java @@ -139,6 +139,13 @@ public interface ISysUserService */ public String checkEmailUnique(SysUser user); + /** + * 校验用户是否允许操作 + * + * @param user 用户信息 + */ + public void checkUserAllowed(SysUser user); + /** * 根据用户ID查询用户所属角色组 * diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java index caa9f570..0f51e474 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java @@ -150,6 +150,7 @@ public class SysRoleServiceImpl implements ISysRoleService Long[] roleIds = Convert.toLongArray(ids); for (Long roleId : roleIds) { + checkRoleAllowed(new SysRole(roleId)); SysRole role = selectRoleById(roleId); if (countUserRoleByRoleId(roleId) > 0) { @@ -293,6 +294,19 @@ public class SysRoleServiceImpl implements ISysRoleService return UserConstants.ROLE_KEY_UNIQUE; } + /** + * 校验角色是否允许操作 + * + * @param role 角色信息 + */ + public void checkRoleAllowed(SysRole role) + { + if (StringUtils.isNotNull(role.getRoleId()) && role.isAdmin()) + { + throw new BusinessException("不允许操作超级管理员角色"); + } + } + /** * 通过角色ID查询角色使用数量 * diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java index dd62ddea..29ade157 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java @@ -167,10 +167,7 @@ public class SysUserServiceImpl implements ISysUserService Long[] userIds = Convert.toLongArray(ids); for (Long userId : userIds) { - if (SysUser.isAdmin(userId)) - { - throw new BusinessException("不允许删除超级管理员用户"); - } + checkUserAllowed(new SysUser(userId)); } return userMapper.deleteUserByIds(userIds); } @@ -345,6 +342,19 @@ public class SysUserServiceImpl implements ISysUserService return UserConstants.USER_EMAIL_UNIQUE; } + /** + * 校验用户是否允许操作 + * + * @param user 用户信息 + */ + public void checkUserAllowed(SysUser user) + { + if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin()) + { + throw new BusinessException("不允许操作超级管理员用户"); + } + } + /** * 查询用户所属角色组 * @@ -465,10 +475,6 @@ public class SysUserServiceImpl implements ISysUserService @Override public int changeStatus(SysUser user) { - if (SysUser.isAdmin(user.getUserId())) - { - throw new BusinessException("不允许修改超级管理员用户"); - } return userMapper.updateUser(user); } }