管理员用户&角色不允许操作

This commit is contained in:
RuoYi
2019-10-03 09:45:41 +08:00
parent ac97d15a7f
commit 661b6fe5d5
11 changed files with 82 additions and 18 deletions

View File

@ -121,6 +121,7 @@ public class SysRoleController extends BaseController
@ResponseBody
public AjaxResult editSave(@Validated SysRole role)
{
roleService.checkRoleAllowed(role);
if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
{
return error("修改角色'" + role.getRoleName() + "'失败,角色名称已存在");
@ -153,6 +154,7 @@ public class SysRoleController extends BaseController
@ResponseBody
public AjaxResult authDataScopeSave(SysRole role)
{
roleService.checkRoleAllowed(role);
role.setUpdateBy(ShiroUtils.getLoginName());
if (roleService.authDataScope(role) > 0)
{
@ -216,6 +218,7 @@ public class SysRoleController extends BaseController
@ResponseBody
public AjaxResult changeStatus(SysRole role)
{
roleService.checkRoleAllowed(role);
return toAjax(roleService.changeStatus(role));
}

View File

@ -18,7 +18,6 @@ import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.framework.shiro.service.SysPasswordService;
import com.ruoyi.framework.util.ShiroUtils;
@ -159,11 +158,8 @@ public class SysUserController extends BaseController
@ResponseBody
public AjaxResult editSave(@Validated SysUser user)
{
if (StringUtils.isNotNull(user.getUserId()) && SysUser.isAdmin(user.getUserId()))
{
return error("不允许修改超级管理员用户");
}
else if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
userService.checkUserAllowed(user);
if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{
return error("修改用户'" + user.getLoginName() + "'失败,手机号码已存在");
}
@ -190,6 +186,7 @@ public class SysUserController extends BaseController
@ResponseBody
public AjaxResult resetPwdSave(SysUser user)
{
userService.checkUserAllowed(user);
user.setSalt(ShiroUtils.randomSalt());
user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt()));
if (userService.resetUserPwd(user) > 0)
@ -258,6 +255,7 @@ public class SysUserController extends BaseController
@ResponseBody
public AjaxResult changeStatus(SysUser user)
{
userService.checkUserAllowed(user);
return toAjax(userService.changeStatus(user));
}
}