管理员用户&角色不允许操作

2019-10-03 09:45:41 +08:00
parent ac97d15a7f
commit 661b6fe5d5
11 changed files with 82 additions and 18 deletions
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
@ -121,6 +121,7 @@ public class SysRoleController extends BaseController
    @ResponseBody
    public AjaxResult editSave(@Validated SysRole role)
    {
+        roleService.checkRoleAllowed(role);
        if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
        {
            return error("修改角色'" + role.getRoleName() + "'失败，角色名称已存在");
@ -153,6 +154,7 @@ public class SysRoleController extends BaseController
    @ResponseBody
    public AjaxResult authDataScopeSave(SysRole role)
    {
+        roleService.checkRoleAllowed(role);
        role.setUpdateBy(ShiroUtils.getLoginName());
        if (roleService.authDataScope(role) > 0)
        {
@ -216,6 +218,7 @@ public class SysRoleController extends BaseController
    @ResponseBody
    public AjaxResult changeStatus(SysRole role)
    {
+        roleService.checkRoleAllowed(role);
        return toAjax(roleService.changeStatus(role));
    }

--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@ -18,7 +18,6 @@ import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.framework.shiro.service.SysPasswordService;
 import com.ruoyi.framework.util.ShiroUtils;
@ -159,11 +158,8 @@ public class SysUserController extends BaseController
    @ResponseBody
    public AjaxResult editSave(@Validated SysUser user)
    {
-        if (StringUtils.isNotNull(user.getUserId()) && SysUser.isAdmin(user.getUserId()))
-        {
-            return error("不允许修改超级管理员用户");
-        }
-        else if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
+        userService.checkUserAllowed(user);
+        if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
        {
            return error("修改用户'" + user.getLoginName() + "'失败，手机号码已存在");
        }
@ -190,6 +186,7 @@ public class SysUserController extends BaseController
    @ResponseBody
    public AjaxResult resetPwdSave(SysUser user)
    {
+        userService.checkUserAllowed(user);
        user.setSalt(ShiroUtils.randomSalt());
        user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt()));
        if (userService.resetUserPwd(user) > 0)
@ -258,6 +255,7 @@ public class SysUserController extends BaseController
    @ResponseBody
    public AjaxResult changeStatus(SysUser user)
    {
+        userService.checkUserAllowed(user);
        return toAjax(userService.changeStatus(user));
    }
 }