新建角色的时候，不允许创建 ADMIN 标识的角色

2025-10-31 10:18:42 +08:00 · 2022-02-23 19:28:59 +08:00
parent 848fcdf329
commit 95bb9744c1
3 changed files with 14 additions and 4 deletions
--- a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/enums/permission/RoleCodeEnum.java
+++ b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/enums/permission/RoleCodeEnum.java
@@ -1,5 +1,6 @@
 package cn.iocoder.yudao.module.system.enums.permission;

+import cn.iocoder.yudao.framework.common.util.object.ObjectUtils;
 import lombok.AllArgsConstructor;
 import lombok.Getter;

@@ -23,4 +24,8 @@ public enum RoleCodeEnum {
     */
    private final String name;

+    public static boolean isSuperAdmin(String code) {
+        return ObjectUtils.equalsAny(code, SUPER_ADMIN.getCode());
+    }
+
 }
--- a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/permission/RoleServiceImpl.java
+++ b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/permission/RoleServiceImpl.java
@@ -136,7 +136,7 @@ public class RoleServiceImpl implements RoleService {
    @Override
    public void updateRole(RoleUpdateReqVO reqVO) {
        // 校验是否可以更新
-        this.checkUpdateRole(reqVO.getId());
+        checkUpdateRole(reqVO.getId());
        // 校验角色的唯一字段是否重复
        checkDuplicateRole(reqVO.getName(), reqVO.getCode(), reqVO.getId());
        // 更新到数据库
@@ -149,7 +149,7 @@ public class RoleServiceImpl implements RoleService {
    @Override
    public void updateRoleStatus(Long id, Integer status) {
        // 校验是否可以更新
-        this.checkUpdateRole(id);
+        checkUpdateRole(id);
        // 更新状态
        RoleDO updateObject = new RoleDO();
        updateObject.setId(id);
@@ -217,7 +217,7 @@ public class RoleServiceImpl implements RoleService {
        if (CollectionUtil.isEmpty(roleList)) {
            return false;
        }
-        return roleList.stream().anyMatch(roleDO -> RoleCodeEnum.SUPER_ADMIN.getCode().equals(roleDO.getCode()));
+        return roleList.stream().anyMatch(role -> RoleCodeEnum.isSuperAdmin(role.getCode()));
    }

    @Override
@@ -247,6 +247,10 @@ public class RoleServiceImpl implements RoleService {
     */
    @VisibleForTesting
    public void checkDuplicateRole(String name, String code, Long id) {
+        // 0. 超级管理员，不允许创建
+        if (RoleCodeEnum.isSuperAdmin(code)) {
+            throw exception(ROLE_ADMIN_CODE_ERROR, code);
+        }
        // 1. 该 name 名字被其它角色所使用
        RoleDO role = roleMapper.selectByName(name);
        if (role != null && !role.getId().equals(id)) {