From 0b852faf00776601e7ecd6c4d57f4f75ce70caff Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期六, 29 一月 2022 09:23:11 +0800
Subject: [PATCH] Merge remote-tracking branch 'ruoyi-vue/master' into dev
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
index bc25998..ceae510 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@@ -150,6 +150,7 @@
@PutMapping
public AjaxResult<Void> edit(@Validated @RequestBody SysUser user) {
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
if (StringUtils.isNotEmpty(user.getPhonenumber())
&& UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
@@ -183,6 +184,7 @@
@PutMapping("/resetPwd")
public AjaxResult<Void> resetPwd(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
return toAjax(userService.resetPwd(user));
}
@@ -196,6 +198,7 @@
@PutMapping("/changeStatus")
public AjaxResult<Void> changeStatus(@RequestBody SysUser user) {
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
return toAjax(userService.updateUserStatus(user));
}
@@ -226,6 +229,7 @@
@Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.GRANT)
@PutMapping("/authRole")
public AjaxResult<Void> insertAuthRole(Long userId, Long[] roleIds) {
+ userService.checkUserDataScope(userId);
userService.insertUserAuth(userId, roleIds);
return success();
}
--
Gitblit v1.9.3