From 0b852faf00776601e7ecd6c4d57f4f75ce70caff Mon Sep 17 00:00:00 2001 From: 疯狂的狮子li <15040126243@163.com> Date: 星期六, 29 一月 2022 09:23:11 +0800 Subject: [PATCH] Merge remote-tracking branch 'ruoyi-vue/master' into dev --- ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java | 28 ++++++++++++++++------------ 1 files changed, 16 insertions(+), 12 deletions(-) diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java index b6a22b5..ceae510 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java @@ -26,7 +26,6 @@ import com.ruoyi.system.service.ISysUserService; import io.swagger.annotations.*; import lombok.RequiredArgsConstructor; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; @@ -45,7 +44,7 @@ */ @Validated @Api(value = "鐢ㄦ埛淇℃伅鎺у埗鍣�", tags = {"鐢ㄦ埛淇℃伅绠$悊"}) -@RequiredArgsConstructor(onConstructor_ = @Autowired) +@RequiredArgsConstructor @RestController @RequestMapping("/system/user") public class SysUserController extends BaseController { @@ -84,7 +83,7 @@ @ApiOperation("瀵煎叆鐢ㄦ埛鍒楄〃") @ApiImplicitParams({ - @ApiImplicitParam(name = "file", value = "瀵煎叆鏂囦欢", dataType = "java.io.File", required = true), + @ApiImplicitParam(name = "file", value = "瀵煎叆鏂囦欢", dataType = "java.io.File", required = true), }) @Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.IMPORT) @SaCheckPermission("system:user:import") @@ -105,17 +104,18 @@ */ @ApiOperation("鏍规嵁鐢ㄦ埛缂栧彿鑾峰彇璇︾粏淇℃伅") @SaCheckPermission("system:user:query") - @GetMapping(value = {"/", "/{userId}" }) + @GetMapping(value = {"/", "/{userId}"}) public AjaxResult<Map<String, Object>> getInfo(@ApiParam("鐢ㄦ埛ID") @PathVariable(value = "userId", required = false) Long userId) { - userService.checkUserDataScope(userId); + userService.checkUserDataScope(userId); Map<String, Object> ajax = new HashMap<>(); List<SysRole> roles = roleService.selectRoleAll(); ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList())); ajax.put("posts", postService.selectPostAll()); - if (StringUtils.isNotNull(userId)) { - ajax.put("user", userService.selectUserById(userId)); + if (ObjectUtil.isNotNull(userId)) { + SysUser sysUser = userService.selectUserById(userId); + ajax.put("user", sysUser); ajax.put("postIds", postService.selectPostListByUserId(userId)); - ajax.put("roleIds", roleService.selectRoleListByUserId(userId)); + ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList())); } return AjaxResult.success(ajax); } @@ -131,10 +131,10 @@ if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName()))) { return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岀櫥褰曡处鍙峰凡瀛樺湪"); } else if (StringUtils.isNotEmpty(user.getPhonenumber()) - && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { + && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪"); } else if (StringUtils.isNotEmpty(user.getEmail()) - && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) { + && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) { return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪"); } user.setPassword(SecurityUtils.encryptPassword(user.getPassword())); @@ -150,11 +150,12 @@ @PutMapping public AjaxResult<Void> edit(@Validated @RequestBody SysUser user) { userService.checkUserAllowed(user); + userService.checkUserDataScope(user.getUserId()); if (StringUtils.isNotEmpty(user.getPhonenumber()) - && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { + && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪"); } else if (StringUtils.isNotEmpty(user.getEmail()) - && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) { + && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) { return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪"); } return toAjax(userService.updateUser(user)); @@ -183,6 +184,7 @@ @PutMapping("/resetPwd") public AjaxResult<Void> resetPwd(@RequestBody SysUser user) { userService.checkUserAllowed(user); + userService.checkUserDataScope(user.getUserId()); user.setPassword(SecurityUtils.encryptPassword(user.getPassword())); return toAjax(userService.resetPwd(user)); } @@ -196,6 +198,7 @@ @PutMapping("/changeStatus") public AjaxResult<Void> changeStatus(@RequestBody SysUser user) { userService.checkUserAllowed(user); + userService.checkUserDataScope(user.getUserId()); return toAjax(userService.updateUserStatus(user)); } @@ -226,6 +229,7 @@ @Log(title = "鐢ㄦ埛绠$悊", businessType = BusinessType.GRANT) @PutMapping("/authRole") public AjaxResult<Void> insertAuthRole(Long userId, Long[] roleIds) { + userService.checkUserDataScope(userId); userService.insertUserAuth(userId, roleIds); return success(); } -- Gitblit v1.9.3