From 635e36a882559be561372e5aab9893db5be42023 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期三, 01 十一月 2023 16:33:57 +0800
Subject: [PATCH] fix 修复 普通角色编辑使用内置管理员code越权问题

---
 ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java |   17 ++++++++++-------
 1 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
index 79fada2..8a2b939 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
@@ -79,7 +79,8 @@
             .like(StringUtils.isNotBlank(bo.getRoleKey()), "r.role_key", bo.getRoleKey())
             .between(params.get("beginTime") != null && params.get("endTime") != null,
                 "r.create_time", params.get("beginTime"), params.get("endTime"))
-            .orderByAsc("r.role_sort").orderByAsc("r.create_time");;
+            .orderByAsc("r.role_sort").orderByAsc("r.create_time");
+        ;
         return wrapper;
     }
 
@@ -192,20 +193,22 @@
         if (ObjectUtil.isNotNull(role.getRoleId()) && LoginHelper.isSuperAdmin(role.getRoleId())) {
             throw new ServiceException("涓嶅厑璁告搷浣滆秴绾х鐞嗗憳瑙掕壊");
         }
+        String[] keys = new String[]{TenantConstants.SUPER_ADMIN_ROLE_KEY, TenantConstants.TENANT_ADMIN_ROLE_KEY};
         // 鏂板涓嶅厑璁镐娇鐢� 绠＄悊鍛樻爣璇嗙
         if (ObjectUtil.isNull(role.getRoleId())
-            && StringUtils.equalsAny(role.getRoleKey(),
-            TenantConstants.SUPER_ADMIN_ROLE_KEY, TenantConstants.TENANT_ADMIN_ROLE_KEY)) {
+            && StringUtils.equalsAny(role.getRoleKey(), keys)) {
             throw new ServiceException("涓嶅厑璁镐娇鐢ㄧ郴缁熷唴缃鐞嗗憳瑙掕壊鏍囪瘑绗�!");
         }
         // 淇敼涓嶅厑璁镐慨鏀� 绠＄悊鍛樻爣璇嗙
         if (ObjectUtil.isNotNull(role.getRoleId())) {
             SysRole sysRole = baseMapper.selectById(role.getRoleId());
             // 濡傛灉鏍囪瘑绗︿笉鐩哥瓑 鍒ゆ柇涓轰慨鏀逛簡绠＄悊鍛樻爣璇嗙
-            if (!StringUtils.equals(sysRole.getRoleKey(), role.getRoleKey())
-                && StringUtils.equalsAny(sysRole.getRoleKey(),
-                TenantConstants.SUPER_ADMIN_ROLE_KEY, TenantConstants.TENANT_ADMIN_ROLE_KEY)) {
-                throw new ServiceException("涓嶅厑璁镐慨鏀圭郴缁熷唴缃鐞嗗憳瑙掕壊鏍囪瘑绗�!");
+            if (!StringUtils.equals(sysRole.getRoleKey(), role.getRoleKey())) {
+                if (StringUtils.equalsAny(sysRole.getRoleKey(), keys)) {
+                    throw new ServiceException("涓嶅厑璁镐慨鏀圭郴缁熷唴缃鐞嗗憳瑙掕壊鏍囪瘑绗�!");
+                } else if (StringUtils.equalsAny(role.getRoleKey(), keys)) {
+                    throw new ServiceException("涓嶅厑璁镐娇鐢ㄧ郴缁熷唴缃鐞嗗憳瑙掕壊鏍囪瘑绗�!");
+                }
             }
         }
     }

--
Gitblit v1.9.3