“djh”
2 天以前 8c91afa9c1bbe5fae9d88cfd1e7243c376af69fe
multi-system/src/main/java/com/gkhy/exam/system/service/impl/SysUserServiceImpl.java
@@ -14,9 +14,11 @@
import com.gkhy.exam.common.utils.RedisUtils;
import com.gkhy.exam.common.utils.SecurityUtils;
import com.gkhy.exam.common.utils.StringUtils;
import com.gkhy.exam.system.domain.ExStudent;
import com.gkhy.exam.system.domain.SysUserRole;
import com.gkhy.exam.system.mapper.SysUserMapper;
import com.gkhy.exam.system.mapper.SysUserRoleMapper;
import com.gkhy.exam.system.service.ExStudentService;
import com.gkhy.exam.system.service.SysConfigService;
import com.gkhy.exam.system.service.SysUserService;
import org.springframework.beans.factory.annotation.Autowired;
@@ -50,6 +52,9 @@
    @Autowired
    private SysUserRoleMapper userRoleMapper;
    @Autowired
    private ExStudentService exStudentService;
    @Override
    public CommonPage<SysUser> selectUserList(SysUser user) {
        SysUser currentUser=SecurityUtils.getLoginUser().getUser();
@@ -58,7 +63,7 @@
            if(!currentUser.getUserType().equals(UserTypeEnum.SYSTEM_USER.getCode())){
                user.setCompanyId(currentUser.getCompanyId());
                Map<String,Object> paramsMap=new HashMap<>();
                paramsMap.put("userType",currentUser.getUserType());
//                paramsMap.put("userType",currentUser.getUserType());
                user.setParams(paramsMap);
            }
            PageUtils.startPage();
@@ -124,12 +129,23 @@
    @Override
    public int deleteUserById(Long userId) {
        SysUser user=checkUserDataScope(userId);
        if (user.getId().toString().equals("1")){
            throw new ApiException("管理员用户不能被删除");
        }
        delCacheByUsername(user.getUsername());
        return baseMapper.deleteUserById(userId);
    }
    @Override
    public int addUser(SysUser user) {
        ExStudent exStudent = new ExStudent();
        exStudent.setCompanyId(user.getCompanyId());
        exStudent.setName(user.getName());
        exStudent.setPassword(user.getPassword());
        exStudent.setDeptId(user.getDeptId());
        exStudent.setDuty(user.getDuty());
        exStudent.setSex(user.getSex());
        exStudent.setPhone(user.getPhone());
        checkRequestData(user);
        checkUserAllowed(user);
        user.setCreateBy(SecurityUtils.getUsername());
@@ -141,6 +157,8 @@
        sysUserRole.setRoleId(2L);
        userRoleList.add(sysUserRole);
        userRoleMapper.batchUserRole(userRoleList);
        exStudentService.insertStudent(exStudent);
        if(row<1){
            throw new ApiException("新增用户失败");
@@ -227,20 +245,24 @@
        Integer currentUserType=currentUser.getUserType();
        Integer userType=user.getUserType();
        //校验权限,规则:上一级用户可以增加下一级用户类型的用户
        if(currentUserType.equals(UserTypeEnum.SYSTEM_USER.getCode())){
            if( !userType.equals(UserTypeEnum.SYSTEM_USER.getCode())&&!userType.equals(UserTypeEnum.OTHER_USER.getCode()) &&!userType.equals(UserTypeEnum.COMPANY_USER.getCode())){
                throw new ApiException("管理员只能操作管理员、企业级和其他类型的用户");
            }
        }else{
//        if(currentUserType.equals(UserTypeEnum.SYSTEM_USER.getCode())){
//            if( !userType.equals(UserTypeEnum.SYSTEM_USER.getCode())&&!userType.equals(UserTypeEnum.OTHER_USER.getCode()) &&!userType.equals(UserTypeEnum.COMPANY_USER.getCode())){
//                throw new ApiException("管理员只能操作管理员、企业级和其他类型的用户");
//            }
//            if (user.getId().toString().equals("1")){
//                throw new ApiException("管理员用户不能被删除");
//            }
//        }else{
        if(!currentUserType.equals(UserTypeEnum.SYSTEM_USER.getCode())){
            if(userType.equals(UserTypeEnum.OTHER_USER.getCode())){
                throw new ApiException("没有权限操作或者更新上级用户类型的用户");
            }
            if(currentUserType.equals(UserTypeEnum.OTHER_USER.getCode())){
                if(userType<=UserTypeEnum.COMPANY_USER.getCode()){
            if(currentUserType.equals(UserTypeEnum.OTHER_USER.getCode()) || currentUserType.equals(UserTypeEnum.COMPANY_ADMIN.getCode())){
                if(userType<=UserTypeEnum.COMPANY_USER.getCode() && !currentUserType.equals(UserTypeEnum.COMPANY_ADMIN.getCode())){
                    throw new ApiException("没有权限操作或者更新上级用户类型的用户");
                }
            }else{
                if(userType<=currentUserType){
                if(userType<currentUserType){
                    throw new ApiException("没有权限操作或者更新上级用户类型的用户");
                }
            }