修改权限问题

heheng

3 天以前 6225c567da0bfeb08d97333f8b5999e5afc552ad

修改权限问题

 multi-admin/src/main/java/com/gkhy/exam/admin/controller/system/SysCompanyController.java

@@ -31,7 +31,7 @@
    @Autowired
    private SysCompanyService companyService;

    @PreAuthorize("hasAnyAuthority('train:exam:system')")
    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
    @ApiOperation(value = "企业列表(分页)")
    @ApiImplicitParams({
            @ApiImplicitParam(paramType = "query", name = "pageNum", dataType = "int", required = false, value = "当前页,默认1"),
@@ -42,7 +42,7 @@
        return CommonResult.success(companyService.selectCompanyList(company));
    }

    @PreAuthorize("hasAnyAuthority('train:exam:system')")
    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
    @ApiOperation(value = "根据公司id获取公司信息")
    @GetMapping(value = { "/{companyId}" })
    public CommonResult getCompanyInfo(@PathVariable(value = "companyId", required = true) Long companyId)
@@ -51,7 +51,7 @@
    }

    @RepeatSubmit
    @PreAuthorize("hasAnyAuthority('train:exam:system')")
    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
    @Log(title = "企业管理", businessType = BusinessType.INSERT)
    @ApiOperation(value = "新增企业")
    @PostMapping
@@ -60,7 +60,7 @@
    }

    @RepeatSubmit
    @PreAuthorize("hasAnyAuthority('train:exam:system')")
    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
    @Log(title = "企业管理", businessType = BusinessType.UPDATE)
    @ApiOperation(value = "编辑企业")
    @PutMapping
@@ -69,7 +69,7 @@
    }

    @RepeatSubmit
    @PreAuthorize("hasAnyAuthority('train:exam:system')")
    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
    @Log(title = "企业管理", businessType = BusinessType.UPDATE)
    @ApiOperation(value = "删除企业")
    @DeleteMapping(value = { "/{companyId}" })
@@ -78,7 +78,7 @@
    }

    @RepeatSubmit
    @PreAuthorize("hasAnyAuthority('train:exam:system')")
    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
    @Log(title = "企业管理", businessType = BusinessType.INSERT)
    @ApiOperation(value = "企业分配课时")
    @ApiImplicitParams({
@@ -91,7 +91,7 @@
        return CommonResult.success();
    }

    @PreAuthorize("hasAnyAuthority('train:exam:system')")
    @PreAuthorize("hasAnyAuthority('train:exam:system','train:exam:company')")
    @ApiOperation(value = "校验公司名称是否唯一")
    @PostMapping("/checkNameUnique")
    public CommonResult checkNameUnique(@RequestBody SysCompany company)

 multi-system/src/main/java/com/gkhy/exam/system/service/impl/SysUserServiceImpl.java

@@ -242,8 +242,8 @@
            if(userType.equals(UserTypeEnum.OTHER_USER.getCode())){
                throw new ApiException("没有权限操作或者更新上级用户类型的用户");
            }
            if(currentUserType.equals(UserTypeEnum.OTHER_USER.getCode())){
                if(userType<=UserTypeEnum.COMPANY_USER.getCode()){
            if(currentUserType.equals(UserTypeEnum.OTHER_USER.getCode()) || currentUserType.equals(UserTypeEnum.COMPANY_ADMIN.getCode())){
                if(userType<=UserTypeEnum.COMPANY_USER.getCode() && !currentUserType.equals(UserTypeEnum.COMPANY_ADMIN.getCode())){
                    throw new ApiException("没有权限操作或者更新上级用户类型的用户");
                }
            }else{