multi-admin/src/main/java/com/gkhy/exam/admin/controller/system/SysRoleController.java
@@ -129,7 +129,7 @@ // 更新缓存用户权限 LoginUserDetails loginUser = getLoginUser(); if (ObjectUtil.isNotNull(loginUser.getUser()) && !SecurityUtils.isAdmin(loginUser.getUser().getId())) if (ObjectUtil.isNotNull(loginUser.getUser()) && !SecurityUtils.adminUser()) { loginUser.setUser(userService.selectUserByUsername(loginUser.getUser().getName())); loginUser.setPermissions(permissionService.getMenuPermission(loginUser.getUser())); multi-common/src/main/java/com/gkhy/exam/common/utils/SecurityUtils.java
@@ -19,6 +19,19 @@ return userId != null && 1L == userId; } public static boolean adminUser(){ if(getLoginUser() == null){ return false; } if(getLoginUser().getUser().getId() == 1L){ return true; } if(getLoginUser().getUser().getUserType() == 0){ return true; } return false; } /** * 判断密码是否相同 * @param rawPasword 真实密码 multi-framework/src/main/java/com/gkhy/exam/framework/web/service/SysPermissionService.java
@@ -40,7 +40,7 @@ { Set<String> roles = new HashSet<String>(); // 管理员拥有所有权限 if (SecurityUtils.isAdmin(user.getId())) if (SecurityUtils.adminUser() ) { roles.add("admin"); } @@ -61,7 +61,7 @@ { Set<String> perms = new HashSet<String>(); // 管理员拥有所有权限 if (SecurityUtils.isAdmin(user.getId())) if (SecurityUtils.adminUser()) { perms.add("*:*:*"); } multi-system/src/main/java/com/gkhy/exam/system/service/impl/CompanyIndustryTemplateServiceImpl.java
@@ -32,7 +32,7 @@ @Override public CommonPage selectCompanyIndustryTemplateList(Integer companyId) { boolean admin = SecurityUtils.isAdmin(SecurityUtils.getUserId()); boolean admin = SecurityUtils.adminUser(); if (!admin){ if (companyId==null){ throw new ApiException("非管理员操作,查询条件不可为空"); multi-system/src/main/java/com/gkhy/exam/system/service/impl/CompanyRosterServiceImpl.java
@@ -33,7 +33,7 @@ @Override public CommonPage selectCompanyRosterList(Integer companyId) { boolean admin = SecurityUtils.isAdmin(SecurityUtils.getUserId()); boolean admin = SecurityUtils.adminUser(); if (!admin){ if (companyId==null){ throw new ApiException("非管理员操作,查询条件不可为空"); multi-system/src/main/java/com/gkhy/exam/system/service/impl/SysClauseManagementServiceImpl.java
@@ -28,7 +28,7 @@ @Override public int saveSysClauseManagement(SysClauseManagement sysClauseManagement) { if (!SecurityUtils.isAdmin(SecurityUtils.getUserId())){ if (!SecurityUtils.adminUser()){ throw new ApiException("没有权限访问!"); } LambdaQueryWrapper<SysClauseManagement> lambdaQueryWrapper = Wrappers.<SysClauseManagement>lambdaQuery() @@ -55,7 +55,7 @@ @Override public int delSysClauseManagement(Long id) { if (!SecurityUtils.isAdmin(SecurityUtils.getUserId())){ if (!SecurityUtils.adminUser()){ throw new ApiException("没有权限访问!"); } //todo 校验已使用的? multi-system/src/main/java/com/gkhy/exam/system/service/impl/SysDeptServiceImpl.java
@@ -226,7 +226,7 @@ @Override public void checkDeptDataScope(Long deptId) { if (!SecurityUtils.isAdmin(SecurityUtils.getUserId()) && ObjectUtil.isNotNull(deptId)) if (!SecurityUtils.adminUser() && ObjectUtil.isNotNull(deptId)) { SysDept dept = new SysDept(); dept.setDeptId(deptId); @@ -260,13 +260,12 @@ @Override @Transactional public int saveDept(SysDeptSaveDTOReq dept) { Long companyId = SecurityUtils.getCompanyId(); if (!companyId.equals(dept.getCompanyId())){ throw new ApiException("无权操作!"); } // Long companyId = SecurityUtils.getCompanyId(); // if (!companyId.equals(dept.getCompanyId())){ // throw new ApiException("无权操作!"); // } SysDept sysDept = new SysDept(); BeanUtils.copyProperties(dept, sysDept); sysDept.setCompanyId(companyId); boolean b = checkDeptNameUnique(sysDept); if (!b){ throw new ApiException("部门名称已存在!"); @@ -287,7 +286,7 @@ delCaluse(sysDept.getDeptId(), delCaluseIds); } //处理条款 batchSaveCaluse(sysDept.getDeptId(), companyId, dept.getCaluseVO1List()); batchSaveCaluse(sysDept.getDeptId(), dept.getCompanyId(), dept.getCaluseVO1List()); } @@ -297,15 +296,15 @@ @Override @Transactional public int saveDeptResponsibility(SysDeptResponsibilityReqVo reqVo) { Long companyId = SecurityUtils.getCompanyId(); if (!companyId.equals(reqVo.getCompanyId())){ throw new ApiException("无权操作!"); } // Long companyId = SecurityUtils.getCompanyId(); // if (!companyId.equals(reqVo.getCompanyId())){ // throw new ApiException("无权操作!"); // } SysDept sysDept = deptMapper.selectDeptById(reqVo.getDeptId()); if (null == sysDept){ throw new ApiException("部门不存在!"); } if (!companyId.equals(sysDept.getCompanyId())){ if (!reqVo.getCompanyId().equals(sysDept.getCompanyId())){ throw new ApiException("无权操作!"); } SysDept dept = new SysDept(); @@ -336,9 +335,9 @@ @Transactional public int initFunctionalDistribution(Long companyId) { if (!companyId.equals(SecurityUtils.getCompanyId())){ throw new ApiException("无权操作!"); } // if (!companyId.equals(SecurityUtils.getCompanyId())){ // throw new ApiException("无权操作!"); // } sysFunctionalDistributionMapper.delByCompanyId(companyId); SysDept sysDept = new SysDept(); @@ -370,15 +369,15 @@ @Override public int saveFunctionalDistribution(FunctionalDistributionVo reqVo) { Long companyId = SecurityUtils.getCompanyId(); if (!companyId.equals(reqVo.getCompanyId())){ throw new ApiException("无权操作!"); } // Long companyId = SecurityUtils.getCompanyId(); // if (!companyId.equals(reqVo.getCompanyId())){ // throw new ApiException("无权操作!"); // } List<SysFunctionalDistribution> list = reqVo.getList(); if (list != null && !list.isEmpty()) { for (SysFunctionalDistribution sysFunctionalDistribution : list) { sysFunctionalDistribution.setCompanyId(companyId); sysFunctionalDistribution.setCompanyId(reqVo.getCompanyId()); sysFunctionalDistribution.setUpdateBy(SecurityUtils.getUsername()); sysFunctionalDistribution.setUpdateTime(LocalDateTime.now()); } multi-system/src/main/java/com/gkhy/exam/system/service/impl/SysMenuServiceImpl.java
@@ -64,7 +64,7 @@ { List<SysMenu> menuList = null; // 管理员显示所有菜单信息 if (SecurityUtils.isAdmin(userId)) if (SecurityUtils.adminUser() ) { menuList = menuMapper.selectMenuList(menu); } @@ -128,7 +128,7 @@ public List<SysMenu> selectMenuTreeByUserId(Long userId) { List<SysMenu> menus = null; if (SecurityUtils.isAdmin(userId)) if (SecurityUtils.adminUser() ) { menus = menuMapper.selectMenuTreeAll(); } multi-system/src/main/java/com/gkhy/exam/system/service/impl/SysRoleServiceImpl.java
@@ -197,7 +197,7 @@ @Override public void checkRoleDataScope(Long... roleIds) { if (!SecurityUtils.isAdmin(SecurityUtils.getUserId())) if (!SecurityUtils.adminUser()) { for (Long roleId : roleIds) { multi-system/src/main/java/com/gkhy/exam/system/service/impl/SysUserServiceImpl.java
@@ -14,7 +14,9 @@ import com.gkhy.exam.common.utils.RedisUtils; import com.gkhy.exam.common.utils.SecurityUtils; import com.gkhy.exam.common.utils.StringUtils; import com.gkhy.exam.system.domain.SysUserRole; import com.gkhy.exam.system.mapper.SysUserMapper; import com.gkhy.exam.system.mapper.SysUserRoleMapper; import com.gkhy.exam.system.service.SysConfigService; import com.gkhy.exam.system.service.SysUserService; import org.springframework.beans.factory.annotation.Autowired; @@ -45,6 +47,8 @@ private SysConfigService configService; @Autowired private Validator validator; @Autowired private SysUserRoleMapper userRoleMapper; @Override public CommonPage<SysUser> selectUserList(SysUser user) { @@ -131,6 +135,13 @@ user.setCreateBy(SecurityUtils.getUsername()); user.setPassword(SecurityUtils.encryptPassword(Base64.decodeStr(user.getPassword()))); int row=baseMapper.insert(user); List<SysUserRole> userRoleList = new ArrayList<>(); SysUserRole sysUserRole = new SysUserRole(); sysUserRole.setUserId(user.getId()); sysUserRole.setRoleId(2L); userRoleList.add(sysUserRole); userRoleMapper.batchUserRole(userRoleList); if(row<1){ throw new ApiException("新增用户失败"); }