fix~

7 years ago · 02e3d58be7
parent 63f6832d5e
commit 02e3d58be7
1 changed files with 20 additions and 11 deletions
--- a/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/ManagerAccountServiceImpl.java
+++ b/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/ManagerAccountServiceImpl.java
@ -62,7 +62,14 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService {
            if (manager.isAdmin() || manager.isFinacial() || manager.isOperator() || manager.isServant() || manager.isSitemanager() || manager.isDeveloper()) {
                throw new BadRequestException("Invalid Role");
            }
-            manager.setOrgId(loginManager.getInteger("org_id"));
+            if (loginManager.getInteger("org_id")!=null){
                List<JSONObject> orgs = orgMapper.listOrgAndChild(loginManager.getIntValue("org_id"));
                List<Integer> orgIds = orgs.stream().map(org->org.getIntValue("org_id")).collect(Collectors.toList());
                if (!orgIds.contains(manager.getOrgId())){
                    throw new BadRequestException("You cannot Add accounts belong to other organizations");
                }
            }
            //manager.setOrgId(loginManager.getInteger("org_id"));
        }
        if (managerMapper.findByLoginId(manager.getUsername()) != null) {
            throw new BadRequestException("login id exists");
@ -79,13 +86,7 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService {
        }
        JSONObject obj = manager.accountJson(false);
        if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))) {
-            if (loginManager.getInteger("org_id")!=null){
+            checkOrg(loginManager,managerFromDb);
                List<JSONObject> orgs = orgMapper.listOrgAndChild(loginManager.getIntValue("org_id"));
                List<Integer> orgIds = orgs.stream().map(org->org.getIntValue("org_id")).collect(Collectors.toList());
                if (!orgIds.contains(managerFromDb.getIntValue("org_id"))){
                    throw new BadRequestException("You cannot modify accounts belong to other organizations");
                }
            }
            if (manager.isAdmin() || manager.isFinacial() || manager.isOperator() || manager.isServant() || manager.isSitemanager() || manager.isDeveloper()) {
                throw new BadRequestException("Invalid Role");
            }
@ -99,9 +100,7 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService {
    public void disable(String userId, JSONObject loginManager) {
        JSONObject manager = managerMapper.findById(userId);
        if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))){
-            if (manager.getIntValue("org_id") != loginManager.getIntValue("org_id")) {
+            checkOrg(loginManager,manager);
                throw new BadRequestException("You cannot disable accounts belong to other organizations");
            }
        }
        if (manager != null) {
            manager.put("is_valid", 0);
@ -129,4 +128,14 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService {
        return financialBDConfigMapper.getBdConfig(bd_id);
    }
    private void checkOrg(JSONObject loginManager,JSONObject manager){
        if (loginManager.getInteger("org_id")!=null){
            List<JSONObject> orgs = orgMapper.listOrgAndChild(loginManager.getIntValue("org_id"));
            List<Integer> orgIds = orgs.stream().map(org->org.getIntValue("org_id")).collect(Collectors.toList());
            if (!orgIds.contains(manager.getIntValue("org_id"))){
                throw new BadRequestException("You cannot modify accounts belong to other organizations");
            }
        }
    }
 }