用户/租户逻辑优化

v1.4.1
Parker 5 years ago
parent 3260ad329b
commit c62ac06346

@ -17,8 +17,15 @@
SET NAMES utf8mb4; SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0; SET FOREIGN_KEY_CHECKS = 0;
--
ALTER TABLE `sys_user` CHANGE COLUMN `locked` `enable` char(1) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '' AFTER `secret_key`;
--
ALTER TABLE `sys_tenant` CHANGE COLUMN `iz_usable` `enable` char(1) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT ' 0 1' AFTER `tenant_name`;
-- ---------------------------- -- ----------------------------
-- Table structure for sys_area --
-- ---------------------------- -- ----------------------------
DROP TABLE IF EXISTS `sys_area`; DROP TABLE IF EXISTS `sys_area`;
CREATE TABLE `sys_area` ( CREATE TABLE `sys_area` (

@ -112,14 +112,14 @@ public interface UserApi {
ResultVo<?> resetPasswordById(String userId); ResultVo<?> resetPasswordById(String userId);
/** /**
* *
* *
* @param userId ID * @param userId ID
* @param locked * @param enable
* @return ResultVo * @return ResultVo
*/ */
@PostMapping("/lockAccount") @PostMapping("/enableAccount")
ResultVo<?> lockAccount(String userId, String locked); ResultVo<?> enableAccount(String userId, String enable);
/** /**
* *

@ -59,12 +59,12 @@ public class UserAndOrgModel extends ApiWrapper {
@ValidationArgsLenMax(50) @ValidationArgsLenMax(50)
private String secretKey; private String secretKey;
/** 是否锁定 */ /** 启用状态 */
@ApiModelProperty(value = "是否锁定") @ApiModelProperty(value = "启用状态")
@ExcelIgnore @ExcelIgnore
@ValidationArgs({ValiArgsType.IS_NOT_NULL}) @ValidationArgs({ValiArgsType.IS_NOT_NULL})
@ValidationArgsLenMax(1) @ValidationArgsLenMax(1)
private String locked; private String enable;
/** 真实姓名 */ /** 真实姓名 */
@ApiModelProperty(value = "真实姓名") @ApiModelProperty(value = "真实姓名")

@ -59,12 +59,12 @@ public class UserModel extends ApiWrapper {
@ValidationArgsLenMax(50) @ValidationArgsLenMax(50)
private String secretKey; private String secretKey;
/** 是否锁定 */ /** 是否启用 */
@ApiModelProperty(value = "是否锁定") @ApiModelProperty(value = "是否启用")
@ExcelIgnore @ExcelIgnore
@ValidationArgs({ValiArgsType.IS_NOT_NULL}) @ValidationArgs({ValiArgsType.IS_NOT_NULL})
@ValidationArgsLenMax(1) @ValidationArgsLenMax(1)
private String locked; private String enable;
/** 真实姓名 */ /** 真实姓名 */
@ApiModelProperty(value = "真实姓名") @ApiModelProperty(value = "真实姓名")

@ -75,8 +75,7 @@ public enum DictType {
DictType[] var1 = values(); DictType[] var1 = values();
for (DictType dict : var1) { for (DictType dict : var1) {
if(dict.type.equals(type) && if(dict.type.equals(type) &&
dict.value.equalsIgnoreCase(value) dict.value.equalsIgnoreCase(value)){
){
return true; return true;
} }
} }

@ -10,6 +10,7 @@ import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.PrincipalCollection;
import org.opsli.api.wrapper.system.tenant.TenantModel; import org.opsli.api.wrapper.system.tenant.TenantModel;
import org.opsli.api.wrapper.system.user.UserModel; import org.opsli.api.wrapper.system.user.UserModel;
import org.opsli.common.enums.DictType;
import org.opsli.core.api.TokenThreadLocal; import org.opsli.core.api.TokenThreadLocal;
import org.opsli.common.exception.TokenException; import org.opsli.common.exception.TokenException;
import org.opsli.core.msg.TokenMsg; import org.opsli.core.msg.TokenMsg;
@ -32,8 +33,6 @@ import java.util.List;
@Slf4j @Slf4j
public class JwtRealm extends AuthorizingRealm implements FlagRealm { public class JwtRealm extends AuthorizingRealm implements FlagRealm {
/** 账号锁定状态 */
public static final String LOCK_VAL = "1";
@Override @Override
public boolean supports(AuthenticationToken token) { public boolean supports(AuthenticationToken token) {
@ -86,19 +85,26 @@ public class JwtRealm extends AuthorizingRealm implements FlagRealm {
String userId = UserTokenUtil.getUserIdByToken(accessToken); String userId = UserTokenUtil.getUserIdByToken(accessToken);
UserModel user = UserUtil.getUser(userId); UserModel user = UserUtil.getUser(userId);
// 3. 校验账户是否锁定 // 3. 是否存在该用户
if(user == null || user.getLocked().equals(LOCK_VAL)){ if(user == null){
// 账号已被锁定,请联系管理员
// token失效请重新登录 // token失效请重新登录
throw new TokenException( throw new TokenException(
TokenMsg.EXCEPTION_LOGIN_ACCOUNT_LOCKED); TokenMsg.EXCEPTION_LOGIN_ACCOUNT_LOCKED);
} }
// 4. 验证租户是否启用 // 4. 如果不是超级管理员
// 如果不是超级管理员 需要验证租户是否生效
if(!StringUtils.equals(UserUtil.SUPER_ADMIN, user.getUsername())){ if(!StringUtils.equals(UserUtil.SUPER_ADMIN, user.getUsername())){
// 4.1 账号锁定验证
if(StringUtils.isEmpty(user.getEnable()) ||
DictType.NO_YES_NO.getValue().equals(user.getEnable())){
// 账号已被锁定,请联系管理员
throw new TokenException(TokenMsg.EXCEPTION_LOGIN_ACCOUNT_LOCKED);
}
// 4.2 租户启用验证
TenantModel tenant = TenantUtil.getTenant(user.getTenantId()); TenantModel tenant = TenantUtil.getTenant(user.getTenantId());
if(tenant == null){ if(tenant == null){
// 租户未启用,请联系管理员
throw new TokenException(TokenMsg.EXCEPTION_LOGIN_TENANT_NOT_USABLE); throw new TokenException(TokenMsg.EXCEPTION_LOGIN_TENANT_NOT_USABLE);
} }
} }
@ -127,8 +133,8 @@ public class JwtRealm extends AuthorizingRealm implements FlagRealm {
String userId = UserTokenUtil.getUserIdByToken(accessToken); String userId = UserTokenUtil.getUserIdByToken(accessToken);
UserModel user = UserUtil.getUser(userId); UserModel user = UserUtil.getUser(userId);
// 3. 校验账户是否锁定 // 3. 校验账户是否启用 否
if(user == null || user.getLocked().equals(JwtRealm.LOCK_VAL)){ if(user == null || DictType.NO_YES_NO.getValue().equals(user.getEnable())){
// 账号已被锁定,请联系管理员 // 账号已被锁定,请联系管理员
// token失效请重新登录 // token失效请重新登录
throw new TokenException( throw new TokenException(

@ -62,8 +62,8 @@ public enum SystemMsg implements BaseMsg {
EXCEPTION_USER_NULL(20309,"暂无该用户: {}"), EXCEPTION_USER_NULL(20309,"暂无该用户: {}"),
EXCEPTION_USER_FILE_NULL(20310,"请选择文件"), EXCEPTION_USER_FILE_NULL(20310,"请选择文件"),
EXCEPTION_USER_ILLEGAL_PARAMETER(20311,"非法参数"), EXCEPTION_USER_ILLEGAL_PARAMETER(20311,"非法参数"),
EXCEPTION_USER_LOCK_SELF(20312,"不可锁定自身"), EXCEPTION_USER_HANDLE_SELF(20312,"不可操作自身"),
EXCEPTION_USER_DEL_SELF(20313,"不可删除自身"), EXCEPTION_USER_HANDLE_SUPER_ADMIN(20313,"不可操作超管账号"),
/** /**

@ -26,6 +26,7 @@ import org.opsli.api.wrapper.system.tenant.TenantModel;
import org.opsli.api.wrapper.system.user.UserModel; import org.opsli.api.wrapper.system.user.UserModel;
import org.opsli.common.annotation.InterfaceCrypto; import org.opsli.common.annotation.InterfaceCrypto;
import org.opsli.common.annotation.Limiter; import org.opsli.common.annotation.Limiter;
import org.opsli.common.enums.DictType;
import org.opsli.core.api.TokenThreadLocal; import org.opsli.core.api.TokenThreadLocal;
import org.opsli.common.enums.AlertType; import org.opsli.common.enums.AlertType;
import org.opsli.common.enums.OptionsType; import org.opsli.common.enums.OptionsType;
@ -108,15 +109,21 @@ public class LoginRestController {
// 如果验证成功, 则清除锁定信息 // 如果验证成功, 则清除锁定信息
UserTokenUtil.clearLockAccount(form.getUsername()); UserTokenUtil.clearLockAccount(form.getUsername());
// 账号锁定
if(JwtRealm.LOCK_VAL.equals(user.getLocked())){
throw new TokenException(TokenMsg.EXCEPTION_LOGIN_ACCOUNT_LOCKED);
}
// 如果不是超级管理员 需要验证租户是否生效
// 如果不是超级管理员
if(!StringUtils.equals(UserUtil.SUPER_ADMIN, user.getUsername())){ if(!StringUtils.equals(UserUtil.SUPER_ADMIN, user.getUsername())){
// 账号锁定验证
if(StringUtils.isEmpty(user.getEnable()) ||
DictType.NO_YES_NO.getValue().equals(user.getEnable())){
// 账号已被锁定,请联系管理员
throw new TokenException(TokenMsg.EXCEPTION_LOGIN_ACCOUNT_LOCKED);
}
// 租户启用验证
TenantModel tenant = TenantUtil.getTenant(user.getTenantId()); TenantModel tenant = TenantUtil.getTenant(user.getTenantId());
if(tenant == null){ if(tenant == null){
// 租户未启用,请联系管理员
throw new TokenException(TokenMsg.EXCEPTION_LOGIN_TENANT_NOT_USABLE); throw new TokenException(TokenMsg.EXCEPTION_LOGIN_TENANT_NOT_USABLE);
} }
} }

@ -111,6 +111,9 @@ public class TenantServiceImpl extends CrudServiceImpl<TenantMapper, SysTenant,
return null; return null;
} }
// 默认为未启用
model.setEnable(DictType.NO_YES_NO.getValue());
// 唯一验证 // 唯一验证
Integer count = this.uniqueVerificationByName(model); Integer count = this.uniqueVerificationByName(model);
if(count != null && count > 0){ if(count != null && count > 0){
@ -128,6 +131,8 @@ public class TenantServiceImpl extends CrudServiceImpl<TenantMapper, SysTenant,
return null; return null;
} }
model.setEnable(null);
// 唯一验证 // 唯一验证
Integer count = this.uniqueVerificationByName(model); Integer count = this.uniqueVerificationByName(model);
if(count != null && count > 0){ if(count != null && count > 0){
@ -157,6 +162,22 @@ public class TenantServiceImpl extends CrudServiceImpl<TenantMapper, SysTenant,
return false; return false;
} }
String currTenantId = UserUtil.getRealTenantId();
if(StringUtils.equals(currTenantId, id)){
// 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SELF);
}
// 超级管理员
UserModel superAdmin = UserUtil.getUserByUserName(UserUtil.SUPER_ADMIN);
if(superAdmin != null){
String superAdminTenantId = superAdmin.getTenantId();
if(StringUtils.equals(superAdminTenantId, id)){
// 不可操作超管租户
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SUPER_ADMIN);
}
}
// 如果有租户还在被引用 则不允许删除该租户 // 如果有租户还在被引用 则不允许删除该租户
this.validationUsedByDel(Collections.singletonList(id)); this.validationUsedByDel(Collections.singletonList(id));
@ -183,6 +204,22 @@ public class TenantServiceImpl extends CrudServiceImpl<TenantMapper, SysTenant,
return false; return false;
} }
String currTenantId = UserUtil.getRealTenantId();
if(StringUtils.equals(currTenantId, model.getId())){
// 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SELF);
}
// 超级管理员
UserModel superAdmin = UserUtil.getUserByUserName(UserUtil.SUPER_ADMIN);
if(superAdmin != null){
String superAdminTenantId = superAdmin.getTenantId();
if(StringUtils.equals(superAdminTenantId, model.getId())){
// 不可操作超管租户
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SUPER_ADMIN);
}
}
// 如果有租户还在被引用 则不允许删除该租户 // 如果有租户还在被引用 则不允许删除该租户
this.validationUsedByDel(Collections.singletonList(model.getId())); this.validationUsedByDel(Collections.singletonList(model.getId()));
@ -206,6 +243,25 @@ public class TenantServiceImpl extends CrudServiceImpl<TenantMapper, SysTenant,
public boolean deleteAll(String[] ids) { public boolean deleteAll(String[] ids) {
List<String> idList = Convert.toList(String.class, ids); List<String> idList = Convert.toList(String.class, ids);
String currTenantId = UserUtil.getRealTenantId();
if(CollUtil.isNotEmpty(idList)){
if(idList.contains(currTenantId)){
// 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SELF);
}
// 超级管理员
UserModel superAdmin = UserUtil.getUserByUserName(UserUtil.SUPER_ADMIN);
if(superAdmin != null){
String superAdminTenantId = superAdmin.getTenantId();
if(idList.contains(superAdminTenantId)){
// 不可操作超管租户
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SUPER_ADMIN);
}
}
}
// 如果有租户还在被引用 则不允许删除该租户 // 如果有租户还在被引用 则不允许删除该租户
this.validationUsedByDel(idList); this.validationUsedByDel(idList);
@ -231,6 +287,24 @@ public class TenantServiceImpl extends CrudServiceImpl<TenantMapper, SysTenant,
idList.add(model.getId()); idList.add(model.getId());
} }
String currTenantId = UserUtil.getRealTenantId();
if(CollUtil.isNotEmpty(idList)){
if(idList.contains(currTenantId)){
// 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SELF);
}
// 超级管理员
UserModel superAdmin = UserUtil.getUserByUserName(UserUtil.SUPER_ADMIN);
if(superAdmin != null){
String superAdminTenantId = superAdmin.getTenantId();
if(idList.contains(superAdminTenantId)){
// 不可操作超管租户
throw new ServiceException(SystemMsg.EXCEPTION_TENANT_HANDLE_SUPER_ADMIN);
}
}
}
// 如果有租户还在被引用 则不允许删除该租户 // 如果有租户还在被引用 则不允许删除该租户
this.validationUsedByDel(idList); this.validationUsedByDel(idList);

@ -43,8 +43,8 @@ public class SysUser extends BaseEntity {
/** 盐值,密码秘钥 */ /** 盐值,密码秘钥 */
private String secretKey; private String secretKey;
/** 是否锁定 */ /** 是否启用 */
private String locked; private String enable;
/** 真实姓名 */ /** 真实姓名 */
private String realName; private String realName;

@ -46,8 +46,8 @@ public class SysUserAndOrg extends BaseEntity {
/** 盐值,密码秘钥 */ /** 盐值,密码秘钥 */
private String secretKey; private String secretKey;
/** 是否锁定 */ /** 启用状态 */
private String locked; private String enable;
/** 真实姓名 */ /** 真实姓名 */
private String realName; private String realName;

@ -11,7 +11,7 @@
a.secret_key as secretKey, a.secret_key as secretKey,
a.no as no, a.no as no,
a.real_name as realName, a.real_name as realName,
a.locked as locked, a.enable as enable,
a.mobile as mobile, a.mobile as mobile,
a.email as email, a.email as email,
a.avatar as avatar, a.avatar as avatar,

@ -105,12 +105,12 @@ public interface IUserService extends CrudServiceInterface<SysUser, UserModel> {
/** /**
* *
* @param userId ID * @param userId ID
* @param locked * @param enable
* @return * @return
*/ */
boolean lockAccount(String userId, String locked); boolean enableAccount(String userId, String enable);
/** /**
* *

@ -108,6 +108,8 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
// 防止非法操作 - 不允许直接操控到 关键数据 // 防止非法操作 - 不允许直接操控到 关键数据
// 需要注意的是 不要轻易改修改策略 // 需要注意的是 不要轻易改修改策略
model.setLoginIp(null); model.setLoginIp(null);
// 默认用户状态为启用
model.setEnable(DictType.NO_YES_YES.getValue());
// 新增可以直接设置密码 // 新增可以直接设置密码
if(StringUtils.isNotEmpty(model.getPassword())){ if(StringUtils.isNotEmpty(model.getPassword())){
@ -195,7 +197,7 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
model.setPassword(null); model.setPassword(null);
model.setSecretKey(null); model.setSecretKey(null);
model.setLoginIp(null); model.setLoginIp(null);
model.setLocked(null); model.setEnable(null);
UserModel update = super.update(model); UserModel update = super.update(model);
if(update != null){ if(update != null){
@ -217,7 +219,12 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
@Override @Override
@Transactional(rollbackFor = Exception.class) @Transactional(rollbackFor = Exception.class)
public boolean lockAccount(String userId, String locked) { public boolean enableAccount(String userId, String enable) {
if(!DictType.hasDict(DictType.NO_YES_YES.getType(), enable)){
// 非法参数
throw new ServiceException(SystemMsg.EXCEPTION_USER_ILLEGAL_PARAMETER);
}
UserModel model = this.get(userId); UserModel model = this.get(userId);
if(model == null){ if(model == null){
return false; return false;
@ -225,12 +232,19 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
UserModel currUser = UserUtil.getUser(); UserModel currUser = UserUtil.getUser();
if(StringUtils.equals(currUser.getId(), userId)){ if(StringUtils.equals(currUser.getId(), userId)){
// 不可锁定自身 // 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_USER_LOCK_SELF); throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SELF);
} }
if(StringUtils.equals(UserUtil.SUPER_ADMIN, model.getUsername())){
// 不可操作超管账号
throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SUPER_ADMIN);
}
UpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<>(); UpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<>();
updateWrapper.set("locked", locked).eq( updateWrapper.set("enable", enable)
.eq(
HumpUtil.humpToUnderline(MyBatisConstants.FIELD_ID), userId HumpUtil.humpToUnderline(MyBatisConstants.FIELD_ID), userId
); );
if(this.update(updateWrapper)){ if(this.update(updateWrapper)){
@ -243,14 +257,23 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
@Override @Override
public boolean delete(String id) { public boolean delete(String id) {
UserModel userModel = super.get(id);
// 非法判断
if(userModel == null){
return false;
}
// 杜绝我删我自己行为 // 杜绝我删我自己行为
UserModel currUser = UserUtil.getUser(); UserModel currUser = UserUtil.getUser();
if(StringUtils.equals(currUser.getId(), id)){ if(StringUtils.equals(currUser.getId(), id)){
// 不可删除自身 // 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_USER_DEL_SELF); throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SELF);
}
if(StringUtils.equals(UserUtil.SUPER_ADMIN, userModel.getUsername())){
// 不可操作超管账号
throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SUPER_ADMIN);
} }
UserModel userModel = super.get(id);
boolean ret = super.delete(id); boolean ret = super.delete(id);
if(ret){ if(ret){
// 刷新用户缓存 // 刷新用户缓存
@ -261,11 +284,10 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
@Override @Override
public boolean delete(UserModel model) { public boolean delete(UserModel model) {
UserModel userModel = null; if(model == null){
if(model != null){ return false;
userModel = this.get(model.getId());
} }
UserModel userModel = super.get(model.getId());
// 非法判断 // 非法判断
if(userModel == null){ if(userModel == null){
return false; return false;
@ -274,8 +296,12 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
// 杜绝我删我自己行为 // 杜绝我删我自己行为
UserModel currUser = UserUtil.getUser(); UserModel currUser = UserUtil.getUser();
if(StringUtils.equals(currUser.getId(), userModel.getId())){ if(StringUtils.equals(currUser.getId(), userModel.getId())){
// 不可删除自身 // 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_USER_DEL_SELF); throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SELF);
}
if(StringUtils.equals(UserUtil.SUPER_ADMIN, userModel.getUsername())){
// 不可操作超管账号
throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SUPER_ADMIN);
} }
boolean ret = super.delete(model); boolean ret = super.delete(model);
@ -293,18 +319,29 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
return false; return false;
} }
List<String> idList = Convert.toList(String.class, ids);
// 杜绝我删我自己行为 // 杜绝我删我自己行为
UserModel currUser = UserUtil.getUser(); UserModel currUser = UserUtil.getUser();
for (String id : ids) { if(CollUtil.isNotEmpty(idList)){
if(StringUtils.equals(currUser.getId(), id)){ if(idList.contains(currUser.getId())){
// 不可删除自身 // 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_USER_DEL_SELF); throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SELF);
}
// 超级管理员
UserModel superAdmin = UserUtil.getUserByUserName(UserUtil.SUPER_ADMIN);
if(superAdmin != null){
String superAdminId = superAdmin.getId();
if(idList.contains(superAdminId)){
// 不可操作超管账号
throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SUPER_ADMIN);
}
} }
} }
QueryBuilder<SysUser> queryBuilder = new GenQueryBuilder<>(); QueryBuilder<SysUser> queryBuilder = new GenQueryBuilder<>();
QueryWrapper<SysUser> queryWrapper = queryBuilder.build(); QueryWrapper<SysUser> queryWrapper = queryBuilder.build();
List<String> idList = Convert.toList(String.class, ids);
queryWrapper.in(HumpUtil.humpToUnderline(MyBatisConstants.FIELD_ID),idList); queryWrapper.in(HumpUtil.humpToUnderline(MyBatisConstants.FIELD_ID),idList);
List<UserModel> modelList = super.transformTs2Ms( List<UserModel> modelList = super.transformTs2Ms(
this.findList(queryWrapper) this.findList(queryWrapper)
@ -326,16 +363,28 @@ public class UserServiceImpl extends CrudServiceImpl<UserMapper, SysUser, UserMo
return false; return false;
} }
List<String> idList = Lists.newArrayListWithCapacity(models.size());
for (UserModel model : models) {
idList.add(model.getId());
}
// 杜绝我删我自己行为 // 杜绝我删我自己行为
UserModel currUser = UserUtil.getUser(); UserModel currUser = UserUtil.getUser();
if(CollUtil.isNotEmpty(idList)){
if(idList.contains(currUser.getId())){
// 不可操作自身
throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SELF);
}
List<String> idList = Lists.newArrayListWithCapacity(models.size()); // 超级管理员
for (UserModel model : models) { UserModel superAdmin = UserUtil.getUserByUserName(UserUtil.SUPER_ADMIN);
if(StringUtils.equals(currUser.getId(), model.getId())){ if(superAdmin != null){
// 不可删除自身 String superAdminId = superAdmin.getId();
throw new ServiceException(SystemMsg.EXCEPTION_USER_DEL_SELF); if(idList.contains(superAdminId)){
// 不可操作超管账号
throw new ServiceException(SystemMsg.EXCEPTION_USER_HANDLE_SUPER_ADMIN);
}
} }
idList.add(model.getId());
} }
QueryBuilder<SysUser> queryBuilder = new GenQueryBuilder<>(); QueryBuilder<SysUser> queryBuilder = new GenQueryBuilder<>();

@ -284,26 +284,21 @@ public class UserRestController extends BaseRestController<SysUser, UserModel, I
} }
/** /**
* *
* @return ResultVo * @return ResultVo
*/ */
@ApiOperation(value = "锁定账户", notes = "锁定账户") @ApiOperation(value = "锁定账户", notes = "锁定账户")
@RequiresPermissions("system_user_lockAccount") @RequiresPermissions("system_user_enable")
@EnableLog @EnableLog
@Override @Override
public ResultVo<?> lockAccount(String userId, String locked) { public ResultVo<?> enableAccount(String userId, String enable) {
// 演示模式 不允许操作 // 演示模式 不允许操作
super.demoError(); super.demoError();
if(!DictType.hasDict(DictType.NO_YES_YES.getType(), locked)){ // 变更账户状态
// 非法参数 boolean lockAccountFlag = IService.enableAccount(userId, enable);
throw new ServiceException(SystemMsg.EXCEPTION_USER_ILLEGAL_PARAMETER);
}
// 锁定账户
boolean lockAccountFlag = IService.lockAccount(userId, locked);
if(!lockAccountFlag){ if(!lockAccountFlag){
return ResultVo.error("变更用户状态账户失败"); return ResultVo.error("变更用户状态失败");
} }
return ResultVo.success(); return ResultVo.success();
} }

Loading…
Cancel
Save