fix: 角色分页查询修改，角色分页只允许超级管理员和租户管理员

黄 x
1 parent 77abe7d2
Showing 3 changed files with 7 additions and 10 deletions
application/src/main/java/org/thingsboard/server/controller/yunteng/YtRoleController.java
dao/src/main/java/org/thingsboard/server/dao/yunteng/impl/RoleServiceImpl.java
dao/src/main/java/org/thingsboard/server/dao/yunteng/service/RoleService.java
--- a/application/src/main/java/org/thingsboard/server/controller/yunteng/YtRoleController.java
View file @8782cf3
+++ b/application/src/main/java/org/thingsboard/server/controller/yunteng/YtRoleController.java
View file @8782cf3
@@ -2,6 +2,7 @@ package org.thingsboard.server.controller.yunteng;
 import lombok.RequiredArgsConstructor;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.util.Assert;
 import org.springframework.web.bind.annotation.*;
 import org.thingsboard.server.common.data.exception.ThingsboardException;
@@ -28,6 +29,7 @@ public class YtRoleController extends BaseController {
   private final RoleService roleService;
   @GetMapping(params = {PAGE_SIZE, PAGE})
+  @PreAuthorize("hasAnyAuthority('SYS_ADMIN','TENANT_ADMIN')")
   public YtPageData<RoleDTO> pageRole(
       @RequestParam(PAGE_SIZE) int pageSize,
       @RequestParam(PAGE) int page,
@@ -50,7 +52,7 @@ public class YtRoleController extends BaseController {
     if (orderType != null) {
       queryMap.put(ORDER_TYPE, orderType.name());
     }
-    return roleService.page(getCurrentUser().isPtSysadmin(), getCurrentUser().isPtAdmin(), getCurrentUser().getCurrentTenantId(),queryMap);
+    return roleService.page(getCurrentUser().getCurrentTenantId(),queryMap);
   }
   @DeleteMapping
--- a/dao/src/main/java/org/thingsboard/server/dao/yunteng/impl/RoleServiceImpl.java
View file @8782cf3
+++ b/dao/src/main/java/org/thingsboard/server/dao/yunteng/impl/RoleServiceImpl.java
View file @8782cf3
@@ -46,8 +46,7 @@ public class RoleServiceImpl extends AbstractBaseService<RoleMapper, Role> imple
   private final UserRoleMapper userRoleMapper;
   @Override
-  public YtPageData<RoleDTO> page(
-      boolean isSysadmin, boolean isPlatformAdmin, String tenantId, Map<String, Object> queryMap) {
+  public YtPageData<RoleDTO> page(String tenantId, Map<String, Object> queryMap) {
     IPage<Role> roleIPage =
         baseMapper.selectPage(
             getPage(queryMap, "create_time", false),
@@ -55,12 +54,8 @@ public class RoleServiceImpl extends AbstractBaseService<RoleMapper, Role> imple
                 .lambda()
                 .eq(queryMap.get("status") != null, Role::isEnabled, queryMap.get("status"))
                 .eq(queryMap.get("roleType") != null, Role::getRoleType, queryMap.get("roleType"))
-                .ne(queryMap.get("roleType") == null, Role::getRoleType, RoleEnum.TENANT_ADMIN)
-                .ne(
-                    queryMap.get("roleType") == null && isPlatformAdmin,
-                    Role::getRoleType,
-                    RoleEnum.SYS_ADMIN)
-                .eq(!isSysadmin, Role::getTenantId, tenantId)
+                .ne(queryMap.get("roleType") == null, Role::getRoleType, RoleEnum.TENANT_ADMIN.name())
+                .eq(Role::getTenantId, tenantId)
                 .like(
                     queryMap.get("roleName") != null,
                     Role::getName,
--- a/dao/src/main/java/org/thingsboard/server/dao/yunteng/service/RoleService.java
View file @8782cf3
+++ b/dao/src/main/java/org/thingsboard/server/dao/yunteng/service/RoleService.java
View file @8782cf3
@@ -10,7 +10,7 @@ import java.util.Map;
 import java.util.Set;
 public interface RoleService {
-  YtPageData<RoleDTO> page(boolean isSysadmin, boolean isPlatformAdmin, String tenantId, Map<String, Object> queryMap);
+  YtPageData<RoleDTO> page(String tenantId, Map<String, Object> queryMap);
   boolean deleteRole(String[] roleIds,String tenantId);