Commit a45482a78b2226a11866ac4ad8c751984df56935
1 parent
06185f0d
fix: 修改菜单权限控制,菜单只允许超级管理员控制,在修改用户信息时,先删除用户与角色的关系,再添加新的关系
Showing
5 changed files
with
28 additions
and
15 deletions
| ... | ... | @@ -59,7 +59,7 @@ public class YtMenuController extends BaseController { |
| 59 | 59 | } |
| 60 | 60 | |
| 61 | 61 | @PostMapping |
| 62 | - @PreAuthorize("hasAnyRole('SYS_ADMIN','TENANT_ADMIN')") | |
| 62 | + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") | |
| 63 | 63 | public ResponseEntity<MenuDTO> saveMenu(@RequestBody MenuDTO menuDTO) |
| 64 | 64 | throws ThingsboardException { |
| 65 | 65 | MenuDTO newMenuDTO = |
| ... | ... | @@ -79,7 +79,7 @@ public class YtMenuController extends BaseController { |
| 79 | 79 | } |
| 80 | 80 | |
| 81 | 81 | @DeleteMapping |
| 82 | - @PreAuthorize("hasAnyRole('SYS_ADMIN','TENANT_ADMIN')") | |
| 82 | + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')") | |
| 83 | 83 | public void deleteMenus(@RequestBody String[] ids) throws ThingsboardException { |
| 84 | 84 | if (ids.length == 0) { |
| 85 | 85 | throw new YtDataValidationException("please provide menu ids to delete"); | ... | ... |
| 1 | 1 | package org.thingsboard.server.common.data.yunteng.dto; |
| 2 | + | |
| 2 | 3 | import com.fasterxml.jackson.annotation.JsonFormat; |
| 3 | 4 | import com.fasterxml.jackson.databind.JsonNode; |
| 4 | 5 | import lombok.Data; |
| ... | ... | @@ -29,10 +30,13 @@ public class SmsLogDTO extends BaseDTO { |
| 29 | 30 | /** 租户Code */ |
| 30 | 31 | private String tenantId; |
| 31 | 32 | |
| 32 | - /**用途*/ | |
| 33 | + /** 用途 */ | |
| 33 | 34 | @AutoDict(dictCode = "template_purpose") |
| 34 | 35 | private String templatePurpose; |
| 35 | 36 | |
| 36 | - /**备注*/ | |
| 37 | + /** 备注 */ | |
| 37 | 38 | private String remark; |
| 39 | + | |
| 40 | + /** 消息模板ID */ | |
| 41 | + private String messageTemplateId; | |
| 38 | 42 | } | ... | ... |
| ... | ... | @@ -136,16 +136,6 @@ public class MenuServiceImpl extends AbstractBaseService<MenuMapper, Menu> imple |
| 136 | 136 | @Transactional |
| 137 | 137 | public boolean deleteMenus(String tenantId,String[] menuIds) { |
| 138 | 138 | Set<String> ids = Set.of(menuIds); |
| 139 | - // 1. 判断是否所有的id都属于此人,admin也不可删除租户的menu | |
| 140 | - int notTenantMenuCount = | |
| 141 | - baseMapper.selectCount( | |
| 142 | - new QueryWrapper<Menu>() | |
| 143 | - .lambda() | |
| 144 | - .ne(Menu::getTenantId, tenantId) | |
| 145 | - .in(Menu::getId, ids)); | |
| 146 | - if (notTenantMenuCount > 0) { | |
| 147 | - throw new AccessDeniedException("cannot delete menu that not create by you"); | |
| 148 | - } | |
| 149 | 139 | // 2. 删除角色对应的menu |
| 150 | 140 | roleMapper.deleteRoleMenuMappingByMenuIds(ids); |
| 151 | 141 | // 3. 删除租户对应menu | ... | ... |
| ... | ... | @@ -263,6 +263,7 @@ public class YtUserServiceImpl extends AbstractBaseService<UserMapper, User> |
| 263 | 263 | user.setPassword(passwordEncoder.encode(userDTO.getPassword())); |
| 264 | 264 | } |
| 265 | 265 | baseMapper.updateById(user); |
| 266 | + deleteAndAddUserRole(user.getId(), Arrays.asList(userDTO.getRoleIds())); | |
| 266 | 267 | user.copyToDTO(userDTO, PASSWORD, ACTIVATE_TOKEN); |
| 267 | 268 | return userDTO; |
| 268 | 269 | } |
| ... | ... | @@ -516,4 +517,22 @@ public class YtUserServiceImpl extends AbstractBaseService<UserMapper, User> |
| 516 | 517 | userDTO.setUsername(userName); |
| 517 | 518 | return baseMapper.findUserInfo(userDTO); |
| 518 | 519 | } |
| 520 | + | |
| 521 | + /** | |
| 522 | + * 先删除用户与角色的关系,再添加新的关系 | |
| 523 | + * @param userId 用户ID | |
| 524 | + * @param roleIds 角色ID | |
| 525 | + */ | |
| 526 | + private void deleteAndAddUserRole(String userId,List<String> roleIds){ | |
| 527 | + if(StringUtils.isAllEmpty(userId) || null == roleIds || roleIds.size()<1){ | |
| 528 | + throw new YtDataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage()); | |
| 529 | + } | |
| 530 | + //先删除用户与角色的关系,再添加用户与角色的关系 | |
| 531 | + List<String> userIds = new ArrayList<>(); | |
| 532 | + userIds.add(userId); | |
| 533 | + roleMapper.deleteRoleUserMappingByUserIds(userIds); | |
| 534 | + roleIds.forEach(role ->{ | |
| 535 | + roleMapper.saveUserRoleMapping(userId,role); | |
| 536 | + }); | |
| 537 | + } | |
| 519 | 538 | } | ... | ... |
| 1 | 1 | <?xml version="1.0" encoding="UTF-8"?> |
| 2 | 2 | <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> |
| 3 | 3 | |
| 4 | -<mapper namespace="com.codeez.mapper.SmsLogMapper"> | |
| 4 | +<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.SmsLogMapper"> | |
| 5 | 5 | <resultMap id="smsLogDTOMap" type="org.thingsboard.server.common.data.yunteng.dto.SmsLogDTO" > |
| 6 | 6 | <result property="id" column="id"/> |
| 7 | 7 | <result property="type" column="type"/> | ... | ... |