简柏林 / thingskit · Commits

Commit a45482a78b2226a11866ac4ad8c751984df56935

Authored by 黄 x
1 parent 06185f0d

fix: 修改菜单权限控制,菜单只允许超级管理员控制,在修改用户信息时,先删除用户与角色的关系,再添加新的关系

Inline Side-by-side
Showing 5 changed files with 28 additions and 15 deletions
@@ -59,7 +59,7 @@ public class YtMenuController extends BaseController { @@ -59,7 +59,7 @@ public class YtMenuController extends BaseController {
59 } 59 }
60 60
61 @PostMapping 61 @PostMapping
62 - @PreAuthorize("hasAnyRole('SYS_ADMIN','TENANT_ADMIN')") 62 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
63 public ResponseEntity<MenuDTO> saveMenu(@RequestBody MenuDTO menuDTO) 63 public ResponseEntity<MenuDTO> saveMenu(@RequestBody MenuDTO menuDTO)
64 throws ThingsboardException { 64 throws ThingsboardException {
65 MenuDTO newMenuDTO = 65 MenuDTO newMenuDTO =
@@ -79,7 +79,7 @@ public class YtMenuController extends BaseController { @@ -79,7 +79,7 @@ public class YtMenuController extends BaseController {
79 } 79 }
80 80
81 @DeleteMapping 81 @DeleteMapping
82 - @PreAuthorize("hasAnyRole('SYS_ADMIN','TENANT_ADMIN')") 82 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
83 public void deleteMenus(@RequestBody String[] ids) throws ThingsboardException { 83 public void deleteMenus(@RequestBody String[] ids) throws ThingsboardException {
84 if (ids.length == 0) { 84 if (ids.length == 0) {
85 throw new YtDataValidationException("please provide menu ids to delete"); 85 throw new YtDataValidationException("please provide menu ids to delete");
1 package org.thingsboard.server.common.data.yunteng.dto; 1 package org.thingsboard.server.common.data.yunteng.dto;
  2 +
2 import com.fasterxml.jackson.annotation.JsonFormat; 3 import com.fasterxml.jackson.annotation.JsonFormat;
3 import com.fasterxml.jackson.databind.JsonNode; 4 import com.fasterxml.jackson.databind.JsonNode;
4 import lombok.Data; 5 import lombok.Data;
@@ -29,10 +30,13 @@ public class SmsLogDTO extends BaseDTO { @@ -29,10 +30,13 @@ public class SmsLogDTO extends BaseDTO {
29 /** 租户Code */ 30 /** 租户Code */
30 private String tenantId; 31 private String tenantId;
31 32
32 - /**用途*/ 33 + /** 用途 */
33 @AutoDict(dictCode = "template_purpose") 34 @AutoDict(dictCode = "template_purpose")
34 private String templatePurpose; 35 private String templatePurpose;
35 36
36 - /**备注*/ 37 + /** 备注 */
37 private String remark; 38 private String remark;
  39 +
  40 + /** 消息模板ID */
  41 + private String messageTemplateId;
38 } 42 }
@@ -136,16 +136,6 @@ public class MenuServiceImpl extends AbstractBaseService<MenuMapper, Menu> imple @@ -136,16 +136,6 @@ public class MenuServiceImpl extends AbstractBaseService<MenuMapper, Menu> imple
136 @Transactional 136 @Transactional
137 public boolean deleteMenus(String tenantId,String[] menuIds) { 137 public boolean deleteMenus(String tenantId,String[] menuIds) {
138 Set<String> ids = Set.of(menuIds); 138 Set<String> ids = Set.of(menuIds);
139 - // 1. 判断是否所有的id都属于此人,admin也不可删除租户的menu  
140 - int notTenantMenuCount =  
141 - baseMapper.selectCount(  
142 - new QueryWrapper<Menu>()  
143 - .lambda()  
144 - .ne(Menu::getTenantId, tenantId)  
145 - .in(Menu::getId, ids));  
146 - if (notTenantMenuCount > 0) {  
147 - throw new AccessDeniedException("cannot delete menu that not create by you");  
148 - }  
149 // 2. 删除角色对应的menu 139 // 2. 删除角色对应的menu
150 roleMapper.deleteRoleMenuMappingByMenuIds(ids); 140 roleMapper.deleteRoleMenuMappingByMenuIds(ids);
151 // 3. 删除租户对应menu 141 // 3. 删除租户对应menu
@@ -263,6 +263,7 @@ public class YtUserServiceImpl extends AbstractBaseService<UserMapper, User> @@ -263,6 +263,7 @@ public class YtUserServiceImpl extends AbstractBaseService<UserMapper, User>
263 user.setPassword(passwordEncoder.encode(userDTO.getPassword())); 263 user.setPassword(passwordEncoder.encode(userDTO.getPassword()));
264 } 264 }
265 baseMapper.updateById(user); 265 baseMapper.updateById(user);
  266 + deleteAndAddUserRole(user.getId(), Arrays.asList(userDTO.getRoleIds()));
266 user.copyToDTO(userDTO, PASSWORD, ACTIVATE_TOKEN); 267 user.copyToDTO(userDTO, PASSWORD, ACTIVATE_TOKEN);
267 return userDTO; 268 return userDTO;
268 } 269 }
@@ -516,4 +517,22 @@ public class YtUserServiceImpl extends AbstractBaseService<UserMapper, User> @@ -516,4 +517,22 @@ public class YtUserServiceImpl extends AbstractBaseService<UserMapper, User>
516 userDTO.setUsername(userName); 517 userDTO.setUsername(userName);
517 return baseMapper.findUserInfo(userDTO); 518 return baseMapper.findUserInfo(userDTO);
518 } 519 }
  520 +
  521 + /**
  522 + * 先删除用户与角色的关系,再添加新的关系
  523 + * @param userId 用户ID
  524 + * @param roleIds 角色ID
  525 + */
  526 + private void deleteAndAddUserRole(String userId,List<String> roleIds){
  527 + if(StringUtils.isAllEmpty(userId) || null == roleIds || roleIds.size()<1){
  528 + throw new YtDataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
  529 + }
  530 + //先删除用户与角色的关系,再添加用户与角色的关系
  531 + List<String> userIds = new ArrayList<>();
  532 + userIds.add(userId);
  533 + roleMapper.deleteRoleUserMappingByUserIds(userIds);
  534 + roleIds.forEach(role ->{
  535 + roleMapper.saveUserRoleMapping(userId,role);
  536 + });
  537 + }
519 } 538 }
1 <?xml version="1.0" encoding="UTF-8"?> 1 <?xml version="1.0" encoding="UTF-8"?>
2 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> 2 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
3 3
4 -<mapper namespace="com.codeez.mapper.SmsLogMapper"> 4 +<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.SmsLogMapper">
5 <resultMap id="smsLogDTOMap" type="org.thingsboard.server.common.data.yunteng.dto.SmsLogDTO" > 5 <resultMap id="smsLogDTOMap" type="org.thingsboard.server.common.data.yunteng.dto.SmsLogDTO" >
6 <result property="id" column="id"/> 6 <result property="id" column="id"/>
7 <result property="type" column="type"/> 7 <result property="type" column="type"/>