fix: 优化用户登录租户逻辑

This commit is contained in:
tangwei 2026-06-30 11:10:12 +08:00
parent e7d95c625f
commit e6954b8bac
10 changed files with 216 additions and 37 deletions

View File

@ -34,6 +34,7 @@ import com.yfd.platform.qgc_base.domain.vo.EngVmsstbprptVo;
import com.yfd.platform.qgc_base.mapper.SdEngInfoBHMapper; import com.yfd.platform.qgc_base.mapper.SdEngInfoBHMapper;
import com.yfd.platform.qgc_base.service.IMsOperationLogService; import com.yfd.platform.qgc_base.service.IMsOperationLogService;
import com.yfd.platform.qgc_base.service.ISdEngInfoBHService; import com.yfd.platform.qgc_base.service.ISdEngInfoBHService;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.utils.QgcQueryWrapperUtil; import com.yfd.platform.utils.QgcQueryWrapperUtil;
import com.yfd.platform.utils.SecurityUtils; import com.yfd.platform.utils.SecurityUtils;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
@ -81,6 +82,9 @@ public class SdEngInfoBHServiceImpl extends ServiceImpl<SdEngInfoBHMapper, SdEng
@Resource @Resource
private ObjectMapper objectMapper; private ObjectMapper objectMapper;
@Resource
private IAdminAuthService adminAuthService;
@Override @Override
public Page<SdEngInfoBH> queryPageList(Page<SdEngInfoBH> page, String ennm, String rvcd, String baseId, String hycd) { public Page<SdEngInfoBH> queryPageList(Page<SdEngInfoBH> page, String ennm, String rvcd, String baseId, String hycd) {
LambdaQueryWrapper<SdEngInfoBH> wrapper = new LambdaQueryWrapper<>(); LambdaQueryWrapper<SdEngInfoBH> wrapper = new LambdaQueryWrapper<>();
@ -93,7 +97,7 @@ public class SdEngInfoBHServiceImpl extends ServiceImpl<SdEngInfoBHMapper, SdEng
Set<String> authorizedStations = getUserAuthorizedStationCodes(); Set<String> authorizedStations = getUserAuthorizedStationCodes();
if (authorizedStations != null && !authorizedStations.isEmpty()) { if (authorizedStations != null && !authorizedStations.isEmpty()) {
wrapper.in(SdEngInfoBH::getStcd, authorizedStations); wrapper.in(SdEngInfoBH::getStcd, authorizedStations);
}else if (!"admin".equals(SecurityUtils.getCurrentUsername())){ }else if (!adminAuthService.isCurrentManagedAdmin()){
return page; return page;
} }
return this.page(page, wrapper); return this.page(page, wrapper);
@ -135,7 +139,7 @@ public class SdEngInfoBHServiceImpl extends ServiceImpl<SdEngInfoBHMapper, SdEng
.select(SdEngInfoBH::getStcd, SdEngInfoBH::getEnnm, SdEngInfoBH::getReachcdName, SdEngInfoBH::getYrgeb, SdEngInfoBH::getBaseId) .select(SdEngInfoBH::getStcd, SdEngInfoBH::getEnnm, SdEngInfoBH::getReachcdName, SdEngInfoBH::getYrgeb, SdEngInfoBH::getBaseId)
.orderByAsc(SdEngInfoBH::getBaseId,SdEngInfoBH::getOrderIndex); .orderByAsc(SdEngInfoBH::getBaseId,SdEngInfoBH::getOrderIndex);
if("admin".equals(SecurityUtils.getCurrentUsername())){ if(adminAuthService.isCurrentManagedAdmin()){
return this.list(wrapper); return this.list(wrapper);
} }
Set<String> authorizedStations = getUserAuthorizedStationCodes(); Set<String> authorizedStations = getUserAuthorizedStationCodes();

View File

@ -10,6 +10,7 @@ import com.yfd.platform.qgc_base.domain.SdFpssBH;
import com.yfd.platform.qgc_base.mapper.SdEngInfoBHMapper; import com.yfd.platform.qgc_base.mapper.SdEngInfoBHMapper;
import com.yfd.platform.qgc_base.mapper.SdFpssBHMapper; import com.yfd.platform.qgc_base.mapper.SdFpssBHMapper;
import com.yfd.platform.qgc_base.service.ISdFpssBHService; import com.yfd.platform.qgc_base.service.ISdFpssBHService;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.utils.SecurityUtils; import com.yfd.platform.utils.SecurityUtils;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
@ -29,6 +30,9 @@ public class SdFpssBHServiceImpl extends ServiceImpl<SdFpssBHMapper, SdFpssBH> i
@Resource @Resource
private SdEngInfoBHMapper sdEngInfoBHMapper; private SdEngInfoBHMapper sdEngInfoBHMapper;
@Resource
private IAdminAuthService adminAuthService;
@Override @Override
public Page<SdFpssBH> selectPage(String stcd, String sttp, String rstcd, Integer usfl, Page<SdFpssBH> page) { public Page<SdFpssBH> selectPage(String stcd, String sttp, String rstcd, Integer usfl, Page<SdFpssBH> page) {
@ -50,7 +54,7 @@ public class SdFpssBHServiceImpl extends ServiceImpl<SdFpssBHMapper, SdFpssBH> i
Set<String> authorizedStations = getUserAuthorizedStationCodes(); Set<String> authorizedStations = getUserAuthorizedStationCodes();
if (authorizedStations != null && !authorizedStations.isEmpty()) { if (authorizedStations != null && !authorizedStations.isEmpty()) {
wrapper.in(SdFpssBH::getRstcd, authorizedStations); wrapper.in(SdFpssBH::getRstcd, authorizedStations);
}else if (!"admin".equals(SecurityUtils.getCurrentUsername())){ }else if (!adminAuthService.isCurrentManagedAdmin()){
return page; return page;
} }
@ -68,7 +72,7 @@ public class SdFpssBHServiceImpl extends ServiceImpl<SdFpssBHMapper, SdFpssBH> i
@Override @Override
public List<SdFpssBH> selectForDropdown(String rstcd, String stnm, String baseId,String rvcd,String reachcd) { public List<SdFpssBH> selectForDropdown(String rstcd, String stnm, String baseId,String rvcd,String reachcd) {
// 管理员直接查询无需权限过滤 // 管理员直接查询无需权限过滤
if ("admin".equals(SecurityUtils.getCurrentUsername())) { if (adminAuthService.isCurrentManagedAdmin()) {
return queryFpssList(rstcd, stnm, baseId,rvcd,reachcd); return queryFpssList(rstcd, stnm, baseId,rvcd,reachcd);
} }

View File

@ -15,6 +15,7 @@ import com.yfd.platform.qgc_base.mapper.SdEngInfoBHMapper;
import com.yfd.platform.qgc_base.mapper.SdHbrvDicMapper; import com.yfd.platform.qgc_base.mapper.SdHbrvDicMapper;
import com.yfd.platform.qgc_base.mapper.SdHydrobaseMapper; import com.yfd.platform.qgc_base.mapper.SdHydrobaseMapper;
import com.yfd.platform.qgc_base.service.ISdHbrvDicService; import com.yfd.platform.qgc_base.service.ISdHbrvDicService;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.utils.QgcQueryWrapperUtil; import com.yfd.platform.utils.QgcQueryWrapperUtil;
import com.yfd.platform.utils.SecurityUtils; import com.yfd.platform.utils.SecurityUtils;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
@ -46,6 +47,9 @@ public class SdHbrvDicServiceImpl extends ServiceImpl<SdHbrvDicMapper, SdHbrvDic
@Resource @Resource
private SdHydrobaseMapper hydrobaseMapper; private SdHydrobaseMapper hydrobaseMapper;
@Resource
private IAdminAuthService adminAuthService;
private SdHbrvDicMapper hbrvDicMapper; private SdHbrvDicMapper hbrvDicMapper;
@Override @Override
public Page<SdHbrvDic> queryPageList(Page<SdHbrvDic> page, String hbrvnm, String baseid) { public Page<SdHbrvDic> queryPageList(Page<SdHbrvDic> page, String hbrvnm, String baseid) {
@ -110,7 +114,7 @@ public class SdHbrvDicServiceImpl extends ServiceImpl<SdHbrvDicMapper, SdHbrvDic
.eq(baseid != null && !baseid.isEmpty(), SdHbrvDic::getBaseid, baseid) .eq(baseid != null && !baseid.isEmpty(), SdHbrvDic::getBaseid, baseid)
.eq(SdHbrvDic::getEnabled, 1) .eq(SdHbrvDic::getEnabled, 1)
.orderByAsc(SdHbrvDic::getBaseid,SdHbrvDic::getOrderIndex); .orderByAsc(SdHbrvDic::getBaseid,SdHbrvDic::getOrderIndex);
if("admin".equals(SecurityUtils.getCurrentUsername())){ if(adminAuthService.isCurrentManagedAdmin()){
return this.list(wrapper); return this.list(wrapper);
} }
Set<String> authorizedStations = getUserAuthorizedStationCodes(); Set<String> authorizedStations = getUserAuthorizedStationCodes();

View File

@ -13,6 +13,7 @@ import com.yfd.platform.qgc_base.entity.vo.HydrobaseWbsVo;
import com.yfd.platform.qgc_base.mapper.SdEngInfoBHMapper; import com.yfd.platform.qgc_base.mapper.SdEngInfoBHMapper;
import com.yfd.platform.qgc_base.mapper.SdHydrobaseMapper; import com.yfd.platform.qgc_base.mapper.SdHydrobaseMapper;
import com.yfd.platform.qgc_base.service.ISdHydrobaseService; import com.yfd.platform.qgc_base.service.ISdHydrobaseService;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.utils.SecurityUtils; import com.yfd.platform.utils.SecurityUtils;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
@ -39,6 +40,9 @@ public class SdHydrobaseServiceImpl extends ServiceImpl<SdHydrobaseMapper, SdHyd
@Resource @Resource
private SdEngInfoBHMapper sdEngInfoBHMapper; private SdEngInfoBHMapper sdEngInfoBHMapper;
@Resource
private IAdminAuthService adminAuthService;
@Override @Override
public Page<SdHydrobase> queryPageList(Page<SdHydrobase> page, String basename, String pbaseid) { public Page<SdHydrobase> queryPageList(Page<SdHydrobase> page, String basename, String pbaseid) {
return this.page(page, this.lambdaQuery() return this.page(page, this.lambdaQuery()
@ -91,7 +95,7 @@ public class SdHydrobaseServiceImpl extends ServiceImpl<SdHydrobaseMapper, SdHyd
} else { } else {
return new ArrayList<>(); return new ArrayList<>();
} }
}else if (!"admin".equals(SecurityUtils.getCurrentUsername())){ }else if (!adminAuthService.isCurrentManagedAdmin()){
return new ArrayList<>(); return new ArrayList<>();
} }
// else { // else {

View File

@ -11,6 +11,7 @@ import com.yfd.platform.qgc_base.mapper.SdRvcdDicMapper;
import com.yfd.platform.qgc_base.service.ISdRvcdDicService; import com.yfd.platform.qgc_base.service.ISdRvcdDicService;
import com.yfd.platform.qgc_data.domain.SysUserDataScope; import com.yfd.platform.qgc_data.domain.SysUserDataScope;
import com.yfd.platform.qgc_data.mapper.SysUserDataScopeMapper; import com.yfd.platform.qgc_data.mapper.SysUserDataScopeMapper;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.utils.SecurityUtils; import com.yfd.platform.utils.SecurityUtils;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
@ -33,6 +34,9 @@ public class SdRvcdDicServiceImpl extends ServiceImpl<SdRvcdDicMapper, SdRvcdDic
@Resource @Resource
private SysUserDataScopeMapper sysUserDataScopeMapper; private SysUserDataScopeMapper sysUserDataScopeMapper;
@Resource
private IAdminAuthService adminAuthService;
@Override @Override
public Page<SdRvcdDic> queryPageList(Page<SdRvcdDic> page, String rvnm, String prvcd) { public Page<SdRvcdDic> queryPageList(Page<SdRvcdDic> page, String rvnm, String prvcd) {
return this.page(page, this.lambdaQuery() return this.page(page, this.lambdaQuery()
@ -120,7 +124,7 @@ public class SdRvcdDicServiceImpl extends ServiceImpl<SdRvcdDicMapper, SdRvcdDic
@Override @Override
public List<SdRvcdDic> selectForDropdown(String rvnm, String rvcd) { public List<SdRvcdDic> selectForDropdown(String rvnm, String rvcd) {
List<SdRvcdDic> dropdownList = this.baseMapper.selectRegDropdown(rvnm, rvcd); List<SdRvcdDic> dropdownList = this.baseMapper.selectRegDropdown(rvnm, rvcd);
if("admin".equals(SecurityUtils.getCurrentUsername())){ if(adminAuthService.isCurrentManagedAdmin()){
return dropdownList; return dropdownList;
} }
Set<String> authorizedStations = getUserAuthorizedStationCodes(); Set<String> authorizedStations = getUserAuthorizedStationCodes();

View File

@ -0,0 +1,39 @@
package com.yfd.platform.system.service;
import java.util.List;
import java.util.Set;
/**
* 超级管理员判断服务
*/
public interface IAdminAuthService {
/**
* 查询超级管理员用户名列表SYS_USER.USERTYPE = 0
*
* @return 超级管理员用户名列表
*/
List<String> getSuperAdminUsernames();
/**
* 查询统一管理的管理员用户名集合
*
* @return 管理员用户名集合
*/
Set<String> getManagedAdminUsernames();
/**
* 判断指定用户名是否为超级管理员
*
* @param username 用户名
* @return 是否为超级管理员
*/
boolean isManagedAdminUsername(String username);
/**
* 判断当前登录用户是否为超级管理员
*
* @return 是否为超级管理员
*/
boolean isCurrentManagedAdmin();
}

View File

@ -103,6 +103,13 @@ public interface IUserService extends IService<SysUser> {
************************************/ ************************************/
ResponseResult resetPassword(String id) throws Exception; ResponseResult resetPassword(String id) throws Exception;
/**
* 查询超级管理员用户名列表SYS_USER.USERTYPE = 0
*
* @return 超级管理员用户名列表
*/
List<String> getSuperAdminUsernames();
/*********************************** /***********************************
* 用途说明设置账号状态(管理员) * 用途说明设置账号状态(管理员)
* 参数说明 * 参数说明

View File

@ -0,0 +1,79 @@
package com.yfd.platform.system.service.impl;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.yfd.platform.system.domain.SysUser;
import com.yfd.platform.system.mapper.SysUserMapper;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.system.service.IUserService;
import com.yfd.platform.utils.SecurityUtils;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
/**
* 超级管理员判断服务实现
*/
@Service
public class AdminAuthServiceImpl implements IAdminAuthService {
private static final Set<String> BUILT_IN_ADMIN_USERNAMES =
new LinkedHashSet<>(Collections.singletonList("admin"));
@Resource
private SysUserMapper userMapper;
@Override
public List<String> getSuperAdminUsernames() {
// 获取当前请求
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>();
queryWrapper.eq(SysUser::getUsertype, 0).select(SysUser::getUsername);
//根据用户名称或手机号查询用户信息
if (attributes != null) {
HttpServletRequest request = attributes.getRequest();
String tenantId = request.getHeader("Tenant_Id");
if(StrUtil.isNotBlank(tenantId)){
queryWrapper.eq(SysUser::getTenantId, tenantId);
}
}
List<SysUser> userList = userMapper.selectList(queryWrapper);
if (CollUtil.isEmpty(userList)) {
return new ArrayList<>();
}
return userList.stream()
.map(SysUser::getUsername)
.filter(StrUtil::isNotBlank)
.distinct()
.collect(Collectors.toList());
}
@Override
public Set<String> getManagedAdminUsernames() {
LinkedHashSet<String> usernames = new LinkedHashSet<>(BUILT_IN_ADMIN_USERNAMES);
usernames.addAll(getSuperAdminUsernames());
return usernames;
}
@Override
public boolean isManagedAdminUsername(String username) {
return StrUtil.isNotBlank(username) && getManagedAdminUsernames().contains(username);
}
@Override
public boolean isCurrentManagedAdmin() {
return isManagedAdminUsername(SecurityUtils.getCurrentUsername());
}
}

View File

@ -11,6 +11,7 @@ import com.yfd.platform.system.domain.SysRole;
import com.yfd.platform.system.domain.SysUser; import com.yfd.platform.system.domain.SysUser;
import com.yfd.platform.system.mapper.SysOrganizationMapper; import com.yfd.platform.system.mapper.SysOrganizationMapper;
import com.yfd.platform.system.mapper.SysRoleMapper; import com.yfd.platform.system.mapper.SysRoleMapper;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.system.service.ISysOrganizationService; import com.yfd.platform.system.service.ISysOrganizationService;
import com.yfd.platform.system.service.IUserService; import com.yfd.platform.system.service.IUserService;
import com.yfd.platform.utils.ObjectConverterUtil; import com.yfd.platform.utils.ObjectConverterUtil;
@ -38,6 +39,9 @@ public class SysOrganizationServiceImpl extends ServiceImpl<SysOrganizationMappe
@Resource @Resource
private UserServiceImpl currentUser; private UserServiceImpl currentUser;
@Resource
private IAdminAuthService adminAuthService;
@Resource @Resource
private IUserService userService; private IUserService userService;
@ -297,7 +301,7 @@ public class SysOrganizationServiceImpl extends ServiceImpl<SysOrganizationMappe
public List<Map<String, Object>> getOrgScopeTree(String roleId, String tenantId) { public List<Map<String, Object>> getOrgScopeTree(String roleId, String tenantId) {
LambdaQueryWrapper<SysOrganization> queryWrapper = new LambdaQueryWrapper<>(); LambdaQueryWrapper<SysOrganization> queryWrapper = new LambdaQueryWrapper<>();
if(!"admin".equals(SecurityUtils.getCurrentUsername())){ if(!adminAuthService.isCurrentManagedAdmin()){
String userId = SecurityUtils.getUserId(); String userId = SecurityUtils.getUserId();
List<SysRole> roles = sysRoleMapper.getRoleByUserId(userId); List<SysRole> roles = sysRoleMapper.getRoleByUserId(userId);
List<String> ids = new ArrayList<>(); List<String> ids = new ArrayList<>();

View File

@ -22,6 +22,7 @@ import com.yfd.platform.system.domain.SysRole;
import com.yfd.platform.system.domain.SysUser; import com.yfd.platform.system.domain.SysUser;
import com.yfd.platform.system.mapper.SysRoleMapper; import com.yfd.platform.system.mapper.SysRoleMapper;
import com.yfd.platform.system.mapper.SysUserMapper; import com.yfd.platform.system.mapper.SysUserMapper;
import com.yfd.platform.system.service.IAdminAuthService;
import com.yfd.platform.system.service.IUserService; import com.yfd.platform.system.service.IUserService;
import com.yfd.platform.utils.FileUtil; import com.yfd.platform.utils.FileUtil;
import com.yfd.platform.utils.PasswordGenerator; import com.yfd.platform.utils.PasswordGenerator;
@ -80,6 +81,9 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
@Resource @Resource
private SysUserDataScopeMapper sysUserDataScopeMapper; private SysUserDataScopeMapper sysUserDataScopeMapper;
@Resource
private IAdminAuthService adminAuthService;
/********************************** /**********************************
* 用途说明:获取当前用户账号及名称 * 用途说明:获取当前用户账号及名称
* 参数说明 * 参数说明
@ -162,7 +166,7 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
//账号有效 //账号有效
sysUser.setStatus(1); sysUser.setStatus(1);
//判断注册的登录账号是否存在 //判断注册的登录账号是否存在
if (isExistAccount(sysUser.getUsername())) { if (isExistAccount(sysUser.getUsername(),sysUser.getTenantId() )) {
//新增用户 //新增用户
boolean ok = this.save(sysUser); boolean ok = this.save(sysUser);
//新增用户分配权限 //新增用户分配权限
@ -419,7 +423,7 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
//账号头像存储地址 //账号头像存储地址
String imgName = String imgName =
fileSpaceProperties.getSystem() + File.separator + "user" + File.separator + sysUser.getAvatar(); fileSpaceProperties.getSystem() + File.separator + "user" + File.separator + sysUser.getAvatar();
if ("admin".equals(sysUser.getUsername())) { if (adminAuthService.isManagedAdminUsername(sysUser.getUsername())) {
return false; return false;
} else { } else {
boolean isOk = this.removeById(id); boolean isOk = this.removeById(id);
@ -446,31 +450,30 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
************************************/ ************************************/
@Override @Override
public ResponseResult resetPassword(String id) throws Exception { public ResponseResult resetPassword(String id) throws Exception {
//根据当前用户id 查询角色表的级别 currentUser.getUser() 获取当前用户id if (hasAdminOperationPermission()) {
String level = sysUserMapper.getMaxLevel(id); SysUser sysUser = sysUserMapper.selectById(id);
//判断是否获取级别 UpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<>();
if ("admin".equals(SecurityUtils.getCurrentUsername()) || StrUtil.isNotEmpty(level)) { String password = PasswordGenerator.generateRandomPassword(sysUser.getUsername());
//判断当前用户级别 管理员及以上权限 //根据id 修改密码密码修改时间最近修改者最近修改日期
if ("admin".equals(SecurityUtils.getCurrentUsername()) || Integer.parseInt(level) <= 2) { String cryptPassword = passwordEncoder.encode(password);
SysUser sysUser = sysUserMapper.selectById(id); updateWrapper.eq("id", id).set("password", cryptPassword).set(
UpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<>(); "pwdresettime",
String password = PasswordGenerator.generateRandomPassword(sysUser.getUsername()); new Timestamp(System.currentTimeMillis())).set(
//根据id 修改密码密码修改时间最近修改者最近修改日期 将密码修改为 123456 "lastmodifydate",
String cryptPassword = passwordEncoder.encode(password); new Timestamp(System.currentTimeMillis())).set(
updateWrapper.eq("id", id).set("password", cryptPassword).set( "lastmodifier", getUsername());
"pwdresettime", //是否修改成功
new Timestamp(System.currentTimeMillis())).set( this.update(updateWrapper);
"lastmodifydate", return ResponseResult.successData(password);
new Timestamp(System.currentTimeMillis())).set(
"lastmodifier", getUsername());
//是否修改成功
this.update(updateWrapper);
return ResponseResult.successData(password);
}
} }
return ResponseResult.error(); return ResponseResult.error();
} }
@Override
public List<String> getSuperAdminUsernames() {
return adminAuthService.getSuperAdminUsernames();
}
/*********************************** /***********************************
* 用途说明设置账号状态(管理员) * 用途说明设置账号状态(管理员)
* 参数说明 * 参数说明
@ -481,10 +484,8 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
@Override @Override
public boolean setStatus(String id, String status) { public boolean setStatus(String id, String status) {
boolean isOk = false; boolean isOk = false;
//根据当前用户id 查询角色表的级别 currentUser.getUser() 获取当前用户id
String level = sysUserMapper.getMaxLevel(id);
//判断当前用户级别 管理员及以上权限 //判断当前用户级别 管理员及以上权限
if ("admin".equals(SecurityUtils.getCurrentUsername()) || Integer.parseInt(level) <= 2) { if (hasAdminOperationPermission()) {
UpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<>(); UpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<>();
//根据id修改用户状态最近修改人最近修改时间 //根据id修改用户状态最近修改人最近修改时间
updateWrapper.eq("id", id).set("status", status).set( updateWrapper.eq("id", id).set("status", status).set(
@ -497,6 +498,35 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
return isOk; return isOk;
} }
private boolean hasAdminOperationPermission() {
if (adminAuthService.isCurrentManagedAdmin()) {
return true;
}
String currentUserId = SecurityUtils.getUserId();
String level = sysUserMapper.getMaxLevel(currentUserId);
Integer roleLevel = parseRoleLevel(level);
return roleLevel != null && roleLevel <= 2;
}
private boolean isCurrentManagedAdmin() {
return adminAuthService.isCurrentManagedAdmin();
}
private boolean isManagedAdminUsername(String username) {
return adminAuthService.isManagedAdminUsername(username);
}
private Set<String> getManagedAdminUsernames() {
return adminAuthService.getManagedAdminUsernames();
}
private Integer parseRoleLevel(String level) {
if (StrUtil.isBlank(level) || !StrUtil.isNumeric(level)) {
return null;
}
return Integer.parseInt(level);
}
/*********************************** /***********************************
* 用途说明上传用户头像 * 用途说明上传用户头像
* 参数说明 * 参数说明
@ -864,9 +894,9 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
* account 登录名称 * account 登录名称
* 返回值说明: 重复返回 false 否则返回 true * 返回值说明: 重复返回 false 否则返回 true
************************************/ ************************************/
private boolean isExistAccount(String username) { private boolean isExistAccount(String username,String tenantId) {
QueryWrapper<SysUser> queryWrapper = new QueryWrapper<>(); QueryWrapper<SysUser> queryWrapper = new QueryWrapper<>();
if (this.list(queryWrapper.eq("username", username)).size() > 0) { if (this.list(queryWrapper.eq("username", username).eq("TENANT_ID", tenantId)).size() > 0) {
//判断 查询登录账号 结果集是否为null 重复返回 false 否则返回 tree //判断 查询登录账号 结果集是否为null 重复返回 false 否则返回 tree
return false; return false;
} else { } else {