From cdb509a4fa10bf32fd1341e04dee7c9c9c7f8c20 Mon Sep 17 00:00:00 2001 From: jenn <244251889@qq.com> Date: Fri, 10 Mar 2023 21:15:54 +0800 Subject: [PATCH] =?UTF-8?q?fix=20=E4=BF=AE=E5=A4=8D=E7=94=A8=E6=88=B7?= =?UTF-8?q?=E7=9B=B8=E5=85=B3=E6=9B=B4=E6=96=B0=E6=93=8D=E4=BD=9C=E4=BC=9A?= =?UTF-8?q?=E8=B6=8A=E6=9D=83=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../system/SysProfileController.java | 5 +- .../controller/system/SysUserController.java | 2 +- .../ruoyi/system/mapper/SysUserMapper.java | 14 +++ .../ruoyi/system/service/ISysUserService.java | 16 +--- .../service/impl/SysUserServiceImpl.java | 90 +++++++++++++------ 5 files changed, 84 insertions(+), 43 deletions(-) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysProfileController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysProfileController.java index 28b21c9ca..34aaae54f 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysProfileController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysProfileController.java @@ -83,7 +83,6 @@ public class SysProfileController extends BaseController { @PutMapping("/updatePwd") public R updatePwd(String oldPassword, String newPassword) { SysUserVo user = userService.selectUserById(LoginHelper.getUserId()); - String userName = user.getUserName(); String password = user.getPassword(); if (!BCrypt.checkpw(oldPassword, password)) { return R.fail("修改密码失败,旧密码错误"); @@ -92,7 +91,7 @@ public class SysProfileController extends BaseController { return R.fail("新密码不能与旧密码相同"); } - if (userService.resetUserPwd(userName, BCrypt.hashpw(newPassword)) > 0) { + if (userService.resetUserPwd(user.getUserId(), BCrypt.hashpw(newPassword)) > 0) { return R.ok(); } return R.fail("修改密码异常,请联系管理员"); @@ -113,7 +112,7 @@ public class SysProfileController extends BaseController { } SysOssVo oss = sysOssService.upload(avatarfile); String avatar = oss.getUrl(); - if (userService.updateUserAvatar(LoginHelper.getUsername(), oss.getOssId())) { + if (userService.updateUserAvatar(LoginHelper.getUserId(), oss.getOssId())) { AvatarVo avatarVo = new AvatarVo(); avatarVo.setImgUrl(avatar); return R.ok(avatarVo); diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysUserController.java index ed4d5efdc..bc067a51f 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysUserController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysUserController.java @@ -182,7 +182,7 @@ public class SysUserController extends BaseController { userService.checkUserAllowed(user); userService.checkUserDataScope(user.getUserId()); user.setPassword(BCrypt.hashpw(user.getPassword())); - return toAjax(userService.resetPwd(user)); + return toAjax(userService.resetUserPwd(user.getUserId(),user.getPassword())); } /** diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java index 8fe414859..19df29bba 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java @@ -106,4 +106,18 @@ public interface SysUserMapper extends BaseMapperPlus updateWrapper); + + @Override + @DataPermission({ + @DataColumn(key = "deptName", value = "dept_id"), + @DataColumn(key = "userName", value = "user_id") + }) + int updateById(@Param(Constants.ENTITY) SysUser user); + } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java index e1c4c2219..b39a47391 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java @@ -170,28 +170,20 @@ public interface ISysUserService { /** * 修改用户头像 * - * @param userName 用户名 + * @param userId 用户ID * @param avatar 头像地址 * @return 结果 */ - boolean updateUserAvatar(String userName, Long avatar); + boolean updateUserAvatar(Long userId, Long avatar); /** * 重置用户密码 * - * @param user 用户信息 - * @return 结果 - */ - int resetPwd(SysUserBo user); - - /** - * 重置用户密码 - * - * @param userName 用户名 + * @param userId 用户ID * @param password 密码 * @return 结果 */ - int resetUserPwd(String userName, String password); + int resetUserPwd(Long userId, String password); /** * 通过用户ID删除用户 diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java index 598ce4778..ea9cf9434 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java @@ -36,8 +36,10 @@ import org.springframework.cache.annotation.Cacheable; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import java.util.Arrays; import java.util.List; import java.util.Map; +import java.util.stream.Collectors; /** * 用户 业务层处理 @@ -317,7 +319,12 @@ public class SysUserServiceImpl implements ISysUserService, UserService { // 新增用户与岗位管理 insertUserPost(user); SysUser sysUser = MapstructUtils.convert(user, SysUser.class); - return baseMapper.updateById(sysUser); + //防止错误更新后导致的数据误删除 + int flag = baseMapper.updateById(sysUser); + if (flag <= 0){ + throw new ServiceException("修改用户"+user.getUserName()+"信息失败"); + } + return flag; } /** @@ -342,8 +349,10 @@ public class SysUserServiceImpl implements ISysUserService, UserService { */ @Override public int updateUserStatus(SysUserBo user) { - SysUser sysUser = MapstructUtils.convert(user, SysUser.class); - return baseMapper.updateById(sysUser); + return baseMapper.update(null, + new LambdaUpdateWrapper() + .set(SysUser::getStatus, user.getStatus()) + .eq(SysUser::getUserId, user.getUserId())); } /** @@ -354,50 +363,43 @@ public class SysUserServiceImpl implements ISysUserService, UserService { */ @Override public int updateUserProfile(SysUserBo user) { - SysUser sysUser = MapstructUtils.convert(user, SysUser.class); - return baseMapper.updateById(sysUser); + return baseMapper.update(null, + new LambdaUpdateWrapper() + .set(ObjectUtil.isNotNull(user.getNickName()), SysUser::getNickName, user.getNickName()) + .set(SysUser::getPhonenumber, user.getPhonenumber()) + .set(SysUser::getEmail, user.getEmail()) + .set(SysUser::getSex, user.getSex()) + .eq(SysUser::getUserId, user.getUserId())); } /** * 修改用户头像 * - * @param userName 用户名 + * @param userId 用户ID * @param avatar 头像地址 * @return 结果 */ @Override - public boolean updateUserAvatar(String userName, Long avatar) { + public boolean updateUserAvatar(Long userId, Long avatar) { return baseMapper.update(null, new LambdaUpdateWrapper() .set(SysUser::getAvatar, avatar) - .eq(SysUser::getUserName, userName)) > 0; + .eq(SysUser::getUserId, userId)) > 0; } /** * 重置用户密码 * - * @param user 用户信息 - * @return 结果 - */ - @Override - public int resetPwd(SysUserBo user) { - SysUser sysUser = MapstructUtils.convert(user, SysUser.class); - return baseMapper.updateById(sysUser); - } - - /** - * 重置用户密码 - * - * @param userName 用户名 + * @param userId 用户ID * @param password 密码 * @return 结果 */ @Override - public int resetUserPwd(String userName, String password) { + public int resetUserPwd(Long userId, String password) { return baseMapper.update(null, new LambdaUpdateWrapper() .set(SysUser::getPassword, password) - .eq(SysUser::getUserName, userName)); + .eq(SysUser::getUserId, userId)); } /** @@ -417,8 +419,20 @@ public class SysUserServiceImpl implements ISysUserService, UserService { public void insertUserPost(SysUserBo user) { Long[] posts = user.getPostIds(); if (ArrayUtil.isNotEmpty(posts)) { + //判断是否具有此角色的岗位权限 + List postList = postMapper.selectPostListByUserId(LoginHelper.getUserId()); + if (postList.isEmpty()){ + throw new ServiceException("您不具有操作岗位的权限"); + } + List postIdList = Arrays.asList(posts); + List canDoPostList = postIdList.stream() + .filter(postList::contains) + .collect(Collectors.toList()); + if (canDoPostList.isEmpty()){ + throw new ServiceException("您不具有操作当前岗位的权限"); + } // 新增用户与岗位管理 - List list = StreamUtils.toList(List.of(posts), postId -> { + List list = StreamUtils.toList(canDoPostList, postId -> { SysUserPost up = new SysUserPost(); up.setUserId(user.getUserId()); up.setPostId(postId); @@ -436,8 +450,20 @@ public class SysUserServiceImpl implements ISysUserService, UserService { */ public void insertUserRole(Long userId, Long[] roleIds) { if (ArrayUtil.isNotEmpty(roleIds)) { + //判断是否具有此角色的操作权限 + List roleList = roleMapper.selectRoleListByUserId(LoginHelper.getUserId()); + if (roleList.isEmpty()){ + throw new ServiceException("您不具有操作角色的权限"); + } + List roleIdList = Arrays.asList(roleIds); + List canDoRoleList = roleIdList.stream() + .filter(roleList::contains) + .collect(Collectors.toList()); + if (canDoRoleList.isEmpty()){ + throw new ServiceException("您不具有操作当前角色的权限"); + } // 新增用户与角色管理 - List list = StreamUtils.toList(List.of(roleIds), roleId -> { + List list = StreamUtils.toList(canDoRoleList, roleId -> { SysUserRole ur = new SysUserRole(); ur.setUserId(userId); ur.setRoleId(roleId); @@ -460,7 +486,12 @@ public class SysUserServiceImpl implements ISysUserService, UserService { userRoleMapper.delete(new LambdaQueryWrapper().eq(SysUserRole::getUserId, userId)); // 删除用户与岗位表 userPostMapper.delete(new LambdaQueryWrapper().eq(SysUserPost::getUserId, userId)); - return baseMapper.deleteById(userId); + // 防止更新失败导致的数据删除 + int flag = baseMapper.deleteById(userId); + if (flag <= 0){ + throw new ServiceException("删除用户发生异常"); + } + return flag; } /** @@ -481,7 +512,12 @@ public class SysUserServiceImpl implements ISysUserService, UserService { userRoleMapper.delete(new LambdaQueryWrapper().in(SysUserRole::getUserId, ids)); // 删除用户与岗位表 userPostMapper.delete(new LambdaQueryWrapper().in(SysUserPost::getUserId, ids)); - return baseMapper.deleteBatchIds(ids); + // 防止更新失败导致的数据删除 + int flag = baseMapper.deleteBatchIds(ids); + if (flag <= 0){ + throw new ServiceException("删除用户发生异常"); + } + return flag; } @Cacheable(cacheNames = CacheNames.SYS_USER_NAME, key = "#userId")