xieyinlu/zhilu-admin
1
0
Fork 0
mirror of https://github.com/ccmjga/zhilu-admin synced 2026-04-02 18:03:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

defense

Browse Source
This commit is contained in:
Chuck1sn
2025-05-26 13:22:08 +08:00
parent 55ce8600d5
commit f66be3bc8c
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
backend/src/main/java/com/zl/mjga/controller/IdentityAccessController.java
View File

@@ -7,6 +7,7 @@ import com.zl.mjga.dto.permission.PermissionBindDto;
import com.zl.mjga.dto.position.PositionBindDto; import com.zl.mjga.dto.position.PositionBindDto;
import com.zl.mjga.dto.role.RoleBindDto; import com.zl.mjga.dto.role.RoleBindDto;
import com.zl.mjga.dto.urp.*; import com.zl.mjga.dto.urp.*;
import com.zl.mjga.exception.BusinessException;
import com.zl.mjga.repository.PermissionRepository; import com.zl.mjga.repository.PermissionRepository;
import com.zl.mjga.repository.RoleRepository; import com.zl.mjga.repository.RoleRepository;
import com.zl.mjga.repository.UserRepository; import com.zl.mjga.repository.UserRepository;
@@ -65,6 +66,9 @@ public class IdentityAccessController {
@PreAuthorize("hasAuthority(T(com.zl.mjga.model.urp.EPermission).DELETE_USER_ROLE_PERMISSION)") @PreAuthorize("hasAuthority(T(com.zl.mjga.model.urp.EPermission).DELETE_USER_ROLE_PERMISSION)")
@DeleteMapping("/user") @DeleteMapping("/user")
void deleteUser(@RequestParam Long userId) { void deleteUser(@RequestParam Long userId) {
if (userId == 1) {
throw new BusinessException("演示系统不允许操作管理员角色");
}
userRepository.deleteById(userId); userRepository.deleteById(userId);
} }
@@ -77,6 +81,9 @@ public class IdentityAccessController {
@PreAuthorize("hasAuthority(T(com.zl.mjga.model.urp.EPermission).WRITE_USER_ROLE_PERMISSION)") @PreAuthorize("hasAuthority(T(com.zl.mjga.model.urp.EPermission).WRITE_USER_ROLE_PERMISSION)")
@DeleteMapping("/role") @DeleteMapping("/role")
void deleteRole(@RequestParam Long roleId) { void deleteRole(@RequestParam Long roleId) {
if (roleId == 1) {
throw new BusinessException("演示系统不允许删除管理员角色");
}
roleRepository.deleteById(roleId); roleRepository.deleteById(roleId);
} }
@@ -95,6 +102,9 @@ public class IdentityAccessController {
@PreAuthorize("hasAuthority(T(com.zl.mjga.model.urp.EPermission).WRITE_USER_ROLE_PERMISSION)") @PreAuthorize("hasAuthority(T(com.zl.mjga.model.urp.EPermission).WRITE_USER_ROLE_PERMISSION)")
@DeleteMapping("/permission") @DeleteMapping("/permission")
void deletePermission(@RequestParam Long permissionId) { void deletePermission(@RequestParam Long permissionId) {
if (permissionId < 10) {
throw new BusinessException("演示系统不允许删除原有权限");
}
permissionRepository.deleteById(permissionId); permissionRepository.deleteById(permissionId);
} }
@@ -134,6 +144,9 @@ public class IdentityAccessController {
@PostMapping("/role/unbind") @PostMapping("/role/unbind")
@ResponseStatus(HttpStatus.OK) @ResponseStatus(HttpStatus.OK)
void unBindRoleBy(@RequestBody @Valid RoleBindDto roleBindDto) { void unBindRoleBy(@RequestBody @Valid RoleBindDto roleBindDto) {
if (roleBindDto.userId() == 1) {
throw new BusinessException("演示系统不允许操作管理员");
}
identityAccessService.unBindRoleToUser(roleBindDto.userId(), roleBindDto.roleIds()); identityAccessService.unBindRoleToUser(roleBindDto.userId(), roleBindDto.roleIds());
} }
@@ -149,6 +162,9 @@ public class IdentityAccessController {
@PostMapping("/permission/unbind") @PostMapping("/permission/unbind")
@ResponseStatus(HttpStatus.OK) @ResponseStatus(HttpStatus.OK)
void unBindPermissionBy(@RequestBody @Valid PermissionBindDto permissionBindDto) { void unBindPermissionBy(@RequestBody @Valid PermissionBindDto permissionBindDto) {
if (permissionBindDto.roleId() == 1) {
throw new BusinessException("演示系统不允许操作管理员角色");
}
identityAccessService.unBindPermissionBy( identityAccessService.unBindPermissionBy(
permissionBindDto.roleId(), permissionBindDto.permissionIds()); permissionBindDto.roleId(), permissionBindDto.permissionIds());
} }