优化用户

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java

@@ -210,7 +210,7 @@ public class SysUserController extends BaseController {
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@Validated @RequestBody SysUser user) throws Exception {
-        userService.checkUserAllowed(user);
+        userService.checkUserAllowed(user.getUserId());
         userService.checkUserDataScope(user.getUserId());
         if (!userService.checkUserNameUnique(user)) {
             return error("修改用户'" + user.getUserName() + "'失败，登录账号已存在");
@@ -243,7 +243,7 @@ public class SysUserController extends BaseController {
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping("/resetPwd")
     public AjaxResult resetPwd(@RequestBody SysUser user) throws Exception {
-        userService.checkUserAllowed(user);
+        userService.checkUserAllowed(user.getUserId());
         userService.checkUserDataScope(user.getUserId());
         return toAjax(userService.resetPwd(user));
     }
@@ -255,7 +255,7 @@ public class SysUserController extends BaseController {
     @Log(title = "用户管理", businessType = BusinessType.UPDATE)
     @PutMapping("/changeStatus")
     public AjaxResult changeStatus(@RequestBody SysUser user) {
-        userService.checkUserAllowed(user);
+        userService.checkUserAllowed(user.getUserId());
         userService.checkUserDataScope(user.getUserId());
         user.setUpdateBy(SecurityUtils.getUsername());
         return toAjax(userService.updateUserStatus(user));
@@ -282,7 +282,7 @@ public class SysUserController extends BaseController {
     @Log(title = "用户管理", businessType = BusinessType.GRANT)
     @PutMapping("/authRole/{userId}")
     public AjaxResult insertAuthRole(@PathVariable("userId") Long userId, @RequestBody Long[] roleIds) {
-        userService.checkUserAllowed(new SysUser(userId));
+        userService.checkUserAllowed(userId);
         userService.checkUserDataScope(userId);
         userService.insertUserAuth(userId, roleIds);
         return success();

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java

@@ -96,7 +96,7 @@ public interface ISysUserService
      * 
      * @param user 用户信息
      */
-    public void checkUserAllowed(SysUser user);
+    public void checkUserAllowed(Long userId);
 
     /**
      * 校验用户是否有数据权限

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java

@@ -7,7 +7,9 @@ import java.util.List;
 import java.util.Set;
 
 import com.ruoyi.system.api.constant.Constant;
+import com.ruoyi.system.service.ISysUserService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import com.ruoyi.common.core.constant.UserConstants;
@@ -46,6 +48,9 @@ public class SysRoleServiceImpl implements ISysRoleService {
     @Autowired
     private SysRoleDeptMapper roleDeptMapper;
 
+    @Autowired
+    @Lazy
+    private ISysUserService userService;
     /**
      * 根据条件分页查询角色数据
      *
@@ -364,6 +369,8 @@ public class SysRoleServiceImpl implements ISysRoleService {
      */
     @Override
     public int deleteAuthUser(SysUserRole userRole) {
+        checkRoleAllowed(roleMapper.selectRoleById(userRole.getRoleId()));
+        userService.checkUserAllowed(userRole.getUserId());
         return userRoleMapper.deleteUserRoleInfo(userRole);
     }
 
@@ -376,6 +383,10 @@ public class SysRoleServiceImpl implements ISysRoleService {
      */
     @Override
     public int deleteAuthUsers(Long roleId, Long[] userIds) {
+        checkRoleAllowed(roleMapper.selectRoleById(roleId));
+        for (Long userId : userIds) {
+            userService.checkUserAllowed(userId);
+        }
         return userRoleMapper.deleteUserRoleInfos(roleId, userIds);
     }
 

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java

@@ -220,8 +220,8 @@ public class SysUserServiceImpl implements ISysUserService {
      * @param user 用户信息
      */
     @Override
-    public void checkUserAllowed(SysUser user) {
-        if (StringUtils.isNotNull(user.getUserId()) &&  roleService.checkIsAdmin(user.getUserId()) && !SecurityUtils.getUserId().equals(user.getUserId())) {
+    public void checkUserAllowed(Long userId) {
+        if (StringUtils.isNotNull(userId) &&  roleService.checkIsAdmin(userId) && !SecurityUtils.getUserId().equals(userId)) {
             throw new ServiceException("不允许操作超级管理员用户");
         }
     }
@@ -522,7 +522,7 @@ public class SysUserServiceImpl implements ISysUserService {
     @Transactional(rollbackFor = Exception.class)
     public int deleteUserByIds(Long[] userIds) throws Exception {
         for (Long userId : userIds) {
-            checkUserAllowed(new SysUser(userId));
+            checkUserAllowed(userId);
             checkUserDataScope(userId);
         }
         // 删除用户与角色关联
@@ -580,7 +580,7 @@ public class SysUserServiceImpl implements ISysUserService {
                     successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 导入成功");
                 } else if (isUpdateSupport) {
                     BeanValidators.validateWithException(validator, user);
-                    checkUserAllowed(u);
+                    checkUserAllowed(u.getUserId());
                     checkUserDataScope(u.getUserId());
                     user.setUserId(u.getUserId());
                     user.setUpdateBy(operName);