fix(系统): 修复列表修改用户组权限问题

--bug=1046471 --user=王旭 【系统】组织用户组的项目添加成员和编辑成员权限勾选,所属用户仍无权限添加/编辑成员 https://www.tapd.cn/55049933/s/1580238
This commit is contained in:
WangXu10 2024-09-18 18:36:26 +08:00 committed by Craftsman
parent e29704e89b
commit 0a4a603888
4 changed files with 7 additions and 5 deletions

View File

@ -24,6 +24,7 @@ import io.swagger.v3.oas.annotations.Parameters;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
@ -64,8 +65,8 @@ public class ProjectMemberController {
@GetMapping("/get-role/option/{projectId}")
@Operation(summary = "项目管理-成员-获取用户组下拉选项")
@RequiresPermissions(PermissionConstants.PROJECT_USER_READ)
@CheckOwner(resourceId = "#projectId", resourceType = "project")
//@RequiresPermissions(PermissionConstants.PROJECT_USER_READ)
@RequiresPermissions(value = {PermissionConstants.PROJECT_USER_READ, PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ}, logical = Logical.OR)
public List<OptionDTO> getRoleOption(@PathVariable String projectId) {
return projectMemberService.getRoleOption(projectId);
}
@ -130,7 +131,6 @@ public class ProjectMemberController {
@PostMapping("/update-member")
@Operation(summary = "系统设置-系统-组织与项-项目-更新成员用户组")
@RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_MEMBER_UPDATE)
@CheckOwner(resourceId = "#request.getProjectId()", resourceType = "project")
public void updateProjectMemberRole(@RequestBody ProjectMemberEditRequest request) {
projectMemberService.updateMember(request, SessionUtils.getUserId(), "/project/member/update-member", OperationLogModule.SETTING_ORGANIZATION_PROJECT);
}

View File

@ -107,7 +107,8 @@ public class OrganizationController {
@GetMapping("/user/role/list/{organizationId}")
@Operation(summary = "系统设置-组织-成员-获取当前组织下的所有自定义用户组以及组织级别的用户组")
@RequiresPermissions(PermissionConstants.ORGANIZATION_MEMBER_READ)
//@RequiresPermissions(PermissionConstants.ORGANIZATION_MEMBER_READ)
@RequiresPermissions(value = {PermissionConstants.ORGANIZATION_MEMBER_READ, PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ}, logical = Logical.OR)
public List<OptionDTO> getUserRoleList(@PathVariable(value = "organizationId") String organizationId) {
return organizationService.getUserRoleList(organizationId);
}

View File

@ -30,6 +30,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.annotation.Resource;
import jakarta.validation.constraints.NotBlank;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
@ -124,7 +125,6 @@ public class SystemProjectController {
@PostMapping("/member-list")
@RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ)
@Operation(summary = "系统设置-系统-组织与项目-项目-成员列表")
@CheckOwner(resourceId = "#request.projectId", resourceType = "project")
public Pager<List<UserExtendDTO>> getProjectMember(@Validated @RequestBody ProjectMemberRequest request) {
Page<Object> page = PageHelper.startPage(request.getCurrent(), request.getPageSize());
return PageUtils.setPageInfo(page, systemProjectService.getProjectMember(request));

View File

@ -265,6 +265,7 @@
() => {
setLoadListParams({ projectId: props.projectId });
fetchData();
getUserGroupOptions();
}
);
watch(