test-version22
/
MeterSphere
mirror of https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix(系统设置): 添加系统用户组成员时检查权限

This commit is contained in:
shiziyuan9527 2022-12-19 17:52:26 +08:00 committed by lyh
parent 4ca06b9d82
commit 4437209695
3 changed files with 28 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
project-management/backend/src/main/java/io/metersphere/service/GroupService.java
View File

@ -511,12 +511,10 @@ public class GroupService {
return;
}
if (StringUtils.equals(group.getType(), UserGroupType.SYSTEM)) {
this.addSystemGroupUser(group, request.getUserIds());
if (!StringUtils.equals(group.getType(), UserGroupType.SYSTEM) && CollectionUtils.isNotEmpty(request.getSourceIds())) {
this.addNotSystemGroupUser(group, request.getUserIds(), request.getSourceIds());
} else {
if (CollectionUtils.isNotEmpty(request.getSourceIds())) {
this.addNotSystemGroupUser(group, request.getUserIds(), request.getSourceIds());
}
LogUtil.warn("no permission to add system group!");
}
}

8
system-setting/backend/src/main/java/io/metersphere/service/GroupService.java
View File

@ -471,7 +471,13 @@ public class GroupService {
}
if (StringUtils.equals(group.getType(), UserGroupType.SYSTEM)) {
this.addSystemGroupUser(group, request.getUserIds());
SessionUser user = Objects.requireNonNull(SessionUtils.getUser());
long count = user.getGroups().stream().filter(g -> StringUtils.equals(g.getType(), UserGroupType.SYSTEM)).count();
if (count > 0) {
this.addSystemGroupUser(group, request.getUserIds());
} else {
LogUtil.warn("no permission to add system group!");
}
} else {
if (CollectionUtils.isNotEmpty(request.getSourceIds())) {
this.addNotSystemGroupUser(group, request.getUserIds(), request.getSourceIds());

30
system-setting/backend/src/main/java/io/metersphere/service/UserService.java
View File

@ -808,25 +808,31 @@ public class UserService {
}
}
SessionUser user = Objects.requireNonNull(SessionUtils.getUser());
long systemGroupCount = user.getGroups().stream().filter(g -> StringUtils.equals(g.getType(), UserGroupType.SYSTEM)).count();
for (String userId : userIds) {
Set<String> set = sourceMap.keySet();
for (String group : set) {
Group gp = groupMapper.selectByPrimaryKey(group);
if (gp != null) {
if (StringUtils.equals(UserGroupType.SYSTEM, gp.getType())) {
UserGroupExample userGroupExample = new UserGroupExample();
userGroupExample.createCriteria().andGroupIdEqualTo(group).andUserIdEqualTo(userId);
List<UserGroup> userGroups = userGroupMapper.selectByExample(userGroupExample);
if (CollectionUtils.isEmpty(userGroups)) {
UserGroup userGroup = new UserGroup();
userGroup.setId(UUID.randomUUID().toString());
userGroup.setGroupId(group);
userGroup.setSourceId("system");
userGroup.setUserId(userId);
userGroup.setUpdateTime(System.currentTimeMillis());
userGroup.setCreateTime(System.currentTimeMillis());
userGroupMapper.insertSelective(userGroup);
if (systemGroupCount > 0) {
UserGroupExample userGroupExample = new UserGroupExample();
userGroupExample.createCriteria().andGroupIdEqualTo(group).andUserIdEqualTo(userId);
List<UserGroup> userGroups = userGroupMapper.selectByExample(userGroupExample);
if (CollectionUtils.isEmpty(userGroups)) {
UserGroup userGroup = new UserGroup();
userGroup.setId(UUID.randomUUID().toString());
userGroup.setGroupId(group);
userGroup.setSourceId("system");
userGroup.setUserId(userId);
userGroup.setUpdateTime(System.currentTimeMillis());
userGroup.setCreateTime(System.currentTimeMillis());
userGroupMapper.insertSelective(userGroup);
}
}
} else {
// 组织工作空间项目
UserGroupExample userGroupExample = new UserGroupExample();