fix(系统设置): 当前登录用户禁止自己禁用自己

--bug=1031758 --user=宋天阳 系统设置-用户管理-当前登录用户禁止自己禁用自己
https://www.tapd.cn/55049933/s/1428459

backend/framework/sdk/src/main/resources/i18n/system.properties

@@ -83,6 +83,7 @@ test_resource_pool.type.length_range=资源池类型长度必须在{min}和{max}
 test_resource_pool.status.not_blank=资源池状态不能为空
 test_resource_pool.status.length_range=资源池状态长度必须在{min}和{max}之间
 user.not.delete=用户不能删除
+user.not.disable=用户不能禁用
 user.id.not_blank=用户ID不能为空
 user.name.not_blank=用户名称不能为空
 user.name.length_range=用户名称长度必须在{min}和{max}之间

backend/framework/sdk/src/main/resources/i18n/system_en_US.properties

@@ -84,6 +84,7 @@ test_resource_pool.type.length_range=Test resource pool type must be between {mi
 test_resource_pool.status.not_blank=Test resource pool status must not be blank
 test_resource_pool.status.length_range=Test resource pool status must be between {min} and {max} characters long
 user.not.delete=User can't delete
+user.not.disable=User can't disable
 user.id.not_blank=User id must not be blank
 user.name.not_blank=Username must not be blank
 user.name.length_range=Username must be between {min} and {max} characters long

backend/framework/sdk/src/main/resources/i18n/system_zh_CN.properties

@@ -84,6 +84,7 @@ test_resource_pool.type.length_range=资源池类型长度必须在{min}和{max}
 test_resource_pool.status.not_blank=资源池状态不能为空
 test_resource_pool.status.length_range=资源池状态长度必须在{min}和{max}之间
 user.not.delete=用户不能删除
+user.not.disable=用户不能禁用
 user.id.not_blank=用户ID不能为空
 user.name.not_blank=用户名称不能为空
 user.name.length_range=用户名称长度必须在{min}和{max}之间

backend/framework/sdk/src/main/resources/i18n/system_zh_TW.properties

@@ -84,6 +84,7 @@ test_resource_pool.type.length_range=資源池類型長度必須在{min}和{max}
 test_resource_pool.status.not_blank=資源池狀態不能為空
 test_resource_pool.status.length_range=資源池狀態長度必須在{min}和{max}之間
 user.not.delete=用戶不能刪除
+user.not.disable=用戶不能禁用
 user.id.not_blank=用戶ID不能為空
 user.name.not_blank=用戶名稱不能為空
 user.name.length_range=用戶名稱長度必須在{min}和{max}之間

backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java

@@ -97,7 +97,7 @@ public class UserController {
     @RequiresPermissions(PermissionConstants.SYSTEM_USER_UPDATE)
     @Log(type = OperationLogType.UPDATE, expression = "#msClass.batchUpdateEnableLog(#request)", msClass = UserLogService.class)
     public TableBatchProcessResponse updateUserEnable(@Validated @RequestBody UserChangeEnableRequest request) {
-        return userService.updateUserEnable(request, SessionUtils.getSessionId());
+        return userService.updateUserEnable(request, SessionUtils.getUserId(), SessionUtils.getUser().getName());
     }
 
     @PostMapping(value = "/import", consumes = {"multipart/form-data"})

backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java

@@ -181,9 +181,15 @@ public class UserService {
         return userEditRequest;
     }
 
-    public TableBatchProcessResponse updateUserEnable(UserChangeEnableRequest request, String operator) {
+    public TableBatchProcessResponse updateUserEnable(UserChangeEnableRequest request, String operatorId, String operatorName) {
         request.setSelectIds(userToolService.getBatchUserIds(request));
         this.checkUserInDb(request.getSelectIds());
+
+        if (!request.isEnable()) {
+            //不能禁用当前用户和admin
+            this.checkProcessUserAndThrowException(request.getSelectIds(), operatorId, operatorName, Translator.get("user.not.disable"));
+        }
+
         TableBatchProcessResponse response = new TableBatchProcessResponse();
         response.setTotalCount(request.getSelectIds().size());
         UserExample userExample = new UserExample();
@@ -192,7 +198,7 @@ public class UserService {
         );
         User updateUser = new User();
         updateUser.setEnable(request.isEnable());
-        updateUser.setUpdateUser(operator);
+        updateUser.setUpdateUser(operatorId);
         updateUser.setUpdateTime(System.currentTimeMillis());
         response.setSuccessCount(userMapper.updateByExampleSelective(updateUser, userExample));
         return response;
@@ -270,7 +276,7 @@ public class UserService {
         List<String> userIdList = userToolService.getBatchUserIds(request);
         this.checkUserInDb(userIdList);
         //检查是否含有Admin
-        this.checkCannotDeleteUserAndThrowException(userIdList, operatorId, operatorName);
+        this.checkProcessUserAndThrowException(userIdList, operatorId, operatorName, Translator.get("user.not.delete"));
         UserExample userExample = new UserExample();
         userExample.createCriteria().andIdIn(userIdList);
         //更新删除标志位
@@ -282,10 +288,17 @@ public class UserService {
         return response;
     }
 
-    private void checkCannotDeleteUserAndThrowException(List<String> userIdList, String operatorId, String operatorName) {
+    /**
+     * 检查要处理的用户并抛出异常
+     *
+     * @param userIdList
+     * @param operatorId
+     * @param operatorName
+     */
+    private void checkProcessUserAndThrowException(List<String> userIdList, String operatorId, String operatorName, String exceptionMessage) {
         for (String userId : userIdList) {
             if (StringUtils.equalsAny(userId, "admin", operatorId)) {
-                throw new MSException(Translator.get("user.not.delete") + ":" + operatorName);
+                throw new MSException(exceptionMessage + ":" + operatorName);
             }
         }
     }

backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerTests.java

@@ -2,12 +2,10 @@ package io.metersphere.system.controller.user;
 
 import io.metersphere.project.domain.Project;
 import io.metersphere.project.mapper.ProjectMapper;
+import io.metersphere.sdk.dto.*;
+import io.metersphere.sdk.util.*;
 import io.metersphere.system.base.BaseTest;
 import io.metersphere.system.controller.handler.ResultHolder;
-import io.metersphere.sdk.dto.*;
-import io.metersphere.system.log.constants.OperationLogType;
-import io.metersphere.system.uid.UUID;
-import io.metersphere.sdk.util.*;
 import io.metersphere.system.domain.User;
 import io.metersphere.system.domain.UserExample;
 import io.metersphere.system.domain.UserInvite;
@@ -18,6 +16,7 @@ import io.metersphere.system.dto.excel.UserExcelRowDTO;
 import io.metersphere.system.dto.request.UserInviteRequest;
 import io.metersphere.system.dto.request.UserRegisterRequest;
 import io.metersphere.system.dto.response.UserInviteResponse;
+import io.metersphere.system.log.constants.OperationLogType;
 import io.metersphere.system.mapper.UserInviteMapper;
 import io.metersphere.system.mapper.UserMapper;
 import io.metersphere.system.mapper.UserRoleRelationMapper;
@@ -30,6 +29,7 @@ import io.metersphere.system.response.user.UserTableResponse;
 import io.metersphere.system.service.GlobalUserRoleRelationService;
 import io.metersphere.system.service.UserService;
 import io.metersphere.system.service.UserToolService;
+import io.metersphere.system.uid.UUID;
 import io.metersphere.system.utils.user.UserParamUtils;
 import io.metersphere.system.utils.user.UserRequestUtils;
 import jakarta.annotation.Resource;
@@ -453,6 +453,11 @@ public class UserControllerTests extends BaseTest {
             this.add("BCDEDIT");
         }});
         this.requestPost(UserRequestUtils.URL_USER_UPDATE_ENABLE, userChangeEnableRequest, ERROR_REQUEST_MATCHER);
+        //含有当前用户
+        userChangeEnableRequest.setSelectIds(new ArrayList<>() {{
+            this.add("admin");
+        }});
+        this.requestPost(UserRequestUtils.URL_USER_UPDATE_ENABLE, userChangeEnableRequest, ERROR_REQUEST_MATCHER);
     }