From af50472fa97d4b99c21ab2b6b2262bd4b26f932b Mon Sep 17 00:00:00 2001 From: shiziyuan9527 Date: Fri, 16 Dec 2022 10:47:38 +0800 Subject: [PATCH] =?UTF-8?q?fix(=E7=B3=BB=E7=BB=9F=E8=AE=BE=E7=BD=AE):=20?= =?UTF-8?q?=E8=B6=85=E7=BA=A7=E7=94=A8=E6=88=B7=E7=BB=84=E6=9D=83=E9=99=90?= =?UTF-8?q?=E5=8F=AF=E4=BB=A5=E7=BC=96=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --bug=1020915 --user=李玉号 【系统设置】用户组与权限-超级管理员-权限可以编辑 https://www.tapd.cn/55049933/s/1316209 --- .../src/main/java/io/metersphere/service/GroupService.java | 5 +++++ .../src/main/java/io/metersphere/service/GroupService.java | 4 ++++ .../frontend/src/business/system/group/EditPermission.vue | 5 ++++- .../frontend/src/business/system/group/GroupPermission.vue | 6 +++++- 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/project-management/backend/src/main/java/io/metersphere/service/GroupService.java b/project-management/backend/src/main/java/io/metersphere/service/GroupService.java index a41ca97dc9..58327c28c6 100644 --- a/project-management/backend/src/main/java/io/metersphere/service/GroupService.java +++ b/project-management/backend/src/main/java/io/metersphere/service/GroupService.java @@ -70,6 +70,8 @@ public class GroupService { @Resource private BaseUserService baseUserService; private static final String GLOBAL = "global"; + private static final String SUPER_GROUP = "super_group"; + // 服务权限拼装顺序 private static final String[] servicePermissionLoadOrder = {MicroServiceName.PROJECT_MANAGEMENT, @@ -223,6 +225,9 @@ public class GroupService { } public void editGroupPermission(EditGroupRequest request) { + if (StringUtils.equals(request.getUserGroupId(), SUPER_GROUP)) { + return; + } List permissions = request.getPermissions(); if (CollectionUtils.isEmpty(permissions)) { return; diff --git a/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java b/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java index 44358b274d..4d4d9180ec 100644 --- a/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java +++ b/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java @@ -235,6 +235,10 @@ public class GroupService { } public void editGroupPermission(EditGroupRequest request) { + // 超级用户组禁止修改权限 + if (StringUtils.equals(request.getUserGroupId(), SUPER_GROUP)) { + return; + } List permissions = request.getPermissions(); if (CollectionUtils.isEmpty(permissions)) { return; diff --git a/system-setting/frontend/src/business/system/group/EditPermission.vue b/system-setting/frontend/src/business/system/group/EditPermission.vue index 8519c0a116..46284076b2 100644 --- a/system-setting/frontend/src/business/system/group/EditPermission.vue +++ b/system-setting/frontend/src/business/system/group/EditPermission.vue @@ -99,7 +99,10 @@ export default { }, isReadOnly() { return function (data) { - const isDefaultSystemGroup = (this.group.id === 'admin' || this.group.id === 'super_group') && data.resource.id === 'SYSTEM_GROUP'; + if (this.group.id === 'super_group') { + return true; + } + const isDefaultSystemGroup = this.group.id === 'admin' && data.resource.id === 'SYSTEM_GROUP'; return this.readOnly || isDefaultSystemGroup; } } diff --git a/system-setting/frontend/src/business/system/group/GroupPermission.vue b/system-setting/frontend/src/business/system/group/GroupPermission.vue index 1366075441..25340bcffc 100644 --- a/system-setting/frontend/src/business/system/group/GroupPermission.vue +++ b/system-setting/frontend/src/business/system/group/GroupPermission.vue @@ -44,9 +44,13 @@ export default { computed: { isReadOnly() { return function (permission) { + // 禁止取消系统管理员用户组权限 + if (this.group.id === 'super_group') { + return true; + } // 禁止取消系统管理员用户组和超级管理员用户组的读取和设置权限 const isSystemGroupPermission = permission.id === 'SYSTEM_GROUP:READ' || permission.id === 'SYSTEM_GROUP:READ+SETTING_PERMISSION'; - const isDefaultSystemGroup = (this.group.id === 'admin' || this.group.id === 'super_group') && isSystemGroupPermission; + const isDefaultSystemGroup = this.group.id === 'admin' && isSystemGroupPermission; return this.readOnly || isDefaultSystemGroup; } }