diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectTemplateController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectTemplateController.java index 82d0ddac68..c136b73ae2 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectTemplateController.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectTemplateController.java @@ -84,7 +84,6 @@ public class ProjectTemplateController { @Operation(summary = "设置默认模板") @RequiresPermissions(PermissionConstants.PROJECT_TEMPLATE_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.setDefaultTemplateLog(#id)", msClass = ProjectTemplateLogService.class) - @CheckProjectOwner(resourceId = "#id", resourceType = "template", resourceCol = "scope_id") public void setDefaultTemplate(@PathVariable String projectId, @PathVariable String id) { projectTemplateservice.setDefaultTemplate(projectId, id); } diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectUserRoleController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectUserRoleController.java index 38580a68ab..f72e6a3f39 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectUserRoleController.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectUserRoleController.java @@ -51,7 +51,6 @@ public class ProjectUserRoleController { @PostMapping("/list") @Operation(summary = "项目管理-项目与权限-用户组-获取用户组列表") @RequiresPermissions(PermissionConstants.PROJECT_GROUP_READ) - @CheckProjectOwner(resourceId = "#request.getProjectId()", resourceType = "user_role", resourceCol = "scope_id") public Pager> list(@Validated @RequestBody ProjectUserRoleRequest request) { Page page = PageHelper.startPage(request.getCurrent(), request.getPageSize()); return PageUtils.setPageInfo(page, projectUserRoleService.list(request)); @@ -61,7 +60,6 @@ public class ProjectUserRoleController { @Operation(summary = "项目管理-项目与权限-用户组-添加用户组") @RequiresPermissions(PermissionConstants.PROJECT_GROUP_ADD) @Log(type = OperationLogType.ADD, expression = "#msClass.addLog(#request)", msClass = ProjectUserRoleLogService.class) - @CheckProjectOwner(resourceId = "#request.getScopeId()", resourceType = "user_role", resourceCol = "scope_id") public UserRole add(@Validated({Created.class}) @RequestBody ProjectUserRoleEditRequest request) { UserRole userRole = new UserRole(); userRole.setCreateUser(SessionUtils.getUserId()); @@ -94,7 +92,6 @@ public class ProjectUserRoleController { @Operation(summary = "项目管理-项目与权限-用户组-获取用户组对应的权限配置") @Parameter(name = "id", description = "用户组ID", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.PROJECT_GROUP_READ) - @CheckProjectOwner(resourceId = "#id", resourceType = "user_role", resourceCol = "scope_id") public List getPermissionSetting(@PathVariable String id) { return projectUserRoleService.getPermissionSetting(id); } diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationUserRoleController.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationUserRoleController.java index c653f4e227..5aec7f119f 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationUserRoleController.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationUserRoleController.java @@ -92,7 +92,6 @@ public class OrganizationUserRoleController { @Operation(summary = "系统设置-组织-用户组-获取用户组对应的权限配置") @Parameter(name = "id", description = "用户组ID", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.ORGANIZATION_USER_ROLE_READ) - @CheckOrgOwner(resourceId = "#id", resourceType = "user_role", resourceCol = "scope_id") public List getPermissionSetting(@PathVariable String id) { return organizationUserRoleService.getPermissionSetting(id); } diff --git a/frontend/src/components/business/ms-user-group-comp/authTable.vue b/frontend/src/components/business/ms-user-group-comp/authTable.vue index 225425c5f1..5943fef39c 100644 --- a/frontend/src/components/business/ms-user-group-comp/authTable.vue +++ b/frontend/src/components/business/ms-user-group-comp/authTable.vue @@ -148,16 +148,11 @@ // 不可编辑的权限 const systemAdminDisabled = computed(() => { const adminArr = ['admin', 'org_admin', 'project_admin']; - const memberArr = ['member', 'org_member', 'project_member']; const { id } = props.current; if (adminArr.includes(id)) { // 系统管理员,组织管理员,项目管理员都不可编辑 return true; } - if (memberArr.includes(id)) { - // 系统管理员角色可以编辑 系统成员 组织成员 项目成员 - return !userStore.isAdmin; - } return props.disabled; }); diff --git a/frontend/src/views/project-management/template/components/templateManagement.vue b/frontend/src/views/project-management/template/components/templateManagement.vue index 5854392763..5d92c4635c 100644 --- a/frontend/src/views/project-management/template/components/templateManagement.vue +++ b/frontend/src/views/project-management/template/components/templateManagement.vue @@ -129,7 +129,7 @@ import PreviewTemplate from '@/views/setting/organization/template/components/viewTemplate.vue'; import { - deleteOrdTemplate, + deleteProjectTemplate, getProjectFieldList, getProjectTemplateInfo, getProjectTemplateList, @@ -273,7 +273,7 @@ }, onBeforeOk: async () => { try { - if (record.id) await deleteOrdTemplate(record.id); + if (record.id) await deleteProjectTemplate(record.id); Message.success(t('common.deleteSuccess')); loadList(); } catch (error) {