组织,工作空间管理员无法移除自身
This commit is contained in:
parent
c1035e00ae
commit
f0427d4705
|
@ -4,6 +4,7 @@ import com.github.pagehelper.Page;
|
|||
import com.github.pagehelper.PageHelper;
|
||||
import io.metersphere.base.domain.User;
|
||||
import io.metersphere.commons.constants.RoleConstants;
|
||||
import io.metersphere.commons.exception.MSException;
|
||||
import io.metersphere.commons.utils.PageUtils;
|
||||
import io.metersphere.commons.utils.Pager;
|
||||
import io.metersphere.controller.request.UserRequest;
|
||||
|
@ -17,6 +18,7 @@ import io.metersphere.service.UserService;
|
|||
import io.metersphere.service.WorkspaceService;
|
||||
import io.metersphere.user.SessionUser;
|
||||
import io.metersphere.user.SessionUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
|
@ -120,6 +122,9 @@ public class UserController {
|
|||
|
||||
@PostMapping("/update/current")
|
||||
public UserDTO updateCurrentUser(@RequestBody User user) {
|
||||
UserDTO userDTO = userService.getUserDTO(user.getId());
|
||||
BeanUtils.copyProperties(user, userDTO);
|
||||
SessionUtils.putUser(SessionUser.fromUser(userDTO));
|
||||
userService.updateUser(user);
|
||||
return SessionUtils.getUser();
|
||||
}
|
||||
|
@ -182,6 +187,10 @@ public class UserController {
|
|||
@RequiresRoles(value = {RoleConstants.TEST_MANAGER,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||
public void deleteMember(@PathVariable String workspaceId, @PathVariable String userId) {
|
||||
workspaceService.checkWorkspaceOwner(workspaceId);
|
||||
String currentUserId = SessionUtils.getUser().getId();
|
||||
if (StringUtils.equals(userId, currentUserId)) {
|
||||
MSException.throwException("Insufficient permissions!");
|
||||
}
|
||||
userService.deleteMember(workspaceId, userId);
|
||||
}
|
||||
|
||||
|
@ -202,6 +211,10 @@ public class UserController {
|
|||
@RequiresRoles(RoleConstants.ORG_ADMIN)
|
||||
public void delOrganizationMember(@PathVariable String organizationId, @PathVariable String userId) {
|
||||
organizationService.checkOrgOwner(organizationId);
|
||||
String currentUserId = SessionUtils.getUser().getId();
|
||||
if (StringUtils.equals(userId, currentUserId)) {
|
||||
MSException.throwException("Insufficient permissions!");
|
||||
}
|
||||
userService.delOrganizationMember(organizationId, userId);
|
||||
}
|
||||
|
||||
|
|
|
@ -124,11 +124,8 @@ public class UserService {
|
|||
}
|
||||
|
||||
public void updateUser(User user) {
|
||||
UserDTO userDTO = getUserDTO(user.getId());
|
||||
BeanUtils.copyProperties(user, userDTO);
|
||||
// MD5
|
||||
user.setPassword(CodingUtil.md5(user.getPassword()));
|
||||
SessionUtils.putUser(SessionUser.fromUser(userDTO));
|
||||
user.setUpdateTime(System.currentTimeMillis());
|
||||
userMapper.updateByPrimaryKeySelective(user);
|
||||
}
|
||||
|
|
|
@ -175,14 +175,11 @@
|
|||
cancelButtonText: this.$t('commons.cancel'),
|
||||
type: 'warning'
|
||||
}).then(() => {
|
||||
this.loading = true;
|
||||
this.$get('/user/ws/member/delete/' + this.currentUser().lastWorkspaceId + '/' + row.id).then(() => {
|
||||
this.result = this.$get('/user/ws/member/delete/' + this.currentUser().lastWorkspaceId + '/' + row.id,() => {
|
||||
this.$success(this.$t('commons.delete_success'));
|
||||
this.initTableData();
|
||||
this.loading = false;
|
||||
});
|
||||
this.$success(this.$t('commons.delete_success'));
|
||||
}).catch(() => {
|
||||
this.loading = false;
|
||||
this.$info(this.$t('commons.delete_cancel'));
|
||||
});
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue