组织,工作空间管理员无法移除自身
This commit is contained in:
parent
c1035e00ae
commit
f0427d4705
|
@ -4,6 +4,7 @@ import com.github.pagehelper.Page;
|
||||||
import com.github.pagehelper.PageHelper;
|
import com.github.pagehelper.PageHelper;
|
||||||
import io.metersphere.base.domain.User;
|
import io.metersphere.base.domain.User;
|
||||||
import io.metersphere.commons.constants.RoleConstants;
|
import io.metersphere.commons.constants.RoleConstants;
|
||||||
|
import io.metersphere.commons.exception.MSException;
|
||||||
import io.metersphere.commons.utils.PageUtils;
|
import io.metersphere.commons.utils.PageUtils;
|
||||||
import io.metersphere.commons.utils.Pager;
|
import io.metersphere.commons.utils.Pager;
|
||||||
import io.metersphere.controller.request.UserRequest;
|
import io.metersphere.controller.request.UserRequest;
|
||||||
|
@ -17,6 +18,7 @@ import io.metersphere.service.UserService;
|
||||||
import io.metersphere.service.WorkspaceService;
|
import io.metersphere.service.WorkspaceService;
|
||||||
import io.metersphere.user.SessionUser;
|
import io.metersphere.user.SessionUser;
|
||||||
import io.metersphere.user.SessionUtils;
|
import io.metersphere.user.SessionUtils;
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.apache.shiro.authz.annotation.Logical;
|
import org.apache.shiro.authz.annotation.Logical;
|
||||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||||
import org.springframework.beans.BeanUtils;
|
import org.springframework.beans.BeanUtils;
|
||||||
|
@ -120,6 +122,9 @@ public class UserController {
|
||||||
|
|
||||||
@PostMapping("/update/current")
|
@PostMapping("/update/current")
|
||||||
public UserDTO updateCurrentUser(@RequestBody User user) {
|
public UserDTO updateCurrentUser(@RequestBody User user) {
|
||||||
|
UserDTO userDTO = userService.getUserDTO(user.getId());
|
||||||
|
BeanUtils.copyProperties(user, userDTO);
|
||||||
|
SessionUtils.putUser(SessionUser.fromUser(userDTO));
|
||||||
userService.updateUser(user);
|
userService.updateUser(user);
|
||||||
return SessionUtils.getUser();
|
return SessionUtils.getUser();
|
||||||
}
|
}
|
||||||
|
@ -182,6 +187,10 @@ public class UserController {
|
||||||
@RequiresRoles(value = {RoleConstants.TEST_MANAGER,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
@RequiresRoles(value = {RoleConstants.TEST_MANAGER,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public void deleteMember(@PathVariable String workspaceId, @PathVariable String userId) {
|
public void deleteMember(@PathVariable String workspaceId, @PathVariable String userId) {
|
||||||
workspaceService.checkWorkspaceOwner(workspaceId);
|
workspaceService.checkWorkspaceOwner(workspaceId);
|
||||||
|
String currentUserId = SessionUtils.getUser().getId();
|
||||||
|
if (StringUtils.equals(userId, currentUserId)) {
|
||||||
|
MSException.throwException("Insufficient permissions!");
|
||||||
|
}
|
||||||
userService.deleteMember(workspaceId, userId);
|
userService.deleteMember(workspaceId, userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -202,6 +211,10 @@ public class UserController {
|
||||||
@RequiresRoles(RoleConstants.ORG_ADMIN)
|
@RequiresRoles(RoleConstants.ORG_ADMIN)
|
||||||
public void delOrganizationMember(@PathVariable String organizationId, @PathVariable String userId) {
|
public void delOrganizationMember(@PathVariable String organizationId, @PathVariable String userId) {
|
||||||
organizationService.checkOrgOwner(organizationId);
|
organizationService.checkOrgOwner(organizationId);
|
||||||
|
String currentUserId = SessionUtils.getUser().getId();
|
||||||
|
if (StringUtils.equals(userId, currentUserId)) {
|
||||||
|
MSException.throwException("Insufficient permissions!");
|
||||||
|
}
|
||||||
userService.delOrganizationMember(organizationId, userId);
|
userService.delOrganizationMember(organizationId, userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -124,11 +124,8 @@ public class UserService {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void updateUser(User user) {
|
public void updateUser(User user) {
|
||||||
UserDTO userDTO = getUserDTO(user.getId());
|
|
||||||
BeanUtils.copyProperties(user, userDTO);
|
|
||||||
// MD5
|
// MD5
|
||||||
user.setPassword(CodingUtil.md5(user.getPassword()));
|
user.setPassword(CodingUtil.md5(user.getPassword()));
|
||||||
SessionUtils.putUser(SessionUser.fromUser(userDTO));
|
|
||||||
user.setUpdateTime(System.currentTimeMillis());
|
user.setUpdateTime(System.currentTimeMillis());
|
||||||
userMapper.updateByPrimaryKeySelective(user);
|
userMapper.updateByPrimaryKeySelective(user);
|
||||||
}
|
}
|
||||||
|
|
|
@ -175,14 +175,11 @@
|
||||||
cancelButtonText: this.$t('commons.cancel'),
|
cancelButtonText: this.$t('commons.cancel'),
|
||||||
type: 'warning'
|
type: 'warning'
|
||||||
}).then(() => {
|
}).then(() => {
|
||||||
this.loading = true;
|
this.result = this.$get('/user/ws/member/delete/' + this.currentUser().lastWorkspaceId + '/' + row.id,() => {
|
||||||
this.$get('/user/ws/member/delete/' + this.currentUser().lastWorkspaceId + '/' + row.id).then(() => {
|
this.$success(this.$t('commons.delete_success'));
|
||||||
this.initTableData();
|
this.initTableData();
|
||||||
this.loading = false;
|
|
||||||
});
|
});
|
||||||
this.$success(this.$t('commons.delete_success'));
|
|
||||||
}).catch(() => {
|
}).catch(() => {
|
||||||
this.loading = false;
|
|
||||||
this.$info(this.$t('commons.delete_cancel'));
|
this.$info(this.$t('commons.delete_cancel'));
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in New Issue