lihongjie/coal
1
0
Fork 0
mirror of https://codeup.aliyun.com/64f7d6b8ce01efaafef1e678/coal/coal.git synced 2026-01-25 07:46:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

完善超级管理员权限

Browse Source
This commit is contained in:
lihongjie0209
2023-07-30 23:17:45 +08:00
parent 2f8f6e850c
commit 21e1ae3bf7
1 changed files with 13 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/main/java/cn/lihongjie/coal/aop/ControllerAop.java
View File

@@ -67,31 +67,30 @@ public class ControllerAop {
} else {
OrgAdmin orgAdmin = ObjectUtils.defaultIfNull(AnnotationUtils.findAnnotation(method, OrgAdmin.class), AnnotationUtils.findAnnotation(method.getClass(), OrgAdmin.class));
if (!Ctx.isSysAdmin()) {
if (orgAdmin != null && orgAdmin.value() && !Ctx.isOrgAdmin()) {
OrgAdmin orgAdmin = ObjectUtils.defaultIfNull(AnnotationUtils.findAnnotation(method, OrgAdmin.class), AnnotationUtils.findAnnotation(method.getClass(), OrgAdmin.class));
if (orgAdmin != null && orgAdmin.value() && !Ctx.isOrgAdmin()) {
return R.fail("invalidAccess", "非法访问,请联系机构管理员。");
return R.fail("invalidAccess", "非法访问,请联系机构管理员。");
}
}
SysAdmin sysAdmin = ObjectUtils.defaultIfNull(AnnotationUtils.findAnnotation(method, SysAdmin.class), AnnotationUtils.findAnnotation(method.getClass(), SysAdmin.class));
SysAdmin sysAdmin = ObjectUtils.defaultIfNull(AnnotationUtils.findAnnotation(method, SysAdmin.class), AnnotationUtils.findAnnotation(method.getClass(), SysAdmin.class));
if (sysAdmin != null && sysAdmin.value() && !Ctx.isSysAdmin()) {
if (sysAdmin != null && sysAdmin.value() && !Ctx.isSysAdmin()) {
return R.fail("invalidAccess", "非法访问,请联系系统管理员。");
return R.fail("invalidAccess", "非法访问,请联系系统管理员。");
}
}
UserEntity user = Ctx.currentUser();
if (!(user.getSysAdmin() != null && user.getSysAdmin())) {
UserEntity user = Ctx.currentUser();
if (ObjectUtils.<List<RoleEntity>>defaultIfNull(user.getRoles(), new ArrayList<>())
@@ -101,7 +100,8 @@ public class ControllerAop {
.noneMatch(x -> x.getUrl().equalsIgnoreCase(request.getRequestURI().replaceAll(request.getContextPath(), "")))) {
}{
}
{
return R.fail("invalidAccess", "当前资源未授权,请联系机构管理员处理。");
}