From 67f416634f95c81e618123b826e18a57ae08220d Mon Sep 17 00:00:00 2001
From: 无关风月 <443237572@qq.com>
Date: 星期二, 22 四月 2025 17:55:30 +0800
Subject: [PATCH] 11.6
---
ruoyi-service/ruoyi-admin/src/main/java/com/ruoyi/admin/controller/SysUserController.java | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/ruoyi-service/ruoyi-admin/src/main/java/com/ruoyi/admin/controller/SysUserController.java b/ruoyi-service/ruoyi-admin/src/main/java/com/ruoyi/admin/controller/SysUserController.java
index 8fa5bea..beee081 100644
--- a/ruoyi-service/ruoyi-admin/src/main/java/com/ruoyi/admin/controller/SysUserController.java
+++ b/ruoyi-service/ruoyi-admin/src/main/java/com/ruoyi/admin/controller/SysUserController.java
@@ -13,6 +13,7 @@
import com.ruoyi.admin.service.UserRoleService;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.system.api.model.LoginUser;
import io.swagger.annotations.Api;
@@ -54,6 +55,7 @@
* @param pageNum 页码
* @param pageSize 每页显示条数
*/
+ @RequiresPermissions("power_account")
@ApiOperation(value = "账号分页查询列表", tags = {"后台-权限管理-账号管理"})
@GetMapping(value = "/page")
@ApiImplicitParams({
@@ -75,6 +77,7 @@
* @param id 后台账号id
* @param enable 启用/关闭
*/
+ @RequiresPermissions("power_enable")
@ApiOperation(value = "启用/关闭后台账号", tags = {"后台-师傅管理-师傅列表管理"})
@GetMapping(value = "/enable")
@ApiImplicitParams({
@@ -92,6 +95,7 @@
*
* @param id 账号id
*/
+ @RequiresPermissions("power_detail")
@ApiOperation(value = "账号详情", tags = {"后台-权限管理-账号管理"})
@GetMapping(value = "/detail")
@ApiImplicitParams({
@@ -107,6 +111,7 @@
*
* @param sysUserRequest 账号信息
*/
+ @RequiresPermissions("power_save")
@ApiOperation(value = "新增账号", tags = {"后台-权限管理-账号管理"})
@PostMapping(value = "/save")
public R<String> save(@RequestBody @Validated SysUserRequest sysUserRequest) {
@@ -143,6 +148,7 @@
*
* @param sysUserRequest 账号信息
*/
+ @RequiresPermissions("power_update")
@ApiOperation(value = "修改账号", tags = {"后台-权限管理-账号管理"})
@PostMapping(value = "/update")
public R<String> update(@RequestBody SysUserRequest sysUserRequest) {
@@ -158,7 +164,8 @@
}
SysUser user = sysUserService.lambdaQuery()
.eq(SysUser::getAccount, sysUserRequest.getAccount())
- .eq(SysUser::getIsDelete, 0).one();
+ .eq(SysUser::getIsDelete, 0)
+ .ne(SysUser::getUserId, sysUserRequest.getUserId()).one();
if (null != user) {
return R.fail("该账号已存在!");
}
@@ -198,7 +205,7 @@
return R.fail("新密码与二次确认密码不一致,请重新输入!");
}
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
- if (!passwordEncoder.matches(newPassword, oldPassword)) {
+ if (!passwordEncoder.matches(oldPassword, user.getPassword())) {
return R.fail("原密码错误,请重试!");
}
// 校验通过,加密新的明文密码
@@ -214,6 +221,7 @@
*
* @param ids 账号id拼接
*/
+ @RequiresPermissions("power_delete")
@ApiOperation(value = "批量删除账号", tags = {"后台-权限管理-账号管理"})
@GetMapping(value = "/batchDelete")
@ApiImplicitParams({
--
Gitblit v1.7.1