From 88ac2574d89aed7c28b9c0370b19b8bb2d0364eb Mon Sep 17 00:00:00 2001
From: xuhy <3313886187@qq.com>
Date: 星期二, 07 一月 2025 19:02:34 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java | 9 +++++++--
1 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
index 16f9f89..c8116bc 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
@@ -13,6 +13,7 @@
import com.ruoyi.chargingPile.api.feignClient.SiteClient;
import com.ruoyi.chargingPile.api.model.Site;
import com.ruoyi.common.core.web.page.PageInfo;
+import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.other.api.feignClient.RoleSiteClient;
import com.ruoyi.other.api.feignClient.UserSiteClient;
import com.ruoyi.system.api.query.ChangeUserQuery;
@@ -89,6 +90,9 @@
@Resource
private ISysRoleService sysRoleService;
+
+ @Resource
+ private TokenService tokenService;
/**
@@ -235,7 +239,8 @@
*/
@Override
public void checkUserAllowed(SysUser user) {
- if (StringUtils.isNotNull(user.getUserId()) && user.isAdmin()) {
+ Long userid = tokenService.getLoginUser().getUserid();
+ if (StringUtils.isNotNull(user.getUserId()) && !userid.equals(user.getUserId()) && user.isAdmin()) {
throw new ServiceException("不允许操作超级管理员用户");
}
}
@@ -247,7 +252,7 @@
*/
@Override
public void checkUserDataScope(Long userId) {
- if (!SysUser.isAdmin(SecurityUtils.getUserId())) {
+ if (!SysUser.isAdmin(tokenService.getLoginUser().getUserid())) {
SysUser user = new SysUser();
user.setUserId(userId);
List<SysUser> users = SpringUtils.getAopProxy(this).selectUserList(user);
--
Gitblit v1.7.1