新建角色的时候,不允许创建 ADMIN 标识的角色

This commit is contained in:
YunaiV 2022-02-23 19:28:59 +08:00
parent 848fcdf329
commit 95bb9744c1
3 changed files with 14 additions and 4 deletions

View File

@ -31,7 +31,8 @@ public interface ErrorCodeConstants {
ErrorCode ROLE_NAME_DUPLICATE = new ErrorCode(1002003001, "已经存在名为【{}】的角色");
ErrorCode ROLE_CODE_DUPLICATE = new ErrorCode(1002003002, "已经存在编码为【{}】的角色");
ErrorCode ROLE_CAN_NOT_UPDATE_SYSTEM_TYPE_ROLE = new ErrorCode(1002003004, "不能操作类型为系统内置的角色");
ErrorCode ROLE_IS_DISABLE = new ErrorCode(1002003004, "名字为【{}】的角色已被禁用");
ErrorCode ROLE_IS_DISABLE = new ErrorCode(1002003005, "名字为【{}】的角色已被禁用");
ErrorCode ROLE_ADMIN_CODE_ERROR = new ErrorCode(1002003006, "编码【{}】不能使用");
// ========== 用户模块 1002004000 ==========
ErrorCode USER_USERNAME_EXISTS = new ErrorCode(1002004000, "用户账号已经存在");

View File

@ -1,5 +1,6 @@
package cn.iocoder.yudao.module.system.enums.permission;
import cn.iocoder.yudao.framework.common.util.object.ObjectUtils;
import lombok.AllArgsConstructor;
import lombok.Getter;
@ -23,4 +24,8 @@ public enum RoleCodeEnum {
*/
private final String name;
public static boolean isSuperAdmin(String code) {
return ObjectUtils.equalsAny(code, SUPER_ADMIN.getCode());
}
}

View File

@ -136,7 +136,7 @@ public class RoleServiceImpl implements RoleService {
@Override
public void updateRole(RoleUpdateReqVO reqVO) {
// 校验是否可以更新
this.checkUpdateRole(reqVO.getId());
checkUpdateRole(reqVO.getId());
// 校验角色的唯一字段是否重复
checkDuplicateRole(reqVO.getName(), reqVO.getCode(), reqVO.getId());
// 更新到数据库
@ -149,7 +149,7 @@ public class RoleServiceImpl implements RoleService {
@Override
public void updateRoleStatus(Long id, Integer status) {
// 校验是否可以更新
this.checkUpdateRole(id);
checkUpdateRole(id);
// 更新状态
RoleDO updateObject = new RoleDO();
updateObject.setId(id);
@ -217,7 +217,7 @@ public class RoleServiceImpl implements RoleService {
if (CollectionUtil.isEmpty(roleList)) {
return false;
}
return roleList.stream().anyMatch(roleDO -> RoleCodeEnum.SUPER_ADMIN.getCode().equals(roleDO.getCode()));
return roleList.stream().anyMatch(role -> RoleCodeEnum.isSuperAdmin(role.getCode()));
}
@Override
@ -247,6 +247,10 @@ public class RoleServiceImpl implements RoleService {
*/
@VisibleForTesting
public void checkDuplicateRole(String name, String code, Long id) {
// 0. 超级管理员不允许创建
if (RoleCodeEnum.isSuperAdmin(code)) {
throw exception(ROLE_ADMIN_CODE_ERROR, code);
}
// 1. name 名字被其它角色所使用
RoleDO role = roleMapper.selectByName(name);
if (role != null && !role.getId().equals(id)) {