mirror of https://github.com/jeecgboot/jeecg-boot
租户邀请人改成采用手机号,租户敏感接口加权限
zhangdaiscott
parent
fffa7f327b
commit
217fe0dce4
|
|
@ -12,6 +12,7 @@ import org.apache.shiro.authz.annotation.RequiresPermissions;
|
|||
import org.jeecg.common.api.vo.Result;
|
||||
import org.jeecg.common.aspect.annotation.PermissionData;
|
||||
import org.jeecg.common.config.TenantContext;
|
||||
import org.jeecg.common.constant.CommonConstant;
|
||||
import org.jeecg.common.constant.SymbolConstant;
|
||||
import org.jeecg.common.system.query.QueryGenerator;
|
||||
import org.jeecg.common.system.vo.LoginUser;
|
||||
|
|
@ -19,6 +20,7 @@ import org.jeecg.common.util.PasswordUtil;
|
|||
import org.jeecg.common.util.TokenUtils;
|
||||
import org.jeecg.common.util.oConvertUtils;
|
||||
import org.jeecg.config.mybatis.MybatisPlusSaasConfig;
|
||||
import org.jeecg.modules.base.service.BaseCommonService;
|
||||
import org.jeecg.modules.system.entity.*;
|
||||
import org.jeecg.modules.system.service.ISysTenantPackService;
|
||||
import org.jeecg.modules.system.service.ISysTenantService;
|
||||
|
|
@ -55,6 +57,9 @@ public class SysTenantController {
|
|||
|
||||
@Autowired
|
||||
private ISysTenantPackService sysTenantPackService;
|
||||
|
||||
@Autowired
|
||||
private BaseCommonService baseCommonService;
|
||||
|
||||
/**
|
||||
* 获取列表数据
|
||||
|
|
@ -167,6 +172,22 @@ public class SysTenantController {
|
|||
//@RequiresPermissions("system:tenant:delete")
|
||||
@RequestMapping(value = "/delete", method ={RequestMethod.DELETE, RequestMethod.POST})
|
||||
public Result<?> delete(@RequestParam(name="id",required=true) String id) {
|
||||
//------------------------------------------------------------------
|
||||
//如果是saas隔离的情况下,判断当前租户id是否是当前租户下的
|
||||
if (MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL) {
|
||||
//获取当前用户
|
||||
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
||||
SysTenant sysTenant = sysTenantService.getById(id);
|
||||
|
||||
String username = "admin";
|
||||
String createdBy = sysUser.getUsername();
|
||||
if (!sysTenant.getCreateBy().equals(createdBy) && !username.equals(createdBy)) {
|
||||
baseCommonService.addLog("未经授权,不能删除非自己创建的租户,租户ID:" + id + ",操作人:" + sysUser.getUsername(), CommonConstant.LOG_TYPE_2, CommonConstant.OPERATE_TYPE_3);
|
||||
return Result.error("删除租户失败,当前操作人不是租户的创建人!");
|
||||
}
|
||||
}
|
||||
//------------------------------------------------------------------
|
||||
|
||||
sysTenantService.removeTenantById(id);
|
||||
return Result.ok("删除成功");
|
||||
}
|
||||
|
|
@ -187,6 +208,22 @@ public class SysTenantController {
|
|||
// 过滤掉已被引用的租户
|
||||
List<Integer> idList = new ArrayList<>();
|
||||
for (String id : ls) {
|
||||
//------------------------------------------------------------------
|
||||
//如果是saas隔离的情况下,判断当前租户id是否是当前租户下的
|
||||
if (MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL) {
|
||||
//获取当前用户
|
||||
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
||||
SysTenant sysTenant = sysTenantService.getById(id);
|
||||
|
||||
String username = "admin";
|
||||
String createdBy = sysUser.getUsername();
|
||||
if (!sysTenant.getCreateBy().equals(createdBy) && !username.equals(createdBy)) {
|
||||
baseCommonService.addLog("未经授权,不能删除非自己创建的租户,租户ID:" + id + ",操作人:" + sysUser.getUsername(), CommonConstant.LOG_TYPE_2, CommonConstant.OPERATE_TYPE_3);
|
||||
return Result.error("删除租户失败,当前操作人不是租户的创建人!");
|
||||
}
|
||||
}
|
||||
//------------------------------------------------------------------
|
||||
|
||||
Long userCount = sysTenantService.countUserLinkTenant(id);
|
||||
if (userCount == 0) {
|
||||
idList.add(Integer.parseInt(id));
|
||||
|
|
@ -357,13 +394,13 @@ public class SysTenantController {
|
|||
/**
|
||||
* 邀请用户【低代码应用专用接口】
|
||||
* @param ids
|
||||
* @param userIds
|
||||
* @param phone
|
||||
* @return
|
||||
*/
|
||||
@PutMapping("/invitationUserJoin")
|
||||
//@RequiresPermissions("system:tenant:invitation:user")
|
||||
public Result<String> invitationUserJoin(@RequestParam("ids") String ids, @RequestParam("userIds") String userIds){
|
||||
sysTenantService.invitationUserJoin(ids,userIds);
|
||||
public Result<String> invitationUserJoin(@RequestParam("ids") String ids, @RequestParam("phone") String phone){
|
||||
sysTenantService.invitationUserJoin(ids,phone);
|
||||
return Result.ok("邀请用户成功");
|
||||
}
|
||||
|
||||
|
|
@ -402,7 +439,8 @@ public class SysTenantController {
|
|||
@RequestParam("tenantId") String tenantId){
|
||||
Result<String> result = new Result<>();
|
||||
//是否开启系统管理模块的多租户数据隔离【SAAS多租户模式】
|
||||
if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL){
|
||||
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
||||
if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL && !"admin".equals(sysUser.getUsername())){
|
||||
Integer loginSessionTenant = oConvertUtils.getInt(TenantContext.getTenant());
|
||||
if(loginSessionTenant!=null && !loginSessionTenant.equals(Integer.valueOf(tenantId))){
|
||||
result.error500("无权限访问他人租户!");
|
||||
|
|
@ -565,7 +603,7 @@ public class SysTenantController {
|
|||
return Result.error("未找到当前租户信息");
|
||||
}
|
||||
if (!sysUser.getUsername().equals(tenant.getCreateBy())) {
|
||||
return Result.error("没有权限");
|
||||
return Result.error("无权限,只能注销自己创建的租户!");
|
||||
}
|
||||
SysUser userById = sysUserService.getById(sysUser.getId());
|
||||
String loginPassword = request.getParameter("loginPassword");
|
||||
|
|
|
|||
|
|
@ -45,11 +45,11 @@ public interface ISysTenantService extends IService<SysTenant> {
|
|||
boolean removeTenantById(String id);
|
||||
|
||||
/**
|
||||
* 邀请用户加入租户
|
||||
* 邀请用户加入租户,通过手机号
|
||||
* @param ids
|
||||
* @param userIds
|
||||
* @param phone
|
||||
*/
|
||||
void invitationUserJoin(String ids, String userIds);
|
||||
void invitationUserJoin(String ids, String phone);
|
||||
|
||||
/**
|
||||
* 请离用户(租户)
|
||||
|
|
|
|||
|
|
@ -26,10 +26,8 @@ import org.jeecg.modules.system.service.ISysTenantService;
|
|||
import org.jeecg.modules.system.service.ISysUserService;
|
||||
import org.jeecg.modules.system.vo.tenant.*;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.cache.annotation.CacheEvict;
|
||||
import org.springframework.context.annotation.Lazy;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.ArrayList;
|
||||
|
|
@ -91,27 +89,31 @@ public class SysTenantServiceImpl extends ServiceImpl<SysTenantMapper, SysTenant
|
|||
|
||||
@Override
|
||||
@CacheEvict(value={CacheConstant.SYS_USERS_CACHE}, allEntries=true)
|
||||
public void invitationUserJoin(String ids, String userIds) {
|
||||
public void invitationUserJoin(String ids, String phone) {
|
||||
String[] idArray = ids.split(SymbolConstant.COMMA);
|
||||
String[] userIdArray = userIds.split(SymbolConstant.COMMA);
|
||||
//先循环用户id,避免多次查询
|
||||
for (String userId : userIdArray) {
|
||||
//循环租户id
|
||||
for (String id:idArray) {
|
||||
//update-begin---author:wangshuai ---date:20221223 for:[QQYUN-3371]租户逻辑改造,改成关系表------------
|
||||
LambdaQueryWrapper<SysUserTenant> query = new LambdaQueryWrapper<>();
|
||||
query.eq(SysUserTenant::getTenantId,id);
|
||||
query.eq(SysUserTenant::getUserId,userId);
|
||||
long count = userTenantMapper.selectCount(query);
|
||||
if(count == 0){
|
||||
SysUserTenant relation = new SysUserTenant();
|
||||
relation.setUserId(userId);
|
||||
relation.setTenantId(Integer.valueOf(id));
|
||||
relation.setStatus(CommonConstant.USER_TENANT_NORMAL);
|
||||
userTenantMapper.insert(relation);
|
||||
}
|
||||
//update-end---author:wangshuai ---date:20221223 for:[QQYUN-3371]租户逻辑改造,改成关系表------------
|
||||
//update-begin---author:wangshuai ---date:20230313 for:【QQYUN-4605】后台的邀请谁加入租户,没办法选不是租户下的用户,通过手机号邀请------------
|
||||
SysUser userByPhone = userService.getUserByPhone(phone);
|
||||
//说明用户不存在
|
||||
if(null == userByPhone){
|
||||
throw new JeecgBootException("当前用户不存在,请核对手机号");
|
||||
}
|
||||
String userId = userByPhone.getId();
|
||||
//循环租户id
|
||||
for (String id:idArray) {
|
||||
//update-begin---author:wangshuai ---date:20221223 for:[QQYUN-3371]租户逻辑改造,改成关系表------------
|
||||
LambdaQueryWrapper<SysUserTenant> query = new LambdaQueryWrapper<>();
|
||||
query.eq(SysUserTenant::getTenantId,id);
|
||||
query.eq(SysUserTenant::getUserId,userId);
|
||||
long count = userTenantMapper.selectCount(query);
|
||||
if(count == 0){
|
||||
SysUserTenant relation = new SysUserTenant();
|
||||
relation.setUserId(userId);
|
||||
relation.setTenantId(Integer.valueOf(id));
|
||||
relation.setStatus(CommonConstant.USER_TENANT_NORMAL);
|
||||
userTenantMapper.insert(relation);
|
||||
}
|
||||
//update-end---author:wangshuai ---date:20221223 for:[QQYUN-3371]租户逻辑改造,改成关系表------------
|
||||
//update-end---author:wangshuai ---date:20230313 for:【QQYUN-4605】后台的邀请谁加入租户,没办法选不是租户下的用户,通过手机号邀请------------
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -477,6 +479,7 @@ public class SysTenantServiceImpl extends ServiceImpl<SysTenantMapper, SysTenant
|
|||
.eq(SysTenantPackUser::getUserId, sysTenantPackUser.getUserId())
|
||||
.eq(SysTenantPackUser::getPackId, sysTenantPackUser.getPackId());
|
||||
sysTenantPackUserMapper.delete(query);
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -578,8 +581,8 @@ public class SysTenantServiceImpl extends ServiceImpl<SysTenantMapper, SysTenant
|
|||
List<String> userIdList = userList.stream().map(i->i.getId()).collect(Collectors.toList());
|
||||
// 部门
|
||||
List<UserDepart> depList = baseMapper.queryUserDepartList(userIdList);
|
||||
// 职位
|
||||
//List<UserPosition> userPositions = baseMapper.queryUserPositionList(userIdList);
|
||||
// // 职位
|
||||
// List<UserPosition> userPositions = baseMapper.queryUserPositionList(userIdList);
|
||||
// 遍历用户 往用户中添加 部门信息和职位信息
|
||||
for (TenantPackUser user : userList) {
|
||||
//添加部门
|
||||
|
|
|
|||
Loading…
Reference in New Issue