fix: 非超级管理员限制无权限查看超级管理员账号的问题修复

2025-03-09 23:38:47 +08:00
parent ace1e95d8b
commit c820abb027
3 changed files with 64 additions and 13 deletions
--- a/src/main/java/com/youlai/boot/system/model/query/UserPageQuery.java
+++ b/src/main/java/com/youlai/boot/system/model/query/UserPageQuery.java
@@ -1,6 +1,7 @@
 package com.youlai.boot.system.model.query;
 import cn.hutool.db.sql.Direction;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.youlai.boot.common.base.BasePageQuery;
 import com.youlai.boot.common.annotation.ValidField;
 import io.swagger.v3.oas.annotations.media.Schema;
@@ -36,11 +37,17 @@ public class UserPageQuery extends BasePageQuery {
    private List<String> createTime;
    @Schema(description = "排序的字段")
-    @ValidField(allowedValues = {"create_time","update_time"})
+    @ValidField(allowedValues = {"create_time", "update_time"})
    private String field;
    @Schema(description = "排序方式（正序:ASC；反序:DESC）")
    private Direction direction;
    /**
     * 是否超级管理员
     */
    @JsonIgnore
    @Schema(hidden = true)
    private Boolean isRoot;
 }
--- a/src/main/java/com/youlai/boot/system/service/impl/UserServiceImpl.java
+++ b/src/main/java/com/youlai/boot/system/service/impl/UserServiceImpl.java
@@ -86,6 +86,10 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
        int pageNum = queryParams.getPageNum();
        int pageSize = queryParams.getPageSize();
        Page<UserBO> page = new Page<>(pageNum, pageSize);
        boolean isRoot = SecurityUtils.isRoot();
        queryParams.setIsRoot(isRoot);
        // 查询数据
        Page<UserBO> userPage = this.baseMapper.getUserPage(page, queryParams);
@@ -276,15 +280,35 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
     */
    @Override
    public List<UserExportDTO> listExportUsers(UserPageQuery queryParams) {
-        List<UserExportDTO> userExportDTOS = this.baseMapper.listExportUsers(queryParams);
+
        boolean isRoot = SecurityUtils.isRoot();
        queryParams.setIsRoot(isRoot);
        List<UserExportDTO> exportUsers = this.baseMapper.listExportUsers(queryParams);
        if (CollectionUtil.isNotEmpty(exportUsers)) {
            //获取角色的字典数据
-        List<DictData> list = dictDataService.list(new LambdaQueryWrapper<DictData>().eq(DictData::getDictCode, DictCodeEnum.GENDER.getValue()));
+            Map<String, String> genderMap = dictDataService.list(
-        Map<String, String> genderMap = list.stream().collect(Collectors.toMap(DictData::getValue, DictData::getLabel));
+                            new LambdaQueryWrapper<DictData>().eq(DictData::getDictCode,
-        userExportDTOS.forEach(userExportDTO -> {
+                                    DictCodeEnum.GENDER.getValue())
-            String genderLabel = genderMap.get(userExportDTO.getGender());
+                    ).stream()
-            userExportDTO.setGender(genderLabel);
+                    .collect(Collectors.toMap(DictData::getValue, DictData::getLabel)
                    );
            exportUsers.forEach(item -> {
                String gender = item.getGender();
                if (StrUtil.isBlank(gender)) {
                    return;
                }
                // 判断map是否为空
                if (genderMap.isEmpty()) {
                    return;
                }
                item.setGender(genderMap.get(gender));
            });
-        return null;
+        }
        return exportUsers;
    }
    /**
--- a/src/main/resources/mapper/system/UserMapper.xml
+++ b/src/main/resources/mapper/system/UserMapper.xml
@@ -24,9 +24,18 @@
                LEFT JOIN sys_user_role sur ON u.id = sur.user_id
                LEFT JOIN sys_role r ON sur.role_id = r.id
        <where>
-            u.is_deleted = 0 AND u.username != 'root'
+            u.is_deleted = 0
-            <!-- 超级管理员不显示在列表 -->
+            <if test="!queryParams.isRoot">
-            AND r.code != '${@com.youlai.boot.common.constant.SystemConstants@ROOT_ROLE_CODE}'
+                AND NOT EXISTS (
                SELECT
                    1
                FROM sys_user_role sur
                    INNER JOIN sys_role r ON sur.role_id = r.id
                WHERE
                    sur.user_id = u.id
                    AND r.code = '${@com.youlai.boot.common.constant.SystemConstants@ROOT_ROLE_CODE}'
                )
            </if>
            <if test='queryParams.keywords!=null and queryParams.keywords.trim() neq ""'>
                AND (
                    u.username LIKE CONCAT('%',#{queryParams.keywords},'%')
@@ -188,6 +197,17 @@
                LEFT JOIN sys_dept d ON u.dept_id = d.id
        <where>
            u.is_deleted = 0
            <if test="!isRoot">
            AND NOT EXISTS (
                SELECT
                    1
                FROM sys_user_role sur
                    INNER JOIN sys_role r ON sur.role_id = r.id
                WHERE
                    sur.user_id = u.id
                    AND r.code = '${@com.youlai.boot.common.constant.SystemConstants@ROOT_ROLE_CODE}'
            )
            </if>
            <if test='keywords!=null and keywords.trim() neq ""'>
                AND (u.username LIKE CONCAT('%',#{keywords},'%')
                OR u.nickname LIKE CONCAT('%',#{keywords},'%')