fix: bizz delete check

getrebuild · Dec 8, 2023 · b2ec62e · b2ec62e
1 parent c8d7341
commit b2ec62e
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 21 deletions.
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -2,7 +2,7 @@
   "editor.fontSize": 12,
   "editor.tabSize": 2,
   "editor.codeActionsOnSave": {
-    "source.fixAll.eslint": true
+    "source.fixAll.eslint": "explicit"
   },
   "eslint.codeAction.showDocumentation": {
     "enable": true
@@ -15,12 +15,6 @@
     "editor.defaultFormatter": "esbenp.prettier-vscode"
   },
 
-  "LineCount.excludes": [
-    "**/.vscode/**",
-    "**/.idea/**",
-    "**/node_modules/**",
-    "**/target/**",
-    "**/assets/lib/**"
-  ],
+  "LineCount.excludes": ["**/.vscode/**", "**/.idea/**", "**/node_modules/**", "**/target/**", "**/assets/lib/**"],
   "editor.formatOnSave": true
 }
diff --git a/src/main/java/com/rebuild/core/metadata/EntityHelper.java b/src/main/java/com/rebuild/core/metadata/EntityHelper.java
@@ -248,7 +248,9 @@ public static ID newUnsavedId(int entityCode) {
      * @see #newUnsavedId(int)
      */
     public static boolean isUnsavedId(Object id) {
-        return ID.isId(id) && (UNSAVED_ID.equals(id) || id.toString().endsWith(UNSAVED_ID_SUFFIX));
+        boolean s = ID.isId(id) && (UNSAVED_ID.equals(id) || id.toString().endsWith(UNSAVED_ID_SUFFIX));
+        if (!s) return false;
+        return !UserService.SYSTEM_USER.equals(id);
     }
 
     // 公共字段/保留字段

diff --git a/src/main/java/com/rebuild/core/privileges/DepartmentService.java b/src/main/java/com/rebuild/core/privileges/DepartmentService.java
@@ -91,6 +91,10 @@ public int delete(ID recordId) {
      * @param transferTo
      */
     public void deleteAndTransfer(ID deptId, ID transferTo) {
+        if (ROOT_DEPT.equals(deptId)) {
+            throw new OperationDeniedException(Language.L("内置部门禁止删除"));
+        }
+
         checkAdminGuard(BizzPermission.DELETE, null);
 
         Department dept = Application.getUserStore().getDepartment(deptId);

diff --git a/src/main/java/com/rebuild/core/privileges/UserService.java b/src/main/java/com/rebuild/core/privileges/UserService.java
@@ -118,12 +118,12 @@ public Record update(Record record) {
 
     @Override
     public int delete(ID recordId) {
-        checkAdminGuard(BizzPermission.DELETE, null);
-
         if (ADMIN_USER.equals(recordId) || SYSTEM_USER.equals(recordId)) {
             throw new OperationDeniedException(Language.L("内置用户禁止删除"));
         }
 
+        checkAdminGuard(BizzPermission.DELETE, null);
+
         if (checkHasUsed(recordId)) {
             throw new OperationDeniedException(Language.L("已使用过的用户禁止删除"));
         }

diff --git a/src/main/java/com/rebuild/web/admin/bizz/UserController.java b/src/main/java/com/rebuild/web/admin/bizz/UserController.java
@@ -62,24 +62,22 @@ public ModelAndView pageList(HttpServletRequest request) {
     }
 
     @RequestMapping("check-user-status")
-    public RespBody checkUserStatus(@IdParam ID userId) {
-        if (!Application.getUserStore().existsUser(userId)) {
-            return RespBody.error();
-        }
+    public RespBody checkUserStatus(@IdParam ID uid) {
+        if (!Application.getUserStore().existsUser(uid)) return RespBody.error();
 
-        User checkedUser = Application.getUserStore().getUser(userId);
+        final User checkedUser = Application.getUserStore().getUser(uid);
 
         Map<String, Object> ret = new HashMap<>();
         ret.put("active", checkedUser.isActive());
-        ret.put("system", "system".equals(checkedUser.getName()) || "admin".equals(checkedUser.getName()));
+        ret.put("system", uid.equals(UserService.ADMIN_USER) || uid.equals(UserService.SYSTEM_USER));
         ret.put("disabled", checkedUser.isDisabled());
 
         if (checkedUser.getOwningRole() != null) {
             ret.put("role", checkedUser.getOwningRole().getIdentity());
             ret.put("roleDisabled", checkedUser.getOwningRole().isDisabled());
 
             // 附加角色
-            ret.put("roleAppends", UserHelper.getRoleAppends(userId));
+            ret.put("roleAppends", UserHelper.getRoleAppends(uid));
         }
 
         if (checkedUser.getOwningDept() != null) {
@@ -89,7 +87,7 @@ public RespBody checkUserStatus(@IdParam ID userId) {
 
         Object[] lastLogin = Application.createQueryNoFilter(
                 "select loginTime,ipAddr from LoginLog where user = ? order by loginTime desc")
-                .setParameter(1, userId)
+                .setParameter(1, uid)
                 .unique();
         if (lastLogin != null) {
             ret.put("lastLogin",

diff --git a/src/main/resources/web/assets/js/bizuser/user-view.js b/src/main/resources/web/assets/js/bizuser/user-view.js
@@ -91,8 +91,16 @@ $(document).ready(function () {
       }
 
       if (res.data.system === true) {
-        $('.view-action').remove()
-        $('.J_tips').removeClass('hide').find('.message p').text($L('系统内置超级管理员，不允许修改。此用户拥有最高级系统权限，请谨慎使用'))
+        // v35
+        if (userId === '001-0000000000000000') {
+          $('.view-action').remove()
+        } else {
+          $('.J_mores .dropdown-menu>*').each(function () {
+            if (!$(this).hasClass('J_resetpwd')) $(this).remove()
+          })
+        }
+
+        $('.J_tips').removeClass('hide').find('.message p').text($L('系统内置超级管理员。此用户拥有最高级系统权限，请谨慎使用'))
         return
       }