保证企业管理员角色下至少有一个账户

08652550 · 施翔轲 · db1a1367 · 08652550 · 08652550 · 08652550
Commit 08652550 authored Nov 14, 2023 by 施翔轲
3 changed files
--- a/dsk-admin/src/main/java/com/dsk/web/controller/system/SysUserController.java
+++ b/dsk-admin/src/main/java/com/dsk/web/controller/system/SysUserController.java
@@ -121,10 +121,6 @@ public class SysUserController extends BaseController {
            throw new ServiceException("表格中不存在待导入数据!");
        }
-        for (SysUserImportVo userImportVo : userImportList) {
-            System.out.println("👉🏻:"+userImportVo);
-        }
        //开始导入业务
        List<SysUserImportVo> failImportUsers = userService.batchImportUser(userImportList, updateSupport);
@@ -216,6 +212,7 @@ public class SysUserController extends BaseController {
    @Log(title = "用户管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{userIds}")
    public R<Void> remove(@PathVariable Long[] userIds) {
+        //不能删除当前登录账号
        if (ArrayUtil.contains(userIds, getUserId())) {
            return R.fail("当前用户不能删除");
        }

--- a/dsk-system/src/main/java/com/dsk/system/service/impl/SysRoleServiceImpl.java
+++ b/dsk-system/src/main/java/com/dsk/system/service/impl/SysRoleServiceImpl.java
@@ -385,6 +385,9 @@ public class SysRoleServiceImpl implements ISysRoleService {
    public int deleteRoleByIds(Long[] roleIds) {
        for (Long roleId : roleIds) {
            SysRole role = selectRoleById(roleId);
+            if ("admin".equals(role.getRoleKey())) {
+                throw new ServiceException("不允许删除企业管理员角色!");
+            }
            checkRoleAllowed(role);
            checkRoleDataScope(roleId);
            if (countUserRoleByRoleId(roleId) > 0) {
@@ -407,6 +410,9 @@ public class SysRoleServiceImpl implements ISysRoleService {
     */
    @Override
    public int deleteAuthUser(SysUserRole userRole) {
+        //校验企业管理员角色下是否至少有一个账号
+        checkAdminHasUsers(userRole.getRoleId());
        int rows = userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>()
                .eq(SysUserRole::getRoleId, userRole.getRoleId())
                .eq(SysUserRole::getUserId, userRole.getUserId()));
@@ -425,6 +431,14 @@ public class SysRoleServiceImpl implements ISysRoleService {
     */
    @Override
    public int deleteAuthUsers(Long roleId, Long[] userIds) {
+        //校验企业管理员角色下是否至少有一个账号
+        Integer users = checkAdminHasUsers(roleId);
+        //如果取消授权企业管理员角色下所有账号,则抛异常
+        if (userIds.length == users) {
+            throw new ServiceException("至少要保留一个账号在企业管理员角色下!");
+        }
        int rows = userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>()
                .eq(SysUserRole::getRoleId, roleId)
                .in(SysUserRole::getUserId, Arrays.asList(userIds)));
@@ -434,6 +448,39 @@ public class SysRoleServiceImpl implements ISysRoleService {
        return rows;
    }
+    /**
+     * 校验企业管理员角色下是否至少有一个账号
+     *
+     * @param roleId 待操作角色ID
+     * @return 企业管理员角色账号数量
+     */
+    public Integer checkAdminHasUsers(Long roleId) {
+        Long adminRoleId = null;
+        Integer userNum = null;
+        //查询企业管理员角色ID
+        List<SysRole> sysRoles = selectRoleAll();
+        for (SysRole role : sysRoles) {
+            if ("admin".equals(role.getRoleKey())) {
+                adminRoleId = role.getRoleId();
+                break;
+            }
+        }
+        assert adminRoleId != null;
+        //如果待操作角色是企业管理员
+        if (roleId.longValue() == adminRoleId.longValue()) {
+            //如果目前企业管理员角色下仅有1个账号，则不允许进行删除、取消授权等操作
+            List<Long> userIds = userRoleMapper.selectUserIdsByRoleId(adminRoleId);
+            if (userIds.size() == 1) {
+                throw new ServiceException("至少要保留一个账号在企业管理员角色下!");
+            }
+            userNum = userIds.size();
+        }
+        return userNum;
+    }
    /**
     * 批量选择授权用户角色
     *

--- a/dsk-system/src/main/java/com/dsk/system/service/impl/SysUserServiceImpl.java
+++ b/dsk-system/src/main/java/com/dsk/system/service/impl/SysUserServiceImpl.java
@@ -397,6 +397,9 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
    @Transactional(rollbackFor = Exception.class)
    public int updateUser(SysUser user) {
        Long userId = user.getUserId();
+        //校验企业管理员角色下是否至少有一个账号
+        checkAdminHasUsers(user);
        // 删除用户与角色关联
        userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().eq(SysUserRole::getUserId, userId));
        // 新增用户与角色管理
@@ -408,6 +411,45 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
        return baseMapper.updateById(user);
    }
+    /**
+     * 校验企业管理员角色下是否至少有一个账号
+     *
+     * @param user 待修改用户
+     */
+    void checkAdminHasUsers(SysUser user) {
+        //获取企业管理员角色
+        SysRole adminRole = roleMapper.selectOne(new LambdaQueryWrapper<SysRole>()
+                .select(SysRole::getRoleId)
+                .eq(SysRole::getStatus, UserConstants.USER_NORMAL)
+                .eq(SysRole::getDelFlag, UserConstants.USER_NORMAL)
+                .eq(SysRole::getRoleKey, "admin"));
+        //如果目前企业管理员角色下仅有1个账号
+        List<Long> userIds = userRoleMapper.selectUserIdsByRoleId(adminRole.getRoleId());
+        int enableAccount = 0;
+        for (Long userId : userIds) {
+            SysUser sysUser = baseMapper.selectUserById(userId);
+            if (UserConstants.USER_NORMAL.equals(sysUser.getStatus())) {
+                enableAccount++;
+            }
+        }
+        if (enableAccount == 1) {
+            //如果仅有的账号ID与待修改的用户ID相同,且修改后的账号角色不包含企业管理员角色
+            if (userIds.get(0).longValue() == user.getUserId().longValue()
+                    && !ArrayUtil.contains(user.getRoleIds(), adminRole.getRoleId())) {
+                throw new ServiceException("至少要保留一个账号在企业管理员角色下!");
+            }
+            //如果仅有的账号ID与待修改的用户ID相同,且修改后的账号角色包含企业管理员角色,但状态为禁用
+            if (userIds.get(0).longValue() == user.getUserId().longValue()
+                    && ArrayUtil.contains(user.getRoleIds(), adminRole.getRoleId())
+                    && UserConstants.USER_DISABLE.equals(user.getStatus())) {
+                throw new ServiceException("至少要保留一个可用账号在企业管理员角色下!");
+            }
+        }
+    }
    /**
     * 用户授权角色
     *
@@ -430,6 +472,11 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
     */
    @Override
    public int updateUserStatus(SysUser user) {
+        //如果禁用用户
+        if (UserConstants.USER_DISABLE.equals(user.getStatus())) {
+            //校验企业管理员角色下是否至少有一个可用账号
+            checkAdminHasUsers(baseMapper.selectUserById(user.getUserId()));
+        }
        return baseMapper.updateById(user);
    }
@@ -560,7 +607,10 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
        for (Long userId : userIds) {
            checkUserAllowed(new SysUser(userId));
            checkUserDataScope(userId);
+            //校验企业管理员角色下是否至少有一个账号
+            checkAdminHasUsers(baseMapper.selectUserById(userId));
        }
        List<Long> ids = Arrays.asList(userIds);
        // 删除用户与角色关联
        userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().in(SysUserRole::getUserId, ids));