From 77c6ab6f44e87b70269373c5ca84f8a94e2415a8 Mon Sep 17 00:00:00 2001 From: wucongxing8150 <815046773@qq.com> Date: Mon, 4 Mar 2024 13:59:08 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AF=86=E7=A0=81=E6=8E=A5?= =?UTF-8?q?=E5=8F=A3=E6=94=B9=E5=8A=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/controller/adminUser.go | 6 +++--- api/requests/user.go | 1 + api/service/adminUser.go | 32 +++++++++++++++++++++++++++++--- 3 files changed, 33 insertions(+), 6 deletions(-) diff --git a/api/controller/adminUser.go b/api/controller/adminUser.go index 25929ed..de5e5fc 100644 --- a/api/controller/adminUser.go +++ b/api/controller/adminUser.go @@ -213,15 +213,15 @@ func (r *AdminUser) PutUserPassword(c *gin.Context) { return } - userId := c.GetInt64("UserId") - if userId == 0 { + adminUserId := c.GetInt64("UserId") + if adminUserId == 0 { responses.FailWithMessage("用户错误", c) return } // 业务处理 userService := service.AdminUserService{} - _, err := userService.PutUserPassword(userId, UserRequest.PutUserPassword) + _, err := userService.PutUserPassword(adminUserId, UserRequest.PutUserPassword) if err != nil { responses.FailWithMessage(err.Error(), c) return diff --git a/api/requests/user.go b/api/requests/user.go index 531bfcd..10071a7 100644 --- a/api/requests/user.go +++ b/api/requests/user.go @@ -62,4 +62,5 @@ type PutUser struct { type PutUserPassword struct { Password string `json:"password" form:"password" validate:"required" label:"原密码"` NewPassword string `json:"new_password" form:"new_password" validate:"required" label:"新密码"` + UserId string `json:"user_id" form:"user_id" validate:"required" label:"用户id"` } diff --git a/api/service/adminUser.go b/api/service/adminUser.go index d91aa9f..a8121ab 100644 --- a/api/service/adminUser.go +++ b/api/service/adminUser.go @@ -325,11 +325,37 @@ func (r *AdminUserService) PutUser(c *gin.Context, requestUserId int64, putUserR } // PutUserPassword 修改用户密码 -func (r *AdminUserService) PutUserPassword(requestUserId int64, putUserPasswordRequest requests.PutUserPassword) (bool, error) { +func (r *AdminUserService) PutUserPassword(adminUserId int64, putUserPasswordRequest requests.PutUserPassword) (bool, error) { adminUserDao := dao.AdminUserDao{} + // 将 id 转换为 int64 类型 + userId, err := strconv.ParseInt(putUserPasswordRequest.UserId, 10, 64) + if err != nil { + return false, errors.New("错误") + } + + // 获取当前登录用户数据 + adminUser, err := adminUserDao.GetAdminUserFirstById(adminUserId) + if err != nil || adminUser == nil { + return false, errors.New("用户数据错误") + } + + // 获取登录用户角色数据 + adminRoleDao := dao.AdminRoleDao{} + adminRole, err := adminRoleDao.GetAdminRoleFirstById(adminUser.RoleID) + if err != nil || adminRole == nil { + return false, errors.New("角色错误") + } + + // 非超级管理员无法修改其他用户数据 + if adminRole.IsAdmin != 1 { + if adminUserId != userId { + return false, errors.New("无法修改他人密码") + } + } + // 获取需修改用户数据 - adminUser, err := adminUserDao.GetAdminUserFirstById(requestUserId) + adminUser, err = adminUserDao.GetAdminUserFirstById(userId) if err != nil || adminUser == nil { return false, errors.New("用户数据错误") } @@ -387,7 +413,7 @@ func (r *AdminUserService) PutUserPassword(requestUserId int64, putUserPasswordR // 修改角色 data := make(map[string]interface{}) data["password"] = newPasswordString - err = adminUserDao.EditAdminUserById(tx, requestUserId, data) + err = adminUserDao.EditAdminUserById(tx, userId, data) if err != nil { tx.Rollback() return false, errors.New("修改失败")