处理管理员校验问题

2026-05-07 23:57:20 +08:00 · 2022-09-16 09:20:49 +08:00
parent bad3c391b4
commit e1719bd1fa
1 changed files with 21 additions and 2 deletions
--- a/server/like-admin/src/main/java/com/mdd/admin/service/system/impl/SystemAuthAdminServiceImpl.java
+++ b/server/like-admin/src/main/java/com/mdd/admin/service/system/impl/SystemAuthAdminServiceImpl.java
@@ -319,6 +319,13 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {
        if (systemAuthAdminParam.getPassword() != null && systemAuthAdminParam.getId().equals(id)) {
            String token = Objects.requireNonNull(RequestUtil.handler()).getHeader("token");
            RedisUtil.del(AdminConfig.backstageTokenKey + token);
+
+            Set<Object> ts = RedisUtil.sGet(AdminConfig.backstageTokenSet + id);
+            for (Object t: ts) {
+                RedisUtil.del(AdminConfig.backstageTokenKey+t.toString());
+            }
+            RedisUtil.del(AdminConfig.backstageTokenSet + id);
+            RedisUtil.sSet(AdminConfig.backstageTokenSet + id, token);
        }
    }

@@ -366,8 +373,17 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {
        this.cacheAdminUserByUid(adminId);

        if (systemAuthAdminParam.getPassword() != null) {
+
            String token = Objects.requireNonNull(RequestUtil.handler()).getHeader("token");
            RedisUtil.del(AdminConfig.backstageTokenKey + token);
+
+            int uid = model.getId();
+            Set<Object> ts = RedisUtil.sGet(AdminConfig.backstageTokenSet + uid);
+            for (Object t: ts) {
+                RedisUtil.del(AdminConfig.backstageTokenKey+t.toString());
+            }
+            RedisUtil.del(AdminConfig.backstageTokenSet + uid);
+            RedisUtil.sSet(AdminConfig.backstageTokenSet + model.getId(), token);
        }
    }

@@ -386,10 +402,10 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {
                .eq("is_delete", 0)
                .last("limit 1")), "账号已不存在!");

-        Assert.isFalse(id == 1, "系统管理员不允许删除");
+        Assert.isFalse(id == 1, "系统管理员不允许删除!");

        int adminId = Integer.parseInt(LikeAdminThreadLocal.getAdminId().toString());
-        Assert.isFalse(id == adminId, "不能删除自己");
+        Assert.isFalse(id == adminId, "不能删除自己!");

        SystemAuthAdmin model = new SystemAuthAdmin();
        model.setId(id);
@@ -416,6 +432,9 @@ public class SystemAuthAdminServiceImpl implements ISystemAuthAdminService {

        Assert.notNull(systemAuthAdmin, "账号已不存在!");

+        int adminId = Integer.parseInt(LikeAdminThreadLocal.getAdminId().toString());
+        Assert.isFalse(id == adminId, "不能禁用自己!");
+
        Integer disable = systemAuthAdmin.getIsDisable() == 1 ? 0 : 1;
        systemAuthAdmin.setIsDisable(disable);
        systemAuthAdmin.setUpdateTime(TimeUtil.timestamp());