优化用户管理下的授权角色、授权数据、重置密码权限不严谨问题。

2018-05-22 22:13:38 +08:00
parent 18ba4b9075
commit dc3d70e96f
6 changed files with 63 additions and 100 deletions
--- a/modules/core/src/main/resources/config/jeesite-core.yml
+++ b/modules/core/src/main/resources/config/jeesite-core.yml
@@ -1,20 +1,5 @@
 # 温馨提示：不建议直接修改此文件，为了平台升级方便，建议将需要修改的参数值，复制到jeesite.yml里进行覆盖该参数值。

-#============================#
-#===== Project settings =====#
-#============================#
-
-# 产品或项目名称、版本、版权年份
-productName: JeeSite Demo
-productVersion: V4.0
-copyrightYear: 2018
-
-# 软件提供商公司或个人名称
-companyName: ThinkGem
-
-#是否演示模式
-demoMode: false
-
 #============================#
 #===== Database sttings =====#
 #============================#
@@ -22,38 +7,6 @@ demoMode: false
 # 数据库连接
 jdbc: 
  
-#  # Mysql 数据库配置
-#  type: mysql
-#  driver: com.mysql.jdbc.Driver
-#  url: jdbc:mysql://127.0.0.1:3306/jeesite?useUnicode=true&characterEncoding=utf-8&zeroDateTimeBehavior=convertToNull
-#  username: root
-#  password: 123456
-#  testSql: SELECT 1
-#
-#  # Oracle 数据库配置
-#  type: oracle
-#  driver: oracle.jdbc.driver.OracleDriver
-#  url: jdbc:oracle:thin:@127.0.0.1:1521/orcl
-#  username: jeesite
-#  password: jeesite
-#  testSql: SELECT 1 FROM DUAL
-#
-#  # Sql Server 数据库配置
-#  type: mssql
-#  driver: net.sourceforge.jtds.jdbc.Driver
-#  url: jdbc:jtds:sqlserver://127.0.0.1:1433/jeesite
-#  username: jeesite
-#  password: jeesite
-#  testSql: SELECT 1
-#  
-#  # PostgreSql 数据库配置（注意：一定要创建的schema与username相同，否则将找不到数据表字典信息）
-#  type: postgresql
-#  driver: org.postgresql.Driver
-#  url: jdbc:postgresql://127.0.0.1:5432/jeesite
-#  username: jeesite
-#  password: jeesite
-#  testSql: SELECT 1
-
  # 连接信息加密
  encrypt:
  
@@ -445,11 +398,15 @@ msg:
  realtime:
    # 是否开启
    enabled: true
-    # 消息发送任务Bean名称
-    sendTaskBeanName: msgLocalSendTask
+    # 消息实时推送任务Bean名称
+    beanName: msgLocalPushTask
+  
+  # 推送失败次数，如果推送次数超过了设定次数，仍不成功，则放弃并保存到历史
+  pushFailNumber: 3

  # 邮件发送参数
  email:
+    beanName: emailSendService
    fromAddress: jeesite_demo@163.com
    fromPassword: jeesitedemo1234
    fromHostName: smtp.163.com
@@ -458,12 +415,15 @@ msg:

  # 短信网关
  sms:
+    beanName: smsSendService
    url: http://host:port/msg/sendSms
    data: account=demo&pswd=demo&product=
+    prefix: ~
    suffix: 【JeeSite】

  # 微信相关
  weixin:
+    beanName: weixinSendService
    #微信应用ID
    appid: ~
    #微信应用密钥
--- a/modules/core/src/main/resources/views/error/500.html
+++ b/modules/core/src/main/resources/views/error/500.html
@@ -46,7 +46,7 @@ else {
 <% if (@ObjectUtils.toBoolean(@Global.getConfig('error.page.printErrorInfo', 'true'))){ %>
 <div class="box mt20">
 	${@StringUtils.toHtml(@ExceptionUtils.getStackTraceAsString(ex))}<br/>
-	此异常信息若不想输出，可打开jeesite.properties文件，设置error.page.printErrorInfo=false即可
+	此异常信息若不想输出，可打开jeesite.yml文件，设置error.page.printErrorInfo=false即可
 </div>
 <% } %>
 <% } %>
--- a/modules/core/src/main/resources/views/modules/sys/user/empUserList.html
+++ b/modules/core/src/main/resources/views/modules/sys/user/empUserList.html
@@ -115,18 +115,30 @@ $('#dataGrid').dataGrid({
 			var actions = [];
 			<% if(hasPermi('sys:empUser:edit')){ %>
 				actions.push('<a href="${ctx}/sys/empUser/form?userCode='+row.userCode+'&op=edit" class="btnList" title="${text('编辑用户')}"><i class="fa fa-pencil"></i></a>&nbsp;');
+			<% } %>
+			<% if(hasPermi('sys:empUser:updateStatus')){ %>
 				if (row.status == Global.STATUS_NORMAL){
 					actions.push('<a href="${ctx}/sys/empUser/disable?userCode='+row.userCode+'" class="btnList" title="${text('停用用户')}" data-confirm="${text('确认要停用该用户吗？')}"><i class="glyphicon glyphicon-ban-circle"></i></a>&nbsp;');
 				}
 				if (row.status == Global.STATUS_DISABLE){
 					actions.push('<a href="${ctx}/sys/empUser/enable?userCode='+row.userCode+'" class="btnList" title="${text('启用用户')}" data-confirm="${text('确认要启用该用户吗？')}"><i class="glyphicon glyphicon-ok-circle"></i></a>&nbsp;');
 				}
+			<% } %>
+			<% if(hasPermi('sys:empUser:edit')){ %>
 				actions.push('<a href="${ctx}/sys/empUser/delete?userCode='+row.userCode+'" class="btnList" title="${text('删除用户')}" data-confirm="${text('确认要删除该用户吗？')}"><i class="fa fa-trash-o"></i></a>&nbsp;');
+			<% } %>
+			<% if(hasPermi('sys:empUser:authRole,sys:empUser:authDataScope,sys:empUser:resetpwd', 'or')){ %>
 				actions.push('<a href="javascript:" class="btnMore" title="${text('更多操作')}"><i class="fa fa-chevron-circle-right"></i></a>&nbsp;');
 				actions.push('<div class="moreItems">');
-				actions.push('<a href="${ctx}/sys/empUser/form?userCode='+row.userCode+'&op=auth" class="btn btn-default btn-xs btnList" title="${text('用户分配角色')}"><i class="fa fa-check-square-o"></i> ${text('分配角色')}</a>&nbsp;');
-				actions.push('<a href="${ctx}/sys/empUser/formAuthDataScope?userCode='+row.userCode+'" class="btn btn-default btn-xs btnList" title="${text('用户分配数据权限')}"><i class="fa fa-check-circle-o"></i> ${text('数据权限')}</a>&nbsp;');
-				actions.push('<a href="${ctx}/sys/empUser/resetpwd?userCode='+row.userCode+'" class="btn btn-default btn-xs btnList" title="${text('用户密码重置')}" data-confirm="${text('确认要将该用户密码重置到初始状态吗？')}"><i class="fa fa-reply-all"></i> ${text('重置密码')}</a>&nbsp;');
+				<% if(hasPermi('sys:empUser:authRole')){ %>
+					actions.push('<a href="${ctx}/sys/empUser/form?userCode='+row.userCode+'&op=auth" class="btn btn-default btn-xs btnList" title="${text('用户分配角色')}"><i class="fa fa-check-square-o"></i> ${text('分配角色')}</a>&nbsp;');
+				<% } %>
+				<% if(hasPermi('sys:empUser:authDataScope')){ %>
+					actions.push('<a href="${ctx}/sys/empUser/formAuthDataScope?userCode='+row.userCode+'" class="btn btn-default btn-xs btnList" title="${text('用户分配数据权限')}"><i class="fa fa-check-circle-o"></i> ${text('数据权限')}</a>&nbsp;');
+				<% } %>
+				<% if(hasPermi('sys:empUser:resetpwd')){ %>
+					actions.push('<a href="${ctx}/sys/empUser/resetpwd?userCode='+row.userCode+'" class="btn btn-default btn-xs btnList" title="${text('用户密码重置')}" data-confirm="${text('确认要将该用户密码重置到初始状态吗？')}"><i class="fa fa-reply-all"></i> ${text('重置密码')}</a>&nbsp;');
+				<% } %>
 				actions.push('</div>');
 			<% } %>
 			return actions.join('');