Pre Merge pull request !422 from root/N/A

将isAdmin方法统一到SecurityUtils
2026-01-05 07:10:30 +00:00 · 2026-01-05 15:10:29 +08:00 · 2026-01-05 15:10:16 +08:00 · 2025-07-16 02:35:07 +00:00
9 changed files with 23 additions and 21 deletions
--- a/docker/nginx/conf/nginx.conf
+++ b/docker/nginx/conf/nginx.conf
@ -28,10 +28,9 @@ http {
            proxy_pass http://ruoyi-gateway:8080/;
        }

-        # 避免actuator暴露
-        if ($uri ~ "/actuator") {
-            return 403;
-        }
+        # springdoc proxy
+        location~^/v3/api-docs/(.*){
+            proxy pass http://localhost:8080/v3/api-docs/$1;

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
--- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
+++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
@ -114,11 +114,6 @@ public class SysUser extends BaseEntity
    }

    public boolean isAdmin()
-    {
-        return isAdmin(this.userId);
-    }
-
-    public static boolean isAdmin(Long userId)
    {
        return UserConstants.isAdmin(userId);
    }
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
@ -1,13 +1,14 @@
 package com.ruoyi.common.security.utils;

-import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import com.ruoyi.common.core.constant.SecurityConstants;
 import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.constant.UserConstants;
 import com.ruoyi.common.core.context.SecurityContextHolder;
 import com.ruoyi.common.core.utils.ServletUtils;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.system.api.model.LoginUser;
+import jakarta.servlet.http.HttpServletRequest;

 /**
 * 权限获取工具类
@ -79,6 +80,16 @@ public class SecurityUtils
        return token;
    }

+    /**
+     * 是否为管理员
+     * 
+     * @return 结果
+     */
+    public static boolean isAdmin()
+    {
+        return isAdmin(getUserId());
+    }
+
    /**
     * 是否为管理员
     * 
@ -87,7 +98,7 @@ public class SecurityUtils
     */
    public static boolean isAdmin(Long userId)
    {
-        return userId != null && 1L == userId;
+        return UserConstants.isAdmin(userId);
    }

    /**
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
@ -235,7 +235,7 @@ public class SysUserController extends BaseController
            ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
        }
        List<SysRole> roles = roleService.selectRoleAll();
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+        ajax.put("roles", SecurityUtils.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        ajax.put("posts", postService.selectPostAll());
        return ajax;
    }
@ -350,7 +350,7 @@ public class SysUserController extends BaseController
        SysUser user = userService.selectUserById(userId);
        List<SysRole> roles = roleService.selectRolesByUserId(userId);
        ajax.put("user", user);
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+        ajax.put("roles", SecurityUtils.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        return ajax;
    }

--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
@ -15,7 +15,6 @@ import com.ruoyi.common.datascope.annotation.DataScope;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.SysDept;
 import com.ruoyi.system.api.domain.SysRole;
-import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.domain.vo.TreeSelect;
 import com.ruoyi.system.mapper.SysDeptMapper;
 import com.ruoyi.system.mapper.SysRoleMapper;
@ -190,7 +189,7 @@ public class SysDeptServiceImpl implements ISysDeptService
    @Override
    public void checkDeptDataScope(Long deptId)
    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()) && StringUtils.isNotNull(deptId))
+        if (!SecurityUtils.isAdmin() && StringUtils.isNotNull(deptId))
        {
            SysDept dept = new SysDept();
            dept.setDeptId(deptId);
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java
@ -15,7 +15,6 @@ import com.ruoyi.common.core.constant.UserConstants;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.SysRole;
-import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.domain.SysMenu;
 import com.ruoyi.system.domain.vo.MetaVo;
 import com.ruoyi.system.domain.vo.RouterVo;
@ -67,7 +66,7 @@ public class SysMenuServiceImpl implements ISysMenuService
    {
        List<SysMenu> menuList = null;
        // 管理员显示所有菜单信息
-        if (SysUser.isAdmin(userId))
+        if (SecurityUtils.isAdmin(userId))
        {
            menuList = menuMapper.selectMenuList(menu);
        }
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@ -15,7 +15,6 @@ import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.datascope.annotation.DataScope;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.SysRole;
-import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.domain.SysRoleDept;
 import com.ruoyi.system.domain.SysRoleMenu;
 import com.ruoyi.system.domain.SysUserRole;
@ -197,7 +196,7 @@ public class SysRoleServiceImpl implements ISysRoleService
    @Override
    public void checkRoleDataScope(Long... roleIds)
    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()))
+        if (!SecurityUtils.isAdmin())
        {
            for (Long roleId : roleIds)
            {
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
@ -238,7 +238,7 @@ public class SysUserServiceImpl implements ISysUserService
    @Override
    public void checkUserDataScope(Long userId)
    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()))
+        if (!SecurityUtils.isAdmin())
        {
            SysUser user = new SysUser();
            user.setUserId(userId);
--- a/ruoyi-ui/src/settings.js
+++ b/ruoyi-ui/src/settings.js
@ -52,5 +52,5 @@ module.exports = {
  /**
   * 底部版权文本内容
   */
-  footerContent: 'Copyright © 2018-2025 RuoYi. All Rights Reserved.'
+  footerContent: 'Copyright © 2018-2026 RuoYi. All Rights Reserved.'
 }
Author	SHA1	Message	Date
root	b68ba4d955	Pre Merge pull request !422 from root/N/A	2026-01-05 07:10:30 +00:00
RuoYi	ec8e955955	copyright 2026	2026-01-05 15:10:29 +08:00
RuoYi	0398aa0333	将isAdmin方法统一到SecurityUtils	2026-01-05 15:10:16 +08:00
root	64410bafc4	update docker/nginx/conf/nginx.conf. Signed-off-by: root <15907907+xuezhihongg@user.noreply.gitee.com>	2025-07-16 02:35:07 +00:00