...

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/RolePrivilegeController.java

@@ -195,6 +195,13 @@ public class RolePrivilegeController extends ControllerSupport {
 		Long rootOrgId = Long.parseLong(req.getRootOrgId());
 		Long roleId = Long.parseLong(req.getRoleId());
 		Set<Long> privilegeIdSet = req.getPrivilegeIdSet();
+
+		User accessUser = getAccessUser();
+		Long userRootOrgId = accessUser.getRootOrgId();
+		if ((!rootOrgId.equals(userRootOrgId)) && (!isSuperAdmin())) {
+			throw new StatusException("B-012001", "非法请求");
+		}
+
 		rolePrivilegeService.updateRolePrivilegeRelations(rootOrgId, roleId, privilegeIdSet);
 	}
 

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/provider/UserCloudServiceProvider.java

@@ -110,7 +110,7 @@ public class UserCloudServiceProvider extends ControllerSupport implements UserC
 				for (UserRole cur : userRoles) {
 					RoleBean roleBean = new RoleBean();
 					roleBean.setRoleCode(cur.getRoleCode());
-					String roleName = RoleMeta.valueOf(cur.getRoleCode()).getCnName();
+					String roleName = RoleMeta.valueOf(cur.getRoleCode()).getName();
 					roleBean.setRoleName(roleName);
 					roleList.add(roleBean);
 				}
@@ -158,7 +158,7 @@ public class UserCloudServiceProvider extends ControllerSupport implements UserC
 		userBean.setIdentityNumber(student.getIdentityNumber());
 		// 设置学生角色
 		ArrayList<RoleBean> roleList = Lists.newArrayList();
-		roleList.add(new RoleBean(RoleMeta.STUDENT.name(), RoleMeta.STUDENT.getCnName()));
+		roleList.add(new RoleBean(RoleMeta.STUDENT.name(), RoleMeta.STUDENT.getName()));
 		userBean.setRoleList(roleList);
 
 		Org org = orgRepo.findOne(user.getOrgId());

examcloud-core-basic-dao/src/main/java/cn/com/qmth/examcloud/core/basic/dao/entity/UserRole.java

@@ -20,9 +20,6 @@ public class UserRole implements Serializable{
     @GeneratedValue
     private Long id;
 
-    @NotNull
-    private String appCode;
-
     @NotNull
     private String roleCode;
 
@@ -38,14 +35,6 @@ public class UserRole implements Serializable{
         this.id = id;
     }
 
-    public String getAppCode() {
-        return appCode;
-    }
-
-    public void setAppCode(String appCode) {
-        this.appCode = appCode;
-    }
-
     public String getRoleCode() {
         return roleCode;
     }
@@ -57,8 +46,7 @@ public class UserRole implements Serializable{
     public UserRole() {
     }
     
-    public UserRole(String appCode,String roleCode) {
-    	this.appCode = appCode;
+    public UserRole(String roleCode) {
     	this.roleCode = roleCode;
     }
 }

examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/OrgService.java

@@ -117,7 +117,7 @@ public class OrgService {
 		user.setCreateTime(new Date());
 		user.setPassword(Consts.DEFAULT_PASSWORD);
 		List<UserRole> userRoles = new ArrayList<UserRole>();
-		userRoles.add(new UserRole("ecs_exam_work", "LC_USER"));
+		userRoles.add(new UserRole("LC_USER"));
 		user.setUserRoles(userRoles);
 		userRepo.save(user);
 	}

examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/StudentService.java

@@ -156,7 +156,7 @@ public class StudentService {
             }
             user.setPassword(password);
             List<UserRole> userRoles = new ArrayList<UserRole>();
-            userRoles.add(new UserRole("ecs_oe", "STUDENT"));
+            userRoles.add(new UserRole("STUDENT"));
             user.setUserRoles(userRoles);
             userRepo.save(user);
             student.setUser(user);

examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/UserServiceImpl.java

@@ -395,9 +395,9 @@ public class UserServiceImpl  implements UserService{
         AccessUser accessUser = new AccessUser();
         Set<UserRole> userRoleSet = new HashSet<UserRole>(user.getUserRoles());
         Org org = orgService.findOne(user.getRootOrgId());
-        Map<String,Set<String>> rolesMap = userRoleSet.stream()
-                .collect(Collectors.groupingBy(UserRole::getAppCode,
-                        Collectors.mapping(UserRole::getRoleCode,Collectors.toSet())));
+//        Map<String,Set<String>> rolesMap = userRoleSet.stream()
+//                .collect(Collectors.groupingBy(UserRole::getAppCode,
+//                        Collectors.mapping(UserRole::getRoleCode,Collectors.toSet())));
         accessUser.setLoginName(user.getLoginName());
         accessUser.setName(user.getName());
         accessUser.setOrgId(user.getOrgId());
@@ -406,7 +406,7 @@ public class UserServiceImpl  implements UserService{
             accessUser.setRootOrgName(org.getName());
         }
         accessUser.setUserId(user.getId());
-        accessUser.setRoles(rolesMap);
+//        accessUser.setRoles(rolesMap);
         accessUser.setToken(token);
         accessUser.setStudentId(studentId);
         accessUserOps.set(token,accessUser);
@@ -450,7 +450,7 @@ public class UserServiceImpl  implements UserService{
     public List<String> getRoleNames(List<UserRole> userRoles){
 
         List<String> roleNameList = userRoles.stream()
-                .map(userRole -> RoleMeta.valueOf(userRole.getRoleCode()).getCnName())
+                .map(userRole -> RoleMeta.valueOf(userRole.getRoleCode()).getName())
                 .collect(Collectors.toList());
         return roleNameList;
 
@@ -538,7 +538,7 @@ public class UserServiceImpl  implements UserService{
 		user.setOrgId(rootOrgId);
 		user.setRootOrgId(rootOrgId);
 		user.setPassword(loginName);
-		UserRole userRole = new UserRole(RoleMeta.MARKER.getAppCode(), RoleMeta.MARKER.toString());
+		UserRole userRole = new UserRole(RoleMeta.MARKER.toString());
 		List<UserRole> userRoles = new LinkedList<UserRole>();
 		userRoles.add(userRole);
 		user.setUserRoles(userRoles);