0...

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/UserController.java

@@ -100,17 +100,22 @@ public class UserController extends ControllerSupport {
 	@ApiOperation(value = "查询所有用户", notes = "")
 	@GetMapping("all/{curPage}/{pageSize}")
 	public PageInfo<UserDomain> getUserPage(@PathVariable Integer curPage,
-			@PathVariable Integer pageSize, @RequestParam Long rootOrgId,
+			@PathVariable Integer pageSize, @RequestParam(required = false) Long rootOrgId,
 			@RequestParam String loginName, @RequestParam String name,
 			@RequestParam(required = false) Boolean enable,
 			@RequestParam(required = false) Long roleId, @RequestParam(required = false) Long orgId,
 			@RequestParam(required = false) String roleCode) {
 
 		User accessUser = getAccessUser();
-		if ((!isSuperAdmin()) && (!rootOrgId.equals(accessUser.getRootOrgId()))) {
-			throw new StatusException("B-150001", "非法请求");
+
+		if (null == rootOrgId) {
+			rootOrgId = accessUser.getRootOrgId();
+		} else {
+			validateRootOrgIsolation(rootOrgId);
 		}
 
+		final Long finalRootOrgId = rootOrgId;
+
 		OrgEntity rootOrg = orgRepo.findOne(rootOrgId);
 		if (null == rootOrg) {
 			throw new StatusException("B-150003", "机构不存在");
@@ -140,7 +145,7 @@ public class UserController extends ControllerSupport {
 
 		Specification<UserEntity> specification = (root, query, cb) -> {
 			List<Predicate> predicates = new ArrayList<>();
-			predicates.add(cb.equal(root.get("rootOrgId"), rootOrgId));
+			predicates.add(cb.equal(root.get("rootOrgId"), finalRootOrgId));
 
 			if (StringUtils.isNotBlank(loginName)) {
 				predicates.add(cb.like(root.get("loginName"), toSqlSearchPattern(loginName)));