。。。。。

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/OrgController.java

@@ -62,6 +62,7 @@ import cn.com.qmth.examcloud.core.basic.dao.OrgRepo;
 import cn.com.qmth.examcloud.core.basic.dao.entity.OrgEntity;
 import cn.com.qmth.examcloud.core.basic.dao.entity.OrgPropertyEntity;
 import cn.com.qmth.examcloud.core.basic.dao.enums.OrgProperty;
+import cn.com.qmth.examcloud.core.basic.service.SystemPropertyService;
 import cn.com.qmth.examcloud.core.basic.service.bean.OrgInfo;
 import cn.com.qmth.examcloud.core.basic.service.cache.OrgCache;
 import cn.com.qmth.examcloud.core.basic.service.cache.RootOrgCache;
@@ -127,6 +128,9 @@ public class OrgController extends ControllerSupport {
 	@Autowired
 	SystemPropertyCache systemPropertyCache;
 
+	@Autowired
+	SystemPropertyService systemPropertyService;
+
 	@ApiOperation(value = "分页查询所有机构")
 	@GetMapping("fullOrgPage/{curPage}/{pageSize}")
 	public PageInfo<OrgDomain> getFullOrgPage(@PathVariable Integer curPage,
@@ -1056,6 +1060,21 @@ public class OrgController extends ControllerSupport {
 		OrgCacheBean org = CacheHelper.getOrg(orgId);
 
 		Map<String, String> properties = domain.getProperties();
+
+		if (!isSuperAdmin()) {
+			String editableProperties4SuperAdmin = (String) systemPropertyService
+					.get("editableProperties4SuperAdmin");
+			if (StringUtils.isNotBlank(editableProperties4SuperAdmin)) {
+				editableProperties4SuperAdmin = "," + editableProperties4SuperAdmin + ",";
+				for (String cur : properties.keySet()) {
+					cur = "," + cur + ",";
+					if (!editableProperties4SuperAdmin.contains(cur)) {
+						throw new StatusException("140050", "非法操作");
+					}
+				}
+			}
+		}
+
 		properties.put("ROOT_ORG_ID", String.valueOf(org.getRootId()));
 
 		List<String> relatedPropertyGroupIdList = domain.getRelatedPropertyGroupIdList();