|
@@ -146,15 +146,19 @@ public class AdminController {
|
|
|
|
|
|
|
|
@RequestMapping(value = "/register", method = RequestMethod.POST)
|
|
@RequestMapping(value = "/register", method = RequestMethod.POST)
|
|
|
public void Register(HttpServletRequest request, HttpServletResponse response, @RequestBody Admin admin){
|
|
public void Register(HttpServletRequest request, HttpServletResponse response, @RequestBody Admin admin){
|
|
|
-
|
|
|
|
|
|
|
+ if(admin.getName().equalsIgnoreCase("superadmin")){
|
|
|
|
|
+ HttpUtil.responseApiCode(request, response, ApiCode.PARAMETER_ERROR);
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
String id = request.getHeader("id");
|
|
String id = request.getHeader("id");
|
|
|
Admin superAdmin = adminService.GetOne(Long.valueOf(id));
|
|
Admin superAdmin = adminService.GetOne(Long.valueOf(id));
|
|
|
if(superAdmin==null || false==superAdmin.getName().equalsIgnoreCase("superadmin")){
|
|
if(superAdmin==null || false==superAdmin.getName().equalsIgnoreCase("superadmin")){
|
|
|
HttpUtil.responseApiCode(request, response, ApiCode.ACCESS_DENIED);
|
|
HttpUtil.responseApiCode(request, response, ApiCode.ACCESS_DENIED);
|
|
|
return;
|
|
return;
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+ admin = InsertUpdate(request, response, admin);
|
|
|
TrailController.Insert(adminService, trailService, request, "admin", admin.getId(), " 创建管理员:" + admin.getName());
|
|
TrailController.Insert(adminService, trailService, request, "admin", admin.getId(), " 创建管理员:" + admin.getName());
|
|
|
- InsertUpdate(request, response, admin);
|
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
@RequestMapping(value = "/update", method = RequestMethod.POST)
|
|
@RequestMapping(value = "/update", method = RequestMethod.POST)
|
|
@@ -163,12 +167,18 @@ public class AdminController {
|
|
|
HttpUtil.responseApiCode(request, response, ApiCode.PARAMETER_ERROR);
|
|
HttpUtil.responseApiCode(request, response, ApiCode.PARAMETER_ERROR);
|
|
|
return;
|
|
return;
|
|
|
}
|
|
}
|
|
|
|
|
+ admin = InsertUpdate(request, response, admin);
|
|
|
TrailController.Insert(adminService, trailService, request, "admin", admin.getId(), " 修改管理员:" + admin.getName());
|
|
TrailController.Insert(adminService, trailService, request, "admin", admin.getId(), " 修改管理员:" + admin.getName());
|
|
|
- InsertUpdate(request, response, admin);
|
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
@RequestMapping(value = "/delete", method = RequestMethod.POST)
|
|
@RequestMapping(value = "/delete", method = RequestMethod.POST)
|
|
|
public void Delete(HttpServletRequest request, HttpServletResponse response){
|
|
public void Delete(HttpServletRequest request, HttpServletResponse response){
|
|
|
|
|
+ String id = request.getHeader("id");
|
|
|
|
|
+ Admin superAdmin = adminService.GetOne(Long.valueOf(id));
|
|
|
|
|
+ if(superAdmin==null || false==superAdmin.getName().equalsIgnoreCase("superadmin")){
|
|
|
|
|
+ HttpUtil.responseApiCode(request, response, ApiCode.ACCESS_DENIED);
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
String idAdmin = request.getParameter("idAdmin");
|
|
String idAdmin = request.getParameter("idAdmin");
|
|
|
adminService.Delete(Long.valueOf(idAdmin));
|
|
adminService.Delete(Long.valueOf(idAdmin));
|
|
|
HttpUtil.responseOk(request, response);
|
|
HttpUtil.responseOk(request, response);
|
yaobo