Merge pull request #100 from TaleLin/fix-99

fix: 删除用户接口(deleteUser) 不允许删除 root 分组的用户
TaleLin · Nov 25, 2020 · 12cda53 · 12cda53
2 parents 8006a52 + e7ac223
commit 12cda53
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/app/config/code-message.js b/app/config/code-message.js
@@ -56,6 +56,7 @@ module.exports = {
     10076: '邮箱已被使用，请重新填入新的邮箱',
     10077: '不可将用户分配给不存在的分组',
     10078: '不可修改root用户的分组',
+    10079: 'root分组的用户不可删除',
     10080: '请求方法不允许',
     10100: '刷新令牌获取失败',
     10110: '{name}大小不能超过{size}字节',

diff --git a/app/dao/admin.js b/app/dao/admin.js
@@ -102,6 +102,17 @@ class AdminDao {
         code: 10021
       });
     }
+    const root = await UserGroupModel.findOne({
+      where: {
+        group_id: GroupLevel.Root,
+        user_id: id
+      }
+    })
+    if (root) {
+      throw new Forbidden({
+        code: 10079
+      })
+    }
     let transaction;
     try {
       transaction = await sequelize.transaction();