xuqmGroup/XuqmGroup-Server
0
0
派生 0
代码 工单 合并请求 版本发布 百科 动态

fix(im): allow tenant admin to access IM admin APIs (kick, batch-send, read, import, user-state)

浏览代码 
- Change @PreAuthorize from hasAuthority('ROLE_OPS') to hasAnyAuthority('ROLE_OPS', 'ROLE_TENANT') for 5 daily-operation endpoints
- Keep sensitive endpoints (delete, config, webhook) ROLE_OPS only
这个提交包含在:
XuqmGroup 2026-05-03 11:23:15 +08:00
父节点 a8293bb4c4
当前提交 3adffb5897
共有 1 个文件被更改,包括 5 次插入5 次删除
显示统计 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

10
im-service/src/main/java/com/xuqm/im/controller/ImAdminController.java
查看文件

@ -670,7 +670,7 @@ public class ImAdminController {
} }
@GetMapping("/users/state") @GetMapping("/users/state")
@PreAuthorize("hasAuthority('ROLE_OPS')") @PreAuthorize("hasAnyAuthority('ROLE_OPS', 'ROLE_TENANT')")
public ResponseEntity<ApiResponse<Map<String, Object>>> queryUserState( public ResponseEntity<ApiResponse<Map<String, Object>>> queryUserState(
@RequestParam String userIds) { @RequestParam String userIds) {
Map<String, Object> result = new LinkedHashMap<>(); Map<String, Object> result = new LinkedHashMap<>();
@ -687,7 +687,7 @@ public class ImAdminController {
} }
@PostMapping("/users/kick") @PostMapping("/users/kick")
@PreAuthorize("hasAuthority('ROLE_OPS')") @PreAuthorize("hasAnyAuthority('ROLE_OPS', 'ROLE_TENANT')")
public ResponseEntity<ApiResponse<Void>> kickUsers( public ResponseEntity<ApiResponse<Void>> kickUsers(
@RequestParam String appId, @RequestParam String appId,
@AuthenticationPrincipal String operatorId, @AuthenticationPrincipal String operatorId,
@ -703,7 +703,7 @@ public class ImAdminController {
} }
@PostMapping("/messages/batch-send") @PostMapping("/messages/batch-send")
@PreAuthorize("hasAuthority('ROLE_OPS')") @PreAuthorize("hasAnyAuthority('ROLE_OPS', 'ROLE_TENANT')")
public ResponseEntity<ApiResponse<List<ImMessageEntity>>> batchSendMsg( public ResponseEntity<ApiResponse<List<ImMessageEntity>>> batchSendMsg(
@RequestParam String appId, @RequestParam String appId,
@AuthenticationPrincipal String operatorId, @AuthenticationPrincipal String operatorId,
@ -719,7 +719,7 @@ public class ImAdminController {
} }
@PostMapping("/messages/read") @PostMapping("/messages/read")
@PreAuthorize("hasAuthority('ROLE_OPS')") @PreAuthorize("hasAnyAuthority('ROLE_OPS', 'ROLE_TENANT')")
public ResponseEntity<ApiResponse<Void>> adminSetMsgRead( public ResponseEntity<ApiResponse<Void>> adminSetMsgRead(
@RequestParam String appId, @RequestParam String appId,
@AuthenticationPrincipal String operatorId, @AuthenticationPrincipal String operatorId,
@ -730,7 +730,7 @@ public class ImAdminController {
} }
@PostMapping("/messages/import") @PostMapping("/messages/import")
@PreAuthorize("hasAuthority('ROLE_OPS')") @PreAuthorize("hasAnyAuthority('ROLE_OPS', 'ROLE_TENANT')")
public ResponseEntity<ApiResponse<List<ImMessageEntity>>> importMessages( public ResponseEntity<ApiResponse<List<ImMessageEntity>>> importMessages(
@RequestParam String appId, @RequestParam String appId,
@AuthenticationPrincipal String operatorId, @AuthenticationPrincipal String operatorId,