修复用户批量删除(非空校验BUG)

src/main/java/com/backendsys/modules/system/controller/SysUserController.java

@@ -65,7 +65,7 @@ public class SysUserController {
         // 查询他人的用户信息
         // - 查询自己 (无需权限)
         // - 查询他人 (需要权限或超级管理员)
-        if (!user_id.equals(SecurityUtil.getUserId()) && !securityUtil.hasPermission("3.2.1.2")) {
+        if (user_id != SecurityUtil.getUserId() && !securityUtil.hasPermission("3.2.1.2")) {
             throw new CustException(SecurityEnum.NOAUTH);
         }
 
@@ -96,13 +96,13 @@ public class SysUserController {
         if (ObjectUtil.isEmpty(user_id)) {
             user_id = SecurityUtil.getUserId();
             sysUserDTO.setUser_id(user_id);
-        } else if (!SecurityUtil.getUserId().equals(1L) && user_id.equals(1L)) {
+        } else if (SecurityUtil.getUserId() != 1L && user_id == 1L) {
             throw new CustException("不能编辑超管账号");
         }
         // 编辑他人的用户信息
         // - 编辑自己 (无需权限)
         // - 编辑他人 (需要子权限或超级管理员)
-        if (!user_id.equals(SecurityUtil.getUserId()) && !securityUtil.hasPermission("3.2.3.2")) {
+        if (user_id != SecurityUtil.getUserId() && !securityUtil.hasPermission("3.2.3.2")) {
             throw new CustException(SecurityEnum.NOAUTH);
         }
         // 防止手动更新字段
@@ -129,7 +129,7 @@ public class SysUserController {
         // 编辑他人的用户信息
         // - 编辑自己 (无需权限)
         // - 编辑他人 (需要子权限或超级管理员)
-        if (!user_id.equals(SecurityUtil.getUserId()) && !securityUtil.hasPermission("3.2.3.2")) {
+        if (user_id != SecurityUtil.getUserId() && !securityUtil.hasPermission("3.2.3.2")) {
             throw new CustException(SecurityEnum.NOAUTH);
         }
 
@@ -144,14 +144,12 @@ public class SysUserController {
 
         // 判断不可为超级管理员(首位)
         Long user_id = sysUserDTO.getUser_id();
-        if (user_id.equals(1L)) {
-            throw new CustException("不能重置超管账号密码");
-        }
+        if (user_id != null && user_id == 1L) throw new CustException("不能重置超管账号密码");
 
         // 判断是否为自身重置，自身密码不能重置，只能修改
         Long self_user_id = SecurityUtil.getUserId();
         Long request_user_id = sysUserDTO.getUser_id();
-        if (self_user_id.equals(request_user_id)) {
+        if (request_user_id != null && self_user_id == request_user_id) {
             throw new CustException("不能重置自身密码，请自行修改密码");
         }
 
@@ -167,9 +165,9 @@ public class SysUserController {
         Long user_id = sysUserDTO.getUser_id();
         List<Long> user_ids = sysUserDTO.getUser_ids();
         if (user_id == null && (user_ids == null || user_ids.size() == 0)) throw new CustException("user_id 或 user_ids 必填");
-        if (user_id.equals(1L)) throw new CustException("不能删除超管账号");
-        if (user_ids != null && user_ids.contains(SecurityUtil.getUserId()) && !user_id.equals(SecurityUtil.getUserId())) throw new CustException("不能删除自己的账号");
-        if (user_ids != null && user_ids.contains(1L) && !user_id.equals(1L)) throw new CustException("不能删除超管账号");
+        if (user_id != null && user_id == 1L) throw new CustException("不能删除超管账号");
+        if (user_ids != null && user_ids.contains(SecurityUtil.getUserId()) && user_id != SecurityUtil.getUserId()) throw new CustException("不能删除自己的账号");
+        if (user_ids != null && user_ids.contains(1L) && user_id != 1L) throw new CustException("不能删除超管账号");
 
         return Result.success().put("data", sysUserService.deleteUser(sysUserDTO));
     }
@@ -181,8 +179,8 @@ public class SysUserController {
     public Result auditUser(@Validated(SysUserDTO.Audit.class) @RequestBody SysUserDTO sysUserDTO) {
 
         Long user_id = sysUserDTO.getUser_id();
-        if (user_id.equals(1L)) throw new CustException("不能审核超管账号");
-        if (user_id.equals(SecurityUtil.getUserId())) throw new CustException("不能审核自己的账号");
+        if (user_id != null && user_id == 1L) throw new CustException("不能审核超管账号");
+        if (user_id != null && user_id == SecurityUtil.getUserId()) throw new CustException("不能审核自己的账号");
 
         return Result.success().put("data", sysUserService.auditUser(sysUserDTO));
     }
@@ -194,8 +192,8 @@ public class SysUserController {
     public Result kickUser(@Validated(SysUserDTO.Kick.class) @RequestBody SysUserDTO sysUserDTO) {
 
         Long user_id = sysUserDTO.getUser_id();
-        if (user_id.equals(1L)) throw new CustException("不能踢出超管账号");
-        if (user_id.equals(SecurityUtil.getUserId())) throw new CustException("不能踢出自己的账号");
+        if (user_id != null && user_id == 1L) throw new CustException("不能踢出超管账号");
+        if (user_id != null && user_id == SecurityUtil.getUserId()) throw new CustException("不能踢出自己的账号");
 
         return Result.success().put("data", sysUserService.kickUser(user_id));
     }