fix(users): no permissions error when updating system settings in user management (#6380)

2025-05-05 05:29:26 +08:00 · 2025-03-06 22:08:35 +08:00 · 2025-03-06 22:08:35 +08:00 · 5581eb069f
commit 5581eb069f
parent b415848c88
4 changed files with 89 additions and 2 deletions
--- a/packages/plugins/@nocobase/plugin-users/package.json
+++ b/packages/plugins/@nocobase/plugin-users/package.json
@ -19,6 +19,7 @@
    "@nocobase/database": "1.x",
    "@nocobase/plugin-acl": "1.x",
    "@nocobase/plugin-auth": "1.x",
+    "@nocobase/plugin-system-settings": "1.x",
    "@nocobase/plugin-ui-schema-storage": "1.x",
    "@nocobase/plugin-user-data-sync": "1.x",
    "@nocobase/resourcer": "1.x",
--- a/packages/plugins/@nocobase/plugin-users/src/client/UsersManagement.tsx
+++ b/packages/plugins/@nocobase/plugin-users/src/client/UsersManagement.tsx
@ -151,7 +151,7 @@ const UsersSettingsContext = createContext<any>({});

 const UsersSettingsProvider = (props) => {
  const result = useRequest({
-    url: 'systemSettings:get/1',
+    url: 'users:getSystemSettings',
  });
  return <UsersSettingsContext.Provider value={result}>{props.children}</UsersSettingsContext.Provider>;
 };
@ -181,7 +181,7 @@ const UsersSettingsTab: React.FC = () => {
      async onClick() {
        await form.submit();
        const values = form.values;
-        await api.request({ url: 'systemSettings:update/1', data: values, method: 'POST' });
+        await api.request({ url: 'users:updateSystemSettings', data: values, method: 'POST' });
        message.success(t('Saved successfully'));
        window.location.reload();
      },
--- a/packages/plugins/@nocobase/plugin-users/src/server/tests/system-settings.test.ts
+++ b/packages/plugins/@nocobase/plugin-users/src/server/tests/system-settings.test.ts
@ -0,0 +1,55 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
+import { MockDatabase, MockServer, createMockServer } from '@nocobase/test';
+
+describe('user system settings', () => {
+  let app: MockServer;
+  let db: MockDatabase;
+  let agent: any;
+
+  beforeAll(async () => {
+    app = await createMockServer({
+      plugins: ['acl', 'field-sort', 'users', 'data-source-manager', 'system-settings'],
+    });
+    db = app.db;
+    agent = app.agent();
+  });
+
+  afterAll(async () => {
+    await db.clean({ drop: true });
+    await db.close();
+    await app.destroy();
+  });
+
+  it('it should update and get user system settings', async () => {
+    const res = await agent.resource('users').updateSystemSettings({ values: {} });
+    expect(res.status).toBe(400);
+    const res0 = await agent.resource('users').updateSystemSettings({
+      values: {
+        enableEditProfile: true,
+        enableChangePassword: true,
+      },
+    });
+    expect(res0.status).toBe(200);
+    const res1 = await agent.resource('users').getSystemSettings();
+    expect(res1.status).toBe(200);
+    expect(res1.body.data.enableEditProfile).toBe(true);
+    expect(res1.body.data.enableChangePassword).toBe(true);
+    const res2 = await agent.resource('users').updateSystemSettings({
+      values: {
+        enableEditProfile: false,
+      },
+    });
+    expect(res2.status).toBe(200);
+    const res3 = await agent.resource('users').getSystemSettings();
+    expect(res3.status).toBe(200);
+    expect(res3.body.data.enableEditProfile).toBe(false);
+  });
+});
--- a/packages/plugins/@nocobase/plugin-users/src/server/actions/users.ts
+++ b/packages/plugins/@nocobase/plugin-users/src/server/actions/users.ts
@ -12,6 +12,7 @@ import { UiSchemaRepository } from '@nocobase/plugin-ui-schema-storage';
 import _ from 'lodash';
 import { namespace } from '..';
 import { ValidationError, ValidationErrorItem } from 'sequelize';
+import PluginSystemSettingsServer from '@nocobase/plugin-system-settings';

 function parseProfileFormSchema(schema: any) {
  const properties = _.get(schema, 'properties.form.properties.edit.properties.grid.properties') || {};
@ -128,3 +129,33 @@ export const listExcludeRole = async (ctx: Context, next: Next) => {
  };
  await next();
 };
+
+export const getSystemSettings = async (ctx: Context, next: Next) => {
+  const systemSettings = ctx.db.getRepository('systemSettings');
+  const settings = await systemSettings.findOne();
+  ctx.body = {
+    enableEditProfile: settings.get('enableEditProfile'),
+    enableChangePassword: settings.get('enableChangePassword'),
+  };
+  await next();
+};
+
+export const updateSystemSettings = async (ctx: Context, next: Next) => {
+  const { enableEditProfile, enableChangePassword } = ctx.action.params.values || {};
+  const systemSettings = ctx.db.getRepository('systemSettings');
+  const values = {};
+  if (enableEditProfile !== undefined) {
+    values['enableEditProfile'] = enableEditProfile;
+  }
+  if (enableChangePassword !== undefined) {
+    values['enableChangePassword'] = enableChangePassword;
+  }
+  if (!Object.keys(values).length) {
+    ctx.throw(400);
+  }
+  await systemSettings.update({
+    filterByTk: 1,
+    values,
+  });
+  await next();
+};