mirror of https://gitee.com/stylefeng/roses
【system】更新数据范围校验错误的bug
fengshuonan
parent
fa93ce97b1
commit
a31ad4c6ad
|
|
@ -1,10 +1,13 @@
|
||||||
package cn.stylefeng.roses.kernel.system.util;
|
package cn.stylefeng.roses.kernel.system.util;
|
||||||
|
|
||||||
import cn.hutool.core.collection.CollectionUtil;
|
import cn.hutool.core.collection.CollectionUtil;
|
||||||
|
import cn.hutool.core.util.StrUtil;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.enums.DataScopeTypeEnum;
|
import cn.stylefeng.roses.kernel.auth.api.enums.DataScopeTypeEnum;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.exception.AuthException;
|
import cn.stylefeng.roses.kernel.auth.api.exception.AuthException;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
|
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
|
||||||
|
import cn.stylefeng.roses.kernel.system.exception.SystemModularException;
|
||||||
|
import cn.stylefeng.roses.kernel.system.exception.enums.DataScopeExceptionEnum;
|
||||||
|
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
|
@ -118,4 +121,19 @@ public class DataScopeUtil {
|
||||||
return organizationDataScope.contains(organizationId);
|
return organizationDataScope.contains(organizationId);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 快速校验用户是否有该组织机构的数据范围,如果没有就抛出异常直接
|
||||||
|
*
|
||||||
|
* @param organizationId 被校验的组织机构id
|
||||||
|
* @author fengshuonan
|
||||||
|
* @date 2020/11/5 15:31
|
||||||
|
*/
|
||||||
|
public static void quickValidateDataScope(Long organizationId) {
|
||||||
|
boolean validateResult = validateDataScopeByOrganizationId(organizationId);
|
||||||
|
if (!validateResult) {
|
||||||
|
String userTip = StrUtil.format(DataScopeExceptionEnum.DATA_SCOPE_ERROR.getUserTip(), DataScopeUtil.getDataScopeTip());
|
||||||
|
throw new SystemModularException(DataScopeExceptionEnum.DATA_SCOPE_ERROR, userTip);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,6 @@ import cn.stylefeng.roses.kernel.system.UserOrgServiceApi;
|
||||||
import cn.stylefeng.roses.kernel.system.UserServiceApi;
|
import cn.stylefeng.roses.kernel.system.UserServiceApi;
|
||||||
import cn.stylefeng.roses.kernel.system.constants.SystemConstants;
|
import cn.stylefeng.roses.kernel.system.constants.SystemConstants;
|
||||||
import cn.stylefeng.roses.kernel.system.exception.SystemModularException;
|
import cn.stylefeng.roses.kernel.system.exception.SystemModularException;
|
||||||
import cn.stylefeng.roses.kernel.system.exception.enums.DataScopeExceptionEnum;
|
|
||||||
import cn.stylefeng.roses.kernel.system.exception.enums.OrganizationExceptionEnum;
|
import cn.stylefeng.roses.kernel.system.exception.enums.OrganizationExceptionEnum;
|
||||||
import cn.stylefeng.roses.kernel.system.modular.organization.entity.HrOrganization;
|
import cn.stylefeng.roses.kernel.system.modular.organization.entity.HrOrganization;
|
||||||
import cn.stylefeng.roses.kernel.system.modular.organization.mapper.HrOrganizationMapper;
|
import cn.stylefeng.roses.kernel.system.modular.organization.mapper.HrOrganizationMapper;
|
||||||
|
|
@ -64,10 +63,7 @@ public class HrOrganizationServiceImpl extends ServiceImpl<HrOrganizationMapper,
|
||||||
Long pid = hrOrganizationRequest.getOrgParentId();
|
Long pid = hrOrganizationRequest.getOrgParentId();
|
||||||
|
|
||||||
// 校验数据范围
|
// 校验数据范围
|
||||||
if (DataScopeUtil.validateDataScopeByOrganizationId(pid)) {
|
DataScopeUtil.quickValidateDataScope(pid);
|
||||||
String userTip = StrUtil.format(DataScopeExceptionEnum.DATA_SCOPE_ERROR.getUserTip(), DataScopeUtil.getDataScopeTip());
|
|
||||||
throw new SystemModularException(DataScopeExceptionEnum.DATA_SCOPE_ERROR, userTip);
|
|
||||||
}
|
|
||||||
|
|
||||||
HrOrganization hrOrganization = new HrOrganization();
|
HrOrganization hrOrganization = new HrOrganization();
|
||||||
BeanUtil.copyProperties(hrOrganizationRequest, hrOrganization);
|
BeanUtil.copyProperties(hrOrganizationRequest, hrOrganization);
|
||||||
|
|
@ -88,10 +84,7 @@ public class HrOrganizationServiceImpl extends ServiceImpl<HrOrganizationMapper,
|
||||||
Long id = hrOrganization.getOrgId();
|
Long id = hrOrganization.getOrgId();
|
||||||
|
|
||||||
// 校验数据范围
|
// 校验数据范围
|
||||||
if (DataScopeUtil.validateDataScopeByOrganizationId(id)) {
|
DataScopeUtil.quickValidateDataScope(id);
|
||||||
String userTip = StrUtil.format(DataScopeExceptionEnum.DATA_SCOPE_ERROR.getUserTip(), DataScopeUtil.getDataScopeTip());
|
|
||||||
throw new SystemModularException(DataScopeExceptionEnum.DATA_SCOPE_ERROR, userTip);
|
|
||||||
}
|
|
||||||
|
|
||||||
BeanUtil.copyProperties(hrOrganizationRequest, hrOrganization);
|
BeanUtil.copyProperties(hrOrganizationRequest, hrOrganization);
|
||||||
|
|
||||||
|
|
@ -113,10 +106,7 @@ public class HrOrganizationServiceImpl extends ServiceImpl<HrOrganizationMapper,
|
||||||
Long organizationId = hrOrganization.getOrgId();
|
Long organizationId = hrOrganization.getOrgId();
|
||||||
|
|
||||||
// 校验数据范围
|
// 校验数据范围
|
||||||
if (DataScopeUtil.validateDataScopeByOrganizationId(organizationId)) {
|
DataScopeUtil.quickValidateDataScope(organizationId);
|
||||||
String userTip = StrUtil.format(DataScopeExceptionEnum.DATA_SCOPE_ERROR.getUserTip(), DataScopeUtil.getDataScopeTip());
|
|
||||||
throw new SystemModularException(DataScopeExceptionEnum.DATA_SCOPE_ERROR, userTip);
|
|
||||||
}
|
|
||||||
|
|
||||||
// 该机构下有员工,则不能删
|
// 该机构下有员工,则不能删
|
||||||
Boolean userOrgFlag = userOrgServiceApi.getUserOrgFlag(organizationId, null);
|
Boolean userOrgFlag = userOrgServiceApi.getUserOrgFlag(organizationId, null);
|
||||||
|
|
|
||||||
|
|
@ -154,7 +154,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
|
||||||
// 数据范围类型为自定义,则判断当前用户有没有该公司的权限
|
// 数据范围类型为自定义,则判断当前用户有没有该公司的权限
|
||||||
if (DataScopeTypeEnum.DEFINE.getCode().equals(dataScopeType)) {
|
if (DataScopeTypeEnum.DEFINE.getCode().equals(dataScopeType)) {
|
||||||
for (Long orgId : sysRoleRequest.getGrantOrgIdList()) {
|
for (Long orgId : sysRoleRequest.getGrantOrgIdList()) {
|
||||||
DataScopeUtil.validateDataScopeByOrganizationId(orgId);
|
DataScopeUtil.quickValidateDataScope(orgId);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,6 @@ package cn.stylefeng.roses.kernel.system.modular.user.service.impl;
|
||||||
|
|
||||||
import cn.hutool.core.bean.BeanUtil;
|
import cn.hutool.core.bean.BeanUtil;
|
||||||
import cn.hutool.core.util.ObjectUtil;
|
import cn.hutool.core.util.ObjectUtil;
|
||||||
import cn.hutool.core.util.StrUtil;
|
|
||||||
import cn.hutool.crypto.digest.BCrypt;
|
import cn.hutool.crypto.digest.BCrypt;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.expander.AuthConfigExpander;
|
import cn.stylefeng.roses.kernel.auth.api.expander.AuthConfigExpander;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
|
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
|
||||||
|
|
@ -16,7 +15,6 @@ import cn.stylefeng.roses.kernel.rule.pojo.dict.SimpleDict;
|
||||||
import cn.stylefeng.roses.kernel.system.UserServiceApi;
|
import cn.stylefeng.roses.kernel.system.UserServiceApi;
|
||||||
import cn.stylefeng.roses.kernel.system.enums.UserStatusEnum;
|
import cn.stylefeng.roses.kernel.system.enums.UserStatusEnum;
|
||||||
import cn.stylefeng.roses.kernel.system.exception.SystemModularException;
|
import cn.stylefeng.roses.kernel.system.exception.SystemModularException;
|
||||||
import cn.stylefeng.roses.kernel.system.exception.enums.DataScopeExceptionEnum;
|
|
||||||
import cn.stylefeng.roses.kernel.system.exception.enums.SysUserExceptionEnum;
|
import cn.stylefeng.roses.kernel.system.exception.enums.SysUserExceptionEnum;
|
||||||
import cn.stylefeng.roses.kernel.system.modular.user.entity.SysUser;
|
import cn.stylefeng.roses.kernel.system.modular.user.entity.SysUser;
|
||||||
import cn.stylefeng.roses.kernel.system.modular.user.entity.SysUserDataScope;
|
import cn.stylefeng.roses.kernel.system.modular.user.entity.SysUserDataScope;
|
||||||
|
|
@ -80,10 +78,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
Long organizationId = sysUserRequest.getOrgId();
|
Long organizationId = sysUserRequest.getOrgId();
|
||||||
|
|
||||||
// 获取用户有无该企业的数据权限
|
// 获取用户有无该企业的数据权限
|
||||||
if (DataScopeUtil.validateDataScopeByOrganizationId(organizationId)) {
|
DataScopeUtil.quickValidateDataScope(organizationId);
|
||||||
String userTip = StrUtil.format(DataScopeExceptionEnum.DATA_SCOPE_ERROR.getUserTip(), DataScopeUtil.getDataScopeTip());
|
|
||||||
throw new SystemModularException(DataScopeExceptionEnum.DATA_SCOPE_ERROR, userTip);
|
|
||||||
}
|
|
||||||
|
|
||||||
// 请求bean转为实体,填充一些基本属性
|
// 请求bean转为实体,填充一些基本属性
|
||||||
SysUser sysUser = new SysUser();
|
SysUser sysUser = new SysUser();
|
||||||
|
|
@ -105,10 +100,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
Long organizationId = sysUserRequest.getOrgId();
|
Long organizationId = sysUserRequest.getOrgId();
|
||||||
|
|
||||||
// 获取用户有无该企业的数据权限
|
// 获取用户有无该企业的数据权限
|
||||||
if (DataScopeUtil.validateDataScopeByOrganizationId(organizationId)) {
|
DataScopeUtil.quickValidateDataScope(organizationId);
|
||||||
String userTip = StrUtil.format(DataScopeExceptionEnum.DATA_SCOPE_ERROR.getUserTip(), DataScopeUtil.getDataScopeTip());
|
|
||||||
throw new SystemModularException(DataScopeExceptionEnum.DATA_SCOPE_ERROR, userTip);
|
|
||||||
}
|
|
||||||
|
|
||||||
// 转化为实体
|
// 转化为实体
|
||||||
SysUser sysUser = this.querySysUser(sysUserRequest);
|
SysUser sysUser = this.querySysUser(sysUserRequest);
|
||||||
|
|
@ -209,7 +201,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
Long organizationId = userOrgInfo.getOrgId();
|
Long organizationId = userOrgInfo.getOrgId();
|
||||||
|
|
||||||
// 判断当前用户有无该用户的权限
|
// 判断当前用户有无该用户的权限
|
||||||
DataScopeUtil.validateDataScopeByOrganizationId(organizationId);
|
DataScopeUtil.quickValidateDataScope(organizationId);
|
||||||
|
|
||||||
// 给用户授权角色
|
// 给用户授权角色
|
||||||
sysUserRoleService.grantRole(sysUserRequest);
|
sysUserRoleService.grantRole(sysUserRequest);
|
||||||
|
|
@ -225,7 +217,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
Long organizationId = userOrgInfo.getOrgId();
|
Long organizationId = userOrgInfo.getOrgId();
|
||||||
|
|
||||||
// 判断当前用户有无该用户的权限
|
// 判断当前用户有无该用户的权限
|
||||||
DataScopeUtil.validateDataScopeByOrganizationId(organizationId);
|
DataScopeUtil.quickValidateDataScope(organizationId);
|
||||||
|
|
||||||
sysUserDataScopeService.grantData(sysUserRequest);
|
sysUserDataScopeService.grantData(sysUserRequest);
|
||||||
}
|
}
|
||||||
|
|
@ -245,7 +237,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
Long organizationId = userOrgInfo.getOrgId();
|
Long organizationId = userOrgInfo.getOrgId();
|
||||||
|
|
||||||
// 判断当前用户有无该用户的权限
|
// 判断当前用户有无该用户的权限
|
||||||
DataScopeUtil.validateDataScopeByOrganizationId(organizationId);
|
DataScopeUtil.quickValidateDataScope(organizationId);
|
||||||
|
|
||||||
// 逻辑删除,设置标识位Y
|
// 逻辑删除,设置标识位Y
|
||||||
sysUser.setDelFlag(YesOrNotEnum.Y.getCode());
|
sysUser.setDelFlag(YesOrNotEnum.Y.getCode());
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue