【8.3.3】【dataScope】数据范围的校验增加标识

2025-01-25 23:08:55 +08:00 · 2025-01-25 23:08:55 +08:00 · cc07ef0064
parent 36f586f092
commit cc07ef0064
2 changed files with 38 additions and 1 deletions
--- a/kernel-d-db/db-sdk-mp/src/main/java/cn/stylefeng/roses/kernel/db/mp/datascope/config/DataScopeConfig.java
+++ b/kernel-d-db/db-sdk-mp/src/main/java/cn/stylefeng/roses/kernel/db/mp/datascope/config/DataScopeConfig.java
@ -21,6 +21,13 @@ public class DataScopeConfig {
     */
    private boolean totalDataScope = false;
    //-------------------------------针对限制的用户的数据范围进行校验-------------------------------
    /**
     * 是否对创建人进行校验
     */
    private boolean doCreateUserValidate = false;
    /**
     * 用户拥有权限的用户id
     * <p>
@ -33,6 +40,13 @@ public class DataScopeConfig {
     */
    private String userIdFieldName = ProjectDataScopeHandler.DEFAULT_USER_ID_FIELD_NAME;
    //-------------------------------针对限制的部门集合数据范围进行校验-------------------------------
    /**
     * 是否对机构的数据范围进行校验
     */
    private boolean doOrgScopeValidate = false;
    /**
     * 用户拥有权限的组织机构id集合
     * <p>
--- a/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/impl/UserRoleDataScopeImpl.java
+++ b/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/impl/UserRoleDataScopeImpl.java
@ -21,6 +21,7 @@ import org.springframework.stereotype.Service;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
 /**
 * 用户的数据范围的获取实现
@ -82,8 +83,13 @@ public class UserRoleDataScopeImpl implements UserRoleDataScopeApi {
     */
    private DataScopeConfig nullDataScopeConfig() {
        DataScopeConfig dataScopeConfig = new DataScopeConfig();
        dataScopeConfig.setDoCreateUserValidate(true);
        dataScopeConfig.setUserId(ProjectDataScopeHandler.NONE_ID_VALUE);
        dataScopeConfig.setDoOrgScopeValidate(true);
        dataScopeConfig.setUserOrgIdList(CollectionUtil.set(false, ProjectDataScopeHandler.NONE_ID_VALUE));
        return dataScopeConfig;
    }
@ -108,13 +114,24 @@ public class UserRoleDataScopeImpl implements UserRoleDataScopeApi {
        // 如果有仅包含自己的数据，则将结果设置为仅包含自己的数据
        for (SysRoleDataScope sysRoleDataScope : sysRoleDataScopeList) {
            if (DataScopeTypeEnum.SELF.getCode().equals(sysRoleDataScope.getDataScopeType())) {
                dataScopeConfig.setDoCreateUserValidate(true);
                dataScopeConfig.setUserId(loginUser.getUserId());
            }
        }
        // 剔除掉本人和全部的类型，看是否还有校验部门的权限范围的，如果有则找到部门的权限范围列表
        List<SysRoleDataScope> otherRoleDataScopeList = sysRoleDataScopeList.stream()
                .filter(sysRoleDataScope -> !DataScopeTypeEnum.SELF.getCode().equals(sysRoleDataScope.getDataScopeType()) && !DataScopeTypeEnum.ALL.getCode()
                        .equals(sysRoleDataScope.getDataScopeType())).collect(Collectors.toList());
        if (ObjectUtil.isEmpty(otherRoleDataScopeList)) {
            return dataScopeConfig;
        } else {
            dataScopeConfig.setDoOrgScopeValidate(true);
        }
        // 开始处理除了仅本人、全部数据外的数据范围
        Set<Long> userOrgIdList = new HashSet<>();
-        for (SysRoleDataScope sysRoleDataScope : sysRoleDataScopeList) {
+        for (SysRoleDataScope sysRoleDataScope : otherRoleDataScopeList) {
            // 如果是20-本部门数据
            if (DataScopeTypeEnum.DEPT.getCode().equals(sysRoleDataScope.getDataScopeType())) {
@ -156,6 +173,12 @@ public class UserRoleDataScopeImpl implements UserRoleDataScopeApi {
                userOrgIdList.addAll(pointOrgAndSub);
            }
        }
        // 如果部门的数据范围最终没获取到，则设定为空数据范围
        if (ObjectUtil.isEmpty(userOrgIdList)) {
            userOrgIdList.add(ProjectDataScopeHandler.NONE_ID_VALUE);
        }
        dataScopeConfig.setUserOrgIdList(userOrgIdList);
        return dataScopeConfig;
    }