mirror of https://gitee.com/stylefeng/roses
【8.1.1】【sys】从新整用户列表的数据范围
fengshuonan
parent
c8a21761c1
commit
f5e37fe8e4
|
|
@ -2,6 +2,8 @@ package cn.stylefeng.roses.kernel.db.mp.datascope;
|
|||
|
||||
import cn.stylefeng.roses.kernel.db.mp.datascope.config.DataScopeConfig;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 获取用户角色的数据范围
|
||||
*
|
||||
|
|
@ -18,4 +20,18 @@ public interface UserRoleDataScopeApi {
|
|||
*/
|
||||
DataScopeConfig getUserRoleDataScopeConfig();
|
||||
|
||||
/**
|
||||
* 获取当前用户拥有的所有组织机构id列表
|
||||
* <p>
|
||||
* 返回值说明:
|
||||
* 1. 可以返回null或者空,代表用户有所有权限,也就是全部数据
|
||||
* 2. 返回带有userId或者orgId的选项,代表用户有这些人或者这些机构的权限
|
||||
* 3. 返回带有负数(例如:-1)的数组,则代表用户没有任何权限
|
||||
*
|
||||
* @return 用户拥有的数据范围,userId或者orgId
|
||||
* @author fengshuonan
|
||||
* @since 2023/7/18 22:54
|
||||
*/
|
||||
Set<Long> currentUserOrgScopeList();
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,37 +0,0 @@
|
|||
package cn.stylefeng.roses.kernel.sys.api;
|
||||
|
||||
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 用户数据范围权限的Api
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @since 2023/7/18 22:51
|
||||
*/
|
||||
public interface UserDataScopeApi {
|
||||
|
||||
/**
|
||||
* 获取当前用户拥有的数据范围类型
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @since 2023/7/18 22:58
|
||||
*/
|
||||
DataScopeTypeEnum currentUserDataScopeType();
|
||||
|
||||
/**
|
||||
* 获取当前用户拥有的所有组织机构id列表
|
||||
* <p>
|
||||
* 返回值说明:
|
||||
* 1. 可以返回null或者空,代表用户有所有权限,也就是全部数据
|
||||
* 2. 返回带有userId或者orgId的选项,代表用户有这些人或者这些机构的权限
|
||||
* 3. 返回带有负数(例如:-1)的数组,则代表用户没有任何权限
|
||||
*
|
||||
* @return 用户拥有的数据范围,userId或者orgId
|
||||
* @author fengshuonan
|
||||
* @since 2023/7/18 22:54
|
||||
*/
|
||||
Set<Long> currentUserOrgScopeList();
|
||||
|
||||
}
|
||||
|
|
@ -1,48 +0,0 @@
|
|||
/*
|
||||
* Copyright [2020-2030] [https://www.stylefeng.cn]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* Guns采用APACHE LICENSE 2.0开源协议,您在使用过程中,需要注意以下几点:
|
||||
*
|
||||
* 1.请不要删除和修改根目录下的LICENSE文件。
|
||||
* 2.请不要删除和修改Guns源码头部的版权声明。
|
||||
* 3.请保留源码和相关描述文件的项目出处,作者声明等。
|
||||
* 4.分发源码时候,请注明软件出处 https://gitee.com/stylefeng/guns
|
||||
* 5.在修改包名,模块名称,项目代码等时,请注明软件出处 https://gitee.com/stylefeng/guns
|
||||
* 6.若您的项目无法满足以上几点,可申请商业授权
|
||||
*/
|
||||
package cn.stylefeng.roses.kernel.sys.api.context;
|
||||
|
||||
import cn.hutool.extra.spring.SpringUtil;
|
||||
import cn.stylefeng.roses.kernel.sys.api.UserDataScopeApi;
|
||||
|
||||
/**
|
||||
* 获取数据范围的快捷调用
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @since 2023/7/18 23:04
|
||||
*/
|
||||
public class DataScopeContext {
|
||||
|
||||
/**
|
||||
* 获取用户权限接口
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @since 2023/7/18 23:04
|
||||
*/
|
||||
public static UserDataScopeApi me() {
|
||||
return SpringUtil.getBean(UserDataScopeApi.class);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -14,6 +14,7 @@ import cn.stylefeng.roses.kernel.db.api.factory.PageFactory;
|
|||
import cn.stylefeng.roses.kernel.db.api.factory.PageResultFactory;
|
||||
import cn.stylefeng.roses.kernel.db.api.pojo.entity.BaseEntity;
|
||||
import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
|
||||
import cn.stylefeng.roses.kernel.db.mp.datascope.UserRoleDataScopeApi;
|
||||
import cn.stylefeng.roses.kernel.db.mp.tenant.holder.TenantIdHolder;
|
||||
import cn.stylefeng.roses.kernel.db.mp.tenant.holder.TenantSwitchHolder;
|
||||
import cn.stylefeng.roses.kernel.dsctn.api.context.DataSourceContext;
|
||||
|
|
@ -28,7 +29,6 @@ import cn.stylefeng.roses.kernel.rule.util.SortUtils;
|
|||
import cn.stylefeng.roses.kernel.sys.api.SecurityConfigService;
|
||||
import cn.stylefeng.roses.kernel.sys.api.callback.RemoveUserCallbackApi;
|
||||
import cn.stylefeng.roses.kernel.sys.api.constants.SysConstants;
|
||||
import cn.stylefeng.roses.kernel.sys.api.context.DataScopeContext;
|
||||
import cn.stylefeng.roses.kernel.sys.api.enums.user.UserStatusEnum;
|
||||
import cn.stylefeng.roses.kernel.sys.api.expander.SysConfigExpander;
|
||||
import cn.stylefeng.roses.kernel.sys.api.pojo.user.*;
|
||||
|
|
@ -87,6 +87,9 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
@Resource
|
||||
private SysUserCertificateService sysUserCertificateService;
|
||||
|
||||
@Resource
|
||||
private UserRoleDataScopeApi userRoleDataScopeApi;
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void add(SysUserRequest sysUserRequest) {
|
||||
|
|
@ -108,8 +111,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
this.save(sysUser);
|
||||
|
||||
// 记录一个密码修改记录
|
||||
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(),
|
||||
saltedEncryptResult.getPasswordSalt());
|
||||
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(), saltedEncryptResult.getPasswordSalt());
|
||||
|
||||
// 更新用户的任职信息
|
||||
sysUserOrgService.updateUserOrg(sysUser.getUserId(), sysUserRequest.getUserOrgList());
|
||||
|
|
@ -210,9 +212,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
// 查询用户个人信息
|
||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, sysUserRequest.getUserId());
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getAvatar, SysUser::getAccount, SysUser::getUserSort,
|
||||
SysUser::getSuperAdminFlag, SysUser::getRealName, SysUser::getSex, SysUser::getBirthday, SysUser::getEmail,
|
||||
SysUser::getPhone, SysUser::getLastLoginIp, SysUser::getLoginCount, SysUser::getLastLoginTime, SysUser::getStatusFlag,
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getAvatar, SysUser::getAccount, SysUser::getUserSort, SysUser::getSuperAdminFlag, SysUser::getRealName, SysUser::getSex,
|
||||
SysUser::getBirthday, SysUser::getEmail, SysUser::getPhone, SysUser::getLastLoginIp, SysUser::getLoginCount, SysUser::getLastLoginTime, SysUser::getStatusFlag,
|
||||
BaseEntity::getCreateTime, BaseEntity::getUpdateTime, SysUser::getEmployeeNumber);
|
||||
SysUser sysUser = this.getOne(sysUserLambdaQueryWrapper, false);
|
||||
|
||||
|
|
@ -242,8 +243,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
LambdaQueryWrapper<SysUser> wrapper = createWrapper(sysUserRequest);
|
||||
|
||||
// 只查询需要的字段
|
||||
wrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getAccount, SysUser::getSex, SysUser::getStatusFlag,
|
||||
BaseEntity::getCreateTime, SysUser::getEmployeeNumber);
|
||||
wrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getAccount, SysUser::getSex, SysUser::getStatusFlag, BaseEntity::getCreateTime, SysUser::getEmployeeNumber);
|
||||
|
||||
// 分页查询
|
||||
Page<SysUser> sysUserPage = this.page(PageFactory.defaultPage(), wrapper);
|
||||
|
|
@ -323,8 +323,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
// 查询用户的详细信息
|
||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getRealName, SysUser::getAccount, SysUser::getAvatar, SysUser::getEmail,
|
||||
SysUser::getPhone, SysUser::getSex, SysUser::getBirthday);
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getRealName, SysUser::getAccount, SysUser::getAvatar, SysUser::getEmail, SysUser::getPhone, SysUser::getSex, SysUser::getBirthday);
|
||||
SysUser sysUser = this.getOne(sysUserLambdaQueryWrapper, false);
|
||||
|
||||
if (sysUser == null) {
|
||||
|
|
@ -363,8 +362,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
SysUser sysUser = this.querySysUser(sysUserRequest);
|
||||
|
||||
// 原密码错误
|
||||
if (!passwordStoredEncryptApi.checkPasswordWithSalt(sysUserRequest.getPassword(), sysUser.getPasswordSalt(),
|
||||
sysUser.getPassword())) {
|
||||
if (!passwordStoredEncryptApi.checkPasswordWithSalt(sysUserRequest.getPassword(), sysUser.getPasswordSalt(), sysUser.getPassword())) {
|
||||
throw new ServiceException(SysUserExceptionEnum.USER_PWD_ERROR);
|
||||
}
|
||||
|
||||
|
|
@ -382,8 +380,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
this.updateById(sysUser);
|
||||
|
||||
// 记录一个密码修改记录
|
||||
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(),
|
||||
saltedEncryptResult.getPasswordSalt());
|
||||
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(), saltedEncryptResult.getPasswordSalt());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -502,16 +499,14 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
throw new ServiceException(SysUserExceptionEnum.ACCOUNT_NOT_EXIST);
|
||||
}
|
||||
|
||||
return new UserValidateDTO(sysUserServiceOne.getUserId(), sysUserServiceOne.getPassword(), sysUserServiceOne.getPasswordSalt(),
|
||||
sysUserServiceOne.getStatusFlag(), tenantId, account);
|
||||
return new UserValidateDTO(sysUserServiceOne.getUserId(), sysUserServiceOne.getPassword(), sysUserServiceOne.getPasswordSalt(), sysUserServiceOne.getStatusFlag(), tenantId, account);
|
||||
}
|
||||
|
||||
@Override
|
||||
public UserValidateDTO getUserLoginValidateDTO(Long userId) {
|
||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getPassword, SysUser::getAccount, SysUser::getPasswordSalt, SysUser::getStatusFlag,
|
||||
SysUser::getUserId, SysUser::getTenantId);
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getPassword, SysUser::getAccount, SysUser::getPasswordSalt, SysUser::getStatusFlag, SysUser::getUserId, SysUser::getTenantId);
|
||||
|
||||
// 单独填充租户id
|
||||
SysUser sysUser;
|
||||
|
|
@ -526,8 +521,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
throw new ServiceException(SysUserExceptionEnum.ACCOUNT_NOT_EXIST);
|
||||
}
|
||||
|
||||
return new UserValidateDTO(sysUser.getUserId(), sysUser.getPassword(), sysUser.getPasswordSalt(), sysUser.getStatusFlag(),
|
||||
sysUser.getTenantId(), sysUser.getAccount());
|
||||
return new UserValidateDTO(sysUser.getUserId(), sysUser.getPassword(), sysUser.getPasswordSalt(), sysUser.getStatusFlag(), sysUser.getTenantId(), sysUser.getAccount());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -661,9 +655,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
|
||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getNickName, SysUser::getAccount,
|
||||
SysUser::getBirthday, SysUser::getSex, SysUser::getPhone, SysUser::getTel, SysUser::getEmail, SysUser::getSuperAdminFlag,
|
||||
SysUser::getStatusFlag, SysUser::getUserSort, SysUser::getMasterUserId);
|
||||
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getNickName, SysUser::getAccount, SysUser::getBirthday, SysUser::getSex, SysUser::getPhone, SysUser::getTel,
|
||||
SysUser::getEmail, SysUser::getSuperAdminFlag, SysUser::getStatusFlag, SysUser::getUserSort, SysUser::getMasterUserId);
|
||||
SysUser userInfo = this.getOne(sysUserLambdaQueryWrapper);
|
||||
|
||||
if (userInfo != null) {
|
||||
|
|
@ -814,7 +807,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
}
|
||||
|
||||
// 数据权限范围控制
|
||||
Set<Long> dataScope = DataScopeContext.me().currentUserOrgScopeList();
|
||||
Set<Long> dataScope = userRoleDataScopeApi.currentUserOrgScopeList();
|
||||
if (ObjectUtil.isNotEmpty(dataScope)) {
|
||||
Set<Long> userIdList = this.sysUserOrgService.getOrgUserIdList(dataScope);
|
||||
queryWrapper.in(SysUser::getUserId, userIdList);
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
package cn.stylefeng.roses.kernel.sys.modular.role.service;
|
||||
|
||||
import cn.stylefeng.roses.kernel.sys.api.UserDataScopeApi;
|
||||
import cn.stylefeng.roses.kernel.sys.modular.role.pojo.request.RoleBindPermissionRequest;
|
||||
import cn.stylefeng.roses.kernel.sys.modular.role.pojo.response.RoleBindPermissionResponse;
|
||||
|
||||
|
|
@ -12,7 +11,7 @@ import java.util.Set;
|
|||
* @author fengshuonan
|
||||
* @since 2023/6/13 16:13
|
||||
*/
|
||||
public interface PermissionAssignService extends UserDataScopeApi {
|
||||
public interface PermissionAssignService {
|
||||
|
||||
/**
|
||||
* 获取角色绑定的权限列表
|
||||
|
|
|
|||
|
|
@ -1,13 +1,10 @@
|
|||
package cn.stylefeng.roses.kernel.sys.modular.role.service.impl;
|
||||
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import cn.hutool.extra.spring.SpringUtil;
|
||||
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
||||
import cn.stylefeng.roses.kernel.db.api.DbOperatorApi;
|
||||
import cn.stylefeng.roses.kernel.event.sdk.publish.BusinessEventPublisher;
|
||||
import cn.stylefeng.roses.kernel.log.api.util.BusinessLogUtil;
|
||||
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
|
||||
import cn.stylefeng.roses.kernel.sys.api.SysUserRoleServiceApi;
|
||||
import cn.stylefeng.roses.kernel.sys.modular.app.entity.SysApp;
|
||||
import cn.stylefeng.roses.kernel.sys.modular.app.service.SysAppService;
|
||||
|
|
@ -185,71 +182,4 @@ public class PermissionAssignServiceImpl implements PermissionAssignService {
|
|||
return resultPermissions;
|
||||
}
|
||||
|
||||
@Override
|
||||
public DataScopeTypeEnum currentUserDataScopeType() {
|
||||
|
||||
// 获取当前用户id
|
||||
Long userId = LoginContext.me().getLoginUser().getUserId();
|
||||
|
||||
// 获取用户的角色列表
|
||||
List<Long> userHaveRoleIds = sysUserRoleServiceApi.getUserRoleIdList(userId);
|
||||
|
||||
// 获取这些角色对应的数据范围
|
||||
return sysRoleService.getRoleDataScope(userHaveRoleIds);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Long> currentUserOrgScopeList() {
|
||||
|
||||
// 获取当前用户id
|
||||
Long userId = LoginContext.me().getLoginUser().getUserId();
|
||||
|
||||
// 用户当前组织机构id
|
||||
Long currentOrgId = LoginContext.me().getLoginUser().getCurrentOrgId();
|
||||
|
||||
// 获取当前用户的数据范围类型
|
||||
DataScopeTypeEnum dataScopeTypeEnum = this.currentUserDataScopeType();
|
||||
|
||||
// 如果是只有本人数据
|
||||
if (DataScopeTypeEnum.SELF.equals(dataScopeTypeEnum)) {
|
||||
return CollectionUtil.set(false, userId);
|
||||
}
|
||||
|
||||
// 如果是本部门数据
|
||||
else if (DataScopeTypeEnum.DEPT.equals(dataScopeTypeEnum)) {
|
||||
return CollectionUtil.set(false, currentOrgId);
|
||||
}
|
||||
|
||||
// 如果是本部门及以下部门
|
||||
else if (DataScopeTypeEnum.DEPT_WITH_CHILD.equals(dataScopeTypeEnum)) {
|
||||
|
||||
// 获取指定组织机构下的所有机构id
|
||||
Set<Long> subOrgIdList = dbOperatorApi.findSubListByParentId("sys_hr_organization", "org_pids", "org_id", currentOrgId);
|
||||
if (ObjectUtil.isEmpty(subOrgIdList)) {
|
||||
subOrgIdList = new HashSet<>();
|
||||
}
|
||||
subOrgIdList.add(currentOrgId);
|
||||
return subOrgIdList;
|
||||
}
|
||||
|
||||
// 如果是指定部门数据
|
||||
else if (DataScopeTypeEnum.DEFINE.equals(dataScopeTypeEnum)) {
|
||||
|
||||
// 获取用户的角色列表
|
||||
List<Long> userHaveRoleIds = sysUserRoleServiceApi.getUserRoleIdList(userId);
|
||||
|
||||
// 获取角色指定的所有部门范围
|
||||
return sysRoleDataScopeService.getRoleBindOrgIdList(userHaveRoleIds);
|
||||
}
|
||||
|
||||
// 如果是全部数据
|
||||
else if (DataScopeTypeEnum.ALL.equals(dataScopeTypeEnum)) {
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
// 默认返回只有本人数据
|
||||
return CollectionUtil.set(false, userId);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,8 +2,10 @@ package cn.stylefeng.roses.kernel.sys.modular.role.service.impl;
|
|||
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.collection.ListUtil;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
||||
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
|
||||
import cn.stylefeng.roses.kernel.db.api.DbOperatorApi;
|
||||
import cn.stylefeng.roses.kernel.db.mp.datascope.UserRoleDataScopeApi;
|
||||
import cn.stylefeng.roses.kernel.db.mp.datascope.config.DataScopeConfig;
|
||||
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
|
||||
|
|
@ -15,6 +17,7 @@ import org.springframework.stereotype.Service;
|
|||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
|
|
@ -36,6 +39,9 @@ public class UserRoleDataScopeImpl implements UserRoleDataScopeApi {
|
|||
@Resource
|
||||
private SysRoleDataScopeService sysRoleDataScopeService;
|
||||
|
||||
@Resource
|
||||
private DbOperatorApi dbOperatorApi;
|
||||
|
||||
@Override
|
||||
public DataScopeConfig getUserRoleDataScopeConfig() {
|
||||
|
||||
|
|
@ -93,4 +99,68 @@ public class UserRoleDataScopeImpl implements UserRoleDataScopeApi {
|
|||
return dataScopeConfig;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Long> currentUserOrgScopeList() {
|
||||
|
||||
// 获取当前用户id
|
||||
Long userId = LoginContext.me().getLoginUser().getUserId();
|
||||
|
||||
// 获取当前用户的数据范围类型
|
||||
DataScopeConfig userRoleDataScopeConfig = this.getUserRoleDataScopeConfig();
|
||||
DataScopeTypeEnum dataScopeTypeEnum = userRoleDataScopeConfig.getDataScopeType();
|
||||
|
||||
// 如果是只有本人数据
|
||||
if (DataScopeTypeEnum.SELF.equals(dataScopeTypeEnum)) {
|
||||
return CollectionUtil.set(false, userId);
|
||||
}
|
||||
|
||||
// 如果是本部门数据
|
||||
else if (DataScopeTypeEnum.DEPT.equals(dataScopeTypeEnum)) {
|
||||
return CollectionUtil.set(false, userRoleDataScopeConfig.getUserDeptId());
|
||||
}
|
||||
|
||||
// 如果是本部门及以下部门
|
||||
else if (DataScopeTypeEnum.DEPT_WITH_CHILD.equals(dataScopeTypeEnum)) {
|
||||
|
||||
// 获取指定组织机构下的所有机构id
|
||||
Set<Long> subOrgIdList = dbOperatorApi.findSubListByParentId("sys_hr_organization", "org_pids", "org_id", userRoleDataScopeConfig.getUserDeptId());
|
||||
if (ObjectUtil.isEmpty(subOrgIdList)) {
|
||||
subOrgIdList = new HashSet<>();
|
||||
}
|
||||
subOrgIdList.add(userRoleDataScopeConfig.getUserDeptId());
|
||||
return subOrgIdList;
|
||||
}
|
||||
|
||||
// 如果是本公司及以下部门
|
||||
else if (DataScopeTypeEnum.COMPANY_WITH_CHILD.equals(dataScopeTypeEnum)) {
|
||||
|
||||
// 获取指定组织机构下的所有机构id
|
||||
Set<Long> subOrgIdList = dbOperatorApi.findSubListByParentId("sys_hr_organization", "org_pids", "org_id", userRoleDataScopeConfig.getUserCompanyId());
|
||||
if (ObjectUtil.isEmpty(subOrgIdList)) {
|
||||
subOrgIdList = new HashSet<>();
|
||||
}
|
||||
subOrgIdList.add(userRoleDataScopeConfig.getUserCompanyId());
|
||||
return subOrgIdList;
|
||||
}
|
||||
|
||||
// 如果是指定部门数据
|
||||
else if (DataScopeTypeEnum.DEFINE.equals(dataScopeTypeEnum)) {
|
||||
|
||||
// 获取用户的角色列表
|
||||
List<Long> userHaveRoleIds = sysUserRoleServiceApi.getUserRoleIdList(userId);
|
||||
|
||||
// 获取角色指定的所有部门范围
|
||||
return sysRoleDataScopeService.getRoleBindOrgIdList(userHaveRoleIds);
|
||||
}
|
||||
|
||||
// 如果是全部数据
|
||||
else if (DataScopeTypeEnum.ALL.equals(dataScopeTypeEnum)) {
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
// 默认返回只有本人数据
|
||||
return CollectionUtil.set(false, userId);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue