mirror of https://gitee.com/stylefeng/roses
【8.1.1】【sys】从新整用户列表的数据范围
fengshuonan
parent
c8a21761c1
commit
f5e37fe8e4
|
|
@ -2,6 +2,8 @@ package cn.stylefeng.roses.kernel.db.mp.datascope;
|
||||||
|
|
||||||
import cn.stylefeng.roses.kernel.db.mp.datascope.config.DataScopeConfig;
|
import cn.stylefeng.roses.kernel.db.mp.datascope.config.DataScopeConfig;
|
||||||
|
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 获取用户角色的数据范围
|
* 获取用户角色的数据范围
|
||||||
*
|
*
|
||||||
|
|
@ -18,4 +20,18 @@ public interface UserRoleDataScopeApi {
|
||||||
*/
|
*/
|
||||||
DataScopeConfig getUserRoleDataScopeConfig();
|
DataScopeConfig getUserRoleDataScopeConfig();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 获取当前用户拥有的所有组织机构id列表
|
||||||
|
* <p>
|
||||||
|
* 返回值说明:
|
||||||
|
* 1. 可以返回null或者空,代表用户有所有权限,也就是全部数据
|
||||||
|
* 2. 返回带有userId或者orgId的选项,代表用户有这些人或者这些机构的权限
|
||||||
|
* 3. 返回带有负数(例如:-1)的数组,则代表用户没有任何权限
|
||||||
|
*
|
||||||
|
* @return 用户拥有的数据范围,userId或者orgId
|
||||||
|
* @author fengshuonan
|
||||||
|
* @since 2023/7/18 22:54
|
||||||
|
*/
|
||||||
|
Set<Long> currentUserOrgScopeList();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,37 +0,0 @@
|
||||||
package cn.stylefeng.roses.kernel.sys.api;
|
|
||||||
|
|
||||||
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
|
|
||||||
|
|
||||||
import java.util.Set;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 用户数据范围权限的Api
|
|
||||||
*
|
|
||||||
* @author fengshuonan
|
|
||||||
* @since 2023/7/18 22:51
|
|
||||||
*/
|
|
||||||
public interface UserDataScopeApi {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取当前用户拥有的数据范围类型
|
|
||||||
*
|
|
||||||
* @author fengshuonan
|
|
||||||
* @since 2023/7/18 22:58
|
|
||||||
*/
|
|
||||||
DataScopeTypeEnum currentUserDataScopeType();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取当前用户拥有的所有组织机构id列表
|
|
||||||
* <p>
|
|
||||||
* 返回值说明:
|
|
||||||
* 1. 可以返回null或者空,代表用户有所有权限,也就是全部数据
|
|
||||||
* 2. 返回带有userId或者orgId的选项,代表用户有这些人或者这些机构的权限
|
|
||||||
* 3. 返回带有负数(例如:-1)的数组,则代表用户没有任何权限
|
|
||||||
*
|
|
||||||
* @return 用户拥有的数据范围,userId或者orgId
|
|
||||||
* @author fengshuonan
|
|
||||||
* @since 2023/7/18 22:54
|
|
||||||
*/
|
|
||||||
Set<Long> currentUserOrgScopeList();
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
@ -1,48 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright [2020-2030] [https://www.stylefeng.cn]
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*
|
|
||||||
* Guns采用APACHE LICENSE 2.0开源协议,您在使用过程中,需要注意以下几点:
|
|
||||||
*
|
|
||||||
* 1.请不要删除和修改根目录下的LICENSE文件。
|
|
||||||
* 2.请不要删除和修改Guns源码头部的版权声明。
|
|
||||||
* 3.请保留源码和相关描述文件的项目出处,作者声明等。
|
|
||||||
* 4.分发源码时候,请注明软件出处 https://gitee.com/stylefeng/guns
|
|
||||||
* 5.在修改包名,模块名称,项目代码等时,请注明软件出处 https://gitee.com/stylefeng/guns
|
|
||||||
* 6.若您的项目无法满足以上几点,可申请商业授权
|
|
||||||
*/
|
|
||||||
package cn.stylefeng.roses.kernel.sys.api.context;
|
|
||||||
|
|
||||||
import cn.hutool.extra.spring.SpringUtil;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.api.UserDataScopeApi;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取数据范围的快捷调用
|
|
||||||
*
|
|
||||||
* @author fengshuonan
|
|
||||||
* @since 2023/7/18 23:04
|
|
||||||
*/
|
|
||||||
public class DataScopeContext {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取用户权限接口
|
|
||||||
*
|
|
||||||
* @author fengshuonan
|
|
||||||
* @since 2023/7/18 23:04
|
|
||||||
*/
|
|
||||||
public static UserDataScopeApi me() {
|
|
||||||
return SpringUtil.getBean(UserDataScopeApi.class);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
@ -14,6 +14,7 @@ import cn.stylefeng.roses.kernel.db.api.factory.PageFactory;
|
||||||
import cn.stylefeng.roses.kernel.db.api.factory.PageResultFactory;
|
import cn.stylefeng.roses.kernel.db.api.factory.PageResultFactory;
|
||||||
import cn.stylefeng.roses.kernel.db.api.pojo.entity.BaseEntity;
|
import cn.stylefeng.roses.kernel.db.api.pojo.entity.BaseEntity;
|
||||||
import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
|
import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
|
||||||
|
import cn.stylefeng.roses.kernel.db.mp.datascope.UserRoleDataScopeApi;
|
||||||
import cn.stylefeng.roses.kernel.db.mp.tenant.holder.TenantIdHolder;
|
import cn.stylefeng.roses.kernel.db.mp.tenant.holder.TenantIdHolder;
|
||||||
import cn.stylefeng.roses.kernel.db.mp.tenant.holder.TenantSwitchHolder;
|
import cn.stylefeng.roses.kernel.db.mp.tenant.holder.TenantSwitchHolder;
|
||||||
import cn.stylefeng.roses.kernel.dsctn.api.context.DataSourceContext;
|
import cn.stylefeng.roses.kernel.dsctn.api.context.DataSourceContext;
|
||||||
|
|
@ -28,7 +29,6 @@ import cn.stylefeng.roses.kernel.rule.util.SortUtils;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.SecurityConfigService;
|
import cn.stylefeng.roses.kernel.sys.api.SecurityConfigService;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.callback.RemoveUserCallbackApi;
|
import cn.stylefeng.roses.kernel.sys.api.callback.RemoveUserCallbackApi;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.constants.SysConstants;
|
import cn.stylefeng.roses.kernel.sys.api.constants.SysConstants;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.context.DataScopeContext;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.api.enums.user.UserStatusEnum;
|
import cn.stylefeng.roses.kernel.sys.api.enums.user.UserStatusEnum;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.expander.SysConfigExpander;
|
import cn.stylefeng.roses.kernel.sys.api.expander.SysConfigExpander;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.pojo.user.*;
|
import cn.stylefeng.roses.kernel.sys.api.pojo.user.*;
|
||||||
|
|
@ -87,6 +87,9 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
@Resource
|
@Resource
|
||||||
private SysUserCertificateService sysUserCertificateService;
|
private SysUserCertificateService sysUserCertificateService;
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private UserRoleDataScopeApi userRoleDataScopeApi;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
public void add(SysUserRequest sysUserRequest) {
|
public void add(SysUserRequest sysUserRequest) {
|
||||||
|
|
@ -108,8 +111,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
this.save(sysUser);
|
this.save(sysUser);
|
||||||
|
|
||||||
// 记录一个密码修改记录
|
// 记录一个密码修改记录
|
||||||
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(),
|
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(), saltedEncryptResult.getPasswordSalt());
|
||||||
saltedEncryptResult.getPasswordSalt());
|
|
||||||
|
|
||||||
// 更新用户的任职信息
|
// 更新用户的任职信息
|
||||||
sysUserOrgService.updateUserOrg(sysUser.getUserId(), sysUserRequest.getUserOrgList());
|
sysUserOrgService.updateUserOrg(sysUser.getUserId(), sysUserRequest.getUserOrgList());
|
||||||
|
|
@ -210,9 +212,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
// 查询用户个人信息
|
// 查询用户个人信息
|
||||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, sysUserRequest.getUserId());
|
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, sysUserRequest.getUserId());
|
||||||
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getAvatar, SysUser::getAccount, SysUser::getUserSort,
|
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getAvatar, SysUser::getAccount, SysUser::getUserSort, SysUser::getSuperAdminFlag, SysUser::getRealName, SysUser::getSex,
|
||||||
SysUser::getSuperAdminFlag, SysUser::getRealName, SysUser::getSex, SysUser::getBirthday, SysUser::getEmail,
|
SysUser::getBirthday, SysUser::getEmail, SysUser::getPhone, SysUser::getLastLoginIp, SysUser::getLoginCount, SysUser::getLastLoginTime, SysUser::getStatusFlag,
|
||||||
SysUser::getPhone, SysUser::getLastLoginIp, SysUser::getLoginCount, SysUser::getLastLoginTime, SysUser::getStatusFlag,
|
|
||||||
BaseEntity::getCreateTime, BaseEntity::getUpdateTime, SysUser::getEmployeeNumber);
|
BaseEntity::getCreateTime, BaseEntity::getUpdateTime, SysUser::getEmployeeNumber);
|
||||||
SysUser sysUser = this.getOne(sysUserLambdaQueryWrapper, false);
|
SysUser sysUser = this.getOne(sysUserLambdaQueryWrapper, false);
|
||||||
|
|
||||||
|
|
@ -242,8 +243,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
LambdaQueryWrapper<SysUser> wrapper = createWrapper(sysUserRequest);
|
LambdaQueryWrapper<SysUser> wrapper = createWrapper(sysUserRequest);
|
||||||
|
|
||||||
// 只查询需要的字段
|
// 只查询需要的字段
|
||||||
wrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getAccount, SysUser::getSex, SysUser::getStatusFlag,
|
wrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getAccount, SysUser::getSex, SysUser::getStatusFlag, BaseEntity::getCreateTime, SysUser::getEmployeeNumber);
|
||||||
BaseEntity::getCreateTime, SysUser::getEmployeeNumber);
|
|
||||||
|
|
||||||
// 分页查询
|
// 分页查询
|
||||||
Page<SysUser> sysUserPage = this.page(PageFactory.defaultPage(), wrapper);
|
Page<SysUser> sysUserPage = this.page(PageFactory.defaultPage(), wrapper);
|
||||||
|
|
@ -323,8 +323,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
// 查询用户的详细信息
|
// 查询用户的详细信息
|
||||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
||||||
sysUserLambdaQueryWrapper.select(SysUser::getRealName, SysUser::getAccount, SysUser::getAvatar, SysUser::getEmail,
|
sysUserLambdaQueryWrapper.select(SysUser::getRealName, SysUser::getAccount, SysUser::getAvatar, SysUser::getEmail, SysUser::getPhone, SysUser::getSex, SysUser::getBirthday);
|
||||||
SysUser::getPhone, SysUser::getSex, SysUser::getBirthday);
|
|
||||||
SysUser sysUser = this.getOne(sysUserLambdaQueryWrapper, false);
|
SysUser sysUser = this.getOne(sysUserLambdaQueryWrapper, false);
|
||||||
|
|
||||||
if (sysUser == null) {
|
if (sysUser == null) {
|
||||||
|
|
@ -363,8 +362,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
SysUser sysUser = this.querySysUser(sysUserRequest);
|
SysUser sysUser = this.querySysUser(sysUserRequest);
|
||||||
|
|
||||||
// 原密码错误
|
// 原密码错误
|
||||||
if (!passwordStoredEncryptApi.checkPasswordWithSalt(sysUserRequest.getPassword(), sysUser.getPasswordSalt(),
|
if (!passwordStoredEncryptApi.checkPasswordWithSalt(sysUserRequest.getPassword(), sysUser.getPasswordSalt(), sysUser.getPassword())) {
|
||||||
sysUser.getPassword())) {
|
|
||||||
throw new ServiceException(SysUserExceptionEnum.USER_PWD_ERROR);
|
throw new ServiceException(SysUserExceptionEnum.USER_PWD_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -382,8 +380,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
this.updateById(sysUser);
|
this.updateById(sysUser);
|
||||||
|
|
||||||
// 记录一个密码修改记录
|
// 记录一个密码修改记录
|
||||||
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(),
|
securityConfigService.recordPasswordEditLog(sysUser.getUserId(), saltedEncryptResult.getEncryptPassword(), saltedEncryptResult.getPasswordSalt());
|
||||||
saltedEncryptResult.getPasswordSalt());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -502,16 +499,14 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
throw new ServiceException(SysUserExceptionEnum.ACCOUNT_NOT_EXIST);
|
throw new ServiceException(SysUserExceptionEnum.ACCOUNT_NOT_EXIST);
|
||||||
}
|
}
|
||||||
|
|
||||||
return new UserValidateDTO(sysUserServiceOne.getUserId(), sysUserServiceOne.getPassword(), sysUserServiceOne.getPasswordSalt(),
|
return new UserValidateDTO(sysUserServiceOne.getUserId(), sysUserServiceOne.getPassword(), sysUserServiceOne.getPasswordSalt(), sysUserServiceOne.getStatusFlag(), tenantId, account);
|
||||||
sysUserServiceOne.getStatusFlag(), tenantId, account);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public UserValidateDTO getUserLoginValidateDTO(Long userId) {
|
public UserValidateDTO getUserLoginValidateDTO(Long userId) {
|
||||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
||||||
sysUserLambdaQueryWrapper.select(SysUser::getPassword, SysUser::getAccount, SysUser::getPasswordSalt, SysUser::getStatusFlag,
|
sysUserLambdaQueryWrapper.select(SysUser::getPassword, SysUser::getAccount, SysUser::getPasswordSalt, SysUser::getStatusFlag, SysUser::getUserId, SysUser::getTenantId);
|
||||||
SysUser::getUserId, SysUser::getTenantId);
|
|
||||||
|
|
||||||
// 单独填充租户id
|
// 单独填充租户id
|
||||||
SysUser sysUser;
|
SysUser sysUser;
|
||||||
|
|
@ -526,8 +521,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
throw new ServiceException(SysUserExceptionEnum.ACCOUNT_NOT_EXIST);
|
throw new ServiceException(SysUserExceptionEnum.ACCOUNT_NOT_EXIST);
|
||||||
}
|
}
|
||||||
|
|
||||||
return new UserValidateDTO(sysUser.getUserId(), sysUser.getPassword(), sysUser.getPasswordSalt(), sysUser.getStatusFlag(),
|
return new UserValidateDTO(sysUser.getUserId(), sysUser.getPassword(), sysUser.getPasswordSalt(), sysUser.getStatusFlag(), sysUser.getTenantId(), sysUser.getAccount());
|
||||||
sysUser.getTenantId(), sysUser.getAccount());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -661,9 +655,8 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
|
|
||||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||||
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
sysUserLambdaQueryWrapper.eq(SysUser::getUserId, userId);
|
||||||
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getNickName, SysUser::getAccount,
|
sysUserLambdaQueryWrapper.select(SysUser::getUserId, SysUser::getRealName, SysUser::getNickName, SysUser::getAccount, SysUser::getBirthday, SysUser::getSex, SysUser::getPhone, SysUser::getTel,
|
||||||
SysUser::getBirthday, SysUser::getSex, SysUser::getPhone, SysUser::getTel, SysUser::getEmail, SysUser::getSuperAdminFlag,
|
SysUser::getEmail, SysUser::getSuperAdminFlag, SysUser::getStatusFlag, SysUser::getUserSort, SysUser::getMasterUserId);
|
||||||
SysUser::getStatusFlag, SysUser::getUserSort, SysUser::getMasterUserId);
|
|
||||||
SysUser userInfo = this.getOne(sysUserLambdaQueryWrapper);
|
SysUser userInfo = this.getOne(sysUserLambdaQueryWrapper);
|
||||||
|
|
||||||
if (userInfo != null) {
|
if (userInfo != null) {
|
||||||
|
|
@ -814,7 +807,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||||
}
|
}
|
||||||
|
|
||||||
// 数据权限范围控制
|
// 数据权限范围控制
|
||||||
Set<Long> dataScope = DataScopeContext.me().currentUserOrgScopeList();
|
Set<Long> dataScope = userRoleDataScopeApi.currentUserOrgScopeList();
|
||||||
if (ObjectUtil.isNotEmpty(dataScope)) {
|
if (ObjectUtil.isNotEmpty(dataScope)) {
|
||||||
Set<Long> userIdList = this.sysUserOrgService.getOrgUserIdList(dataScope);
|
Set<Long> userIdList = this.sysUserOrgService.getOrgUserIdList(dataScope);
|
||||||
queryWrapper.in(SysUser::getUserId, userIdList);
|
queryWrapper.in(SysUser::getUserId, userIdList);
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,5 @@
|
||||||
package cn.stylefeng.roses.kernel.sys.modular.role.service;
|
package cn.stylefeng.roses.kernel.sys.modular.role.service;
|
||||||
|
|
||||||
import cn.stylefeng.roses.kernel.sys.api.UserDataScopeApi;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.role.pojo.request.RoleBindPermissionRequest;
|
import cn.stylefeng.roses.kernel.sys.modular.role.pojo.request.RoleBindPermissionRequest;
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.role.pojo.response.RoleBindPermissionResponse;
|
import cn.stylefeng.roses.kernel.sys.modular.role.pojo.response.RoleBindPermissionResponse;
|
||||||
|
|
||||||
|
|
@ -12,7 +11,7 @@ import java.util.Set;
|
||||||
* @author fengshuonan
|
* @author fengshuonan
|
||||||
* @since 2023/6/13 16:13
|
* @since 2023/6/13 16:13
|
||||||
*/
|
*/
|
||||||
public interface PermissionAssignService extends UserDataScopeApi {
|
public interface PermissionAssignService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 获取角色绑定的权限列表
|
* 获取角色绑定的权限列表
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,10 @@
|
||||||
package cn.stylefeng.roses.kernel.sys.modular.role.service.impl;
|
package cn.stylefeng.roses.kernel.sys.modular.role.service.impl;
|
||||||
|
|
||||||
import cn.hutool.core.collection.CollectionUtil;
|
|
||||||
import cn.hutool.core.util.ObjectUtil;
|
import cn.hutool.core.util.ObjectUtil;
|
||||||
import cn.hutool.extra.spring.SpringUtil;
|
import cn.hutool.extra.spring.SpringUtil;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
|
||||||
import cn.stylefeng.roses.kernel.db.api.DbOperatorApi;
|
import cn.stylefeng.roses.kernel.db.api.DbOperatorApi;
|
||||||
import cn.stylefeng.roses.kernel.event.sdk.publish.BusinessEventPublisher;
|
import cn.stylefeng.roses.kernel.event.sdk.publish.BusinessEventPublisher;
|
||||||
import cn.stylefeng.roses.kernel.log.api.util.BusinessLogUtil;
|
import cn.stylefeng.roses.kernel.log.api.util.BusinessLogUtil;
|
||||||
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.api.SysUserRoleServiceApi;
|
import cn.stylefeng.roses.kernel.sys.api.SysUserRoleServiceApi;
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.app.entity.SysApp;
|
import cn.stylefeng.roses.kernel.sys.modular.app.entity.SysApp;
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.app.service.SysAppService;
|
import cn.stylefeng.roses.kernel.sys.modular.app.service.SysAppService;
|
||||||
|
|
@ -185,71 +182,4 @@ public class PermissionAssignServiceImpl implements PermissionAssignService {
|
||||||
return resultPermissions;
|
return resultPermissions;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public DataScopeTypeEnum currentUserDataScopeType() {
|
|
||||||
|
|
||||||
// 获取当前用户id
|
|
||||||
Long userId = LoginContext.me().getLoginUser().getUserId();
|
|
||||||
|
|
||||||
// 获取用户的角色列表
|
|
||||||
List<Long> userHaveRoleIds = sysUserRoleServiceApi.getUserRoleIdList(userId);
|
|
||||||
|
|
||||||
// 获取这些角色对应的数据范围
|
|
||||||
return sysRoleService.getRoleDataScope(userHaveRoleIds);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<Long> currentUserOrgScopeList() {
|
|
||||||
|
|
||||||
// 获取当前用户id
|
|
||||||
Long userId = LoginContext.me().getLoginUser().getUserId();
|
|
||||||
|
|
||||||
// 用户当前组织机构id
|
|
||||||
Long currentOrgId = LoginContext.me().getLoginUser().getCurrentOrgId();
|
|
||||||
|
|
||||||
// 获取当前用户的数据范围类型
|
|
||||||
DataScopeTypeEnum dataScopeTypeEnum = this.currentUserDataScopeType();
|
|
||||||
|
|
||||||
// 如果是只有本人数据
|
|
||||||
if (DataScopeTypeEnum.SELF.equals(dataScopeTypeEnum)) {
|
|
||||||
return CollectionUtil.set(false, userId);
|
|
||||||
}
|
|
||||||
|
|
||||||
// 如果是本部门数据
|
|
||||||
else if (DataScopeTypeEnum.DEPT.equals(dataScopeTypeEnum)) {
|
|
||||||
return CollectionUtil.set(false, currentOrgId);
|
|
||||||
}
|
|
||||||
|
|
||||||
// 如果是本部门及以下部门
|
|
||||||
else if (DataScopeTypeEnum.DEPT_WITH_CHILD.equals(dataScopeTypeEnum)) {
|
|
||||||
|
|
||||||
// 获取指定组织机构下的所有机构id
|
|
||||||
Set<Long> subOrgIdList = dbOperatorApi.findSubListByParentId("sys_hr_organization", "org_pids", "org_id", currentOrgId);
|
|
||||||
if (ObjectUtil.isEmpty(subOrgIdList)) {
|
|
||||||
subOrgIdList = new HashSet<>();
|
|
||||||
}
|
|
||||||
subOrgIdList.add(currentOrgId);
|
|
||||||
return subOrgIdList;
|
|
||||||
}
|
|
||||||
|
|
||||||
// 如果是指定部门数据
|
|
||||||
else if (DataScopeTypeEnum.DEFINE.equals(dataScopeTypeEnum)) {
|
|
||||||
|
|
||||||
// 获取用户的角色列表
|
|
||||||
List<Long> userHaveRoleIds = sysUserRoleServiceApi.getUserRoleIdList(userId);
|
|
||||||
|
|
||||||
// 获取角色指定的所有部门范围
|
|
||||||
return sysRoleDataScopeService.getRoleBindOrgIdList(userHaveRoleIds);
|
|
||||||
}
|
|
||||||
|
|
||||||
// 如果是全部数据
|
|
||||||
else if (DataScopeTypeEnum.ALL.equals(dataScopeTypeEnum)) {
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// 默认返回只有本人数据
|
|
||||||
return CollectionUtil.set(false, userId);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2,8 +2,10 @@ package cn.stylefeng.roses.kernel.sys.modular.role.service.impl;
|
||||||
|
|
||||||
import cn.hutool.core.collection.CollectionUtil;
|
import cn.hutool.core.collection.CollectionUtil;
|
||||||
import cn.hutool.core.collection.ListUtil;
|
import cn.hutool.core.collection.ListUtil;
|
||||||
|
import cn.hutool.core.util.ObjectUtil;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
|
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
|
||||||
|
import cn.stylefeng.roses.kernel.db.api.DbOperatorApi;
|
||||||
import cn.stylefeng.roses.kernel.db.mp.datascope.UserRoleDataScopeApi;
|
import cn.stylefeng.roses.kernel.db.mp.datascope.UserRoleDataScopeApi;
|
||||||
import cn.stylefeng.roses.kernel.db.mp.datascope.config.DataScopeConfig;
|
import cn.stylefeng.roses.kernel.db.mp.datascope.config.DataScopeConfig;
|
||||||
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
|
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
|
||||||
|
|
@ -15,6 +17,7 @@ import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
|
@ -36,6 +39,9 @@ public class UserRoleDataScopeImpl implements UserRoleDataScopeApi {
|
||||||
@Resource
|
@Resource
|
||||||
private SysRoleDataScopeService sysRoleDataScopeService;
|
private SysRoleDataScopeService sysRoleDataScopeService;
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private DbOperatorApi dbOperatorApi;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public DataScopeConfig getUserRoleDataScopeConfig() {
|
public DataScopeConfig getUserRoleDataScopeConfig() {
|
||||||
|
|
||||||
|
|
@ -93,4 +99,68 @@ public class UserRoleDataScopeImpl implements UserRoleDataScopeApi {
|
||||||
return dataScopeConfig;
|
return dataScopeConfig;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Set<Long> currentUserOrgScopeList() {
|
||||||
|
|
||||||
|
// 获取当前用户id
|
||||||
|
Long userId = LoginContext.me().getLoginUser().getUserId();
|
||||||
|
|
||||||
|
// 获取当前用户的数据范围类型
|
||||||
|
DataScopeConfig userRoleDataScopeConfig = this.getUserRoleDataScopeConfig();
|
||||||
|
DataScopeTypeEnum dataScopeTypeEnum = userRoleDataScopeConfig.getDataScopeType();
|
||||||
|
|
||||||
|
// 如果是只有本人数据
|
||||||
|
if (DataScopeTypeEnum.SELF.equals(dataScopeTypeEnum)) {
|
||||||
|
return CollectionUtil.set(false, userId);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 如果是本部门数据
|
||||||
|
else if (DataScopeTypeEnum.DEPT.equals(dataScopeTypeEnum)) {
|
||||||
|
return CollectionUtil.set(false, userRoleDataScopeConfig.getUserDeptId());
|
||||||
|
}
|
||||||
|
|
||||||
|
// 如果是本部门及以下部门
|
||||||
|
else if (DataScopeTypeEnum.DEPT_WITH_CHILD.equals(dataScopeTypeEnum)) {
|
||||||
|
|
||||||
|
// 获取指定组织机构下的所有机构id
|
||||||
|
Set<Long> subOrgIdList = dbOperatorApi.findSubListByParentId("sys_hr_organization", "org_pids", "org_id", userRoleDataScopeConfig.getUserDeptId());
|
||||||
|
if (ObjectUtil.isEmpty(subOrgIdList)) {
|
||||||
|
subOrgIdList = new HashSet<>();
|
||||||
|
}
|
||||||
|
subOrgIdList.add(userRoleDataScopeConfig.getUserDeptId());
|
||||||
|
return subOrgIdList;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 如果是本公司及以下部门
|
||||||
|
else if (DataScopeTypeEnum.COMPANY_WITH_CHILD.equals(dataScopeTypeEnum)) {
|
||||||
|
|
||||||
|
// 获取指定组织机构下的所有机构id
|
||||||
|
Set<Long> subOrgIdList = dbOperatorApi.findSubListByParentId("sys_hr_organization", "org_pids", "org_id", userRoleDataScopeConfig.getUserCompanyId());
|
||||||
|
if (ObjectUtil.isEmpty(subOrgIdList)) {
|
||||||
|
subOrgIdList = new HashSet<>();
|
||||||
|
}
|
||||||
|
subOrgIdList.add(userRoleDataScopeConfig.getUserCompanyId());
|
||||||
|
return subOrgIdList;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 如果是指定部门数据
|
||||||
|
else if (DataScopeTypeEnum.DEFINE.equals(dataScopeTypeEnum)) {
|
||||||
|
|
||||||
|
// 获取用户的角色列表
|
||||||
|
List<Long> userHaveRoleIds = sysUserRoleServiceApi.getUserRoleIdList(userId);
|
||||||
|
|
||||||
|
// 获取角色指定的所有部门范围
|
||||||
|
return sysRoleDataScopeService.getRoleBindOrgIdList(userHaveRoleIds);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 如果是全部数据
|
||||||
|
else if (DataScopeTypeEnum.ALL.equals(dataScopeTypeEnum)) {
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 默认返回只有本人数据
|
||||||
|
return CollectionUtil.set(false, userId);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue