修复角色禁用权限不失效问题

2024-09-21 11:03:13 +08:00 · 2024-09-21 11:03:13 +08:00 · 05e2c28343
parent 60a6765f09
commit 05e2c28343
3 changed files with 12 additions and 6 deletions
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java
@ -21,6 +21,9 @@ public class UserConstants
    /** 用户封禁状态 */
    public static final String USER_DISABLE = "1";

+    /** 角色正常状态 */
+    public static final String ROLE_NORMAL = "0";
+
    /** 角色封禁状态 */
    public static final String ROLE_DISABLE = "1";

--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
@ -7,6 +7,7 @@ import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Before;
 import org.springframework.stereotype.Component;
 import com.ruoyi.common.annotation.DataScope;
+import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.context.PermissionContextHolder;
 import com.ruoyi.common.core.domain.BaseEntity;
 import com.ruoyi.common.core.domain.entity.SysRole;
@ -71,8 +72,7 @@ public class DataScopeAspect
            if (!currentUser.isAdmin())
            {
                String permission = StringUtils.defaultIfEmpty(controllerDataScope.permission(), PermissionContextHolder.getContext());
-                dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
-                        controllerDataScope.userAlias(), permission);
+                dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), controllerDataScope.userAlias(), permission);
            }
        }
    }
@ -92,7 +92,7 @@ public class DataScopeAspect
        List<String> conditions = new ArrayList<String>();
        List<String> scopeCustomIds = new ArrayList<String>();
        user.getRoles().forEach(role -> {
-            if (DATA_SCOPE_CUSTOM.equals(role.getDataScope()) && StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
+            if (DATA_SCOPE_CUSTOM.equals(role.getDataScope()) && StringUtils.equals(role.getStatus(), UserConstants.ROLE_NORMAL) && StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
            {
                scopeCustomIds.add(Convert.toStr(role.getRoleId()));
            }
@ -101,7 +101,7 @@ public class DataScopeAspect
        for (SysRole role : user.getRoles())
        {
            String dataScope = role.getDataScope();
-            if (conditions.contains(dataScope))
+            if (conditions.contains(dataScope) || StringUtils.equals(role.getStatus(), UserConstants.ROLE_DISABLE))
            {
                continue;
            }
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysLoginService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysLoginService.java
@ -163,8 +163,11 @@ public class SysLoginService
            // 设置permissions属性，以便数据权限匹配权限
            for (SysRole role : roles)
            {
-                Set<String> rolePerms = menuService.selectPermsByRoleId(role.getRoleId());
-                role.setPermissions(rolePerms);
+                if (StringUtils.equals(role.getStatus(), UserConstants.ROLE_NORMAL))
+                {
+                    Set<String> rolePerms = menuService.selectPermsByRoleId(role.getRoleId());
+                    role.setPermissions(rolePerms);
+                }
            }
        }
    }