diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java index c90c7d874..114927c10 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java @@ -109,16 +109,17 @@ public class SysDeptController extends BaseController @ResponseBody public AjaxResult editSave(@Validated SysDept dept) { + Long deptId = dept.getDeptId(); + deptService.checkDeptDataScope(deptId); if (UserConstants.DEPT_NAME_NOT_UNIQUE.equals(deptService.checkDeptNameUnique(dept))) { return error("修改部门'" + dept.getDeptName() + "'失败,部门名称已存在"); } - else if (dept.getParentId().equals(dept.getDeptId())) + else if (dept.getParentId().equals(deptId)) { return error("修改部门'" + dept.getDeptName() + "'失败,上级部门不能是自己"); } - else if (StringUtils.equals(UserConstants.DEPT_DISABLE, dept.getStatus()) - && deptService.selectNormalChildrenDeptById(dept.getDeptId()) > 0) + else if (StringUtils.equals(UserConstants.DEPT_DISABLE, dept.getStatus()) && deptService.selectNormalChildrenDeptById(deptId) > 0) { return AjaxResult.error("该部门包含未停用的子部门!"); } @@ -143,6 +144,7 @@ public class SysDeptController extends BaseController { return AjaxResult.warn("部门存在用户,不允许删除"); } + deptService.checkDeptDataScope(deptId); return toAjax(deptService.deleteDeptById(deptId)); } diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java index edf515e7e..eaed68504 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java @@ -124,6 +124,7 @@ public class SysRoleController extends BaseController public AjaxResult editSave(@Validated SysRole role) { roleService.checkRoleAllowed(role); + roleService.checkRoleDataScope(role.getRoleId()); if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) { return error("修改角色'" + role.getRoleName() + "'失败,角色名称已存在"); @@ -157,6 +158,7 @@ public class SysRoleController extends BaseController public AjaxResult authDataScopeSave(SysRole role) { roleService.checkRoleAllowed(role); + roleService.checkRoleDataScope(role.getRoleId()); role.setUpdateBy(getLoginName()); if (roleService.authDataScope(role) > 0) { @@ -214,6 +216,7 @@ public class SysRoleController extends BaseController public AjaxResult changeStatus(SysRole role) { roleService.checkRoleAllowed(role); + roleService.checkRoleDataScope(role.getRoleId()); return toAjax(roleService.changeStatus(role)); } @@ -297,6 +300,7 @@ public class SysRoleController extends BaseController @ResponseBody public AjaxResult selectAuthUserAll(Long roleId, String userIds) { + roleService.checkRoleDataScope(roleId); return toAjax(roleService.insertAuthUsers(roleId, userIds)); } } \ No newline at end of file diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java index 2ef746df3..9f0e95663 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java @@ -169,6 +169,7 @@ public class SysUserController extends BaseController public AjaxResult editSave(@Validated SysUser user) { userService.checkUserAllowed(user); + userService.checkUserDataScope(user.getUserId()); if (StringUtils.isNotEmpty(user.getPhonenumber()) && UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) { @@ -199,6 +200,7 @@ public class SysUserController extends BaseController public AjaxResult resetPwdSave(SysUser user) { userService.checkUserAllowed(user); + userService.checkUserDataScope(user.getUserId()); user.setSalt(ShiroUtils.randomSalt()); user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt())); if (userService.resetUserPwd(user) > 0) @@ -235,6 +237,7 @@ public class SysUserController extends BaseController @ResponseBody public AjaxResult insertAuthRole(Long userId, Long[] roleIds) { + userService.checkUserDataScope(userId); userService.insertUserAuth(userId, roleIds); AuthorizationUtils.clearAllCachedAuthorizationInfo(); return success(); @@ -293,6 +296,7 @@ public class SysUserController extends BaseController public AjaxResult changeStatus(SysUser user) { userService.checkUserAllowed(user); + userService.checkUserDataScope(user.getUserId()); return toAjax(userService.changeStatus(user)); } } \ No newline at end of file diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java index 7d83f2765..6ca973b83 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java @@ -159,6 +159,7 @@ public class SysRoleServiceImpl implements ISysRoleService for (Long roleId : roleIds) { checkRoleAllowed(new SysRole(roleId)); + checkRoleDataScope(roleId); SysRole role = selectRoleById(roleId); if (countUserRoleByRoleId(roleId) > 0) { diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java index a28c7a4b7..07b91eabe 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java @@ -47,7 +47,7 @@ public class SysUserServiceImpl implements ISysUserService @Autowired private SysRoleMapper roleMapper; - + @Autowired private SysPostMapper postMapper; @@ -193,6 +193,7 @@ public class SysUserServiceImpl implements ISysUserService for (Long userId : userIds) { checkUserAllowed(new SysUser(userId)); + checkUserDataScope(userId); } // 删除用户与角色关联 userRoleMapper.deleteUserRole(userIds);