diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java index b1f6dd585..fd894445b 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java @@ -130,6 +130,8 @@ public class SysUserController extends BaseController @ResponseBody public AjaxResult addSave(@Validated SysUser user) { + deptService.checkDeptDataScope(user.getDeptId()); + roleService.checkRoleDataScope(user.getRoleIds()); if (!userService.checkLoginNameUnique(user)) { return error("新增用户'" + user.getLoginName() + "'失败,登录账号已存在"); @@ -189,6 +191,8 @@ public class SysUserController extends BaseController { userService.checkUserAllowed(user); userService.checkUserDataScope(user.getUserId()); + deptService.checkDeptDataScope(user.getDeptId()); + roleService.checkRoleDataScope(user.getRoleIds()); if (!userService.checkLoginNameUnique(user)) { return error("修改用户'" + user.getLoginName() + "'失败,登录账号已存在"); @@ -259,6 +263,7 @@ public class SysUserController extends BaseController public AjaxResult insertAuthRole(Long userId, Long[] roleIds) { userService.checkUserDataScope(userId); + roleService.checkRoleDataScope(roleIds); userService.insertUserAuth(userId, roleIds); AuthorizationUtils.clearAllCachedAuthorizationInfo(); return success(); diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java index 15c1dead2..bbcce4b36 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java @@ -23,7 +23,7 @@ public class SysUser extends BaseEntity private static final long serialVersionUID = 1L; /** 用户ID */ - @Excel(name = "用户序号", cellType = ColumnType.NUMERIC, prompt = "用户编号") + @Excel(name = "用户序号", type = Type.EXPORT, cellType = ColumnType.NUMERIC, prompt = "用户编号") private Long userId; /** 部门ID */ diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java index f7448ee78..100312e08 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java @@ -118,9 +118,9 @@ public interface ISysRoleService /** * 校验角色是否有数据权限 * - * @param roleId 角色id + * @param roleIds 角色id */ - public void checkRoleDataScope(Long roleId); + public void checkRoleDataScope(Long... roleIds); /** * 通过角色ID查询角色使用数量 diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java index adca04c6a..e7ee0c9d4 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java @@ -314,7 +314,7 @@ public class SysDeptServiceImpl implements ISysDeptService @Override public void checkDeptDataScope(Long deptId) { - if (!SysUser.isAdmin(ShiroUtils.getUserId())) + if (!SysUser.isAdmin(ShiroUtils.getUserId()) && StringUtils.isNotNull(deptId)) { SysDept dept = new SysDept(); dept.setDeptId(deptId); diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java index 5c55b93d4..873d2af4d 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java @@ -324,19 +324,22 @@ public class SysRoleServiceImpl implements ISysRoleService /** * 校验角色是否有数据权限 * - * @param roleId 角色id + * @param roleIds 角色id */ @Override - public void checkRoleDataScope(Long roleId) + public void checkRoleDataScope(Long... roleIds) { if (!SysUser.isAdmin(ShiroUtils.getUserId())) { - SysRole role = new SysRole(); - role.setRoleId(roleId); - List roles = SpringUtils.getAopProxy(this).selectRoleList(role); - if (StringUtils.isEmpty(roles)) + for (Long roleId : roleIds) { - throw new ServiceException("没有权限访问角色数据!"); + SysRole role = new SysRole(); + role.setRoleId(roleId); + List roles = SpringUtils.getAopProxy(this).selectRoleList(role); + if (StringUtils.isEmpty(roles)) + { + throw new ServiceException("没有权限访问角色数据!"); + } } } } diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java index 3c7970c85..2c2ebccde 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java @@ -30,6 +30,7 @@ import com.ruoyi.system.mapper.SysUserMapper; import com.ruoyi.system.mapper.SysUserPostMapper; import com.ruoyi.system.mapper.SysUserRoleMapper; import com.ruoyi.system.service.ISysConfigService; +import com.ruoyi.system.service.ISysDeptService; import com.ruoyi.system.service.ISysUserService; /** @@ -60,6 +61,9 @@ public class SysUserServiceImpl implements ISysUserService @Autowired private ISysConfigService configService; + @Autowired + private ISysDeptService deptService; + @Autowired protected Validator validator; @@ -487,7 +491,6 @@ public class SysUserServiceImpl implements ISysUserService int failureNum = 0; StringBuilder successMsg = new StringBuilder(); StringBuilder failureMsg = new StringBuilder(); - String password = configService.selectConfigByKey("sys.user.initPassword"); for (SysUser user : userList) { try @@ -497,6 +500,8 @@ public class SysUserServiceImpl implements ISysUserService if (StringUtils.isNull(u)) { BeanValidators.validateWithException(validator, user); + deptService.checkDeptDataScope(user.getDeptId()); + String password = configService.selectConfigByKey("sys.user.initPassword"); user.setPassword(Md5Utils.hash(user.getLoginName() + password)); user.setCreateBy(operName); userMapper.insertUser(user); @@ -508,6 +513,7 @@ public class SysUserServiceImpl implements ISysUserService BeanValidators.validateWithException(validator, user); checkUserAllowed(u); checkUserDataScope(u.getUserId()); + deptService.checkDeptDataScope(user.getDeptId()); user.setUserId(u.getUserId()); user.setUpdateBy(operName); userMapper.updateUser(user);