github
/
RuoYi
mirror of https://gitee.com/y_project/RuoYi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

修改时检查用户数据权限范围

pull/327/head
RuoYi 2021-08-24 15:27:04 +08:00
parent 44cb080932
commit f100ed7cca
13 changed files with 101 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
View File

@ -89,6 +89,7 @@ public class SysDeptController extends BaseController
@GetMapping("/edit/{deptId}")
public String edit(@PathVariable("deptId") Long deptId, ModelMap mmap)
{
deptService.checkDeptDataScope(deptId);
SysDept dept = deptService.selectDeptById(deptId);
if (StringUtils.isNotNull(dept) && 100L == deptId)
{

1
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
View File

@ -108,6 +108,7 @@ public class SysRoleController extends BaseController
@GetMapping("/edit/{roleId}")
public String edit(@PathVariable("roleId") Long roleId, ModelMap mmap)
{
roleService.checkRoleDataScope(roleId);
mmap.put("role", roleService.selectRoleById(roleId));
return prefix + "/edit";
}

1
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
View File

@ -149,6 +149,7 @@ public class SysUserController extends BaseController
@GetMapping("/edit/{userId}")
public String edit(@PathVariable("userId") Long userId, ModelMap mmap)
{
userService.checkUserDataScope(userId);
List<SysRole> roles = roleService.selectRolesByUserId(userId);
mmap.put("user", userService.selectUserById(userId));
mmap.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));

2
ruoyi-quartz/src/main/java/com/ruoyi/quartz/service/impl/SysJobServiceImpl.java
View File

@ -34,7 +34,7 @@ public class SysJobServiceImpl implements ISysJobService
/**
*
ID
* ID
*/
@PostConstruct
public void init() throws SchedulerException, TaskException

7
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysDeptService.java
View File

@ -107,4 +107,11 @@ public interface ISysDeptService
* @return
*/
public String checkDeptNameUnique(SysDept dept);
/**
*
*
* @param deptId id
*/
public void checkDeptDataScope(Long deptId);
}

7
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java
View File

@ -115,6 +115,13 @@ public interface ISysRoleService
*/
public void checkRoleAllowed(SysRole role);
/**
*
*
* @param roleId id
*/
public void checkRoleDataScope(Long roleId);
/**
* ID使
*

7
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java
View File

@ -171,6 +171,13 @@ public interface ISysUserService
*/
public void checkUserAllowed(SysUser user);
/**
*
*
* @param userId id
*/
public void checkUserDataScope(Long userId);
/**
* ID
*

23
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
View File

@ -12,9 +12,12 @@ import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.domain.Ztree;
import com.ruoyi.common.core.domain.entity.SysDept;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.ShiroUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.system.mapper.SysDeptMapper;
import com.ruoyi.system.service.ISysDeptService;
@ -309,4 +312,24 @@ public class SysDeptServiceImpl implements ISysDeptService
}
return UserConstants.DEPT_NAME_UNIQUE;
}
/**
*
*
* @param deptId id
*/
@Override
public void checkDeptDataScope(Long deptId)
{
if (!SysUser.isAdmin(ShiroUtils.getUserId()))
{
SysDept dept = new SysDept();
dept.setDeptId(deptId);
List<SysDept> depts = SpringUtils.getAopProxy(this).selectDeptList(dept);
if (StringUtils.isEmpty(depts))
{
throw new ServiceException("没有权限访问部门数据!");
}
}
}
}

22
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
View File

@ -11,8 +11,10 @@ import org.springframework.transaction.annotation.Transactional;
import com.ruoyi.common.annotation.DataScope;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.ShiroUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.system.domain.SysRoleDept;
@ -318,6 +320,26 @@ public class SysRoleServiceImpl implements ISysRoleService
}
}
/**
*
*
* @param roleId id
*/
@Override
public void checkRoleDataScope(Long roleId)
{
if (!SysUser.isAdmin(ShiroUtils.getUserId()))
{
SysRole role = new SysRole();
role.setRoleId(roleId);
List<SysRole> roles = SpringUtils.getAopProxy(this).selectRoleList(role);
if (StringUtils.isEmpty(roles))
{
throw new ServiceException("没有权限访问角色数据!");
}
}
}
/**
* ID使
*

22
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
View File

@ -13,8 +13,10 @@ import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.ShiroUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.security.Md5Utils;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.system.domain.SysPost;
import com.ruoyi.system.domain.SysUserPost;
import com.ruoyi.system.domain.SysUserRole;
@ -403,6 +405,26 @@ public class SysUserServiceImpl implements ISysUserService
}
}
/**
*
*
* @param userId id
*/
@Override
public void checkUserDataScope(Long userId)
{
if (!SysUser.isAdmin(ShiroUtils.getUserId()))
{
SysUser user = new SysUser();
user.setUserId(userId);
List<SysUser> users = SpringUtils.getAopProxy(this).selectUserList(user);
if (StringUtils.isEmpty(users))
{
throw new ServiceException("没有权限访问用户数据!");
}
}
}
/**
*
*

3
ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
View File

@ -38,6 +38,9 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
<select id="selectDeptList" parameterType="SysDept" resultMap="SysDeptResult">
<include refid="selectDeptVo"/>
where d.del_flag = '0'
<if test="deptId != null and deptId != 0">
AND dept_id = #{deptId}
</if>
<if test="parentId != null and parentId != 0">
AND parent_id = #{parentId}
</if>

3
ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
View File

@ -36,6 +36,9 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
<select id="selectRoleList" parameterType="SysRole" resultMap="SysRoleResult">
<include refid="selectRoleContactVo"/>
where r.del_flag = '0'
<if test="roleId != null and roleId != 0">
AND r.role_id = #{roleId}
</if>
<if test="roleName != null and roleName != ''">
AND r.role_name like concat('%', #{roleName}, '%')
</if>

3
ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml
View File

@ -62,6 +62,9 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
select u.user_id, u.dept_id, u.login_name, u.user_name, u.user_type, u.email, u.avatar, u.phonenumber, u.password, u.sex, u.salt, u.status, u.del_flag, u.login_ip, u.login_date, u.create_by, u.create_time, u.remark, d.dept_name, d.leader from sys_user u
left join sys_dept d on u.dept_id = d.dept_id
where u.del_flag = '0'
<if test="userId != null and userId != 0">
AND u.user_id = #{userId}
</if>
<if test="loginName != null and loginName != ''">
AND u.login_name like concat('%', #{loginName}, '%')
</if>