瀏覽代碼

update 修改时检查用户数据权限范围

疯狂的狮子li 3 年之前
父節點
當前提交
0c438ad8e9

+ 3 - 7
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java

@@ -10,7 +10,6 @@ import com.ruoyi.common.core.domain.entity.SysDept;
 import com.ruoyi.common.core.domain.entity.SysRole;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.mybatisplus.core.ServicePlusImpl;
-import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.exception.ServiceException;
 import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
@@ -179,15 +178,12 @@ public class SysDeptServiceImpl extends ServicePlusImpl<SysDeptMapper, SysDept,
      * @param deptId 部门id
      */
     @Override
-    public void checkDeptDataScope(Long deptId)
-    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()))
-        {
+    public void checkDeptDataScope(Long deptId) {
+        if (!SysUser.isAdmin(SecurityUtils.getUserId())) {
             SysDept dept = new SysDept();
             dept.setDeptId(deptId);
             List<SysDept> depts = SpringUtils.getAopProxy(this).selectDeptList(dept);
-            if (StringUtils.isEmpty(depts))
-            {
+            if (StringUtils.isEmpty(depts)) {
                 throw new ServiceException("没有权限访问部门数据!");
             }
         }

+ 3 - 6
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java

@@ -184,15 +184,12 @@ public class SysRoleServiceImpl extends ServicePlusImpl<SysRoleMapper, SysRole,
      * @param roleId 角色id
      */
     @Override
-    public void checkRoleDataScope(Long roleId)
-    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()))
-        {
+    public void checkRoleDataScope(Long roleId) {
+        if (!SysUser.isAdmin(SecurityUtils.getUserId())) {
             SysRole role = new SysRole();
             role.setRoleId(roleId);
             List<SysRole> roles = SpringUtils.getAopProxy(this).selectRoleList(role);
-            if (StringUtils.isEmpty(roles))
-            {
+            if (StringUtils.isEmpty(roles)) {
                 throw new ServiceException("没有权限访问角色数据!");
             }
         }

+ 3 - 6
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java

@@ -223,15 +223,12 @@ public class SysUserServiceImpl extends ServicePlusImpl<SysUserMapper, SysUser,
      * @param userId 用户id
      */
     @Override
-    public void checkUserDataScope(Long userId)
-    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()))
-        {
+    public void checkUserDataScope(Long userId) {
+        if (!SysUser.isAdmin(SecurityUtils.getUserId())) {
             SysUser user = new SysUser();
             user.setUserId(userId);
             List<SysUser> users = SpringUtils.getAopProxy(this).selectUserList(user);
-            if (StringUtils.isEmpty(users))
-            {
+            if (StringUtils.isEmpty(users)) {
                 throw new ServiceException("没有权限访问用户数据!");
             }
         }

+ 3 - 0
ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml

@@ -42,6 +42,9 @@
     <select id="selectPageRoleList" parameterType="SysRole" resultMap="SysRoleResult">
         <include refid="selectRoleVo"/>
         where r.del_flag = '0'
+        <if test="role.roleId != null and role.roleId != 0">
+            AND r.role_id = #{role.roleId}
+        </if>
         <if test="role.roleName != null and role.roleName != ''">
             AND r.role_name like concat('%', #{role.roleName}, '%')
         </if>

+ 3 - 0
ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml

@@ -86,6 +86,9 @@
         sys_user u
         left join sys_dept d on u.dept_id = d.dept_id
         where u.del_flag = '0'
+        <if test="user.userId != null and user.userId != 0">
+            AND u.user_id = #{user.userId}
+        </if>
         <if test="user.userName != null and user.userName != ''">
             AND u.user_name like concat('%', #{user.userName}, '%')
         </if>