修复数据权限问题

2022-05-30 14:55:01 +08:00 · 2022-05-30 14:55:01 +08:00 · 070eabed14
parent d6a6c1b826
commit 070eabed14
7 changed files with 23 additions and 11 deletions
--- a/fast-boot-framework/src/main/java/net/maku/framework/common/service/impl/BaseServiceImpl.java
+++ b/fast-boot-framework/src/main/java/net/maku/framework/common/service/impl/BaseServiceImpl.java
@ -47,15 +47,21 @@ public class BaseServiceImpl<M extends BaseMapper<T>, T>  extends ServiceImpl<M,
    /**
     * 原生SQL 数据权限
     * @param tableAlias 表别名，多表关联时，需要填写表别名
+     * @param orgIdAlias 机构ID别名，null：表示org_id
     * @return 返回数据权限
     */
-    protected DataScope getDataScope(String tableAlias)  {
+    protected DataScope getDataScope(String tableAlias, String orgIdAlias)  {
        UserDetail user = SecurityUser.getUser();
        // 如果是超级管理员，则不进行数据过滤
        if(user.getSuperAdmin().equals(Constant.SUPER_ADMIN)) {
            return null;
        }

+        // 如果为null，则设置成空字符串
+        if(tableAlias == null){
+            tableAlias = "";
+        }
+
        // 获取表的别名
        if(StringUtils.isNotBlank(tableAlias)){
            tableAlias +=  ".";
@ -72,7 +78,10 @@ public class BaseServiceImpl<M extends BaseMapper<T>, T>  extends ServiceImpl<M,
        }
        // 数据过滤
        if(dataScopeList.size() > 0){
-            sqlFilter.append(tableAlias).append("org_id");
+            if(StringUtils.isBlank(orgIdAlias)){
+                orgIdAlias = "org_id";
+            }
+            sqlFilter.append(tableAlias).append(orgIdAlias);

            sqlFilter.append(" in(").append(StrUtil.join(",", dataScopeList)).append(")");

@ -91,7 +100,7 @@ public class BaseServiceImpl<M extends BaseMapper<T>, T>  extends ServiceImpl<M,
     * MyBatis-Plus 数据权限
     */
    protected void dataScopeWrapper(QueryWrapper<T> queryWrapper)  {
-        DataScope dataScope = getDataScope(null);
+        DataScope dataScope = getDataScope(null, null);
        if (dataScope != null){
            queryWrapper.apply(dataScope.getSqlFilter());
        }
--- a/fast-boot-system/src/main/java/net/maku/security/service/FastUserDetailsService.java
+++ b/fast-boot-system/src/main/java/net/maku/security/service/FastUserDetailsService.java
@ -90,6 +90,9 @@ public class FastUserDetailsService implements UserDetailsService {
            dataScopeList.addAll(sysRoleDataScopeDao.getDataScopeList(userDetail.getId()));

            return dataScopeList;
+        } else if (dataScope.equals(DataScopeEnum.CUSTOM.getValue())) {
+            // 自定义数据权限范围
+            return sysRoleDataScopeDao.getDataScopeList(userDetail.getId());
        }

        return new ArrayList<>();
--- a/fast-boot-system/src/main/java/net/maku/system/service/impl/SysOrgServiceImpl.java
+++ b/fast-boot-system/src/main/java/net/maku/system/service/impl/SysOrgServiceImpl.java
@ -36,7 +36,7 @@ public class SysOrgServiceImpl extends BaseServiceImpl<SysOrgDao, SysOrgEntity>
 		Map<String, Object> params = new HashMap<>();

 		// 数据权限
-		params.put(Constant.DATA_SCOPE, getDataScope("t1"));
+		params.put(Constant.DATA_SCOPE, getDataScope("t1", "id"));

 		// 机构列表
 		List<SysOrgEntity> entityList = baseMapper.getList(params);
--- a/fast-boot-system/src/main/java/net/maku/system/service/impl/SysRoleServiceImpl.java
+++ b/fast-boot-system/src/main/java/net/maku/system/service/impl/SysRoleServiceImpl.java
@ -9,6 +9,7 @@ import net.maku.framework.common.service.impl.BaseServiceImpl;
 import net.maku.system.convert.SysRoleConvert;
 import net.maku.system.dao.SysRoleDao;
 import net.maku.system.entity.SysRoleEntity;
+import net.maku.system.enums.DataScopeEnum;
 import net.maku.system.service.SysRoleDataScopeService;
 import net.maku.system.service.SysRoleMenuService;
 import net.maku.system.service.SysRoleService;
@ -62,6 +63,7 @@ public class SysRoleServiceImpl extends BaseServiceImpl<SysRoleDao, SysRoleEntit
 		SysRoleEntity entity = SysRoleConvert.INSTANCE.convert(vo);

 		// 保存角色
+		entity.setDataScope(DataScopeEnum.CUSTOM.getValue());
 		baseMapper.insert(entity);

 		// 保存角色菜单关系
--- a/fast-boot-system/src/main/java/net/maku/system/service/impl/SysUserServiceImpl.java
+++ b/fast-boot-system/src/main/java/net/maku/system/service/impl/SysUserServiceImpl.java
@ -55,7 +55,7 @@ public class SysUserServiceImpl extends BaseServiceImpl<SysUserDao, SysUserEntit
        params.put("gender", query.getGender());

        // 数据权限
-        params.put(Constant.DATA_SCOPE, getDataScope("t1"));
+        params.put(Constant.DATA_SCOPE, getDataScope("t1", null));

        return params;
    }
--- a/fast-boot-system/src/main/resources/mapper/SysMenuDao.xml
+++ b/fast-boot-system/src/main/resources/mapper/SysMenuDao.xml
@ -15,7 +15,7 @@
 		select t3.* from sys_user_role t1
 			left join sys_role_menu t2 on t1.role_id = t2.role_id
 			left join sys_menu t3 on t2.menu_id = t3.id
-		where t1.user_id = #{userId} and t3.deleted = 0
+		where t1.user_id = #{userId} and t1.deleted = 0 and t3.deleted = 0
 		<if test="type != null">
 			and t3.type = #{type}
 		</if>
@ -23,9 +23,10 @@
 	</select>

 	<select id="getUserAuthorityList" resultType="string">
-		select t3.authority from sys_user_role t1 left join sys_role_menu t2 on t1.role_id = t2.role_id
+		select t3.authority from sys_user_role t1
+		    left join sys_role_menu t2 on t1.role_id = t2.role_id
 			left join sys_menu t3 on t2.menu_id = t3.id
-		where t1.user_id = #{userId} and t3.deleted = 0 order by t3.sort asc
+		where t1.user_id = #{userId} and t1.deleted = 0 and t3.deleted = 0 order by t3.sort asc
 	</select>

 	<select id="getAuthorityList" resultType="string">
--- a/fast-boot-system/src/main/resources/mapper/SysUserDao.xml
+++ b/fast-boot-system/src/main/resources/mapper/SysUserDao.xml
@ -15,9 +15,6 @@
 		<if test="gender != null">
 			and t1.gender = #{gender}
 		</if>
-		<if test="dataScope != null">
-			${dataScope}
-		</if>
 	</select>

 	<select id="getById" resultType="net.maku.system.entity.SysUserEntity">