hhyykk/RuoYi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

限制用户操作数据权限范围

Browse Source
This commit is contained in:
RuoYi
2024-05-29 12:19:57 +08:00
parent 61c2e96aaa
commit edb1c614d0
6 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java
View File

@ -118,9 +118,9 @@ public interface ISysRoleService
/**
* 校验角色是否有数据权限
*
* @param roleId 角色id
* @param roleIds 角色id
*/
public void checkRoleDataScope(Long roleId);
public void checkRoleDataScope(Long... roleIds);
/**
* 通过角色ID查询角色使用数量

2
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
View File

@ -314,7 +314,7 @@ public class SysDeptServiceImpl implements ISysDeptService
@Override
public void checkDeptDataScope(Long deptId)
{
if (!SysUser.isAdmin(ShiroUtils.getUserId()))
if (!SysUser.isAdmin(ShiroUtils.getUserId()) && StringUtils.isNotNull(deptId))
{
SysDept dept = new SysDept();
dept.setDeptId(deptId);

17
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
View File

@ -324,19 +324,22 @@ public class SysRoleServiceImpl implements ISysRoleService
/**
* 校验角色是否有数据权限
*
* @param roleId 角色id
* @param roleIds 角色id
*/
@Override
public void checkRoleDataScope(Long roleId)
public void checkRoleDataScope(Long... roleIds)
{
if (!SysUser.isAdmin(ShiroUtils.getUserId()))
{
SysRole role = new SysRole();
role.setRoleId(roleId);
List<SysRole> roles = SpringUtils.getAopProxy(this).selectRoleList(role);
if (StringUtils.isEmpty(roles))
for (Long roleId : roleIds)
{
throw new ServiceException("没有权限访问角色数据!");
SysRole role = new SysRole();
role.setRoleId(roleId);
List<SysRole> roles = SpringUtils.getAopProxy(this).selectRoleList(role);
if (StringUtils.isEmpty(roles))
{
throw new ServiceException("没有权限访问角色数据!");
}
}
}
}

8
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
View File

@ -30,6 +30,7 @@ import com.ruoyi.system.mapper.SysUserMapper;
import com.ruoyi.system.mapper.SysUserPostMapper;
import com.ruoyi.system.mapper.SysUserRoleMapper;
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ISysDeptService;
import com.ruoyi.system.service.ISysUserService;
/**
@ -60,6 +61,9 @@ public class SysUserServiceImpl implements ISysUserService
@Autowired
private ISysConfigService configService;
@Autowired
private ISysDeptService deptService;
@Autowired
protected Validator validator;
@ -487,7 +491,6 @@ public class SysUserServiceImpl implements ISysUserService
int failureNum = 0;
StringBuilder successMsg = new StringBuilder();
StringBuilder failureMsg = new StringBuilder();
String password = configService.selectConfigByKey("sys.user.initPassword");
for (SysUser user : userList)
{
try
@ -497,6 +500,8 @@ public class SysUserServiceImpl implements ISysUserService
if (StringUtils.isNull(u))
{
BeanValidators.validateWithException(validator, user);
deptService.checkDeptDataScope(user.getDeptId());
String password = configService.selectConfigByKey("sys.user.initPassword");
user.setPassword(Md5Utils.hash(user.getLoginName() + password));
user.setCreateBy(operName);
userMapper.insertUser(user);
@ -508,6 +513,7 @@ public class SysUserServiceImpl implements ISysUserService
BeanValidators.validateWithException(validator, user);
checkUserAllowed(u);
checkUserDataScope(u.getUserId());
deptService.checkDeptDataScope(user.getDeptId());
user.setUserId(u.getUserId());
user.setUpdateBy(operName);
userMapper.updateUser(user);