From 4e8dd706d568d1276ad82a0bf8f4ba13c5dac5ef Mon Sep 17 00:00:00 2001
From: 0慕容雪0 <ytu.mxh@163.com>
Date: Fri, 10 Mar 2023 16:22:35 +0800
Subject: [PATCH] update ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java. DataScopeAspect,数据权限切面处理类中,用户多角色情况下,若所有角色都不包含传递过来的权限字符,这个时候sqlString也会为空,会导致用户拥有全部数据权限,所以要限制一下, 可以根据conditions集合是否为空,来判断循环时所有角色是否都是在判断权限字符时continue了。 复现方法: 在使用@DataScope注解时permission定义了值,这个值所有角色不包含。
---
ruoyi-generator/src/main/resources/vm/xml/mapper.xml.vm | 18 +++++++++---------
1 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/ruoyi-generator/src/main/resources/vm/xml/mapper.xml.vm b/ruoyi-generator/src/main/resources/vm/xml/mapper.xml.vm
index 6d0954e..5b704e7 100644
--- a/ruoyi-generator/src/main/resources/vm/xml/mapper.xml.vm
+++ b/ruoyi-generator/src/main/resources/vm/xml/mapper.xml.vm
@@ -23,7 +23,7 @@
#end
<sql id="select${ClassName}Vo">
- select#foreach($column in $columns) $column.columnName#if($velocityCount != $columns.size()),#end#end from ${tableName}
+ select#foreach($column in $columns) $column.columnName#if($foreach.count != $columns.size()),#end#end from ${tableName}
</sql>
<select id="select${ClassName}List" parameterType="${ClassName}" resultMap="${ClassName}Result">
@@ -58,13 +58,13 @@
</where>
</select>
- <select id="select${ClassName}ById" parameterType="${pkColumn.javaType}" resultMap="#if($table.sub)${ClassName}${subClassName}Result#else${ClassName}Result#end">
+ <select id="select${ClassName}By${pkColumn.capJavaField}" parameterType="${pkColumn.javaType}" resultMap="#if($table.sub)${ClassName}${subClassName}Result#else${ClassName}Result#end">
#if($table.crud || $table.tree)
<include refid="select${ClassName}Vo"/>
where ${pkColumn.columnName} = #{${pkColumn.javaField}}
#elseif($table.sub)
- select#foreach($column in $columns) a.$column.columnName#if($velocityCount != $columns.size()),#end#end,
- #foreach($column in $subTable.columns) b.$column.columnName as sub_$column.columnName#if($velocityCount != $subTable.columns.size()),#end#end
+ select#foreach($column in $columns) a.$column.columnName#if($foreach.count != $columns.size()),#end#end,
+ #foreach($column in $subTable.columns) b.$column.columnName as sub_$column.columnName#if($foreach.count != $subTable.columns.size()),#end#end
from ${tableName} a
left join ${subTableName} b on b.${subTableFkName} = a.${pkColumn.columnName}
@@ -102,11 +102,11 @@
where ${pkColumn.columnName} = #{${pkColumn.javaField}}
</update>
- <delete id="delete${ClassName}ById" parameterType="${pkColumn.javaType}">
+ <delete id="delete${ClassName}By${pkColumn.capJavaField}" parameterType="${pkColumn.javaType}">
delete from ${tableName} where ${pkColumn.columnName} = #{${pkColumn.javaField}}
</delete>
- <delete id="delete${ClassName}ByIds" parameterType="String">
+ <delete id="delete${ClassName}By${pkColumn.capJavaField}s" parameterType="String">
delete from ${tableName} where ${pkColumn.columnName} in
<foreach item="${pkColumn.javaField}" collection="array" open="(" separator="," close=")">
#{${pkColumn.javaField}}
@@ -121,14 +121,14 @@
</foreach>
</delete>
- <delete id="delete${subClassName}By${subTableFkClassName}" parameterType="Long">
+ <delete id="delete${subClassName}By${subTableFkClassName}" parameterType="${pkColumn.javaType}">
delete from ${subTableName} where ${subTableFkName} = #{${subTableFkclassName}}
</delete>
<insert id="batch${subClassName}">
- insert into ${subTableName}(#foreach($column in $subTable.columns) $column.columnName#if($velocityCount != $subTable.columns.size()),#end#end) values
+ insert into ${subTableName}(#foreach($column in $subTable.columns) $column.columnName#if($foreach.count != $subTable.columns.size()),#end#end) values
<foreach item="item" index="index" collection="list" separator=",">
- (#foreach($column in $subTable.columns) #{item.$column.javaField}#if($velocityCount != $subTable.columns.size()),#end#end)
+ (#foreach($column in $subTable.columns) #{item.$column.javaField}#if($foreach.count != $subTable.columns.size()),#end#end)
</foreach>
</insert>
#end
--
Gitblit v1.9.2