From e52092c6d4d34e345077f124218cac9b0bc9fab2 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Tue, 24 Aug 2021 16:00:39 +0800
Subject: [PATCH] 修改时检查用户数据权限范围
---
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java | 52 +++++++++++++++++++++++++++++++++++++++++-----------
1 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
index d32e033..a2c3b5b 100644
--- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
+++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
@@ -10,9 +10,15 @@
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.domain.TreeSelect;
import com.ruoyi.common.core.domain.entity.SysDept;
-import com.ruoyi.common.exception.CustomException;
+import com.ruoyi.common.core.domain.entity.SysRole;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.core.text.Convert;
+import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.system.mapper.SysDeptMapper;
+import com.ruoyi.system.mapper.SysRoleMapper;
import com.ruoyi.system.service.ISysDeptService;
/**
@@ -25,6 +31,9 @@
{
@Autowired
private SysDeptMapper deptMapper;
+
+ @Autowired
+ private SysRoleMapper roleMapper;
/**
* 查询部门管理数据
@@ -93,7 +102,8 @@
@Override
public List<Integer> selectDeptListByRoleId(Long roleId)
{
- return deptMapper.selectDeptListByRoleId(roleId);
+ SysRole role = roleMapper.selectRoleById(roleId);
+ return deptMapper.selectDeptListByRoleId(roleId, role.isDeptCheckStrictly());
}
/**
@@ -165,6 +175,26 @@
}
/**
+ * 校验部门是否有数据权限
+ *
+ * @param deptId 部门id
+ */
+ @Override
+ public void checkDeptDataScope(Long deptId)
+ {
+ if (!SysUser.isAdmin(SecurityUtils.getUserId()))
+ {
+ SysDept dept = new SysDept();
+ dept.setDeptId(deptId);
+ List<SysDept> depts = SpringUtils.getAopProxy(this).selectDeptList(dept);
+ if (StringUtils.isEmpty(depts))
+ {
+ throw new ServiceException("没有权限访问部门数据!");
+ }
+ }
+ }
+
+ /**
* 新增保存部门信息
*
* @param dept 部门信息
@@ -177,7 +207,7 @@
// 如果父节点不为正常状态,则不允许新增子节点
if (!UserConstants.DEPT_NORMAL.equals(info.getStatus()))
{
- throw new CustomException("部门停用,不允许新增");
+ throw new ServiceException("部门停用,不允许新增");
}
dept.setAncestors(info.getAncestors() + "," + dept.getParentId());
return deptMapper.insertDept(dept);
@@ -202,10 +232,11 @@
updateDeptChildren(dept.getDeptId(), newAncestors, oldAncestors);
}
int result = deptMapper.updateDept(dept);
- if (UserConstants.DEPT_NORMAL.equals(dept.getStatus()))
+ if (UserConstants.DEPT_NORMAL.equals(dept.getStatus()) && StringUtils.isNotEmpty(dept.getAncestors())
+ && !StringUtils.equals("0", dept.getAncestors()))
{
// 如果该部门是启用状态,则启用该部门的所有上级部门
- updateParentDeptStatus(dept);
+ updateParentDeptStatusNormal(dept);
}
return result;
}
@@ -215,12 +246,11 @@
*
* @param dept 当前部门
*/
- private void updateParentDeptStatus(SysDept dept)
+ private void updateParentDeptStatusNormal(SysDept dept)
{
- String updateBy = dept.getUpdateBy();
- dept = deptMapper.selectDeptById(dept.getDeptId());
- dept.setUpdateBy(updateBy);
- deptMapper.updateDeptStatus(dept);
+ String ancestors = dept.getAncestors();
+ Long[] deptIds = Convert.toLongArray(ancestors);
+ deptMapper.updateDeptStatusNormal(deptIds);
}
/**
@@ -235,7 +265,7 @@
List<SysDept> children = deptMapper.selectChildrenDeptById(deptId);
for (SysDept child : children)
{
- child.setAncestors(child.getAncestors().replace(oldAncestors, newAncestors));
+ child.setAncestors(child.getAncestors().replaceFirst(oldAncestors, newAncestors));
}
if (children.size() > 0)
{
--
Gitblit v1.9.2