From f46b1bbebd55e2eb55943ca9354959c36563c4e5 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Wed, 29 May 2024 14:48:03 +0800
Subject: [PATCH] 限制用户操作数据权限范围
---
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java | 30 ++++++++++++++++++++----------
1 files changed, 20 insertions(+), 10 deletions(-)
diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
index bf4ca17..3f4dba2 100644
--- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
@@ -28,6 +28,7 @@
import com.ruoyi.system.mapper.SysUserPostMapper;
import com.ruoyi.system.mapper.SysUserRoleMapper;
import com.ruoyi.system.service.ISysConfigService;
+import com.ruoyi.system.service.ISysDeptService;
import com.ruoyi.system.service.ISysUserService;
/**
@@ -57,6 +58,9 @@
@Autowired
private ISysConfigService configService;
+
+ @Autowired
+ private ISysDeptService deptService;
@Autowired
protected Validator validator;
@@ -161,14 +165,15 @@
/**
* 校验用户名称是否唯一
*
- * @param userName 用户名称
+ * @param user 用户信息
* @return 结果
*/
@Override
- public String checkUserNameUnique(String userName)
+ public boolean checkUserNameUnique(SysUser user)
{
- int count = userMapper.checkUserNameUnique(userName);
- if (count > 0)
+ Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
+ SysUser info = userMapper.checkUserNameUnique(user.getUserName());
+ if (StringUtils.isNotNull(info) && info.getUserId().longValue() != userId.longValue())
{
return UserConstants.NOT_UNIQUE;
}
@@ -182,7 +187,7 @@
* @return
*/
@Override
- public String checkPhoneUnique(SysUser user)
+ public boolean checkPhoneUnique(SysUser user)
{
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkPhoneUnique(user.getPhonenumber());
@@ -200,7 +205,7 @@
* @return
*/
@Override
- public String checkEmailUnique(SysUser user)
+ public boolean checkEmailUnique(SysUser user)
{
Long userId = StringUtils.isNull(user.getUserId()) ? -1L : user.getUserId();
SysUser info = userMapper.checkEmailUnique(user.getEmail());
@@ -381,7 +386,7 @@
*/
public void insertUserRole(SysUser user)
{
- this.insertUserRole(user.getUserId, user.getRoleIds());
+ this.insertUserRole(user.getUserId(), user.getRoleIds());
}
/**
@@ -488,7 +493,6 @@
int failureNum = 0;
StringBuilder successMsg = new StringBuilder();
StringBuilder failureMsg = new StringBuilder();
- String password = configService.selectConfigByKey("sys.user.initPassword");
for (SysUser user : userList)
{
try
@@ -498,17 +502,23 @@
if (StringUtils.isNull(u))
{
BeanValidators.validateWithException(validator, user);
+ deptService.checkDeptDataScope(user.getDeptId());
+ String password = configService.selectConfigByKey("sys.user.initPassword");
user.setPassword(SecurityUtils.encryptPassword(password));
user.setCreateBy(operName);
- this.insertUser(user);
+ userMapper.insertUser(user);
successNum++;
successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 导入成功");
}
else if (isUpdateSupport)
{
BeanValidators.validateWithException(validator, user);
+ checkUserAllowed(u);
+ checkUserDataScope(u.getUserId());
+ deptService.checkDeptDataScope(user.getDeptId());
+ user.setUserId(u.getUserId());
user.setUpdateBy(operName);
- this.updateUser(user);
+ userMapper.updateUser(user);
successNum++;
successMsg.append("<br/>" + successNum + "、账号 " + user.getUserName() + " 更新成功");
}
--
Gitblit v1.9.2