From 34bb51f5c0d35bdc79f839a25154cdf23d87babd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90Li?= <15040126243@163.com> Date: Fri, 4 Jul 2025 15:29:51 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E4=BC=98=E5=8C=96=20=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E5=B2=97=E4=BD=8D=E4=BF=AE=E6=94=B9=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dromara/system/mapper/SysPostMapper.java | 14 ++++++++++++++ .../system/mapper/SysUserRoleMapper.java | 3 +-- .../system/service/impl/SysUserServiceImpl.java | 17 ++++++++++------- 3 files changed, 25 insertions(+), 9 deletions(-) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java index 876de61b6..c244f40f9 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java @@ -33,6 +33,20 @@ public interface SysPostMapper extends BaseMapperPlus { return this.selectVoPage(page, queryWrapper); } + /** + * 分页查询岗位列表 + * + * @param queryWrapper 查询条件 + * @return 包含岗位信息的分页结果 + */ + @DataPermission({ + @DataColumn(key = "deptName", value = "dept_id"), + @DataColumn(key = "userName", value = "create_by") + }) + default List selectPostList(Wrapper queryWrapper) { + return this.selectVoList(queryWrapper); + } + /** * 查询用户所属岗位组 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java index e7c6ae38a..4c1c8b9df 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java @@ -21,8 +21,7 @@ public interface SysUserRoleMapper extends BaseMapperPlus selectUserIdsByRoleId(Long roleId) { return this.selectObjs(new LambdaQueryWrapper() - .select(SysUserRole::getUserId).inSql(SysUserRole::getRoleId, - "select role_id from sys_role where role_id = " + roleId) + .select(SysUserRole::getUserId).eq(SysUserRole::getRoleId, roleId) ); } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java index 697d9f2c1..65f6de280 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java @@ -22,10 +22,7 @@ import org.dromara.common.core.utils.*; import org.dromara.common.mybatis.core.page.PageQuery; import org.dromara.common.mybatis.core.page.TableDataInfo; import org.dromara.common.satoken.utils.LoginHelper; -import org.dromara.system.domain.SysRole; -import org.dromara.system.domain.SysUser; -import org.dromara.system.domain.SysUserPost; -import org.dromara.system.domain.SysUserRole; +import org.dromara.system.domain.*; import org.dromara.system.domain.bo.SysUserBo; import org.dromara.system.domain.vo.SysPostVo; import org.dromara.system.domain.vo.SysRoleVo; @@ -452,14 +449,20 @@ public class SysUserServiceImpl implements ISysUserService, UserService { * @param clear 清除已存在的关联数据 */ private void insertUserPost(SysUserBo user, boolean clear) { - Long[] posts = user.getPostIds(); - if (ArrayUtil.isNotEmpty(posts)) { + List postIds = List.of(user.getPostIds()); + if (ArrayUtil.isNotEmpty(postIds)) { + // 判断是否具有此角色的操作权限 + List posts = postMapper.selectPostList( + new LambdaQueryWrapper().in(SysPost::getPostId, postIds)); + if (CollUtil.isEmpty(posts) || posts.size() != postIds.size()) { + throw new ServiceException("没有权限访问岗位的数据"); + } if (clear) { // 删除用户与岗位关联 userPostMapper.delete(new LambdaQueryWrapper().eq(SysUserPost::getUserId, user.getUserId())); } // 新增用户与岗位管理 - List list = StreamUtils.toList(List.of(posts), postId -> { + List list = StreamUtils.toList(postIds, postId -> { SysUserPost up = new SysUserPost(); up.setUserId(user.getUserId()); up.setPostId(postId);