update 优化校验角色是否有数据权限
This commit is contained in:
parent
f3c4c02d73
commit
a7cddc8d40
@ -1,13 +1,16 @@
|
||||
package org.dromara.system.mapper;
|
||||
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import com.baomidou.mybatisplus.core.conditions.Wrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Constants;
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import org.apache.ibatis.annotations.Param;
|
||||
import org.dromara.common.core.exception.ServiceException;
|
||||
import org.dromara.common.mybatis.annotation.DataColumn;
|
||||
import org.dromara.common.mybatis.annotation.DataPermission;
|
||||
import org.dromara.common.mybatis.core.mapper.BaseMapperPlus;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.system.domain.SysRole;
|
||||
import org.dromara.system.domain.vo.SysRoleVo;
|
||||
|
||||
@ -75,6 +78,21 @@ public interface SysRoleMapper extends BaseMapperPlus<SysRole, SysRoleVo> {
|
||||
return this.selectCount(new LambdaQueryWrapper<SysRole>().in(SysRole::getRoleId, roleIds));
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验角色是否有数据权限
|
||||
*
|
||||
* @param roleIds 角色ID列表(支持传单个ID)
|
||||
*/
|
||||
default void checkRoleDataScope(List<Long> roleIds) {
|
||||
if (CollUtil.isEmpty(roleIds) || LoginHelper.isSuperAdmin()) {
|
||||
return;
|
||||
}
|
||||
long count = this.selectRoleCount(roleIds);
|
||||
if (count != roleIds.size()) {
|
||||
throw new ServiceException("没有权限访问部分角色数据!");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据角色ID查询角色信息
|
||||
*
|
||||
|
@ -254,12 +254,7 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService {
|
||||
if (ObjectUtil.isNull(roleId)) {
|
||||
return;
|
||||
}
|
||||
if (LoginHelper.isSuperAdmin()) {
|
||||
return;
|
||||
}
|
||||
if (baseMapper.selectRoleCount(Collections.singletonList(roleId)) == 0) {
|
||||
throw new ServiceException("没有权限访问角色数据!");
|
||||
}
|
||||
baseMapper.checkRoleDataScope(Collections.singletonList(roleId));
|
||||
}
|
||||
|
||||
/**
|
||||
@ -417,9 +412,9 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService {
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public int deleteRoleByIds(List<Long> roleIds) {
|
||||
List<SysRole> roles = baseMapper.selectByIds(roleIds);
|
||||
baseMapper.checkRoleDataScope(roleIds);
|
||||
for (SysRole role : roles) {
|
||||
checkRoleAllowed(BeanUtil.toBean(role, SysRoleBo.class));
|
||||
checkRoleDataScope(role.getRoleId());
|
||||
if (countUserRoleByRoleId(role.getRoleId()) > 0) {
|
||||
throw new ServiceException(String.format("%1$s已分配,不能删除!", role.getRoleName()));
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user