From a7cddc8d40896c0f9e5c455c350044d5e20dbc08 Mon Sep 17 00:00:00 2001 From: AprilWind <2100166581@qq.com> Date: Fri, 4 Jul 2025 18:52:29 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E4=BC=98=E5=8C=96=E6=A0=A1=E9=AA=8C?= =?UTF-8?q?=E8=A7=92=E8=89=B2=E6=98=AF=E5=90=A6=E6=9C=89=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dromara/system/mapper/SysRoleMapper.java | 18 ++++++++++++++++++ .../service/impl/SysRoleServiceImpl.java | 9 ++------- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java index 920780563..5599a3edb 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java @@ -1,13 +1,16 @@ package org.dromara.system.mapper; +import cn.hutool.core.collection.CollUtil; import com.baomidou.mybatisplus.core.conditions.Wrapper; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Constants; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import org.apache.ibatis.annotations.Param; +import org.dromara.common.core.exception.ServiceException; import org.dromara.common.mybatis.annotation.DataColumn; import org.dromara.common.mybatis.annotation.DataPermission; import org.dromara.common.mybatis.core.mapper.BaseMapperPlus; +import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.system.domain.SysRole; import org.dromara.system.domain.vo.SysRoleVo; @@ -75,6 +78,21 @@ public interface SysRoleMapper extends BaseMapperPlus { return this.selectCount(new LambdaQueryWrapper().in(SysRole::getRoleId, roleIds)); } + /** + * 校验角色是否有数据权限 + * + * @param roleIds 角色ID列表(支持传单个ID) + */ + default void checkRoleDataScope(List roleIds) { + if (CollUtil.isEmpty(roleIds) || LoginHelper.isSuperAdmin()) { + return; + } + long count = this.selectRoleCount(roleIds); + if (count != roleIds.size()) { + throw new ServiceException("没有权限访问部分角色数据!"); + } + } + /** * 根据角色ID查询角色信息 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java index ff0bc2311..8f69ff5d1 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java @@ -254,12 +254,7 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService { if (ObjectUtil.isNull(roleId)) { return; } - if (LoginHelper.isSuperAdmin()) { - return; - } - if (baseMapper.selectRoleCount(Collections.singletonList(roleId)) == 0) { - throw new ServiceException("没有权限访问角色数据!"); - } + baseMapper.checkRoleDataScope(Collections.singletonList(roleId)); } /** @@ -417,9 +412,9 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService { @Transactional(rollbackFor = Exception.class) public int deleteRoleByIds(List roleIds) { List roles = baseMapper.selectByIds(roleIds); + baseMapper.checkRoleDataScope(roleIds); for (SysRole role : roles) { checkRoleAllowed(BeanUtil.toBean(role, SysRoleBo.class)); - checkRoleDataScope(role.getRoleId()); if (countUserRoleByRoleId(role.getRoleId()) > 0) { throw new ServiceException(String.format("%1$s已分配,不能删除!", role.getRoleName())); }