From d4a8c25eab57922275c71acf98f425dd198a8f7b Mon Sep 17 00:00:00 2001 From: AprilWind <2100166581@qq.com> Date: Fri, 4 Jul 2025 16:53:18 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E4=BC=98=E5=8C=96=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dromara/system/mapper/SysPostMapper.java | 18 ++++- .../dromara/system/mapper/SysRoleMapper.java | 16 +++- .../service/impl/SysRoleServiceImpl.java | 9 +++ .../service/impl/SysUserServiceImpl.java | 74 +++++++++++-------- 4 files changed, 82 insertions(+), 35 deletions(-) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java index 679ebacc7..d8d03157a 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java @@ -34,10 +34,10 @@ public interface SysPostMapper extends BaseMapperPlus { } /** - * 分页查询岗位列表 + * 查询岗位列表 * * @param queryWrapper 查询条件 - * @return 包含岗位信息的分页结果 + * @return 岗位信息列表 */ @DataPermission({ @DataColumn(key = "deptName", value = "dept_id"), @@ -47,6 +47,20 @@ public interface SysPostMapper extends BaseMapperPlus { return this.selectVoList(queryWrapper); } + /** + * 根据岗位ID集合查询岗位数量 + * + * @param postIds 岗位ID列表 + * @return 匹配的岗位数量 + */ + @DataPermission({ + @DataColumn(key = "deptName", value = "dept_id"), + @DataColumn(key = "userName", value = "create_by") + }) + default long selectPostCount(List postIds) { + return this.selectCount(new LambdaQueryWrapper().in(SysPost::getPostId, postIds)); + } + /** * 根据用户ID查询其关联的岗位列表 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java index 41e25039e..b439ec7ef 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java @@ -48,7 +48,7 @@ public interface SysRoleMapper extends BaseMapperPlus { } /** - * 根据条件分页查询角色数据 + * 根据条件查询角色数据 * * @param queryWrapper 查询条件 * @return 角色数据集合信息 @@ -61,6 +61,20 @@ public interface SysRoleMapper extends BaseMapperPlus { return this.selectVoList(queryWrapper); } + /** + * 根据角色ID集合查询角色数量 + * + * @param roleIds 角色ID列表 + * @return 匹配的角色数量 + */ + @DataPermission({ + @DataColumn(key = "deptName", value = "create_dept"), + @DataColumn(key = "userName", value = "create_by") + }) + default long selectRoleCount(List roleIds) { + return this.selectCount(new LambdaQueryWrapper().in(SysRole::getRoleId, roleIds)); + } + /** * 根据角色ID查询角色信息 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java index dc47059f6..d6f1e7e79 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java @@ -441,6 +441,9 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService { */ @Override public int deleteAuthUser(SysUserRole userRole) { + if (LoginHelper.getUserId().equals(userRole.getUserId())) { + throw new ServiceException("不允许修改当前用户角色!"); + } int rows = userRoleMapper.delete(new LambdaQueryWrapper() .eq(SysUserRole::getRoleId, userRole.getRoleId()) .eq(SysUserRole::getUserId, userRole.getUserId())); @@ -460,6 +463,9 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService { @Override public int deleteAuthUsers(Long roleId, Long[] userIds) { List ids = List.of(userIds); + if (ids.contains(LoginHelper.getUserId())) { + throw new ServiceException("不允许修改当前用户角色!"); + } int rows = userRoleMapper.delete(new LambdaQueryWrapper() .eq(SysUserRole::getRoleId, roleId) .in(SysUserRole::getUserId, ids)); @@ -481,6 +487,9 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService { // 新增用户与角色管理 int rows = 1; List ids = List.of(userIds); + if (ids.contains(LoginHelper.getUserId())) { + throw new ServiceException("不允许修改当前用户角色!"); + } List list = StreamUtils.toList(ids, userId -> { SysUserRole ur = new SysUserRole(); ur.setUserId(userId); diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java index ae2bd84c6..475c46793 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java @@ -22,7 +22,9 @@ import org.dromara.common.core.utils.*; import org.dromara.common.mybatis.core.page.PageQuery; import org.dromara.common.mybatis.core.page.TableDataInfo; import org.dromara.common.satoken.utils.LoginHelper; -import org.dromara.system.domain.*; +import org.dromara.system.domain.SysUser; +import org.dromara.system.domain.SysUserPost; +import org.dromara.system.domain.SysUserRole; import org.dromara.system.domain.bo.SysUserBo; import org.dromara.system.domain.vo.SysPostVo; import org.dromara.system.domain.vo.SysRoleVo; @@ -454,23 +456,25 @@ public class SysUserServiceImpl implements ISysUserService, UserService { return; } List postIds = Arrays.asList(postIdArr); - // 判断是否具有此角色的操作权限 - List posts = postMapper.selectPostList( - new LambdaQueryWrapper().in(SysPost::getPostId, postIds)); - if (CollUtil.isEmpty(posts) || posts.size() != postIds.size()) { + + // 校验是否有权限操作这些岗位(含数据权限控制) + if (postMapper.selectPostCount(postIds) != postIds.size()) { throw new ServiceException("没有权限访问岗位的数据"); } + + // 是否清除旧的用户岗位绑定 if (clear) { - // 删除用户与岗位关联 userPostMapper.delete(new LambdaQueryWrapper().eq(SysUserPost::getUserId, user.getUserId())); } - // 新增用户与岗位管理 - List list = StreamUtils.toList(postIds, postId -> { - SysUserPost up = new SysUserPost(); - up.setUserId(user.getUserId()); - up.setPostId(postId); - return up; - }); + + // 构建用户岗位关联列表并批量插入 + List list = StreamUtils.toList(postIds, + postId -> { + SysUserPost up = new SysUserPost(); + up.setUserId(user.getUserId()); + up.setPostId(postId); + return up; + }); userPostMapper.insertBatch(list); } @@ -482,30 +486,36 @@ public class SysUserServiceImpl implements ISysUserService, UserService { * @param clear 清除已存在的关联数据 */ private void insertUserRole(Long userId, Long[] roleIds, boolean clear) { - if (ArrayUtil.isNotEmpty(roleIds)) { - List roleList = new ArrayList<>(List.of(roleIds)); - if (!LoginHelper.isSuperAdmin(userId)) { - roleList.remove(SystemConstants.SUPER_ADMIN_ID); - } - // 判断是否具有此角色的操作权限 - List roles = roleMapper.selectRoleList( - new LambdaQueryWrapper().in(SysRole::getRoleId, roleList)); - if (CollUtil.isEmpty(roles) || roles.size() != roleList.size()) { - throw new ServiceException("没有权限访问角色的数据"); - } - if (clear) { - // 删除用户与角色关联 - userRoleMapper.delete(new LambdaQueryWrapper().eq(SysUserRole::getUserId, userId)); - } - // 新增用户与角色管理 - List list = StreamUtils.toList(roleList, roleId -> { + if (ArrayUtil.isEmpty(roleIds)) { + return; + } + + List roleList = new ArrayList<>(Arrays.asList(roleIds)); + + // 非超级管理员,禁止包含超级管理员角色 + if (!LoginHelper.isSuperAdmin(userId)) { + roleList.remove(SystemConstants.SUPER_ADMIN_ID); + } + + // 校验是否有权限访问这些角色(含数据权限控制) + if (roleMapper.selectRoleCount(roleList) != roleList.size()) { + throw new ServiceException("没有权限访问角色的数据"); + } + + // 是否清除原有绑定 + if (clear) { + userRoleMapper.delete(new LambdaQueryWrapper().eq(SysUserRole::getUserId, userId)); + } + + // 批量插入用户-角色关联 + List list = StreamUtils.toList(roleList, + roleId -> { SysUserRole ur = new SysUserRole(); ur.setUserId(userId); ur.setRoleId(roleId); return ur; }); - userRoleMapper.insertBatch(list); - } + userRoleMapper.insertBatch(list); } /**