From 9b3767a954baba7bc62dd74f75c63c693eac4a2c Mon Sep 17 00:00:00 2001 From: RuoYi Date: Sun, 21 Aug 2022 22:53:57 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E5=A4=9A=E8=A7=92=E8=89=B2?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E5=8C=B9=E9=85=8D=E8=A7=84?= =?UTF-8?q?=E5=88=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/system/SysDeptController.java | 23 ------------------- .../controller/system/SysRoleController.java | 23 +++++++++++++++++-- .../controller/system/SysUserController.java | 15 ++++++++++++ .../ruoyi/common/annotation/DataScope.java | 5 ++++ .../ruoyi/common/constant/UserConstants.java | 5 ++++ .../common/core/domain/entity/SysRole.java | 16 ++++++++++++- .../framework/aspectj/DataScopeAspect.java | 13 ++++++++--- .../context/PermissionContextHolder.java | 21 +++++++++++++++++ .../web/service/PermissionService.java | 2 ++ .../web/service/SysPermissionService.java | 18 ++++++++++++++- .../ruoyi/system/mapper/SysMenuMapper.java | 8 +++++++ .../ruoyi/system/service/ISysDeptService.java | 8 +++++++ .../ruoyi/system/service/ISysMenuService.java | 8 +++++++ .../service/impl/SysDeptServiceImpl.java | 13 +++++++++++ .../service/impl/SysMenuServiceImpl.java | 21 +++++++++++++++++ .../resources/mapper/system/SysMenuMapper.xml | 8 +++++++ ruoyi-ui/src/api/system/dept.js | 16 ------------- ruoyi-ui/src/api/system/role.js | 10 +++++++- ruoyi-ui/src/api/system/user.js | 8 +++++++ ruoyi-ui/src/views/system/role/index.vue | 17 ++++---------- ruoyi-ui/src/views/system/user/index.vue | 11 ++++----- 21 files changed, 203 insertions(+), 66 deletions(-) create mode 100644 ruoyi-framework/src/main/java/com/ruoyi/framework/security/context/PermissionContextHolder.java diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java index 6ec2f3e..9262549 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java @@ -78,29 +78,6 @@ public class SysDeptController extends BaseController return AjaxResult.success(deptService.selectDeptById(deptId)); } - /** - * 获取部门下拉树列表 - */ - @GetMapping("/treeselect") - public AjaxResult treeselect(SysDept dept) - { - List depts = deptService.selectDeptList(dept); - return AjaxResult.success(deptService.buildDeptTreeSelect(depts)); - } - - /** - * 加载对应角色部门列表树 - */ - @GetMapping(value = "/roleDeptTreeselect/{roleId}") - public AjaxResult roleDeptTreeselect(@PathVariable("roleId") Long roleId) - { - List depts = deptService.selectDeptList(new SysDept()); - AjaxResult ajax = AjaxResult.success(); - ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId)); - ajax.put("depts", deptService.buildDeptTreeSelect(depts)); - return ajax; - } - /** * 新增部门 */ diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java index 10b62f1..76731f0 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java @@ -17,6 +17,7 @@ import com.ruoyi.common.annotation.Log; import com.ruoyi.common.constant.UserConstants; import com.ruoyi.common.core.controller.BaseController; import com.ruoyi.common.core.domain.AjaxResult; +import com.ruoyi.common.core.domain.entity.SysDept; import com.ruoyi.common.core.domain.entity.SysRole; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.domain.model.LoginUser; @@ -27,6 +28,7 @@ import com.ruoyi.common.utils.poi.ExcelUtil; import com.ruoyi.framework.web.service.SysPermissionService; import com.ruoyi.framework.web.service.TokenService; import com.ruoyi.system.domain.SysUserRole; +import com.ruoyi.system.service.ISysDeptService; import com.ruoyi.system.service.ISysRoleService; import com.ruoyi.system.service.ISysUserService; @@ -44,13 +46,16 @@ public class SysRoleController extends BaseController @Autowired private TokenService tokenService; - + @Autowired private SysPermissionService permissionService; - + @Autowired private ISysUserService userService; + @Autowired + private ISysDeptService deptService; + @PreAuthorize("@ss.hasPermi('system:role:list')") @GetMapping("/list") public TableDataInfo list(SysRole role) @@ -242,4 +247,18 @@ public class SysRoleController extends BaseController roleService.checkRoleDataScope(roleId); return toAjax(roleService.insertAuthUsers(roleId, userIds)); } + + /** + * 获取对应角色部门树列表 + */ + @PreAuthorize("@ss.hasPermi('system:role:list')") + @GetMapping(value = "/deptTree/{roleId}") + public AjaxResult deptTree(@PathVariable("roleId") Long roleId) + { + AjaxResult ajax = AjaxResult.success(); + ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId)); + ajax.put("depts", deptService.selectDeptTreeList(new SysDept())); + return ajax; + } + } diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java index 60d9de0..e9030e0 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java @@ -20,6 +20,7 @@ import com.ruoyi.common.annotation.Log; import com.ruoyi.common.constant.UserConstants; import com.ruoyi.common.core.controller.BaseController; import com.ruoyi.common.core.domain.AjaxResult; +import com.ruoyi.common.core.domain.entity.SysDept; import com.ruoyi.common.core.domain.entity.SysRole; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.page.TableDataInfo; @@ -27,6 +28,7 @@ import com.ruoyi.common.enums.BusinessType; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.poi.ExcelUtil; +import com.ruoyi.system.service.ISysDeptService; import com.ruoyi.system.service.ISysPostService; import com.ruoyi.system.service.ISysRoleService; import com.ruoyi.system.service.ISysUserService; @@ -46,6 +48,9 @@ public class SysUserController extends BaseController @Autowired private ISysRoleService roleService; + @Autowired + private ISysDeptService deptService; + @Autowired private ISysPostService postService; @@ -234,4 +239,14 @@ public class SysUserController extends BaseController userService.insertUserAuth(userId, roleIds); return success(); } + + /** + * 获取部门树列表 + */ + @PreAuthorize("@ss.hasPermi('system:user:list')") + @GetMapping("/deptTree") + public AjaxResult deptTree(SysDept dept) + { + return AjaxResult.success(deptService.selectDeptTreeList(dept)); + } } diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java index fe5a01f..10bade0 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java @@ -25,4 +25,9 @@ public @interface DataScope * 用户表的别名 */ public String userAlias() default ""; + + /** + * 权限字符(如不填默认会自动根据注解获取) + */ + public String permission() default ""; } diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java b/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java index c6c7797..737c9d5 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java @@ -12,6 +12,11 @@ public class UserConstants */ public static final String SYS_USER = "SYS_USER"; + /** + * ss标记的权限字符 + */ + public static final String SS_PERMISSION = "SS_PERMISSION"; + /** 正常状态 */ public static final String NORMAL = "0"; diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java index f28a063..8c891cb 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java @@ -1,5 +1,6 @@ package com.ruoyi.common.core.domain.entity; +import java.util.Set; import javax.validation.constraints.NotBlank; import javax.validation.constraints.Size; import org.apache.commons.lang3.builder.ToStringBuilder; @@ -59,6 +60,9 @@ public class SysRole extends BaseEntity /** 部门组(数据权限) */ private Long[] deptIds; + /** 角色菜单权限 */ + private Set permissions; + public SysRole() { @@ -203,7 +207,17 @@ public class SysRole extends BaseEntity { this.deptIds = deptIds; } - + + public Set getPermissions() + { + return permissions; + } + + public void setPermissions(Set permissions) + { + this.permissions = permissions; + } + @Override public String toString() { return new ToStringBuilder(this,ToStringStyle.MULTI_LINE_STYLE) diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java index f1d420e..c615712 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java @@ -11,8 +11,9 @@ import com.ruoyi.common.core.domain.BaseEntity; import com.ruoyi.common.core.domain.entity.SysRole; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.domain.model.LoginUser; -import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.SecurityUtils; +import com.ruoyi.common.utils.StringUtils; +import com.ruoyi.framework.security.context.PermissionContextHolder; /** * 数据过滤处理 @@ -70,8 +71,9 @@ public class DataScopeAspect // 如果是超级管理员,则不过滤数据 if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) { + String permission = StringUtils.defaultIfEmpty(controllerDataScope.permission(), PermissionContextHolder.getContext()); dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), - controllerDataScope.userAlias()); + controllerDataScope.userAlias(), permission); } } } @@ -83,8 +85,9 @@ public class DataScopeAspect * @param user 用户 * @param deptAlias 部门别名 * @param userAlias 用户别名 + * @param permission 权限字符 */ - public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias) + public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, String permission) { StringBuilder sqlString = new StringBuilder(); List conditions = new ArrayList(); @@ -96,6 +99,10 @@ public class DataScopeAspect { continue; } + if (StringUtils.isNotEmpty(permission) && StringUtils.isNotEmpty(role.getPermissions()) && !role.getPermissions().contains(permission)) + { + continue; + } if (DATA_SCOPE_ALL.equals(dataScope)) { sqlString = new StringBuilder(); diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/context/PermissionContextHolder.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/context/PermissionContextHolder.java new file mode 100644 index 0000000..fcd93b6 --- /dev/null +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/context/PermissionContextHolder.java @@ -0,0 +1,21 @@ +package com.ruoyi.framework.security.context; + +/** + * 权限信息 + * + * @author ruoyi + */ +public class PermissionContextHolder +{ + private static final ThreadLocal contextHolder = new ThreadLocal<>(); + + public static void setContext(String permission) + { + contextHolder.set(permission); + } + + public static String getContext() + { + return contextHolder.get(); + } +} diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java index 3881053..6f1650f 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java @@ -7,6 +7,7 @@ import com.ruoyi.common.core.domain.entity.SysRole; import com.ruoyi.common.core.domain.model.LoginUser; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; +import com.ruoyi.framework.security.context.PermissionContextHolder; /** * RuoYi首创 自定义权限实现,ss取自SpringSecurity首字母 @@ -43,6 +44,7 @@ public class PermissionService { return false; } + PermissionContextHolder.setContext(permission); return hasPermissions(loginUser.getPermissions(), permission); } diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java index 19c4a51..357e12f 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java @@ -1,9 +1,11 @@ package com.ruoyi.framework.web.service; import java.util.HashSet; +import java.util.List; import java.util.Set; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import com.ruoyi.common.core.domain.entity.SysRole; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.system.service.ISysMenuService; import com.ruoyi.system.service.ISysRoleService; @@ -59,7 +61,21 @@ public class SysPermissionService } else { - perms.addAll(menuService.selectMenuPermsByUserId(user.getUserId())); + List roles = user.getRoles(); + if (!roles.isEmpty() && roles.size() > 1) + { + // 多角色设置permissions属性,以便数据权限匹配权限 + for (SysRole role : roles) + { + Set rolePerms = menuService.selectMenuPermsByRoleId(role.getRoleId()); + role.setPermissions(rolePerms); + perms.addAll(rolePerms); + } + } + else + { + perms.addAll(menuService.selectMenuPermsByUserId(user.getUserId())); + } } return perms; } diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysMenuMapper.java b/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysMenuMapper.java index f19d476..f3e2eb9 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysMenuMapper.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysMenuMapper.java @@ -34,6 +34,14 @@ public interface SysMenuMapper */ public List selectMenuListByUserId(SysMenu menu); + /** + * 根据角色ID查询权限 + * + * @param roleId 角色ID + * @return 权限列表 + */ + public List selectMenuPermsByRoleId(Long roleId); + /** * 根据用户ID查询权限 * diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysDeptService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysDeptService.java index 1ac8ccb..f131ee3 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysDeptService.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysDeptService.java @@ -19,6 +19,14 @@ public interface ISysDeptService */ public List selectDeptList(SysDept dept); + /** + * 查询部门树结构信息 + * + * @param dept 部门信息 + * @return 部门树信息集合 + */ + public List selectDeptTreeList(SysDept dept); + /** * 构建前端所需要树结构 * diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysMenuService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysMenuService.java index 59009be..8b77dae 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysMenuService.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysMenuService.java @@ -38,6 +38,14 @@ public interface ISysMenuService */ public Set selectMenuPermsByUserId(Long userId); + /** + * 根据角色ID查询权限 + * + * @param roleId 角色ID + * @return 权限列表 + */ + public Set selectMenuPermsByRoleId(Long roleId); + /** * 根据用户ID查询菜单树信息 * diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java index 32ec007..1aa456f 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java @@ -48,6 +48,19 @@ public class SysDeptServiceImpl implements ISysDeptService return deptMapper.selectDeptList(dept); } + /** + * 查询部门树结构信息 + * + * @param dept 部门信息 + * @return 部门树信息集合 + */ + @Override + public List selectDeptTreeList(SysDept dept) + { + List depts = SpringUtils.getAopProxy(this).selectDeptList(dept); + return buildDeptTreeSelect(depts); + } + /** * 构建前端所需要树结构 * diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java index b2ac3f0..604d60e 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java @@ -100,6 +100,27 @@ public class SysMenuServiceImpl implements ISysMenuService return permsSet; } + /** + * 根据角色ID查询权限 + * + * @param roleId 角色ID + * @return 权限列表 + */ + @Override + public Set selectMenuPermsByRoleId(Long roleId) + { + List perms = menuMapper.selectMenuPermsByRoleId(roleId); + Set permsSet = new HashSet<>(); + for (String perm : perms) + { + if (StringUtils.isNotEmpty(perm)) + { + permsSet.addAll(Arrays.asList(perm.trim().split(","))); + } + } + return permsSet; + } + /** * 根据用户ID查询菜单 * diff --git a/ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml b/ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml index f11402c..a8dc0b9 100644 --- a/ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml +++ b/ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml @@ -111,6 +111,14 @@ where m.status = '0' and r.status = '0' and ur.user_id = #{userId} + + +