xinyin025/RuoYi-Vue-Plus
1
0
Fork 0
mirror of https://github.com/dromara/RuoYi-Vue-Plus.git synced 2025-11-04 16:23:42 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

update 优化 角色权限判断

Browse Source
This commit is contained in:
疯狂的狮子Li
2024-08-02 17:09:46 +08:00
parent f32d0266ee
commit ecfaa9ad5c
1 changed files with 7 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java
View File

@@ -26,10 +26,7 @@ import org.dromara.common.mybatis.core.page.PageQuery;
import org.dromara.common.mybatis.core.page.TableDataInfo; import org.dromara.common.mybatis.core.page.TableDataInfo;
import org.dromara.common.mybatis.helper.DataBaseHelper; import org.dromara.common.mybatis.helper.DataBaseHelper;
import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.system.domain.SysDept; import org.dromara.system.domain.*;
import org.dromara.system.domain.SysUser;
import org.dromara.system.domain.SysUserPost;
import org.dromara.system.domain.SysUserRole;
import org.dromara.system.domain.bo.SysUserBo; import org.dromara.system.domain.bo.SysUserBo;
import org.dromara.system.domain.vo.SysPostVo; import org.dromara.system.domain.vo.SysPostVo;
import org.dromara.system.domain.vo.SysRoleVo; import org.dromara.system.domain.vo.SysRoleVo;
@@ -473,17 +470,14 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
*/ */
private void insertUserRole(Long userId, Long[] roleIds, boolean clear) { private void insertUserRole(Long userId, Long[] roleIds, boolean clear) {
if (ArrayUtil.isNotEmpty(roleIds)) { if (ArrayUtil.isNotEmpty(roleIds)) {
// 判断是否具有此角色的操作权限 List<Long> roleList = new ArrayList<>(List.of(roleIds));
List<SysRoleVo> roles = roleMapper.selectRoleList(new LambdaQueryWrapper<>());
if (CollUtil.isEmpty(roles)) {
throw new ServiceException("没有权限访问角色的数据");
}
List<Long> roleList = StreamUtils.toList(roles, SysRoleVo::getRoleId);
if (!LoginHelper.isSuperAdmin(userId)) { if (!LoginHelper.isSuperAdmin(userId)) {
roleList.remove(UserConstants.SUPER_ADMIN_ID); roleList.remove(UserConstants.SUPER_ADMIN_ID);
} }
List<Long> canDoRoleList = StreamUtils.filter(List.of(roleIds), roleList::contains); // 判断是否具有此角色的操作权限
if (CollUtil.isEmpty(canDoRoleList)) { List<SysRoleVo> roles = roleMapper.selectRoleList(
new QueryWrapper<SysRole>().in("r.role_id", roleList));
if (CollUtil.isEmpty(roles)) {
throw new ServiceException("没有权限访问角色的数据"); throw new ServiceException("没有权限访问角色的数据");
} }
if (clear) { if (clear) {
@@ -491,7 +485,7 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().eq(SysUserRole::getUserId, userId)); userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().eq(SysUserRole::getUserId, userId));
} }
// 新增用户与角色管理 // 新增用户与角色管理
List<SysUserRole> list = StreamUtils.toList(canDoRoleList, roleId -> { List<SysUserRole> list = StreamUtils.toList(roleList, roleId -> {
SysUserRole ur = new SysUserRole(); SysUserRole ur = new SysUserRole();
ur.setUserId(userId); ur.setUserId(userId);
ur.setRoleId(roleId); ur.setRoleId(roleId);