限制用户操作数据权限范围
This commit is contained in:
parent
e5f30b1a19
commit
f46b1bbebd
@ -124,6 +124,8 @@ public class SysUserController extends BaseController
|
|||||||
@PostMapping
|
@PostMapping
|
||||||
public AjaxResult add(@Validated @RequestBody SysUser user)
|
public AjaxResult add(@Validated @RequestBody SysUser user)
|
||||||
{
|
{
|
||||||
|
deptService.checkDeptDataScope(user.getDeptId());
|
||||||
|
roleService.checkRoleDataScope(user.getRoleIds());
|
||||||
if (!userService.checkUserNameUnique(user))
|
if (!userService.checkUserNameUnique(user))
|
||||||
{
|
{
|
||||||
return error("新增用户'" + user.getUserName() + "'失败,登录账号已存在");
|
return error("新增用户'" + user.getUserName() + "'失败,登录账号已存在");
|
||||||
@ -151,6 +153,8 @@ public class SysUserController extends BaseController
|
|||||||
{
|
{
|
||||||
userService.checkUserAllowed(user);
|
userService.checkUserAllowed(user);
|
||||||
userService.checkUserDataScope(user.getUserId());
|
userService.checkUserDataScope(user.getUserId());
|
||||||
|
deptService.checkDeptDataScope(user.getDeptId());
|
||||||
|
roleService.checkRoleDataScope(user.getRoleIds());
|
||||||
if (!userService.checkUserNameUnique(user))
|
if (!userService.checkUserNameUnique(user))
|
||||||
{
|
{
|
||||||
return error("修改用户'" + user.getUserName() + "'失败,登录账号已存在");
|
return error("修改用户'" + user.getUserName() + "'失败,登录账号已存在");
|
||||||
@ -235,6 +239,7 @@ public class SysUserController extends BaseController
|
|||||||
public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
|
public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
|
||||||
{
|
{
|
||||||
userService.checkUserDataScope(userId);
|
userService.checkUserDataScope(userId);
|
||||||
|
roleService.checkRoleDataScope(roleIds);
|
||||||
userService.insertUserAuth(userId, roleIds);
|
userService.insertUserAuth(userId, roleIds);
|
||||||
return success();
|
return success();
|
||||||
}
|
}
|
||||||
|
@ -22,7 +22,7 @@ public class SysUser extends BaseEntity
|
|||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
/** 用户ID */
|
/** 用户ID */
|
||||||
@Excel(name = "用户序号", cellType = ColumnType.NUMERIC, prompt = "用户编号")
|
@Excel(name = "用户序号", type = Type.EXPORT, cellType = ColumnType.NUMERIC, prompt = "用户编号")
|
||||||
private Long userId;
|
private Long userId;
|
||||||
|
|
||||||
/** 部门ID */
|
/** 部门ID */
|
||||||
|
@ -85,9 +85,9 @@ public interface ISysRoleService
|
|||||||
/**
|
/**
|
||||||
* 校验角色是否有数据权限
|
* 校验角色是否有数据权限
|
||||||
*
|
*
|
||||||
* @param roleId 角色id
|
* @param roleIds 角色id
|
||||||
*/
|
*/
|
||||||
public void checkRoleDataScope(Long roleId);
|
public void checkRoleDataScope(Long... roleIds);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 通过角色ID查询角色使用数量
|
* 通过角色ID查询角色使用数量
|
||||||
|
@ -190,7 +190,7 @@ public class SysDeptServiceImpl implements ISysDeptService
|
|||||||
@Override
|
@Override
|
||||||
public void checkDeptDataScope(Long deptId)
|
public void checkDeptDataScope(Long deptId)
|
||||||
{
|
{
|
||||||
if (!SysUser.isAdmin(SecurityUtils.getUserId()))
|
if (!SysUser.isAdmin(SecurityUtils.getUserId()) && StringUtils.isNotNull(deptId))
|
||||||
{
|
{
|
||||||
SysDept dept = new SysDept();
|
SysDept dept = new SysDept();
|
||||||
dept.setDeptId(deptId);
|
dept.setDeptId(deptId);
|
||||||
|
@ -192,12 +192,14 @@ public class SysRoleServiceImpl implements ISysRoleService
|
|||||||
/**
|
/**
|
||||||
* 校验角色是否有数据权限
|
* 校验角色是否有数据权限
|
||||||
*
|
*
|
||||||
* @param roleId 角色id
|
* @param roleIds 角色id
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public void checkRoleDataScope(Long roleId)
|
public void checkRoleDataScope(Long... roleIds)
|
||||||
{
|
{
|
||||||
if (!SysUser.isAdmin(SecurityUtils.getUserId()))
|
if (!SysUser.isAdmin(SecurityUtils.getUserId()))
|
||||||
|
{
|
||||||
|
for (Long roleId : roleIds)
|
||||||
{
|
{
|
||||||
SysRole role = new SysRole();
|
SysRole role = new SysRole();
|
||||||
role.setRoleId(roleId);
|
role.setRoleId(roleId);
|
||||||
@ -208,6 +210,7 @@ public class SysRoleServiceImpl implements ISysRoleService
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 通过角色ID查询角色使用数量
|
* 通过角色ID查询角色使用数量
|
||||||
|
@ -28,6 +28,7 @@ import com.ruoyi.system.mapper.SysUserMapper;
|
|||||||
import com.ruoyi.system.mapper.SysUserPostMapper;
|
import com.ruoyi.system.mapper.SysUserPostMapper;
|
||||||
import com.ruoyi.system.mapper.SysUserRoleMapper;
|
import com.ruoyi.system.mapper.SysUserRoleMapper;
|
||||||
import com.ruoyi.system.service.ISysConfigService;
|
import com.ruoyi.system.service.ISysConfigService;
|
||||||
|
import com.ruoyi.system.service.ISysDeptService;
|
||||||
import com.ruoyi.system.service.ISysUserService;
|
import com.ruoyi.system.service.ISysUserService;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -58,6 +59,9 @@ public class SysUserServiceImpl implements ISysUserService
|
|||||||
@Autowired
|
@Autowired
|
||||||
private ISysConfigService configService;
|
private ISysConfigService configService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private ISysDeptService deptService;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
protected Validator validator;
|
protected Validator validator;
|
||||||
|
|
||||||
@ -489,7 +493,6 @@ public class SysUserServiceImpl implements ISysUserService
|
|||||||
int failureNum = 0;
|
int failureNum = 0;
|
||||||
StringBuilder successMsg = new StringBuilder();
|
StringBuilder successMsg = new StringBuilder();
|
||||||
StringBuilder failureMsg = new StringBuilder();
|
StringBuilder failureMsg = new StringBuilder();
|
||||||
String password = configService.selectConfigByKey("sys.user.initPassword");
|
|
||||||
for (SysUser user : userList)
|
for (SysUser user : userList)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
@ -499,6 +502,8 @@ public class SysUserServiceImpl implements ISysUserService
|
|||||||
if (StringUtils.isNull(u))
|
if (StringUtils.isNull(u))
|
||||||
{
|
{
|
||||||
BeanValidators.validateWithException(validator, user);
|
BeanValidators.validateWithException(validator, user);
|
||||||
|
deptService.checkDeptDataScope(user.getDeptId());
|
||||||
|
String password = configService.selectConfigByKey("sys.user.initPassword");
|
||||||
user.setPassword(SecurityUtils.encryptPassword(password));
|
user.setPassword(SecurityUtils.encryptPassword(password));
|
||||||
user.setCreateBy(operName);
|
user.setCreateBy(operName);
|
||||||
userMapper.insertUser(user);
|
userMapper.insertUser(user);
|
||||||
@ -510,6 +515,7 @@ public class SysUserServiceImpl implements ISysUserService
|
|||||||
BeanValidators.validateWithException(validator, user);
|
BeanValidators.validateWithException(validator, user);
|
||||||
checkUserAllowed(u);
|
checkUserAllowed(u);
|
||||||
checkUserDataScope(u.getUserId());
|
checkUserDataScope(u.getUserId());
|
||||||
|
deptService.checkDeptDataScope(user.getDeptId());
|
||||||
user.setUserId(u.getUserId());
|
user.setUserId(u.getUserId());
|
||||||
user.setUpdateBy(operName);
|
user.setUpdateBy(operName);
|
||||||
userMapper.updateUser(user);
|
userMapper.updateUser(user);
|
||||||
|
Loading…
Reference in New Issue
Block a user