ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
@@ -70,6 +70,7 @@ @GetMapping(value = "/{deptId}") public AjaxResult getInfo(@PathVariable Long deptId) { deptService.checkDeptDataScope(deptId); return AjaxResult.success(deptService.selectDeptById(deptId)); }
@@ -68,6 +68,7 @@ @GetMapping(value = "/{roleId}") public AjaxResult getInfo(@PathVariable Long roleId) { roleService.checkRoleDataScope(roleId); return AjaxResult.success(roleService.selectRoleById(roleId)); }
@@ -104,6 +104,7 @@ @GetMapping(value = { "/", "/{userId}" }) public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) { userService.checkUserDataScope(userId); Map<String, Object> ajax = new HashMap<>(); List<SysRole> roles = roleService.selectRoleAll(); ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList())); ruoyi-quartz/src/main/java/com/ruoyi/quartz/service/impl/SysJobServiceImpl.java
@@ -87,7 +87,7 @@ * @param job 调度信息 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public int pauseJob(SysJob job) throws SchedulerException { Long jobId = job.getJobId(); String jobGroup = job.getJobGroup(); @@ -105,7 +105,7 @@ * @param job 调度信息 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public int resumeJob(SysJob job) throws SchedulerException { Long jobId = job.getJobId(); String jobGroup = job.getJobGroup(); @@ -123,7 +123,7 @@ * @param job 调度信息 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public int deleteJob(SysJob job) throws SchedulerException { Long jobId = job.getJobId(); String jobGroup = job.getJobGroup(); @@ -141,7 +141,7 @@ * @return 结果 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public void deleteJobByIds(Long[] jobIds) throws SchedulerException { for (Long jobId : jobIds) { SysJob job = getById(jobId); @@ -155,7 +155,7 @@ * @param job 调度信息 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public int changeStatus(SysJob job) throws SchedulerException { int rows = 0; String status = job.getStatus(); @@ -173,7 +173,7 @@ * @param job 调度信息 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public void run(SysJob job) throws SchedulerException { Long jobId = job.getJobId(); String jobGroup = job.getJobGroup(); @@ -190,7 +190,7 @@ * @param job 调度信息 调度信息 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public int insertJob(SysJob job) throws SchedulerException, TaskException { job.setStatus(ScheduleConstants.Status.PAUSE.getValue()); int rows = baseMapper.insert(job); @@ -206,7 +206,7 @@ * @param job 调度信息 */ @Override @Transactional @Transactional(rollbackFor = Exception.class) public int updateJob(SysJob job) throws SchedulerException, TaskException { SysJob properties = selectJobById(job.getJobId()); int rows = baseMapper.updateById(job); ruoyi-system/src/main/java/com/ruoyi/system/service/ISysDeptService.java
@@ -85,6 +85,13 @@ public String checkDeptNameUnique(SysDept dept); /** * 校验部门是否有数据权限 * * @param deptId 部门id */ public void checkDeptDataScope(Long deptId); /** * 新增保存部门信息 * * @param dept 部门信息 ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java
@@ -89,6 +89,13 @@ public void checkRoleAllowed(SysRole role); /** * 校验角色是否有数据权限 * * @param roleId 角色id */ public void checkRoleDataScope(Long roleId); /** * 通过角色ID查询角色使用数量 * * @param roleId 角色ID ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java
@@ -104,6 +104,13 @@ public void checkUserAllowed(SysUser user); /** * 校验用户是否有数据权限 * * @param userId 用户id */ public void checkUserDataScope(Long userId); /** * 新增用户信息 * * @param user 用户信息 ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
@@ -10,8 +10,11 @@ import com.ruoyi.common.core.domain.entity.SysRole; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.mybatisplus.core.ServicePlusImpl; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.exception.ServiceException; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.spring.SpringUtils; import com.ruoyi.system.mapper.SysDeptMapper; import com.ruoyi.system.mapper.SysRoleMapper; import com.ruoyi.system.mapper.SysUserMapper; @@ -171,6 +174,26 @@ } /** * 校验部门是否有数据权限 * * @param deptId 部门id */ @Override public void checkDeptDataScope(Long deptId) { if (!SysUser.isAdmin(SecurityUtils.getUserId())) { SysDept dept = new SysDept(); dept.setDeptId(deptId); List<SysDept> depts = SpringUtils.getAopProxy(this).selectDeptList(dept); if (StringUtils.isEmpty(depts)) { throw new ServiceException("没有权限访问部门数据!"); } } } /** * 新增保存部门信息 * * @param dept 部门信息 ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@@ -6,8 +6,10 @@ import com.ruoyi.common.core.domain.entity.SysRole; import com.ruoyi.common.core.mybatisplus.core.ServicePlusImpl; import com.ruoyi.common.core.page.TableDataInfo; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.exception.ServiceException; import com.ruoyi.common.utils.PageUtils; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.spring.SpringUtils; import com.ruoyi.system.domain.SysRoleDept; @@ -177,6 +179,26 @@ } /** * 校验角色是否有数据权限 * * @param roleId 角色id */ @Override public void checkRoleDataScope(Long roleId) { if (!SysUser.isAdmin(SecurityUtils.getUserId())) { SysRole role = new SysRole(); role.setRoleId(roleId); List<SysRole> roles = SpringUtils.getAopProxy(this).selectRoleList(role); if (StringUtils.isEmpty(roles)) { throw new ServiceException("没有权限访问角色数据!"); } } } /** * 通过角色ID查询角色使用数量 * * @param roleId 角色ID ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
@@ -12,6 +12,7 @@ import com.ruoyi.common.utils.PageUtils; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.spring.SpringUtils; import com.ruoyi.system.domain.SysPost; import com.ruoyi.system.domain.SysUserPost; import com.ruoyi.system.domain.SysUserRole; @@ -217,6 +218,26 @@ } /** * 校验用户是否有数据权限 * * @param userId 用户id */ @Override public void checkUserDataScope(Long userId) { if (!SysUser.isAdmin(SecurityUtils.getUserId())) { SysUser user = new SysUser(); user.setUserId(userId); List<SysUser> users = SpringUtils.getAopProxy(this).selectUserList(user); if (StringUtils.isEmpty(users)) { throw new ServiceException("没有权限访问用户数据!"); } } } /** * 新增保存用户信息 * * @param user 用户信息 ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
@@ -30,6 +30,9 @@ <select id="selectDeptList" parameterType="SysDept" resultMap="SysDeptResult"> <include refid="selectDeptVo"/> where d.del_flag = '0' <if test="deptId != null and deptId != 0"> AND dept_id = #{deptId} </if> <if test="parentId != null and parentId != 0"> AND parent_id = #{parentId} </if> ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
@@ -67,6 +67,9 @@ <select id="selectRoleList" parameterType="SysRole" resultMap="SysRoleResult"> <include refid="selectRoleVo"/> where r.del_flag = '0' <if test="roleId != null and roleId != 0"> AND r.role_id = #{roleId} </if> <if test="roleName != null and roleName != ''"> AND r.role_name like concat('%', #{roleName}, '%') </if> ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml
@@ -117,6 +117,9 @@ sys_user u left join sys_dept d on u.dept_id = d.dept_id where u.del_flag = '0' <if test="userId != null and userId != 0"> AND u.user_id = #{userId} </if> <if test="userName != null and userName != ''"> AND u.user_name like concat('%', #{userName}, '%') </if>
