From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java | 32 ++++++++++++++++++++++++--------
1 files changed, 24 insertions(+), 8 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
index 191dc98..9b8b0ec 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
@@ -102,14 +102,13 @@
*/
@Override
public List<SysRoleVo> selectRolesAuthByUserId(Long userId) {
- List<SysRoleVo> userRoles = baseMapper.selectRolePermissionByUserId(userId);
+ List<SysRoleVo> userRoles = baseMapper.selectRolesByUserId(userId);
List<SysRoleVo> roles = selectRoleAll();
+ // 浣跨敤HashSet鎻愰珮鏌ユ壘鏁堢巼
+ Set<Long> userRoleIds = StreamUtils.toSet(userRoles, SysRoleVo::getRoleId);
for (SysRoleVo role : roles) {
- for (SysRoleVo userRole : userRoles) {
- if (role.getRoleId().longValue() == userRole.getRoleId().longValue()) {
- role.setFlag(true);
- break;
- }
+ if (userRoleIds.contains(role.getRoleId())) {
+ role.setFlag(true);
}
}
return roles;
@@ -123,7 +122,7 @@
*/
@Override
public Set<String> selectRolePermissionByUserId(Long userId) {
- List<SysRoleVo> perms = baseMapper.selectRolePermissionByUserId(userId);
+ List<SysRoleVo> perms = baseMapper.selectRolesByUserId(userId);
Set<String> permsSet = new HashSet<>();
for (SysRoleVo perm : perms) {
if (ObjectUtil.isNotNull(perm)) {
@@ -164,6 +163,19 @@
@Override
public SysRoleVo selectRoleById(Long roleId) {
return baseMapper.selectRoleById(roleId);
+ }
+
+ /**
+ * 閫氳繃瑙掕壊ID涓叉煡璇㈣鑹�
+ *
+ * @param roleIds 瑙掕壊ID涓�
+ * @return 瑙掕壊鍒楄〃淇℃伅
+ */
+ @Override
+ public List<SysRoleVo> selectRoleByIds(List<Long> roleIds) {
+ return baseMapper.selectRoleList(new QueryWrapper<SysRole>()
+ .eq("r.status", UserConstants.ROLE_NORMAL)
+ .in(CollUtil.isNotEmpty(roleIds), "r.role_id", roleIds));
}
/**
@@ -281,6 +293,10 @@
@Transactional(rollbackFor = Exception.class)
public int updateRole(SysRoleBo bo) {
SysRole role = MapstructUtils.convert(bo, SysRole.class);
+
+ if (UserConstants.ROLE_DISABLE.equals(role.getStatus()) && this.countUserRoleByRoleId(role.getRoleId()) > 0) {
+ throw new ServiceException("瑙掕壊宸插垎閰嶏紝涓嶈兘绂佺敤!");
+ }
// 淇敼瑙掕壊淇℃伅
baseMapper.updateById(role);
// 鍒犻櫎瑙掕壊涓庤彍鍗曞叧鑱�
@@ -404,7 +420,7 @@
roleMenuMapper.delete(new LambdaQueryWrapper<SysRoleMenu>().in(SysRoleMenu::getRoleId, ids));
// 鍒犻櫎瑙掕壊涓庨儴闂ㄥ叧鑱�
roleDeptMapper.delete(new LambdaQueryWrapper<SysRoleDept>().in(SysRoleDept::getRoleId, ids));
- return baseMapper.deleteBatchIds(ids);
+ return baseMapper.deleteByIds(ids);
}
/**
--
Gitblit v1.9.3