From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java | 44 ++++++++++++++++++++++++++++++--------------
1 files changed, 30 insertions(+), 14 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java
index 3cb4159..2540606 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java
@@ -26,10 +26,7 @@
import org.dromara.common.mybatis.core.page.TableDataInfo;
import org.dromara.common.mybatis.helper.DataBaseHelper;
import org.dromara.common.satoken.utils.LoginHelper;
-import org.dromara.system.domain.SysDept;
-import org.dromara.system.domain.SysUser;
-import org.dromara.system.domain.SysUserPost;
-import org.dromara.system.domain.SysUserRole;
+import org.dromara.system.domain.*;
import org.dromara.system.domain.bo.SysUserBo;
import org.dromara.system.domain.vo.SysPostVo;
import org.dromara.system.domain.vo.SysRoleVo;
@@ -473,17 +470,14 @@
*/
private void insertUserRole(Long userId, Long[] roleIds, boolean clear) {
if (ArrayUtil.isNotEmpty(roleIds)) {
- // 鍒ゆ柇鏄惁鍏锋湁姝よ鑹茬殑鎿嶄綔鏉冮檺
- List<SysRoleVo> roles = roleMapper.selectRoleList(new LambdaQueryWrapper<>());
- if (CollUtil.isEmpty(roles)) {
- throw new ServiceException("娌℃湁鏉冮檺璁块棶瑙掕壊鐨勬暟鎹�");
- }
- List<Long> roleList = StreamUtils.toList(roles, SysRoleVo::getRoleId);
+ List<Long> roleList = new ArrayList<>(List.of(roleIds));
if (!LoginHelper.isSuperAdmin(userId)) {
roleList.remove(UserConstants.SUPER_ADMIN_ID);
}
- List<Long> canDoRoleList = StreamUtils.filter(List.of(roleIds), roleList::contains);
- if (CollUtil.isEmpty(canDoRoleList)) {
+ // 鍒ゆ柇鏄惁鍏锋湁姝よ鑹茬殑鎿嶄綔鏉冮檺
+ List<SysRoleVo> roles = roleMapper.selectRoleList(
+ new QueryWrapper<SysRole>().in("r.role_id", roleList));
+ if (CollUtil.isEmpty(roles)) {
throw new ServiceException("娌℃湁鏉冮檺璁块棶瑙掕壊鐨勬暟鎹�");
}
if (clear) {
@@ -491,7 +485,7 @@
userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().eq(SysUserRole::getUserId, userId));
}
// 鏂板鐢ㄦ埛涓庤鑹茬鐞�
- List<SysUserRole> list = StreamUtils.toList(canDoRoleList, roleId -> {
+ List<SysUserRole> list = StreamUtils.toList(roleList, roleId -> {
SysUserRole ur = new SysUserRole();
ur.setUserId(userId);
ur.setRoleId(roleId);
@@ -640,7 +634,7 @@
return List.of();
}
List<SysUserVo> list = baseMapper.selectVoList(new LambdaQueryWrapper<SysUser>()
- .select(SysUser::getUserId, SysUser::getUserName, SysUser::getNickName)
+ .select(SysUser::getUserId, SysUser::getUserName, SysUser::getNickName, SysUser::getEmail, SysUser::getPhonenumber)
.eq(SysUser::getStatus, UserConstants.USER_NORMAL)
.in(CollUtil.isNotEmpty(userIds), SysUser::getUserId, userIds));
return BeanUtil.copyToList(list, UserDTO.class);
@@ -653,4 +647,26 @@
return StreamUtils.toList(userRoles, SysUserRole::getUserId);
}
+ @Override
+ public List<UserDTO> selectUsersByRoleIds(List<Long> roleIds) {
+ if (CollUtil.isEmpty(roleIds)) {
+ return List.of();
+ }
+ List<SysUserRole> userRoles = userRoleMapper.selectList(
+ new LambdaQueryWrapper<SysUserRole>().in(SysUserRole::getRoleId, roleIds));
+ List<Long> userIds = StreamUtils.toList(userRoles, SysUserRole::getUserId);
+ return selectListByIds(userIds);
+ }
+
+ @Override
+ public List<UserDTO> selectUsersByDeptIds(List<Long> deptIds) {
+ if (CollUtil.isEmpty(deptIds)) {
+ return List.of();
+ }
+ List<SysUserVo> list = baseMapper.selectVoList(new LambdaQueryWrapper<SysUser>()
+ .select(SysUser::getUserId, SysUser::getUserName, SysUser::getNickName, SysUser::getEmail, SysUser::getPhonenumber)
+ .eq(SysUser::getStatus, UserConstants.USER_NORMAL)
+ .in(CollUtil.isNotEmpty(deptIds), SysUser::getDeptId, deptIds));
+ return BeanUtil.copyToList(list, UserDTO.class);
+ }
}
--
Gitblit v1.9.3