From 8cc2aee13e5f6e880ced3ba63034bf5bc74dce72 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期六, 29 五月 2021 21:54:20 +0800
Subject: [PATCH] fix 修复单表数据权限问题
---
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java | 32 +++++++++++++++++++++-----------
1 files changed, 21 insertions(+), 11 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
index ce23af0..9003bfc 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
@@ -3,6 +3,7 @@
import cn.hutool.core.lang.Validator;
import cn.hutool.core.util.StrUtil;
import com.ruoyi.common.annotation.DataScope;
+import com.ruoyi.common.core.domain.BaseEntity;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
@@ -105,6 +106,10 @@
{
StringBuilder sqlString = new StringBuilder();
+ // 灏� "." 鎻愬彇鍑�,涓嶅啓鍒悕涓哄崟琛ㄦ煡璇�,鍐欏埆鍚嶄负澶氳〃鏌ヨ
+ deptAlias = StrUtil.isNotBlank(deptAlias) ? deptAlias + "." : "";
+ userAlias = StrUtil.isNotBlank(userAlias) ? userAlias + "." : "";
+
for (SysRole role : user.getRoles())
{
String dataScope = role.getDataScope();
@@ -116,24 +121,24 @@
else if (DATA_SCOPE_CUSTOM.equals(dataScope))
{
sqlString.append(StrUtil.format(
- " OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias,
+ " OR {}dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias,
role.getRoleId()));
}
else if (DATA_SCOPE_DEPT.equals(dataScope))
{
- sqlString.append(StrUtil.format(" OR {}.dept_id = {} ", deptAlias, user.getDeptId()));
+ sqlString.append(StrUtil.format(" OR {}dept_id = {} ", deptAlias, user.getDeptId()));
}
else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope))
{
sqlString.append(StrUtil.format(
- " OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
+ " OR {}dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
deptAlias, user.getDeptId(), user.getDeptId()));
}
else if (DATA_SCOPE_SELF.equals(dataScope))
{
if (StrUtil.isNotBlank(userAlias))
{
- sqlString.append(StrUtil.format(" OR {}.user_id = {} ", userAlias, user.getUserId()));
+ sqlString.append(StrUtil.format(" OR {}user_id = {} ", userAlias, user.getUserId()));
}
else
{
@@ -145,7 +150,7 @@
if (StrUtil.isNotBlank(sqlString.toString()))
{
- putDataScope(joinPoint, " AND (" + sqlString.substring(4) + ")");
+ putDataScope(joinPoint, sqlString.substring(4));
}
}
@@ -181,12 +186,17 @@
Object params = joinPoint.getArgs()[0];
if (Validator.isNotNull(params))
{
- try {
- Method getParams = params.getClass().getDeclaredMethod("getParams", null);
- Map<String, Object> invoke = (Map<String, Object>) getParams.invoke(params, null);
- invoke.put(DATA_SCOPE, sql);
- } catch (Exception e) {
- // 鏂规硶鏈壘鍒� 涓嶅鐞�
+ if(params instanceof BaseEntity) {
+ BaseEntity baseEntity = (BaseEntity) params;
+ baseEntity.getParams().put(DATA_SCOPE, sql);
+ } else {
+ try {
+ Method getParams = params.getClass().getDeclaredMethod("getParams", null);
+ Map<String, Object> invoke = (Map<String, Object>) getParams.invoke(params, null);
+ invoke.put(DATA_SCOPE, sql);
+ } catch (Exception e) {
+ // 鏂规硶鏈壘鍒� 涓嶅鐞�
+ }
}
}
}
--
Gitblit v1.9.3