From f0a9768d8e7ee39e4e6b2e1646e8585504095ea3 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期六, 11 三月 2023 01:32:38 +0800
Subject: [PATCH] update 优化 重构系统业务数据权限 避免可能存在的越权风险
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java | 43 +++++++++++++++++++++++++------------------
1 files changed, 25 insertions(+), 18 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
index 2140a77..40c269e 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@@ -5,17 +5,18 @@
import com.baomidou.mybatisplus.core.conditions.Wrapper;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.ruoyi.common.core.constant.UserConstants;
+import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.utils.MapstructUtils;
import com.ruoyi.common.core.utils.StreamUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.mybatis.core.page.PageQuery;
-import com.ruoyi.system.domain.SysRole;
import com.ruoyi.common.mybatis.core.page.TableDataInfo;
-import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.satoken.utils.LoginHelper;
+import com.ruoyi.system.domain.SysRole;
import com.ruoyi.system.domain.SysRoleDept;
import com.ruoyi.system.domain.SysRoleMenu;
import com.ruoyi.system.domain.SysUserRole;
@@ -145,7 +146,7 @@
*/
@Override
public SysRoleVo selectRoleById(Long roleId) {
- return baseMapper.selectVoById(roleId);
+ return baseMapper.selectRoleById(roleId);
}
/**
@@ -179,11 +180,11 @@
/**
* 鏍¢獙瑙掕壊鏄惁鍏佽鎿嶄綔
*
- * @param role 瑙掕壊淇℃伅
+ * @param roleId 瑙掕壊ID
*/
@Override
- public void checkRoleAllowed(SysRoleBo role) {
- if (ObjectUtil.isNotNull(role.getRoleId()) && role.isSuperAdmin()) {
+ public void checkRoleAllowed(Long roleId) {
+ if (ObjectUtil.isNotNull(roleId) && LoginHelper.isSuperAdmin(roleId)) {
throw new ServiceException("涓嶅厑璁告搷浣滆秴绾х鐞嗗憳瑙掕壊");
}
}
@@ -195,14 +196,17 @@
*/
@Override
public void checkRoleDataScope(Long roleId) {
- if (!LoginHelper.isSuperAdmin()) {
- SysRoleBo role = new SysRoleBo();
- role.setRoleId(roleId);
- List<SysRoleVo> roles = this.selectRoleList(role);
- if (CollUtil.isEmpty(roles)) {
- throw new ServiceException("娌℃湁鏉冮檺璁块棶瑙掕壊鏁版嵁锛�");
- }
+ if (ObjectUtil.isNull(roleId)) {
+ return;
}
+ if (LoginHelper.isSuperAdmin()) {
+ return;
+ }
+ List<SysRoleVo> roles = this.selectRoleList(new SysRoleBo(roleId));
+ if (CollUtil.isEmpty(roles)) {
+ throw new ServiceException("娌℃湁鏉冮檺璁块棶瑙掕壊鏁版嵁锛�");
+ }
+
}
/**
@@ -252,13 +256,16 @@
/**
* 淇敼瑙掕壊鐘舵��
*
- * @param bo 瑙掕壊淇℃伅
+ * @param roleId 瑙掕壊ID
+ * @param status 瑙掕壊鐘舵��
* @return 缁撴灉
*/
@Override
- public int updateRoleStatus(SysRoleBo bo) {
- SysRole role = MapstructUtils.convert(bo, SysRole.class);
- return baseMapper.updateById(role);
+ public int updateRoleStatus(Long roleId, String status) {
+ return baseMapper.update(null,
+ new LambdaUpdateWrapper<SysRole>()
+ .set(SysRole::getStatus, status)
+ .eq(SysRole::getRoleId, roleId));
}
/**
@@ -347,7 +354,7 @@
@Transactional(rollbackFor = Exception.class)
public int deleteRoleByIds(Long[] roleIds) {
for (Long roleId : roleIds) {
- checkRoleAllowed(new SysRoleBo(roleId));
+ checkRoleAllowed(roleId);
checkRoleDataScope(roleId);
SysRole role = baseMapper.selectById(roleId);
if (countUserRoleByRoleId(roleId) > 0) {
--
Gitblit v1.9.3