From f0a9768d8e7ee39e4e6b2e1646e8585504095ea3 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期六, 11 三月 2023 01:32:38 +0800
Subject: [PATCH] update 优化 重构系统业务数据权限 避免可能存在的越权风险
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java | 66 +++++++++++++++++----------------
1 files changed, 34 insertions(+), 32 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
index a04f81f..40c269e 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@@ -1,21 +1,22 @@
package com.ruoyi.system.service.impl;
-import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ObjectUtil;
import com.baomidou.mybatisplus.core.conditions.Wrapper;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.ruoyi.common.core.constant.UserConstants;
+import com.ruoyi.common.core.exception.ServiceException;
+import com.ruoyi.common.core.utils.MapstructUtils;
import com.ruoyi.common.core.utils.StreamUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.mybatis.core.page.PageQuery;
-import com.ruoyi.system.domain.SysRole;
import com.ruoyi.common.mybatis.core.page.TableDataInfo;
-import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.satoken.utils.LoginHelper;
+import com.ruoyi.system.domain.SysRole;
import com.ruoyi.system.domain.SysRoleDept;
import com.ruoyi.system.domain.SysRoleMenu;
import com.ruoyi.system.domain.SysUserRole;
@@ -145,7 +146,7 @@
*/
@Override
public SysRoleVo selectRoleById(Long roleId) {
- return baseMapper.selectVoById(roleId);
+ return baseMapper.selectRoleById(roleId);
}
/**
@@ -155,14 +156,11 @@
* @return 缁撴灉
*/
@Override
- public String checkRoleNameUnique(SysRoleBo role) {
+ public boolean checkRoleNameUnique(SysRoleBo role) {
boolean exist = baseMapper.exists(new LambdaQueryWrapper<SysRole>()
.eq(SysRole::getRoleName, role.getRoleName())
.ne(ObjectUtil.isNotNull(role.getRoleId()), SysRole::getRoleId, role.getRoleId()));
- if (exist) {
- return UserConstants.NOT_UNIQUE;
- }
- return UserConstants.UNIQUE;
+ return !exist;
}
/**
@@ -172,24 +170,21 @@
* @return 缁撴灉
*/
@Override
- public String checkRoleKeyUnique(SysRoleBo role) {
+ public boolean checkRoleKeyUnique(SysRoleBo role) {
boolean exist = baseMapper.exists(new LambdaQueryWrapper<SysRole>()
.eq(SysRole::getRoleKey, role.getRoleKey())
.ne(ObjectUtil.isNotNull(role.getRoleId()), SysRole::getRoleId, role.getRoleId()));
- if (exist) {
- return UserConstants.NOT_UNIQUE;
- }
- return UserConstants.UNIQUE;
+ return !exist;
}
/**
* 鏍¢獙瑙掕壊鏄惁鍏佽鎿嶄綔
*
- * @param role 瑙掕壊淇℃伅
+ * @param roleId 瑙掕壊ID
*/
@Override
- public void checkRoleAllowed(SysRoleBo role) {
- if (ObjectUtil.isNotNull(role.getRoleId()) && role.isSuperAdmin()) {
+ public void checkRoleAllowed(Long roleId) {
+ if (ObjectUtil.isNotNull(roleId) && LoginHelper.isSuperAdmin(roleId)) {
throw new ServiceException("涓嶅厑璁告搷浣滆秴绾х鐞嗗憳瑙掕壊");
}
}
@@ -201,14 +196,17 @@
*/
@Override
public void checkRoleDataScope(Long roleId) {
- if (!LoginHelper.isSuperAdmin()) {
- SysRoleBo role = new SysRoleBo();
- role.setRoleId(roleId);
- List<SysRoleVo> roles = this.selectRoleList(role);
- if (CollUtil.isEmpty(roles)) {
- throw new ServiceException("娌℃湁鏉冮檺璁块棶瑙掕壊鏁版嵁锛�");
- }
+ if (ObjectUtil.isNull(roleId)) {
+ return;
}
+ if (LoginHelper.isSuperAdmin()) {
+ return;
+ }
+ List<SysRoleVo> roles = this.selectRoleList(new SysRoleBo(roleId));
+ if (CollUtil.isEmpty(roles)) {
+ throw new ServiceException("娌℃湁鏉冮檺璁块棶瑙掕壊鏁版嵁锛�");
+ }
+
}
/**
@@ -231,9 +229,10 @@
@Override
@Transactional(rollbackFor = Exception.class)
public int insertRole(SysRoleBo bo) {
- SysRole role = BeanUtil.toBean(bo, SysRole.class);
+ SysRole role = MapstructUtils.convert(bo, SysRole.class);
// 鏂板瑙掕壊淇℃伅
baseMapper.insert(role);
+ bo.setRoleId(role.getRoleId());
return insertRoleMenu(bo);
}
@@ -246,7 +245,7 @@
@Override
@Transactional(rollbackFor = Exception.class)
public int updateRole(SysRoleBo bo) {
- SysRole role = BeanUtil.toBean(bo, SysRole.class);
+ SysRole role = MapstructUtils.convert(bo, SysRole.class);
// 淇敼瑙掕壊淇℃伅
baseMapper.updateById(role);
// 鍒犻櫎瑙掕壊涓庤彍鍗曞叧鑱�
@@ -257,13 +256,16 @@
/**
* 淇敼瑙掕壊鐘舵��
*
- * @param bo 瑙掕壊淇℃伅
+ * @param roleId 瑙掕壊ID
+ * @param status 瑙掕壊鐘舵��
* @return 缁撴灉
*/
@Override
- public int updateRoleStatus(SysRoleBo bo) {
- SysRole role = BeanUtil.toBean(bo, SysRole.class);
- return baseMapper.updateById(role);
+ public int updateRoleStatus(Long roleId, String status) {
+ return baseMapper.update(null,
+ new LambdaUpdateWrapper<SysRole>()
+ .set(SysRole::getStatus, status)
+ .eq(SysRole::getRoleId, roleId));
}
/**
@@ -275,7 +277,7 @@
@Override
@Transactional(rollbackFor = Exception.class)
public int authDataScope(SysRoleBo bo) {
- SysRole role = BeanUtil.toBean(bo, SysRole.class);
+ SysRole role = MapstructUtils.convert(bo, SysRole.class);
// 淇敼瑙掕壊淇℃伅
baseMapper.updateById(role);
// 鍒犻櫎瑙掕壊涓庨儴闂ㄥ叧鑱�
@@ -352,7 +354,7 @@
@Transactional(rollbackFor = Exception.class)
public int deleteRoleByIds(Long[] roleIds) {
for (Long roleId : roleIds) {
- checkRoleAllowed(new SysRoleBo(roleId));
+ checkRoleAllowed(roleId);
checkRoleDataScope(roleId);
SysRole role = baseMapper.selectById(roleId);
if (countUserRoleByRoleId(roleId) > 0) {
--
Gitblit v1.9.3