ruoyi
/
RuoYi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

数据权限?

This commit is contained in:
administrator 2020-08-13 16:03:20 +08:00
parent 69aaf0d922
commit 883a68b7b2
22 changed files with 1445 additions and 1020 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
View File

@ -2,7 +2,6 @@ package com.ruoyi.web.controller.system;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
@ -13,6 +12,7 @@ import com.ruoyi.system.domain.SysUser;
import com.ruoyi.system.domain.SysUserRole;
import com.ruoyi.system.service.ISysRoleService;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.web.controller.system.base.WebController;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Pageable;
@ -30,7 +30,7 @@ import java.util.List;
*/
@Controller
@RequestMapping("/system/role")
public class SysRoleController extends BaseController {
public class SysRoleController extends WebController {
private String prefix = "system/role";
@Autowired
@ -49,7 +49,7 @@ public class SysRoleController extends BaseController {
@PostMapping("/list")
@ResponseBody
public TableDataInfo list(SysRole role) {
return getDataTable(roleService.selectRoleList(role, getPageRequest()));
return getDataTable(roleService.selectRoleList(role, getPageRequest(), getUser()));
}
@Log(title = "角色管理", businessType = BusinessType.EXPORT)
@ -57,7 +57,7 @@ public class SysRoleController extends BaseController {
@PostMapping("/export")
@ResponseBody
public AjaxResult export(SysRole role) {
List<SysRole> list = roleService.selectRoleList(role, Pageable.unpaged()).getContent();
List<SysRole> list = roleService.selectRoleList(role, Pageable.unpaged(), getUser()).getContent();
ExcelUtil<SysRole> util = new ExcelUtil<SysRole>(SysRole.class);
return util.exportExcel(list, "角色数据");
}

12
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/base/WebController.java Normal file
View File

@ -0,0 +1,12 @@
package com.ruoyi.web.controller.system.base;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.framework.util.ShiroUtils;
import com.ruoyi.system.domain.SysUser;
public class WebController extends BaseController {
protected SysUser getUser(){
return ShiroUtils.getSysUser();
}
}

2
ruoyi-admin/src/main/resources/application-druid.yml
View File

@ -68,7 +68,7 @@ spring:
url: jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8
user: ${db.username}
password: ${db.password}
#需要目标数据库已经存在,不自动升级
#目标数据库已经存在,不自动升级
baseline-on-migrate: false
encoding: utf-8
clean-on-validation-error: false

20
ruoyi-admin/src/main/resources/static/ruoyi/index.js
View File

@ -7,6 +7,8 @@ layer.config({
skin: 'layer-ext-moon'
});
var currentMenuId = null;
$(function() {
// MetsiMenu
$('#side-menu').metisMenu();
@ -213,9 +215,10 @@ $(function() {
function menuItem() {
// 获取标识数据
var dataUrl = $(this).attr('href'),
dataIndex = $(this).data('index'),
menuName = $.trim($(this).text()),
var dataUrl = $(this).attr('href');
dataIndex = $(this).data('index');
menuName = $.trim($(this).text());
currentMenuId = $(this).attr('id');
flag = true;
$(".nav ul li, .nav li").removeClass("selected");
$(this).parent("li").addClass("selected");
@ -242,7 +245,7 @@ $(function() {
});
// 选项卡菜单不存在
if (flag) {
var str = '<a href="javascript:;" class="active menuTab" data-id="' + dataUrl + '">' + menuName + ' <i class="fa fa-times-circle"></i></a>';
var str = '<a href="javascript:;" class="active menuTab" data-id="' + dataUrl + '" id="'+ currentMenuId +'">' + menuName + ' <i class="fa fa-times-circle"></i></a>';
$('.menuTab').removeClass('active');
// 添加选项卡对应的iframe
@ -284,7 +287,9 @@ $(function() {
// 当前元素后面有同辈元素,使后面的一个元素处于活动状态
if ($(this).parents('.menuTab').next('.menuTab').size()) {
var activeId = $(this).parents('.menuTab').next('.menuTab:eq(0)').data('id');
var toShow = $(this).parents('.menuTab').next('.menuTab:eq(0)');
var activeId = toShow.data('id');
currentMenuId = toShow.attr('id');
$(this).parents('.menuTab').next('.menuTab:eq(0)').addClass('active');
$('.mainContent .RuoYi_iframe').each(function() {
@ -316,7 +321,9 @@ $(function() {
// 当前元素后面没有同辈元素,使当前元素的上一个元素处于活动状态
if ($(this).parents('.menuTab').prev('.menuTab').size()) {
var activeId = $(this).parents('.menuTab').prev('.menuTab:last').data('id');
var toShow = $(this).parents('.menuTab').prev('.menuTab:last');
var activeId = toShow.data('id');
currentMenuId = toShow.attr('id');
$(this).parents('.menuTab').prev('.menuTab:last').addClass('active');
$('.mainContent .RuoYi_iframe').each(function() {
if ($(this).data('id') == activeId) {
@ -376,6 +383,7 @@ $(function() {
function activeTab() {
if (!$(this).hasClass('active')) {
var currentId = $(this).data('id');
currentMenuId = $(this).attr('id');
// 显示tab对应的内容区
$('.mainContent .RuoYi_iframe').each(function() {
if ($(this).data('id') == currentId) {

8
ruoyi-admin/src/main/resources/templates/index.html
View File

@ -61,14 +61,16 @@
</a>
<ul class="nav nav-second-level collapse">
<li th:each="cmenu : ${menu.children}">
<a th:if="${#lists.isEmpty(cmenu.children)}" th:class="${cmenu.target == ''} ? |menuItem| : ${cmenu.target}" th:utext="${cmenu.menuName}" th:href="@{${cmenu.url}}">二级菜单</a>
<a th:if="${#lists.isEmpty(cmenu.children)}" th:class="${cmenu.target == ''} ? |menuItem| : ${cmenu.target}" th:utext="${cmenu.menuName}" th:href="@{${cmenu.url}}" th:id="${cmenu.menuId}">二级菜单</a>
<a th:if="${not #lists.isEmpty(cmenu.children)}" href="#">[[${cmenu.menuName}]]<span class="fa arrow"></span></a>
<ul th:if="${not #lists.isEmpty(cmenu.children)}" class="nav nav-third-level">
<li th:each="emenu : ${cmenu.children}">
<a th:if="${#lists.isEmpty(emenu.children)}" th:class="${emenu.target == ''} ? |menuItem| : ${emenu.target}" th:text="${emenu.menuName}" th:href="@{${emenu.url}}">三级菜单</a>
<a th:if="${#lists.isEmpty(emenu.children)}" th:class="${emenu.target == ''} ? |menuItem| : ${emenu.target}" th:text="${emenu.menuName}" th:href="@{${emenu.url}}" th:id="${cmenu.menuId}">三级菜单</a>
<a th:if="${not #lists.isEmpty(emenu.children)}" href="#">[[${emenu.menuName}]]<span class="fa arrow"></span></a>
<ul th:if="${not #lists.isEmpty(emenu.children)}" class="nav nav-four-level">
<li th:each="fmenu : ${emenu.children}"><a th:if="${#lists.isEmpty(fmenu.children)}" th:class="${fmenu.target == ''} ? |menuItem| : ${fmenu.target}" th:text="${fmenu.menuName}" th:href="@{${fmenu.url}}">四级菜单</a></li>
<li th:each="fmenu : ${emenu.children}">
<a th:if="${#lists.isEmpty(fmenu.children)}" th:class="${fmenu.target == ''} ? |menuItem| : ${fmenu.target}" th:text="${fmenu.menuName}" th:href="@{${fmenu.url}}" th:id="${cmenu.menuId}">四级菜单</a>
</li>
</ul>
</li>
</ul>

12
ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java
View File

@ -11,17 +11,13 @@ import java.lang.annotation.Target;
*
* @author ruoyi
*/
@Target(ElementType.METHOD)
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface DataScope {
/**
* 部门表的别名
* 业务表的所属用户的字段名称过滤仅本人的数据权限,
* 该字段的类型为{@link com.ruoyi.system.domain.SysUser}
*/
public String deptAlias() default "";
/**
* 用户表的别名
*/
public String userAlias() default "";
String userFieldName() default "";
}

25
ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScopes.java Normal file
View File

@ -0,0 +1,25 @@
package com.ruoyi.common.annotation;
public enum DataScopes implements Comparable<DataScopes>{
/**
* 全部数据权限
*/
DATA_SCOPE_ALL,
/**
* 自定数据权限
*/
DATA_SCOPE_CUSTOM,
/**
* 部门数据权限
*/
DATA_SCOPE_DEPT,
/**
* 部门及以下数据权限
*/
DATA_SCOPE_DEPT_AND_CHILD,
/**
* 仅本人数据权限
*/
DATA_SCOPE_SELF,
;
}

4
ruoyi-common/src/main/java/com/ruoyi/common/base/BaseRepository.java
View File

@ -5,9 +5,11 @@ import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
import org.springframework.data.querydsl.QuerydslPredicateExecutor;
import org.springframework.data.repository.NoRepositoryBean;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.Predicate;
@NoRepositoryBean
public interface BaseRepository<T, ID> extends JpaRepository<T, ID>,
JpaSpecificationExecutor<T>,
QuerydslPredicateExecutor<T> {
}

7
ruoyi-common/src/main/java/com/ruoyi/common/base/BaseService.java
View File

@ -1,9 +1,6 @@
package com.ruoyi.common.base;
import com.querydsl.core.types.dsl.BooleanExpression;
import com.querydsl.core.types.dsl.ComparableExpression;
import com.querydsl.core.types.dsl.NumberPath;
import com.querydsl.core.types.dsl.StringPath;
import com.querydsl.core.types.dsl.*;
import com.ruoyi.common.utils.querydsl.ExpressionUtils;
public class BaseService {
@ -12,7 +9,7 @@ public class BaseService {
return ExpressionUtils.buildLike(path, value);
}
protected <T extends Comparable<T>> BooleanExpression buildEqual(ComparableExpression<T> path, T value){
protected <T extends Comparable<T>> BooleanExpression buildEqual(ComparableExpressionBase<T> path, T value){
return ExpressionUtils.buildEqual(path, value);
}

1
ruoyi-common/src/main/java/com/ruoyi/common/core/controller/BaseController.java
View File

@ -171,4 +171,5 @@ public class BaseController {
public String redirect(String url) {
return StringUtils.format("redirect:{}", url);
}
}

230
ruoyi-common/src/main/java/com/ruoyi/common/repository/DataScopeRepository.java Normal file
View File

@ -0,0 +1,230 @@
package com.ruoyi.common.repository;
import com.querydsl.core.types.OrderSpecifier;
import com.querydsl.core.types.Predicate;
import org.springframework.data.domain.Example;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.domain.Sort;
import org.springframework.data.jpa.domain.Specification;
import org.springframework.data.jpa.repository.support.*;
import org.springframework.data.querydsl.QuerydslPredicateExecutor;
import org.springframework.lang.Nullable;
import org.springframework.util.Assert;
import javax.persistence.EntityManager;
import java.io.Serializable;
import java.util.List;
import java.util.Optional;
public class DataScopeRepository<T, ID extends Serializable> implements JpaRepositoryImplementation<T, ID>,
QuerydslPredicateExecutor<T> {
private @Nullable
CrudMethodMetadata metadata;
private SimpleJpaRepository<T, ID> simpleJpaRepository;
private QuerydslPredicateExecutor<T> querydslPredicateExecutor;
public DataScopeRepository(JpaEntityInformation<T, ?> entityInformation, EntityManager entityManager) {
Assert.notNull(entityInformation, "JpaEntityInformation must not be null!");
Assert.notNull(entityManager, "EntityManager must not be null!");
this.simpleJpaRepository = new SimpleJpaRepository<T, ID>(entityInformation, entityManager);
}
public DataScopeRepository(Class<T> domainClass, EntityManager em) {
this.simpleJpaRepository = new SimpleJpaRepository<T, ID>(JpaEntityInformationSupport.getEntityInformation(domainClass, em), em);
}
@Override
public void setRepositoryMethodMetadata(CrudMethodMetadata crudMethodMetadata) {
this.metadata = crudMethodMetadata;
simpleJpaRepository.setRepositoryMethodMetadata(crudMethodMetadata);
}
@Override
public List<T> findAll() {
return simpleJpaRepository.findAll();
}
@Override
public List<T> findAll(Sort sort) {
return null;
}
@Override
public Page<T> findAll(Pageable pageable) {
return null;
}
@Override
public List<T> findAllById(Iterable<ID> ids) {
return null;
}
@Override
public long count() {
return 0;
}
@Override
public void deleteById(ID id) {
}
@Override
public void delete(T entity) {
}
@Override
public void deleteAll(Iterable<? extends T> entities) {
}
@Override
public void deleteAll() {
}
@Override
public <S extends T> S save(S entity) {
return null;
}
@Override
public <S extends T> List<S> saveAll(Iterable<S> entities) {
return null;
}
@Override
public Optional<T> findById(ID id) {
return Optional.empty();
}
@Override
public boolean existsById(ID id) {
return false;
}
@Override
public void flush() {
}
@Override
public <S extends T> S saveAndFlush(S entity) {
return null;
}
@Override
public void deleteInBatch(Iterable<T> entities) {
}
@Override
public void deleteAllInBatch() {
}
@Override
public T getOne(ID id) {
return null;
}
@Override
public <S extends T> Optional<S> findOne(Example<S> example) {
return Optional.empty();
}
@Override
public <S extends T> List<S> findAll(Example<S> example) {
return null;
}
@Override
public <S extends T> List<S> findAll(Example<S> example, Sort sort) {
return null;
}
@Override
public <S extends T> Page<S> findAll(Example<S> example, Pageable pageable) {
return null;
}
@Override
public <S extends T> long count(Example<S> example) {
return 0;
}
@Override
public <S extends T> boolean exists(Example<S> example) {
return false;
}
@Override
public Optional<T> findOne(Specification<T> spec) {
return Optional.empty();
}
@Override
public List<T> findAll(Specification<T> spec) {
return null;
}
@Override
public Page<T> findAll(Specification<T> spec, Pageable pageable) {
return null;
}
@Override
public List<T> findAll(Specification<T> spec, Sort sort) {
return null;
}
@Override
public long count(Specification<T> spec) {
return 0;
}
@Override
public Optional<T> findOne(Predicate predicate) {
return querydslPredicateExecutor.findOne(predicate);
}
@Override
public Iterable<T> findAll(Predicate predicate) {
return querydslPredicateExecutor.findAll(predicate);
}
@Override
public Iterable<T> findAll(Predicate predicate, Sort sort) {
return querydslPredicateExecutor.findAll(predicate, sort);
}
@Override
public Iterable<T> findAll(Predicate predicate, OrderSpecifier<?>... orders) {
return querydslPredicateExecutor.findAll(predicate, orders);
}
@Override
public Iterable<T> findAll(OrderSpecifier<?>... orders) {
return querydslPredicateExecutor.findAll(orders);
}
@Override
public Page<T> findAll(Predicate predicate, Pageable pageable) {
return querydslPredicateExecutor.findAll(predicate, pageable);
}
@Override
public long count(Predicate predicate) {
return querydslPredicateExecutor.count(predicate);
}
@Override
public boolean exists(Predicate predicate) {
return querydslPredicateExecutor.exists(predicate);
}
}

7
ruoyi-common/src/main/java/com/ruoyi/common/utils/querydsl/ExpressionUtils.java
View File

@ -1,9 +1,6 @@
package com.ruoyi.common.utils.querydsl;
import com.querydsl.core.types.dsl.BooleanExpression;
import com.querydsl.core.types.dsl.ComparableExpression;
import com.querydsl.core.types.dsl.NumberPath;
import com.querydsl.core.types.dsl.StringPath;
import com.querydsl.core.types.dsl.*;
/**
* QueryDsl 构建查询条件的工具类
@ -35,7 +32,7 @@ public class ExpressionUtils {
* @param <T>
* @return
*/
public static <T extends Comparable<T>> BooleanExpression buildEqual(ComparableExpression<T> path, T value){
public static <T extends Comparable<T>> BooleanExpression buildEqual(ComparableExpressionBase<T> path, T value){
return path.eq(value);
}

120
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
View File

@ -1,20 +1,32 @@
package com.ruoyi.framework.aspectj;
import java.lang.reflect.Method;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.Signature;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import com.ruoyi.common.annotation.DataScope;
import com.ruoyi.common.core.domain.BaseEntity;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.util.ShiroUtils;
import com.ruoyi.system.domain.SysRole;
import com.ruoyi.system.domain.SysUser;
import com.ruoyi.system.service.ISysUserService;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.Signature;
import org.aspectj.lang.annotation.After;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.Root;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
/**
* 数据过滤处理
@ -24,35 +36,11 @@ import com.ruoyi.system.domain.SysUser;
@Aspect
@Component
public class DataScopeAspect {
/**
* 全部数据权限
*/
public static final String DATA_SCOPE_ALL = "1";
/**
* 自定数据权限
*/
public static final String DATA_SCOPE_CUSTOM = "2";
/**
* 部门数据权限
*/
public static final String DATA_SCOPE_DEPT = "3";
/**
* 部门及以下数据权限
*/
public static final String DATA_SCOPE_DEPT_AND_CHILD = "4";
/**
* 仅本人数据权限
*/
public static final String DATA_SCOPE_SELF = "5";
/**
* 数据权限过滤关键字
*/
public static final String DATA_SCOPE = "dataScope";
@Autowired
private ISysUserService userService;
@PersistenceContext
private EntityManager entityManager;
// 配置织入点
@Pointcut("@annotation(com.ruoyi.common.annotation.DataScope)")
@ -64,19 +52,25 @@ public class DataScopeAspect {
handleDataScope(point);
}
@After("dataScopePointCut()")
public void doAfter(JoinPoint point) throws Throwable{
DataScopeContextHolder.clear();
}
protected void handleDataScope(final JoinPoint joinPoint) {
// 获得注解
SysUser currentUser = ShiroUtils.getSysUser();
DataScope controllerDataScope = getAnnotationLog(joinPoint);
if (controllerDataScope == null) {
return;
}
// 获取当前的用户
SysUser currentUser = ShiroUtils.getSysUser();
if (currentUser != null) {
// 如果是超级管理员则不过滤数据
if (!currentUser.isAdmin()) {
dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
controllerDataScope.userAlias());
dataScopeFilter(joinPoint, currentUser, controllerDataScope);
}
}
}
@ -86,40 +80,30 @@ public class DataScopeAspect {
*
* @param joinPoint 切点
* @param user 用户
* @param deptAlias 别名
*/
public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias) {
StringBuilder sqlString = new StringBuilder();
private void dataScopeFilter(JoinPoint joinPoint, SysUser user, DataScope controllerDataScope) {
user = userService.selectUserWithRolesAndPostsById(user.getUserId());
for (SysRole role : user.getRoles()) {
String dataScope = role.getDataScope();
if (DATA_SCOPE_ALL.equals(dataScope)) {
sqlString = new StringBuilder();
CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
List<Predicate> predicates = new ArrayList<>();
Set<SysRole> roles = user.getRoles();
for(SysRole sysRole : roles){
switch (sysRole.getDataScope()){
case DATA_SCOPE_DEPT: //当前部门
break;
case DATA_SCOPE_SELF: //自己
break;
case DATA_SCOPE_CUSTOM: //自定义
break;
case DATA_SCOPE_DEPT_AND_CHILD: //子部门
break;
default:
//无需过滤
break;
} else if (DATA_SCOPE_CUSTOM.equals(dataScope)) {
sqlString.append(StringUtils.format(
" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias,
role.getRoleId()));
} else if (DATA_SCOPE_DEPT.equals(dataScope)) {
sqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, user.getDept().getDeptId()));
} else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
sqlString.append(StringUtils.format(
" OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
deptAlias, user.getDept().getDeptId(), user.getDept().getDeptId()));
} else if (DATA_SCOPE_SELF.equals(dataScope)) {
if (StringUtils.isNotBlank(userAlias)) {
sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId()));
} else {
// 数据权限为仅本人且没有userAlias别名不查询任何数据
sqlString.append(" OR 1=0 ");
}
}
}
if (StringUtils.isNotBlank(sqlString.toString())) {
BaseEntity baseEntity = (BaseEntity) joinPoint.getArgs()[0];
baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
}
DataScopeContextHolder.set(ExpressionUtils.anyOf(predicates));
}
/**

20
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeContextHolder.java Normal file
View File

@ -0,0 +1,20 @@
package com.ruoyi.framework.aspectj;
import com.querydsl.core.types.Predicate;
public class DataScopeContextHolder {
private static ThreadLocal<Predicate> threadLocal = new ThreadLocal<>();
public static void set(Predicate predicate){
threadLocal.set(predicate);
}
public static void clear(){
threadLocal.remove();
}
public static Predicate get(){
return threadLocal.get();
}
}

60
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/MySpecification.java Normal file
View File

@ -0,0 +1,60 @@
package com.ruoyi.framework.aspectj;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.framework.util.ShiroUtils;
import com.ruoyi.system.domain.SysRole;
import com.ruoyi.system.domain.SysUser;
import com.ruoyi.system.service.ISysUserService;
import org.springframework.data.jpa.domain.Specification;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import java.util.ArrayList;
import java.util.List;
public abstract class MySpecification<T> implements Specification<T> {
@Override
public Predicate toPredicate(Root<T> root, CriteriaQuery<?> query, CriteriaBuilder criteriaBuilder) {
List<Predicate> predicates = new ArrayList<>();
//custom filter
addPredicate(root, query, criteriaBuilder, predicates);
//datascope filter
Predicate predicate = addDataScopeFilter(root, query, criteriaBuilder);
predicates.add(predicate);
//条件之间是 and 关系
return criteriaBuilder.and(predicates.toArray(new Predicate[predicates.size()]));
}
public abstract void addPredicate(Root<T> root, CriteriaQuery<?> query, CriteriaBuilder criteriaBuilder, List<Predicate> predicates);
protected Predicate addDataScopeFilter(Root<T> root, CriteriaQuery<?> query, CriteriaBuilder criteriaBuilder){
List<Predicate> predicates = new ArrayList<>();
ISysUserService userService = SpringUtils.getBean(ISysUserService.class);
SysUser sysUser = userService.selectUserWithRolesAndPostsById(ShiroUtils.getUserId());
if(!sysUser.isAdmin()){
for(SysRole sysRole : sysUser.getRoles()){
switch (sysRole.getDataScope()){
case DATA_SCOPE_DEPT_AND_CHILD:
break;
case DATA_SCOPE_CUSTOM:
break;
case DATA_SCOPE_SELF:
break;
case DATA_SCOPE_DEPT:
break;
}
}
}
//条件之间是 or 关系
return criteriaBuilder.or(predicates.toArray(new Predicate[predicates.size()]));
}
}

7
ruoyi-system/src/main/java/com/ruoyi/system/domain/SysRole.java
View File

@ -1,5 +1,6 @@
package com.ruoyi.system.domain;
import com.ruoyi.common.annotation.DataScopes;
import com.ruoyi.common.annotation.Excel;
import com.ruoyi.common.annotation.Excel.ColumnType;
import com.ruoyi.common.core.domain.BaseEntity;
@ -54,7 +55,7 @@ public class SysRole extends BaseEntity {
* 数据范围1所有数据权限2自定义数据权限3本部门数据权限4本部门及以下数据权限
*/
@Excel(name = "数据范围", readConverterExp = "1=所有数据权限,2=自定义数据权限,3=本部门数据权限,4=本部门及以下数据权限")
private String dataScope;
private DataScopes dataScope;
/**
* 角色状态0正常 1停用
@ -111,11 +112,11 @@ public class SysRole extends BaseEntity {
return roleId != null && 1L == roleId;
}
public String getDataScope() {
public DataScopes getDataScope() {
return dataScope;
}
public void setDataScope(String dataScope) {
public void setDataScope(DataScopes dataScope) {
this.dataScope = dataScope;
}

23
ruoyi-system/src/main/java/com/ruoyi/system/domain/converter/DataScopesConverter.java Normal file
View File

@ -0,0 +1,23 @@
package com.ruoyi.system.domain.converter;
import com.ruoyi.common.annotation.DataScopes;
import javax.persistence.AttributeConverter;
import javax.persistence.Converter;
import java.util.Arrays;
@Converter(autoApply = true)
public class DataScopesConverter implements AttributeConverter<DataScopes, String> {
@Override
public String convertToDatabaseColumn(DataScopes attribute) {
return attribute != null ? attribute.name() : null;
}
@Override
public DataScopes convertToEntityAttribute(String dbData) {
return Arrays.stream(DataScopes.values())
.filter(dataScopes -> dataScopes.name().equals(dbData))
.findFirst()
.orElse(DataScopes.DATA_SCOPE_ALL);
}
}

4
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysRoleService.java
View File

@ -1,6 +1,7 @@
package com.ruoyi.system.service;
import com.ruoyi.system.domain.SysRole;
import com.ruoyi.system.domain.SysUser;
import com.ruoyi.system.domain.SysUserRole;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
@ -18,9 +19,10 @@ public interface ISysRoleService {
* 根据条件分页查询角色数据
*
* @param role 角色信息
* @param user
* @return 角色数据集合信息
*/
public Page<SysRole> selectRoleList(SysRole role, Pageable pageable);
public Page<SysRole> selectRoleList(SysRole role, Pageable pageable, SysUser user);
/**
* 根据用户ID查询角色

4
ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java
View File

@ -1,10 +1,12 @@
package com.ruoyi.system.service;
import com.ruoyi.system.domain.SysDept;
import com.ruoyi.system.domain.SysUser;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import java.util.List;
import java.util.Set;
/**
* 用户 业务层
@ -169,4 +171,6 @@ public interface ISysUserService {
* @return 结果
*/
public void changeStatus(SysUser user);
Set<SysDept> getUserRoleDepts(Long userId);
}

46
ruoyi-system/src/main/java/com/ruoyi/system/service/base/BusinessService.java Normal file
View File

@ -0,0 +1,46 @@
package com.ruoyi.system.service.base;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import com.querydsl.core.types.dsl.ListPath;
import com.ruoyi.common.base.BaseService;
import com.ruoyi.system.domain.QSysDept;
import com.ruoyi.system.domain.SysDept;
import com.ruoyi.system.service.ISysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
public class BusinessService extends BaseService {
@Autowired
private ISysUserService userService;
/**
* 过滤数据权限
* @param path dept属性
* @param userId 当前用户id
* @return
*/
protected Predicate buildDataPermission(QSysDept path, Long userId){
Set<SysDept> depts = userService.getUserRoleDepts(userId);
List<Predicate> predicates = new ArrayList<>();
predicates.add(ExpressionUtils.in(path, depts));
return ExpressionUtils.allOf(predicates);
}
/**
* 过滤数据权限
* @param path dept属性
* @param userId 当前用户id
* @return
*/
protected Predicate buildDataPermission(ListPath<SysDept, QSysDept> path, Long userId){
Set<SysDept> depts = userService.getUserRoleDepts(userId);
List<Predicate> predicates = new ArrayList<>();
predicates.add(ExpressionUtils.in(path.any(), depts));
return ExpressionUtils.allOf(predicates);
}
}

20
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
View File

@ -2,7 +2,7 @@ package com.ruoyi.system.service.impl;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import com.ruoyi.common.base.BaseService;
import com.ruoyi.common.annotation.DataScope;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.domain.BaseEntity;
import com.ruoyi.common.core.text.Convert;
@ -15,6 +15,7 @@ import com.ruoyi.system.domain.SysUserRole;
import com.ruoyi.system.repository.SysRoleRepository;
import com.ruoyi.system.repository.SysUserRepository;
import com.ruoyi.system.service.ISysRoleService;
import com.ruoyi.system.service.base.BusinessService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
@ -28,8 +29,9 @@ import java.util.*;
*
* @author ruoyi
*/
@DataScope(userFieldName = "user")
@Service
public class SysRoleServiceImpl extends BaseService implements ISysRoleService {
public class SysRoleServiceImpl extends BusinessService implements ISysRoleService {
@Autowired
private SysRoleRepository sysRoleRepository;
@ -40,14 +42,15 @@ public class SysRoleServiceImpl extends BaseService implements ISysRoleService {
* 根据条件分页查询角色数据
*
* @param role 角色信息
* @param user
* @return 角色数据集合信息
*/
@Override
public Page<SysRole> selectRoleList(SysRole role, Pageable pageable) {
return sysRoleRepository.findAll(getPredicate(role), pageable);
public Page<SysRole> selectRoleList(SysRole role, Pageable pageable, SysUser user) {
return sysRoleRepository.findAll(getPredicate(role, user), pageable);
}
private Predicate getPredicate(SysRole role){
public Predicate getPredicate(SysRole role, SysUser user){
QSysRole qSysRole = QSysRole.sysRole;
List<Predicate> predicates = new ArrayList<>();
predicates.add(buildEqual(qSysRole.delFlag, BaseEntity.NOT_DELETED));
@ -60,8 +63,8 @@ public class SysRoleServiceImpl extends BaseService implements ISysRoleService {
if(StringUtils.isNotEmpty(role.getRoleKey())){
predicates.add(buildLike(qSysRole.roleKey, role.getRoleKey()));
}
if(StringUtils.isNotEmpty(role.getDataScope())){
predicates.add(buildEqual(qSysRole.dataScope, role.getDataScope()));
if(role.getDataScope() != null){
predicates.add(buildEqual(qSysRole.dataScope, role.getDataScope().name()));
}
if(role.getStartTime() != null){
predicates.add(buildGreaterThanOrEqualTo(qSysRole.createTime, role.getStartTime()));
@ -69,6 +72,7 @@ public class SysRoleServiceImpl extends BaseService implements ISysRoleService {
if(role.getEndTime() != null){
predicates.add(buildLessThanOrEqualTo(qSysRole.createTime, role.getEndTime()));
}
// predicates.add(buildDataPermission(qSysRole.depts, user.getUserId()));
return ExpressionUtils.allOf(predicates);
}
@ -108,7 +112,7 @@ public class SysRoleServiceImpl extends BaseService implements ISysRoleService {
*/
@Override
public List<SysRole> selectRoleAll() {
return sysRoleRepository.findAll(getPredicate(new SysRole()), Pageable.unpaged()).getContent();
return sysRoleRepository.findAll(getPredicate(new SysRole(), new SysUser()), Pageable.unpaged()).getContent();
}
/**

21
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
View File

@ -9,8 +9,10 @@ import com.ruoyi.common.exception.BusinessException;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.security.Md5Utils;
import com.ruoyi.system.domain.QSysUser;
import com.ruoyi.system.domain.SysDept;
import com.ruoyi.system.domain.SysRole;
import com.ruoyi.system.domain.SysUser;
import com.ruoyi.system.repository.SysRoleRepository;
import com.ruoyi.system.repository.SysUserRepository;
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ISysUserService;
@ -28,10 +30,7 @@ import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Set;
import java.util.*;
/**
* 用户 业务层处理
@ -44,9 +43,10 @@ public class SysUserServiceImpl extends BaseService implements ISysUserService {
@Autowired
private SysUserRepository sysUserRepository;
@Autowired
private ISysConfigService configService;
@Autowired
private SysRoleRepository sysRoleRepository;
/**
* 根据条件分页查询用户列表
@ -414,4 +414,15 @@ public class SysUserServiceImpl extends BaseService implements ISysUserService {
public void changeStatus(SysUser user) {
sysUserRepository.changeStatus(user.getStatus(), user.getUserId());
}
public Set<SysDept> getUserRoleDepts(Long userId){
SysUser user = sysUserRepository.findSysUserByDelFlagAndUserId(BaseEntity.NOT_DELETED, userId);
Set<SysDept> depts = new HashSet<>();
Set<SysRole> roles = user.getRoles();
for(SysRole sysRole : roles){
sysRole = sysRoleRepository.findByRoleId(sysRole.getRoleId());
depts.addAll(sysRole.getDepts());
}
return depts;
}
}