From 90b91ea737ea01dbbdb9998c5162e5ab48cfc5f6 Mon Sep 17 00:00:00 2001
From: zablo <zhiqiang-ge@163.com>
Date: Tue, 23 Jan 2024 07:04:29 +0000
Subject: [PATCH] =?UTF-8?q?update=20ruoyi-admin/src/main/java/com/ruoyi/we?=
 =?UTF-8?q?b/controller/system/SysUserController.java.=20addSave=EF=BC=8C?=
 =?UTF-8?q?=20editSave=EF=BC=8C=20insertAuthRole=E5=90=8E=E5=8F=B0?=
 =?UTF-8?q?=E6=96=B9=E6=B3=95=E5=AF=B9=E7=94=A8=E6=88=B7=E7=9A=84deptId=20?=
 =?UTF-8?q?=E5=92=8CroleId=E6=B2=A1=E6=9C=89DataScope=E6=A3=80=E6=9F=A5?=
 =?UTF-8?q?=E3=80=82=20=E5=BD=93=E9=99=90=E5=88=B6=E6=95=B0=E6=8D=AE?=
 =?UTF-8?q?=E8=8C=83=E5=9B=B4=E7=9A=84=E8=A7=92=E8=89=B2=E4=BD=BF=E7=94=A8?=
 =?UTF-8?q?=E7=94=A8=E6=88=B7=E7=AE=A1=E7=90=86=E6=A8=A1=E5=9D=97=EF=BC=8C?=
 =?UTF-8?q?=E6=9E=84=E9=80=A0=E8=B6=85=E8=B6=8A=E6=95=B0=E6=8D=AE=E8=8C=83?=
 =?UTF-8?q?=E5=9B=B4=E7=9A=84deptId=E5=92=8CroleId=E5=8F=82=E6=95=B0?=
 =?UTF-8?q?=E7=9A=84=E8=AF=9D=E4=BC=9A=E8=B6=8A=E6=9D=83=E8=AE=BE=E7=BD=AE?=
 =?UTF-8?q?=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zablo <zhiqiang-ge@163.com>
---
 .../web/controller/system/SysUserController.java | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
index b1f6dd585..cd99421e6 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@@ -130,6 +130,12 @@ public class SysUserController extends BaseController
     @ResponseBody
     public AjaxResult addSave(@Validated SysUser user)
     {
+         //检查部门数据权限，检测角色权限
+        deptService.checkDeptDataScope(user.getDeptId());
+        for (Long roleId :user.getRoleIds()){
+            roleService.checkRoleDataScope(roleId); 
+        }
+
         if (!userService.checkLoginNameUnique(user))
         {
             return error("新增用户'" + user.getLoginName() + "'失败，登录账号已存在");
@@ -189,6 +195,13 @@ public class SysUserController extends BaseController
     {
         userService.checkUserAllowed(user);
         userService.checkUserDataScope(user.getUserId());
+        
+        //检查部门数据权限，检测角色权限
+        deptService.checkDeptDataScope(user.getDeptId());
+        for (Long roleId :user.getRoleIds()){
+            roleService.checkRoleDataScope(roleId); 
+        }
+
         if (!userService.checkLoginNameUnique(user))
         {
             return error("修改用户'" + user.getLoginName() + "'失败，登录账号已存在");
@@ -259,6 +272,9 @@ public class SysUserController extends BaseController
     public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
     {
         userService.checkUserDataScope(userId);
+        for (Long roleId :roleIds){
+            roleService.checkRoleDataScope(roleId);
+        }
         userService.insertUserAuth(userId, roleIds);
         AuthorizationUtils.clearAllCachedAuthorizationInfo();
         return success();