wezone
/
Ry-master
10
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update 还原数据权限修改

This commit is contained in:
疯狂的狮子li 2021-05-29 19:44:33 +08:00
parent 57e071fe6b
commit 06513446a0
6 changed files with 19 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -74,7 +74,7 @@
关于数据权限
* 参考(用户,角色,部门)列表接口用法
* 从 bo.getParam().get("dataScope") 即可获取数据权限生成的SQL
* 目前仅支持 XML 方式使用(后续修改为支持MP)
关于vue与boot整合部署
* [前端静态资源如何整合到后端访问](https://doc.ruoyi.vip/ruoyi-vue/other/faq.html#前端静态资源如何整合到后端访问)

20
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
View File

@ -3,6 +3,7 @@ package com.ruoyi.framework.aspectj;
import cn.hutool.core.lang.Validator;
import cn.hutool.core.util.StrUtil;
import com.ruoyi.common.annotation.DataScope;
import com.ruoyi.common.core.domain.BaseEntity;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
@ -145,7 +146,7 @@ public class DataScopeAspect
if (StrUtil.isNotBlank(sqlString.toString()))
{
putDataScope(joinPoint, sqlString.substring(4));
putDataScope(joinPoint, "AND (" + sqlString.substring(4) + ")");
}
}
@ -181,12 +182,17 @@ public class DataScopeAspect
Object params = joinPoint.getArgs()[0];
if (Validator.isNotNull(params))
{
try {
Method getParams = params.getClass().getDeclaredMethod("getParams", null);
Map<String, Object> invoke = (Map<String, Object>) getParams.invoke(params, null);
invoke.put(DATA_SCOPE, sql);
} catch (Exception e) {
// 方法未找到 不处理
if(params instanceof BaseEntity) {
BaseEntity baseEntity = (BaseEntity) params;
baseEntity.getParams().put(DATA_SCOPE, "");
} else {
try {
Method getParams = params.getClass().getDeclaredMethod("getParams", null);
Map<String, Object> invoke = (Map<String, Object>) getParams.invoke(params, null);
invoke.put(DATA_SCOPE, sql);
} catch (Exception e) {
// 方法未找到 不处理
}
}
}
}

4
ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
View File

@ -40,9 +40,7 @@
AND status = #{status}
</if>
<!-- 数据范围过滤 -->
<if test="params.dataScope != null and params.dataScope != ''">
AND ( ${params.dataScope} )
</if>
${params.dataScope}
order by d.parent_id, d.order_num
</select>

8
ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
View File

@ -58,9 +58,7 @@
and date_format(r.create_time,'%y%m%d') &lt;= date_format(#{role.params.endTime},'%y%m%d')
</if>
<!-- 数据范围过滤 -->
<if test="role.params.dataScope != null and role.params.dataScope != ''">
AND ( ${role.params.dataScope} )
</if>
${role.params.dataScope}
order by r.role_sort
</select>
@ -83,9 +81,7 @@
and date_format(r.create_time,'%y%m%d') &lt;= date_format(#{params.endTime},'%y%m%d')
</if>
<!-- 数据范围过滤 -->
<if test="params.dataScope != null and params.dataScope != ''">
AND ( ${params.dataScope} )
</if>
${params.dataScope}
order by r.role_sort
</select>

8
ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml
View File

@ -106,9 +106,7 @@
ancestors) ))
</if>
<!-- 数据范围过滤 -->
<if test="user.params.dataScope != null and user.params.dataScope != ''">
AND ( ${user.params.dataScope} )
</if>
${user.params.dataScope}
</select>
<select id="selectUserList" parameterType="SysUser" resultMap="SysUserResult">
@ -137,9 +135,7 @@
ancestors) ))
</if>
<!-- 数据范围过滤 -->
<if test="params.dataScope != null and params.dataScope != ''">
AND ( ${params.dataScope} )
</if>
${params.dataScope}
</select>
<select id="selectUserByUserName" parameterType="String" resultMap="SysUserResult">

1
ruoyi-ui/src/views/index.vue
View File

@ -83,7 +83,6 @@
<el-collapse-item title="v2.2.1 - 2021-5-29">
<ol>
<li>add 增加 security 权限框架 @Async 异步注解配置</li>
<li>update 优化数据权限sql 解决MP apply注入附带 AND 语法问题</li>
<li>update 优化dataScope参数防止注入</li>
<li>update 优化参数&字典缓存操作</li>
<li>update 增加修改包名文档</li>