diff --git a/src/main/java/com/ruoyi/project/system/controller/SysUserController.java b/src/main/java/com/ruoyi/project/system/controller/SysUserController.java index 19c100e..ca5d2d2 100644 --- a/src/main/java/com/ruoyi/project/system/controller/SysUserController.java +++ b/src/main/java/com/ruoyi/project/system/controller/SysUserController.java @@ -124,6 +124,8 @@ public class SysUserController extends BaseController @PostMapping public AjaxResult add(@Validated @RequestBody SysUser user) { + deptService.checkDeptDataScope(user.getDeptId()); + roleService.checkRoleDataScope(user.getRoleIds()); if (!userService.checkUserNameUnique(user)) { return error("新增用户'" + user.getUserName() + "'失败,登录账号已存在"); @@ -151,6 +153,8 @@ public class SysUserController extends BaseController { userService.checkUserAllowed(user); userService.checkUserDataScope(user.getUserId()); + deptService.checkDeptDataScope(user.getDeptId()); + roleService.checkRoleDataScope(user.getRoleIds()); if (!userService.checkUserNameUnique(user)) { return error("修改用户'" + user.getUserName() + "'失败,登录账号已存在"); @@ -235,6 +239,7 @@ public class SysUserController extends BaseController public AjaxResult insertAuthRole(Long userId, Long[] roleIds) { userService.checkUserDataScope(userId); + roleService.checkRoleDataScope(roleIds); userService.insertUserAuth(userId, roleIds); return success(); } diff --git a/src/main/java/com/ruoyi/project/system/domain/SysUser.java b/src/main/java/com/ruoyi/project/system/domain/SysUser.java index 224d387..b415b10 100644 --- a/src/main/java/com/ruoyi/project/system/domain/SysUser.java +++ b/src/main/java/com/ruoyi/project/system/domain/SysUser.java @@ -22,7 +22,7 @@ public class SysUser extends BaseEntity private static final long serialVersionUID = 1L; /** 用户ID */ - @Excel(name = "用户序号", cellType = ColumnType.NUMERIC, prompt = "用户编号") + @Excel(name = "用户序号", type = Type.EXPORT, cellType = ColumnType.NUMERIC, prompt = "用户编号") private Long userId; /** 部门ID */ diff --git a/src/main/java/com/ruoyi/project/system/service/ISysRoleService.java b/src/main/java/com/ruoyi/project/system/service/ISysRoleService.java index 8bf0f4f..98367ef 100644 --- a/src/main/java/com/ruoyi/project/system/service/ISysRoleService.java +++ b/src/main/java/com/ruoyi/project/system/service/ISysRoleService.java @@ -85,9 +85,9 @@ public interface ISysRoleService /** * 校验角色是否有数据权限 * - * @param roleId 角色id + * @param roleIds 角色id */ - public void checkRoleDataScope(Long roleId); + public void checkRoleDataScope(Long... roleIds); /** * 通过角色ID查询角色使用数量 diff --git a/src/main/java/com/ruoyi/project/system/service/impl/SysDeptServiceImpl.java b/src/main/java/com/ruoyi/project/system/service/impl/SysDeptServiceImpl.java index b578017..a96a5ae 100644 --- a/src/main/java/com/ruoyi/project/system/service/impl/SysDeptServiceImpl.java +++ b/src/main/java/com/ruoyi/project/system/service/impl/SysDeptServiceImpl.java @@ -190,7 +190,7 @@ public class SysDeptServiceImpl implements ISysDeptService @Override public void checkDeptDataScope(Long deptId) { - if (!SysUser.isAdmin(SecurityUtils.getUserId())) + if (!SysUser.isAdmin(SecurityUtils.getUserId()) && StringUtils.isNotNull(deptId)) { SysDept dept = new SysDept(); dept.setDeptId(deptId); diff --git a/src/main/java/com/ruoyi/project/system/service/impl/SysRoleServiceImpl.java b/src/main/java/com/ruoyi/project/system/service/impl/SysRoleServiceImpl.java index f8e5390..1fe2055 100644 --- a/src/main/java/com/ruoyi/project/system/service/impl/SysRoleServiceImpl.java +++ b/src/main/java/com/ruoyi/project/system/service/impl/SysRoleServiceImpl.java @@ -192,19 +192,22 @@ public class SysRoleServiceImpl implements ISysRoleService /** * 校验角色是否有数据权限 * - * @param roleId 角色id + * @param roleIds 角色id */ @Override - public void checkRoleDataScope(Long roleId) + public void checkRoleDataScope(Long... roleIds) { if (!SysUser.isAdmin(SecurityUtils.getUserId())) { - SysRole role = new SysRole(); - role.setRoleId(roleId); - List roles = SpringUtils.getAopProxy(this).selectRoleList(role); - if (StringUtils.isEmpty(roles)) + for (Long roleId : roleIds) { - throw new ServiceException("没有权限访问角色数据!"); + SysRole role = new SysRole(); + role.setRoleId(roleId); + List roles = SpringUtils.getAopProxy(this).selectRoleList(role); + if (StringUtils.isEmpty(roles)) + { + throw new ServiceException("没有权限访问角色数据!"); + } } } } diff --git a/src/main/java/com/ruoyi/project/system/service/impl/SysUserServiceImpl.java b/src/main/java/com/ruoyi/project/system/service/impl/SysUserServiceImpl.java index a7bf99b..fcb1784 100644 --- a/src/main/java/com/ruoyi/project/system/service/impl/SysUserServiceImpl.java +++ b/src/main/java/com/ruoyi/project/system/service/impl/SysUserServiceImpl.java @@ -28,6 +28,7 @@ import com.ruoyi.project.system.mapper.SysUserMapper; import com.ruoyi.project.system.mapper.SysUserPostMapper; import com.ruoyi.project.system.mapper.SysUserRoleMapper; import com.ruoyi.project.system.service.ISysConfigService; +import com.ruoyi.project.system.service.ISysDeptService; import com.ruoyi.project.system.service.ISysUserService; /** @@ -58,6 +59,9 @@ public class SysUserServiceImpl implements ISysUserService @Autowired private ISysConfigService configService; + @Autowired + private ISysDeptService deptService; + @Autowired protected Validator validator; @@ -489,7 +493,6 @@ public class SysUserServiceImpl implements ISysUserService int failureNum = 0; StringBuilder successMsg = new StringBuilder(); StringBuilder failureMsg = new StringBuilder(); - String password = configService.selectConfigByKey("sys.user.initPassword"); for (SysUser user : userList) { try @@ -499,6 +502,8 @@ public class SysUserServiceImpl implements ISysUserService if (StringUtils.isNull(u)) { BeanValidators.validateWithException(validator, user); + deptService.checkDeptDataScope(user.getDeptId()); + String password = configService.selectConfigByKey("sys.user.initPassword"); user.setPassword(SecurityUtils.encryptPassword(password)); user.setCreateBy(operName); userMapper.insertUser(user); @@ -510,6 +515,7 @@ public class SysUserServiceImpl implements ISysUserService BeanValidators.validateWithException(validator, user); checkUserAllowed(u); checkUserDataScope(u.getUserId()); + deptService.checkDeptDataScope(user.getDeptId()); user.setUserId(u.getUserId()); user.setUpdateBy(operName); userMapper.updateUser(user);