Example 36 with SysRole
use of com.ruoyi.common.core.domain.entity.SysRole in project RuoYi-Vue by yangzongzhuan.
the class SysRoleServiceImpl method selectRolesByUserId.
/**
* 根据用户ID查询角色
*
* @param userId 用户ID
* @return 角色列表
*/
@Override
public List<SysRole> selectRolesByUserId(Long userId) {
List<SysRole> userRoles = roleMapper.selectRolePermissionByUserId(userId);
List<SysRole> roles = selectRoleAll();
for (SysRole role : roles) {
for (SysRole userRole : userRoles) {
if (role.getRoleId().longValue() == userRole.getRoleId().longValue()) {
role.setFlag(true);
break;
}
}
}
return roles;
}
Also used :
SysRole(com.ruoyi.common.core.domain.entity.SysRole)
Example 37 with SysRole
use of com.ruoyi.common.core.domain.entity.SysRole in project RuoYi-Vue by yangzongzhuan.
the class SysRoleServiceImpl method selectRolePermissionByUserId.
/**
* 根据用户ID查询权限
*
* @param userId 用户ID
* @return 权限列表
*/
@Override
public Set<String> selectRolePermissionByUserId(Long userId) {
List<SysRole> perms = roleMapper.selectRolePermissionByUserId(userId);
Set<String> permsSet = new HashSet<>();
for (SysRole perm : perms) {
if (StringUtils.isNotNull(perm)) {
permsSet.addAll(Arrays.asList(perm.getRoleKey().trim().split(",")));
}
}
return permsSet;
}Example 38 with SysRole
use of com.ruoyi.common.core.domain.entity.SysRole in project RuoYi-Vue by yangzongzhuan.
the class SysRoleServiceImpl method checkRoleDataScope.
/**
* 校验角色是否有数据权限
*
* @param roleId 角色id
*/
@Override
public void checkRoleDataScope(Long roleId) {
if (!SysUser.isAdmin(SecurityUtils.getUserId())) {
SysRole role = new SysRole();
role.setRoleId(roleId);
List<SysRole> roles = SpringUtils.getAopProxy(this).selectRoleList(role);
if (StringUtils.isEmpty(roles)) {
throw new ServiceException("没有权限访问角色数据!");
}
}
}
Also used :
ServiceException(com.ruoyi.common.exception.ServiceException)
SysRole(com.ruoyi.common.core.domain.entity.SysRole)
Example 39 with SysRole
use of com.ruoyi.common.core.domain.entity.SysRole in project RuoYi-Vue by yangzongzhuan.
the class SysUserController method authRole.
/**
* 根据用户编号获取授权角色
*/
@PreAuthorize("@ss.hasPermi('system:user:query')")
@GetMapping("/authRole/{userId}")
public AjaxResult authRole(@PathVariable("userId") Long userId) {
AjaxResult ajax = AjaxResult.success();
SysUser user = userService.selectUserById(userId);
List<SysRole> roles = roleService.selectRolesByUserId(userId);
ajax.put("user", user);
ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
return ajax;
}
Also used :
PathVariable(org.springframework.web.bind.annotation.PathVariable)
SysUser(com.ruoyi.common.core.domain.entity.SysUser)
TableDataInfo(com.ruoyi.common.core.page.TableDataInfo)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Autowired(org.springframework.beans.factory.annotation.Autowired)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
AjaxResult(com.ruoyi.common.core.domain.AjaxResult)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
StringUtils(com.ruoyi.common.utils.StringUtils)
PutMapping(org.springframework.web.bind.annotation.PutMapping)
SecurityUtils(com.ruoyi.common.utils.SecurityUtils)
ISysRoleService(com.ruoyi.system.service.ISysRoleService)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
DeleteMapping(org.springframework.web.bind.annotation.DeleteMapping)
BaseController(com.ruoyi.common.core.controller.BaseController)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Validated(org.springframework.validation.annotation.Validated)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Collectors(java.util.stream.Collectors)
RestController(org.springframework.web.bind.annotation.RestController)
BusinessType(com.ruoyi.common.enums.BusinessType)
List(java.util.List)
ISysUserService(com.ruoyi.system.service.ISysUserService)
UserConstants(com.ruoyi.common.constant.UserConstants)
Log(com.ruoyi.common.annotation.Log)
ExcelUtil(com.ruoyi.common.utils.poi.ExcelUtil)
MultipartFile(org.springframework.web.multipart.MultipartFile)
SysRole(com.ruoyi.common.core.domain.entity.SysRole)
ISysPostService(com.ruoyi.system.service.ISysPostService)
AjaxResult(com.ruoyi.common.core.domain.AjaxResult)
SysUser(com.ruoyi.common.core.domain.entity.SysUser)
SysRole(com.ruoyi.common.core.domain.entity.SysRole)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Example 40 with SysRole
use of com.ruoyi.common.core.domain.entity.SysRole in project RuoYi-Vue by yangzongzhuan.
the class DataScopeAspect method dataScopeFilter.
/**
* 数据范围过滤
*
* @param joinPoint 切点
* @param user 用户
* @param userAlias 别名
*/
public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias) {
StringBuilder sqlString = new StringBuilder();
for (SysRole role : user.getRoles()) {
String dataScope = role.getDataScope();
if (DATA_SCOPE_ALL.equals(dataScope)) {
sqlString = new StringBuilder();
break;
} else if (DATA_SCOPE_CUSTOM.equals(dataScope)) {
sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, role.getRoleId()));
} else if (DATA_SCOPE_DEPT.equals(dataScope)) {
sqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, user.getDeptId()));
} else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )", deptAlias, user.getDeptId(), user.getDeptId()));
} else if (DATA_SCOPE_SELF.equals(dataScope)) {
if (StringUtils.isNotBlank(userAlias)) {
sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId()));
} else {
// 数据权限为仅本人且没有userAlias别名不查询任何数据
sqlString.append(" OR 1=0 ");
}
}
}
if (StringUtils.isNotBlank(sqlString.toString())) {
Object params = joinPoint.getArgs()[0];
if (StringUtils.isNotNull(params) && params instanceof BaseEntity) {
BaseEntity baseEntity = (BaseEntity) params;
baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
}
}
}
Also used :
SysRole(com.ruoyi.common.core.domain.entity.SysRole)
BaseEntity(com.ruoyi.common.core.domain.BaseEntity)
Aggregations
SysRole (com.ruoyi.common.core.domain.entity.SysRole)44
SysUser (com.ruoyi.common.core.domain.entity.SysUser)15
Log (com.ruoyi.common.annotation.Log)9
UserConstants (com.ruoyi.common.constant.UserConstants)9
BaseController (com.ruoyi.common.core.controller.BaseController)9
TableDataInfo (com.ruoyi.common.core.page.TableDataInfo)9
BusinessType (com.ruoyi.common.enums.BusinessType)9
ServiceException (com.ruoyi.common.exception.ServiceException)9
StringUtils (com.ruoyi.common.utils.StringUtils)9
ExcelUtil (com.ruoyi.common.utils.poi.ExcelUtil)9
ISysPostService (com.ruoyi.system.service.ISysPostService)9
ISysRoleService (com.ruoyi.system.service.ISysRoleService)9
ISysUserService (com.ruoyi.system.service.ISysUserService)9
List (java.util.List)9
Collectors (java.util.stream.Collectors)9
Validated (org.springframework.validation.annotation.Validated)9
MultipartFile (org.springframework.web.multipart.MultipartFile)9
HttpServletResponse (javax.servlet.http.HttpServletResponse)8
SaCheckPermission (cn.dev33.satoken.annotation.SaCheckPermission)4
BCrypt (cn.dev33.satoken.secure.BCrypt)4
