数据权限
This commit is contained in:
@@ -1,6 +1,7 @@
|
||||
package org.nl.system.controller.permission;
|
||||
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
@@ -84,5 +85,26 @@ public class SysDataPermissionController {
|
||||
return new ResponseEntity<>(dataPermissionService.getDataPermissionOption(),HttpStatus.OK);
|
||||
}
|
||||
|
||||
@PostMapping("/saveDataPermission")
|
||||
@Log("保存数据权限")
|
||||
@ApiOperation("保存数据权限")
|
||||
public ResponseEntity<Object> saveDataPermission(@RequestBody JSONObject datas){
|
||||
dataPermissionService.savePermission(datas);
|
||||
return new ResponseEntity<>(HttpStatus.CREATED);
|
||||
}
|
||||
|
||||
@PostMapping("/dataShow")
|
||||
@Log("查看数据权限")
|
||||
@ApiOperation("查看数据权限")
|
||||
public ResponseEntity<Object> getDataShow(@RequestBody String id){
|
||||
return new ResponseEntity<>(dataPermissionService.getDataShow(id),HttpStatus.OK);
|
||||
}
|
||||
|
||||
@PostMapping("/dataDetail")
|
||||
@Log("查看数据明细")
|
||||
@ApiOperation("查看数据明细")
|
||||
public ResponseEntity<Object> getDataDetail(@RequestBody JSONObject data){
|
||||
return new ResponseEntity<>(dataPermissionService.getDataDetail(data),HttpStatus.OK);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,11 +1,14 @@
|
||||
package org.nl.system.service.permission;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||
import com.baomidou.mybatisplus.extension.service.IService;
|
||||
import org.nl.common.domain.query.PageQuery;
|
||||
import org.nl.system.service.dict.dao.Dict;
|
||||
import org.nl.system.service.permission.dao.SysDataPermission;
|
||||
import com.baomidou.mybatisplus.extension.service.IService;
|
||||
import org.nl.system.service.permission.dao.SysDataScope;
|
||||
import org.nl.system.service.permission.dto.SysDataPermissionQuery;
|
||||
import org.nl.system.service.user.dto.UserDataPermissionDto;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
@@ -30,7 +33,7 @@ public interface ISysDataPermissionService extends IService<SysDataPermission> {
|
||||
|
||||
/**
|
||||
* 新增数据权限
|
||||
* @param dto
|
||||
* @param permission
|
||||
*/
|
||||
void create(SysDataPermission permission);
|
||||
|
||||
@@ -56,5 +59,20 @@ public interface ISysDataPermissionService extends IService<SysDataPermission> {
|
||||
* 获取数据权限下拉框
|
||||
* @return
|
||||
*/
|
||||
Object getDataPermissionOption();
|
||||
List<SysDataPermission> getDataPermissionOption();
|
||||
|
||||
List<UserDataPermissionDto> getDataShow(String id);
|
||||
|
||||
/**
|
||||
* 保存数据权限
|
||||
* @param datas
|
||||
*/
|
||||
void savePermission(JSONObject datas);
|
||||
|
||||
/**
|
||||
* 数据展示
|
||||
* @param data
|
||||
* @return
|
||||
*/
|
||||
List<SysDataScope> getDataDetail(JSONObject data);
|
||||
}
|
||||
|
||||
@@ -0,0 +1,56 @@
|
||||
package org.nl.system.service.permission.dao;
|
||||
|
||||
import com.baomidou.mybatisplus.annotation.TableField;
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* 数据权限规则表
|
||||
* </p>
|
||||
*
|
||||
* @author generator
|
||||
* @since 2022-12-27
|
||||
*/
|
||||
@Data
|
||||
@EqualsAndHashCode(callSuper = false)
|
||||
@TableName("sys_data_scope")
|
||||
public class SysDataScope implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
/**
|
||||
* 当前用户
|
||||
*/
|
||||
private String selfUserId;
|
||||
|
||||
/**
|
||||
* 数据权限类型
|
||||
*/
|
||||
private String permissionScopeType;
|
||||
|
||||
/**
|
||||
* 部门权限列表
|
||||
*/
|
||||
private String deptId;
|
||||
|
||||
/**
|
||||
* 用户权限列表
|
||||
*/
|
||||
private String userId;
|
||||
|
||||
@TableField(exist = false)
|
||||
private String deptName;
|
||||
|
||||
@TableField(exist = false)
|
||||
private String personName;
|
||||
|
||||
@TableField(exist = false)
|
||||
private String permissionName;
|
||||
|
||||
@TableField(exist = false)
|
||||
private String permissionId;
|
||||
}
|
||||
@@ -1,7 +1,11 @@
|
||||
package org.nl.system.service.permission.dao.mapper;
|
||||
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||
import org.apache.ibatis.annotations.Param;
|
||||
import org.nl.system.service.permission.dao.SysDataPermission;
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||
import org.nl.system.service.permission.dao.SysDataScope;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
@@ -13,4 +17,15 @@ import org.nl.system.service.permission.dao.SysDataPermission;
|
||||
*/
|
||||
public interface SysDataPermissionMapper extends BaseMapper<SysDataPermission> {
|
||||
|
||||
List<String> findDataScopeUserIdBySelfUserIdAndScopeType(String userId, String permissionScopeType);
|
||||
|
||||
List<String> findDataScopeDeptIdBySelfUserIdAndScopeType(String userId, String permissionScopeType);
|
||||
|
||||
void deleteScopeBySelfUserId(String userId);
|
||||
|
||||
void insertDataScope(@Param("dataScope") SysDataScope dataScope);
|
||||
|
||||
void insertDataScopes(@Param("dataScope") SysDataScope dataScope);
|
||||
|
||||
List<SysDataScope> getDataDetail(String selfUserId, String permissionScopeType);
|
||||
}
|
||||
|
||||
@@ -1,5 +1,61 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
||||
<mapper namespace="org.nl.system.service.permission.dao.mapper.SysDataPermissionMapper">
|
||||
<insert id="insertDataScope">
|
||||
INSERT INTO sys_data_scope(self_user_id, permission_scope_type, user_id)
|
||||
VALUES (#{dataScope.selfUserId}, #{dataScope.permissionScopeType}, #{dataScope.userId})
|
||||
</insert>
|
||||
<insert id="insertDataScopes">
|
||||
INSERT INTO sys_data_scope(self_user_id, permission_scope_type, user_id, dept_id)
|
||||
VALUES (#{dataScope.selfUserId}, #{dataScope.permissionScopeType}, #{dataScope.userId}, #{dataScope.deptId})
|
||||
</insert>
|
||||
<delete id="deleteScopeBySelfUserId">
|
||||
DELETE FROM sys_data_scope WHERE self_user_id = #{userId}
|
||||
</delete>
|
||||
|
||||
<select id="findDataScopeUserIdBySelfUserIdAndScopeType" resultType="java.lang.String">
|
||||
SELECT user_id FROM sys_data_scope
|
||||
<where>
|
||||
<if test="userId != null and userId != ''">
|
||||
self_user_id = #{userId}
|
||||
</if>
|
||||
<if test="permissionScopeType != null and permissionScopeType != ''">
|
||||
AND permission_scope_type = #{permissionScopeType}
|
||||
</if>
|
||||
</where>
|
||||
</select>
|
||||
<select id="findDataScopeDeptIdBySelfUserIdAndScopeType" resultType="java.lang.String">
|
||||
SELECT DISTINCT dept_id FROM sys_data_scope
|
||||
<where>
|
||||
<if test="userId != null and userId != ''">
|
||||
self_user_id = #{userId}
|
||||
</if>
|
||||
<if test="permissionScopeType != null and permissionScopeType != ''">
|
||||
AND permission_scope_type = #{permissionScopeType}
|
||||
</if>
|
||||
</where>
|
||||
</select>
|
||||
<select id="getDataDetail" resultType="org.nl.system.service.permission.dao.SysDataScope">
|
||||
SELECT
|
||||
scop.*,
|
||||
dept.`name` as deptName,
|
||||
user.person_name,
|
||||
dp.`name` as permissionName,
|
||||
permission.permission_id
|
||||
FROM
|
||||
`sys_data_scope` scop
|
||||
LEFT JOIN sys_user_data_permission permission ON scop.permission_scope_type = permission.permission_scope_type AND permission.user_id = scop.self_user_id
|
||||
LEFT JOIN sys_data_permission dp ON permission.permission_id = dp.permission_id
|
||||
LEFT JOIN sys_dept dept ON scop.dept_id = dept.dept_id
|
||||
LEFT JOIN sys_user user ON scop.user_id = user.user_id
|
||||
<where>
|
||||
<if test="selfUserId != null and selfUserId != ''">
|
||||
scop.self_user_id = #{selfUserId}
|
||||
</if>
|
||||
<if test="permissionScopeType != null and permissionScopeType != ''">
|
||||
AND scop.permission_scope_type = #{permissionScopeType}
|
||||
</if>
|
||||
</where>
|
||||
ORDER BY scop.permission_scope_type, scop.dept_id, scop.user_id
|
||||
</select>
|
||||
</mapper>
|
||||
|
||||
@@ -0,0 +1,20 @@
|
||||
package org.nl.system.service.permission.dto;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
|
||||
/**
|
||||
* @Author: lyd
|
||||
* @Description:
|
||||
* @Date: 2022/12/27
|
||||
*/
|
||||
@Getter
|
||||
@AllArgsConstructor
|
||||
public enum DataScopeEnum {
|
||||
|
||||
USER("user", "用户数据权限"),
|
||||
DEPT("dept", "部门数据权限"),
|
||||
SELF("self", "自身数据权限");
|
||||
private final String code;
|
||||
private final String name;
|
||||
}
|
||||
@@ -3,19 +3,22 @@ package org.nl.system.service.permission.impl;
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import cn.hutool.core.util.IdUtil;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.nl.common.domain.query.PageQuery;
|
||||
import org.nl.modules.common.exception.BadRequestException;
|
||||
|
||||
import org.nl.common.utils.SecurityUtils;
|
||||
import org.nl.modules.common.exception.BadRequestException;
|
||||
import org.nl.system.service.dict.dao.Dict;
|
||||
import org.nl.system.service.dict.dao.mapper.SysDictMapper;
|
||||
import org.nl.system.service.permission.ISysDataPermissionService;
|
||||
import org.nl.system.service.permission.dao.SysDataPermission;
|
||||
import org.nl.system.service.permission.dao.SysDataScope;
|
||||
import org.nl.system.service.permission.dao.mapper.SysDataPermissionMapper;
|
||||
import org.nl.system.service.permission.ISysDataPermissionService;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import org.nl.system.service.permission.dto.DataScopeEnum;
|
||||
import org.nl.system.service.permission.dto.SysDataPermissionQuery;
|
||||
import org.nl.system.service.user.ISysUserService;
|
||||
import org.nl.system.service.user.dto.UserDataPermissionDto;
|
||||
@@ -92,7 +95,82 @@ public class SysDataPermissionServiceImpl extends ServiceImpl<SysDataPermissionM
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object getDataPermissionOption() {
|
||||
return null;
|
||||
public List<SysDataPermission> getDataPermissionOption() {
|
||||
return this.list();
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<UserDataPermissionDto> getDataShow(String userId) {
|
||||
List<UserDataPermissionDto> userDataPermissionDtoList = userService.getUserDataPermissionByUserId(userId);
|
||||
userDataPermissionDtoList.forEach(userDataPermissionDto -> {
|
||||
SysDataPermission sysDataPermission = dataPermissionMapper.selectOne(new LambdaQueryWrapper<SysDataPermission>().eq(SysDataPermission::getPermissionId, userDataPermissionDto.getPermissionId()));
|
||||
if (sysDataPermission.getCode().equals(DataScopeEnum.USER.getCode())) { // 用户权限
|
||||
List<String> userIds = dataPermissionMapper.findDataScopeUserIdBySelfUserIdAndScopeType(userId, userDataPermissionDto.getPermissionScopeType());
|
||||
if (ObjectUtil.isNotEmpty(userIds)) userDataPermissionDto.setUsers(userIds);
|
||||
} else if (sysDataPermission.getCode().equals(DataScopeEnum.DEPT.getCode())) { // 部门权限
|
||||
List<String> deptIds = dataPermissionMapper.findDataScopeDeptIdBySelfUserIdAndScopeType(userId, userDataPermissionDto.getPermissionScopeType());
|
||||
if (ObjectUtil.isNotEmpty(deptIds)) userDataPermissionDto.setDepts(deptIds);
|
||||
} else if (sysDataPermission.getCode().equals(DataScopeEnum.SELF.getCode())) { // 自身
|
||||
List<String> userIds = dataPermissionMapper.findDataScopeUserIdBySelfUserIdAndScopeType(userId, userDataPermissionDto.getPermissionScopeType());
|
||||
if (ObjectUtil.isNotEmpty(userIds)) userDataPermissionDto.setUsers(userIds);
|
||||
}
|
||||
// 其他不做处理
|
||||
});
|
||||
return userDataPermissionDtoList;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void savePermission(JSONObject datas) {
|
||||
String user_id = datas.getString("userId");
|
||||
JSONArray data = datas.getJSONArray("datas");
|
||||
if (ObjectUtil.isEmpty(user_id)) throw new BadRequestException("用户不能为空");
|
||||
// 删除用户绑定的数据
|
||||
userService.deleteDataPermissionById(user_id);
|
||||
dataPermissionMapper.deleteScopeBySelfUserId(user_id);
|
||||
for (int i = 0; i < data.size(); i++) {
|
||||
JSONObject scopeObj = data.getJSONObject(i);
|
||||
String permission_scope_type = scopeObj.getString("value");
|
||||
String permission_id = scopeObj.getString("permissionId");
|
||||
UserDataPermissionDto userDataPermissionDto = new UserDataPermissionDto();
|
||||
userDataPermissionDto.setUserId(user_id);
|
||||
userDataPermissionDto.setPermissionId(permission_id);
|
||||
userDataPermissionDto.setPermissionScopeType(permission_scope_type);
|
||||
// 保存用户数据权限
|
||||
userService.insertDataPermission(userDataPermissionDto);
|
||||
JSONArray users = scopeObj.getJSONArray("users");
|
||||
if (ObjectUtil.isNotEmpty(users)) { // 如果是用户直接将用户的id绑定进去
|
||||
for (int j = 0; j < users.size(); j++) {
|
||||
JSONObject user = users.getJSONObject(j);
|
||||
String userId = user.getString("userId");
|
||||
SysDataScope dataScope = new SysDataScope();
|
||||
dataScope.setUserId(userId);
|
||||
dataScope.setSelfUserId(user_id);
|
||||
dataScope.setPermissionScopeType(permission_scope_type);
|
||||
dataPermissionMapper.insertDataScope(dataScope);
|
||||
}
|
||||
}
|
||||
JSONArray depts = scopeObj.getJSONArray("depts");
|
||||
if (ObjectUtil.isNotEmpty(depts)) { // 如果是部门,先根据部门id求出所有的用户id
|
||||
for (int j = 0; j < depts.size(); j++) {
|
||||
JSONObject dept = depts.getJSONObject(j);
|
||||
String deptId = dept.getString("deptId");
|
||||
List<String> user_ids = userService.getUserIdByDeptId(deptId);
|
||||
user_ids.forEach(id -> {
|
||||
SysDataScope dataScope = new SysDataScope();
|
||||
dataScope.setUserId(id);
|
||||
dataScope.setDeptId(deptId);
|
||||
dataScope.setSelfUserId(user_id);
|
||||
dataScope.setPermissionScopeType(permission_scope_type);
|
||||
dataPermissionMapper.insertDataScopes(dataScope);
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SysDataScope> getDataDetail(JSONObject data) {
|
||||
return dataPermissionMapper.getDataDetail(data.getString("userId"), data.getString("permissionScopeType"));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,4 +30,12 @@ public interface ISysUserService extends IService<SysUser> {
|
||||
void update(Map userDetail);
|
||||
|
||||
List<UserDataPermissionDto> getUserDataPermissionByPermissionId(String permissionId);
|
||||
|
||||
List<UserDataPermissionDto> getUserDataPermissionByUserId(String userId);
|
||||
|
||||
void deleteDataPermissionById(String userId);
|
||||
|
||||
void insertDataPermission(UserDataPermissionDto userDataPermissionDto);
|
||||
|
||||
List<String> getUserIdByDeptId(String deptId);
|
||||
}
|
||||
|
||||
@@ -26,4 +26,12 @@ public interface SysUserMapper extends BaseMapper<SysUser> {
|
||||
List<Map<String,Object>> getDetailForMap(@Param("query") UserQuery query, @Param("page")PageQuery page);
|
||||
|
||||
List<UserDataPermissionDto> getUserDataPermissionByPermissionId(String permissionId);
|
||||
|
||||
List<UserDataPermissionDto> getUserDataPermissionByUserId(String userId);
|
||||
|
||||
void deleteDataPermissionById(String userId);
|
||||
|
||||
void insertDataPermission(@Param("dataPermission") UserDataPermissionDto dataPermission);
|
||||
|
||||
List<String> getUserIdByDeptId(String deptId);
|
||||
}
|
||||
|
||||
@@ -24,6 +24,12 @@
|
||||
sys_user.extperson_id as extpersonId,
|
||||
sys_user.extuser_id as extuserId
|
||||
</sql>
|
||||
<insert id="insertDataPermission">
|
||||
INSERT INTO sys_user_data_permission(user_id, permission_scope_type, permission_id) VALUES (#{dataPermission.userId}, #{dataPermission.permissionScopeType}, #{dataPermission.permissionId})
|
||||
</insert>
|
||||
<delete id="deleteDataPermissionById">
|
||||
DELETE FROM sys_user_data_permission WHERE user_id = #{userId}
|
||||
</delete>
|
||||
<resultMap id="UserDetail" type="org.nl.system.service.user.dto.SysUserDetail" >
|
||||
<id column="userId" property="userId" />
|
||||
<result column="username" property="username" />
|
||||
@@ -119,4 +125,19 @@
|
||||
resultType="org.nl.system.service.user.dto.UserDataPermissionDto">
|
||||
SELECT * FROM sys_user_data_permission WHERE permission_id = #{permissionId}
|
||||
</select>
|
||||
<select id="getUserDataPermissionByUserId"
|
||||
resultType="org.nl.system.service.user.dto.UserDataPermissionDto">
|
||||
SELECT * FROM sys_user_data_permission WHERE user_id = #{userId}
|
||||
</select>
|
||||
<select id="getUserIdByDeptId" resultType="java.lang.String">
|
||||
SELECT
|
||||
DISTINCT user_id
|
||||
FROM
|
||||
sys_user_dept
|
||||
<where>
|
||||
<if test="deptId != null and deptId != ''">
|
||||
dept_id = #{deptId}
|
||||
</if>
|
||||
</where>
|
||||
</select>
|
||||
</mapper>
|
||||
|
||||
@@ -1,6 +1,12 @@
|
||||
package org.nl.system.service.user.dto;
|
||||
|
||||
import com.baomidou.mybatisplus.annotation.TableField;
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @Author: lyd
|
||||
@@ -8,10 +14,18 @@ import lombok.Data;
|
||||
* @Date: 2022/12/20
|
||||
*/
|
||||
@Data
|
||||
public class UserDataPermissionDto {
|
||||
@EqualsAndHashCode(callSuper = false)
|
||||
@TableName("sys_user_data_permission")
|
||||
public class UserDataPermissionDto implements Serializable {
|
||||
private String userId;
|
||||
|
||||
private String permissionScopeType;
|
||||
|
||||
private String permissionId;
|
||||
|
||||
@TableField(exist = false)
|
||||
private List<String> users;
|
||||
|
||||
@TableField(exist = false)
|
||||
private List<String> depts;
|
||||
}
|
||||
|
||||
@@ -141,4 +141,24 @@ public class ISysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> imp
|
||||
public List<UserDataPermissionDto> getUserDataPermissionByPermissionId(String permissionId) {
|
||||
return sysUserMapper.getUserDataPermissionByPermissionId(permissionId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<UserDataPermissionDto> getUserDataPermissionByUserId(String userId) {
|
||||
return sysUserMapper.getUserDataPermissionByUserId(userId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteDataPermissionById(String userId) {
|
||||
sysUserMapper.deleteDataPermissionById(userId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void insertDataPermission(UserDataPermissionDto userDataPermissionDto) {
|
||||
sysUserMapper.insertDataPermission(userDataPermissionDto);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> getUserIdByDeptId(String deptId) {
|
||||
return sysUserMapper.getUserIdByDeptId(deptId);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user