From 6fb42d117ea7650656041055bc8aca6318d878b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?D=E5=93=A5?= <12271764+darrenteng@user.noreply.gitee.com> Date: Fri, 21 Mar 2025 07:27:12 +0000 Subject: [PATCH] =?UTF-8?q?=E8=A7=A3=E5=86=B3=E6=95=B0=E6=8D=AE=E6=9D=83?= =?UTF-8?q?=E9=99=90=E8=BF=87=E6=BB=A4=E5=A4=84=E7=90=86=E9=80=BB=E8=BE=91?= =?UTF-8?q?=E4=B8=AD=EF=BC=8C=E8=8E=AB=E5=90=8D=E5=85=B6=E5=A6=99=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0AND=20(d.dept=5Fid=20=3D=200)=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98=20=E8=A7=A3=E5=86=B3=E6=95=B0=E6=8D=AE=E6=9D=83?= =?UTF-8?q?=E9=99=90=E8=BF=87=E6=BB=A4=E5=A4=84=E7=90=86=E9=80=BB=E8=BE=91?= =?UTF-8?q?=E4=B8=AD=EF=BC=8C=E8=8E=AB=E5=90=8D=E5=85=B6=E5=A6=99=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0AND=20(d.dept=5Fid=20=3D=200)=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98=E3=80=82=20=E4=BF=AE=E6=94=B9=E5=89=8D=E7=94=9F?= =?UTF-8?q?=E6=88=90sql=E8=AF=AD=E5=8F=A5=EF=BC=9A=20SELECT=20d.dept=5Fid,?= =?UTF-8?q?=20d.parent=5Fid,=20d.ancestors,=20d.dept=5Fname,=20d.order=5Fn?= =?UTF-8?q?um,=20d.leader,=20d.phone,=20d.email,=20d.status,=20d.del=5Ffla?= =?UTF-8?q?g,=20d.create=5Fby,=20d.create=5Ftime,=20d.tenant=5Fid=20FROM?= =?UTF-8?q?=20sys=5Fdept=20d=20WHERE=20d.del=5Fflag=20=3D=20'0'=20AND=20(d?= =?UTF-8?q?.dept=5Fid=20=3D=200)=20ORDER=20BY=20d.parent=5Fid,=20d.order?= =?UTF-8?q?=5Fnum?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 修改后生成sql语句: SELECT d.dept_id, d.parent_id, d.ancestors, d.dept_name, d.order_num, d.leader, d.phone, d.email, d.status, d.del_flag, d.create_by, d.create_time, d.tenant_id FROM sys_dept d WHERE d.del_flag = '0' ORDER BY d.parent_id, d.order_num Signed-off-by: D哥 <12271764+darrenteng@user.noreply.gitee.com> --- .../datascope/aspect/DataScopeAspect.java | 27 ++++++++++--------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java index c56108f4..ccbffc82 100644 --- a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java +++ b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java @@ -113,9 +113,10 @@ public class DataScopeAspect } if (DATA_SCOPE_ALL.equals(dataScope)) { + // 全部数据权限,不添加额外条件 sqlString = new StringBuilder(); - conditions.add(dataScope); - break; + conditions.clear(); + return; } else if (DATA_SCOPE_CUSTOM.equals(dataScope)) { @@ -143,28 +144,28 @@ public class DataScopeAspect { sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId())); } - else - { - // 数据权限为仅本人且没有userAlias别名不查询任何数据 - sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias)); - } + // 当没有 userAlias 时,不添加任何条件 } conditions.add(dataScope); } - // 角色都不包含传递过来的权限字符,这个时候sqlString也会为空,所以要限制一下,不查询任何数据 + // 角色都不包含传递过来的权限字符,这个时候不添加任何条件 if (StringUtils.isEmpty(conditions)) { - sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias)); + sqlString = new StringBuilder(); } - if (StringUtils.isNotBlank(sqlString.toString())) + String sql = sqlString.toString().trim(); + if (sql.startsWith("OR ")) { + sql = sql.substring(3); + } + if (StringUtils.isNotBlank(sql)) { Object params = joinPoint.getArgs()[0]; - if (StringUtils.isNotNull(params) && params instanceof BaseEntity) + if (params instanceof BaseEntity) { BaseEntity baseEntity = (BaseEntity) params; - baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")"); + baseEntity.getParams().put(DATA_SCOPE, " AND (" + sql + ")"); } } } @@ -181,4 +182,4 @@ public class DataScopeAspect baseEntity.getParams().put(DATA_SCOPE, ""); } } -} +} \ No newline at end of file