msb-public-java
/
RuoYi-Cloud
mirror of https://gitee.com/y_project/RuoYi-Cloud.git
1
0
Code Issues Projects Releases Wiki Activity

Pre Merge pull request !401 from D哥/N/A

Browse Source
pull/401/MERGE
D哥 2 weeks ago committed by Gitee
parent ac92ae3ae6 6fb42d117e
commit 383ee9ed7d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File

25
ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java
Unescape View File

@ -113,9 +113,10 @@ public class DataScopeAspect
} }
if (DATA_SCOPE_ALL.equals(dataScope)) if (DATA_SCOPE_ALL.equals(dataScope))
{ {
// 全部数据权限,不添加额外条件
sqlString = new StringBuilder(); sqlString = new StringBuilder();
conditions.add(dataScope); conditions.clear();
break; return;
} }
else if (DATA_SCOPE_CUSTOM.equals(dataScope)) else if (DATA_SCOPE_CUSTOM.equals(dataScope))
{ {
@ -143,28 +144,28 @@ public class DataScopeAspect
{ {
sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId())); sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId()));
} }
else // 当没有 userAlias 时,不添加任何条件
{
// 数据权限为仅本人且没有userAlias别名不查询任何数据
sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias));
}
} }
conditions.add(dataScope); conditions.add(dataScope);
} }
// 角色都不包含传递过来的权限字符,这个时候sqlString也会为空所以要限制一下,不查询任何数据 // 角色都不包含传递过来的权限字符,这个时候不添加任何条件
if (StringUtils.isEmpty(conditions)) if (StringUtils.isEmpty(conditions))
{ {
sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias)); sqlString = new StringBuilder();
} }
if (StringUtils.isNotBlank(sqlString.toString())) String sql = sqlString.toString().trim();
if (sql.startsWith("OR ")) {
sql = sql.substring(3);
}
if (StringUtils.isNotBlank(sql))
{ {
Object params = joinPoint.getArgs()[0]; Object params = joinPoint.getArgs()[0];
if (StringUtils.isNotNull(params) && params instanceof BaseEntity) if (params instanceof BaseEntity)
{ {
BaseEntity baseEntity = (BaseEntity) params; BaseEntity baseEntity = (BaseEntity) params;
baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")"); baseEntity.getParams().put(DATA_SCOPE, " AND (" + sql + ")");
} }
} }
} }

Write Preview
Loading…
Cancel
Save