From 753b456b4e46a9142f92fad3cc7826a5b7f7fd05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90Li?= <15040126243@163.com> Date: Fri, 4 Jul 2025 15:31:04 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E4=BC=98=E5=8C=96=20=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E5=B2=97=E4=BD=8D=E4=BF=AE=E6=94=B9=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/dromara/system/mapper/SysPostMapper.java | 14 ++++++++++++++ .../dromara/system/mapper/SysUserRoleMapper.java | 3 +-- .../system/service/impl/SysUserServiceImpl.java | 12 +++++++++--- 3 files changed, 24 insertions(+), 5 deletions(-) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java index a457c53a2..8c271a73c 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysPostMapper.java @@ -26,6 +26,20 @@ public interface SysPostMapper extends BaseMapperPlus { return this.selectVoPage(page, queryWrapper); } + /** + * 分页查询岗位列表 + * + * @param queryWrapper 查询条件 + * @return 包含岗位信息的分页结果 + */ + @DataPermission({ + @DataColumn(key = "deptName", value = "dept_id"), + @DataColumn(key = "userName", value = "create_by") + }) + default List selectPostList(Wrapper queryWrapper) { + return this.selectVoList(queryWrapper); + } + /** * 查询用户所属岗位组 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java index e7c6ae38a..4c1c8b9df 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysUserRoleMapper.java @@ -21,8 +21,7 @@ public interface SysUserRoleMapper extends BaseMapperPlus selectUserIdsByRoleId(Long roleId) { return this.selectObjs(new LambdaQueryWrapper() - .select(SysUserRole::getUserId).inSql(SysUserRole::getRoleId, - "select role_id from sys_role where role_id = " + roleId) + .select(SysUserRole::getUserId).eq(SysUserRole::getRoleId, roleId) ); } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java index acfb708d7..c5d37a7f2 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java @@ -447,14 +447,20 @@ public class SysUserServiceImpl implements ISysUserService { * @param clear 清除已存在的关联数据 */ private void insertUserPost(SysUserBo user, boolean clear) { - Long[] posts = user.getPostIds(); - if (ArrayUtil.isNotEmpty(posts)) { + List postIds = List.of(user.getPostIds()); + if (ArrayUtil.isNotEmpty(postIds)) { + // 判断是否具有此角色的操作权限 + List posts = postMapper.selectPostList( + new LambdaQueryWrapper().in(SysPost::getPostId, postIds)); + if (CollUtil.isEmpty(posts) || posts.size() != postIds.size()) { + throw new ServiceException("没有权限访问岗位的数据"); + } if (clear) { // 删除用户与岗位关联 userPostMapper.delete(new LambdaQueryWrapper().eq(SysUserPost::getUserId, user.getUserId())); } // 新增用户与岗位管理 - List list = StreamUtils.toList(List.of(posts), postId -> { + List list = StreamUtils.toList(postIds, postId -> { SysUserPost up = new SysUserPost(); up.setUserId(user.getUserId()); up.setPostId(postId);