[代码完善](v2.5): v2.5 beta 数据权限使升级，现可通过注解[@DataPermission]控制

DataPermission 类中有详细说明和使用示例 SecurityUtils 中加入获取当前用户的数据权限的方法 2.5 Beta 详情：https://www.ydyno.com/archives/1225.html

[代码完善](v2.5): v2.5 beta 数据权限使升级，现可通过注解[@DataPermission]控制
DataPermission 类中有详细说明和使用示例 SecurityUtils 中加入获取当前用户的数据权限的方法 2.5 Beta 详情：https://www.ydyno.com/archives/1225.html
fa26d674 · ZhengJie · 63f00cd3 · fa26d674 · fa26d674 · fa26d674
Commit fa26d674 authored May 07, 2020 by ZhengJie
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java
@@ -18,7 +18,7 @@ package me.zhengjie.modules.system.rest;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.exception.BadRequestException;
 import me.zhengjie.modules.system.domain.DictDetail;
 import me.zhengjie.modules.system.service.DictDetailService;

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/JobController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/JobController.java
@@ -18,7 +18,7 @@ package me.zhengjie.modules.system.rest;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.exception.BadRequestException;
 import me.zhengjie.modules.system.domain.Job;
 import me.zhengjie.modules.system.service.JobService;

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java
@@ -18,7 +18,7 @@ package me.zhengjie.modules.system.rest;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.modules.system.domain.Menu;
 import me.zhengjie.exception.BadRequestException;
 import me.zhengjie.modules.system.service.MenuService;

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MonitorController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MonitorController.java
@@ -18,7 +18,6 @@ package me.zhengjie.modules.system.rest;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
 import me.zhengjie.modules.system.service.MonitorService;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java
@@ -19,7 +19,7 @@ import cn.hutool.core.lang.Dict;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.modules.system.domain.Role;
 import me.zhengjie.exception.BadRequestException;
 import me.zhengjie.modules.system.service.RoleService;

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java
@@ -15,13 +15,14 @@
 */
 package me.zhengjie.modules.system.rest;
+import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.crypto.asymmetric.KeyType;
 import cn.hutool.crypto.asymmetric.RSA;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
-import me.zhengjie.config.DataScope;
+import me.zhengjie.modules.system.service.DataService;
 import me.zhengjie.modules.system.domain.User;
 import me.zhengjie.exception.BadRequestException;
 import me.zhengjie.modules.system.domain.vo.UserPassVo;
@@ -64,7 +65,7 @@ public class UserController {
    private String privateKey;
    private final PasswordEncoder passwordEncoder;
    private final UserService userService;
-    private final DataScope dataScope;
+    private final DataService dataService;
    private final DeptService deptService;
    private final RoleService roleService;
    private final VerifyService verificationCodeService;
@@ -82,33 +83,25 @@ public class UserController {
    @GetMapping
    @PreAuthorize("@el.check('user:list')")
    public ResponseEntity<Object> getUsers(UserQueryCriteria criteria, Pageable pageable){
-        Set<Long> deptSet = new HashSet<>();
-        Set<Long> result = new HashSet<>();
        if (!ObjectUtils.isEmpty(criteria.getDeptId())) {
-            deptSet.add(criteria.getDeptId());
+            criteria.getDeptIds().add(criteria.getDeptId());
-            deptSet.addAll(dataScope.getDeptChildren(deptService.findByPid(criteria.getDeptId())));
+            criteria.getDeptIds().addAll(dataService.getDeptChildren(deptService.findByPid(criteria.getDeptId())));
        }
        // 数据权限
-        Set<Long> deptIds = dataScope.getDeptIds();
+        List<Long> dataScopes = dataService.getDeptIds(userService.findById(SecurityUtils.getCurrentUserId()));
-        // 查询条件不为空并且数据权限不为空则取交集
+        // criteria.getDeptIds() 不为空并且数据权限不为空则取交集
-        if (!CollectionUtils.isEmpty(deptIds) && !CollectionUtils.isEmpty(deptSet)){
+        if (!CollectionUtils.isEmpty(criteria.getDeptIds()) && !CollectionUtils.isEmpty(dataScopes)){
            // 取交集
-            result.addAll(deptSet);
+            criteria.getDeptIds().retainAll(dataScopes);
-            result.retainAll(deptIds);
+            if(!CollectionUtil.isEmpty(criteria.getDeptIds())){
-            // 若无交集，则代表无数据权限
-            criteria.setDeptIds(result);
-            if(result.size() == 0){
-                return new ResponseEntity<>(PageUtil.toPage(null,0),HttpStatus.OK);
-            } else {
                return new ResponseEntity<>(userService.queryAll(criteria,pageable),HttpStatus.OK);
            }
-        // 否则取并集
        } else {
-            result.addAll(deptSet);
+            // 否则取并集
-            result.addAll(deptIds);
+            criteria.getDeptIds().addAll(dataScopes);
-            criteria.setDeptIds(result);
            return new ResponseEntity<>(userService.queryAll(criteria,pageable),HttpStatus.OK);
        }
+        return new ResponseEntity<>(PageUtil.toPage(null,0),HttpStatus.OK);
    }
    @Log("新增用户")

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/DataService.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/DataService.java
+/*
+ *  Copyright 2019-2020 Zheng Jie
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package me.zhengjie.modules.system.service;
+import me.zhengjie.modules.system.domain.Dept;
+import me.zhengjie.modules.system.service.dto.UserDto;
+import java.util.List;
+/**
+ * 数据权限服务类
+ * @author Zheng Jie
+ * @date 2020-05-07
+ */
+public interface DataService {
+    /**
+     * 获取数据权限
+     * @param user /
+     * @return /
+     */
+    List<Long> getDeptIds(UserDto user);
+    /**
+     * 递归获取子级部门
+     * @param deptList /
+     * @return /
+     */
+    List<Long> getDeptChildren(List<Dept> deptList);
+}
--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/DeptQueryCriteria.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/DeptQueryCriteria.java
@@ -16,22 +16,19 @@
 package me.zhengjie.modules.system.service.dto;
 import lombok.Data;
+import me.zhengjie.annotation.DataPermission;
 import me.zhengjie.annotation.Query;
 import java.sql.Timestamp;
 import java.util.List;
-import java.util.Set;
 /**
 * @author Zheng Jie
 * @date 2019-03-25
 */
 @Data
+@DataPermission(fieldName = "id")
 public class DeptQueryCriteria{
-    @Query(type = Query.Type.IN, propName="id")
-    private Set<Long> ids;
    @Query(type = Query.Type.INNER_LIKE)
    private String name;

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/UserQueryCriteria.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/UserQueryCriteria.java
@@ -19,6 +19,7 @@ import lombok.Data;
 import me.zhengjie.annotation.Query;
 import java.io.Serializable;
 import java.sql.Timestamp;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
@@ -33,7 +34,7 @@ public class UserQueryCriteria implements Serializable {
    private Long id;
    @Query(propName = "id", type = Query.Type.IN, joinName = "dept")
-    private Set<Long> deptIds;
+    private Set<Long> deptIds = new HashSet<>();
    @Query(blurry = "email,username,nickName")
    private String blurry;

--- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/RoleServiceImpl.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/RoleServiceImpl.java
@@ -15,10 +15,13 @@
 */
 package me.zhengjie.modules.system.service.impl;
+import cn.hutool.core.collection.CollectionUtil;
 import lombok.RequiredArgsConstructor;
+import me.zhengjie.modules.system.domain.Dept;
 import me.zhengjie.modules.system.domain.Menu;
 import me.zhengjie.modules.system.domain.Role;
 import me.zhengjie.exception.EntityExistException;
+import me.zhengjie.modules.system.repository.DeptRepository;
 import me.zhengjie.modules.system.repository.RoleRepository;
 import me.zhengjie.modules.system.service.RoleService;
 import me.zhengjie.modules.system.service.dto.RoleDto;
@@ -28,6 +31,7 @@ import me.zhengjie.modules.system.service.dto.UserDto;
 import me.zhengjie.modules.system.service.mapper.RoleMapper;
 import me.zhengjie.modules.system.service.mapper.RoleSmallMapper;
 import me.zhengjie.utils.*;
+import me.zhengjie.utils.enums.DataScopeEnum;
 import org.springframework.cache.annotation.CacheConfig;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Cacheable;
@@ -56,6 +60,7 @@ public class RoleServiceImpl implements RoleService {
    private final RoleRepository roleRepository;
    private final RoleMapper roleMapper;
    private final RoleSmallMapper roleSmallMapper;
+    private final DeptRepository deptRepository;
    @Override
    @Cacheable
@@ -91,6 +96,7 @@ public class RoleServiceImpl implements RoleService {
        if(roleRepository.findByName(resources.getName()) != null){
            throw new EntityExistException(Role.class,"username",resources.getName());
        }
+        checkDataScope(resources);
        return roleMapper.toDto(roleRepository.save(resources));
    }
@@ -106,6 +112,7 @@ public class RoleServiceImpl implements RoleService {
        if(role1 != null && !role1.getId().equals(role.getId())){
            throw new EntityExistException(Role.class,"username",resources.getName());
        }
+        checkDataScope(resources);
        role.setName(resources.getName());
        role.setDescription(resources.getDescription());
        role.setDataScope(resources.getDataScope());
@@ -114,6 +121,19 @@ public class RoleServiceImpl implements RoleService {
        roleRepository.save(role);
    }
+    private void checkDataScope(Role resources){
+        if(CollectionUtil.isNotEmpty(resources.getDepts()) && resources.getDepts().size() == 1){
+            for (Dept dept : resources.getDepts()) {
+                dept = deptRepository.findById(dept.getId()).orElseGet(Dept::new);
+                if(dept.getPid() == 0 || dept.getPid() == null){
+                    resources.setDepts(null);
+                    resources.setDataScope(DataScopeEnum.ALL.getValue());
+                }
+            }
+        }
+    }
    @Override
    @CacheEvict(allEntries = true)
    public void updateMenu(Role resources, RoleDto roleDTO) {

--- a/eladmin-system/src/main/resources/template/generator/admin/Controller.ftl
+++ b/eladmin-system/src/main/resources/template/generator/admin/Controller.ftl
@@ -15,7 +15,7 @@
 */
 package ${package}.rest;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import ${package}.domain.${className};
 import ${package}.service.${className}Service;
 import ${package}.service.dto.${className}QueryCriteria;

--- a/eladmin-tools/src/main/java/me/zhengjie/rest/AliPayController.java
+++ b/eladmin-tools/src/main/java/me/zhengjie/rest/AliPayController.java
@@ -20,7 +20,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import me.zhengjie.annotation.AnonymousAccess;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.domain.vo.TradeVo;
 import me.zhengjie.domain.AlipayConfig;
 import me.zhengjie.utils.AliPayStatusEnum;

--- a/eladmin-tools/src/main/java/me/zhengjie/rest/EmailController.java
+++ b/eladmin-tools/src/main/java/me/zhengjie/rest/EmailController.java
@@ -18,7 +18,7 @@ package me.zhengjie.rest;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.domain.vo.EmailVo;
 import me.zhengjie.domain.EmailConfig;
 import me.zhengjie.service.EmailService;

--- a/eladmin-tools/src/main/java/me/zhengjie/rest/LocalStorageController.java
+++ b/eladmin-tools/src/main/java/me/zhengjie/rest/LocalStorageController.java
@@ -16,7 +16,7 @@
 package me.zhengjie.rest;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.domain.LocalStorage;
 import me.zhengjie.service.LocalStorageService;
 import me.zhengjie.service.dto.LocalStorageQueryCriteria;

--- a/eladmin-tools/src/main/java/me/zhengjie/rest/PictureController.java
+++ b/eladmin-tools/src/main/java/me/zhengjie/rest/PictureController.java
@@ -18,7 +18,7 @@ package me.zhengjie.rest;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.domain.Picture;
 import me.zhengjie.service.PictureService;
 import me.zhengjie.service.dto.PictureQueryCriteria;

--- a/eladmin-tools/src/main/java/me/zhengjie/rest/QiniuController.java
+++ b/eladmin-tools/src/main/java/me/zhengjie/rest/QiniuController.java
@@ -19,7 +19,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import me.zhengjie.aop.log.Log;
+import me.zhengjie.annotation.Log;
 import me.zhengjie.domain.QiniuConfig;
 import me.zhengjie.domain.QiniuContent;
 import me.zhengjie.service.dto.QiniuQueryCriteria;