From 308d08b81f03671689590fedd5a70eddfbe6188c Mon Sep 17 00:00:00 2001 From: xuyuxiang Date: Fri, 7 Apr 2023 11:13:02 +0800 Subject: [PATCH] =?UTF-8?q?=E3=80=90=E4=BC=98=E5=8C=96=E3=80=91=E4=BC=98?= =?UTF-8?q?=E5=8C=96=E8=A7=92=E8=89=B2=E5=92=8C=E7=94=A8=E6=88=B7=E6=8E=88?= =?UTF-8?q?=E6=9D=83=E9=80=BB=E8=BE=91=E5=88=A4=E6=96=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../role/service/impl/SysRoleServiceImpl.java | 17 +++++++++++++ .../user/service/impl/SysUserServiceImpl.java | 25 +++++++++++++++++-- 2 files changed, 40 insertions(+), 2 deletions(-) diff --git a/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/role/service/impl/SysRoleServiceImpl.java b/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/role/service/impl/SysRoleServiceImpl.java index d1180971..5d423a1e 100644 --- a/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/role/service/impl/SysRoleServiceImpl.java +++ b/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/role/service/impl/SysRoleServiceImpl.java @@ -48,8 +48,10 @@ import vip.xiaonuo.sys.modular.relation.entity.SysRelation; import vip.xiaonuo.sys.modular.relation.enums.SysRelationCategoryEnum; import vip.xiaonuo.sys.modular.relation.service.SysRelationService; import vip.xiaonuo.sys.modular.resource.entity.SysMenu; +import vip.xiaonuo.sys.modular.resource.entity.SysModule; import vip.xiaonuo.sys.modular.resource.enums.SysResourceCategoryEnum; import vip.xiaonuo.sys.modular.resource.service.SysMenuService; +import vip.xiaonuo.sys.modular.resource.service.SysModuleService; import vip.xiaonuo.sys.modular.role.entity.SysRole; import vip.xiaonuo.sys.modular.role.enums.SysRoleCategoryEnum; import vip.xiaonuo.sys.modular.role.mapper.SysRoleMapper; @@ -63,6 +65,7 @@ import javax.annotation.Resource; import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.Set; import java.util.stream.Collectors; /** @@ -80,6 +83,9 @@ public class SysRoleServiceImpl extends ServiceImpl impl @Resource private SysOrgService sysOrgService; + @Resource + private SysModuleService sysModuleService; + @Resource private SysMenuService sysMenuService; @@ -218,8 +224,19 @@ public class SysRoleServiceImpl extends ServiceImpl impl @Override public void grantResource(SysRoleGrantResourceParam sysRoleGrantResourceParam) { String id = sysRoleGrantResourceParam.getId(); + SysRole sysRole = this.queryEntity(id); List menuIdList = sysRoleGrantResourceParam.getGrantInfoList().stream() .map(SysRoleGrantResourceParam.SysRoleGrantResource::getMenuId).collect(Collectors.toList()); + if(!SysBuildInEnum.BUILD_IN_ROLE_CODE.getValue().equals(sysRole.getCode())) { + if(ObjectUtil.isNotEmpty(menuIdList)) { + Set sysModuleIdList = sysMenuService.listByIds(menuIdList).stream().map(SysMenu::getModule).collect(Collectors.toSet()); + boolean containsSystemModule = sysModuleService.listByIds(sysModuleIdList).stream().map(SysModule::getCode) + .collect(Collectors.toSet()).contains(SysBuildInEnum.BUILD_IN_MODULE_CODE.getValue()); + if(containsSystemModule) { + throw new CommonException("非超管角色不可被授权系统模块菜单资源"); + } + } + } List extJsonList = sysRoleGrantResourceParam.getGrantInfoList().stream() .map(JSONUtil::toJsonStr).collect(Collectors.toList()); sysRelationService.saveRelationBatchWithClear(id, menuIdList, SysRelationCategoryEnum.SYS_ROLE_HAS_RESOURCE.getValue(), diff --git a/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/user/service/impl/SysUserServiceImpl.java b/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/user/service/impl/SysUserServiceImpl.java index 247621ad..dbc86179 100644 --- a/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/user/service/impl/SysUserServiceImpl.java +++ b/snowy-plugin/snowy-plugin-sys/src/main/java/vip/xiaonuo/sys/modular/user/service/impl/SysUserServiceImpl.java @@ -85,10 +85,12 @@ import vip.xiaonuo.sys.modular.relation.enums.SysRelationCategoryEnum; import vip.xiaonuo.sys.modular.relation.service.SysRelationService; import vip.xiaonuo.sys.modular.resource.entity.SysButton; import vip.xiaonuo.sys.modular.resource.entity.SysMenu; +import vip.xiaonuo.sys.modular.resource.entity.SysModule; import vip.xiaonuo.sys.modular.resource.enums.SysResourceCategoryEnum; import vip.xiaonuo.sys.modular.resource.enums.SysResourceMenuTypeEnum; import vip.xiaonuo.sys.modular.resource.service.SysButtonService; import vip.xiaonuo.sys.modular.resource.service.SysMenuService; +import vip.xiaonuo.sys.modular.resource.service.SysModuleService; import vip.xiaonuo.sys.modular.role.entity.SysRole; import vip.xiaonuo.sys.modular.role.enums.SysRoleDataScopeCategoryEnum; import vip.xiaonuo.sys.modular.role.service.SysRoleService; @@ -155,6 +157,9 @@ public class SysUserServiceImpl extends ServiceImpl impl @Resource private SysRoleService sysRoleService; + @Resource + private SysModuleService sysModuleService; + @Resource private SysMenuService sysMenuService; @@ -618,9 +623,8 @@ public class SysUserServiceImpl extends ServiceImpl impl List resultList = CollectionUtil.newArrayList(); // 获取拥有的菜单列表 - List finalMenuIdList = menuIdList; List menuList = allMenuList.stream().filter(sysMenu -> - finalMenuIdList.contains(sysMenu.getId())).collect(Collectors.toList()); + menuIdList.contains(sysMenu.getId())).collect(Collectors.toList()); // 对获取到的角色对应的菜单列表进行处理,获取父列表 menuList.forEach(sysMenu -> execRecursionFindParent(allMenuList, sysMenu.getId(), resultList)); @@ -781,8 +785,25 @@ public class SysUserServiceImpl extends ServiceImpl impl @Override public void grantResource(SysUserGrantResourceParam sysUserGrantResourceParam) { String id = sysUserGrantResourceParam.getId(); + SysUserIdParam sysUserIdParam = new SysUserIdParam(); + List roleIdList = this.ownRole(sysUserIdParam); + if(ObjectUtil.isEmpty(roleIdList)) { + throw new CommonException("非超管角色用户不可被授权系统模块菜单资源"); + } + boolean hasSuperAdminRole = sysRoleService.listByIds(roleIdList).stream().map(SysRole::getCode).collect(Collectors.toSet()) + .contains(SysBuildInEnum.BUILD_IN_ROLE_CODE.getValue()); List menuIdList = sysUserGrantResourceParam.getGrantInfoList().stream() .map(SysUserGrantResourceParam.SysUserGrantResource::getMenuId).collect(Collectors.toList()); + if(!hasSuperAdminRole) { + if(ObjectUtil.isNotEmpty(menuIdList)) { + Set sysModuleIdList = sysMenuService.listByIds(menuIdList).stream().map(SysMenu::getModule).collect(Collectors.toSet()); + boolean containsSystemModule = sysModuleService.listByIds(sysModuleIdList).stream().map(SysModule::getCode) + .collect(Collectors.toSet()).contains(SysBuildInEnum.BUILD_IN_MODULE_CODE.getValue()); + if(containsSystemModule) { + throw new CommonException("非超管角色用户不可被授权系统模块菜单资源"); + } + } + } List extJsonList = sysUserGrantResourceParam.getGrantInfoList().stream() .map(JSONUtil::toJsonStr).collect(Collectors.toList()); sysRelationService.saveRelationBatchWithClear(id, menuIdList, SysRelationCategoryEnum.SYS_USER_HAS_RESOURCE.getValue(),