product-inventory-management-after.git

			@@ -365,6 +365,10 @@
			*/
			public static String[] toStrArray(String str)
			{
			if (StringUtils.isEmpty(str))
			{
			return new String[] {};
			}
			return toStrArray(",", str);
			}

			@@ -92,16 +92,22 @@
			{
			StringBuilder sqlString = new StringBuilder();
			List<String> conditions = new ArrayList<String>();
			List<String> scopeCustomIds = new ArrayList<String>();
			user.getRoles().forEach(role -> {
			if (DATA_SCOPE_CUSTOM.equals(role.getDataScope()) && StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
			{
			scopeCustomIds.add(Convert.toStr(role.getRoleId()));
			}
			});

			for (SysRole role : user.getRoles())
			{
			String dataScope = role.getDataScope();
			if (!DATA_SCOPE_CUSTOM.equals(dataScope) && conditions.contains(dataScope))
			if (conditions.contains(dataScope))
			{
			continue;
			}
			if (StringUtils.isNotEmpty(permission) && StringUtils.isNotEmpty(role.getPermissions())
			&& !StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
			if (!StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
			{
			continue;
			}
			@@ -113,9 +119,15 @@
			}
			else if (DATA_SCOPE_CUSTOM.equals(dataScope))
			{
			sqlString.append(StringUtils.format(
			" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias,
			role.getRoleId()));
			if (scopeCustomIds.size() > 1)
			{
			// 多个自定数据权限使用in查询，避免多次拼接。
			sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id in ({}) ) ", deptAlias, String.join(",", scopeCustomIds)));
			}
			else
			{
			sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, role.getRoleId()));
			}
			}
			else if (DATA_SCOPE_DEPT.equals(dataScope))
			{
			@@ -123,9 +135,7 @@
			}
			else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope))
			{
			sqlString.append(StringUtils.format(
			" OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
			deptAlias, user.getDeptId(), user.getDeptId()));
			sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )", deptAlias, user.getDeptId(), user.getDeptId()));
			}
			else if (DATA_SCOPE_SELF.equals(dataScope))
			{

			@@ -12,9 +12,11 @@
			import org.springframework.web.bind.annotation.RestControllerAdvice;
			import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException;
			import com.ruoyi.common.constant.HttpStatus;
			import com.ruoyi.common.core.text.Convert;
			import com.ruoyi.common.exception.DemoModeException;
			import com.ruoyi.common.exception.ServiceException;
			import com.ruoyi.common.utils.StringUtils;
			import com.ruoyi.common.utils.html.EscapeUtil;
			import com.ruoyi.framework.web.domain.AjaxResult;

			/**
			@@ -79,8 +81,13 @@
			public AjaxResult handleMethodArgumentTypeMismatchException(MethodArgumentTypeMismatchException e, HttpServletRequest request)
			{
			String requestURI = request.getRequestURI();
			String value = Convert.toStr(e.getValue());
			if (StringUtils.isNotEmpty(value))
			{
			value = EscapeUtil.clean(value);
			}
			log.error("请求参数类型不匹配'{}',发生系统异常.", requestURI, e);
			return AjaxResult.error(String.format("请求参数类型不匹配，参数[%s]要求类型为：'%s'，但输入值为：'%s'", e.getName(), e.getRequiredType().getName(), e.getValue()));
			return AjaxResult.error(String.format("请求参数类型不匹配，参数[%s]要求类型为：'%s'，但输入值为：'%s'", e.getName(), e.getRequiredType().getName(), value));
			}

			/**

	src/main/java/com/ruoyi/common/core/text/Convert.java	4 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java	28 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java	9 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史