From f185246cf6402ae498cf549d86923e20507625a0 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期六, 21 九月 2024 11:27:51 +0800
Subject: [PATCH] 修复角色禁用权限不失效问题
---
src/main/java/com/ruoyi/common/constant/UserConstants.java | 3 +++
src/main/java/com/ruoyi/framework/security/service/SysPermissionService.java | 11 ++++++++---
src/main/java/com/ruoyi/project/system/controller/SysRoleController.java | 4 ++--
src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java | 8 ++++----
4 files changed, 17 insertions(+), 9 deletions(-)
diff --git a/src/main/java/com/ruoyi/common/constant/UserConstants.java b/src/main/java/com/ruoyi/common/constant/UserConstants.java
index b09b6f3..f2b5ab5 100644
--- a/src/main/java/com/ruoyi/common/constant/UserConstants.java
+++ b/src/main/java/com/ruoyi/common/constant/UserConstants.java
@@ -21,6 +21,9 @@
/** 鐢ㄦ埛灏佺鐘舵�� */
public static final String USER_DISABLE = "1";
+ /** 瑙掕壊姝e父鐘舵�� */
+ public static final String ROLE_NORMAL = "0";
+
/** 瑙掕壊灏佺鐘舵�� */
public static final String ROLE_DISABLE = "1";
diff --git a/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java b/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
index 5e8c2bf..9e82409 100644
--- a/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
+++ b/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
@@ -6,6 +6,7 @@
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.stereotype.Component;
+import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
@@ -73,8 +74,7 @@
if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin())
{
String permission = StringUtils.defaultIfEmpty(controllerDataScope.permission(), PermissionContextHolder.getContext());
- dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
- controllerDataScope.userAlias(), permission);
+ dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), controllerDataScope.userAlias(), permission);
}
}
}
@@ -94,7 +94,7 @@
List<String> conditions = new ArrayList<String>();
List<String> scopeCustomIds = new ArrayList<String>();
user.getRoles().forEach(role -> {
- if (DATA_SCOPE_CUSTOM.equals(role.getDataScope()) && StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
+ if (DATA_SCOPE_CUSTOM.equals(role.getDataScope()) && StringUtils.equals(role.getStatus(), UserConstants.ROLE_NORMAL) && StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
{
scopeCustomIds.add(Convert.toStr(role.getRoleId()));
}
@@ -103,7 +103,7 @@
for (SysRole role : user.getRoles())
{
String dataScope = role.getDataScope();
- if (conditions.contains(dataScope))
+ if (conditions.contains(dataScope) || StringUtils.equals(role.getStatus(), UserConstants.ROLE_DISABLE))
{
continue;
}
diff --git a/src/main/java/com/ruoyi/framework/security/service/SysPermissionService.java b/src/main/java/com/ruoyi/framework/security/service/SysPermissionService.java
index 89081b4..ac62a57 100644
--- a/src/main/java/com/ruoyi/framework/security/service/SysPermissionService.java
+++ b/src/main/java/com/ruoyi/framework/security/service/SysPermissionService.java
@@ -6,6 +6,8 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
+import com.ruoyi.common.constant.UserConstants;
+import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.project.system.domain.SysRole;
import com.ruoyi.project.system.domain.SysUser;
import com.ruoyi.project.system.service.ISysMenuService;
@@ -68,9 +70,12 @@
// 璁剧疆permissions灞炴�э紝浠ヤ究鏁版嵁鏉冮檺鍖归厤鏉冮檺
for (SysRole role : roles)
{
- Set<String> rolePerms = menuService.selectMenuPermsByRoleId(role.getRoleId());
- role.setPermissions(rolePerms);
- perms.addAll(rolePerms);
+ if (StringUtils.equals(role.getStatus(), UserConstants.ROLE_NORMAL))
+ {
+ Set<String> rolePerms = menuService.selectMenuPermsByRoleId(role.getRoleId());
+ role.setPermissions(rolePerms);
+ perms.addAll(rolePerms);
+ }
}
}
else
diff --git a/src/main/java/com/ruoyi/project/system/controller/SysRoleController.java b/src/main/java/com/ruoyi/project/system/controller/SysRoleController.java
index ced2360..c3766bf 100644
--- a/src/main/java/com/ruoyi/project/system/controller/SysRoleController.java
+++ b/src/main/java/com/ruoyi/project/system/controller/SysRoleController.java
@@ -45,10 +45,10 @@
@Autowired
private TokenService tokenService;
-
+
@Autowired
private SysPermissionService permissionService;
-
+
@Autowired
private ISysUserService userService;
--
Gitblit v1.9.3