From e0f30ee174f39e6f416e64808b8b5b00613323c1 Mon Sep 17 00:00:00 2001 From: s2042968 Date: Tue, 14 Jan 2025 11:15:02 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8A=A0=E5=85=A5=E6=9F=A5=E7=9C=8B=E6=9D=83?= =?UTF-8?q?=E9=99=90=EF=BC=8C=E5=90=8E=E7=AB=AF=E6=A0=A1=E9=AA=8C=E9=80=BB?= =?UTF-8?q?=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../manage/aop/FilePermissionCheckAspect.java | 8 +++++++- .../manage/controller/EdFileInfoController.java | 1 + .../manage/controller/PermissionController.java | 2 +- .../software/manage/service/PermissionService.java | 4 ++-- .../service/serviceimpl/PermissionServiceImpl.java | 14 ++++++++++---- .../service/serviceimpl/RoleServiceImpl.java | 4 ++-- 6 files changed, 23 insertions(+), 10 deletions(-) diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java index c5617a2..8bb944b 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java @@ -4,6 +4,7 @@ import com.electromagnetic.industry.software.common.annotations.RequiredPermissi import com.electromagnetic.industry.software.common.enums.FilePermission; import com.electromagnetic.industry.software.common.exception.PermissionDeniedException; import com.electromagnetic.industry.software.common.util.UserThreadLocal; +import com.electromagnetic.industry.software.manage.pojo.req.FileInfoQueryDTO; import com.electromagnetic.industry.software.manage.pojo.req.UpdateFileInfoDTO; import com.electromagnetic.industry.software.manage.service.EdFileInfoService; import com.electromagnetic.industry.software.manage.service.PermissionService; @@ -46,7 +47,12 @@ public class FilePermissionCheckAspect { id = edFileInfoService.getCategoryId(childId); } - Map permissions = permissionService.getUserPermission(userId,id); + if (args[0] instanceof FileInfoQueryDTO) { + FileInfoQueryDTO fileInfoQueryDTO = (FileInfoQueryDTO) args[0]; + id = fileInfoQueryDTO.getParentId(); + } + + Map permissions = permissionService.getUserPermission(userId,id,true); if (!permissions.get(filePermission.getCode()).equals(Boolean.TRUE)) { throw new PermissionDeniedException("用户无权限执行此操作"); } diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java index 319d71a..0fd50da 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java @@ -40,6 +40,7 @@ public class EdFileInfoController { return edFileInfoService.delete(id); } + @RequiredPermission(value = FilePermission.VIEW) @RequestMapping("info") public ElectromagneticResult info(@RequestBody FileInfoQueryDTO fileInfoQueryDTO) { return edFileInfoService.queryEdFileInfo(fileInfoQueryDTO); diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/PermissionController.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/PermissionController.java index 3ed24fd..2e539ee 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/PermissionController.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/PermissionController.java @@ -23,7 +23,7 @@ public class PermissionController { @GetMapping(value = "/{id}") public ElectromagneticResult getUserPermission(@PathVariable("id") String id) { String userId = UserThreadLocal.getUserId(); - return ElectromagneticResultUtil.success(permissionService.getUserPermission(userId, id)); + return ElectromagneticResultUtil.success(permissionService.getUserPermission(userId, id, false)); } } diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java index d994842..1cf0e31 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java @@ -12,7 +12,7 @@ public interface PermissionService { * @param id * @return */ - Map getUserPermission(String userId, String id); + Map getUserPermission(String userId, String id, Boolean includeView); /** * 获取当前用户有权限访问的目录id @@ -36,7 +36,7 @@ public interface PermissionService { * @param permissionCodes * @return */ - Map transToMap(List permissionCodes); + Map transToMap(List permissionCodes, Boolean includeView); /** * 过滤有导出权限的文件id diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java index 3a392c3..65e09d7 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java @@ -38,7 +38,7 @@ public class PermissionServiceImpl implements PermissionService { */ @Override @Transactional - public Map getUserPermission(String userId, String id) { + public Map getUserPermission(String userId, String id, Boolean includeView) { List roleIds = getRoles(userId); // 只有当 roleIds 不为空且不为 null 时,才添加 in 条件 @@ -50,9 +50,10 @@ public class PermissionServiceImpl implements PermissionService { .eq(RolePermission::getFileId, id) .in(RolePermission::getRoleId, roleIds); List permissionCodes = rolePermissionMapper.selectObjs(queryWrapper1).stream().map(Object::toString).collect(Collectors.toList()); - return transToMap(permissionCodes); + return transToMap(permissionCodes, includeView); } + /** * 获取当前用户有权限访问的目录id * @@ -118,9 +119,14 @@ public class PermissionServiceImpl implements PermissionService { * @return */ @Override - public Map transToMap(List permissionCodes) { + public Map transToMap(List permissionCodes, Boolean includeView) { Map result = new HashMap<>(); - List allCodes = FilePermission.getAllCodesExcludeView(); + List allCodes = new ArrayList<>(); + if (includeView.equals(Boolean.TRUE)) { + allCodes = FilePermission.getAllCodes(); + } else { + allCodes = FilePermission.getAllCodesExcludeView(); + } for (String code : allCodes) { if (permissionCodes.contains(code)) { result.put(code, true); diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/RoleServiceImpl.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/RoleServiceImpl.java index beffbae..7fdaa8d 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/RoleServiceImpl.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/RoleServiceImpl.java @@ -191,7 +191,7 @@ public class RoleServiceImpl extends ServiceImpl implements Ro dataAuth.put("data", false); rolePermissionDTO.setDataAuth(dataAuth); } - rolePermissionDTO.setPermission(permissionService.transToMap(permissionCodes)); + rolePermissionDTO.setPermission(permissionService.transToMap(permissionCodes,false)); nodes.add(rolePermissionDTO); } @@ -290,7 +290,7 @@ public class RoleServiceImpl extends ServiceImpl implements Ro dataAuth.put("data", false); rolePermissionDTO.setDataAuth(dataAuth); - rolePermissionDTO.setPermission(permissionService.transToMap(permissionCodes)); + rolePermissionDTO.setPermission(permissionService.transToMap(permissionCodes,false)); nodes.add(rolePermissionDTO); }