后台限制权限新增更改

2025-01-10 09:44:40 +08:00 · 2025-01-10 09:44:40 +08:00 · eb17cb7b47
parent bb2df18f6d
commit eb17cb7b47
4 changed files with 82 additions and 1 deletions
--- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/PermissionAspect.java
+++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/PermissionAspect.java
@ -0,0 +1,31 @@
+package com.electromagnetic.industry.software.manage.aop;
+
+import com.electromagnetic.industry.software.common.annotations.RequiredPermission;
+import com.electromagnetic.industry.software.common.enums.FilePermission;
+import com.electromagnetic.industry.software.common.util.UserThreadLocal;
+import com.electromagnetic.industry.software.manage.service.PermissionService;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import java.util.Map;
+
+@Aspect
+@Component
+public class PermissionAspect {
+
+    @Resource
+    PermissionService permissionService;
+
+    @Before("@annotation(requiredPermission) && args(id)")
+    public void requirePermission(RequiredPermission requiredPermission, String id) {
+
+        FilePermission filePermission = requiredPermission.value();
+        String userId = UserThreadLocal.getUserId();
+        Map<String,Boolean> permissions = permissionService.getUserPermission(userId,id);
+        if (!permissions.get(filePermission.getCode()).equals(Boolean.TRUE)) {
+            throw new SecurityException("用户无权限执行此操作");
+        }
+    }
+}
--- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java
+++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java
@ -37,4 +37,10 @@ public interface PermissionService {
     * @return
     */
    Map<String, Boolean> transToMap(List<String> permissionCodes);
+
+    /**
+     * 检查文件id列表是否可具有导出权限
+     * @param ids
+     */
+    String[] filterExportIds(String[] ids);
 }
--- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java
+++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java
@ -9,6 +9,7 @@ import com.electromagnetic.industry.software.manage.mapper.UserRoleMapper;
 import com.electromagnetic.industry.software.manage.pojo.models.RolePermission;
 import com.electromagnetic.industry.software.manage.pojo.models.UserRole;
 import com.electromagnetic.industry.software.manage.service.PermissionService;
+import com.electromagnetic.industry.software.manage.service.RolePermissionService;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

@ -37,7 +38,7 @@ public class PermissionServiceImpl implements PermissionService {

        List<String> roleIds = getRoles(userId);
        // 只有当 roleIds 不为空且不为 null 时，才添加 in 条件
-        if (CollUtil.isEmpty(roleIds)) {
+        if (roleIds.isEmpty()) {
            return new HashMap<>();
        }
        LambdaQueryWrapper<RolePermission> queryWrapper1 = new LambdaQueryWrapper<>();
@ -58,6 +59,10 @@ public class PermissionServiceImpl implements PermissionService {
        String userId = UserThreadLocal.getUserId();
        List<String> roleIds = getRoles(userId);

+        if (roleIds ==null || roleIds.isEmpty()) {
+            return new ArrayList<>();
+        }
+
        LambdaQueryWrapper<RolePermission> queryWrapper1 = new LambdaQueryWrapper<>();
        queryWrapper1.select(RolePermission::getFileId)
                .in(RolePermission::getRoleId, roleIds)
@ -112,4 +117,29 @@ public class PermissionServiceImpl implements PermissionService {
        }
        return result;
    }
+
+    /**
+     * 检查文件id列表是否可具有导出权限
+     * @param ids
+     */
+    @Override
+    public String[] filterExportIds(String[] ids){
+        if (ids.length==0) {
+            return ids;
+        }
+        String userId=UserThreadLocal.getUserId();
+        List<String> roleIds = getRoles(userId);
+        List<String> result = new ArrayList<>();
+        for (String id : ids) {
+            LambdaQueryWrapper<RolePermission> queryWrapper = new LambdaQueryWrapper<>();
+            queryWrapper.eq(RolePermission::getFileId, id)
+                    .eq(RolePermission::getPermissionCode, FilePermission.EXPORT.getCode())
+                    .in(RolePermission::getRoleId, roleIds);
+            List<RolePermission> list = rolePermissionMapper.selectList(queryWrapper);
+            if (!list.isEmpty()) {
+                result.add(id);
+            }
+        }
+        return result.toArray(new String[0]);
+    }
 }
--- a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/annotations/RequiredPermission.java
+++ b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/annotations/RequiredPermission.java
@ -0,0 +1,14 @@
+package com.electromagnetic.industry.software.common.annotations;
+
+import com.electromagnetic.industry.software.common.enums.FilePermission;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface RequiredPermission {
+    FilePermission value();
+}