update 优化校验角色是否有数据权限

6 months ago · 7488b091bc
parent 483107955e
commit 7488b091bc
8 changed files with 28 additions and 6 deletions
--- a/ruoyi-auth/src/main/java/org/dromara/auth/form/PasswordLoginBody.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/form/PasswordLoginBody.java
@ -27,6 +27,7 @@ public class PasswordLoginBody extends LoginBody {
     */
    @NotBlank(message = "{user.password.not.blank}")
    @Length(min = 5, max = 30, message = "{user.password.length.valid}")
+//    @Pattern(regexp = RegexConstants.PASSWORD, message = "{user.password.format.valid}")
    private String password;

 }
--- a/ruoyi-auth/src/main/java/org/dromara/auth/form/RegisterBody.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/form/RegisterBody.java
@ -27,6 +27,7 @@ public class RegisterBody extends LoginBody {
     */
    @NotBlank(message = "{user.password.not.blank}")
    @Length(min = 5, max = 30, message = "{user.password.length.valid}")
+//    @Pattern(regexp = RegexConstants.PASSWORD, message = "{user.password.format.valid}")
    private String password;

    /**
--- a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages.properties
+++ b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages.properties
@ -17,6 +17,7 @@ user.username.length.valid=账户长度必须在{min}到{max}个字符之间
 user.password.not.blank=用户密码不能为空
 user.password.length.valid=用户密码长度必须在{min}到{max}个字符之间
 user.password.not.valid=* 5-50个字符
+user.password.format.valid=密码必须包含大写字母、小写字母、数字和特殊字符
 user.email.not.valid=邮箱格式错误
 user.email.not.blank=邮箱不能为空
 user.phonenumber.not.blank=用户手机号不能为空
--- a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_en_US.properties
+++ b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_en_US.properties
@ -17,6 +17,7 @@ user.username.length.valid=Account length must be between {min} and {max} charac
 user.password.not.blank=Password cannot be empty
 user.password.length.valid=Password length must be between {min} and {max} characters
 user.password.not.valid=* 5-50 characters
+user.password.format.valid=Password must contain uppercase, lowercase, digit, and special character
 user.email.not.valid=Mailbox format error
 user.email.not.blank=Mailbox cannot be blank
 user.phonenumber.not.blank=Phone number cannot be blank
--- a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_zh_CN.properties
+++ b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_zh_CN.properties
@ -17,6 +17,7 @@ user.username.length.valid=账户长度必须在{min}到{max}个字符之间
 user.password.not.blank=用户密码不能为空
 user.password.length.valid=用户密码长度必须在{min}到{max}个字符之间
 user.password.not.valid=* 5-50个字符
+user.password.format.valid=密码必须包含大写字母、小写字母、数字和特殊字符
 user.email.not.valid=邮箱格式错误
 user.email.not.blank=邮箱不能为空
 user.phonenumber.not.blank=用户手机号不能为空
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysTenantBo.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysTenantBo.java
@ -62,6 +62,7 @@ public class SysTenantBo extends BaseEntity {
     * 密码（创建系统用户）
     */
    @NotBlank(message = "密码不能为空", groups = { AddGroup.class })
+//    @Pattern(regexp = RegexConstants.PASSWORD, message = "{user.password.format.valid}", groups = { AddGroup.class })
    private String password;

    /**
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysRoleService.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysRoleService.java
@ -118,6 +118,13 @@ public interface ISysRoleService {
     */
    void checkRoleDataScope(Long roleId);

+    /**
+     * 校验角色是否有数据权限
+     *
+     * @param roleIds 角色ID列表（支持传单个ID）
+     */
+    void checkRoleDataScope(List<Long> roleIds);
+
    /**
     * 通过角色ID查询角色使用数量
     *
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
@ -253,14 +253,23 @@ public class SysRoleServiceImpl implements ISysRoleService {
        if (ObjectUtil.isNull(roleId)) {
            return;
        }
-        if (LoginHelper.isSuperAdmin()) {
+        this.checkRoleDataScope(Collections.singletonList(roleId));
+    }
+
+    /**
+     * 校验角色是否有数据权限
+     *
+     * @param roleIds 角色ID列表（支持传单个ID）
+     */
+    @Override
+    public void checkRoleDataScope(List<Long> roleIds) {
+        if (CollUtil.isEmpty(roleIds) || LoginHelper.isSuperAdmin()) {
            return;
        }
-        List<SysRoleVo> roles = this.selectRoleList(new SysRoleBo(roleId));
-        if (CollUtil.isEmpty(roles)) {
-            throw new ServiceException("没有权限访问角色数据！");
+        long count = baseMapper.selectRoleCount(roleIds);
+        if (count != roleIds.size()) {
+            throw new ServiceException("没有权限访问部分角色数据！");
        }
-
    }

    /**
@ -417,10 +426,10 @@ public class SysRoleServiceImpl implements ISysRoleService {
    @Override
    @Transactional(rollbackFor = Exception.class)
    public int deleteRoleByIds(List<Long> roleIds) {
+        checkRoleDataScope(roleIds);
        List<SysRole> roles = baseMapper.selectByIds(roleIds);
        for (SysRole role : roles) {
            checkRoleAllowed(BeanUtil.toBean(role, SysRoleBo.class));
-            checkRoleDataScope(role.getRoleId());
            if (countUserRoleByRoleId(role.getRoleId()) > 0) {
                throw new ServiceException(String.format("%1$s已分配，不能删除!", role.getRoleName()));
            }