From 78705c2adad774467ea2a8a106df80beda9d777b Mon Sep 17 00:00:00 2001 From: hongawen <83944980@qq.com> Date: Fri, 20 Mar 2026 13:28:34 +0800 Subject: [PATCH] =?UTF-8?q?=E5=BE=AE=E8=B0=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../system/enums/ErrorCodeConstants.java | 1 + .../admin/oauth2/OAuth2UserController.java | 3 ++ .../permission/PermissionController.java | 11 ----- .../PermissionAssignRoleDataScopeReqVO.java | 28 ------------ .../admin/permission/vo/role/RoleRespVO.java | 9 ---- .../admin/user/UserProfileController.java | 5 +++ .../system/convert/auth/AuthConvert.java | 4 +- .../service/permission/MenuService.java | 9 ++++ .../service/permission/MenuServiceImpl.java | 22 +++++++++- .../service/permission/PermissionService.java | 14 +----- .../permission/PermissionServiceImpl.java | 44 ++++++++++++++----- .../service/permission/RoleService.java | 10 ----- .../service/permission/RoleServiceImpl.java | 24 +++------- .../service/user/AdminUserServiceImpl.java | 6 ++- 14 files changed, 86 insertions(+), 104 deletions(-) delete mode 100644 rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/permission/PermissionAssignRoleDataScopeReqVO.java diff --git a/rdms-system/rdms-system-api/src/main/java/com/njcn/rdms/module/system/enums/ErrorCodeConstants.java b/rdms-system/rdms-system-api/src/main/java/com/njcn/rdms/module/system/enums/ErrorCodeConstants.java index 6aab50a..9b99ab2 100644 --- a/rdms-system/rdms-system-api/src/main/java/com/njcn/rdms/module/system/enums/ErrorCodeConstants.java +++ b/rdms-system/rdms-system-api/src/main/java/com/njcn/rdms/module/system/enums/ErrorCodeConstants.java @@ -26,6 +26,7 @@ public interface ErrorCodeConstants { ErrorCode MENU_EXISTS_CHILDREN = new ErrorCode(1_002_001_004, "存在子菜单,无法删除"); ErrorCode MENU_PARENT_NOT_DIR_OR_MENU = new ErrorCode(1_002_001_005, "父菜单的类型必须是目录或者菜单"); ErrorCode MENU_COMPONENT_NAME_DUPLICATE = new ErrorCode(1_002_001_006, "已经存在该组件名的菜单"); + ErrorCode MENU_NOT_ENABLE = new ErrorCode(1_002_001_007, "名字为【{}】的菜单已被禁用"); // ========== 角色模块 1-002-002-000 ========== ErrorCode ROLE_NOT_EXISTS = new ErrorCode(1_002_002_000, "角色不存在"); diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/oauth2/OAuth2UserController.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/oauth2/OAuth2UserController.java index f23cd36..023934a 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/oauth2/OAuth2UserController.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/oauth2/OAuth2UserController.java @@ -55,6 +55,9 @@ public class OAuth2UserController { public CommonResult getUserInfo() { // 获得用户基本信息 AdminUserDO user = userService.getUser(getLoginUserId()); + if (user == null) { + return success(null); + } OAuth2UserInfoRespVO resp = BeanUtils.toBean(user, OAuth2UserInfoRespVO.class); // 获得部门信息 if (user.getDeptId() != null) { diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/PermissionController.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/PermissionController.java index 5fe6027..63d72ac 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/PermissionController.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/PermissionController.java @@ -1,8 +1,6 @@ package com.njcn.rdms.module.system.controller.admin.permission; -import cn.hutool.core.collection.CollUtil; import com.njcn.rdms.framework.common.pojo.CommonResult; -import com.njcn.rdms.module.system.controller.admin.permission.vo.permission.PermissionAssignRoleDataScopeReqVO; import com.njcn.rdms.module.system.controller.admin.permission.vo.permission.PermissionAssignRoleMenuReqVO; import com.njcn.rdms.module.system.controller.admin.permission.vo.permission.PermissionAssignUserRoleReqVO; import com.njcn.rdms.module.system.service.permission.PermissionService; @@ -15,7 +13,6 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import jakarta.annotation.Resource; -import jakarta.validation.Valid; import java.util.Set; import static com.njcn.rdms.framework.common.pojo.CommonResult.success; @@ -51,14 +48,6 @@ public class PermissionController { return success(true); } - @PostMapping("/assign-role-data-scope") - @Operation(summary = "赋予角色数据权限") - @PreAuthorize("@ss.hasPermission('system:permission:assign-role-data-scope')") - public CommonResult assignRoleDataScope(@Valid @RequestBody PermissionAssignRoleDataScopeReqVO reqVO) { - permissionService.assignRoleDataScope(reqVO.getRoleId(), reqVO.getDataScope(), reqVO.getDataScopeDeptIds()); - return success(true); - } - @Operation(summary = "获得管理员拥有的角色编号列表") @Parameter(name = "userId", description = "用户编号", required = true) @GetMapping("/list-user-roles") diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/permission/PermissionAssignRoleDataScopeReqVO.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/permission/PermissionAssignRoleDataScopeReqVO.java deleted file mode 100644 index dbeb673..0000000 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/permission/PermissionAssignRoleDataScopeReqVO.java +++ /dev/null @@ -1,28 +0,0 @@ -package com.njcn.rdms.module.system.controller.admin.permission.vo.permission; - -import com.njcn.rdms.framework.common.validation.InEnum; -import com.njcn.rdms.module.system.enums.permission.DataScopeEnum; -import io.swagger.v3.oas.annotations.media.Schema; -import lombok.Data; - -import jakarta.validation.constraints.NotNull; -import java.util.Collections; -import java.util.Set; - -@Schema(description = "管理后台 - 赋予角色数据权限 Request VO") -@Data -public class PermissionAssignRoleDataScopeReqVO { - - @Schema(description = "角色编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1") - @NotNull(message = "角色编号不能为空") - private Long roleId; - - @Schema(description = "数据范围,参见 DataScopeEnum 枚举类", requiredMode = Schema.RequiredMode.REQUIRED, example = "1") - @NotNull(message = "数据范围不能为空") - @InEnum(value = DataScopeEnum.class, message = "数据范围必须是 {value}") - private Integer dataScope; - - @Schema(description = "部门编号列表,只有范围类型为 DEPT_CUSTOM 时,该字段才需要", example = "1,3,5") - private Set dataScopeDeptIds = Collections.emptySet(); // 兜底 - -} diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/role/RoleRespVO.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/role/RoleRespVO.java index 10365d1..20f84d0 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/role/RoleRespVO.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/permission/vo/role/RoleRespVO.java @@ -10,7 +10,6 @@ import jakarta.validation.constraints.NotBlank; import lombok.Data; import java.time.LocalDateTime; -import java.util.Set; @Schema(description = "管理后台 - 角色信息 Response VO") @Data @@ -45,14 +44,6 @@ public class RoleRespVO { @Schema(description = "备注", example = "我是一个角色") private String remark; - @Schema(description = "数据范围,参见 DataScopeEnum 枚举类", requiredMode = Schema.RequiredMode.REQUIRED, example = "1") - @ExcelProperty(value = "数据范围", converter = DictConvert.class) - @DictFormat(DictTypeConstants.DATA_SCOPE) - private Integer dataScope; - - @Schema(description = "数据范围(指定部门数组)", example = "1") - private Set dataScopeDeptIds; - @Schema(description = "创建时间", requiredMode = Schema.RequiredMode.REQUIRED, example = "时间戳格式") private LocalDateTime createTime; diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserProfileController.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserProfileController.java index 202bce7..5bd6acb 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserProfileController.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserProfileController.java @@ -1,6 +1,7 @@ package com.njcn.rdms.module.system.controller.admin.user; import com.njcn.rdms.framework.common.pojo.CommonResult; +import com.njcn.rdms.framework.common.enums.CommonStatusEnum; import com.njcn.rdms.module.system.controller.admin.user.vo.profile.UserProfileRespVO; import com.njcn.rdms.module.system.controller.admin.user.vo.profile.UserProfileUpdatePasswordReqVO; import com.njcn.rdms.module.system.controller.admin.user.vo.profile.UserProfileUpdateReqVO; @@ -54,8 +55,12 @@ public class UserProfileController { public CommonResult getUserProfile() { // 获得用户基本信息 AdminUserDO user = userService.getUser(getLoginUserId()); + if (user == null) { + return success(null); + } // 获得用户角色 List userRoles = roleService.getRoleListFromCache(permissionService.getUserRoleIdListByUserId(user.getId())); + userRoles.removeIf(role -> !CommonStatusEnum.ENABLE.getStatus().equals(role.getStatus())); // 获得部门信息 DeptDO dept = user.getDeptId() != null ? deptService.getDept(user.getDeptId()) : null; // 获得主岗位信息 diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/convert/auth/AuthConvert.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/convert/auth/AuthConvert.java index 37f9667..72c2cc9 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/convert/auth/AuthConvert.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/convert/auth/AuthConvert.java @@ -2,6 +2,7 @@ package com.njcn.rdms.module.system.convert.auth; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.util.ObjUtil; +import cn.hutool.core.util.StrUtil; import com.njcn.rdms.framework.common.util.object.BeanUtils; import com.njcn.rdms.module.system.controller.admin.auth.vo.AuthPermissionInfoRespVO; import com.njcn.rdms.module.system.dal.dataobject.permission.MenuDO; @@ -32,7 +33,8 @@ public interface AuthConvert { return AuthPermissionInfoRespVO.builder() .user(BeanUtils.toBean(user, AuthPermissionInfoRespVO.UserVO.class)) .roles(convertSet(roleList, RoleDO::getCode)) - .permissions(convertSet(menuList, MenuDO::getPermission)) + .permissions(convertSet(filterList(menuList, menu -> StrUtil.isNotBlank(menu.getPermission())), + MenuDO::getPermission)) .menus(buildMenuTree(menuList)) .build(); } diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuService.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuService.java index 6aa438c..e4c6223 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuService.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuService.java @@ -29,4 +29,13 @@ public interface MenuService { List getMenuList(Collection ids); + /** + * 校验菜单们是否有效。如下情况,视为无效: + * 1. 菜单编号不存在 + * 2. 菜单被禁用 + * + * @param ids 菜单编号数组 + */ + void validateMenuList(Collection ids); + } diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuServiceImpl.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuServiceImpl.java index dd98085..9ecda2e 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuServiceImpl.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/MenuServiceImpl.java @@ -18,7 +18,6 @@ import jakarta.annotation.Resource; import lombok.extern.slf4j.Slf4j; import org.springframework.cache.annotation.CacheEvict; import org.springframework.cache.annotation.Cacheable; -import org.springframework.context.annotation.Lazy; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -109,6 +108,9 @@ public class MenuServiceImpl implements MenuService { public void deleteMenuList(List ids) { // 校验是否还有子菜单 ids.forEach(id -> { + if (menuMapper.selectById(id) == null) { + throw exception(MENU_NOT_EXISTS); + } if (menuMapper.selectCountByParentId(id) > 0) { throw exception(MENU_EXISTS_CHILDREN); } @@ -197,6 +199,24 @@ public class MenuServiceImpl implements MenuService { return menuMapper.selectByIds(ids); } + @Override + public void validateMenuList(Collection ids) { + if (CollUtil.isEmpty(ids)) { + return; + } + List menus = menuMapper.selectByIds(ids); + Map menuMap = convertMap(menus, MenuDO::getId); + ids.forEach(id -> { + MenuDO menu = menuMap.get(id); + if (menu == null) { + throw exception(MENU_NOT_EXISTS); + } + if (CommonStatusEnum.isDisable(menu.getStatus())) { + throw exception(MENU_NOT_ENABLE, menu.getName()); + } + }); + } + /** * 校验父菜单是否合法 *

diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionService.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionService.java index b4da8d9..8f419b0 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionService.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionService.java @@ -8,7 +8,7 @@ import static java.util.Collections.singleton; /** * 权限 Service 接口 *

- * 提供用户-角色、角色-菜单、角色-部门的关联权限处理 + * 提供用户-角色、角色-菜单的关联权限处理 * * @author hongawen */ @@ -122,16 +122,4 @@ public interface PermissionService { */ Set getUserRoleIdListByUserIdFromCache(Long userId); - // ========== 用户-部门的相关方法 ========== - - /** - * 设置角色的数据权限 - * - * @param roleId 角色编号 - * @param dataScope 数据范围 - * @param dataScopeDeptIds 部门编号数组 - */ - void assignRoleDataScope(Long roleId, Integer dataScope, Set dataScopeDeptIds); - - } diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionServiceImpl.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionServiceImpl.java index 45145d6..a68add9 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionServiceImpl.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/PermissionServiceImpl.java @@ -13,7 +13,6 @@ import com.njcn.rdms.module.system.dal.dataobject.permission.UserRoleDO; import com.njcn.rdms.module.system.dal.mysql.permission.RoleMenuMapper; import com.njcn.rdms.module.system.dal.mysql.permission.UserRoleMapper; import com.njcn.rdms.module.system.dal.redis.RedisKeyConstants; -import com.njcn.rdms.module.system.service.dept.DeptService; import com.njcn.rdms.module.system.service.user.AdminUserService; import com.baomidou.dynamic.datasource.annotation.DSTransactional; import com.google.common.annotations.VisibleForTesting; @@ -49,8 +48,6 @@ public class PermissionServiceImpl implements PermissionService { @Resource private MenuService menuService; @Resource - private DeptService deptService; - @Resource private AdminUserService userService; @Override @@ -90,10 +87,14 @@ public class PermissionServiceImpl implements PermissionService { if (CollUtil.isEmpty(menuIds)) { return false; } + List menus = getEnablePermissionMenus(menuIds); + if (CollUtil.isEmpty(menus)) { + return false; + } // 判断是否有权限 Set roleIds = convertSet(roles, RoleDO::getId); - for (Long menuId : menuIds) { + for (Long menuId : convertSet(menus, MenuDO::getId)) { // 获得拥有该菜单的角色编号集合 Set menuRoleIds = getSelf().getMenuRoleIdListByMenuIdFromCache(menuId); // 如果有交集,说明有权限 @@ -104,6 +105,29 @@ public class PermissionServiceImpl implements PermissionService { return false; } + /** + * 加载权限菜单自身及其父链后,再统一过滤禁用节点,避免仅查询按钮节点时误判父菜单缺失。 + */ + private List getEnablePermissionMenus(Collection menuIds) { + Set targetMenuIds = new HashSet<>(menuIds); + Map menuMap = new LinkedHashMap<>(); + Set currentIds = new HashSet<>(menuIds); + while (CollUtil.isNotEmpty(currentIds)) { + List currentMenus = menuService.getMenuList(currentIds); + if (CollUtil.isEmpty(currentMenus)) { + break; + } + currentMenus.forEach(menu -> menuMap.put(menu.getId(), menu)); + Set parentIds = convertSet(currentMenus, MenuDO::getParentId); + parentIds.remove(MenuDO.ID_ROOT); + parentIds.removeIf(menuMap::containsKey); + currentIds = parentIds; + } + List enabledMenus = menuService.filterDisableMenus(new ArrayList<>(menuMap.values())); + enabledMenus.removeIf(menu -> !targetMenuIds.contains(menu.getId())); + return enabledMenus; + } + @Override public boolean hasAnyRoles(Long userId, String... roles) { // 如果为空,说明已经有权限 @@ -133,6 +157,8 @@ public class PermissionServiceImpl implements PermissionService { allEntries = true) // allEntries 清空所有缓存,主要一次更新涉及到的 menuIds 较多,反倒批量会更快 }) public void assignRoleMenu(Long roleId, Set menuIds) { + roleService.validateRoleList(Collections.singleton(roleId)); + menuService.validateMenuList(menuIds); // 获得角色拥有菜单编号 Set dbMenuIds = convertSet(roleMenuMapper.selectListByRoleId(roleId), RoleMenuDO::getMenuId); // 计算新增和删除的菜单编号 @@ -200,6 +226,8 @@ public class PermissionServiceImpl implements PermissionService { @DSTransactional // 多数据源,使用 @DSTransactional 保证本地事务,以及数据源的切换 @CacheEvict(value = RedisKeyConstants.USER_ROLE_ID_LIST, key = "#userId") public void assignUserRole(Long userId, Set roleIds) { + userService.validateUserList(Collections.singleton(userId)); + roleService.validateRoleList(roleIds); // 获得角色拥有角色编号 Set dbRoleIds = convertSet(userRoleMapper.selectListByUserId(userId), UserRoleDO::getRoleId); @@ -259,14 +287,6 @@ public class PermissionServiceImpl implements PermissionService { return roles; } - // ========== 用户-部门的相关方法 ========== - - @Override - public void assignRoleDataScope(Long roleId, Integer dataScope, Set dataScopeDeptIds) { - roleService.updateRoleDataScope(roleId, dataScope, dataScopeDeptIds); - } - - /** * 获得自身的代理对象,解决 AOP 生效问题 * diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleService.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleService.java index a7d2f37..57ac9bd 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleService.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleService.java @@ -8,7 +8,6 @@ import jakarta.validation.Valid; import java.util.Collection; import java.util.List; -import java.util.Set; /** * 角色 Service 接口 @@ -47,15 +46,6 @@ public interface RoleService { */ void deleteRoleList(List ids); - /** - * 设置角色的数据权限 - * - * @param id 角色编号 - * @param dataScope 数据范围 - * @param dataScopeDeptIds 部门编号数组 - */ - void updateRoleDataScope(Long id, Integer dataScope, Set dataScopeDeptIds); - /** * 获得角色 * diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleServiceImpl.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleServiceImpl.java index 2e447a5..0f03a38 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleServiceImpl.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/permission/RoleServiceImpl.java @@ -14,7 +14,6 @@ import com.njcn.rdms.module.system.controller.admin.permission.vo.role.RoleSaveR import com.njcn.rdms.module.system.dal.dataobject.permission.RoleDO; import com.njcn.rdms.module.system.dal.mysql.permission.RoleMapper; import com.njcn.rdms.module.system.dal.redis.RedisKeyConstants; -import com.njcn.rdms.module.system.enums.permission.DataScopeEnum; import com.njcn.rdms.module.system.enums.permission.RoleCodeEnum; import com.njcn.rdms.module.system.enums.permission.RoleTypeEnum; import com.google.common.annotations.VisibleForTesting; @@ -29,7 +28,10 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils; -import java.util.*; +import java.util.Collection; +import java.util.Collections; +import java.util.List; +import java.util.Map; import static com.njcn.rdms.framework.common.exception.util.ServiceExceptionUtil.exception; import static com.njcn.rdms.framework.common.util.collection.CollectionUtils.convertMap; @@ -62,8 +64,7 @@ public class RoleServiceImpl implements RoleService { // 2. 插入到数据库 RoleDO role = BeanUtils.toBean(createReqVO, RoleDO.class) .setType(ObjectUtil.defaultIfNull(type, RoleTypeEnum.CUSTOM.getType())) - .setStatus(ObjUtil.defaultIfNull(createReqVO.getStatus(), CommonStatusEnum.ENABLE.getStatus())) - .setDataScope(DataScopeEnum.ALL.getScope()); // 默认可查看所有数据。原因是,可能一些项目不需要项目权限 + .setStatus(ObjUtil.defaultIfNull(createReqVO.getStatus(), CommonStatusEnum.ENABLE.getStatus())); roleMapper.insert(role); // 3. 记录操作日志上下文 @@ -90,20 +91,6 @@ public class RoleServiceImpl implements RoleService { LogRecordContext.putVariable("role", role); } - @Override - @CacheEvict(value = RedisKeyConstants.ROLE, key = "#id") - public void updateRoleDataScope(Long id, Integer dataScope, Set dataScopeDeptIds) { - // 校验是否可以更新 - validateRoleForUpdate(id); - - // 更新数据范围 - RoleDO updateObject = new RoleDO(); - updateObject.setId(id); - updateObject.setDataScope(dataScope); - updateObject.setDataScopeDeptIds(dataScopeDeptIds); - roleMapper.updateById(updateObject); - } - @Override @Transactional(rollbackFor = Exception.class) @CacheEvict(value = RedisKeyConstants.ROLE, key = "#id") @@ -124,6 +111,7 @@ public class RoleServiceImpl implements RoleService { @Override @Transactional(rollbackFor = Exception.class) + @CacheEvict(value = RedisKeyConstants.ROLE, allEntries = true) public void deleteRoleList(List ids) { // 1. 校验是否可以删除 ids.forEach(this::validateRoleForUpdate); diff --git a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/user/AdminUserServiceImpl.java b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/user/AdminUserServiceImpl.java index 99905b1..b6ec4ab 100644 --- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/user/AdminUserServiceImpl.java +++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/service/user/AdminUserServiceImpl.java @@ -220,6 +220,7 @@ public class AdminUserServiceImpl implements AdminUserService { // 2. 删除用户及其关联数据 userMapper.deleteById(id); permissionService.processUserDeleted(id); + oauth2TokenService.removeAccessToken(id, UserTypeEnum.ADMIN.getValue()); // 3. 记录操作日志上下文 LogRecordContext.putVariable("user", user); } @@ -230,7 +231,10 @@ public class AdminUserServiceImpl implements AdminUserService { // 1. 批量删除用户 userMapper.deleteByIds(ids); // 2. 批量删除用户关联数据 - ids.forEach(permissionService::processUserDeleted); + ids.forEach(id -> { + permissionService.processUserDeleted(id); + oauth2TokenService.removeAccessToken(id, UserTypeEnum.ADMIN.getValue()); + }); } @Override