优化多角色数据权限匹配规则

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysDeptService.java

@@ -19,6 +19,14 @@ public interface ISysDeptService
      */
     public List<SysDept> selectDeptList(SysDept dept);
 
+    /**
+     * 查询部门树结构信息
+     * 
+     * @param dept 部门信息
+     * @return 部门树信息集合
+     */
+    public List<TreeSelect> selectDeptTreeList(SysDept dept);
+
     /**
      * 构建前端所需要树结构
      * 

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysMenuService.java

@@ -38,6 +38,14 @@ public interface ISysMenuService
      */
     public Set<String> selectMenuPermsByUserId(Long userId);
 
+    /**
+     * 根据角色ID查询权限
+     * 
+     * @param roleId 角色ID
+     * @return 权限列表
+     */
+    public Set<String> selectMenuPermsByRoleId(Long roleId);
+
     /**
      * 根据用户ID查询菜单树信息
      * 

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysPermissionService.java

@@ -2,6 +2,13 @@ package com.ruoyi.system.service;
 
 import java.util.Set;
 
+import com.ruoyi.system.api.domain.SysUser;
+
+/**
+ * 权限信息 服务层
+ * 
+ * @author ruoyi
+ */
 public interface ISysPermissionService
 {
     /**
@@ -10,7 +17,7 @@ public interface ISysPermissionService
      * @param userId 用户Id
      * @return 角色权限信息
      */
-    public Set<String> getRolePermission(Long userId);
+    public Set<String> getRolePermission(SysUser user);
 
     /**
      * 获取菜单数据权限
@@ -18,5 +25,5 @@ public interface ISysPermissionService
      * @param userId 用户Id
      * @return 菜单权限信息
      */
-    public Set<String> getMenuPermission(Long userId);
+    public Set<String> getMenuPermission(SysUser user);
 }

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java

@@ -48,6 +48,19 @@ public class SysDeptServiceImpl implements ISysDeptService
         return deptMapper.selectDeptList(dept);
     }
 
+    /**
+     * 查询部门树结构信息
+     * 
+     * @param dept 部门信息
+     * @return 部门树信息集合
+     */
+    @Override
+    public List<TreeSelect> selectDeptTreeList(SysDept dept)
+    {
+        List<SysDept> depts = SpringUtils.getAopProxy(this).selectDeptList(dept);
+        return buildDeptTreeSelect(depts);
+    }
+
     /**
      * 构建前端所需要树结构
      * 

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java

@@ -100,6 +100,27 @@ public class SysMenuServiceImpl implements ISysMenuService
         return permsSet;
     }
 
+    /**
+     * 根据角色ID查询权限
+     * 
+     * @param roleId 角色ID
+     * @return 权限列表
+     */
+    @Override
+    public Set<String> selectMenuPermsByRoleId(Long roleId)
+    {
+        List<String> perms = menuMapper.selectMenuPermsByRoleId(roleId);
+        Set<String> permsSet = new HashSet<>();
+        for (String perm : perms)
+        {
+            if (StringUtils.isNotEmpty(perm))
+            {
+                permsSet.addAll(Arrays.asList(perm.trim().split(",")));
+            }
+        }
+        return permsSet;
+    }
+
     /**
      * 根据用户ID查询菜单
      * 

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysPermissionServiceImpl.java

@@ -1,14 +1,21 @@
 package com.ruoyi.system.service.impl;
 
 import java.util.HashSet;
+import java.util.List;
 import java.util.Set;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import com.ruoyi.system.api.domain.SysRole;
 import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.service.ISysMenuService;
 import com.ruoyi.system.service.ISysPermissionService;
 import com.ruoyi.system.service.ISysRoleService;
 
+/**
+ * 用户权限处理
+ * 
+ * @author ruoyi
+ */
 @Service
 public class SysPermissionServiceImpl implements ISysPermissionService
 {
@@ -25,17 +32,17 @@ public class SysPermissionServiceImpl implements ISysPermissionService
      * @return 角色权限信息
      */
     @Override
-    public Set<String> getRolePermission(Long userId)
+    public Set<String> getRolePermission(SysUser user)
     {
         Set<String> roles = new HashSet<String>();
         // 管理员拥有所有权限
-        if (SysUser.isAdmin(userId))
+        if (user.isAdmin())
         {
             roles.add("admin");
         }
         else
         {
-            roles.addAll(roleService.selectRolePermissionByUserId(userId));
+            roles.addAll(roleService.selectRolePermissionByUserId(user.getUserId()));
         }
         return roles;
     }
@@ -47,17 +54,31 @@ public class SysPermissionServiceImpl implements ISysPermissionService
      * @return 菜单权限信息
      */
     @Override
-    public Set<String> getMenuPermission(Long userId)
+    public Set<String> getMenuPermission(SysUser user)
     {
         Set<String> perms = new HashSet<String>();
         // 管理员拥有所有权限
-        if (SysUser.isAdmin(userId))
+        if (user.isAdmin())
         {
             perms.add("*:*:*");
         }
         else
         {
-            perms.addAll(menuService.selectMenuPermsByUserId(userId));
+            List<SysRole> roles = user.getRoles();
+            if (!roles.isEmpty() && roles.size() > 1)
+            {
+                // 多角色设置permissions属性，以便数据权限匹配权限
+                for (SysRole role : roles)
+                {
+                    Set<String> rolePerms = menuService.selectMenuPermsByRoleId(role.getRoleId());
+                    role.setPermissions(rolePerms);
+                    perms.addAll(rolePerms);
+                }
+            }
+            else
+            {
+                perms.addAll(menuService.selectMenuPermsByUserId(user.getUserId()));
+            }
         }
         return perms;
     }