Pre Merge pull request !401 from D哥/N/A

优化代码
解决数据权限过滤处理逻辑中，莫名其妙添加AND (d.dept_id = 0)的问题
2026-01-29 21:11:57 +08:00 · 2025-08-28 05:51:32 +00:00 · 2025-08-28 13:51:15 +08:00 · 2025-03-21 07:27:12 +00:00
4 changed files with 29 additions and 18 deletions
--- a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java
+++ b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java
@@ -113,9 +113,10 @@ public class DataScopeAspect
            }
            if (DATA_SCOPE_ALL.equals(dataScope))
            {
+                // 全部数据权限，不添加额外条件
                sqlString = new StringBuilder();
-                conditions.add(dataScope);
-                break;
+                conditions.clear();
+                return;
            }
            else if (DATA_SCOPE_CUSTOM.equals(dataScope))
            {
@@ -143,28 +144,28 @@ public class DataScopeAspect
                {
                    sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId()));
                }
-                else
-                {
-                    // 数据权限为仅本人且没有userAlias别名不查询任何数据
-                    sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias));
-                }
+                // 当没有 userAlias 时，不添加任何条件
            }
            conditions.add(dataScope);
        }

-        // 角色都不包含传递过来的权限字符，这个时候sqlString也会为空，所以要限制一下,不查询任何数据
+        // 角色都不包含传递过来的权限字符，这个时候不添加任何条件
        if (StringUtils.isEmpty(conditions))
        {
-            sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias));
+            sqlString = new StringBuilder();
        }

-        if (StringUtils.isNotBlank(sqlString.toString()))
+        String sql = sqlString.toString().trim();
+        if (sql.startsWith("OR ")) {
+            sql = sql.substring(3);
+        }
+        if (StringUtils.isNotBlank(sql))
        {
            Object params = joinPoint.getArgs()[0];
-            if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
+            if (params instanceof BaseEntity)
            {
                BaseEntity baseEntity = (BaseEntity) params;
-                baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
+                baseEntity.getParams().put(DATA_SCOPE, " AND (" + sql + ")");
            }
        }
    }
@@ -181,4 +182,4 @@ public class DataScopeAspect
            baseEntity.getParams().put(DATA_SCOPE, "");
        }
    }
-}
+}
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java
@@ -76,6 +76,15 @@ public interface SysUserMapper
     */
    public int updateUserAvatar(@Param("userId") Long userId, @Param("avatar") String avatar);

+    /**
+     * 修改用户状态
+     * 
+     * @param userId 用户ID
+     * @param status 状态
+     * @return 结果
+     */
+    public int updateUserStatus(@Param("userId") Long userId, @Param("status") String status);
+
    /**
     * 更新用户登录信息（IP和登录时间）
     * 
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
@@ -326,7 +326,7 @@ public class SysUserServiceImpl implements ISysUserService
    @Override
    public int updateUserStatus(SysUser user)
    {
-        return userMapper.updateUser(user);
+        return userMapper.updateUserStatus(user.getUserId(), user.getStatus());
    }

    /**
@@ -374,7 +374,7 @@ public class SysUserServiceImpl implements ISysUserService
    @Override
    public int resetPwd(SysUser user)
    {
-        return userMapper.updateUser(user);
+        return userMapper.resetUserPwd(user.getUserId(), user.getPassword());
    }

    /**
@@ -528,6 +528,7 @@ public class SysUserServiceImpl implements ISysUserService
                    checkUserDataScope(u.getUserId());
                    deptService.checkDeptDataScope(user.getDeptId());
                    user.setUserId(u.getUserId());
+                    user.setDeptId(u.getDeptId());
                    user.setUpdateBy(operName);
                    userMapper.updateUser(user);
                    successNum++;
--- a/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml
+++ b/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml
@@ -198,11 +198,11 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	</update>
 	
 	<update id="updateUserStatus" parameterType="SysUser">
- 		update sys_user set status = #{status} where user_id = #{userId}
+ 		update sys_user set status = #{status}, update_time = sysdate() where user_id = #{userId}
 	</update>
 	
 	<update id="updateUserAvatar" parameterType="SysUser">
- 		update sys_user set avatar = #{avatar} where user_id = #{userId}
+ 		update sys_user set avatar = #{avatar}, update_time = sysdate() where user_id = #{userId}
 	</update>
 	
  	<update id="updateLoginInfo" parameterType="SysUser">
@@ -210,7 +210,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	</update>
 	
 	<update id="resetUserPwd" parameterType="SysUser">
- 		update sys_user set pwd_update_date = sysdate(), password = #{password} where user_id = #{userId}
+ 		update sys_user set pwd_update_date = sysdate(), password = #{password}, update_time = sysdate() where user_id = #{userId}
 	</update>
 	
 	<delete id="deleteUserById" parameterType="Long">