feat(youlai-admin): 角色添加dataScope字段

角色添加dataScope字段

feat(youlai-admin): 角色添加dataScope字段
角色添加dataScope字段
9e833985 · 总有刁民想害朕2 · 72b4906d · 9e833985 · 9e833985 · 9e833985
12 changed file
--- a/docs/sql/mysql5.x/youlai.sql
+++ b/docs/sql/mysql5.x/youlai.sql
--- a/docs/sql/mysql8.x/youlai.sql
+++ b/docs/sql/mysql8.x/youlai.sql
--- a/youlai-admin/admin-api/src/main/java/com/youlai/admin/dto/UserAuthDTO.java
+++ b/youlai-admin/admin-api/src/main/java/com/youlai/admin/dto/UserAuthDTO.java
 package com.youlai.admin.dto;

+
 import lombok.Data;

 import java.util.List;
@@ -43,4 +44,9 @@ public class UserAuthDTO {
     */
    private Long deptId;

+    /**
+     * 用户角色数据权限集合
+     */
+    private List<Integer> dataScopes;
+
 }
--- a/youlai-admin/admin-boot/src/main/java/com/youlai/admin/pojo/entity/SysRole.java
+++ b/youlai-admin/admin-boot/src/main/java/com/youlai/admin/pojo/entity/SysRole.java
@@ -25,6 +25,8 @@ public class SysRole extends BaseEntity {

    private Integer status;

+    private Integer dataScope;
+
    @ApiModelProperty("逻辑删除标识 0-未删除 1-已删除")
    //@TableLogic(value = "0", delval = "1")
    private Integer deleted;

--- a/youlai-admin/admin-boot/src/main/java/com/youlai/admin/pojo/form/RoleForm.java
+++ b/youlai-admin/admin-boot/src/main/java/com/youlai/admin/pojo/form/RoleForm.java
@@ -27,4 +27,7 @@ public class RoleForm {
    @ApiModelProperty("角色状态(1-正常；0-停用)")
    private Integer status;

+    @ApiModelProperty("数据范围（1：全部数据权限  2：本部门数据权限 3：本部门及以下数据权限 4:本人数据）")
+    private Integer dataScope;
+
 }
--- a/youlai-admin/admin-boot/src/main/java/com/youlai/admin/pojo/vo/role/RolePageVO.java
+++ b/youlai-admin/admin-boot/src/main/java/com/youlai/admin/pojo/vo/role/RolePageVO.java
@@ -16,4 +16,7 @@ public class RolePageVO {

    @ApiModelProperty("角色编码")
    private String code;
+
+    @ApiModelProperty("角色数据权限")
+    private Integer dataScope;
 }
--- a/youlai-admin/admin-boot/src/main/java/com/youlai/admin/service/impl/SysRoleServiceImpl.java
+++ b/youlai-admin/admin-boot/src/main/java/com/youlai/admin/service/impl/SysRoleServiceImpl.java
@@ -69,7 +69,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
                        .or()
                        .like(StrUtil.isNotBlank(keywords), SysRole::getCode, keywords)
                        .ne(!UserUtils.isRoot(), SysRole::getCode, GlobalConstants.ROOT_ROLE_CODE) // 非超级管理员不显示超级管理员角色
-                        .select(SysRole::getId, SysRole::getName, SysRole::getCode)
+                        .select(SysRole::getId, SysRole::getName, SysRole::getCode,SysRole::getDataScope)
        );

        // 实体转换

--- a/youlai-admin/admin-boot/src/main/resources/mapper/SysUserMapper.xml
+++ b/youlai-admin/admin-boot/src/main/resources/mapper/SysUserMapper.xml
@@ -86,6 +86,9 @@
        <collection property="roles" ofType="string" javaType="list">
            <result column="roleCode"></result>
        </collection>
+        <collection property="dataScopes" ofType="int" javaType="list">
+            <result column="dataScope"></result>
+        </collection>
    </resultMap>

    <!-- 根据用户名获取认证信息 -->
@@ -97,7 +100,8 @@
            t1.PASSWORD,
            t1.STATUS,
            t1.dept_id deptId,
-            t3.CODE roleCode
+            t3.CODE roleCode,
+             t3.data_scope dataScope
        FROM
            sys_user t1
                LEFT JOIN sys_user_role t2 ON t2.user_id = t1.id

--- a/youlai-auth/src/main/java/com/youlai/auth/security/config/AuthorizationServerConfig.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/security/config/AuthorizationServerConfig.java
@@ -187,6 +187,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
                additionalInfo.put("userId", sysUserDetails.getUserId());
                additionalInfo.put("username", sysUserDetails.getUsername());
                additionalInfo.put("deptId", sysUserDetails.getDeptId());
+                additionalInfo.put("dataScopes",sysUserDetails.getDataScopes());
                // 认证身份标识(username:用户名；)
                if (StrUtil.isNotBlank(sysUserDetails.getAuthenticationIdentity())) {
                    additionalInfo.put("authenticationIdentity", sysUserDetails.getAuthenticationIdentity());

--- a/youlai-auth/src/main/java/com/youlai/auth/security/core/userdetails/user/SysUserDetails.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/security/core/userdetails/user/SysUserDetails.java
@@ -11,6 +11,7 @@ import org.springframework.security.core.userdetails.UserDetails;

 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.List;


 /**
@@ -39,6 +40,11 @@ public class SysUserDetails implements UserDetails {
     */
    private Long deptId;

+    /**
+     * 用户角色数据权限集合
+     */
+    private List<Integer> dataScopes;
+
    /**
     * 默认字段
     */
@@ -54,6 +60,7 @@ public class SysUserDetails implements UserDetails {
        this.setUserId(user.getUserId());
        this.setUsername(user.getUsername());
        this.setDeptId(user.getDeptId());
+        this.setDataScopes(user.getDataScopes());
        this.setPassword(PasswordEncoderTypeEnum.BCRYPT.getPrefix() + user.getPassword());
        this.setEnabled(GlobalConstants.STATUS_YES.equals(user.getStatus()));
        if (CollectionUtil.isNotEmpty(user.getRoles())) {

--- a/youlai-common/common-mybatis/src/main/java/com/youlai/common/mybatis/handler/MyDataPermissionHandler.java
+++ b/youlai-common/common-mybatis/src/main/java/com/youlai/common/mybatis/handler/MyDataPermissionHandler.java
@@ -28,6 +28,28 @@ import java.util.List;
 @Slf4j
 public class MyDataPermissionHandler implements DataPermissionHandler {

+    /**
+     * 全部数据权限
+     */
+    public static final Integer DATA_SCOPE_ALL = 1;
+
+
+    /**
+     * 部门数据权限
+     */
+    public static final Integer DATA_SCOPE_DEPT = 2;
+
+    /**
+     * 部门及以下数据权限
+     */
+    public static final Integer DATA_SCOPE_DEPT_AND_CHILD =3;
+
+    /**
+     * 仅本人数据权限
+     */
+    public static final Integer DATA_SCOPE_SELF = 4;
+
+
    @Override
    public Expression getSqlSegment(Expression where, String mappedStatementId) {
        try {
@@ -61,6 +83,19 @@ public class MyDataPermissionHandler implements DataPermissionHandler {
     * @return 构建后查询条件
     */
    public static Expression dataScopeFilter(String deptAlias, Expression where) {
+        // 获取当前的用户数据权限
+        List<Integer> dataScopes = UserUtils.getDataScopes();
+        for (Integer dataScope: dataScopes) {
+            if(dataScope == DATA_SCOPE_ALL){
+
+            }else if(dataScope == DATA_SCOPE_DEPT){
+
+            }else if(dataScope == DATA_SCOPE_DEPT_AND_CHILD){
+
+            }else if(dataScope == DATA_SCOPE_SELF){
+
+            }
+        }
        Expression expression = new EqualsTo(new Column(StrUtil.isEmpty(deptAlias) ? "id" : deptAlias + ".id"), getDeptId());
        LikeExpression likeExpression = new LikeExpression();
        Function left = new Function();

--- a/youlai-common/common-web/src/main/java/com/youlai/common/web/util/UserUtils.java
+++ b/youlai-common/common-web/src/main/java/com/youlai/common/web/util/UserUtils.java
@@ -77,6 +77,22 @@ public class UserUtils {
        return roles;
    }

+    /**
+     * JWT获取用户数据权限列表
+     *
+     * @return 角色数据权限列表
+     */
+    public static List<Integer> getDataScopes() {
+        List<Integer> dataScopes;
+        JSONObject payload =  JwtUtils.getJwtPayload();
+        if (payload.containsKey("dataScopes")) {
+            dataScopes = payload.getJSONArray("dataScopes").toList(Integer.class);
+        } else {
+            dataScopes = Collections.emptyList();
+        }
+        return dataScopes;
+    }
+
    /**
     * 是否「超级管理员」
     *