refactor: 获取认证用户信息添加数据权限

youlai-auth/src/main/java/com/youlai/auth/security/userdetails/user/SysUserDetailsServiceImpl.java

 package com.youlai.auth.security.userdetails.user;
 
+import cn.hutool.core.lang.Assert;
+import com.youlai.common.enums.StatusEnum;
+import com.youlai.common.result.Result;
 import com.youlai.system.api.UserFeignClient;
 import com.youlai.system.dto.UserAuthInfo;
-import com.youlai.common.result.Result;
-import com.youlai.common.result.ResultCode;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.authentication.AccountExpiredException;
 import org.springframework.security.authentication.DisabledException;
-import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 
 /**
@@ -27,24 +25,18 @@ public class SysUserDetailsServiceImpl implements UserDetailsService {
     private final UserFeignClient userFeignClient;
 
     @Override
-    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-        SysUserDetails userDetails = null;
+    public UserDetails loadUserByUsername(String username) {
         Result<UserAuthInfo> result = userFeignClient.getUserAuthInfo(username);
-        if (Result.isSuccess(result)) {
-            UserAuthInfo user = result.getData();
-            if (null != user) {
-                userDetails = new SysUserDetails(user);
-            }
-        }
-        if (userDetails == null) {
-            throw new UsernameNotFoundException(ResultCode.USER_NOT_EXIST.getMsg());
-        } else if (!userDetails.isEnabled()) {
+
+        UserAuthInfo userAuthInfo = null;
+        Assert.isTrue(Result.isSuccess(result) && (userAuthInfo = result.getData()) != null,
+                "用户不存在");
+
+       if (!StatusEnum.ENABLE.getValue().equals(userAuthInfo.getStatus()) ) {
             throw new DisabledException("该账户已被禁用!");
-        } else if (!userDetails.isAccountNonLocked()) {
-            throw new LockedException("该账号已被锁定!");
-        } else if (!userDetails.isAccountNonExpired()) {
-            throw new AccountExpiredException("该账号已过期!");
         }
+
+        SysUserDetails userDetails = new SysUserDetails(userAuthInfo);
         return userDetails;
     }
 

youlai-system/system-boot/src/main/java/com/youlai/system/mapper/SysDeptMapper.java

@@ -3,6 +3,7 @@ package com.youlai.system.mapper;
 import com.baomidou.mybatisplus.core.conditions.Wrapper;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.baomidou.mybatisplus.core.toolkit.Constants;
+import com.youlai.common.mybatis.annotation.DataPermission;
 import com.youlai.system.pojo.entity.SysDept;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;

youlai-system/system-boot/src/main/java/com/youlai/system/mapper/SysRoleMapper.java

@@ -4,8 +4,16 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.youlai.system.pojo.entity.SysRole;
 import org.apache.ibatis.annotations.Mapper;
 
+import java.util.Set;
+
 @Mapper
 public interface SysRoleMapper extends BaseMapper<SysRole> {
 
-
+    /**
+     * 获取最大范围的数据权限
+     *
+     * @param roles
+     * @return
+     */
+    Integer getMaximumDataScope(Set<String> roles);
 }

youlai-system/system-boot/src/main/java/com/youlai/system/pojo/service/SysRoleService.java

@@ -10,6 +10,7 @@ import com.youlai.system.pojo.query.RolePageQuery;
 import com.youlai.system.pojo.vo.role.RolePageVO;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * 角色业务接口层
@@ -77,4 +78,12 @@ public interface SysRoleService extends IService<SysRole> {
      * @return
      */
     boolean updateRoleMenus(Long roleId, List<Long> menuIds);
+
+    /**
+     * 获取最大范围的数据权限
+     *
+     * @param roles
+     * @return
+     */
+    Integer getMaximumDataScope(Set<String> roles);
 }

youlai-system/system-boot/src/main/java/com/youlai/system/pojo/service/impl/SysRoleServiceImpl.java

@@ -26,10 +26,7 @@ import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Optional;
+import java.util.*;
 import java.util.stream.Collectors;
 
 /**
@@ -71,7 +68,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
                         .ne(!SecurityUtils.isRoot(), SysRole::getCode, SystemConstants.ROOT_ROLE_CODE) // 非超级管理员不显示超级管理员角色
         );
 
-       // Page<SysRole> rolePage = this.baseMapper.listRolePages( new Page<>(pageNum, pageSize), queryParams,UserUtils.isRoot(),GlobalConstants.ROOT_ROLE_CODE);
+        // Page<SysRole> rolePage = this.baseMapper.listRolePages( new Page<>(pageNum, pageSize), queryParams,UserUtils.isRoot(),GlobalConstants.ROOT_ROLE_CODE);
         // 实体转换
         Page<RolePageVO> pageResult = roleConverter.entity2Page(rolePage);
         return pageResult;
@@ -91,7 +88,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
                 .orderByAsc(SysRole::getSort)
         );
 
-       // List<SysRole> roleList = this.baseMapper.listDeptOptions(UserUtils.isRoot(),GlobalConstants.ROOT_ROLE_CODE);
+        // List<SysRole> roleList = this.baseMapper.listDeptOptions(UserUtils.isRoot(),GlobalConstants.ROOT_ROLE_CODE);
         // 实体转换
         List<Option> list = roleConverter.roles2Options(roleList);
         return list;
@@ -194,4 +191,16 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
         return true;
     }
 
+    /**
+     * 获取最大范围的数据权限
+     *
+     * @param roles
+     * @return
+     */
+    @Override
+    public Integer getMaximumDataScope(Set<String> roles) {
+        Integer dataScope = this.baseMapper.getMaximumDataScope(roles);
+        return dataScope;
+    }
+
 }

youlai-system/system-boot/src/main/java/com/youlai/system/pojo/service/impl/SysUserServiceImpl.java

@@ -216,12 +216,9 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
             Set<String> perms = menuService.listRolePerms(roles);
             userAuthInfo.setPerms(perms);
 
-            // 根据角色获取范围最大的数据权限
-
-            Integer dataScope=
-
-
-
+            // 获取最大范围的数据权限
+            Integer dataScope= roleService.getMaximumDataScope(roles);
+            userAuthInfo.setDataScope(dataScope);
         }
         return userAuthInfo;
     }

youlai-system/system-boot/src/main/resources/mapper/SysMenuMapper.xml

@@ -40,7 +40,7 @@
                 LEFT JOIN sys_role_menu t2 ON t1.id = t2.menu_id
                 LEFT JOIN sys_role t3 ON t2.role_id = t3.id
         WHERE
-            t1.type != '${@com.youlai.system.common.enums.MenuTypeEnum@BUTTON.getValue()}'
+            t1.type != '${@com.youlai.system.enums.MenuTypeEnum@BUTTON.getValue()}'
         ORDER BY t1.sort asc
     </select>
 

youlai-system/system-boot/src/main/resources/mapper/SysRoleMapper.xml

@@ -2,52 +2,28 @@
 <!DOCTYPE mapper
         PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
-<mapper namespace="com.youlai.admin.mapper.SysRoleMapper">
+<mapper namespace="com.youlai.system.mapper.SysRoleMapper">
 
-   	<resultMap type="com.youlai.admin.pojo.entity.SysRole" id="SysRoleResult">
-		<id     property="id"             column="id"               />
-		<result property="name"           column="name"             />
-		<result property="code"            column="code"              />
-		<result property="sort"           column="sort"             />
-		<result property="status"          column="status"            />
-		<result property="deleted"        column="deleted"   />
-		<result property="createTime"    column="create_time"   />
-		<result property="updateTime"             column="update_time"                />
-		<result property="dataScope"            column="data_scope"              />
-	</resultMap>
 
-	<sql id="selectRoleVo">
-	    select distinct r.id, r.name, r.code, r.sort, r.status, r.deleted, r.create_time,
-            r.update_time, r.data_scope
-        from sys_role r
-	    		LEFT JOIN sys_user_role ur ON ur.role_id = r.id
-		LEFT JOIN sys_user u ON u.id = ur.user_id
-		LEFT JOIN sys_dept d ON u.dept_id = d.id
-    </sql>
+	<!-- 获取最大范围的数据权限 -->
+	<select id="getMaximumDataScope" resultType="java.lang.Integer">
+		SELECT
+		    min(data_scope)
+		FROM
+		    sys_role
+		<where>
+			<choose>
+				<when test="roles!=null and roles.size>0">
+					AND code IN
+					<foreach collection="roles" item="role" separator="," open="(" close=")">
+						#{role}
+					</foreach>
+				</when>
+				<otherwise>
+					id = -1
+				</otherwise>
+			</choose>
+		</where>
 
-    <select id="listRolePages" parameterType="com.youlai.admin.pojo.entity.SysRole" resultMap="SysRoleResult">
-		<include refid="selectRoleVo"/>
-		where r.deleted = 0
-		<if test='queryParams.keywords!=null and queryParams.keywords.trim() neq ""'>
-			AND (
-			u.name LIKE CONCAT('%',#{queryParams.keywords},'%')
-			OR u.code LIKE CONCAT('%',#{queryParams.keywords},'%')
-			)
-		</if>
-		<if test="isRoot == false">
-			AND code != #{rootCode}
-		</if>
-		order by r.sort
 	</select>
-
-	<select id="listDeptOptions" parameterType="com.youlai.admin.pojo.entity.SysRole" resultMap="SysRoleResult">
-		<include refid="selectRoleVo"/>
-		where r.deleted = 0
-		<if test="isRoot == false">
-			AND code != #{rootCode}
-		</if>
-		order by r.sort
-	</select>
-
-
 </mapper>