hxd/zky_mandate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix 修复权限-角色修改,部门按所在部门查询,用户数据权限

Browse Source
This commit is contained in:
yxh 2024-09-13 17:00:23 +08:00
parent 664d7aac10
commit cb8f67abc1
10 changed files with 205 additions and 589 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/v1/system/sys_dept.go
View File

@ -17,6 +17,9 @@ type DeptSearchReq struct {
g.Meta `path:"/dept/list" tags:"系统后台/部门管理" method:"get" summary:"部门列表"` g.Meta `path:"/dept/list" tags:"系统后台/部门管理" method:"get" summary:"部门列表"`
DeptName string `p:"deptName"` DeptName string `p:"deptName"`
Status string `p:"status"` Status string `p:"status"`
ShowAll bool
UserId uint64
UserDeptId uint64
} }
type DeptSearchRes struct { type DeptSearchRes struct {

1
api/v1/system/sys_user.go
View File

@ -27,6 +27,7 @@ type UserSearchReq struct {
Mobile string `p:"mobile"` Mobile string `p:"mobile"`
Status string `p:"status"` Status string `p:"status"`
KeyWords string `p:"keyWords"` KeyWords string `p:"keyWords"`
UserInfo *model.ContextUser
commonApi.PageReq commonApi.PageReq
commonApi.Author commonApi.Author
} }

3
internal/app/system/controller/sys_dept.go
View File

@ -23,6 +23,8 @@ type sysDeptController struct {
// List 部门列表 // List 部门列表
func (c *sysDeptController) List(ctx context.Context, req *system.DeptSearchReq) (res *system.DeptSearchRes, err error) { func (c *sysDeptController) List(ctx context.Context, req *system.DeptSearchReq) (res *system.DeptSearchRes, err error) {
res = new(system.DeptSearchRes) res = new(system.DeptSearchRes)
req.UserId = service.Context().GetUserId(ctx)
req.UserDeptId = service.Context().GetDeptId(ctx)
res.DeptList, err = service.SysDept().GetList(ctx, req) res.DeptList, err = service.SysDept().GetList(ctx, req)
return return
} }
@ -50,6 +52,7 @@ func (c *sysDeptController) TreeSelect(ctx context.Context, req *system.DeptTree
var deptList []*entity.SysDept var deptList []*entity.SysDept
deptList, err = service.SysDept().GetList(ctx, &system.DeptSearchReq{ deptList, err = service.SysDept().GetList(ctx, &system.DeptSearchReq{
Status: "1", //正常状态数据 Status: "1", //正常状态数据
ShowAll: true,
}) })
if err != nil { if err != nil {
return return

1
internal/app/system/controller/sys_user.go
View File

@ -40,6 +40,7 @@ func (c *userController) List(ctx context.Context, req *system.UserSearchReq) (r
userList []*entity.SysUser userList []*entity.SysUser
) )
res = new(system.UserSearchRes) res = new(system.UserSearchRes)
req.UserInfo = service.Context().GetLoginUser(ctx)
total, userList, err = service.SysUser().List(ctx, req) total, userList, err = service.SysUser().List(ctx, req)
if err != nil || total == 0 { if err != nil || total == 0 {
return return

16
internal/app/system/logic/sysDept/sys_dept.go
View File

@ -40,6 +40,22 @@ func (s *sSysDept) GetList(ctx context.Context, req *system.DeptSearchReq) (list
if err != nil { if err != nil {
return return
} }
//判断是否有管理所有部门权限
if !req.ShowAll && !service.SysUser().AccessRule(ctx, req.UserId, "api/v1/system/dept/all") {
var userDept *entity.SysDept
userDept, err = s.GetByDeptId(ctx, req.UserDeptId)
if err != nil {
return
}
if userDept == nil {
err = errors.New("您没有被设置部门,无法获取信息")
return
}
newList := make([]*entity.SysDept, 0, 100)
newList = append(newList, userDept)
newList = append(newList, s.FindSonByParentId(list, req.UserDeptId)...)
list = newList
}
rList := make([]*entity.SysDept, 0, len(list)) rList := make([]*entity.SysDept, 0, len(list))
if req.DeptName != "" || req.Status != "" { if req.DeptName != "" || req.Status != "" {
for _, v := range list { for _, v := range list {

1
internal/app/system/logic/sysRole/sys_role.go
View File

@ -315,6 +315,7 @@ func (s *sSysRole) RoleDeptTreeSelect(ctx context.Context) (res *system.RoleDept
err = g.Try(ctx, func(ctx context.Context) { err = g.Try(ctx, func(ctx context.Context) {
list, err := service.SysDept().GetList(ctx, &system.DeptSearchReq{ list, err := service.SysDept().GetList(ctx, &system.DeptSearchReq{
Status: "1", Status: "1",
ShowAll: true,
}) })
liberr.ErrIsNil(ctx, err) liberr.ErrIsNil(ctx, err)
dList := service.SysDept().GetListTree(0, list) dList := service.SysDept().GetListTree(0, list)

17
internal/app/system/logic/sysUser/sys_user.go
View File

@ -473,6 +473,15 @@ func (s *sSysUser) List(ctx context.Context, req *system.UserSearchReq) (total i
m = m.As("a").LeftJoin("casbin_rule", "b", "b.v0 = CONCAT('u_',a.id )") m = m.As("a").LeftJoin("casbin_rule", "b", "b.v0 = CONCAT('u_',a.id )")
m = m.Where("v1 = ? and SUBSTR(v0,1,2) = 'u_'", req.RoleId) m = m.Where("v1 = ? and SUBSTR(v0,1,2) = 'u_'", req.RoleId)
} }
//判断权限,普通管理只能按数据权限查看
if !s.AccessRule(ctx, req.UserInfo.Id, "api/v1/system/user/all") {
m = s.GetAuthDeptWhere(
ctx,
m,
req.UserInfo,
"sys_user", "dept_id", "id",
).WhereNotIn(dao.SysUser.Columns().Id, s.NotCheckAuthAdminIds(ctx).Slice())
}
if req.PageSize == 0 { if req.PageSize == 0 {
req.PageSize = consts.PageSize req.PageSize = consts.PageSize
} }
@ -605,12 +614,20 @@ func (s *sSysUser) filterRoleIds(ctx context.Context, roleIds []uint, userId uin
liberr.ErrIsNil(ctx, err) liberr.ErrIsNil(ctx, err)
roleList, err = service.SysRole().GetRoleList(ctx) roleList, err = service.SysRole().GetRoleList(ctx)
liberr.ErrIsNil(ctx, err) liberr.ErrIsNil(ctx, err)
//子角色也要能够被授权
sonIds := make([]uint, 0, 10)
for _, v := range accessRoleList {
sonIds = append(sonIds, service.SysRole().FindSonIdsByParentId(roleList, v)...)
}
accessRoleList = append(accessRoleList, sonIds...)
//自己创建的角色可以被授权 //自己创建的角色可以被授权
for _, v := range roleList { for _, v := range roleList {
if v.CreatedBy == userId { if v.CreatedBy == userId {
accessRoleList = append(accessRoleList, v.Id) accessRoleList = append(accessRoleList, v.Id)
} }
} }
//去重accessRoleList
accessRoleList = gconv.Uints(garray.NewArrayFrom(gconv.Interfaces(accessRoleList)).Unique().Slice())
for _, r := range roleIds { for _, r := range roleIds {
for _, a := range accessRoleList { for _, a := range accessRoleList {
if r == a { if r == a {

2
internal/consts/version.go
View File

@ -9,5 +9,5 @@ package consts
const ( const (
Logo = `CiAgIF9fX19fX19fX19fXyAgICAgICAgICAgX18gCiAgLyBfX19fLyBfX19fL19fXyBfX19fX18vIC9fCiAvIC8gX18vIC9fICAvIF9fIGAvIF9fXy8gX18vCi8gL18vIC8gX18vIC8gL18vIChfXyAgKSAvXyAgClxfX19fL18vICAgIFxfXyxfL19fX18vXF9fLyAg` Logo = `CiAgIF9fX19fX19fX19fXyAgICAgICAgICAgX18gCiAgLyBfX19fLyBfX19fL19fXyBfX19fX18vIC9fCiAvIC8gX18vIC9fICAvIF9fIGAvIF9fXy8gX18vCi8gL18vIC8gX18vIC8gL18vIChfXyAgKSAvXyAgClxfX19fL18vICAgIFxfXyxfL19fX18vXF9fLyAg`
Version = "3.2.29" Version = "3.2.30"
) )

736
resource/data/gfast-v32.sql
View File

File diff suppressed because one or more lines are too long

4
resource/template/vm/go/logic.template
View File

@ -440,15 +440,15 @@ func (s *s{{.table.ClassName}})GetBy{{$pkGoField}}(ctx context.Context, {{$.tabl
err =g.Try(ctx, func(ctx context.Context){ err =g.Try(ctx, func(ctx context.Context){
err = dao.{{.table.ClassName}}.Ctx(ctx).WithAll().Where(dao.{{.table.ClassName}}.Columns().{{$pkGoField}}, {{$.table.PkColumn.HtmlField}}).Scan(&res) err = dao.{{.table.ClassName}}.Ctx(ctx).WithAll().Where(dao.{{.table.ClassName}}.Columns().{{$pkGoField}}, {{$.table.PkColumn.HtmlField}}).Scan(&res)
liberr.ErrIsNil(ctx,err,"获取信息失败") liberr.ErrIsNil(ctx,err,"获取信息失败")
if res!=nil{
{{if $.table.HasDeptId}} {{if $.table.HasDeptId}}
if res!=nil{
{{if $usedSystemModule}} {{if $usedSystemModule}}
res.DeptInfo = systemService.SysDept().GetByDept(ctx, res.DeptId) res.DeptInfo = systemService.SysDept().GetByDept(ctx, res.DeptId)
{{else}} {{else}}
res.DeptInfo = service.SysDept().GetByDept(ctx, res.DeptId) res.DeptInfo = service.SysDept().GetByDept(ctx, res.DeptId)
{{end}} {{end}}
{{end}}
} }
{{end}}
{{range $index, $column := .table.Columns}} {{range $index, $column := .table.Columns}}
{{if eq $column.HtmlType "selects" "checkbox" "treeSelects"}} {{if eq $column.HtmlType "selects" "checkbox" "treeSelects"}}
{{range $ti, $linkedTable := $.table.LinkedTables}} {{range $ti, $linkedTable := $.table.LinkedTables}}