update 优化校验角色是否有数据权限

2026-04-24 03:18:35 +08:00 · 2025-07-06 10:50:23 +08:00
parent 483107955e
commit 7488b091bc
8 changed files with 28 additions and 6 deletions
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysTenantBo.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysTenantBo.java
@@ -62,6 +62,7 @@ public class SysTenantBo extends BaseEntity {
     * 密码（创建系统用户）
     */
    @NotBlank(message = "密码不能为空", groups = { AddGroup.class })
+//    @Pattern(regexp = RegexConstants.PASSWORD, message = "{user.password.format.valid}", groups = { AddGroup.class })
    private String password;

    /**
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysRoleService.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysRoleService.java
@@ -118,6 +118,13 @@ public interface ISysRoleService {
     */
    void checkRoleDataScope(Long roleId);

+    /**
+     * 校验角色是否有数据权限
+     *
+     * @param roleIds 角色ID列表（支持传单个ID）
+     */
+    void checkRoleDataScope(List<Long> roleIds);
+
    /**
     * 通过角色ID查询角色使用数量
     *
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java
@@ -253,14 +253,23 @@ public class SysRoleServiceImpl implements ISysRoleService {
        if (ObjectUtil.isNull(roleId)) {
            return;
        }
-        if (LoginHelper.isSuperAdmin()) {
+        this.checkRoleDataScope(Collections.singletonList(roleId));
+    }
+
+    /**
+     * 校验角色是否有数据权限
+     *
+     * @param roleIds 角色ID列表（支持传单个ID）
+     */
+    @Override
+    public void checkRoleDataScope(List<Long> roleIds) {
+        if (CollUtil.isEmpty(roleIds) || LoginHelper.isSuperAdmin()) {
            return;
        }
-        List<SysRoleVo> roles = this.selectRoleList(new SysRoleBo(roleId));
-        if (CollUtil.isEmpty(roles)) {
-            throw new ServiceException("没有权限访问角色数据！");
+        long count = baseMapper.selectRoleCount(roleIds);
+        if (count != roleIds.size()) {
+            throw new ServiceException("没有权限访问部分角色数据！");
        }
-
    }

    /**
@@ -417,10 +426,10 @@ public class SysRoleServiceImpl implements ISysRoleService {
    @Override
    @Transactional(rollbackFor = Exception.class)
    public int deleteRoleByIds(List<Long> roleIds) {
+        checkRoleDataScope(roleIds);
        List<SysRole> roles = baseMapper.selectByIds(roleIds);
        for (SysRole role : roles) {
            checkRoleAllowed(BeanUtil.toBean(role, SysRoleBo.class));
-            checkRoleDataScope(role.getRoleId());
            if (countUserRoleByRoleId(role.getRoleId()) > 0) {
                throw new ServiceException(String.format("%1$s已分配，不能删除!", role.getRoleName()));
            }