From 4c5f52d47ea892125acd0bd6decbaacb276028c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90Li?= <15040126243@163.com> Date: Thu, 12 Mar 2026 14:19:54 +0800 Subject: [PATCH] =?UTF-8?q?[=E9=87=8D=E5=A4=A7=E6=9B=B4=E6=96=B0]=20?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E5=A2=9E=E5=8A=A0=E8=A7=92?= =?UTF-8?q?=E8=89=B2=E4=B8=8E=E8=8F=9C=E5=8D=95=E5=85=B3=E8=81=94=20?= =?UTF-8?q?=E5=AE=9E=E7=8E=B0=20=E8=A7=92=E8=89=B2->=E8=8F=9C=E5=8D=95->?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=20=E6=8E=A7=E5=88=B6?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E5=8A=9F=E8=83=BD(?= =?UTF-8?q?=E5=AE=9E=E9=AA=8C=E6=80=A7=E5=8A=9F=E8=83=BD=E4=B8=8D=E7=A8=B3?= =?UTF-8?q?=E5=AE=9A)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dromara/web/service/SysLoginService.java | 4 +- .../common/core/domain/model/LoginUser.java | 6 + .../core/service/PermissionService.java | 12 ++ .../common/core/utils/StringUtils.java | 11 ++ .../common/mybatis/annotation/DataColumn.java | 7 - .../handler/PlusDataPermissionHandler.java | 128 ++++++++++++++---- .../controller/system/SysRoleController.java | 12 +- .../dromara/system/mapper/SysMenuMapper.java | 20 ++- .../system/service/ISysMenuService.java | 9 ++ .../system/service/ISysPermissionService.java | 12 ++ .../service/impl/SysMenuServiceImpl.java | 12 ++ .../impl/SysPermissionServiceImpl.java | 23 +++- 12 files changed, 214 insertions(+), 42 deletions(-) diff --git a/ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java b/ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java index ea6733b1b..103701182 100644 --- a/ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java +++ b/ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java @@ -157,7 +157,9 @@ public class SysLoginService { loginUser.setRolePermission(permissionService.getRolePermission(userId)); }, () -> { List roles = roleService.selectRolesByUserId(userId); - loginUser.setRoles(BeanUtil.copyToList(roles, RoleDTO.class)); + List roleDtos = BeanUtil.copyToList(roles, RoleDTO.class); + loginUser.setRoles(roleDtos); + loginUser.setDataScopeRoleMap(permissionService.getDataScopeRoleMap(roleDtos)); }, () -> { List posts = postService.selectPostsByUserId(userId); loginUser.setPosts(BeanUtil.copyToList(posts, PostDTO.class)); diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginUser.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginUser.java index dd0fc5c2f..240bcb83a 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginUser.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginUser.java @@ -8,6 +8,7 @@ import org.dromara.common.core.domain.dto.RoleDTO; import java.io.Serial; import java.io.Serializable; import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -107,6 +108,11 @@ public class LoginUser implements Serializable { */ private List roles; + /** + * 数据权限角色映射 key 为权限码 value 为可参与数据权限计算的角色 + */ + private Map> dataScopeRoleMap; + /** * 岗位对象 */ diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/service/PermissionService.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/service/PermissionService.java index d7db79a91..b5d318597 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/service/PermissionService.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/service/PermissionService.java @@ -1,5 +1,9 @@ package org.dromara.common.core.service; +import org.dromara.common.core.domain.dto.RoleDTO; + +import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -25,4 +29,12 @@ public interface PermissionService { */ Set getMenuPermission(Long userId); + /** + * 根据角色列表构建数据权限角色映射 + * + * @param roles 角色列表 + * @return key 为权限码 value 为命中的角色列表 + */ + Map> getDataScopeRoleMap(List roles); + } diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/StringUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/StringUtils.java index 221f64bc8..a4a3f8623 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/StringUtils.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/StringUtils.java @@ -449,4 +449,15 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils { } + /** + * 检查字符串是否包含任意一个指定的字符序列 + * + * @param cs 要检查的字符串 + * @param searchCharSequences 需要查找的字符序列数组 + * @return 如果包含任意一个字符序列返回 true,否则返回 false + */ + public static boolean containsAny(final CharSequence cs, final CharSequence... searchCharSequences) { + return Strings.CS.containsAny(cs, searchCharSequences); + } + } diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/annotation/DataColumn.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/annotation/DataColumn.java index 2879b9d1c..f8c5cd009 100644 --- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/annotation/DataColumn.java +++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/annotation/DataColumn.java @@ -30,11 +30,4 @@ public @interface DataColumn { */ String[] value() default "dept_id"; - /** - * 权限标识符 用于通过菜单权限标识符来获取数据权限 - * 拥有此标识符的角色 将不会拼接此角色的数据过滤sql - * - * @return 权限标识符 - */ - String permission() default ""; } diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java index 676ad6441..ba6778636 100644 --- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java +++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java @@ -1,7 +1,11 @@ package org.dromara.common.mybatis.handler; +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.annotation.SaCheckRole; +import cn.hutool.core.annotation.AnnotationUtil; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.util.ObjectUtil; +import jakarta.servlet.http.HttpServletRequest; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; import net.sf.jsqlparser.JSQLParserException; @@ -12,6 +16,7 @@ import net.sf.jsqlparser.parser.CCJSqlParserUtil; import org.dromara.common.core.domain.dto.RoleDTO; import org.dromara.common.core.domain.model.LoginUser; import org.dromara.common.core.exception.ServiceException; +import org.dromara.common.core.utils.ServletUtils; import org.dromara.common.core.utils.SpringUtils; import org.dromara.common.core.utils.StreamUtils; import org.dromara.common.core.utils.StringUtils; @@ -25,7 +30,10 @@ import org.springframework.expression.*; import org.springframework.expression.common.TemplateParserContext; import org.springframework.expression.spel.standard.SpelExpressionParser; import org.springframework.expression.spel.support.StandardEvaluationContext; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.HandlerMapping; +import java.lang.annotation.Annotation; import java.util.*; import java.util.function.Function; @@ -57,20 +65,13 @@ public class PlusDataPermissionHandler { */ public Expression getSqlSegment(Expression where, boolean isSelect) { try { - // 获取数据权限配置 - DataPermission dataPermission = getDataPermission(); - // 获取当前登录用户信息 - LoginUser currentUser = DataPermissionHelper.getVariable("user"); - if (ObjectUtil.isNull(currentUser)) { - currentUser = LoginHelper.getLoginUser(); - DataPermissionHelper.setVariable("user", currentUser); - } + LoginUser currentUser = currentUser(); // 如果是超级管理员或租户管理员,则不过滤数据 if (LoginHelper.isSuperAdmin()) { return where; } // 构造数据过滤条件的 SQL 片段 - String dataFilterSql = buildDataFilter(dataPermission, isSelect); + String dataFilterSql = buildDataFilter(getDataPermission(), currentUser, isSelect); if (StringUtils.isBlank(dataFilterSql)) { return where; } @@ -97,33 +98,32 @@ public class PlusDataPermissionHandler { * @return 构建的数据过滤条件的 SQL 语句 * @throws ServiceException 如果角色的数据范围异常或者 key 与 value 的长度不匹配,则抛出 ServiceException 异常 */ - private String buildDataFilter(DataPermission dataPermission, boolean isSelect) { + private String buildDataFilter(DataPermission dataPermission, LoginUser user, boolean isSelect) { // 更新或删除需满足所有条件 String joinStr = isSelect ? " OR " : " AND "; if (StringUtils.isNotBlank(dataPermission.joinStr())) { joinStr = " " + dataPermission.joinStr() + " "; } - LoginUser user = DataPermissionHelper.getVariable("user"); Object defaultValue = "-1"; NullSafeStandardEvaluationContext context = new NullSafeStandardEvaluationContext(defaultValue); context.addPropertyAccessor(new NullSafePropertyAccessor(context.getPropertyAccessors().get(0), defaultValue)); context.setBeanResolver(beanResolver); DataPermissionHelper.getContext().forEach(context::setVariable); Set conditions = new HashSet<>(); + RequestAccess access = currentAccess(); + List scopeRoles = scopeRoles(user, access); + if (CollUtil.isEmpty(scopeRoles)) { + if (access.constrained()) { + return " 1 = 0 "; + } + return StringUtils.EMPTY; + } // 优先设置变量 List keys = new ArrayList<>(); - Map ignoreMap = new HashMap<>(); for (DataColumn dataColumn : dataPermission.value()) { if (dataColumn.key().length != dataColumn.value().length) { throw new ServiceException("角色数据范围异常 => key与value长度不匹配"); } - // 包含权限标识符 这直接跳过 - if (StringUtils.isNotBlank(dataColumn.permission()) && - CollUtil.contains(user.getMenuPermission(), dataColumn.permission()) - ) { - ignoreMap.put(dataColumn, Boolean.TRUE); - continue; - } // 设置注解变量 key 为表达式变量 value 为变量值 for (int i = 0; i < dataColumn.key().length; i++) { context.setVariable(dataColumn.key()[i], dataColumn.value()[i]); @@ -131,7 +131,7 @@ public class PlusDataPermissionHandler { keys.addAll(Arrays.stream(dataColumn.key()).map(key -> "#" + key).toList()); } - for (RoleDTO role : user.getRoles()) { + for (RoleDTO role : scopeRoles) { user.setRoleId(role.getRoleId()); // 获取角色权限泛型 DataScopeType type = DataScopeType.findCode(role.getDataScope()); @@ -144,13 +144,6 @@ public class PlusDataPermissionHandler { } boolean isSuccess = false; for (DataColumn dataColumn : dataPermission.value()) { - // 包含权限标识符 这直接跳过 - if (ignoreMap.containsKey(dataColumn)) { - // 修复多角色与权限标识符共用问题 https://gitee.com/dromara/RuoYi-Vue-Plus/issues/IB4CS4 - conditions.add(joinStr + " 1 = 1 "); - isSuccess = true; - continue; - } // 不包含 key 变量 则不处理 if (!StringUtils.containsAny(type.getSqlTemplate(), keys.toArray(String[]::new))) { continue; @@ -180,6 +173,78 @@ public class PlusDataPermissionHandler { return StringUtils.EMPTY; } + private LoginUser currentUser() { + LoginUser currentUser = DataPermissionHelper.getVariable("user"); + if (ObjectUtil.isNull(currentUser)) { + currentUser = LoginHelper.getLoginUser(); + DataPermissionHelper.setVariable("user", currentUser); + } + return currentUser; + } + + private RequestAccess currentAccess() { + HttpServletRequest request = ServletUtils.getRequest(); + if (request == null) { + return RequestAccess.EMPTY; + } + Object handler = request.getAttribute(HandlerMapping.BEST_MATCHING_HANDLER_ATTRIBUTE); + if (!(handler instanceof HandlerMethod handlerMethod)) { + return RequestAccess.EMPTY; + } + SaCheckPermission saCheckPermission = findAnnotation(handlerMethod, SaCheckPermission.class); + SaCheckRole saCheckRole = findAnnotation(handlerMethod, SaCheckRole.class); + Set perms = saCheckPermission == null ? Set.of() : toSet(saCheckPermission.value()); + Set roleKeys = new LinkedHashSet<>(); + if (saCheckPermission != null) { + roleKeys.addAll(toSet(saCheckPermission.orRole())); + } + if (saCheckRole != null) { + roleKeys.addAll(toSet(saCheckRole.value())); + } + return new RequestAccess(perms, roleKeys); + } + + private List scopeRoles(LoginUser user, RequestAccess access) { + List roles = user.getRoles(); + if (!access.constrained()) { + return roles; + } + Map roleMap = new LinkedHashMap<>(); + Map> dataScopeRoleMap = user.getDataScopeRoleMap(); + if (CollUtil.isNotEmpty(dataScopeRoleMap)) { + access.perms.forEach(perm -> { + List roleList = dataScopeRoleMap.get(perm); + if (CollUtil.isNotEmpty(roleList)) { + roleList.forEach(role -> roleMap.putIfAbsent(role.getRoleId(), role)); + } + }); + } + if (CollUtil.isNotEmpty(roles) && CollUtil.isNotEmpty(access.roleKeys)) { + roles.stream() + .filter(role -> StringUtils.isNotBlank(role.getRoleKey())) + .filter(role -> StringUtils.splitList(role.getRoleKey()).stream().anyMatch(access.roleKeys::contains)) + .forEach(role -> roleMap.putIfAbsent(role.getRoleId(), role)); + } + return new ArrayList<>(roleMap.values()); + } + + private A findAnnotation(HandlerMethod handlerMethod, Class annotationType) { + A annotation = AnnotationUtil.getAnnotation(handlerMethod.getMethod(), annotationType); + if (annotation != null) { + return annotation; + } + return AnnotationUtil.getAnnotation(handlerMethod.getBeanType(), annotationType); + } + + private Set toSet(String[] values) { + if (values == null || values.length == 0) { + return Set.of(); + } + Set result = new LinkedHashSet<>(); + Arrays.stream(values).filter(StringUtils::isNotBlank).forEach(result::add); + return result; + } + /** * 根据映射语句 ID 或类名获取对应的 DataPermission 注解对象 * @@ -258,4 +323,13 @@ public class PlusDataPermissionHandler { } } + private record RequestAccess(Set perms, Set roleKeys) { + + private static final RequestAccess EMPTY = new RequestAccess(Set.of(), Set.of()); + + private boolean constrained() { + return CollUtil.isNotEmpty(perms) || CollUtil.isNotEmpty(roleKeys); + } + } + } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysRoleController.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysRoleController.java index 1b7879e11..3926d926e 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysRoleController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysRoleController.java @@ -124,7 +124,11 @@ public class SysRoleController extends BaseController { public R dataScope(@RequestBody SysRoleBo role) { roleService.checkRoleAllowed(role); roleService.checkRoleDataScope(role.getRoleId()); - return toAjax(roleService.authDataScope(role)); + if (roleService.authDataScope(role) > 0) { + roleService.cleanOnlineUserByRole(role.getRoleId()); + return R.ok(); + } + return R.fail("修改角色'" + role.getRoleName() + "'数据权限失败,请联系管理员"); } /** @@ -137,7 +141,11 @@ public class SysRoleController extends BaseController { public R changeStatus(@RequestBody SysRoleBo role) { roleService.checkRoleAllowed(role); roleService.checkRoleDataScope(role.getRoleId()); - return toAjax(roleService.updateRoleStatus(role.getRoleId(), role.getStatus())); + if (roleService.updateRoleStatus(role.getRoleId(), role.getStatus()) > 0) { + roleService.cleanOnlineUserByRole(role.getRoleId()); + return R.ok(); + } + return R.fail("修改角色'" + role.getRoleName() + "'状态失败,请联系管理员"); } /** diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysMenuMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysMenuMapper.java index 05e2546b2..d4f989494 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysMenuMapper.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysMenuMapper.java @@ -1,5 +1,6 @@ package org.dromara.system.mapper; +import cn.hutool.core.collection.CollUtil; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import org.dromara.common.core.constant.SystemConstants; import org.dromara.common.core.utils.StreamUtils; @@ -8,9 +9,7 @@ import org.dromara.common.mybatis.core.mapper.BaseMapperPlus; import org.dromara.system.domain.SysMenu; import org.dromara.system.domain.vo.SysMenuVo; -import java.util.HashSet; -import java.util.List; -import java.util.Set; +import java.util.*; /** * 菜单表 数据层 @@ -111,6 +110,21 @@ public interface SysMenuMapper extends BaseMapperPlus { return new HashSet<>(StreamUtils.filter(list, StringUtils::isNotBlank)); } + /** + * 根据角色ID列表批量查询权限 + * + * @param roleIds 角色ID列表 + * @return 角色权限映射 + */ + default Map> selectMenuPermsByRoleIds(List roleIds) { + if (CollUtil.isEmpty(roleIds)) { + return Map.of(); + } + Map> result = new LinkedHashMap<>(); + roleIds.forEach(roleId -> result.put(roleId, this.selectMenuPermsByRoleId(roleId))); + return result; + } + /** * 根据用户ID查询菜单 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysMenuService.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysMenuService.java index c092f6772..41d8d771e 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysMenuService.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysMenuService.java @@ -6,6 +6,7 @@ import org.dromara.system.domain.bo.SysMenuBo; import org.dromara.system.domain.vo.RouterVo; import org.dromara.system.domain.vo.SysMenuVo; +import java.util.Map; import java.util.List; import java.util.Set; @@ -49,6 +50,14 @@ public interface ISysMenuService { */ Set selectMenuPermsByRoleId(Long roleId); + /** + * 根据角色ID列表批量查询权限 + * + * @param roleIds 角色ID列表 + * @return 角色权限映射 + */ + Map> selectMenuPermsByRoleIds(List roleIds); + /** * 根据用户ID查询菜单树信息 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysPermissionService.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysPermissionService.java index 0116df545..c92547374 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysPermissionService.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysPermissionService.java @@ -1,5 +1,9 @@ package org.dromara.system.service; +import org.dromara.common.core.domain.dto.RoleDTO; + +import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -25,4 +29,12 @@ public interface ISysPermissionService { */ Set getMenuPermission(Long userId); + /** + * 根据角色列表构建数据权限角色映射 + * + * @param roles 角色列表 + * @return key 为权限码 value 为命中的角色列表 + */ + Map> getDataScopeRoleMap(List roles); + } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysMenuServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysMenuServiceImpl.java index c6a64938f..c44824e30 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysMenuServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysMenuServiceImpl.java @@ -30,6 +30,7 @@ import org.springframework.transaction.annotation.Transactional; import java.util.ArrayList; import java.util.LinkedList; import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -105,6 +106,17 @@ public class SysMenuServiceImpl implements ISysMenuService { return baseMapper.selectMenuPermsByRoleId(roleId); } + /** + * 根据角色ID列表批量查询权限 + * + * @param roleIds 角色ID列表 + * @return 角色权限映射 + */ + @Override + public Map> selectMenuPermsByRoleIds(List roleIds) { + return baseMapper.selectMenuPermsByRoleIds(roleIds); + } + /** * 根据用户ID查询菜单 * diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysPermissionServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysPermissionServiceImpl.java index 4401c46c1..6454a5b2b 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysPermissionServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysPermissionServiceImpl.java @@ -1,16 +1,18 @@ package org.dromara.system.service.impl; +import cn.hutool.core.collection.CollUtil; import lombok.RequiredArgsConstructor; import org.dromara.common.core.constant.SystemConstants; +import org.dromara.common.core.domain.dto.RoleDTO; import org.dromara.common.core.service.PermissionService; +import org.dromara.common.core.utils.StreamUtils; import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.system.service.ISysMenuService; import org.dromara.system.service.ISysPermissionService; import org.dromara.system.service.ISysRoleService; import org.springframework.stereotype.Service; -import java.util.HashSet; -import java.util.Set; +import java.util.*; /** * 用户权限处理 @@ -59,4 +61,21 @@ public class SysPermissionServiceImpl implements ISysPermissionService, Permissi } return perms; } + + @Override + public Map> getDataScopeRoleMap(List roles) { + if (CollUtil.isEmpty(roles)) { + return Map.of(); + } + Map roleMap = StreamUtils.toIdentityMap(roles, RoleDTO::getRoleId); + List roleIds = StreamUtils.toList(roles, RoleDTO::getRoleId); + Map> permsRoleIds = menuService.selectMenuPermsByRoleIds(roleIds); + Map> rolePermsMap = new LinkedHashMap<>(); + permsRoleIds.forEach((roleId, perms) -> { + perms.forEach(perm -> { + rolePermsMap.computeIfAbsent(perm, k -> new ArrayList<>()).add(roleMap.get(roleId)); + }); + }); + return rolePermsMap; + } }