From 03f1f3372a10a08f96f3308bfa099e86a55046d0 Mon Sep 17 00:00:00 2001
From: puzhibing <393733352@qq.com>
Date: 星期二, 30 一月 2024 09:32:38 +0800
Subject: [PATCH] 修改数据权限bug
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/sys/SysUserController.java | 98 +++++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 94 insertions(+), 4 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/sys/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/sys/SysUserController.java
index f966109..57776ec 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/sys/SysUserController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/sys/SysUserController.java
@@ -1,6 +1,8 @@
package com.ruoyi.system.controller.sys;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.utils.poi.ExcelUtil;
import com.ruoyi.common.core.web.controller.BaseController;
@@ -11,12 +13,18 @@
import com.ruoyi.common.security.annotation.InnerAuth;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.utils.SecurityUtils;
+import com.ruoyi.system.api.constant.AppErrorConstant;
import com.ruoyi.system.api.domain.dto.AppEditUserDto;
+import com.ruoyi.system.api.domain.dto.MgtFrozenMemberDto;
import com.ruoyi.system.api.domain.poji.sys.SysDept;
import com.ruoyi.system.api.domain.poji.sys.SysRole;
import com.ruoyi.system.api.domain.poji.sys.SysUser;
import com.ruoyi.system.api.model.LoginUser;
+import com.ruoyi.system.api.model.QwH5LoginVo;
+import com.ruoyi.system.api.model.QwUserDetailDto;
import com.ruoyi.system.domain.dto.UserMenuEditDto;
+import com.ruoyi.system.api.domain.poji.sys.SysStaff;
+import com.ruoyi.system.service.staff.SysStaffService;
import com.ruoyi.system.service.sys.*;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.ArrayUtils;
@@ -27,7 +35,9 @@
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
+import java.util.Arrays;
import java.util.List;
+import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
@@ -57,6 +67,45 @@
@Autowired
private ISysConfigService configService;
+
+ @Autowired
+ private SysStaffService sysStaffService;
+
+
+ /**
+ * 根据部门获取所有员工id
+ * @param userId
+ * @return
+ */
+ @GetMapping("/getUserIdsByDept/{userId}")
+ public R<List<Long>> getUserIdsByDept(@PathVariable("userId") Long userId)
+ {
+ SysUser loginSysUser = userService.selectUserById(userId);
+ SysUser querySysUser = new SysUser();
+ querySysUser.setDelFlag("0");
+ querySysUser.setDeptId(loginSysUser.getDeptId());
+ List<SysUser> userList = userService.selectUserList(querySysUser);
+ List<Long> userIds = userList.stream().map(sysUser->{
+ return sysUser.getUserId();
+ }).collect(Collectors.toList());
+ return R.ok(userIds);
+ }
+
+
+ /**
+ * 根据部门id获取用户列表
+ * @param deptId
+ * @return
+ */
+ @PostMapping("/getUsersByDeptId")
+ R<List<SysUser>> getUsersByDeptId(@RequestBody Long deptId){
+ SysUser sysUser = new SysUser();
+ sysUser.setDeptId(deptId);
+ List<SysUser> sysUsers = userService.selectUserList(sysUser);
+ return R.ok(sysUsers);
+ }
+
+
/**
* 获取用户列表
@@ -249,6 +298,9 @@
{
return error("当前用户不能删除");
}
+ if(Arrays.stream(userIds).anyMatch((element->element.equals(1L)))){
+ throw new ServiceException("禁止删除admin");
+ }
return toAjax(userService.deleteUserByIds(userIds));
}
@@ -312,7 +364,6 @@
/**
* 获取部门树列表
*/
- @RequiresPermissions("system:user:list")
@GetMapping("/deptTree")
public AjaxResult deptTree(SysDept dept)
{
@@ -387,13 +438,52 @@
* @description 冻结用户
* @author jqs
* @date 2023/6/29 17:20
- * @param userId
+ * @param mgtFrozenMemberDto
* @return R<Activeness>
*/
@PostMapping("/frozenUser")
- public R frozenUser(@RequestBody Long userId)
+ public R frozenUser(@RequestBody MgtFrozenMemberDto mgtFrozenMemberDto)
{
- userService.frozenUser(userId);
+ if(mgtFrozenMemberDto.getId()==1){
+ throw new ServiceException("禁止删除admin");
+ }
+ userService.frozenUser(mgtFrozenMemberDto);
return R.ok();
}
+
+ /**
+ * @description 员工端登录
+ * @author jqs
+ * @date 2023/7/14 10:04
+ * @param qwUserDetail
+ * @return R<QwH5LoginVo>
+ */
+ @PostMapping("/qwH5StaffLogin")
+ public R<QwH5LoginVo> qwH5StaffLogin(@RequestBody QwUserDetailDto qwUserDetail)
+ {
+ String mobile = qwUserDetail.getMobile();
+ SysStaff sysStaff = sysStaffService.getByMobile(mobile);
+ if(sysStaff==null){
+ throw new ServiceException(AppErrorConstant.USER_NO_SYSTEM);
+ }
+ Long userId = sysStaff.getUserId();
+ SysUser sysUser = userService.selectUserById(userId);
+ Optional.ofNullable(sysUser).orElseThrow(() -> new ServiceException("登录失败,未查询到用户"));
+ // 构造登录返回信息
+ QwH5LoginVo qwH5LoginVo = new QwH5LoginVo();
+ qwH5LoginVo.setUserid(qwUserDetail.getUserid());
+ qwH5LoginVo.setMobile(qwUserDetail.getMobile());
+ qwH5LoginVo.setSysUser(sysUser);
+ return R.ok(qwH5LoginVo);
+ }
+
+
+ /**
+ * 获取当前用户权限范围内的员工id
+ * @return
+ */
+ @PostMapping("/getScopeOfAuthorityUserId")
+ public List<Long> getScopeOfAuthorityUserId(){
+ return userService.getScopeOfAuthorityUserId();
+ }
}
--
Gitblit v1.7.1