diff --git a/README.md b/README.md
index c6d94ebb..708794fc 100644
--- a/README.md
+++ b/README.md
@@ -8,16 +8,16 @@
http://www.zi-han.net/theme/hplus
-http://webapplayers.com/inspinia_admin-v2.7.1
+http://webapplayers.com/inspinia_admin-v2.7.1
阿里云优惠活动(2CPU 4GRAM 1M带宽 40G高效云盘):https://promotion.aliyun.com/ntms/act/vm/aliyun-group/buy.html?group=BphATfDhsQ
-云产品通用代金券,可叠加官网常规优惠使用:https://promotion.aliyun.com/ntms/yunparter/invite.html?userCode=brki8iof
+云产品通用1000元代金券,可叠加官网常规优惠使用 :https://promotion.aliyun.com/ntms/yunparter/invite.html?userCode=brki8iof
## 内置功能
1. 用户管理:用户是系统操作者,该功能主要完成系统用户配置。
-2. 部门管理:配置系统组织机构(公司、部门、小组),树结构展现。
+2. 部门管理:配置系统组织机构(公司、部门、小组),树结构展现支持数据权限。
3. 岗位管理:配置系统用户所属担任职务。
4. 菜单管理:配置系统菜单,操作权限,按钮权限标识等。
5. 角色管理:角色菜单权限分配、设置角色按机构进行数据范围权限划分。
@@ -42,27 +42,27 @@ http://webapplayers.com/inspinia_admin-v2.7.1
|
- |
+ |
- |
- |
+ |
+ |
- |
- |
+ |
+ |
- |
- |
+ |
+ |
- |
- |
+ |
+ |
- |
- |
+ |
+ |
diff --git a/pom.xml b/pom.xml
index f043943c..b5b310c9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
com.ruoyi
RuoYi
- 2.3.0
+ 2.4.0
jar
RuoYi
@@ -14,7 +14,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.0.3.RELEASE
+ 2.0.4.RELEASE
diff --git a/sql/ry_20180823.sql b/sql/ry_20180903.sql
similarity index 84%
rename from sql/ry_20180823.sql
rename to sql/ry_20180903.sql
index f57a8ca7..1632154e 100644
--- a/sql/ry_20180823.sql
+++ b/sql/ry_20180903.sql
@@ -12,6 +12,7 @@ create table sys_dept (
phone varchar(11) default '' comment '联系电话',
email varchar(50) default '' comment '邮箱',
status char(1) default '0' comment '部门状态(0正常 1停用)',
+ del_flag char(1) default '0' comment '删除标志(0代表存在 2代表删除)',
create_by varchar(64) default '' comment '创建者',
create_time datetime comment '创建时间',
update_by varchar(64) default '' comment '更新者',
@@ -22,17 +23,16 @@ create table sys_dept (
-- ----------------------------
-- 初始化-部门表数据
-- ----------------------------
-insert into sys_dept values(100, 0, '0', '若依集团', 0, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(101, 100, '0,100', '研发部门', 1, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(102, 100, '0,100', '市场部门', 2, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(103, 100, '0,100', '测试部门', 3, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(104, 100, '0,100', '财务部门', 4, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(105, 100, '0,100', '运维部门', 5, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(106, 101, '0,100,101', '研发一部', 1, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(107, 101, '0,100,101', '研发二部', 2, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(108, 102, '0,100,102', '市场一部', 1, '若依', '15888888888', 'ry@qq.com', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-insert into sys_dept values(109, 102, '0,100,102', '市场二部', 2, '若依', '15888888888', 'ry@qq.com', '1', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-
+insert into sys_dept values(100, 0, '0', '若依科技', 0, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(101, 100, '0,100', '深圳总公司', 1, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(102, 100, '0,100', '长沙分公司', 2, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(103, 101, '0,100,101', '研发部门', 1, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(104, 101, '0,100,101', '市场部门', 2, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(105, 101, '0,100,101', '测试部门', 3, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(106, 101, '0,100,101', '财务部门', 4, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(107, 101, '0,100,101', '运维部门', 5, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(108, 102, '0,100,102', '市场部门', 1, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
+insert into sys_dept values(109, 102, '0,100,102', '财务部门', 2, '若依', '15888888888', 'ry@qq.com', '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00');
-- ----------------------------
-- 2、用户信息表
@@ -65,8 +65,8 @@ create table sys_user (
-- ----------------------------
-- 初始化-用户信息表数据
-- ----------------------------
-insert into sys_user values(1, 106, 'admin', '若依', '00', 'ry@163.com', '15888888888', '1', '', '29c67a30398638269fe600f73a054934', '111111', '0', '0', '127.0.0.1', '2018-03-16 11-33-00', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '管理员');
-insert into sys_user values(2, 108, 'ry', '若依', '00', 'ry@qq.com', '15666666666', '1', '', '8e6d98b90472783cc73c17047ddccf36', '222222', '0', '0', '127.0.0.1', '2018-03-16 11-33-00', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '测试员');
+insert into sys_user values(1, 103, 'admin', '若依', '00', 'ry@163.com', '15888888888', '1', '', '29c67a30398638269fe600f73a054934', '111111', '0', '0', '127.0.0.1', '2018-03-16 11-33-00', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '管理员');
+insert into sys_user values(2, 105, 'ry', '若依', '00', 'ry@qq.com', '15666666666', '1', '', '8e6d98b90472783cc73c17047ddccf36', '222222', '0', '0', '127.0.0.1', '2018-03-16 11-33-00', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '测试员');
-- ----------------------------
@@ -106,7 +106,9 @@ create table sys_role (
role_name varchar(30) not null comment '角色名称',
role_key varchar(100) not null comment '角色权限字符串',
role_sort int(4) not null comment '显示顺序',
+ data_scope char(1) default '1' comment '数据范围(1:全部数据权限 2:自定数据权限)',
status char(1) not null comment '角色状态(0正常 1停用)',
+ del_flag char(1) default '0' comment '删除标志(0代表存在 2代表删除)',
create_by varchar(64) default '' comment '创建者',
create_time datetime comment '创建时间',
update_by varchar(64) default '' comment '更新者',
@@ -118,8 +120,8 @@ create table sys_role (
-- ----------------------------
-- 初始化-角色信息表数据
-- ----------------------------
-insert into sys_role values('1', '管理员', 'admin', 1, '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '管理员');
-insert into sys_role values('2', '普通角色', 'common', 2, '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '普通角色');
+insert into sys_role values('1', '管理员', 'admin', 1, 1, '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '管理员');
+insert into sys_role values('2', '普通角色', 'common', 2, 2, '0', '0', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '普通角色');
-- ----------------------------
@@ -271,86 +273,103 @@ create table sys_role_menu (
-- ----------------------------
-- 初始化-角色和菜单关联表数据
-- ----------------------------
-insert into sys_role_menu values ('1', '1');
-insert into sys_role_menu values ('1', '2');
-insert into sys_role_menu values ('1', '3');
-insert into sys_role_menu values ('1', '100');
-insert into sys_role_menu values ('1', '101');
-insert into sys_role_menu values ('1', '102');
-insert into sys_role_menu values ('1', '103');
-insert into sys_role_menu values ('1', '104');
-insert into sys_role_menu values ('1', '105');
-insert into sys_role_menu values ('1', '106');
-insert into sys_role_menu values ('1', '107');
-insert into sys_role_menu values ('1', '108');
-insert into sys_role_menu values ('1', '109');
-insert into sys_role_menu values ('1', '110');
-insert into sys_role_menu values ('1', '111');
-insert into sys_role_menu values ('1', '112');
-insert into sys_role_menu values ('1', '113');
-insert into sys_role_menu values ('1', '114');
-insert into sys_role_menu values ('1', '500');
-insert into sys_role_menu values ('1', '501');
-insert into sys_role_menu values ('1', '1000');
-insert into sys_role_menu values ('1', '1001');
-insert into sys_role_menu values ('1', '1002');
-insert into sys_role_menu values ('1', '1003');
-insert into sys_role_menu values ('1', '1004');
-insert into sys_role_menu values ('1', '1005');
-insert into sys_role_menu values ('1', '1006');
-insert into sys_role_menu values ('1', '1007');
-insert into sys_role_menu values ('1', '1008');
-insert into sys_role_menu values ('1', '1009');
-insert into sys_role_menu values ('1', '1010');
-insert into sys_role_menu values ('1', '1011');
-insert into sys_role_menu values ('1', '1012');
-insert into sys_role_menu values ('1', '1013');
-insert into sys_role_menu values ('1', '1014');
-insert into sys_role_menu values ('1', '1015');
-insert into sys_role_menu values ('1', '1016');
-insert into sys_role_menu values ('1', '1017');
-insert into sys_role_menu values ('1', '1018');
-insert into sys_role_menu values ('1', '1019');
-insert into sys_role_menu values ('1', '1020');
-insert into sys_role_menu values ('1', '1021');
-insert into sys_role_menu values ('1', '1022');
-insert into sys_role_menu values ('1', '1023');
-insert into sys_role_menu values ('1', '1024');
-insert into sys_role_menu values ('1', '1025');
-insert into sys_role_menu values ('1', '1026');
-insert into sys_role_menu values ('1', '1027');
-insert into sys_role_menu values ('1', '1028');
-insert into sys_role_menu values ('1', '1029');
-insert into sys_role_menu values ('1', '1030');
-insert into sys_role_menu values ('1', '1031');
-insert into sys_role_menu values ('1', '1032');
-insert into sys_role_menu values ('1', '1033');
-insert into sys_role_menu values ('1', '1034');
-insert into sys_role_menu values ('1', '1035');
-insert into sys_role_menu values ('1', '1036');
-insert into sys_role_menu values ('1', '1037');
-insert into sys_role_menu values ('1', '1038');
-insert into sys_role_menu values ('1', '1039');
-insert into sys_role_menu values ('1', '1040');
-insert into sys_role_menu values ('1', '1041');
-insert into sys_role_menu values ('1', '1042');
-insert into sys_role_menu values ('1', '1043');
-insert into sys_role_menu values ('1', '1044');
-insert into sys_role_menu values ('1', '1045');
-insert into sys_role_menu values ('1', '1046');
-insert into sys_role_menu values ('1', '1047');
-insert into sys_role_menu values ('1', '1048');
-insert into sys_role_menu values ('1', '1049');
-insert into sys_role_menu values ('1', '1050');
-insert into sys_role_menu values ('1', '1051');
-insert into sys_role_menu values ('1', '1052');
-insert into sys_role_menu values ('1', '1053');
-insert into sys_role_menu values ('1', '1054');
-insert into sys_role_menu values ('1', '1055');
-
-
--- ----------------------------
--- 8、用户与岗位关联表 用户1-N岗位
+insert into sys_role_menu values ('2', '1');
+insert into sys_role_menu values ('2', '2');
+insert into sys_role_menu values ('2', '3');
+insert into sys_role_menu values ('2', '100');
+insert into sys_role_menu values ('2', '101');
+insert into sys_role_menu values ('2', '102');
+insert into sys_role_menu values ('2', '103');
+insert into sys_role_menu values ('2', '104');
+insert into sys_role_menu values ('2', '105');
+insert into sys_role_menu values ('2', '106');
+insert into sys_role_menu values ('2', '107');
+insert into sys_role_menu values ('2', '108');
+insert into sys_role_menu values ('2', '109');
+insert into sys_role_menu values ('2', '110');
+insert into sys_role_menu values ('2', '111');
+insert into sys_role_menu values ('2', '112');
+insert into sys_role_menu values ('2', '113');
+insert into sys_role_menu values ('2', '114');
+insert into sys_role_menu values ('2', '500');
+insert into sys_role_menu values ('2', '501');
+insert into sys_role_menu values ('2', '1000');
+insert into sys_role_menu values ('2', '1001');
+insert into sys_role_menu values ('2', '1002');
+insert into sys_role_menu values ('2', '1003');
+insert into sys_role_menu values ('2', '1004');
+insert into sys_role_menu values ('2', '1005');
+insert into sys_role_menu values ('2', '1006');
+insert into sys_role_menu values ('2', '1007');
+insert into sys_role_menu values ('2', '1008');
+insert into sys_role_menu values ('2', '1009');
+insert into sys_role_menu values ('2', '1010');
+insert into sys_role_menu values ('2', '1011');
+insert into sys_role_menu values ('2', '1012');
+insert into sys_role_menu values ('2', '1013');
+insert into sys_role_menu values ('2', '1014');
+insert into sys_role_menu values ('2', '1015');
+insert into sys_role_menu values ('2', '1016');
+insert into sys_role_menu values ('2', '1017');
+insert into sys_role_menu values ('2', '1018');
+insert into sys_role_menu values ('2', '1019');
+insert into sys_role_menu values ('2', '1020');
+insert into sys_role_menu values ('2', '1021');
+insert into sys_role_menu values ('2', '1022');
+insert into sys_role_menu values ('2', '1023');
+insert into sys_role_menu values ('2', '1024');
+insert into sys_role_menu values ('2', '1025');
+insert into sys_role_menu values ('2', '1026');
+insert into sys_role_menu values ('2', '1027');
+insert into sys_role_menu values ('2', '1028');
+insert into sys_role_menu values ('2', '1029');
+insert into sys_role_menu values ('2', '1030');
+insert into sys_role_menu values ('2', '1031');
+insert into sys_role_menu values ('2', '1032');
+insert into sys_role_menu values ('2', '1033');
+insert into sys_role_menu values ('2', '1034');
+insert into sys_role_menu values ('2', '1035');
+insert into sys_role_menu values ('2', '1036');
+insert into sys_role_menu values ('2', '1037');
+insert into sys_role_menu values ('2', '1038');
+insert into sys_role_menu values ('2', '1039');
+insert into sys_role_menu values ('2', '1040');
+insert into sys_role_menu values ('2', '1041');
+insert into sys_role_menu values ('2', '1042');
+insert into sys_role_menu values ('2', '1043');
+insert into sys_role_menu values ('2', '1044');
+insert into sys_role_menu values ('2', '1045');
+insert into sys_role_menu values ('2', '1046');
+insert into sys_role_menu values ('2', '1047');
+insert into sys_role_menu values ('2', '1048');
+insert into sys_role_menu values ('2', '1049');
+insert into sys_role_menu values ('2', '1050');
+insert into sys_role_menu values ('2', '1051');
+insert into sys_role_menu values ('2', '1052');
+insert into sys_role_menu values ('2', '1053');
+insert into sys_role_menu values ('2', '1054');
+insert into sys_role_menu values ('2', '1055');
+
+
+-- ----------------------------
+-- 8、角色和部门关联表 角色1-N部门
+-- ----------------------------
+drop table if exists sys_role_dept;
+create table sys_role_dept (
+ role_id int(11) not null comment '角色ID',
+ dept_id int(11) not null comment '部门ID',
+ primary key(role_id, dept_id)
+) engine=innodb default charset=utf8 comment = '角色和部门关联表';
+
+-- ----------------------------
+-- 初始化-角色和部门关联表数据
+-- ----------------------------
+insert into sys_role_dept values ('2', '100');
+insert into sys_role_dept values ('2', '101');
+insert into sys_role_dept values ('2', '105');
+
+-- ----------------------------
+-- 9、用户与岗位关联表 用户1-N岗位
-- ----------------------------
drop table if exists sys_user_post;
create table sys_user_post
@@ -368,7 +387,7 @@ insert into sys_user_post values ('2', '2');
-- ----------------------------
--- 9、操作日志记录
+-- 10、操作日志记录
-- ----------------------------
drop table if exists sys_oper_log;
create table sys_oper_log (
@@ -391,7 +410,7 @@ create table sys_oper_log (
-- ----------------------------
--- 10、字典类型表
+-- 11、字典类型表
-- ----------------------------
drop table if exists sys_dict_type;
create table sys_dict_type
@@ -421,7 +440,7 @@ insert into sys_dict_type values(9, '系统状态', 'sys_common_status', '0',
-- ----------------------------
--- 11、字典数据表
+-- 12、字典数据表
-- ----------------------------
drop table if exists sys_dict_data;
create table sys_dict_data
@@ -472,7 +491,7 @@ insert into sys_dict_data values(25, 2, '失败', '1', 'sys_common_status'
-- ----------------------------
--- 12、参数配置表
+-- 13、参数配置表
-- ----------------------------
drop table if exists sys_config;
create table sys_config (
@@ -494,7 +513,7 @@ insert into sys_config values(2, '用户管理-账号初始密码', 'sys.use
-- ----------------------------
--- 13、系统访问记录
+-- 14、系统访问记录
-- ----------------------------
drop table if exists sys_logininfor;
create table sys_logininfor (
@@ -512,7 +531,7 @@ create table sys_logininfor (
-- ----------------------------
--- 14、在线用户记录
+-- 15、在线用户记录
-- ----------------------------
drop table if exists sys_user_online;
create table sys_user_online (
@@ -532,7 +551,7 @@ create table sys_user_online (
-- ----------------------------
--- 15、定时任务调度表
+-- 16、定时任务调度表
-- ----------------------------
drop table if exists sys_job;
create table sys_job (
@@ -557,7 +576,7 @@ insert into sys_job values(2, 'ryTask', '系统默认(有参)', 'ryParams',
-- ----------------------------
--- 16、定时任务调度日志表
+-- 17、定时任务调度日志表
-- ----------------------------
drop table if exists sys_job_log;
create table sys_job_log (
@@ -575,7 +594,7 @@ create table sys_job_log (
-- ----------------------------
--- 17、通知公告表
+-- 18、通知公告表
-- ----------------------------
drop table if exists sys_notice;
create table sys_notice (
diff --git a/src/main/java/com/ruoyi/common/exception/user/UserDeleteException.java b/src/main/java/com/ruoyi/common/exception/user/UserDeleteException.java
new file mode 100644
index 00000000..4421db7e
--- /dev/null
+++ b/src/main/java/com/ruoyi/common/exception/user/UserDeleteException.java
@@ -0,0 +1,17 @@
+package com.ruoyi.common.exception.user;
+
+/**
+ * 用户账号已被删除
+ *
+ * @author ruoyi
+ */
+public class UserDeleteException extends UserException
+{
+
+ private static final long serialVersionUID = 1L;
+
+ public UserDeleteException()
+ {
+ super("user.password.delete", null);
+ }
+}
diff --git a/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java b/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
index 677f40b9..d5de1a9e 100644
--- a/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
+++ b/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
@@ -11,8 +11,6 @@ import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.scheduling.annotation.Async;
-import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.stereotype.Component;
import com.alibaba.fastjson.JSONObject;
import com.ruoyi.common.utils.ServletUtils;
@@ -32,7 +30,6 @@ import com.ruoyi.project.system.user.domain.User;
*/
@Aspect
@Component
-@EnableAsync
public class LogAspect
{
private static final Logger log = LoggerFactory.getLogger(LogAspect.class);
@@ -66,7 +63,6 @@ public class LogAspect
handleLog(joinPoint, e);
}
- @Async
protected void handleLog(final JoinPoint joinPoint, final Exception e)
{
try
diff --git a/src/main/java/com/ruoyi/framework/datascope/DataScopeUtils.java b/src/main/java/com/ruoyi/framework/datascope/DataScopeUtils.java
new file mode 100644
index 00000000..5165b485
--- /dev/null
+++ b/src/main/java/com/ruoyi/framework/datascope/DataScopeUtils.java
@@ -0,0 +1,72 @@
+package com.ruoyi.framework.datascope;
+
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.security.ShiroUtils;
+import com.ruoyi.project.system.role.domain.Role;
+import com.ruoyi.project.system.user.domain.User;
+
+/**
+ * 数据范围处理
+ *
+ * @author ruoyi
+ */
+public class DataScopeUtils
+{
+ /**
+ * 全部数据权限
+ */
+ public static final String DATA_SCOPE_ALL = "1";
+
+ /**
+ * 自定数据权限
+ */
+ public static final String DATA_SCOPE_CUSTOM = "2";
+
+ /**
+ * 数据范围过滤
+ *
+ * @return 标准连接条件对象
+ */
+ public static String dataScopeFilter()
+ {
+ return dataScopeFilter("u");
+ }
+
+ /**
+ * 数据范围过滤
+ *
+ * @param da 部门表别名
+ * @return 标准连接条件对象
+ */
+ public static String dataScopeFilter(String da)
+ {
+ User user = ShiroUtils.getUser();
+ // 如果是超级管理员,则不过滤数据
+ if (user.isAdmin())
+ {
+ return StringUtils.EMPTY;
+ }
+
+ StringBuilder sqlString = new StringBuilder();
+
+ for (Role role : user.getRoles())
+ {
+ String dataScope = role.getDataScope();
+ if (DATA_SCOPE_ALL.equals(dataScope))
+ {
+ sqlString = new StringBuilder();
+ break;
+ }
+ else if (DATA_SCOPE_CUSTOM.equals(dataScope))
+ {
+ sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", da, role.getRoleId()));
+ }
+ }
+
+ if (StringUtils.isNotBlank(sqlString.toString()))
+ {
+ return " AND (" + sqlString.substring(4) + ")";
+ }
+ return StringUtils.EMPTY;
+ }
+}
diff --git a/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java b/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java
index 915ab986..7e367ab2 100644
--- a/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java
+++ b/src/main/java/com/ruoyi/framework/shiro/realm/UserRealm.java
@@ -1,5 +1,8 @@
package com.ruoyi.framework.shiro.realm;
+import java.util.HashSet;
+import java.util.Set;
+
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
@@ -17,6 +20,7 @@ import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.RoleBlockedException;
import com.ruoyi.common.exception.user.UserBlockedException;
@@ -53,12 +57,27 @@ public class UserRealm extends AuthorizingRealm
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0)
{
- Long userId = ShiroUtils.getUserId();
+ User user = ShiroUtils.getUser();
+ // 角色列表
+ Set roles = new HashSet();
+ // 功能列表
+ Set menus = new HashSet();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
- // 角色加入AuthorizationInfo认证对象
- info.setRoles(roleService.selectRoleKeys(userId));
- // 权限加入AuthorizationInfo认证对象
- info.setStringPermissions(menuService.selectPermsByUserId(userId));
+ // 管理员拥有所有权限
+ if (user.isAdmin())
+ {
+ info.addRole("admin");
+ info.addStringPermission("*:*:*");
+ }
+ else
+ {
+ roles = roleService.selectRoleKeys(user.getUserId());
+ menus = menuService.selectPermsByUserId(user.getUserId());
+ // 角色加入AuthorizationInfo认证对象
+ info.setRoles(roles);
+ // 权限加入AuthorizationInfo认证对象
+ info.setStringPermissions(menus);
+ }
return info;
}
diff --git a/src/main/java/com/ruoyi/framework/shiro/service/LoginService.java b/src/main/java/com/ruoyi/framework/shiro/service/LoginService.java
index 0151562e..ec987dd8 100644
--- a/src/main/java/com/ruoyi/framework/shiro/service/LoginService.java
+++ b/src/main/java/com/ruoyi/framework/shiro/service/LoginService.java
@@ -8,6 +8,7 @@ import com.ruoyi.common.constant.ShiroConstants;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.UserBlockedException;
+import com.ruoyi.common.exception.user.UserDeleteException;
import com.ruoyi.common.exception.user.UserNotExistsException;
import com.ruoyi.common.exception.user.UserPasswordNotMatchException;
import com.ruoyi.common.utils.DateUtils;
@@ -80,19 +81,26 @@ public class LoginService
user = userService.selectUserByEmail(username);
}
- if (user == null || UserStatus.DELETED.getCode().equals(user.getDelFlag()))
+ if (user == null)
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.not.exists")));
throw new UserNotExistsException();
}
-
- passwordService.validate(user, password);
-
+
+ if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
+ {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.delete")));
+ throw new UserDeleteException();
+ }
+
if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.blocked", user.getRemark())));
throw new UserBlockedException(user.getRemark());
}
+
+ passwordService.validate(user, password);
+
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
recordLoginInfo(user);
return user;
diff --git a/src/main/java/com/ruoyi/framework/web/domain/BaseEntity.java b/src/main/java/com/ruoyi/framework/web/domain/BaseEntity.java
index 01d2925c..23984202 100644
--- a/src/main/java/com/ruoyi/framework/web/domain/BaseEntity.java
+++ b/src/main/java/com/ruoyi/framework/web/domain/BaseEntity.java
@@ -111,4 +111,4 @@ public class BaseEntity implements Serializable
{
this.params = params;
}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/com/ruoyi/project/system/config/domain/Config.java b/src/main/java/com/ruoyi/project/system/config/domain/Config.java
index 219b3c79..c9729dc1 100644
--- a/src/main/java/com/ruoyi/project/system/config/domain/Config.java
+++ b/src/main/java/com/ruoyi/project/system/config/domain/Config.java
@@ -82,6 +82,7 @@ public class Config extends BaseEntity
this.configType = configType;
}
+ @Override
public String toString()
{
return "Config [configId=" + configId + ", configName=" + configName + ", configKey=" + configKey
diff --git a/src/main/java/com/ruoyi/project/system/dept/controller/DeptController.java b/src/main/java/com/ruoyi/project/system/dept/controller/DeptController.java
index 4edbde52..54c99ddd 100644
--- a/src/main/java/com/ruoyi/project/system/dept/controller/DeptController.java
+++ b/src/main/java/com/ruoyi/project/system/dept/controller/DeptController.java
@@ -2,6 +2,7 @@ package com.ruoyi.project.system.dept.controller;
import java.util.List;
import java.util.Map;
+
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
@@ -11,12 +12,14 @@ import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
+
import com.ruoyi.framework.aspectj.lang.annotation.Log;
import com.ruoyi.framework.aspectj.lang.enums.BusinessType;
import com.ruoyi.framework.web.controller.BaseController;
import com.ruoyi.framework.web.domain.AjaxResult;
import com.ruoyi.project.system.dept.domain.Dept;
import com.ruoyi.project.system.dept.service.IDeptService;
+import com.ruoyi.project.system.role.domain.Role;
/**
* 部门信息
@@ -142,4 +145,15 @@ public class DeptController extends BaseController
List