超管权限

2025-03-21 09:32:13 +08:00 · 2025-03-21 09:32:13 +08:00 · 6de8507f30
parent 743a7060fa
commit 6de8507f30
5 changed files with 11 additions and 18 deletions
--- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/allocation/api/AllocCanteenApi.java
+++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/allocation/api/AllocCanteenApi.java
@ -14,6 +14,8 @@ import com.bonus.canteen.core.allocation.canteen.service.AllocAreaService;
 import com.bonus.canteen.core.allocation.canteen.service.AllocCanteenService;
 import com.bonus.canteen.core.allocation.canteen.service.AllocMealLineService;
 import com.bonus.canteen.core.allocation.canteen.vo.*;
+import com.bonus.canteen.core.auth.config.LeNiuDataPermission;
+import com.bonus.canteen.core.auth.enums.DataPermissionTypeEnum;
 import com.bonus.canteen.core.auth.po.MgrUserAuthPO;
 import com.bonus.canteen.core.common.enums.AllocCanteenTypeEnum;
 import com.bonus.canteen.core.common.utils.TenantContextHolder;
@ -251,6 +253,10 @@ public class AllocCanteenApi {
      return this.allocStallMapper.listAuthStallByUserRole();
   }

+   @LeNiuDataPermission(
+           alias = "t1",
+           permissionType = DataPermissionTypeEnum.PERMISSION_AREA
+   )
   public List<AllocAreaVO> listAreaByUserRole(MgrUserAuthPO mgrUserAuthPO) {
      return this.allocAreaMapper.listAreaByUserRole(mgrUserAuthPO);
   }
--- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/allocation/canteen/service/impl/AllocAreaServiceImpl.java
+++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/allocation/canteen/service/impl/AllocAreaServiceImpl.java
@ -201,11 +201,7 @@ public class AllocAreaServiceImpl extends ServiceImpl<AllocAreaMapper, AllocArea

   @Override
   public List<Tree<Long>> getSystemAuthAreaTree() {
-      MgrUserAuthPO mgrUserAuthPO = this.mgrAuthApi.getUserAuthPO();
      List<AllocAreaTreeVO> areaList = ((AllocAreaMapper)this.baseMapper).listSystemArea(TenantContextHolder.getTenantId());
-      if (GlobalConstants.SUPER_ADMIN_ROLE_KEY.equals(mgrUserAuthPO.getRoleCode())) {
-         areaList = new ArrayList<>();
-      }
      List<AllocAreaTreeVO> filterAreaTreeList = ((AllocAreaMapper)this.baseMapper).listAllTreeArea();
      if (CollUtil.isNotEmpty(filterAreaTreeList)) {
         List<Long> filterAreaIdList = (List)filterAreaTreeList.stream().map(BaseTreeNode::getId).collect(Collectors.toList());
--- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/api/MgrAuthApi.java
+++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/api/MgrAuthApi.java
@ -131,7 +131,9 @@ public class MgrAuthApi {
      MgrUserAuthPO mgrUserAuthPO = this.getUserAuthPO();
      if (!filterOtherRole) {
         return CollUtil.newArrayList(new AllocCanteenTreeVO[0]);
-      } else if (!ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ADMIN.getKey()) && !ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ORG.getKey())) {
+      } else if (!ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ADMIN.getKey())
+              && !ObjectUtil.equal(mgrUserAuthPO.getRoleCode(), GlobalConstants.SUPER_ADMIN_ROLE_KEY)
+              && !ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ORG.getKey())) {
         return this.mgrRoleCanteenMapper.getTenantCanteen(excludeMiddle, tenantId, mgrUserAuthPO, delFlag);
      } else {
         List<AllocCanteenTreeVO> list = CollUtil.newArrayList(new AllocCanteenTreeVO[0]);
--- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java
+++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java
@ -4,6 +4,7 @@ import cn.hutool.core.util.ObjectUtil;
 import com.bonus.canteen.core.auth.enums.DataPermissionTypeEnum;
 import com.bonus.canteen.core.auth.enums.RoleCodeV2Enum;
 import com.bonus.common.core.exception.ServiceException;
+import com.bonus.common.houqin.constant.GlobalConstants;
 import com.bonus.common.security.utils.SecurityUtils;
 import net.sf.jsqlparser.expression.Expression;
 import net.sf.jsqlparser.expression.HexValue;
@ -87,7 +88,7 @@ public class LeNiuDataPermissionHandler {
   private String getSqlByAliasAndPermissionType(Long userId, String roleCode, DataPermissionTypeEnum permissionType, String alias) {
      StringBuilder sb = new StringBuilder();

-      if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key())) {
+      if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key()) || GlobalConstants.SUPER_ADMIN_ROLE_KEY.equals(roleCode)) {
         return "";
      } else {
            if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_ORG, permissionType)) {
--- a/bonus-modules/bonus-smart-canteen/src/main/resources/mapper/alloc/AllocAreaMapper.xml
+++ b/bonus-modules/bonus-smart-canteen/src/main/resources/mapper/alloc/AllocAreaMapper.xml
@ -61,17 +61,5 @@
               t1.super_id
        FROM alloc_area t1
        WHERE t1.if_del = 2
-        <if test="'-1'.toString() != authPO.roleType.toString()">
-            and EXISTS (
-            SELECT null
-            FROM sys_role_area it1
-            LEFT JOIN sys_role it2 ON it2.role_id = it1.role_id
-            LEFT JOIN sys_user_role it3 ON it1.role_id = it3.role_id
-            WHERE it2.del_flag = 0
-            AND it2.role_key = #{authPO.roleCode}
-            AND it3.user_id = #{authPO.userId}
-            AND t1.area_id = it1.area_id
-            )
-        </if>
    </select>
 </mapper>