From 8f3ae8526fe1d14116f6b59a7b31af5c06e2bcd8 Mon Sep 17 00:00:00 2001
From: sxu <602087911@qq.com>
Date: Fri, 7 Mar 2025 19:48:23 +0800
Subject: [PATCH] LeNiuDataPermission fix

---
 .../config/LeNiuDataPermissionHandler.java    | 68 +++++++++++--------
 1 file changed, 38 insertions(+), 30 deletions(-)

diff --git a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java
index 605f0b19..b11e33ba 100644
--- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java
+++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java
@@ -86,37 +86,45 @@ public class LeNiuDataPermissionHandler {
 
    private String getSqlByAliasAndPermissionType(Long userId, String roleCode, DataPermissionTypeEnum permissionType, String alias) {
       StringBuilder sb = new StringBuilder();
-      if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key())) {
-         if (roleCode.split("&&").length <= 1) {
-            return "";
-         }
+      sb.append(" EXISTS ( ").append(" SELECT null FROM alloc_area it1")
+              .append(" LEFT JOIN sys_role it2 ON it2.area_id = it1.area_id")
+              .append(" LEFT JOIN sys_user_role it3 ON it2.role_id = it3.role_id")
+              .append(" LEFT JOIN sys_user it4 ON it4.user_id = it3.user_id")
+              .append(" WHERE it2.del_flag = 0 AND it2.role_key = '")
+              .append(roleCode).append("'")
+              .append(" AND ").append(alias).append(".cust_id = it4.cust_id)");
 
-         if (!ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) {
-            return "";
-         }
-
-         sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)");
-      } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ORG.key())) {
-         if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_ORG, permissionType)) {
-            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_org it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".org_id = it1.org_id)");
-         }
-      } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_MERCHANT.key())) {
-         if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN, permissionType)) {
-            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".canteen_id = it1.data_id)");
-         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_STALL, permissionType)) {
-            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".stall_id = it1.data_id)");
-         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN_STALL, permissionType)) {
-            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND (").append(alias).append(".canteen_id = it1.data_id OR ").append(alias).append(".stall_id = it1.data_id ))");
-         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_WAREHOUSE, permissionType)) {
-            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_warehouse it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".warehouse_id = it1.warehouse_id)");
-         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_SUPERMARKET, permissionType)) {
-            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".supermarket_id = it1.data_id)");
-         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) {
-            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)");
-         }
-      } else {
-         sb.append("1 = 2");
-      }
+//      if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key())) {
+//         if (roleCode.split("&&").length <= 1) {
+//            return "";
+//         }
+//
+//         if (!ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) {
+//            return "";
+//         }
+//
+//         sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)");
+//      } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ORG.key())) {
+//         if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_ORG, permissionType)) {
+//            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_org it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".org_id = it1.org_id)");
+//         }
+//      } else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_MERCHANT.key())) {
+//         if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN, permissionType)) {
+//            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".canteen_id = it1.data_id)");
+//         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_STALL, permissionType)) {
+//            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".stall_id = it1.data_id)");
+//         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN_STALL, permissionType)) {
+//            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND (").append(alias).append(".canteen_id = it1.data_id OR ").append(alias).append(".stall_id = it1.data_id ))");
+//         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_WAREHOUSE, permissionType)) {
+//            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_warehouse it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".warehouse_id = it1.warehouse_id)");
+//         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_SUPERMARKET, permissionType)) {
+//            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".supermarket_id = it1.data_id)");
+//         } else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) {
+//            sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)");
+//         }
+//      } else {
+//         sb.append("1 = 2");
+//      }
 
       return sb.toString();
    }