From 1ed91b79876acab14d8d8a5562f1e2e576c19a09 Mon Sep 17 00:00:00 2001
From: sxu <602087911@qq.com>
Date: Sun, 9 Mar 2025 21:27:37 +0800
Subject: [PATCH] =?UTF-8?q?=E9=83=A8=E9=97=A8=E6=95=B0=E6=8D=AE=E6=9D=83?=
 =?UTF-8?q?=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/bonus/system/api/domain/SysRole.java  | 12 +--
 .../datascope/annotation/DataScope.java       |  5 ++
 .../datascope/aspect/DataScopeAspect.java     | 86 ++++++++++++++++++-
 .../common/datascope/enums/DataTypeEnum.java  | 16 ++++
 .../service/impl/SysRoleServiceImpl.java      | 24 +++---
 .../resources/mapper/system/SysRoleMapper.xml | 12 +--
 6 files changed, 131 insertions(+), 24 deletions(-)
 create mode 100644 bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/enums/DataTypeEnum.java

diff --git a/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/domain/SysRole.java b/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/domain/SysRole.java
index d52515e..c26731e 100644
--- a/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/domain/SysRole.java
+++ b/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/domain/SysRole.java
@@ -41,8 +41,8 @@ public class SysRole extends BaseEntity
     @Excel(name = "角色排序")
     private Integer roleSort;
 
-    /** 角色类型(1-全数据类,2-组织类,3-商户类) */
-    private Integer roleType;
+    /** 数据类型(1-组织类,2-区域类) */
+    private Integer dataType;
 
     /** 数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限；5：仅本人数据权限） */
     @Excel(name = "数据范围", readConverterExp = "1=所有数据权限,2=自定义数据权限,3=本部门数据权限,4=本部门及以下数据权限,5=仅本人数据权限")
@@ -151,12 +151,12 @@ public class SysRole extends BaseEntity
         this.roleSort = roleSort;
     }
 
-    public Integer getRoleType() {
-        return roleType;
+    public Integer getDataType() {
+        return dataType;
     }
 
-    public void setRoleType(Integer roleType) {
-        this.roleType = roleType;
+    public void setDataType(Integer dataType) {
+        this.dataType = dataType;
     }
 
     public String getDataScope()
diff --git a/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/annotation/DataScope.java b/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/annotation/DataScope.java
index ad96bd1..5237276 100644
--- a/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/annotation/DataScope.java
+++ b/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/annotation/DataScope.java
@@ -21,6 +21,11 @@ public @interface DataScope
      */
     public String deptAlias() default "";
 
+    /**
+     * 区域表的别名
+     */
+    public String areaAlias() default "";
+
     /**
      * 用户表的别名
      */
diff --git a/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/aspect/DataScopeAspect.java b/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/aspect/DataScopeAspect.java
index 3e8f5a7..6acd1af 100644
--- a/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/aspect/DataScopeAspect.java
+++ b/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/aspect/DataScopeAspect.java
@@ -74,8 +74,10 @@ public class DataScopeAspect
             if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin())
             {
                 String permission = StringUtils.defaultIfEmpty(controllerDataScope.permission(), SecurityContextHolder.getPermission());
-                dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
+                deptDataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
                         controllerDataScope.userAlias(), permission);
+//                areaDataScopeFilter(joinPoint, currentUser, controllerDataScope.areaAlias(),
+//                        controllerDataScope.userAlias(), permission);
             }
         }
     }
@@ -89,7 +91,7 @@ public class DataScopeAspect
      * @param userAlias 用户别名
      * @param permission 权限字符
      */
-    public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, String permission)
+    public static void deptDataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, String permission)
     {
         StringBuilder sqlString = new StringBuilder();
         List<String> conditions = new ArrayList<String>();
@@ -160,6 +162,86 @@ public class DataScopeAspect
         }
     }
 
+    /**
+     * 数据范围过滤
+     *
+     * @param joinPoint 切点
+     * @param user 用户
+     * @param areaAlias 区域别名
+     * @param userAlias 用户别名
+     * @param permission 权限字符
+     */
+    public static void areaDataScopeFilter(JoinPoint joinPoint, SysUser user, String areaAlias, String userAlias, String permission)
+    {
+        StringBuilder sqlString = new StringBuilder();
+        List<String> conditions = new ArrayList<String>();
+
+        for (SysRole role : user.getRoles())
+        {
+            String dataScope = role.getDataScope();
+            if (!DATA_SCOPE_CUSTOM.equals(dataScope) && conditions.contains(dataScope))
+            {
+                continue;
+            }
+            if (StringUtils.isNotEmpty(permission) && StringUtils.isNotEmpty(role.getPermissions())
+                    && !StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
+            {
+                continue;
+            }
+            if (DATA_SCOPE_ALL.equals(dataScope))
+            {
+                sqlString = new StringBuilder();
+                conditions.add(dataScope);
+                break;
+            }
+            else if (DATA_SCOPE_CUSTOM.equals(dataScope))
+            {
+                sqlString.append(StringUtils.format(
+                        " OR {}.area_id IN ( SELECT area_id FROM sys_role_area WHERE role_id = {} ) ", areaAlias,
+                        role.getRoleId()));
+            }
+            else if (DATA_SCOPE_DEPT.equals(dataScope))
+            {
+                sqlString.append(StringUtils.format(" OR {}.area_id = {} ", areaAlias, user.getDeptId()));
+            }
+            else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope))
+            {
+                sqlString.append(StringUtils.format(
+                        " OR {}.area_id IN ( SELECT area_id FROM alloc_area WHERE area_id = {} or find_in_set( {} , area_full_id ) )",
+                        areaAlias, user.getDeptId(), user.getDeptId()));
+            }
+            else if (DATA_SCOPE_SELF.equals(dataScope))
+            {
+                if (StringUtils.isNotBlank(userAlias))
+                {
+                    sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId()));
+                }
+                else
+                {
+                    // 数据权限为仅本人且没有userAlias别名不查询任何数据
+                    sqlString.append(StringUtils.format(" OR {}.area_id = 0 ", areaAlias));
+                }
+            }
+            conditions.add(dataScope);
+        }
+
+        // 多角色情况下，所有角色都不包含传递过来的权限字符，这个时候sqlString也会为空，所以要限制一下,不查询任何数据
+        if (StringUtils.isEmpty(conditions))
+        {
+            sqlString.append(StringUtils.format(" OR {}.area_id = 0 ", areaAlias));
+        }
+
+        if (StringUtils.isNotBlank(sqlString.toString()))
+        {
+            Object params = joinPoint.getArgs()[0];
+            if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
+            {
+                BaseEntity baseEntity = (BaseEntity) params;
+                baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
+            }
+        }
+    }
+
     /**
      * 拼接权限sql前先清空params.dataScope参数防止注入
      */
diff --git a/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/enums/DataTypeEnum.java b/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/enums/DataTypeEnum.java
new file mode 100644
index 0000000..c3e6193
--- /dev/null
+++ b/bonus-common/bonus-common-datascope/src/main/java/com/bonus/common/datascope/enums/DataTypeEnum.java
@@ -0,0 +1,16 @@
+package com.bonus.common.datascope.enums;
+
+public enum DataTypeEnum {
+   PERMISSION_ORG(1),
+   PERMISSION_AREA(2);
+
+   private final Integer key;
+
+   private DataTypeEnum(Integer key) {
+      this.key = key;
+   }
+
+   public Integer getKey() {
+      return this.key;
+   }
+}
diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysRoleServiceImpl.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysRoleServiceImpl.java
index f42a517..1761e87 100644
--- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysRoleServiceImpl.java
+++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysRoleServiceImpl.java
@@ -7,6 +7,7 @@ import java.util.List;
 import java.util.Set;
 
 import com.bonus.common.core.web.domain.BaseEntity;
+import com.bonus.common.datascope.enums.DataTypeEnum;
 import com.bonus.common.datascope.utils.CommonDataPermissionInfo;
 import com.bonus.system.api.domain.SysUserRole;
 import com.bonus.system.domain.SysRoleArea;
@@ -308,16 +309,19 @@ public class SysRoleServiceImpl implements ISysRoleService
     public int authDataScope(SysRole role)
     {
         // 修改角色信息
-        roleMapper.updateRole(role);
-        // 删除角色与部门关联
-        roleDeptMapper.deleteRoleDeptByRoleId(role.getRoleId());
-        // 新增角色和部门信息（数据权限）
-        int roleDeptCount = insertRoleDept(role);
-        // 删除角色与区域关联
-        //roleAreaMapper.deleteRoleAreaByRoleId(role.getRoleId());
-        // 新增角色和区域信息（数据权限）
-        //int roleAreaCount = insertRoleArea(role);
-        return roleDeptCount; // + roleAreaCount;
+        int count = roleMapper.updateRole(role);
+        if (DataTypeEnum.PERMISSION_ORG.getKey().equals(role.getDataType())) {
+            // 删除角色与部门关联
+            roleDeptMapper.deleteRoleDeptByRoleId(role.getRoleId());
+            // 新增角色和部门信息（数据权限）
+            return insertRoleDept(role);
+        } else if (DataTypeEnum.PERMISSION_AREA.getKey().equals(role.getDataType())) {
+            // 删除角色与区域关联
+            roleAreaMapper.deleteRoleAreaByRoleId(role.getRoleId());
+            // 新增角色和区域信息（数据权限）
+            return insertRoleArea(role);
+        }
+        return count;
     }
 
     /**
diff --git a/bonus-modules/bonus-system/src/main/resources/mapper/system/SysRoleMapper.xml b/bonus-modules/bonus-system/src/main/resources/mapper/system/SysRoleMapper.xml
index e5573b6..14a5a24 100644
--- a/bonus-modules/bonus-system/src/main/resources/mapper/system/SysRoleMapper.xml
+++ b/bonus-modules/bonus-system/src/main/resources/mapper/system/SysRoleMapper.xml
@@ -9,7 +9,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		<result property="roleName"           column="role_name"             />
 		<result property="roleKey"            column="role_key"              />
 		<result property="roleSort"           column="role_sort"             />
-		<result property="roleType"           column="role_type"             />
+		<result property="dataType"           column="data_type"             />
 		<result property="dataScope"          column="data_scope"            />
 		<result property="menuCheckStrictly"  column="menu_check_strictly"   />
 		<result property="deptCheckStrictly"  column="dept_check_strictly"   />
@@ -26,8 +26,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	</resultMap>
 
 	<sql id="selectRoleVo">
-	    select distinct r.role_id, r.role_name, r.role_key, r.role_sort, r.data_scope, r.menu_check_strictly, r.dept_check_strictly,
-            r.company_id, r.status, r.del_flag, r.create_time, r.remark, r.is_built_in, r.area_id, r.role_type
+	    select distinct r.role_id, r.role_name, r.role_key, r.role_sort, r.data_type, r.data_scope, r.menu_check_strictly, r.dept_check_strictly,
+            r.company_id, r.status, r.del_flag, r.create_time, r.remark, r.is_built_in, r.area_id
         from sys_role r
 	        left join sys_user_role ur on ur.role_id = r.role_id
 	        left join sys_user u on u.user_id = ur.user_id
@@ -114,7 +114,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="roleName != null and roleName != ''">role_name,</if>
  			<if test="roleKey != null and roleKey != ''">role_key,</if>
  			<if test="roleSort != null">role_sort,</if>
-		    <if test="roleType != null">role_type,</if>
+		    <if test="dataType != null and dataType != ''">data_type,</if>
  			<if test="dataScope != null and dataScope != ''">data_scope,</if>
  			<if test="menuCheckStrictly != null">menu_check_strictly,</if>
  			<if test="deptCheckStrictly != null">dept_check_strictly,</if>
@@ -130,7 +130,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="roleName != null and roleName != ''">#{roleName},</if>
  			<if test="roleKey != null and roleKey != ''">#{roleKey},</if>
  			<if test="roleSort != null">#{roleSort},</if>
-		    <if test="roleType != null">#{roleType},</if>
+		    <if test="dataType != null and dataType != ''">#{dataType},</if>
  			<if test="dataScope != null and dataScope != ''">#{dataScope},</if>
  			<if test="menuCheckStrictly != null">#{menuCheckStrictly},</if>
  			<if test="deptCheckStrictly != null">#{deptCheckStrictly},</if>
@@ -150,7 +150,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="roleName != null and roleName != ''">role_name = #{roleName},</if>
  			<if test="roleKey != null and roleKey != ''">role_key = #{roleKey},</if>
  			<if test="roleSort != null">role_sort = #{roleSort},</if>
-			<if test="roleType != null">role_type = #{roleType},</if>
+			<if test="dataType != null and dataType != ''">data_type = #{dataType},</if>
  			<if test="dataScope != null and dataScope != ''">data_scope = #{dataScope},</if>
  			<if test="menuCheckStrictly != null">menu_check_strictly = #{menuCheckStrictly},</if>
  			<if test="deptCheckStrictly != null">dept_check_strictly = #{deptCheckStrictly},</if>