数据权限集成

src/main/java/com/bonus/digitalSignage/backstage/entity/dto/QueryParamDto.java

@@ -19,8 +19,8 @@ public class QueryParamDto {
     private String keyWord;
     /**权限层级*/
     private String level = UserUtil.getAuthLevel();
-    /**工程权限*/
+    /**项目部权限*/
-    private List<Long> proIds = UserUtil.getAuthProIds();
+    private List<Long> departs = UserUtil.getAuthDeparts();
     private int pageNum = 1;
     private int pageSize = 10;
 }

src/main/java/com/bonus/digitalSignage/model/SysUser.java

@@ -90,7 +90,9 @@ public class SysUser extends PageEntity {
 	/**
 	 * 所属部门
 	 */
-	private String dept;
+	private Long dept;
+
+	private List<Long> departs;
 
 	/**
 	 * 登录权限
@@ -162,9 +164,9 @@ public class SysUser extends PageEntity {
 	private String keyWord;
 
 	/**
-	 * 角色级别
+	 * 项目部级别
 	 */
-	private String roleLevel;
+	private String level;
 
 	/**
 	 * 工程ID

src/main/java/com/bonus/digitalSignage/system/dao/UserDao.java

@@ -200,4 +200,6 @@ public interface UserDao {
 	Integer saveUserProject(@Param("userId") Long id, @Param("proId")String proId);
 
 	List<SelectVo> getProjects(UserDto userDto);
+
+	List<Long> getDataAuth(Long dept);
 }

src/main/java/com/bonus/digitalSignage/system/service/UserService.java

@@ -170,4 +170,13 @@ public interface UserService {
 	List<SysUser> getPersonList(SysUser data);
 
 	List<SelectVo> getProjects(UserDto userDto);
+
+	/**
+	 * 查询当前登录用户的所属部门及子部门
+	 * @param dept
+	 * @return List<Long>
+	 * @author cwchen
+	 * @date 2025/4/22 9:50
+	 */
+    List<Long> getDataAuth(Long dept);
 }

src/main/java/com/bonus/digitalSignage/system/service/impl/UserDetailsServiceImpl.java

@@ -62,6 +62,9 @@ public class UserDetailsServiceImpl implements UserDetailsService {
 		BeanUtils.copyProperties(sysUser, loginUser);
 		List<Permission> permissions = permissionDao.listByUserId(sysUser.getId());
 		loginUser.setPermissions(permissions);
+		// 查询当前登录用户数据权限
+		List<Long> departs = userService.getDataAuth(loginUser.getDept());
+		loginUser.setDeparts(departs);
 		return loginUser;
 	}
 

src/main/java/com/bonus/digitalSignage/system/service/impl/UserServiceImpl.java

@@ -1,7 +1,9 @@
 package com.bonus.digitalSignage.system.service.impl;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 
 import com.bonus.digitalSignage.base.entity.DtreeVo;
 import com.bonus.digitalSignage.model.Role;
@@ -326,4 +328,13 @@ public class UserServiceImpl implements UserService {
         return userDto;
     }
 
+    @Override
+    public List<Long> getDataAuth(Long dept) {
+        try {
+            return Optional.ofNullable(userDao.getDataAuth(dept)).orElseGet(ArrayList::new);
+        } catch (Exception e) {
+            log.error(e.toString(), e);
+            return new ArrayList<>();
+        }
+    }
 }

src/main/java/com/bonus/digitalSignage/utils/UserUtil.java

@@ -7,10 +7,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 
-import java.util.Arrays;
+import java.util.*;
-import java.util.List;
-import java.util.Objects;
-import java.util.Optional;
 import java.util.stream.Collectors;
 
 public class UserUtil {
@@ -37,39 +34,17 @@ public class UserUtil {
 	 * @date 2025/4/21 18:02
 	 */
 	public static String getAuthLevel() {
-		LoginUser loginUser = getLoginUser();
+		return Optional.ofNullable(UserUtil.getLoginUser()).map(LoginUser::getLevel).orElse("0");
-		if(loginUser == null){
-			return null;
-		}else {
-			String roleLevel = Optional.ofNullable(UserUtil.getLoginUser()).map(LoginUser::getRoleLevel).orElse("0");
-			String proIds = Optional.ofNullable(UserUtil.getLoginUser()).map(LoginUser::getProIds).orElse("-1");
-			if(Objects.equals(roleLevel, Constants.ROLE_LEVEL)){ // 非全部权限
-				List<Long> proList = Arrays.stream(proIds.split(",")).map(String::trim).filter(s -> !s.isEmpty()).map(Long::valueOf).collect(Collectors.toList());
-				return null;
-			}
-		}
-		return null;
 	}
 
 	/**
-	 * 获取所属工程权限
+	 * 获取所属项目部权限
 	 * @return List<Long>
 	 * @author cwchen
 	 * @date 2025/4/21 18:02
 	 */
-	public static List<Long> getAuthProIds() {
+	public static List<Long> getAuthDeparts() {
-		LoginUser loginUser = getLoginUser();
+		return Optional.ofNullable(UserUtil.getLoginUser()).map(LoginUser::getDeparts).orElse(null);
-		if(loginUser == null){
-			return null;
-		}else {
-			String roleLevel = Optional.ofNullable(UserUtil.getLoginUser()).map(LoginUser::getRoleLevel).orElse("0");
-			String proIds = Optional.ofNullable(UserUtil.getLoginUser()).map(LoginUser::getProIds).orElse("-1");
-			if(Objects.equals(roleLevel, Constants.ROLE_LEVEL)){ // 非全部权限
-				List<Long> proList = Arrays.stream(proIds.split(",")).map(String::trim).filter(s -> !s.isEmpty()).map(Long::valueOf).collect(Collectors.toList());
-				return proList;
-			}
-		}
-		return null;
 	}
 
 }

src/main/resources/mappers/backstage/ProProgressMapper.xml

@@ -20,10 +20,10 @@
             WHERE sd2.dict_code = 'voltage_level' AND sd.del_flag = 0
         ) A ON A.dict_value = tp.voltage_level
         <where>
-            <if test="level != '1' and proIds != null and proIds.size() > 0">
+            <if test="level != '1' and departs != null and departs.size() > 0">
-                AND tp.pro_id IN
+                AND tp.depart_id IN
-                <foreach collection="proIds" item="proId" open="(" separator="," close=")">
+                <foreach collection="departs" item="departId" open="(" separator="," close=")">
-                    #{proId}
+                    #{departId}
                 </foreach>
             </if>
            <if test="keyWord!=null and keyWord!=''">

src/main/resources/mappers/system/UserMapper.xml

@@ -79,9 +79,10 @@
 	<select id="getUser" parameterType="String" resultType="com.bonus.digitalSignage.model.SysUser">
 		select t.id,t.user_name as username,t.login_name as loginName,t.org_id as orgId,
 			   t.password,t.state,t.role_id as roleId,t.login_type loginType,t.new_user  newUser,
-				sr.role_code AS roleCode,sr.role_name AS roleName
+				sr.role_code AS roleCode,sr.role_name AS roleName,t.dept,td.level
 		from sys_user t
 		LEFT JOIN sys_role sr ON t.role_id = sr.role_id AND sr.del_flag = 0
+		LEFT JOIN tb_depart td ON t.dept = td.id
 		where t.login_name = #{username}
 				and t.del_flag = 0
 	</select>
@@ -272,6 +273,24 @@
 		left join tb_project p on t.pro_id = p.id
 		where t.user_id = #{id}
 	</select>
+	<select id="getDataAuth" resultType="java.lang.Long">
+		SELECT
+			id
+		FROM
+			(
+				SELECT
+					t1.id,
+					t1.parent_id,
+					IF
+					( find_in_set( parent_id, @pids ) > 0, @pids := concat( @pids, ',', id ), - 1 ) AS ischild
+				FROM
+						( SELECT id, parent_id FROM tb_depart t ) t1,
+						( SELECT @pids := #{dept} ) t2
+			) t3
+		WHERE
+			ischild != - 1
+		   OR id = #{dept}
+	</select>
 
 	<insert id="saveUserRoles">
 		insert into sys_role_user(roleId, userId) values