权限

yudao-framework/yudao-spring-boot-starter-biz-data-permission/pom.xml

@@ -40,6 +40,10 @@
             <artifactId>yudao-spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.data</groupId>
+            <artifactId>spring-data-redis</artifactId>
+        </dependency>
     </dependencies>
 
 </project>

yudao-framework/yudao-spring-boot-starter-biz-data-permission/src/main/java/cn/iocoder/yudao/framework/datapermission/core/dept/rule/DeptDataPermissionRule.java

@@ -2,10 +2,10 @@ package cn.iocoder.yudao.framework.datapermission.core.dept.rule;
 
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.StrUtil;
-import cn.iocoder.yudao.framework.datapermission.core.dept.service.DeptDataPermissionFrameworkService;
-import cn.iocoder.yudao.framework.datapermission.core.dept.service.dto.DeptDataPermissionRespDTO;
 import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
 import cn.iocoder.yudao.framework.common.util.json.JsonUtils;
+import cn.iocoder.yudao.framework.datapermission.core.dept.service.DeptDataPermissionFrameworkService;
+import cn.iocoder.yudao.framework.datapermission.core.dept.service.dto.DeptDataPermissionRespDTO;
 import cn.iocoder.yudao.framework.datapermission.core.rule.DataPermissionRule;
 import cn.iocoder.yudao.framework.mybatis.core.dataobject.BaseDO;
 import cn.iocoder.yudao.framework.mybatis.core.util.MyBatisUtils;
@@ -13,7 +13,7 @@ import cn.iocoder.yudao.framework.security.core.LoginUser;
 import cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils;
 import com.baomidou.mybatisplus.core.metadata.TableInfoHelper;
 import lombok.AllArgsConstructor;
-import lombok.Getter;
+import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import net.sf.jsqlparser.expression.Alias;
 import net.sf.jsqlparser.expression.Expression;
@@ -23,6 +23,7 @@ import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
 import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
 import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
 import net.sf.jsqlparser.expression.operators.relational.InExpression;
+import net.sf.jsqlparser.parser.CCJSqlParserUtil;
 
 import java.util.HashMap;
 import java.util.HashSet;
@@ -146,6 +147,7 @@ public class DeptDataPermissionRule implements DataPermissionRule {
                 new ExpressionList(CollectionUtils.convertList(deptIds, LongValue::new)));
     }
 
+    @SneakyThrows
     private Expression buildUserExpression(String tableName, Alias tableAlias, Boolean self, Long userId) {
         // 如果不查看自己，则无需作为条件
         if (Boolean.FALSE.equals(self)) {
@@ -155,6 +157,17 @@ public class DeptDataPermissionRule implements DataPermissionRule {
         if (StrUtil.isEmpty(columnName)) {
             return null;
         }
+
+        Long cpUserId = deptDataPermissionService.getCpUserIdBySystemUserId(userId);
+        if (tableName.equals("farm_project")){
+            Expression projectSql = CCJSqlParserUtil.parseCondExpression("(creator = " + userId + " or JSON_CONTAINS(members, '"+ cpUserId +"'))");
+            return projectSql;
+        }
+        if (tableName.equals("farm_task")){
+            Expression taskSql = CCJSqlParserUtil.parseCondExpression(" (creator = " + userId + " or JSON_CONTAINS(executor_person, '"+ cpUserId +"')" +
+                    " or main_person = " + cpUserId +")");
+            return taskSql;
+        }
         // 拼接条件
         return new EqualsTo(MyBatisUtils.buildColumn(tableName, tableAlias, columnName), new LongValue(userId));
     }

yudao-framework/yudao-spring-boot-starter-biz-data-permission/src/main/java/cn/iocoder/yudao/framework/datapermission/core/dept/service/DeptDataPermissionFrameworkService.java

@@ -19,4 +19,6 @@ public interface DeptDataPermissionFrameworkService {
      */
     DeptDataPermissionRespDTO getDeptDataPermission(LoginUser loginUser);
 
+    Long getCpUserIdBySystemUserId(Long id);
+
 }

yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java

@@ -16,6 +16,7 @@ import cn.iocoder.yudao.module.system.convert.auth.AuthConvert;
 import cn.iocoder.yudao.module.system.dal.dataobject.user.AdminUserDO;
 import cn.iocoder.yudao.module.system.enums.logger.LoginLogTypeEnum;
 import cn.iocoder.yudao.module.system.enums.logger.LoginResultEnum;
+import cn.iocoder.yudao.module.system.service.CpUser.CpUserService;
 import cn.iocoder.yudao.module.system.service.common.CaptchaService;
 import cn.iocoder.yudao.module.system.service.logger.LoginLogService;
 import cn.iocoder.yudao.module.system.service.permission.PermissionService;
@@ -25,6 +26,7 @@ import lombok.extern.slf4j.Slf4j;
 import me.zhyd.oauth.model.AuthUser;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Lazy;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.DisabledException;
@@ -71,6 +73,11 @@ public class AdminAuthServiceImpl implements AdminAuthService {
     @Resource
     private SocialUserService socialUserService;
 
+    @Resource
+    private RedisTemplate redisTemplate;
+    @Resource
+    private CpUserService cpUserService;
+
     @Resource
     private Validator validator;
 
@@ -106,6 +113,9 @@ public class AdminAuthServiceImpl implements AdminAuthService {
         // 使用账号密码，进行登录
         LoginUser loginUser = this.login0(reqVO.getUsername(), reqVO.getPassword());
 
+        //将cpUserId存入  key为 系统用户id  value为 cpUserId
+        redisTemplate.opsForValue().set("CpUserId::" + loginUser.getId(), cpUserService.getByUserId(loginUser.getUsername()).getId().toString());
+
         // 缓存登陆用户到 Redis 中，返回 sessionId 编号
         return createUserSessionAfterLoginSuccess(loginUser, LoginLogTypeEnum.LOGIN_USERNAME, userIp, userAgent);
     }

yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/permission/PermissionServiceImpl.java

@@ -27,6 +27,7 @@ import com.google.common.collect.Multimap;
 import com.google.common.collect.Sets;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Lazy;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@@ -101,6 +102,10 @@ public class PermissionServiceImpl implements PermissionService {
     @Lazy // 注入自己，所以延迟加载
     private PermissionService self;
 
+    @Resource
+    private RedisTemplate redisTemplate;
+
+
     /**
      * 初始化 {@link #roleMenuCache} 和 {@link #menuRoleCache} 缓存
      */
@@ -433,4 +438,8 @@ public class PermissionServiceImpl implements PermissionService {
                 UserRoleDO::getUserId);
     }
 
+
+    public Long getCpUserIdBySystemUserId(Long userId){
+        return Long.valueOf(redisTemplate.opsForValue().get("CpUserId::" + userId).toString());
+    }
 }

zsw-farm/zsw-farm-impl/src/main/java/cn/iocoder/yudao/module/farm/config/FarmPermissionRuleCustomizer.java

@@ -1,25 +0,0 @@
-package cn.iocoder.yudao.module.farm.config;
-
-import cn.iocoder.yudao.framework.datapermission.core.dept.rule.DeptDataPermissionRuleCustomizer;
-import cn.iocoder.yudao.module.farm.dal.dataobject.project.ProjectDO;
-import cn.iocoder.yudao.module.farm.dal.dataobject.task.TaskDO;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-public class FarmPermissionRuleCustomizer {
-
-    @Bean
-    public DeptDataPermissionRuleCustomizer farmCustomizer(){
-        return rule -> {
-            rule.addDeptColumn(ProjectDO.class);
-            // user隔离不起作用
-            rule.addUserColumn(ProjectDO.class,"creator");
-
-            rule.addDeptColumn(TaskDO.class);
-            rule.addUserColumn(TaskDO.class,"creator");
-        };
-    }
-
-
-}

zsw-farm/zsw-farm-impl/src/main/java/cn/iocoder/yudao/module/farm/dal/mysql/area/AreaMapper.java

@@ -1,13 +1,14 @@
 package cn.iocoder.yudao.module.farm.dal.mysql.area;
 
-import java.util.*;
-
 import cn.iocoder.yudao.framework.common.pojo.PageResult;
-import cn.iocoder.yudao.framework.mybatis.core.query.LambdaQueryWrapperX;
 import cn.iocoder.yudao.framework.mybatis.core.mapper.BaseMapperX;
+import cn.iocoder.yudao.framework.mybatis.core.query.LambdaQueryWrapperX;
+import cn.iocoder.yudao.module.farm.controller.admin.area.vo.AreaExportReqVO;
+import cn.iocoder.yudao.module.farm.controller.admin.area.vo.AreaPageReqVO;
 import cn.iocoder.yudao.module.farm.dal.dataobject.area.AreaDO;
 import org.apache.ibatis.annotations.Mapper;
-import cn.iocoder.yudao.module.farm.controller.admin.area.vo.*;
+
+import java.util.List;
 
 /**
  *  Mapper
@@ -22,7 +23,7 @@ public interface AreaMapper extends BaseMapperX<AreaDO> {
                 .likeIfPresent(AreaDO::getName, reqVO.getName())
                 .eqIfPresent(AreaDO::getParentId, reqVO.getParentId())
                 .betweenIfPresent(AreaDO::getCreateTime, reqVO.getBeginCreateTime(), reqVO.getEndCreateTime())
-                .eqIfPresent(AreaDO::getPretendDelete, reqVO.getPretendDelete())
+//                .eqIfPresent(AreaDO::getPretendDelete, reqVO.getPretendDelete())
                 .orderByDesc(AreaDO::getId));
     }