修改权限逻辑

2025-08-28 04:20:40 +08:00
parent 3ea6050dc3
commit e6f37662b0
43 changed files with 692 additions and 148 deletions
--- a/xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginUser.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginUser.java
@ -4,11 +4,12 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 import org.dromara.common.core.domain.dto.PostDTO;
 import org.dromara.common.core.domain.dto.RoleDTO;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;

 import java.io.Serial;
 import java.io.Serializable;
 import java.util.List;
-import java.util.Set;

 /**
 * 登录用户身份权限
@ -37,6 +38,11 @@ public class LoginUser implements Serializable {
     */
    private Long deptId;

+    /**
+     * 项目ID
+     */
+    private Long projectId;
+
    /**
     * 部门类别编码
     */
@ -90,12 +96,12 @@ public class LoginUser implements Serializable {
    /**
     * 菜单权限
     */
-    private Set<String> menuPermission;
+    private List<SysProjectRoleMenuVo> menuPermission;

    /**
     * 角色权限
     */
-    private Set<String> rolePermission;
+    private List<SysProjectRolePermissionVo> rolePermission;

    /**
     * 用户名
--- a/xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/vo/SysProjectRoleMenuVo.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/vo/SysProjectRoleMenuVo.java
@ -0,0 +1,28 @@
+package org.dromara.common.core.domain.vo;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Set;
+
+/**
+ * @author lilemy
+ * @date 2025-08-27 18:14
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class SysProjectRoleMenuVo {
+
+    /**
+     * 项目id
+     */
+    private Long projectId;
+
+    /**
+     * 项目菜单权限
+     */
+    private Set<String> projectPermissions;
+
+}
--- a/xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/vo/SysProjectRolePermissionVo.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/vo/SysProjectRolePermissionVo.java
@ -0,0 +1,28 @@
+package org.dromara.common.core.domain.vo;
+
+import lombok.Data;
+
+import java.io.Serial;
+import java.io.Serializable;
+import java.util.Set;
+
+/**
+ * @author lilemy
+ * @date 2025-08-27 17:53
+ */
+@Data
+public class SysProjectRolePermissionVo implements Serializable {
+
+    @Serial
+    private static final long serialVersionUID = -6552769878716622338L;
+
+    /**
+     * 项目id
+     */
+    private Long projectId;
+
+    /**
+     * 项目菜单权限
+     */
+    private Set<String> projectRoles;
+}
--- a/xinnengyuan/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/core/service/SaPermissionImpl.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/core/service/SaPermissionImpl.java
@ -1,13 +1,18 @@
 package org.dromara.common.satoken.core.service;

 import cn.dev33.satoken.stp.StpInterface;
+import cn.hutool.core.collection.CollUtil;
 import org.dromara.common.core.domain.model.LoginUser;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
 import org.dromara.common.core.enums.UserType;
 import org.dromara.common.satoken.utils.LoginHelper;

 import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;

 /**
 * sa-token 权限管理实现类
@ -24,7 +29,28 @@ public class SaPermissionImpl implements StpInterface {
        LoginUser loginUser = LoginHelper.getLoginUser();
        UserType userType = UserType.getUserType(loginUser.getUserType());
        if (userType == UserType.SYS_USER) {
-            return new ArrayList<>(loginUser.getMenuPermission());
+            Long projectId = loginUser.getProjectId();
+            List<SysProjectRoleMenuVo> menuPermission = loginUser.getMenuPermission();
+            if (CollUtil.isNotEmpty(menuPermission)) {
+                if (projectId != null) {
+                    Map<Long, List<SysProjectRoleMenuVo>> map = menuPermission.stream()
+                        .collect(Collectors.groupingBy(SysProjectRoleMenuVo::getProjectId));
+                    if (map.containsKey(projectId)) {
+                        return map.get(projectId).stream()
+                            .map(SysProjectRoleMenuVo::getProjectPermissions)
+                            .flatMap(Set::stream)
+                            .filter(s -> !s.isEmpty())
+                            .distinct()
+                            .toList();
+                    }
+                } else {
+                    List<Set<String>> list = menuPermission.stream().map(SysProjectRoleMenuVo::getProjectPermissions).toList();
+                    return list.stream().flatMap(Set::stream).filter(s -> !s.isEmpty()).distinct().toList();
+                }
+            } else {
+                return new ArrayList<>();
+            }
+
        } else if (userType == UserType.APP_USER) {
            // 其他端 自行根据业务编写
        }
@ -40,7 +66,27 @@ public class SaPermissionImpl implements StpInterface {
        LoginUser loginUser = LoginHelper.getLoginUser();
        UserType userType = UserType.getUserType(loginUser.getUserType());
        if (userType == UserType.SYS_USER) {
-            return new ArrayList<>(loginUser.getRolePermission());
+            Long projectId = loginUser.getProjectId();
+            List<SysProjectRolePermissionVo> rolePermission = loginUser.getRolePermission();
+            if (CollUtil.isNotEmpty(rolePermission)) {
+                if (projectId != null) {
+                    Map<Long, List<SysProjectRolePermissionVo>> map = rolePermission.stream()
+                        .collect(Collectors.groupingBy(SysProjectRolePermissionVo::getProjectId));
+                    if (map.containsKey(projectId)) {
+                        return map.get(projectId).stream()
+                            .map(SysProjectRolePermissionVo::getProjectRoles)
+                            .flatMap(Set::stream)
+                            .filter(s -> !s.isEmpty())
+                            .distinct()
+                            .toList();
+                    }
+                } else {
+                    List<Set<String>> list = rolePermission.stream().map(SysProjectRolePermissionVo::getProjectRoles).toList();
+                    return list.stream().flatMap(Set::stream).filter(s -> !s.isEmpty()).distinct().toList();
+                }
+            } else {
+                return new ArrayList<>();
+            }
        } else if (userType == UserType.APP_USER) {
            // 其他端 自行根据业务编写
        }
--- a/xinnengyuan/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java
@ -39,6 +39,7 @@ public class LoginHelper {
    public static final String DEPT_NAME_KEY = "deptName";
    public static final String DEPT_CATEGORY_KEY = "deptCategory";
    public static final String CLIENT_KEY = "clientid";
+    public static final String PROJECT_KEY = "projectId";

    /**
     * 登录系统 基于 设备类型
@ -131,6 +132,10 @@ public class LoginHelper {
        return Convert.toStr(getExtra(DEPT_CATEGORY_KEY));
    }

+    public static Long getProjectId() {
+        return Convert.toLong(getExtra(PROJECT_KEY));
+    }
+
    /**
     * 获取当前 Token 的扩展信息
     *
@ -191,7 +196,7 @@ public class LoginHelper {
     * @return 结果
     */
    public static boolean isTenantAdmin() {
-        return Convert.toBool(isTenantAdmin(getLoginUser().getRolePermission()));
+        return true;
    }

    /**