修改权限逻辑

xinnengyuan/ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java

@@ -154,6 +154,12 @@ public class SysLoginService {
         loginUser.setTenantId(user.getTenantId());
         loginUser.setUserId(userId);
         loginUser.setDeptId(user.getDeptId());
+        List<Long> projectIds = user.getProjectIds();
+        Long projectId = null;
+        if (CollUtil.isNotEmpty(projectIds)) {
+            projectId = projectIds.getFirst();
+        }
+        loginUser.setProjectId(projectId);
         loginUser.setUsername(user.getUserName());
         loginUser.setNickname(user.getNickName());
         loginUser.setUserType(user.getUserType());

xinnengyuan/ruoyi-admin/src/main/java/org/dromara/web/service/impl/PasswordAuthStrategy.java

@@ -3,6 +3,7 @@ package org.dromara.web.service.impl;
 import cn.dev33.satoken.secure.BCrypt;
 import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjectUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import lombok.RequiredArgsConstructor;
@@ -24,6 +25,8 @@ import org.dromara.common.redis.utils.RedisUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.dromara.common.tenant.helper.TenantHelper;
 import org.dromara.common.web.config.properties.CaptchaProperties;
+import org.dromara.project.domain.BusUserProjectRelevancy;
+import org.dromara.project.service.IBusUserProjectRelevancyService;
 import org.dromara.system.domain.SysUser;
 import org.dromara.system.domain.vo.SysClientVo;
 import org.dromara.system.domain.vo.SysUserVo;
@@ -33,6 +36,8 @@ import org.dromara.web.service.IAuthStrategy;
 import org.dromara.web.service.SysLoginService;
 import org.springframework.stereotype.Service;
 
+import java.util.List;
+
 /**
  * 密码认证策略
  *
@@ -46,6 +51,7 @@ public class PasswordAuthStrategy implements IAuthStrategy {
     private final CaptchaProperties captchaProperties;
     private final SysLoginService loginService;
     private final SysUserMapper userMapper;
+    private final IBusUserProjectRelevancyService userProjectRelevancyService;
 
     @Override
     public LoginVo login(String body, SysClientVo client) {
@@ -117,6 +123,14 @@ public class PasswordAuthStrategy implements IAuthStrategy {
             log.info("登录用户：{} 已被停用.", username);
             throw new UserException("user.blocked", username);
         }
+        if (!SystemConstants.SUPER_ADMIN_ID.equals(user.getUserId())) {
+            List<BusUserProjectRelevancy> list = userProjectRelevancyService.lambdaQuery()
+                .eq(BusUserProjectRelevancy::getUserId, user.getUserId())
+                .list();
+            if (CollUtil.isNotEmpty(list)) {
+                user.setProjectIds(list.stream().map(BusUserProjectRelevancy::getProjectId).toList());
+            }
+        }
         return user;
     }
 

xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginUser.java

@@ -4,11 +4,12 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 import org.dromara.common.core.domain.dto.PostDTO;
 import org.dromara.common.core.domain.dto.RoleDTO;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
 
 import java.io.Serial;
 import java.io.Serializable;
 import java.util.List;
-import java.util.Set;
 
 /**
  * 登录用户身份权限
@@ -37,6 +38,11 @@ public class LoginUser implements Serializable {
      */
     private Long deptId;
 
+    /**
+     * 项目ID
+     */
+    private Long projectId;
+
     /**
      * 部门类别编码
      */
@@ -90,12 +96,12 @@ public class LoginUser implements Serializable {
     /**
      * 菜单权限
      */
-    private Set<String> menuPermission;
+    private List<SysProjectRoleMenuVo> menuPermission;
 
     /**
      * 角色权限
      */
-    private Set<String> rolePermission;
+    private List<SysProjectRolePermissionVo> rolePermission;
 
     /**
      * 用户名

xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/vo/SysProjectRoleMenuVo.java

@@ -0,0 +1,28 @@
+package org.dromara.common.core.domain.vo;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Set;
+
+/**
+ * @author lilemy
+ * @date 2025-08-27 18:14
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class SysProjectRoleMenuVo {
+
+    /**
+     * 项目id
+     */
+    private Long projectId;
+
+    /**
+     * 项目菜单权限
+     */
+    private Set<String> projectPermissions;
+
+}

xinnengyuan/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/vo/SysProjectRolePermissionVo.java

@@ -0,0 +1,28 @@
+package org.dromara.common.core.domain.vo;
+
+import lombok.Data;
+
+import java.io.Serial;
+import java.io.Serializable;
+import java.util.Set;
+
+/**
+ * @author lilemy
+ * @date 2025-08-27 17:53
+ */
+@Data
+public class SysProjectRolePermissionVo implements Serializable {
+
+    @Serial
+    private static final long serialVersionUID = -6552769878716622338L;
+
+    /**
+     * 项目id
+     */
+    private Long projectId;
+
+    /**
+     * 项目菜单权限
+     */
+    private Set<String> projectRoles;
+}

xinnengyuan/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/core/service/SaPermissionImpl.java

@@ -1,13 +1,18 @@
 package org.dromara.common.satoken.core.service;
 
 import cn.dev33.satoken.stp.StpInterface;
+import cn.hutool.core.collection.CollUtil;
 import org.dromara.common.core.domain.model.LoginUser;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
 import org.dromara.common.core.enums.UserType;
 import org.dromara.common.satoken.utils.LoginHelper;
 
 import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
 
 /**
  * sa-token 权限管理实现类
@@ -24,7 +29,28 @@ public class SaPermissionImpl implements StpInterface {
         LoginUser loginUser = LoginHelper.getLoginUser();
         UserType userType = UserType.getUserType(loginUser.getUserType());
         if (userType == UserType.SYS_USER) {
-            return new ArrayList<>(loginUser.getMenuPermission());
+            Long projectId = loginUser.getProjectId();
+            List<SysProjectRoleMenuVo> menuPermission = loginUser.getMenuPermission();
+            if (CollUtil.isNotEmpty(menuPermission)) {
+                if (projectId != null) {
+                    Map<Long, List<SysProjectRoleMenuVo>> map = menuPermission.stream()
+                        .collect(Collectors.groupingBy(SysProjectRoleMenuVo::getProjectId));
+                    if (map.containsKey(projectId)) {
+                        return map.get(projectId).stream()
+                            .map(SysProjectRoleMenuVo::getProjectPermissions)
+                            .flatMap(Set::stream)
+                            .filter(s -> !s.isEmpty())
+                            .distinct()
+                            .toList();
+                    }
+                } else {
+                    List<Set<String>> list = menuPermission.stream().map(SysProjectRoleMenuVo::getProjectPermissions).toList();
+                    return list.stream().flatMap(Set::stream).filter(s -> !s.isEmpty()).distinct().toList();
+                }
+            } else {
+                return new ArrayList<>();
+            }
+
         } else if (userType == UserType.APP_USER) {
             // 其他端 自行根据业务编写
         }
@@ -40,7 +66,27 @@ public class SaPermissionImpl implements StpInterface {
         LoginUser loginUser = LoginHelper.getLoginUser();
         UserType userType = UserType.getUserType(loginUser.getUserType());
         if (userType == UserType.SYS_USER) {
-            return new ArrayList<>(loginUser.getRolePermission());
+            Long projectId = loginUser.getProjectId();
+            List<SysProjectRolePermissionVo> rolePermission = loginUser.getRolePermission();
+            if (CollUtil.isNotEmpty(rolePermission)) {
+                if (projectId != null) {
+                    Map<Long, List<SysProjectRolePermissionVo>> map = rolePermission.stream()
+                        .collect(Collectors.groupingBy(SysProjectRolePermissionVo::getProjectId));
+                    if (map.containsKey(projectId)) {
+                        return map.get(projectId).stream()
+                            .map(SysProjectRolePermissionVo::getProjectRoles)
+                            .flatMap(Set::stream)
+                            .filter(s -> !s.isEmpty())
+                            .distinct()
+                            .toList();
+                    }
+                } else {
+                    List<Set<String>> list = rolePermission.stream().map(SysProjectRolePermissionVo::getProjectRoles).toList();
+                    return list.stream().flatMap(Set::stream).filter(s -> !s.isEmpty()).distinct().toList();
+                }
+            } else {
+                return new ArrayList<>();
+            }
         } else if (userType == UserType.APP_USER) {
             // 其他端 自行根据业务编写
         }

xinnengyuan/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java

@@ -39,6 +39,7 @@ public class LoginHelper {
     public static final String DEPT_NAME_KEY = "deptName";
     public static final String DEPT_CATEGORY_KEY = "deptCategory";
     public static final String CLIENT_KEY = "clientid";
+    public static final String PROJECT_KEY = "projectId";
 
     /**
      * 登录系统 基于 设备类型
@@ -131,6 +132,10 @@ public class LoginHelper {
         return Convert.toStr(getExtra(DEPT_CATEGORY_KEY));
     }
 
+    public static Long getProjectId() {
+        return Convert.toLong(getExtra(PROJECT_KEY));
+    }
+
     /**
      * 获取当前 Token 的扩展信息
      *
@@ -191,7 +196,7 @@ public class LoginHelper {
      * @return 结果
      */
     public static boolean isTenantAdmin() {
-        return Convert.toBool(isTenantAdmin(getLoginUser().getRolePermission()));
+        return true;
     }
 
     /**

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/progress/domain/PgsProgressCategory.java

@@ -124,6 +124,11 @@ public class PgsProgressCategory extends BaseEntity {
      */
     private String workType;
 
+    /**
+     * 排序
+     */
+    private Long sort;
+
     /**
      * 备注
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/progress/domain/PgsProgressCategoryTemplate.java

@@ -72,6 +72,11 @@ public class PgsProgressCategoryTemplate implements Serializable {
      */
     private String remark;
 
+    /**
+     * 排序
+     */
+    private Long sort;
+
     /**
      * 创建时间
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/progress/domain/vo/progresscategory/PgsProgressCategoryTopVo.java

@@ -31,6 +31,11 @@ public class PgsProgressCategoryTopVo implements Serializable {
      */
     private String name;
 
+    /**
+     * 排序
+     */
+    private Long sort;
+
     /**
      * 关联方阵结构列表
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/progress/domain/vo/progresscategory/PgsProgressCategoryVo.java

@@ -34,19 +34,17 @@ public class PgsProgressCategoryVo implements Serializable {
     /**
      * 主键id
      */
-    @ExcelProperty(value = "主键id")
+    @ExcelProperty(value = "主键（请勿修改）")
     private Long id;
 
     /**
      * 父类别id
      */
-    @ExcelProperty(value = "父类别id")
     private Long parentId;
 
     /**
      * 项目id
      */
-    @ExcelProperty(value = "项目id")
     private Long projectId;
 
     /**
@@ -57,7 +55,6 @@ public class PgsProgressCategoryVo implements Serializable {
     /**
      * 祖级列表
      */
-    @ExcelProperty(value = "祖级列表")
     private String ancestors;
 
     /**
@@ -145,8 +142,6 @@ public class PgsProgressCategoryVo implements Serializable {
     /**
      * 关联结构(1子项目 2方阵)
      */
-    @ExcelProperty(value = "关联结构", converter = ExcelDictConvert.class)
-    @ExcelDictFormat(readConverterExp = "1=子项目,2=方阵")
     private String relevancyStructure;
 
     /**
@@ -154,6 +149,11 @@ public class PgsProgressCategoryVo implements Serializable {
      */
     private String workType;
 
+    /**
+     * 排序
+     */
+    private Long sort;
+
     /**
      * 备注
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/progress/domain/vo/progresscategorytemplate/PgsProgressCategoryTemplateVo.java

@@ -61,6 +61,11 @@ public class PgsProgressCategoryTemplateVo implements Serializable {
      */
     private String constructionType;
 
+    /**
+     * 排序
+     */
+    private Long sort;
+
     /**
      * 备注
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/progress/service/impl/PgsProgressCategoryServiceImpl.java

@@ -227,6 +227,7 @@ public class PgsProgressCategoryServiceImpl extends ServiceImpl<PgsProgressCateg
                 topVo.setName(entry.getKey());
                 topVo.setRelevancyStructure(PgsRelevancyStructureEnum.MATRIX.getValue());
                 List<PgsProgressCategory> value = entry.getValue();
+                topVo.setSort(value.getFirst().getSort());
                 List<PgsProgressCategoryMatrixStructureTopVo> matrixVoList = value.stream().map(category -> {
                     PgsProgressCategoryMatrixStructureTopVo vo = new PgsProgressCategoryMatrixStructureTopVo();
                     BeanUtils.copyProperties(category, vo);
@@ -236,6 +237,7 @@ public class PgsProgressCategoryServiceImpl extends ServiceImpl<PgsProgressCateg
                 topList.add(topVo);
             }
         }
+        topList.sort(Comparator.comparing(PgsProgressCategoryTopVo::getSort));
         return topList;
     }
 
@@ -685,6 +687,7 @@ public class PgsProgressCategoryServiceImpl extends ServiceImpl<PgsProgressCateg
                 newCategory.setMatrixId(matrix.getId());
                 newCategory.setMatrixName(matrix.getMatrixName());
                 newCategory.setRelevancyStructure(PgsRelevancyStructureEnum.MATRIX.getValue());
+                newCategory.setSort(matrixTemplate.getSort());
                 newCategory.setRemark(matrixTemplate.getRemark());
                 // 先临时设置旧 pid
                 newCategory.setParentId(matrixTemplate.getParentId());
@@ -781,6 +784,7 @@ public class PgsProgressCategoryServiceImpl extends ServiceImpl<PgsProgressCateg
             newCategory.setProjectId(projectId);
             newCategory.setMatrixId(0L);
             newCategory.setRelevancyStructure(PgsRelevancyStructureEnum.SUB_PROJECT.getValue());
+            newCategory.setSort(subProjectTemplate.getSort());
             newCategory.setRemark(subProjectTemplate.getRemark());
             // 先临时设置旧 pid
             newCategory.setParentId(subProjectTemplate.getParentId());

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/progress/service/impl/PgsProgressCategoryTemplateServiceImpl.java

@@ -281,6 +281,7 @@ public class PgsProgressCategoryTemplateServiceImpl extends ServiceImpl<PgsProgr
             newTemp.setProjectId(projectId);
             newTemp.setConstructionType(temp.getConstructionType());
             newTemp.setRelevancyStructure(temp.getRelevancyStructure());
+            newTemp.setSort(temp.getSort());
             newTemp.setRemark(temp.getRemark());
             // 先临时设置旧 pid
             newTemp.setParentId(temp.getParentId());

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/project/controller/BusProjectController.java

@@ -39,6 +39,17 @@ public class BusProjectController extends BaseController {
     @Resource
     private IBusProjectService projectService;
 
+    /**
+     * 切换项目
+     *
+     * @param id 项目id
+     */
+    @GetMapping("/changeProject/{id}")
+    public R<Void> changeUserProject(@NotNull(message = "项目id不能为空")
+                                     @PathVariable Long id) {
+        return toAjax(projectService.changeUserProject(id));
+    }
+
     /**
      * 查询项目列表
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/project/service/IBusProjectService.java

@@ -195,4 +195,12 @@ public interface IBusProjectService extends IService<BusProject> {
      * @return 项目结构信息
      */
     BusProjectStructureVo getStructure(Long projectId);
+
+    /**
+     * 改变项目所属用户
+     *
+     * @param id 项目id
+     * @return 是否成功
+     */
+    Boolean changeUserProject(Long id);
 }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/project/service/impl/BusProjectServiceImpl.java

@@ -1,5 +1,6 @@
 package org.dromara.project.service.impl;
 
+import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.date.DateTime;
@@ -19,6 +20,7 @@ import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
 import org.dromara.common.core.constant.HttpStatus;
 import org.dromara.common.core.constant.SystemConstants;
+import org.dromara.common.core.domain.model.LoginUser;
 import org.dromara.common.core.domain.vo.IdAndNameVO;
 import org.dromara.common.core.exception.ServiceException;
 import org.dromara.common.core.utils.DateUtils;
@@ -74,6 +76,8 @@ import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
+import static org.dromara.common.satoken.utils.LoginHelper.LOGIN_USER_KEY;
+
 /**
  * 项目Service业务层处理
  *
@@ -1007,6 +1011,24 @@ public class BusProjectServiceImpl extends ServiceImpl<BusProjectMapper, BusProj
         return vo;
     }
 
+    /**
+     * 改变项目所属用户
+     *
+     * @param id 项目id
+     * @return 是否成功
+     */
+    @Override
+    public Boolean changeUserProject(Long id) {
+        // 将用户选择项目设置到缓存中
+        LoginUser loginUser = LoginHelper.getLoginUser();
+        if (loginUser != null) {
+            loginUser.setProjectId(id);
+            StpUtil.getTokenSession().set(LOGIN_USER_KEY, loginUser);
+            return true;
+        }
+        return false;
+    }
+
     /**
      * 构造分项工程树
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysDeptController.java

@@ -1,15 +1,21 @@
 package org.dromara.system.controller.system;
 
 import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.convert.Convert;
 import cn.hutool.core.lang.tree.Tree;
+import jakarta.validation.constraints.NotNull;
 import lombok.RequiredArgsConstructor;
+import org.dromara.common.core.constant.HttpStatus;
 import org.dromara.common.core.constant.SystemConstants;
 import org.dromara.common.core.domain.R;
 import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.log.annotation.Log;
 import org.dromara.common.log.enums.BusinessType;
 import org.dromara.common.web.core.BaseController;
+import org.dromara.project.domain.BusProject;
+import org.dromara.project.domain.vo.project.BusProjectVo;
+import org.dromara.project.service.IBusProjectService;
 import org.dromara.system.domain.bo.SysDeptBo;
 import org.dromara.system.domain.vo.SysDeptVo;
 import org.dromara.system.service.ISysDeptService;
@@ -32,6 +38,7 @@ public class SysDeptController extends BaseController {
 
     private final ISysDeptService deptService;
     private final ISysPostService postService;
+    private final IBusProjectService projectService;
 
     /**
      * 获取部门列表
@@ -79,6 +86,31 @@ public class SysDeptController extends BaseController {
         return R.ok(deptService.selectDeptById(deptId));
     }
 
+    /**
+     * 根据部门ID查询所属项目ID列表
+     */
+    @SaCheckPermission("system:dept:projectIdList")
+    @GetMapping("/projectIdList/{deptId}")
+    public R<List<BusProjectVo>> listProjectIdByDeptId(@NotNull(message = "部门主键不能为空")
+                                                       @PathVariable Long deptId) {
+        SysDeptVo deptVo = deptService.selectDeptById(deptId);
+        if (deptVo == null) {
+            return R.fail(HttpStatus.NOT_FOUND, "部门不存在");
+        }
+        List<Long> projectIds = deptService.selectProjectIdById(deptId, deptVo.getDeptType());
+        if (CollUtil.isEmpty(projectIds)) {
+            return R.ok(List.of());
+        }
+        List<BusProject> projectList = projectService.listByIds(projectIds);
+        return R.ok(projectList.stream().map(project -> {
+            BusProjectVo vo = new BusProjectVo();
+            vo.setId(project.getId());
+            vo.setProjectName(project.getProjectName());
+            vo.setShortName(project.getShortName());
+            return vo;
+        }).toList());
+    }
+
 //    /**
 //     * 根据部门编号获取详细信息
 //     *

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysMenuController.java

@@ -4,6 +4,7 @@ import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.annotation.SaCheckRole;
 import cn.dev33.satoken.annotation.SaMode;
 import cn.hutool.core.lang.tree.Tree;
+import jakarta.validation.constraints.NotNull;
 import lombok.RequiredArgsConstructor;
 import org.dromara.common.core.constant.SystemConstants;
 import org.dromara.common.core.constant.TenantConstants;
@@ -42,9 +43,21 @@ public class SysMenuController extends BaseController {
      *
      * @return 路由信息
      */
-    @GetMapping("/getRouters")
+    @GetMapping("/getRouters/{projectId}")
-    public R<List<RouterVo>> getRouters() {
+    public R<List<RouterVo>> getRouters(@NotNull(message = "项目主键不能为空")
-        List<SysMenu> menus = menuService.selectMenuTreeByUserId(LoginHelper.getUserId());
+                                        @PathVariable Long projectId) {
+        List<SysMenu> menus = menuService.selectMenuTreeByUserId(LoginHelper.getUserId(), projectId);
+        return R.ok(menuService.buildMenus(menus));
+    }
+
+    /**
+     * 获取全部项目路由信息
+     *
+     * @return 路由信息
+     */
+    @GetMapping("/getAllRouters")
+    public R<List<RouterVo>> getAllRouters() {
+        List<SysMenu> menus = menuService.selectMenuTreeByUserId(LoginHelper.getUserId(), null);
         return R.ok(menuService.buildMenus(menus));
     }
 

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysUserController.java

@@ -28,6 +28,7 @@ import org.dromara.system.domain.bo.SysDeptBo;
 import org.dromara.system.domain.bo.SysPostBo;
 import org.dromara.system.domain.bo.SysRoleBo;
 import org.dromara.system.domain.bo.SysUserBo;
+import org.dromara.system.domain.dto.role.SysRoleProjectDto;
 import org.dromara.system.domain.enums.SysDeptTypeEnum;
 import org.dromara.system.domain.vo.*;
 import org.dromara.system.listener.SysUserImportListener;
@@ -161,6 +162,7 @@ public class SysUserController extends BaseController {
                 userInfoVo.setRoles(roleVoList);
                 userInfoVo.setRoleIds(roleVoList.stream().map(SysRoleVo::getRoleId).toList());
             }
+            userInfoVo.setProjectRoles(roleService.selectRoleProjectList(userId));
         }
         /*SysRoleBo roleBo = new SysRoleBo();
         roleBo.setStatus(SystemConstants.NORMAL);
@@ -177,7 +179,13 @@ public class SysUserController extends BaseController {
     @PostMapping
     public R<Void> add(@Validated @RequestBody SysUserBo user) {
         deptService.checkDeptDataScope(user.getDeptId());
-        deptService.checkDeptMatchRole(user.getUserId(), List.of(user.getRoleIds()));
+        // 去重后的所有 roleId
+        List<Long> roleList = user.getProjectRoles().stream()
+            .filter(dto -> dto.getRoleIds() != null)
+            .flatMap(dto -> dto.getRoleIds().stream())
+            .distinct()
+            .toList();
+        deptService.checkDeptMatchRole(user.getUserId(), roleList);
         if (!userService.checkUserNameUnique(user)) {
             return R.fail("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
         } else if (StringUtils.isEmpty(user.getPhonenumber())) {
@@ -206,7 +214,13 @@ public class SysUserController extends BaseController {
         userService.checkUserAllowed(user.getUserId());
         userService.checkUserDataScope(user.getUserId());
         deptService.checkDeptDataScope(user.getDeptId());
-        deptService.checkDeptMatchRole(user.getUserId(), List.of(user.getRoleIds()));
+        // 去重后的所有 roleId
+        List<Long> roleList = user.getProjectRoles().stream()
+            .filter(dto -> dto.getRoleIds() != null)
+            .flatMap(dto -> dto.getRoleIds().stream())
+            .distinct()
+            .toList();
+        deptService.checkDeptMatchRole(user.getUserId(), roleList);
         if (!userService.checkUserNameUnique(user)) {
             return R.fail("修改用户'" + user.getUserName() + "'失败，登录账号已存在");
         } else if (StringUtils.isEmpty(user.getPhonenumber())) {
@@ -294,14 +308,14 @@ public class SysUserController extends BaseController {
      * 用户授权角色
      *
      * @param userId       用户Id
-     * @param roleIds 角色ID串
+     * @param projectRoles 项目、角色关联列表
      */
     @SaCheckPermission("system:user:edit")
     @Log(title = "用户管理", businessType = BusinessType.GRANT)
     @PutMapping("/authRole")
-    public R<Void> insertAuthRole(Long userId, Long[] roleIds) {
+    public R<Void> insertAuthRole(Long userId, List<SysRoleProjectDto> projectRoles) {
         userService.checkUserDataScope(userId);
-        userService.insertUserAuth(userId, roleIds);
+        userService.insertUserAuth(userId, projectRoles);
         return R.ok();
     }
 

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/SysUserRole.java

@@ -26,4 +26,9 @@ public class SysUserRole {
      */
     private Long roleId;
 
+    /**
+     * 项目ID
+     */
+    private Long projectId;
+
 }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysUserBo.java

@@ -11,6 +11,9 @@ import org.dromara.common.core.constant.SystemConstants;
 import org.dromara.common.core.xss.Xss;
 import org.dromara.common.mybatis.core.domain.BaseEntity;
 import org.dromara.system.domain.SysUser;
+import org.dromara.system.domain.dto.role.SysRoleProjectDto;
+
+import java.util.List;
 
 /**
  * 用户信息业务对象 sys_user
@@ -98,6 +101,11 @@ public class SysUserBo extends BaseEntity {
      */
     private Long[] postIds;
 
+    /**
+     * 项目角色关联
+     */
+    private List<SysRoleProjectDto> projectRoles;
+
     /**
      * 数据权限 当前角色ID
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/dto/role/SysRoleProjectDto.java

@@ -0,0 +1,37 @@
+package org.dromara.system.domain.dto.role;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+/**
+ * @author lilemy
+ * @date 2025-08-27 15:22
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class SysRoleProjectDto {
+
+    /**
+     * 项目id
+     */
+    private Long projectId;
+
+    /**
+     * 项目名称
+     */
+    private String projectName;
+
+    /**
+     * 项目简称
+     */
+    private String shortName;
+
+    /**
+     * 角色id列表
+     */
+    private List<Long> roleIds;
+}

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/ProjectPermsItem.java

@@ -0,0 +1,13 @@
+package org.dromara.system.domain.vo;
+
+import lombok.Data;
+
+/**
+ * @author lilemy
+ * @date 2025-08-27 18:26
+ */
+@Data
+public class ProjectPermsItem {
+    private Long projectId;
+    private String perms;
+}

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/ProjectRolesItem.java

@@ -0,0 +1,20 @@
+package org.dromara.system.domain.vo;
+
+import lombok.Data;
+
+/**
+ * @author lilemy
+ * @date 2025-08-27 19:05
+ */
+@Data
+public class ProjectRolesItem {
+    private Long projectId;
+    private Long roleId;
+    private String roleName;
+    private String roleKey;
+    private Long deptId;
+    private Integer roleSort;
+    private String dataScope;
+    private String status;
+    private String isSpecial;
+}

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysRoleVo.java

@@ -38,6 +38,11 @@ public class SysRoleVo implements Serializable {
     @ExcelProperty(value = "角色名称")
     private String roleName;
 
+    /**
+     * 项目ID
+     */
+    private Long projectId;
+
     /**
      * 角色权限字符串
      */

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysUserInfoVo.java

@@ -1,6 +1,7 @@
 package org.dromara.system.domain.vo;
 
 import lombok.Data;
+import org.dromara.system.domain.dto.role.SysRoleProjectDto;
 
 import java.util.List;
 
@@ -37,4 +38,9 @@ public class SysUserInfoVo {
      */
     private List<SysPostVo> posts;
 
+    /**
+     * 项目角色列表
+     */
+    private List<SysRoleProjectDto> projectRoles;
+
 }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysUserVo.java

@@ -144,4 +144,9 @@ public class SysUserVo implements Serializable {
      */
     private Long roleId;
 
+    /**
+     * 项目组
+     */
+    private List<Long> projectIds;
+
 }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/UserInfoVo.java

@@ -1,7 +1,10 @@
 package org.dromara.system.domain.vo;
 
 import lombok.Data;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
 
+import java.util.List;
 import java.util.Set;
 
 /**
@@ -20,12 +23,12 @@ public class UserInfoVo {
     /**
      * 菜单权限
      */
-    private Set<String> permissions;
+    private List<SysProjectRoleMenuVo> permissions;
 
     /**
      * 角色权限
      */
-    private Set<String> roles;
+    private List<SysProjectRolePermissionVo> roles;
 
     /**
      * 分包公司ID

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysMenuMapper.java

@@ -7,6 +7,7 @@ import org.apache.ibatis.annotations.Param;
 import org.dromara.common.core.constant.SystemConstants;
 import org.dromara.common.mybatis.core.mapper.BaseMapperPlus;
 import org.dromara.system.domain.SysMenu;
+import org.dromara.system.domain.vo.ProjectPermsItem;
 import org.dromara.system.domain.vo.SysMenuVo;
 
 import java.util.List;
@@ -32,7 +33,7 @@ public interface SysMenuMapper extends BaseMapperPlus<SysMenu, SysMenuVo> {
      * @param userId 用户ID
      * @return 权限列表
      */
-    List<String> selectMenuPermsByUserId(Long userId);
+    List<ProjectPermsItem> selectMenuPermsByUserId(Long userId);
 
     /**
      * 根据角色ID查询权限
@@ -62,7 +63,7 @@ public interface SysMenuMapper extends BaseMapperPlus<SysMenu, SysMenuVo> {
      * @param userId 用户ID
      * @return 菜单列表
      */
-    List<SysMenu> selectMenuTreeByUserId(Long userId);
+    List<SysMenu> selectMenuTreeByUserId(Long userId, Long projectId);
 
     /**
      * 根据角色ID查询菜单树信息

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysRoleMapper.java

@@ -8,6 +8,7 @@ import org.dromara.common.mybatis.annotation.DataColumn;
 import org.dromara.common.mybatis.annotation.DataPermission;
 import org.dromara.common.mybatis.core.mapper.BaseMapperPlus;
 import org.dromara.system.domain.SysRole;
+import org.dromara.system.domain.vo.ProjectRolesItem;
 import org.dromara.system.domain.vo.SysRoleVo;
 
 import java.util.List;
@@ -72,4 +73,12 @@ public interface SysRoleMapper extends BaseMapperPlus<SysRole, SysRoleVo> {
      */
     List<SysRoleVo> selectRolesByUserId(Long userId);
 
+    /**
+     * 根据用户ID查询角色
+     *
+     * @param userId 用户ID
+     * @return 角色列表
+     */
+    List<ProjectRolesItem> selectProjectRolesByUserId(Long userId);
+
 }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysMenuService.java

@@ -1,6 +1,7 @@
 package org.dromara.system.service;
 
 import cn.hutool.core.lang.tree.Tree;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
 import org.dromara.system.domain.SysMenu;
 import org.dromara.system.domain.bo.SysMenuBo;
 import org.dromara.system.domain.vo.RouterVo;
@@ -39,7 +40,7 @@ public interface ISysMenuService {
      * @param userId 用户ID
      * @return 权限列表
      */
-    Set<String> selectMenuPermsByUserId(Long userId);
+    List<SysProjectRoleMenuVo> selectMenuPermsByUserId(Long userId);
 
     /**
      * 根据角色ID查询权限
@@ -53,9 +54,10 @@ public interface ISysMenuService {
      * 根据用户ID查询菜单树信息
      *
      * @param userId    用户ID
+     * @param projectId 项目ID
      * @return 菜单列表
      */
-    List<SysMenu> selectMenuTreeByUserId(Long userId);
+    List<SysMenu> selectMenuTreeByUserId(Long userId, Long projectId);
 
     /**
      * 根据角色ID查询菜单树信息

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysPermissionService.java

@@ -1,6 +1,10 @@
 package org.dromara.system.service;
 
-import java.util.Set;
+
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
+
+import java.util.List;
 
 /**
  * 用户权限处理
@@ -15,7 +19,7 @@ public interface ISysPermissionService {
      * @param userId 用户id
      * @return 角色权限信息
      */
-    Set<String> getRolePermission(Long userId);
+    List<SysProjectRolePermissionVo> getRolePermission(Long userId);
 
     /**
      * 获取菜单数据权限
@@ -23,6 +27,6 @@ public interface ISysPermissionService {
      * @param userId 用户id
      * @return 菜单权限信息
      */
-    Set<String> getMenuPermission(Long userId);
+    List<SysProjectRoleMenuVo> getMenuPermission(Long userId);
 
 }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysRoleService.java

@@ -1,13 +1,14 @@
 package org.dromara.system.service;
 
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
 import org.dromara.common.mybatis.core.page.PageQuery;
 import org.dromara.common.mybatis.core.page.TableDataInfo;
 import org.dromara.system.domain.SysUserRole;
 import org.dromara.system.domain.bo.SysRoleBo;
+import org.dromara.system.domain.dto.role.SysRoleProjectDto;
 import org.dromara.system.domain.vo.SysRoleVo;
 
 import java.util.List;
-import java.util.Set;
 
 /**
  * 角色业务层
@@ -49,7 +50,7 @@ public interface ISysRoleService {
      * @param userId 用户ID
      * @return 权限列表
      */
-    Set<String> selectRolePermissionByUserId(Long userId);
+    List<SysProjectRolePermissionVo> selectRolePermissionByUserId(Long userId);
 
     /**
      * 查询所有角色
@@ -66,6 +67,14 @@ public interface ISysRoleService {
      */
     List<Long> selectRoleListByUserId(Long userId);
 
+    /**
+     * 获取角色选择框列表
+     *
+     * @param userId 用户ID
+     * @return 角色列表
+     */
+    List<SysRoleProjectDto> selectRoleProjectList(Long userId);
+
     /**
      * 通过角色ID查询角色
      *

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysUserService.java

@@ -4,6 +4,7 @@ import org.dromara.common.mybatis.core.page.PageQuery;
 import org.dromara.common.mybatis.core.page.TableDataInfo;
 import org.dromara.system.domain.SysUser;
 import org.dromara.system.domain.bo.SysUserBo;
+import org.dromara.system.domain.dto.role.SysRoleProjectDto;
 import org.dromara.system.domain.vo.SysUserExportVo;
 import org.dromara.system.domain.vo.SysUserVo;
 
@@ -166,9 +167,9 @@ public interface ISysUserService {
      * 用户授权角色
      *
      * @param userId       用户ID
-     * @param roleIds 角色组
+     * @param projectRoles 项目、角色关联组
      */
-    void insertUserAuth(Long userId, Long[] roleIds);
+    void insertUserAuth(Long userId, List<SysRoleProjectDto> projectRoles);
 
     /**
      * 修改用户状态
@@ -239,6 +240,7 @@ public interface ISysUserService {
 
     /**
      * 获取当前用户所在部门的所有用户
+     *
      * @return 结果
      */
     List<SysUser> findThis();

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysDeptServiceImpl.java

@@ -67,7 +67,6 @@ public class SysDeptServiceImpl implements ISysDeptService, DeptService {
     private final SysPostMapper postMapper;
     private final IBusProjectService projectService;
     private final ISubContractorService contractorService;
-    private final IBusUserProjectRelevancyService userProjectRelevancyService;
 
     /**
      * 查询部门管理数据
@@ -473,7 +472,7 @@ public class SysDeptServiceImpl implements ISysDeptService, DeptService {
         if (!SystemConstants.NORMAL.equals(info.getStatus())) {
             throw new ServiceException("部门停用，不允许新增");
         }
-        String pDeptType = info.getDeptType();
+/*        String pDeptType = info.getDeptType();
         String deptType = bo.getDeptType();
         if (SysDeptTypeEnum.SPECIAL.getCode().equals(pDeptType) || SysDeptTypeEnum.CONTRACT.getCode().equals(pDeptType)) {
             // 父部门为特殊部门或者项目部门，不允许新增子部门
@@ -481,13 +480,13 @@ public class SysDeptServiceImpl implements ISysDeptService, DeptService {
         } else if (SysDeptTypeEnum.PROJECT.getCode().equals(pDeptType) && !SysDeptTypeEnum.CONTRACT.getCode().equals(deptType)) {
             // 父部门为项目部门，只能新增分包部门
             throw new ServiceException("项目部门只能新增分包部门");
-        }
+        }*/
         SysDept dept = MapstructUtils.convert(bo, SysDept.class);
         if (dept == null) {
             throw new ServiceException("新增部门参数异常", HttpStatus.BAD_REQUEST);
         }
         dept.setAncestors(info.getAncestors() + StringUtils.SEPARATOR + dept.getParentId());
-        if (SysDeptTypeEnum.PROJECT.getCode().equals(deptType)) {
+        /*if (SysDeptTypeEnum.PROJECT.getCode().equals(deptType)) {
             // 项目部门
             Long projectId = bo.getProjectId();
             BusProject project = projectService.getById(projectId);
@@ -548,12 +547,12 @@ public class SysDeptServiceImpl implements ISysDeptService, DeptService {
             }
             dept.setProjectId(projectId);
             dept.setContractorId(contractorId);
-        }
+        }*/
         int insert = baseMapper.insert(dept);
         if (insert < 1) {
             throw new ServiceException("添加部门失败", HttpStatus.ERROR);
         }
-        if (SysDeptTypeEnum.CONTRACT.getCode().equals(deptType)) {
+/*        if (SysDeptTypeEnum.CONTRACT.getCode().equals(deptType)) {
             // 分包部门，自动创建下面的角色
             Long deptId = dept.getDeptId();
             List<SysContractorRoleEnum> roleNameList = List.of(SysContractorRoleEnum.values());
@@ -570,7 +569,7 @@ public class SysDeptServiceImpl implements ISysDeptService, DeptService {
             if (!b) {
                 throw new ServiceException("添加部门角色失败");
             }
-        }
+        }*/
         return insert;
     }
 
@@ -605,7 +604,7 @@ public class SysDeptServiceImpl implements ISysDeptService, DeptService {
         } else {
             dept.setAncestors(oldDept.getAncestors());
         }
-        String deptType = dept.getDeptType();
+        /*String deptType = dept.getDeptType();
         if (SysDeptTypeEnum.PROJECT.getCode().equals(deptType)) {
             // 判断是否需要更新用户与项目的关联
             Long oldProjectId = oldDept.getProjectId();
@@ -672,7 +671,7 @@ public class SysDeptServiceImpl implements ISysDeptService, DeptService {
                 }
                 dept.setContractorId(newContractorId);
             }
-        }
+        }*/
         int result = baseMapper.updateById(dept);
         if (SystemConstants.NORMAL.equals(dept.getStatus()) && StringUtils.isNotEmpty(dept.getAncestors())
             && !StringUtils.equals(SystemConstants.NORMAL, dept.getAncestors())) {

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysMenuServiceImpl.java

@@ -9,6 +9,7 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import lombok.RequiredArgsConstructor;
 import org.dromara.common.core.constant.SystemConstants;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
 import org.dromara.common.core.utils.MapstructUtils;
 import org.dromara.common.core.utils.StreamUtils;
 import org.dromara.common.core.utils.StringUtils;
@@ -20,16 +21,15 @@ import org.dromara.system.domain.SysRoleMenu;
 import org.dromara.system.domain.SysTenantPackage;
 import org.dromara.system.domain.bo.SysMenuBo;
 import org.dromara.system.domain.vo.MetaVo;
+import org.dromara.system.domain.vo.ProjectPermsItem;
 import org.dromara.system.domain.vo.RouterVo;
 import org.dromara.system.domain.vo.SysMenuVo;
-import org.dromara.system.mapper.SysMenuMapper;
+import org.dromara.system.mapper.*;
-import org.dromara.system.mapper.SysRoleMapper;
-import org.dromara.system.mapper.SysRoleMenuMapper;
-import org.dromara.system.mapper.SysTenantPackageMapper;
 import org.dromara.system.service.ISysMenuService;
 import org.springframework.stereotype.Service;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * 菜单 业务层处理
@@ -43,6 +43,7 @@ public class SysMenuServiceImpl implements ISysMenuService {
     private final SysMenuMapper baseMapper;
     private final SysRoleMapper roleMapper;
     private final SysRoleMenuMapper roleMenuMapper;
+    private final SysUserRoleMapper userRoleMapper;
     private final SysTenantPackageMapper tenantPackageMapper;
 
     /**
@@ -94,15 +95,23 @@ public class SysMenuServiceImpl implements ISysMenuService {
      * @return 权限列表
      */
     @Override
-    public Set<String> selectMenuPermsByUserId(Long userId) {
+    public List<SysProjectRoleMenuVo> selectMenuPermsByUserId(Long userId) {
-        List<String> perms = baseMapper.selectMenuPermsByUserId(userId);
+        List<ProjectPermsItem> items = baseMapper.selectMenuPermsByUserId(userId);
-        Set<String> permsSet = new HashSet<>();
+        return items.stream()
-        for (String perm : perms) {
+            .filter(item -> item.getPerms() != null && !item.getPerms().isBlank()) // 过滤掉空的 perms
-            if (StringUtils.isNotEmpty(perm)) {
+            .collect(Collectors.groupingBy(
-                permsSet.addAll(StringUtils.splitList(perm.trim()));
+                ProjectPermsItem::getProjectId,
-            }
+                Collectors.mapping(ProjectPermsItem::getPerms, Collectors.toList())
-        }
+            ))
-        return permsSet;
+            .entrySet().stream()
+            .map(e -> {
+                SysProjectRoleMenuVo vo = new SysProjectRoleMenuVo();
+                vo.setProjectId(e.getKey());
+                Set<String> set = new HashSet<>(e.getValue());
+                vo.setProjectPermissions(set);
+                return vo;
+            })
+            .toList();
     }
 
     /**
@@ -126,16 +135,17 @@ public class SysMenuServiceImpl implements ISysMenuService {
     /**
      * 根据用户ID查询菜单
      *
-     * @param userId 用户名称
+     * @param userId    用户ID
+     * @param projectId 项目ID
      * @return 菜单列表
      */
     @Override
-    public List<SysMenu> selectMenuTreeByUserId(Long userId) {
+    public List<SysMenu> selectMenuTreeByUserId(Long userId, Long projectId) {
         List<SysMenu> menus;
         if (LoginHelper.isSuperAdmin(userId)) {
             menus = baseMapper.selectMenuTreeAll();
         } else {
-            menus = baseMapper.selectMenuTreeByUserId(userId);
+            menus = baseMapper.selectMenuTreeByUserId(userId, projectId);
         }
         return getChildPerms(menus, 0);
     }
@@ -169,11 +179,15 @@ public class SysMenuServiceImpl implements ISysMenuService {
         if (tenantPackage.getMenuCheckStrictly()) {
             parentIds = baseMapper.selectObjs(new LambdaQueryWrapper<SysMenu>()
                 .select(SysMenu::getParentId)
-                .in(SysMenu::getMenuId, menuIds), x -> {return Convert.toLong(x);});
+                .in(SysMenu::getMenuId, menuIds), x -> {
+                return Convert.toLong(x);
+            });
         }
         return baseMapper.selectObjs(new LambdaQueryWrapper<SysMenu>()
             .in(SysMenu::getMenuId, menuIds)
-            .notIn(CollUtil.isNotEmpty(parentIds), SysMenu::getMenuId, parentIds), x -> {return Convert.toLong(x);});
+            .notIn(CollUtil.isNotEmpty(parentIds), SysMenu::getMenuId, parentIds), x -> {
+            return Convert.toLong(x);
+        });
     }
 
     /**

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysPermissionServiceImpl.java

@@ -1,14 +1,20 @@
 package org.dromara.system.service.impl;
 
+import lombok.RequiredArgsConstructor;
 import org.dromara.common.core.constant.TenantConstants;
+import org.dromara.common.core.domain.vo.SysProjectRoleMenuVo;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
 import org.dromara.common.satoken.utils.LoginHelper;
+import org.dromara.project.domain.BusProject;
+import org.dromara.project.service.IBusProjectService;
 import org.dromara.system.service.ISysMenuService;
 import org.dromara.system.service.ISysPermissionService;
 import org.dromara.system.service.ISysRoleService;
-import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Set;
 
 /**
@@ -22,6 +28,7 @@ public class SysPermissionServiceImpl implements ISysPermissionService {
 
     private final ISysRoleService roleService;
     private final ISysMenuService menuService;
+    private final IBusProjectService projectService;
 
     /**
      * 获取角色数据权限
@@ -30,15 +37,23 @@ public class SysPermissionServiceImpl implements ISysPermissionService {
      * @return 角色权限信息
      */
     @Override
-    public Set<String> getRolePermission(Long userId) {
+    public List<SysProjectRolePermissionVo> getRolePermission(Long userId) {
-        Set<String> roles = new HashSet<>();
         // 管理员拥有所有权限
         if (LoginHelper.isSuperAdmin(userId)) {
-            roles.add(TenantConstants.SUPER_ADMIN_ROLE_KEY);
+            List<SysProjectRolePermissionVo> roles = new ArrayList<>();
-        } else {
+            List<BusProject> projects = projectService.list();
-            roles.addAll(roleService.selectRolePermissionByUserId(userId));
+            for (BusProject project : projects) {
+                SysProjectRolePermissionVo vo = new SysProjectRolePermissionVo();
+                Set<String> role = new HashSet<>();
+                vo.setProjectId(project.getId());
+                role.add(TenantConstants.SUPER_ADMIN_ROLE_KEY);
+                vo.setProjectRoles(role);
+                roles.add(vo);
             }
             return roles;
+        } else {
+            return roleService.selectRolePermissionByUserId(userId);
+        }
     }
 
     /**
@@ -48,14 +63,22 @@ public class SysPermissionServiceImpl implements ISysPermissionService {
      * @return 菜单权限信息
      */
     @Override
-    public Set<String> getMenuPermission(Long userId) {
+    public List<SysProjectRoleMenuVo> getMenuPermission(Long userId) {
-        Set<String> perms = new HashSet<>();
         // 管理员拥有所有权限
         if (LoginHelper.isSuperAdmin(userId)) {
-            perms.add("*:*:*");
+            List<SysProjectRoleMenuVo> roles = new ArrayList<>();
-        } else {
+            List<BusProject> projects = projectService.list();
-            perms.addAll(menuService.selectMenuPermsByUserId(userId));
+            for (BusProject project : projects) {
+                SysProjectRoleMenuVo vo = new SysProjectRoleMenuVo();
+                Set<String> role = new HashSet<>();
+                vo.setProjectId(project.getId());
+                role.add("*:*:*");
+                vo.setProjectPermissions(role);
+                roles.add(vo);
+            }
+            return roles;
+        } else {
+            return menuService.selectMenuPermsByUserId(userId);
         }
-        return perms;
     }
 }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysPostServiceImpl.java

@@ -156,6 +156,7 @@ public class SysPostServiceImpl implements ISysPostService, PostService {
     public boolean checkPostNameUnique(SysPostBo post) {
         boolean exist = baseMapper.exists(new LambdaQueryWrapper<SysPost>()
             .eq(SysPost::getPostName, post.getPostName())
+            .eq(ObjectUtil.isNotNull(post.getDeptId()), SysPost::getDeptId, post.getDeptId())
             .ne(ObjectUtil.isNotNull(post.getPostId()), SysPost::getPostId, post.getPostId()));
         return !exist;
     }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysRoleServiceImpl.java

@@ -16,6 +16,7 @@ import org.dromara.common.core.constant.CacheNames;
 import org.dromara.common.core.constant.SystemConstants;
 import org.dromara.common.core.constant.TenantConstants;
 import org.dromara.common.core.domain.model.LoginUser;
+import org.dromara.common.core.domain.vo.SysProjectRolePermissionVo;
 import org.dromara.common.core.exception.ServiceException;
 import org.dromara.common.core.service.RoleService;
 import org.dromara.common.core.utils.MapstructUtils;
@@ -24,11 +25,15 @@ import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.mybatis.core.page.PageQuery;
 import org.dromara.common.mybatis.core.page.TableDataInfo;
 import org.dromara.common.satoken.utils.LoginHelper;
+import org.dromara.project.domain.BusProject;
+import org.dromara.project.service.IBusProjectService;
 import org.dromara.system.domain.SysRole;
 import org.dromara.system.domain.SysRoleDept;
 import org.dromara.system.domain.SysRoleMenu;
 import org.dromara.system.domain.SysUserRole;
 import org.dromara.system.domain.bo.SysRoleBo;
+import org.dromara.system.domain.dto.role.SysRoleProjectDto;
+import org.dromara.system.domain.vo.ProjectRolesItem;
 import org.dromara.system.domain.vo.SysRoleVo;
 import org.dromara.system.mapper.SysRoleDeptMapper;
 import org.dromara.system.mapper.SysRoleMapper;
@@ -40,6 +45,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * 角色 业务层处理
@@ -54,6 +60,7 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService {
     private final SysRoleMenuMapper roleMenuMapper;
     private final SysUserRoleMapper userRoleMapper;
     private final SysRoleDeptMapper roleDeptMapper;
+    private final IBusProjectService projectService;
 
     @Override
     public TableDataInfo<SysRoleVo> selectPageRoleList(SysRoleBo role, PageQuery pageQuery) {
@@ -126,15 +133,24 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService {
      * @return 权限列表
      */
     @Override
-    public Set<String> selectRolePermissionByUserId(Long userId) {
+    public List<SysProjectRolePermissionVo> selectRolePermissionByUserId(Long userId) {
-        List<SysRoleVo> perms = baseMapper.selectRolesByUserId(userId);
+        List<ProjectRolesItem> items = baseMapper.selectProjectRolesByUserId(userId);
-        Set<String> permsSet = new HashSet<>();
+        return items.stream()
-        for (SysRoleVo perm : perms) {
+            .filter(Objects::nonNull) // 保证不为空
-            if (ObjectUtil.isNotNull(perm)) {
+            .peek(item -> {
-                permsSet.addAll(StringUtils.splitList(perm.getRoleKey().trim()));
+                if (item.getRoleKey() != null) {
+                    item.setRoleKey(item.getRoleKey().trim()); // roleKey 去空格
                 }
-        }
+            })
-        return permsSet;
+            .collect(Collectors.groupingBy(ProjectRolesItem::getProjectId))
+            .entrySet().stream()
+            .map(e -> {
+                SysProjectRolePermissionVo vo = new SysProjectRolePermissionVo();
+                vo.setProjectId(e.getKey());
+                vo.setProjectRoles(e.getValue().stream().map(ProjectRolesItem::getRoleKey).collect(Collectors.toSet()));
+                return vo;
+            })
+            .toList();
     }
 
     /**
@@ -159,6 +175,46 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService {
         return StreamUtils.toList(list, SysRoleVo::getRoleId);
     }
 
+    /**
+     * 获取角色选择框列表
+     *
+     * @param userId 用户ID
+     * @return 角色列表
+     */
+    @Override
+    public List<SysRoleProjectDto> selectRoleProjectList(Long userId) {
+        if (userId.equals(SystemConstants.SUPER_ADMIN_ID)) {
+            return List.of();
+        } else {
+            List<SysUserRole> userRoles = userRoleMapper.selectList(new LambdaQueryWrapper<>(SysUserRole.class)
+                .eq(SysUserRole::getUserId, userId));
+            if (CollUtil.isEmpty(userRoles)) {
+                return List.of();
+            }
+            List<Long> projectIds = userRoles.stream().map(SysUserRole::getProjectId).distinct().toList();
+            List<BusProject> projectList = projectService.listByIds(projectIds);
+            if (CollUtil.isEmpty(projectList)) {
+                return List.of();
+            }
+            Map<Long, List<BusProject>> projectMap = projectList.stream().collect(Collectors.groupingBy(BusProject::getId));
+            List<SysRoleProjectDto> list = new ArrayList<>();
+            Map<Long, List<SysUserRole>> map = userRoles.stream().collect(Collectors.groupingBy(SysUserRole::getProjectId));
+            for (Map.Entry<Long, List<SysUserRole>> entry : map.entrySet()) {
+                Long key = entry.getKey();
+                SysRoleProjectDto dto = new SysRoleProjectDto();
+                dto.setProjectId(key);
+                dto.setRoleIds(StreamUtils.toList(entry.getValue(), SysUserRole::getRoleId));
+                if (projectMap.containsKey(key)) {
+                    BusProject project = projectMap.get(key).getFirst();
+                    dto.setProjectName(project.getProjectName());
+                    dto.setShortName(project.getShortName());
+                }
+                list.add(dto);
+            }
+            return list;
+        }
+    }
+
     /**
      * 通过角色ID查询角色
      *
@@ -193,6 +249,7 @@ public class SysRoleServiceImpl implements ISysRoleService, RoleService {
     public boolean checkRoleNameUnique(SysRoleBo role) {
         boolean exist = baseMapper.exists(new LambdaQueryWrapper<SysRole>()
             .eq(SysRole::getRoleName, role.getRoleName())
+            .eq(ObjectUtil.isNotNull(role.getDeptId()), SysRole::getDeptId, role.getDeptId())
             .ne(ObjectUtil.isNotNull(role.getRoleId()), SysRole::getRoleId, role.getRoleId()));
         return !exist;
     }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java

@@ -15,7 +15,6 @@ import jakarta.annotation.Resource;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.dromara.common.core.constant.CacheNames;
-import org.dromara.common.core.constant.HttpStatus;
 import org.dromara.common.core.constant.SystemConstants;
 import org.dromara.common.core.domain.dto.UserDTO;
 import org.dromara.common.core.exception.ServiceException;
@@ -24,17 +23,16 @@ import org.dromara.common.core.utils.*;
 import org.dromara.common.mybatis.core.page.PageQuery;
 import org.dromara.common.mybatis.core.page.TableDataInfo;
 import org.dromara.common.satoken.utils.LoginHelper;
-import org.dromara.contractor.domain.SubConstructionUser;
+import org.dromara.project.domain.BusUserProjectRelevancy;
-import org.dromara.contractor.service.ISubConstructionUserService;
-import org.dromara.project.domain.dto.userprojectrelevancy.BusUserProjectRelevancyCreateReq;
 import org.dromara.project.service.IBusUserProjectRelevancyService;
 import org.dromara.system.domain.*;
 import org.dromara.system.domain.bo.SysUserBo;
-import org.dromara.system.domain.enums.SysContractorRoleEnum;
+import org.dromara.system.domain.dto.role.SysRoleProjectDto;
-import org.dromara.system.domain.enums.SysDeptTypeEnum;
+import org.dromara.system.domain.vo.SysPostVo;
-import org.dromara.system.domain.vo.*;
+import org.dromara.system.domain.vo.SysRoleVo;
+import org.dromara.system.domain.vo.SysUserExportVo;
+import org.dromara.system.domain.vo.SysUserVo;
 import org.dromara.system.mapper.*;
-import org.dromara.system.service.ISysDeptService;
 import org.dromara.system.service.ISysUserFileService;
 import org.dromara.system.service.ISysUserService;
 import org.springframework.cache.annotation.CacheEvict;
@@ -62,9 +60,7 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
     private final SysPostMapper postMapper;
     private final SysUserRoleMapper userRoleMapper;
     private final SysUserPostMapper userPostMapper;
-    private final ISysDeptService deptService;
     private final IBusUserProjectRelevancyService userProjectRelevancyService;
-    private final ISubConstructionUserService constructionUserService;
 
     @Lazy
     @Resource
@@ -350,7 +346,7 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
         insertUserPost(user, false);
         // 新增用户与角色管理
         insertUserRole(user, false);
-        Long deptId = user.getDeptId();
+/*        Long deptId = user.getDeptId();
         SysDeptVo deptVo = deptService.selectDeptById(deptId);
         String deptType = deptVo.getDeptType();
         if (deptType.equals(SysDeptTypeEnum.CONTRACT.getCode())) {
@@ -386,7 +382,7 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
                 }
             }
             userProjectRelevancyService.saveBatchByProjectList(projectIds, user.getUserId(), userType);
-        }
+        }*/
         return rows;
     }
 
@@ -431,7 +427,7 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
         if (oldUser.getDeptId().equals(user.getDeptId())) {
             return flag;
         }
-        Long deptId = user.getDeptId();
+        /*Long deptId = user.getDeptId();
         SysDeptVo deptVo = deptService.selectDeptById(deptId);
         String deptType = deptVo.getDeptType();
         if (deptType.equals(SysDeptTypeEnum.CONTRACT.getCode())) {
@@ -460,7 +456,7 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
                 }
             }
             userProjectRelevancyService.saveBatchByProjectList(projectIds, user.getUserId(), userType);
-        }
+        }*/
         return flag;
     }
 
@@ -468,12 +464,12 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
      * 用户授权角色
      *
      * @param userId       用户ID
-     * @param roleIds 角色组
+     * @param projectRoles 项目、角色关联组
      */
     @Override
     @Transactional(rollbackFor = Exception.class)
-    public void insertUserAuth(Long userId, Long[] roleIds) {
+    public void insertUserAuth(Long userId, List<SysRoleProjectDto> projectRoles) {
-        insertUserRole(userId, roleIds, true);
+        insertUserRole(userId, projectRoles, true);
     }
 
     /**
@@ -546,7 +542,7 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
      * @param clear 清除已存在的关联数据
      */
     private void insertUserRole(SysUserBo user, boolean clear) {
-        this.insertUserRole(user.getUserId(), user.getRoleIds(), clear);
+        this.insertUserRole(user.getUserId(), user.getProjectRoles(), clear);
     }
 
     /**
@@ -577,12 +573,17 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
      * 新增用户角色信息
      *
      * @param userId       用户ID
-     * @param roleIds 角色组
+     * @param projectRoles 角色项目关联组
      * @param clear        清除已存在的关联数据
      */
-    private void insertUserRole(Long userId, Long[] roleIds, boolean clear) {
+    private void insertUserRole(Long userId, List<SysRoleProjectDto> projectRoles, boolean clear) {
-        if (ArrayUtil.isNotEmpty(roleIds)) {
+        if (ArrayUtil.isNotEmpty(projectRoles)) {
-            List<Long> roleList = new ArrayList<>(List.of(roleIds));
+            // 去重后的所有 roleId
+            List<Long> roleList = new ArrayList<>(projectRoles.stream()
+                .filter(dto -> dto.getRoleIds() != null)
+                .flatMap(dto -> dto.getRoleIds().stream())
+                .distinct()
+                .toList());
             if (!LoginHelper.isSuperAdmin(userId)) {
                 roleList.remove(SystemConstants.SUPER_ADMIN_ID);
             }
@@ -596,13 +597,41 @@ public class SysUserServiceImpl implements ISysUserService, UserService {
                 // 删除用户与角色关联
                 userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().eq(SysUserRole::getUserId, userId));
             }
-            // 新增用户与角色管理
+            // 新增用户与角色、项目关联
-            List<SysUserRole> list = StreamUtils.toList(roleList, roleId -> {
+            List<SysUserRole> list = new ArrayList<>();
+            List<BusUserProjectRelevancy> listProject = new ArrayList<>();
+            for (SysRoleProjectDto dto : projectRoles) {
+                List<Long> roleIds = dto.getRoleIds();
+                Long projectId = dto.getProjectId();
+                if (CollUtil.isNotEmpty(roleIds) && projectId != null) {
+                    for (Long roleId : roleIds) {
+                        SysUserRole ur = new SysUserRole();
+                        ur.setUserId(userId);
+                        ur.setRoleId(roleId);
+                        ur.setProjectId(projectId);
+                        list.add(ur);
+                    }
+                }
+                if (projectId != null) {
+                    BusUserProjectRelevancy projectRelevancy = new BusUserProjectRelevancy();
+                    projectRelevancy.setUserId(userId);
+                    projectRelevancy.setProjectId(projectId);
+                    listProject.add(projectRelevancy);
+                }
+            }
+            if (clear) {
+                // 删除用户与项目的关联
+                userProjectRelevancyService.remove(new LambdaQueryWrapper<>(BusUserProjectRelevancy.class)
+                    .eq(BusUserProjectRelevancy::getUserId, userId));
+            }
+            // 新增用户与项目的关联
+            userProjectRelevancyService.saveBatch(listProject);
+/*            List<SysUserRole> list = StreamUtils.toList(roleList, roleId -> {
                 SysUserRole ur = new SysUserRole();
                 ur.setUserId(userId);
                 ur.setRoleId(roleId);
                 return ur;
-            });
+            });*/
             userRoleMapper.insertBatch(list);
         }
     }

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml

@@ -16,7 +16,44 @@
         ${ew.getCustomSqlSegment}
     </select>
 
-    <select id="selectMenuTreeByUserId" parameterType="Long" resultMap="SysMenuResult">
+    <select id="selectMenuListByRoleId" resultType="Long">
+        select m.menu_id
+        from sys_menu m
+        left join sys_role_menu rm on m.menu_id = rm.menu_id
+        where rm.role_id = #{roleId}
+        <if test="menuCheckStrictly">
+            and m.menu_id not in (select m.parent_id from sys_menu m inner join sys_role_menu rm on m.menu_id =
+            rm.menu_id and rm.role_id = #{roleId})
+        </if>
+        order by m.parent_id, m.order_num
+    </select>
+
+<!--    <select id="selectMenuPermsByUserId" parameterType="Long" resultType="String">
+        select distinct m.perms
+        from sys_menu m
+                 left join sys_role_menu rm on m.menu_id = rm.menu_id and m.status = '0'
+                 left join sys_role r on r.role_id = rm.role_id and r.status = '0'
+        where r.role_id in (select role_id from sys_user_role where user_id = #{userId})
+    </select>-->
+    <select id="selectMenuPermsByUserId" parameterType="Long" resultType="org.dromara.system.domain.vo.ProjectPermsItem">
+        select distinct ur.project_id,
+                        m.perms
+        from sys_menu m
+                 left join sys_role_menu rm on m.menu_id = rm.menu_id and m.status = '0'
+                 left join sys_role r on r.role_id = rm.role_id and r.status = '0'
+                 left join sys_user_role ur on ur.role_id = r.role_id
+        where ur.user_id = #{userId}
+    </select>
+
+
+    <select id="selectMenuPermsByRoleId" parameterType="Long" resultType="String">
+        select distinct m.perms
+        from sys_menu m
+                 left join sys_role_menu rm on m.menu_id = rm.menu_id
+        where m.status = '0' and rm.role_id = #{roleId}
+    </select>
+
+    <select id="selectMenuTreeByUserId" resultMap="SysMenuResult">
         select distinct m.menu_id,
         m.parent_id,
         m.menu_name,
@@ -36,35 +73,15 @@
         left join sys_role_menu rm on m.menu_id = rm.menu_id and m.status = '0'
         left join sys_role r on rm.role_id = r.role_id and r.status = '0'
         where m.menu_type in ('M', 'C')
-          and r.role_id in (select role_id from sys_user_role where user_id = #{userId})
+        and r.role_id in (
-        order by m.parent_id, m.order_num
+        select role_id
-    </select>
+        from sys_user_role
-
+        where user_id = #{userId}
-    <select id="selectMenuListByRoleId" resultType="Long">
+        <if test="projectId != null">
-        select m.menu_id
+            and project_id = #{projectId}
-        from sys_menu m
-        left join sys_role_menu rm on m.menu_id = rm.menu_id
-        where rm.role_id = #{roleId}
-        <if test="menuCheckStrictly">
-            and m.menu_id not in (select m.parent_id from sys_menu m inner join sys_role_menu rm on m.menu_id =
-            rm.menu_id and rm.role_id = #{roleId})
         </if>
+        )
         order by m.parent_id, m.order_num
     </select>
 
-    <select id="selectMenuPermsByUserId" parameterType="Long" resultType="String">
-        select distinct m.perms
-        from sys_menu m
-                 left join sys_role_menu rm on m.menu_id = rm.menu_id and m.status = '0'
-                 left join sys_role r on r.role_id = rm.role_id and r.status = '0'
-        where r.role_id in (select role_id from sys_user_role where user_id = #{userId})
-    </select>
-
-    <select id="selectMenuPermsByRoleId" parameterType="Long" resultType="String">
-        select distinct m.perms
-        from sys_menu m
-                 left join sys_role_menu rm on m.menu_id = rm.menu_id
-        where m.status = '0' and rm.role_id = #{roleId}
-    </select>
-
 </mapper>

xinnengyuan/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml

@@ -56,6 +56,23 @@
           and r.role_id in (select role_id from sys_user_role where user_id = #{userId})
     </select>
 
+    <select id="selectProjectRolesByUserId" parameterType="Long"
+            resultType="org.dromara.system.domain.vo.ProjectRolesItem">
+        select ur.project_id,
+               r.role_id,
+               r.role_name,
+               r.role_key,
+               r.dept_id,
+               r.role_sort,
+               r.data_scope,
+               r.status,
+               r.is_special
+        from sys_role r
+                 inner join sys_user_role ur on r.role_id = ur.role_id
+        where r.del_flag = '0'
+          and ur.user_id = #{userId}
+    </select>
+
     <select id="selectRoleById" resultMap="SysRoleResult">
         <include refid="selectRoleVo"/>
         WHERE r.del_flag = '0' and r.role_id = #{roleId}