数据权限过滤

data/magic-api/api/后台/安全/登录.ms

@@ -5,19 +5,19 @@
   "groupId" : "1952f25c81084e24b55b11385767dc38",
   "name" : "登录",
   "createTime" : null,
-  "updateTime" : 1642080684959,
+  "updateTime" : 1642321889536,
   "lock" : "0",
   "method" : "POST",
   "path" : "/login",
   "parameters" : [ ],
   "option" : "[{\"name\":\"require_login\",\"value\":\"false\",\"description\":\"该接口需要登录才允许访问\"}]",
-  "requestBody" : "{\r\n    \"username\": \"test\",\r\n    \"password\": \"1\"\r\n}",
+  "requestBody" : "{\r\n    \"username\": \"admin\",\r\n    \"password\": \"1\"\r\n}",
   "headers" : [ ],
   "paths" : [ ],
-  "responseBody" : "{\n    \"code\": 200,\n    \"message\": \"success\",\n    \"data\": \"565504aa-ecfa-4c0d-a22f-d35732672708\",\n    \"timestamp\": 1641276642379,\n    \"executeTime\": 13\n}",
+  "responseBody" : "{\n    \"code\": 0,\n    \"message\": \"用户名或密码错误\",\n    \"data\": null,\n    \"timestamp\": 1642321857211,\n    \"executeTime\": 3\n}",
   "description" : null,
   "requestBodyDefinition" : {
-    "name" : "root",
+    "name" : "",
     "value" : "",
     "description" : "",
     "required" : false,
@@ -29,7 +29,7 @@
     "expression" : "",
     "children" : [ {
       "name" : "username",
-      "value" : "test",
+      "value" : "admin",
       "description" : "",
       "required" : false,
       "dataType" : "String",
@@ -66,7 +66,7 @@
     "expression" : "",
     "children" : [ {
       "name" : "code",
-      "value" : "200",
+      "value" : "0",
       "description" : "",
       "required" : false,
       "dataType" : "Integer",
@@ -78,7 +78,7 @@
       "children" : [ ]
     }, {
       "name" : "message",
-      "value" : "success",
+      "value" : "用户名或密码错误",
       "description" : "",
       "required" : false,
       "dataType" : "String",
@@ -90,7 +90,7 @@
       "children" : [ ]
     }, {
       "name" : "data",
-      "value" : "565504aa-ecfa-4c0d-a22f-d35732672708",
+      "value" : "null",
       "description" : "",
       "required" : false,
       "dataType" : "Object",
@@ -102,7 +102,7 @@
       "children" : [ ]
     }, {
       "name" : "timestamp",
-      "value" : "1641276642379",
+      "value" : "1642321857211",
       "description" : "",
       "required" : false,
       "dataType" : "Long",
@@ -114,7 +114,7 @@
       "children" : [ ]
     }, {
       "name" : "executeTime",
-      "value" : "13",
+      "value" : "3",
       "description" : "",
       "required" : false,
       "dataType" : "Integer",

data/magic-api/api/后台/测试数据/group.json

@@ -0,0 +1,10 @@
+{
+  "properties" : { },
+  "id" : "42d241c0bb18476f8dabf92c2e4e2324",
+  "name" : "测试数据",
+  "type" : "1",
+  "parentId" : "02df51e4d7184780a98b632f43dc5848",
+  "path" : "/test",
+  "paths" : [ ],
+  "options" : [ ]
+}

data/magic-api/api/后台/测试数据/保存.ms

@@ -0,0 +1,26 @@
+{
+  "properties" : { },
+  "id" : "d31e3bea5666449d90fa95779adfb61f",
+  "script" : null,
+  "groupId" : "42d241c0bb18476f8dabf92c2e4e2324",
+  "name" : "保存",
+  "createTime" : null,
+  "updateTime" : 1642312068428,
+  "lock" : "0",
+  "method" : "POST",
+  "path" : "/save",
+  "parameters" : [ ],
+  "option" : "[{\"name\":\"wrap_request_parameter\",\"value\":\"data\",\"description\":\"包装请求参数到一个变量中\"}]",
+  "requestBody" : "",
+  "headers" : [ ],
+  "paths" : [ ],
+  "responseBody" : null,
+  "description" : null,
+  "requestBodyDefinition" : null,
+  "responseBodyDefinition" : null,
+  "optionMap" : {
+    "wrap_request_parameter" : "data"
+  }
+}
+================================
+return db.table("sys_test_data").primary("id").saveOrUpdate(data)

data/magic-api/api/后台/测试数据/列表.ms

@@ -0,0 +1,41 @@
+{
+  "properties" : { },
+  "id" : "6d50d6c8884f4624b2bf8fd537ac34f6",
+  "script" : null,
+  "groupId" : "42d241c0bb18476f8dabf92c2e4e2324",
+  "name" : "列表",
+  "createTime" : null,
+  "updateTime" : 1642327645651,
+  "lock" : "0",
+  "method" : "GET",
+  "path" : "/list",
+  "parameters" : [ ],
+  "option" : "[]",
+  "requestBody" : "",
+  "headers" : [ ],
+  "paths" : [ ],
+  "responseBody" : null,
+  "description" : null,
+  "requestBodyDefinition" : null,
+  "responseBodyDefinition" : null,
+  "optionMap" : { }
+}
+================================
+/**
+ * db  东北  本级
+ * nm 内蒙  本级及子级
+ * mxd2  全部
+ * mxd  自定义
+ */
+// import '@/permission/office' as permissionOffice;
+// var userIds = permissionOffice()
+
+// return db.page("""
+//     select id,name from sys_test_data where 1 = 1 
+//     ?{userIds, and create_by in (#{userIds})}
+// """)
+
+import '@/permission/office' as permissionOffice;
+var userIds = permissionOffice()
+
+return db.table("sys_test_data").where().in("create_by",userIds).page()

data/magic-api/api/后台/角色管理/保存.ms

@@ -5,7 +5,7 @@
   "groupId" : "89130d496f6f467c88b22ae4a7f688eb",
   "name" : "保存",
   "createTime" : null,
-  "updateTime" : 1642081039231,
+  "updateTime" : 1642326331841,
   "lock" : "0",
   "method" : "POST",
   "path" : "/save",
@@ -43,10 +43,9 @@ id = db.table("sys_role").primary("id").saveOrUpdate(role);
 for(menuId in menus.split(',')){
     db.table("sys_role_menu").column("menu_id",menuId).column("role_id", id).insert();
 }
+db.table("sys_role_office").where().eq("role_id",id).delete()
 if(offices && permission == 1){
     for(officeId in offices.split(',')){
         db.table("sys_role_office").column("office_id",officeId).column("role_id", id).insert();
     }
-}else{
-    db.table("sys_role_office").where().eq("role_id",id).delete()
 }

data/magic-api/function/权限/group.json

@@ -0,0 +1,10 @@
+{
+  "properties" : { },
+  "id" : "41922e26ef57421f8819fe6c59f14d63",
+  "name" : "权限",
+  "type" : "2",
+  "parentId" : "0",
+  "path" : "/permission",
+  "paths" : [ ],
+  "options" : [ ]
+}

data/magic-api/function/权限/组织机构.ms

@@ -0,0 +1,52 @@
+{
+  "properties" : { },
+  "id" : "a5f80b11b7fb4f3c97252331c80bcf85",
+  "script" : null,
+  "groupId" : "41922e26ef57421f8819fe6c59f14d63",
+  "name" : "组织机构",
+  "createTime" : null,
+  "updateTime" : 1642327198030,
+  "lock" : "0",
+  "path" : "/office",
+  "description" : null,
+  "returnType" : null,
+  "mappingPath" : null,
+  "parameters" : [ ]
+}
+================================
+import 'cn.dev33.satoken.stp.StpUtil';
+
+var currentUserId = StpUtil.getLoginId()
+//查出当前用户有多少角色
+var roles = db.select("""
+    select permission from sys_role where is_del = 0 and id in (select role_id from sys_user_role where user_id = #{currentUserId})
+""")
+var userIds = []
+for(role in roles){
+    if(role.permission == '0'){
+        return []
+    }else if(role.permission == '1'){
+        userIds.addAll(db.select("""
+            select id from sys_user where is_del = 0 and office_id in (
+                select office_id from sys_role_office where role_id in (
+                    select role_id from sys_user_role where user_id = #{currentUserId}
+                )
+            )
+        """).map(it => it.id))
+    }else{
+        var officeId = db.selectValue("select office_id from sys_user where id = #{currentUserId}")
+        var offices = []
+        offices.push(officeId)
+        var getOfficeId = (list,pid) => {
+            var ids = select t.id from list t where t.pid = pid;
+            for(it in ids){
+                offices.push(it.id)
+                getOfficeId(list,it.id)
+            }
+        }
+        getOfficeId(db.select('select id, pid from sys_office where is_del = 0 order by sort'),officeId)
+        userIds.addAll(db.select("select id from sys_user where office_id in (#{offices})").map(it => it.id))
+    }
+}
+
+return userIds