数据权限过滤

2025-01-19 03:52:50 +08:00 · 2022-01-16 18:10:18 +08:00 · 2022-01-16 18:10:18 +08:00 · 90e2d367fd
commit 90e2d367fd
parent 8f258b1855
9 changed files with 248 additions and 16 deletions
--- a/data/magic-api/api/后台/安全/登录.ms
+++ b/data/magic-api/api/后台/安全/登录.ms
@ -5,19 +5,19 @@
  "groupId" : "1952f25c81084e24b55b11385767dc38",
  "name" : "登录",
  "createTime" : null,
-  "updateTime" : 1642080684959,
+  "updateTime" : 1642321889536,
  "lock" : "0",
  "method" : "POST",
  "path" : "/login",
  "parameters" : [ ],
  "option" : "[{\"name\":\"require_login\",\"value\":\"false\",\"description\":\"该接口需要登录才允许访问\"}]",
-  "requestBody" : "{\r\n    \"username\": \"test\",\r\n    \"password\": \"1\"\r\n}",
+  "requestBody" : "{\r\n    \"username\": \"admin\",\r\n    \"password\": \"1\"\r\n}",
  "headers" : [ ],
  "paths" : [ ],
-  "responseBody" : "{\n    \"code\": 200,\n    \"message\": \"success\",\n    \"data\": \"565504aa-ecfa-4c0d-a22f-d35732672708\",\n    \"timestamp\": 1641276642379,\n    \"executeTime\": 13\n}",
+  "responseBody" : "{\n    \"code\": 0,\n    \"message\": \"用户名或密码错误\",\n    \"data\": null,\n    \"timestamp\": 1642321857211,\n    \"executeTime\": 3\n}",
  "description" : null,
  "requestBodyDefinition" : {
-    "name" : "root",
+    "name" : "",
    "value" : "",
    "description" : "",
    "required" : false,
@ -29,7 +29,7 @@
    "expression" : "",
    "children" : [ {
      "name" : "username",
-      "value" : "test",
+      "value" : "admin",
      "description" : "",
      "required" : false,
      "dataType" : "String",
@ -66,7 +66,7 @@
    "expression" : "",
    "children" : [ {
      "name" : "code",
-      "value" : "200",
+      "value" : "0",
      "description" : "",
      "required" : false,
      "dataType" : "Integer",
@ -78,7 +78,7 @@
      "children" : [ ]
    }, {
      "name" : "message",
-      "value" : "success",
+      "value" : "用户名或密码错误",
      "description" : "",
      "required" : false,
      "dataType" : "String",
@ -90,7 +90,7 @@
      "children" : [ ]
    }, {
      "name" : "data",
-      "value" : "565504aa-ecfa-4c0d-a22f-d35732672708",
+      "value" : "null",
      "description" : "",
      "required" : false,
      "dataType" : "Object",
@ -102,7 +102,7 @@
      "children" : [ ]
    }, {
      "name" : "timestamp",
-      "value" : "1641276642379",
+      "value" : "1642321857211",
      "description" : "",
      "required" : false,
      "dataType" : "Long",
@ -114,7 +114,7 @@
      "children" : [ ]
    }, {
      "name" : "executeTime",
-      "value" : "13",
+      "value" : "3",
      "description" : "",
      "required" : false,
      "dataType" : "Integer",
--- a/data/magic-api/api/后台/测试数据/group.json
+++ b/data/magic-api/api/后台/测试数据/group.json
@ -0,0 +1,10 @@
+{
+  "properties" : { },
+  "id" : "42d241c0bb18476f8dabf92c2e4e2324",
+  "name" : "测试数据",
+  "type" : "1",
+  "parentId" : "02df51e4d7184780a98b632f43dc5848",
+  "path" : "/test",
+  "paths" : [ ],
+  "options" : [ ]
+}
--- a/data/magic-api/api/后台/测试数据/保存.ms
+++ b/data/magic-api/api/后台/测试数据/保存.ms
@ -0,0 +1,26 @@
+{
+  "properties" : { },
+  "id" : "d31e3bea5666449d90fa95779adfb61f",
+  "script" : null,
+  "groupId" : "42d241c0bb18476f8dabf92c2e4e2324",
+  "name" : "保存",
+  "createTime" : null,
+  "updateTime" : 1642312068428,
+  "lock" : "0",
+  "method" : "POST",
+  "path" : "/save",
+  "parameters" : [ ],
+  "option" : "[{\"name\":\"wrap_request_parameter\",\"value\":\"data\",\"description\":\"包装请求参数到一个变量中\"}]",
+  "requestBody" : "",
+  "headers" : [ ],
+  "paths" : [ ],
+  "responseBody" : null,
+  "description" : null,
+  "requestBodyDefinition" : null,
+  "responseBodyDefinition" : null,
+  "optionMap" : {
+    "wrap_request_parameter" : "data"
+  }
+}
+================================
+return db.table("sys_test_data").primary("id").saveOrUpdate(data)
--- a/data/magic-api/api/后台/测试数据/列表.ms
+++ b/data/magic-api/api/后台/测试数据/列表.ms
@ -0,0 +1,41 @@
+{
+  "properties" : { },
+  "id" : "6d50d6c8884f4624b2bf8fd537ac34f6",
+  "script" : null,
+  "groupId" : "42d241c0bb18476f8dabf92c2e4e2324",
+  "name" : "列表",
+  "createTime" : null,
+  "updateTime" : 1642327645651,
+  "lock" : "0",
+  "method" : "GET",
+  "path" : "/list",
+  "parameters" : [ ],
+  "option" : "[]",
+  "requestBody" : "",
+  "headers" : [ ],
+  "paths" : [ ],
+  "responseBody" : null,
+  "description" : null,
+  "requestBodyDefinition" : null,
+  "responseBodyDefinition" : null,
+  "optionMap" : { }
+}
+================================
+/**
+ * db  东北  本级
+ * nm 内蒙  本级及子级
+ * mxd2  全部
+ * mxd  自定义
+ */
+// import '@/permission/office' as permissionOffice;
+// var userIds = permissionOffice()
+
+// return db.page("""
+//     select id,name from sys_test_data where 1 = 1 
+//     ?{userIds, and create_by in (#{userIds})}
+// """)
+
+import '@/permission/office' as permissionOffice;
+var userIds = permissionOffice()
+
+return db.table("sys_test_data").where().in("create_by",userIds).page()
--- a/data/magic-api/api/后台/角色管理/保存.ms
+++ b/data/magic-api/api/后台/角色管理/保存.ms
@ -5,7 +5,7 @@
  "groupId" : "89130d496f6f467c88b22ae4a7f688eb",
  "name" : "保存",
  "createTime" : null,
-  "updateTime" : 1642081039231,
+  "updateTime" : 1642326331841,
  "lock" : "0",
  "method" : "POST",
  "path" : "/save",
@ -43,10 +43,9 @@ id = db.table("sys_role").primary("id").saveOrUpdate(role);
 for(menuId in menus.split(',')){
    db.table("sys_role_menu").column("menu_id",menuId).column("role_id", id).insert();
 }
+db.table("sys_role_office").where().eq("role_id",id).delete()
 if(offices && permission == 1){
    for(officeId in offices.split(',')){
        db.table("sys_role_office").column("office_id",officeId).column("role_id", id).insert();
    }
-}else{
-    db.table("sys_role_office").where().eq("role_id",id).delete()
 }
--- a/data/magic-api/function/权限/group.json
+++ b/data/magic-api/function/权限/group.json
@ -0,0 +1,10 @@
+{
+  "properties" : { },
+  "id" : "41922e26ef57421f8819fe6c59f14d63",
+  "name" : "权限",
+  "type" : "2",
+  "parentId" : "0",
+  "path" : "/permission",
+  "paths" : [ ],
+  "options" : [ ]
+}
--- a/data/magic-api/function/权限/组织机构.ms
+++ b/data/magic-api/function/权限/组织机构.ms
@ -0,0 +1,52 @@
+{
+  "properties" : { },
+  "id" : "a5f80b11b7fb4f3c97252331c80bcf85",
+  "script" : null,
+  "groupId" : "41922e26ef57421f8819fe6c59f14d63",
+  "name" : "组织机构",
+  "createTime" : null,
+  "updateTime" : 1642327198030,
+  "lock" : "0",
+  "path" : "/office",
+  "description" : null,
+  "returnType" : null,
+  "mappingPath" : null,
+  "parameters" : [ ]
+}
+================================
+import 'cn.dev33.satoken.stp.StpUtil';
+
+var currentUserId = StpUtil.getLoginId()
+//查出当前用户有多少角色
+var roles = db.select("""
+    select permission from sys_role where is_del = 0 and id in (select role_id from sys_user_role where user_id = #{currentUserId})
+""")
+var userIds = []
+for(role in roles){
+    if(role.permission == '0'){
+        return []
+    }else if(role.permission == '1'){
+        userIds.addAll(db.select("""
+            select id from sys_user where is_del = 0 and office_id in (
+                select office_id from sys_role_office where role_id in (
+                    select role_id from sys_user_role where user_id = #{currentUserId}
+                )
+            )
+        """).map(it => it.id))
+    }else{
+        var officeId = db.selectValue("select office_id from sys_user where id = #{currentUserId}")
+        var offices = []
+        offices.push(officeId)
+        var getOfficeId = (list,pid) => {
+            var ids = select t.id from list t where t.pid = pid;
+            for(it in ids){
+                offices.push(it.id)
+                getOfficeId(list,it.id)
+            }
+        }
+        getOfficeId(db.select('select id, pid from sys_office where is_del = 0 order by sort'),officeId)
+        userIds.addAll(db.select("select id from sys_user where office_id in (#{offices})").map(it => it.id))
+    }
+}
+
+return userIds
--- a/magic-boot-ui/src/views/system/test/test-list.vue
+++ b/magic-boot-ui/src/views/system/test/test-list.vue
@ -0,0 +1,94 @@
+<template>
+  <div class="app-container">
+    <div class="filter-container">
+      <el-form :inline="true">
+        <el-button class="filter-item" style="margin-left: 10px;" type="primary" icon="el-icon-edit" @click="handleCreate">
+          添加
+        </el-button>
+      </el-form>
+    </div>
+
+    <pd-table ref="table" v-bind="tableOptions" />
+
+    <el-dialog :title="textMap[dialogStatus]" :visible.sync="dialogFormVisible" :close-on-click-modal="false" width="700px">
+      <el-form ref="dataForm" :inline="true" :model="temp" label-position="right" label-width="100px" style="margin-left: 20px">
+        <el-form-item label="name" prop="name">
+          <el-input v-model="temp.name" />
+        </el-form-item>
+      </el-form>
+      <div slot="footer" class="dialog-footer">
+        <el-button @click="dialogFormVisible = false">
+          关闭
+        </el-button>
+        <el-button type="primary" @click="save()">
+          确认
+        </el-button>
+      </div>
+    </el-dialog>
+
+  </div>
+</template>
+
+<script>
+
+export default {
+  name: 'TestList',
+  data() {
+    return {
+      tableOptions: {
+        url: 'test/list',
+        page: true,
+        cols: [
+          {
+            field: 'name',
+            title: 'name'
+          },
+        ]
+      },
+      temp: this.getTemp(),
+      dialogFormVisible: false,
+      dictItemsVisible: false,
+      dialogStatus: '',
+      textMap: {
+        update: '修改',
+        create: '添加'
+      },
+      downloadLoading: false
+    }
+  },
+  methods: {
+    getTemp() {
+      return {
+        name: ''
+      }
+    },
+    reloadTable() {
+      this.$refs.table.reloadList()
+    },
+    handleCreate() {
+      this.temp = this.getTemp()
+      this.dialogStatus = 'create'
+      this.dialogFormVisible = true
+      this.$nextTick(() => {
+        this.$refs['dataForm'].clearValidate()
+      })
+    },
+    save() {
+      this.$refs['dataForm'].validate((valid) => {
+        if (valid) {
+          this.$post('test/save', this.temp).then((response) => {
+            this.dialogFormVisible = false
+            this.$notify({
+              title: '成功',
+              message: (this.dialogStatus === 'create' ? '创建' : '修改') + '成功',
+              type: 'success',
+              duration: 2000
+            })
+            this.reloadTable()
+          })
+        }
+      })
+    }
+  }
+}
+</script>
--- a/magic-boot-ui/src/views/system/user/user-form.vue
+++ b/magic-boot-ui/src/views/system/user/user-form.vue
@ -7,13 +7,13 @@
      <el-input v-model="temp.name" />
    </el-form-item>
    <el-form-item label="密码" prop="password">
-      <el-input v-model="temp.password" />
+      <el-input v-model="temp.password" type="password" />
    </el-form-item>
    <el-form-item label="手机号" prop="phone">
      <el-input v-model="temp.phone" />
    </el-form-item>
-    <el-form-item label="选择机构" prop="officeId">
-      <treeselect v-model="temp.officeId" :options="officeTree" :disable-branch-nodes="true" :show-count="true" placeholder="请选择组织机构" />
+    <el-form-item label="组织机构" prop="officeId">
+      <treeselect v-model="temp.officeId" :options="officeTree" :show-count="true" placeholder="请选择组织机构" />
    </el-form-item>
    <el-form-item label="禁止登录" prop="isLogin">
      <template>