优化权限和bug修复

2025-09-11 11:18:30 +08:00 · 2025-09-11 11:18:30 +08:00 · d69bdf3bbc
commit d69bdf3bbc
parent b214faacd6
3 changed files with 30 additions and 21 deletions
--- a/src/main/java/com/zhgd/mybatis/DataScopeHandler.java
+++ b/src/main/java/com/zhgd/mybatis/DataScopeHandler.java
@ -27,16 +27,9 @@ import net.sf.jsqlparser.JSQLParserException;
 import net.sf.jsqlparser.expression.Alias;
 import net.sf.jsqlparser.expression.Expression;
 import net.sf.jsqlparser.expression.StringValue;
 import net.sf.jsqlparser.expression.*;
 import net.sf.jsqlparser.expression.Alias;
 import net.sf.jsqlparser.expression.Expression;
 import net.sf.jsqlparser.expression.Parenthesis;
 import net.sf.jsqlparser.expression.StringValue;
 import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
 import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
 import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
 import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
 import net.sf.jsqlparser.expression.operators.relational.InExpression;
 import net.sf.jsqlparser.expression.operators.relational.ParenthesedExpressionList;
 import net.sf.jsqlparser.parser.CCJSqlParserUtil;
 import net.sf.jsqlparser.schema.Column;
@ -163,24 +156,22 @@ public class DataScopeHandler implements DataPermissionHandler {
        Long userId = SecurityUtils.getUser().getUserId();
        if (!DataScopeInterceptor.findIgnoreDataScope(parameter, ds)) {
            if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_ADMINISTRATOR_ACCOUNT.getValue())) {
-                filterCompany(plainSelect, ds, expressions, userId, (userFilterItem) -> get1CompanySql(userId, userFilterItem));
+                filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get1CompanySql(userId, userFilterItem));
            } else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_DISTRICT_ACCOUNT.getValue())) {
-                filterCompany(plainSelect, ds, expressions, userId, (userFilterItem) -> get2CompanySql(userId, userFilterItem));
+                filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get2CompanySql(userId, userFilterItem));
            } else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_CITY_ACCOUNT.getValue())) {
-                filterCompany(plainSelect, ds, expressions, userId, (userFilterItem) -> get3CompanySql(userId, userFilterItem));
+                filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get3CompanySql(userId, userFilterItem));
            } else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_SUB_ACCOUNT.getValue())) {
-                filterCompany(plainSelect, ds, expressions, userId, (userFilterItem) -> get4CompanySql(userId, userFilterItem));
+                filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get4CompanySql(userId, userFilterItem));
            } else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.PROJECT_ACCOUNT.getValue())) {
-                List<String> userFilterItems = getAuthUserFilterItem(plainSelect, ds);
+                filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> {
-                for (String userFilterItem : userFilterItems) {
+                    return StrUtil.format(" \n" +
                    String sql = StrUtil.format(" \n" +
                            "                {} in (\n" +
                            "                select u.sn\n" +
                            "                from system_user u\n" +
                            "                WHERE u.user_id={}\n" +
-                            "                )", userFilterItem, userId);
+                            "                ) and {}.account_type = 6", userFilterItem, userId, StrUtil.subBefore(userFilterItem, ".", true));
-                    expressions.add(parseCondExpression(sql));
+                });
                }
            } else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.PROJECT_SUB_ACCOUNT.getValue())) {
                List<String> authEnterpriseIds = userEnterpriseService.getEnterpriseIdsIfSubProject();
                authEnterpriseIds.add("0");
@ -347,7 +338,7 @@ public class DataScopeHandler implements DataPermissionHandler {
    }
    /**
-     * 过滤企业的用户权限
+     * 过滤企业或项目的用户权限
     *
     * @param plainSelect
     * @param ds
@ -355,7 +346,7 @@ public class DataScopeHandler implements DataPermissionHandler {
     * @param userId
     * @param companySqlProvider
     */
-    private void filterCompany(PlainSelect plainSelect, DataScope ds, List<Expression> expressions, Long userId, Function<String, String> companySqlProvider) {
+    private void filterForCompanyOrProject(PlainSelect plainSelect, DataScope ds, List<Expression> expressions, Long userId, Function<String, String> companySqlProvider) {
        List<String> userFilterItems = getAuthUserFilterItem(plainSelect, ds);
        List<String> ownFilterItems = getOwnUserFilterItem(plainSelect, ds);
        for (int i = 0; i < userFilterItems.size(); i++) {
--- a/src/main/java/com/zhgd/xmgl/modules/basicdata/service/impl/CompanyServiceImpl.java
+++ b/src/main/java/com/zhgd/xmgl/modules/basicdata/service/impl/CompanyServiceImpl.java
@ -353,6 +353,7 @@ public class CompanyServiceImpl extends ServiceImpl<CompanyMapper, Company> impl
                    List<EntityMap> projectList = projectMapper.selectProjectStatisticsList(map);
                    if (1 == type) {
                        List<EntityMap> videoList = projectMapper.selectVideoList(map);
                        hidePasswordName(videoList);
                        projectList = getGroupProjectVideo(projectList, videoList);
                    }
                    if (standardType == 1) {
@ -378,6 +379,7 @@ public class CompanyServiceImpl extends ServiceImpl<CompanyMapper, Company> impl
                        List<EntityMap> projectList = projectMapper.selectProjectStatisticsList(map);
                        if (1 == type) {
                            List<EntityMap> videoList = projectMapper.selectVideoList(map);
                            hidePasswordName(videoList);
                            projectList = getGroupProjectVideo(projectList, videoList);
                        }
                        if (standardType == 1) {
@ -402,6 +404,7 @@ public class CompanyServiceImpl extends ServiceImpl<CompanyMapper, Company> impl
                        List<EntityMap> projectList = projectMapper.selectProjectStatisticsList(map);
                        if (1 == type) {
                            List<EntityMap> videoList = projectMapper.selectVideoList(map);
                            hidePasswordName(videoList);
                            projectList = getGroupProjectVideo(projectList, videoList);
                        }
                        if (standardType == 1) {
@ -423,6 +426,7 @@ public class CompanyServiceImpl extends ServiceImpl<CompanyMapper, Company> impl
                List<EntityMap> projectList = projectMapper.selectProjectStatisticsList(map);
                if (1 == type) {
                    List<EntityMap> videoList = projectMapper.selectVideoList(map);
                    hidePasswordName(videoList);
                    projectList = getGroupProjectVideo(projectList, videoList);
                }
                if (standardType == 1) {
@ -436,12 +440,25 @@ public class CompanyServiceImpl extends ServiceImpl<CompanyMapper, Company> impl
            if (1 == type) {
                map.put("companyType", "4");
                List<EntityMap> videoList = projectMapper.selectVideoList(map);
                hidePasswordName(videoList);
                data.put("videoList", videoList);
            }
        }
        return data;
    }
    /**
     * 监控的password字段改名为port
     *
     * @param videoList
     */
    private void hidePasswordName(List<EntityMap> videoList) {
        for (EntityMap map : videoList) {
            map.put("port", map.get("password"));
            map.remove("password");
        }
    }
    @Override
    public Map<String, Object> getComapnyStatisticsListBySupplier(Map<String, Object> map) {
        List<Company> headList = companyMapper.selectList(new LambdaQueryWrapper<Company>()
--- a/src/main/java/com/zhgd/xmgl/modules/basicdata/service/impl/SystemUserServiceImpl.java
+++ b/src/main/java/com/zhgd/xmgl/modules/basicdata/service/impl/SystemUserServiceImpl.java
@ -241,6 +241,9 @@ public class SystemUserServiceImpl extends ServiceImpl<SystemUserMapper, SystemU
            //登录失败次数不得多于5次，登录失败后锁定时间不少于10分钟
            String failedCountKey = getFailedCountKey(account);
            num = (Integer) redisRepository.get(failedCountKey);
            if (num == null) {
                num = 0;
            }
            int i = 10;
            if (num != null && num >= i) {
                throw new OpenAlertException("账户或密码错误，登录失败次数超出阈值，请10分钟之后再尝试");
@ -929,8 +932,6 @@ public class SystemUserServiceImpl extends ServiceImpl<SystemUserMapper, SystemU
            if (count2 > 0) {
                throw new OpenAlertException(MessageUtil.get("phoneExistErr"));
            }
        } else {
            systemUser.setUserTel("");
        }
        systemUser.setPassword(null);
        String showPassword = systemUser.getShowPassword();