feat:登陆用户的部门数据权限接口增加角色参数

2026-01-13 09:22:22 +08:00
parent 75e212511d
commit cd94420b21
5 changed files with 61 additions and 0 deletions
--- a/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/biz/system/permission/PermissionCommonApi.java
+++ b/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/biz/system/permission/PermissionCommonApi.java
@@ -40,4 +40,11 @@ public interface PermissionCommonApi {
    @Parameter(name = "userId", description = "用户编号", example = "2", required = true)
    CommonResult<DeptDataPermissionRespDTO> getDeptDataPermission(@RequestParam("userId") Long userId);

+    @GetMapping(PREFIX + "/get-dept-data-permission-with-roleCodes")
+    @Operation(summary = "获得登陆用户的部门数据权限")
+    @Parameters({
+            @Parameter(name = "userId", description = "用户编号", example = "2", required = true),
+            @Parameter(name = "roleCodes", description = "角色编码", example = "2", required = true)
+    })
+    CommonResult<DeptDataPermissionRespDTO> getDeptDataPermissionWithRoleCodes(@RequestParam("userId") Long userId, @RequestParam("roleCodes") String roleCodes);
 }
--- a/zt-framework/zt-spring-boot-starter-biz-tenant/src/main/java/com/zt/plat/framework/tenant/core/context/DeptContextHolder.java
+++ b/zt-framework/zt-spring-boot-starter-biz-tenant/src/main/java/com/zt/plat/framework/tenant/core/context/DeptContextHolder.java
@@ -2,6 +2,8 @@ package com.zt.plat.framework.tenant.core.context;

 import com.alibaba.ttl.TransmittableThreadLocal;

+import java.util.List;
+
 /**
 * 部门上下文 Holder，使用 {@link TransmittableThreadLocal} 支持在线程池/异步场景下的上下文传递。
 *
@@ -15,6 +17,8 @@ public class DeptContextHolder {
    private static final ThreadLocal<Long> COMPANY_ID = new TransmittableThreadLocal<>();
    /** 是否忽略部门数据权限 */
    private static final ThreadLocal<Boolean> IGNORE = new TransmittableThreadLocal<>();
+    /** 角色编码列表 */
+    private static final ThreadLocal<List<String>> ROLE_CODE_LIST = new TransmittableThreadLocal<>();

    public static Long getDeptId() {
        return DEPT_ID.get();
@@ -32,6 +36,12 @@ public class DeptContextHolder {
        COMPANY_ID.set(companyId);
    }

+    public static void setContext(Long deptId, Long companyId, List<String> roleCodeList) {
+        DEPT_ID.set(deptId);
+        COMPANY_ID.set(companyId);
+        ROLE_CODE_LIST.set(roleCodeList);
+    }
+
    public static void setDeptId(Long deptId) {
        DEPT_ID.set(deptId);
    }
@@ -53,9 +63,20 @@ public class DeptContextHolder {
        return Boolean.TRUE.equals(IGNORE.get());
    }

+    public static void setRoleCodeList(List<String> roleCodeList) {
+        ROLE_CODE_LIST.set(roleCodeList);
+    }
+    public static List<String> getRoleCodeList() {
+        return ROLE_CODE_LIST.get();
+    }
+    public static void clearRoleCodeList(){
+        ROLE_CODE_LIST.remove();
+    }
+
    public static void clear() {
        DEPT_ID.remove();
        COMPANY_ID.remove();
        IGNORE.remove();
+        ROLE_CODE_LIST.remove();
    }
 }
--- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/api/permission/PermissionApiImpl.java
+++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/api/permission/PermissionApiImpl.java
@@ -86,4 +86,8 @@ public class PermissionApiImpl implements PermissionApi {
        return success(permissionService.getDeptDataPermission(userId));
    }

+    @Override
+    public CommonResult<DeptDataPermissionRespDTO> getDeptDataPermissionWithRoleCodes(Long userId, String roleCodes) {
+        return success(permissionService.getDeptDataPermissionWithRoleCodes(userId, roleCodes));
+    }
 }
--- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionService.java
+++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionService.java
@@ -143,6 +143,7 @@ public interface PermissionService {
     * @return 部门数据权限
     */
    DeptDataPermissionRespDTO getDeptDataPermission(Long userId);
+    DeptDataPermissionRespDTO getDeptDataPermissionWithRoleCodes(Long userId, String roleCodes);

    /**
     * 获得用户的数据权限级别
--- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionServiceImpl.java
+++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionServiceImpl.java
@@ -3,6 +3,7 @@ package com.zt.plat.module.system.service.permission;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.util.ArrayUtil;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.extra.spring.SpringUtil;
 import com.baomidou.dynamic.datasource.annotation.DSTransactional;
 import com.google.common.annotations.VisibleForTesting;
@@ -12,6 +13,7 @@ import com.zt.plat.framework.common.biz.system.permission.dto.DeptDataPermission
 import com.zt.plat.framework.common.enums.CommonStatusEnum;
 import com.zt.plat.framework.common.util.collection.CollectionUtils;
 import com.zt.plat.framework.datapermission.core.annotation.DataPermission;
+import com.zt.plat.framework.tenant.core.context.DeptContextHolder;
 import com.zt.plat.module.system.dal.dataobject.permission.MenuDO;
 import com.zt.plat.module.system.dal.dataobject.permission.RoleDO;
 import com.zt.plat.module.system.dal.dataobject.permission.RoleMenuDO;
@@ -347,6 +349,12 @@ public class PermissionServiceImpl implements PermissionService {
        // 获得用户的角色
        List<RoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);

+        //使用上下文角色编码过滤
+        List<String> contextRoleCodes = DeptContextHolder.getRoleCodeList();
+        if(!CollectionUtil.isEmpty(contextRoleCodes)){
+            roles = roles.stream().filter(role -> contextRoleCodes.contains(role.getCode())).collect(Collectors.toList());
+        }
+
        // 获得用户的部门编号的缓存，通过 Guava 的 Suppliers 惰性求值，即有且仅有第一次发起 DB 的查询
        Supplier<Set<Long>> userDeptIds = Suppliers.memoize(() -> {
            List<UserDeptDO> validUserDeptListByUserId = userDeptService.getValidUserDeptListByUserIds(singleton(userId));
@@ -414,6 +422,26 @@ public class PermissionServiceImpl implements PermissionService {
        return result;
    }

+    @Override
+    public DeptDataPermissionRespDTO getDeptDataPermissionWithRoleCodes(Long userId, String roleCodes) {
+        // 获得用户的角色
+        List<RoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
+        if(ObjectUtil.isEmpty(roleCodes))
+            return getDeptDataPermission(userId);
+        List<String> roleCodesList = Arrays.asList(roleCodes.split(","));
+        if(CollectionUtil.isEmpty(roles))
+            return getDeptDataPermission(userId);
+        DeptContextHolder.setRoleCodeList(roleCodesList);
+        try{
+            return getDeptDataPermission(userId);
+        }catch (Exception e){
+            log.error("getDeptDataPermission-- error ", e);
+        }finally {
+            DeptContextHolder.clearRoleCodeList();
+        }
+        return getDeptDataPermission(userId);
+    }
+
    @Override
    @DataPermission(enable = false)
    @TenantIgnore