From cd94420b21c42fa8e803cb6ecff38db71f4afb0b Mon Sep 17 00:00:00 2001
From: FCL <fantoutou@163.com>
Date: Tue, 13 Jan 2026 09:22:22 +0800
Subject: [PATCH] =?UTF-8?q?feat:=E7=99=BB=E9=99=86=E7=94=A8=E6=88=B7?=
 =?UTF-8?q?=E7=9A=84=E9=83=A8=E9=97=A8=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90?=
 =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E5=A2=9E=E5=8A=A0=E8=A7=92=E8=89=B2=E5=8F=82?=
 =?UTF-8?q?=E6=95=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../permission/PermissionCommonApi.java       |  7 +++++
 .../core/context/DeptContextHolder.java       | 21 ++++++++++++++
 .../api/permission/PermissionApiImpl.java     |  4 +++
 .../service/permission/PermissionService.java |  1 +
 .../permission/PermissionServiceImpl.java     | 28 +++++++++++++++++++
 5 files changed, 61 insertions(+)

diff --git a/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/biz/system/permission/PermissionCommonApi.java b/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/biz/system/permission/PermissionCommonApi.java
index 844593d0..f809b7ea 100644
--- a/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/biz/system/permission/PermissionCommonApi.java
+++ b/zt-framework/zt-common/src/main/java/com/zt/plat/framework/common/biz/system/permission/PermissionCommonApi.java
@@ -40,4 +40,11 @@ public interface PermissionCommonApi {
     @Parameter(name = "userId", description = "用户编号", example = "2", required = true)
     CommonResult<DeptDataPermissionRespDTO> getDeptDataPermission(@RequestParam("userId") Long userId);
 
+    @GetMapping(PREFIX + "/get-dept-data-permission-with-roleCodes")
+    @Operation(summary = "获得登陆用户的部门数据权限")
+    @Parameters({
+            @Parameter(name = "userId", description = "用户编号", example = "2", required = true),
+            @Parameter(name = "roleCodes", description = "角色编码", example = "2", required = true)
+    })
+    CommonResult<DeptDataPermissionRespDTO> getDeptDataPermissionWithRoleCodes(@RequestParam("userId") Long userId, @RequestParam("roleCodes") String roleCodes);
 }
\ No newline at end of file
diff --git a/zt-framework/zt-spring-boot-starter-biz-tenant/src/main/java/com/zt/plat/framework/tenant/core/context/DeptContextHolder.java b/zt-framework/zt-spring-boot-starter-biz-tenant/src/main/java/com/zt/plat/framework/tenant/core/context/DeptContextHolder.java
index e463ae50..8652ebdb 100644
--- a/zt-framework/zt-spring-boot-starter-biz-tenant/src/main/java/com/zt/plat/framework/tenant/core/context/DeptContextHolder.java
+++ b/zt-framework/zt-spring-boot-starter-biz-tenant/src/main/java/com/zt/plat/framework/tenant/core/context/DeptContextHolder.java
@@ -2,6 +2,8 @@ package com.zt.plat.framework.tenant.core.context;
 
 import com.alibaba.ttl.TransmittableThreadLocal;
 
+import java.util.List;
+
 /**
  * 部门上下文 Holder，使用 {@link TransmittableThreadLocal} 支持在线程池/异步场景下的上下文传递。
  *
@@ -15,6 +17,8 @@ public class DeptContextHolder {
     private static final ThreadLocal<Long> COMPANY_ID = new TransmittableThreadLocal<>();
     /** 是否忽略部门数据权限 */
     private static final ThreadLocal<Boolean> IGNORE = new TransmittableThreadLocal<>();
+    /** 角色编码列表 */
+    private static final ThreadLocal<List<String>> ROLE_CODE_LIST = new TransmittableThreadLocal<>();
 
     public static Long getDeptId() {
         return DEPT_ID.get();
@@ -32,6 +36,12 @@ public class DeptContextHolder {
         COMPANY_ID.set(companyId);
     }
 
+    public static void setContext(Long deptId, Long companyId, List<String> roleCodeList) {
+        DEPT_ID.set(deptId);
+        COMPANY_ID.set(companyId);
+        ROLE_CODE_LIST.set(roleCodeList);
+    }
+
     public static void setDeptId(Long deptId) {
         DEPT_ID.set(deptId);
     }
@@ -53,9 +63,20 @@ public class DeptContextHolder {
         return Boolean.TRUE.equals(IGNORE.get());
     }
 
+    public static void setRoleCodeList(List<String> roleCodeList) {
+        ROLE_CODE_LIST.set(roleCodeList);
+    }
+    public static List<String> getRoleCodeList() {
+        return ROLE_CODE_LIST.get();
+    }
+    public static void clearRoleCodeList(){
+        ROLE_CODE_LIST.remove();
+    }
+
     public static void clear() {
         DEPT_ID.remove();
         COMPANY_ID.remove();
         IGNORE.remove();
+        ROLE_CODE_LIST.remove();
     }
 }
diff --git a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/api/permission/PermissionApiImpl.java b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/api/permission/PermissionApiImpl.java
index 771f322b..c3899330 100644
--- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/api/permission/PermissionApiImpl.java
+++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/api/permission/PermissionApiImpl.java
@@ -86,4 +86,8 @@ public class PermissionApiImpl implements PermissionApi {
         return success(permissionService.getDeptDataPermission(userId));
     }
 
+    @Override
+    public CommonResult<DeptDataPermissionRespDTO> getDeptDataPermissionWithRoleCodes(Long userId, String roleCodes) {
+        return success(permissionService.getDeptDataPermissionWithRoleCodes(userId, roleCodes));
+    }
 }
diff --git a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionService.java b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionService.java
index a1a88dd3..69a4857c 100644
--- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionService.java
+++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionService.java
@@ -143,6 +143,7 @@ public interface PermissionService {
      * @return 部门数据权限
      */
     DeptDataPermissionRespDTO getDeptDataPermission(Long userId);
+    DeptDataPermissionRespDTO getDeptDataPermissionWithRoleCodes(Long userId, String roleCodes);
 
     /**
      * 获得用户的数据权限级别
diff --git a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionServiceImpl.java b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionServiceImpl.java
index 6bb37d18..52265633 100644
--- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionServiceImpl.java
+++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/permission/PermissionServiceImpl.java
@@ -3,6 +3,7 @@ package com.zt.plat.module.system.service.permission;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.util.ArrayUtil;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.extra.spring.SpringUtil;
 import com.baomidou.dynamic.datasource.annotation.DSTransactional;
 import com.google.common.annotations.VisibleForTesting;
@@ -12,6 +13,7 @@ import com.zt.plat.framework.common.biz.system.permission.dto.DeptDataPermission
 import com.zt.plat.framework.common.enums.CommonStatusEnum;
 import com.zt.plat.framework.common.util.collection.CollectionUtils;
 import com.zt.plat.framework.datapermission.core.annotation.DataPermission;
+import com.zt.plat.framework.tenant.core.context.DeptContextHolder;
 import com.zt.plat.module.system.dal.dataobject.permission.MenuDO;
 import com.zt.plat.module.system.dal.dataobject.permission.RoleDO;
 import com.zt.plat.module.system.dal.dataobject.permission.RoleMenuDO;
@@ -347,6 +349,12 @@ public class PermissionServiceImpl implements PermissionService {
         // 获得用户的角色
         List<RoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
 
+        //使用上下文角色编码过滤
+        List<String> contextRoleCodes = DeptContextHolder.getRoleCodeList();
+        if(!CollectionUtil.isEmpty(contextRoleCodes)){
+            roles = roles.stream().filter(role -> contextRoleCodes.contains(role.getCode())).collect(Collectors.toList());
+        }
+
         // 获得用户的部门编号的缓存，通过 Guava 的 Suppliers 惰性求值，即有且仅有第一次发起 DB 的查询
         Supplier<Set<Long>> userDeptIds = Suppliers.memoize(() -> {
             List<UserDeptDO> validUserDeptListByUserId = userDeptService.getValidUserDeptListByUserIds(singleton(userId));
@@ -414,6 +422,26 @@ public class PermissionServiceImpl implements PermissionService {
         return result;
     }
 
+    @Override
+    public DeptDataPermissionRespDTO getDeptDataPermissionWithRoleCodes(Long userId, String roleCodes) {
+        // 获得用户的角色
+        List<RoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
+        if(ObjectUtil.isEmpty(roleCodes))
+            return getDeptDataPermission(userId);
+        List<String> roleCodesList = Arrays.asList(roleCodes.split(","));
+        if(CollectionUtil.isEmpty(roles))
+            return getDeptDataPermission(userId);
+        DeptContextHolder.setRoleCodeList(roleCodesList);
+        try{
+            return getDeptDataPermission(userId);
+        }catch (Exception e){
+            log.error("getDeptDataPermission-- error ", e);
+        }finally {
+            DeptContextHolder.clearRoleCodeList();
+        }
+        return getDeptDataPermission(userId);
+    }
+
     @Override
     @DataPermission(enable = false)
     @TenantIgnore