From 4e8dd706d568d1276ad82a0bf8f4ba13c5dac5ef Mon Sep 17 00:00:00 2001
From: 0慕容雪0 <ytu.mxh@163.com>
Date: 星期五, 10 三月 2023 16:22:35 +0800
Subject: [PATCH] update ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java. DataScopeAspect,数据权限切面处理类中，用户多角色情况下，若所有角色都不包含传递过来的权限字符，这个时候sqlString也会为空，会导致用户拥有全部数据权限，所以要限制一下, 可以根据conditions集合是否为空，来判断循环时所有角色是否都是在判断权限字符时continue了。 复现方法: 在使用@DataScope注解时permission定义了值,这个值所有角色不包含。

---
 ruoyi-ui/src/utils/permission.js |   41 ++++++++++++++++++++++++++++++++++-------
 1 files changed, 34 insertions(+), 7 deletions(-)

diff --git a/ruoyi-ui/src/utils/permission.js b/ruoyi-ui/src/utils/permission.js
index efb4cc8..25d1a02 100644
--- a/ruoyi-ui/src/utils/permission.js
+++ b/ruoyi-ui/src/utils/permission.js
@@ -1,16 +1,18 @@
 import store from '@/store'
 
 /**
- * @param {Array} value
+ * 字符权限校验
+ * @param {Array} value 校验值
  * @returns {Boolean}
  */
-export default function checkPermission(value) {
+export function checkPermi(value) {
   if (value && value instanceof Array && value.length > 0) {
-    const roles = store.getters && store.getters.roles
-    const permissionRoles = value
+    const permissions = store.getters && store.getters.permissions
+    const permissionDatas = value
+    const all_permission = "*:*:*";
 
-    const hasPermission = roles.some(role => {
-      return permissionRoles.includes(role)
+    const hasPermission = permissions.some(permission => {
+      return all_permission === permission || permissionDatas.includes(permission)
     })
 
     if (!hasPermission) {
@@ -18,7 +20,32 @@
     }
     return true
   } else {
-    console.error(`need roles! Like v-permission="['admin','editor']"`)
+    console.error(`need roles! Like checkPermi="['system:user:add','system:user:edit']"`)
     return false
   }
 }
+
+/**
+ * 角色权限校验
+ * @param {Array} value 校验值
+ * @returns {Boolean}
+ */
+export function checkRole(value) {
+  if (value && value instanceof Array && value.length > 0) {
+    const roles = store.getters && store.getters.roles
+    const permissionRoles = value
+    const super_admin = "admin";
+
+    const hasRole = roles.some(role => {
+      return super_admin === role || permissionRoles.includes(role)
+    })
+
+    if (!hasRole) {
+      return false
+    }
+    return true
+  } else {
+    console.error(`need roles! Like checkRole="['admin','editor']"`)
+    return false
+  }
+}
\ No newline at end of file

--
Gitblit v1.9.2