From 4e8dd706d568d1276ad82a0bf8f4ba13c5dac5ef Mon Sep 17 00:00:00 2001
From: 0慕容雪0 <ytu.mxh@163.com>
Date: 星期五, 10 三月 2023 16:22:35 +0800
Subject: [PATCH] update ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java. DataScopeAspect,数据权限切面处理类中,用户多角色情况下,若所有角色都不包含传递过来的权限字符,这个时候sqlString也会为空,会导致用户拥有全部数据权限,所以要限制一下, 可以根据conditions集合是否为空,来判断循环时所有角色是否都是在判断权限字符时continue了。 复现方法: 在使用@DataScope注解时permission定义了值,这个值所有角色不包含。
---
ruoyi-ui/src/views/system/notice/index.vue | 28 +++++++++++-----------------
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/ruoyi-ui/src/views/system/notice/index.vue b/ruoyi-ui/src/views/system/notice/index.vue
index 9d0924f..7982b54 100644
--- a/ruoyi-ui/src/views/system/notice/index.vue
+++ b/ruoyi-ui/src/views/system/notice/index.vue
@@ -1,12 +1,11 @@
<template>
<div class="app-container">
- <el-form :model="queryParams" ref="queryForm" :inline="true" v-show="showSearch" label-width="68px">
+ <el-form :model="queryParams" ref="queryForm" size="small" :inline="true" v-show="showSearch" label-width="68px">
<el-form-item label="公告标题" prop="noticeTitle">
<el-input
v-model="queryParams.noticeTitle"
placeholder="请输入公告标题"
clearable
- size="small"
@keyup.enter.native="handleQuery"
/>
</el-form-item>
@@ -15,12 +14,11 @@
v-model="queryParams.createBy"
placeholder="请输入操作人员"
clearable
- size="small"
@keyup.enter.native="handleQuery"
/>
</el-form-item>
<el-form-item label="类型" prop="noticeType">
- <el-select v-model="queryParams.noticeType" placeholder="公告类型" clearable size="small">
+ <el-select v-model="queryParams.noticeType" placeholder="公告类型" clearable>
<el-option
v-for="dict in dict.type.sys_notice_type"
:key="dict.value"
@@ -135,7 +133,7 @@
</el-col>
<el-col :span="12">
<el-form-item label="公告类型" prop="noticeType">
- <el-select v-model="form.noticeType" placeholder="请选择">
+ <el-select v-model="form.noticeType" placeholder="请选择公告类型">
<el-option
v-for="dict in dict.type.sys_notice_type"
:key="dict.value"
@@ -285,13 +283,13 @@
if (valid) {
if (this.form.noticeId != undefined) {
updateNotice(this.form).then(response => {
- this.msgSuccess("修改成功");
+ this.$modal.msgSuccess("修改成功");
this.open = false;
this.getList();
});
} else {
addNotice(this.form).then(response => {
- this.msgSuccess("新增成功");
+ this.$modal.msgSuccess("新增成功");
this.open = false;
this.getList();
});
@@ -302,16 +300,12 @@
/** 删除按钮操作 */
handleDelete(row) {
const noticeIds = row.noticeId || this.ids
- this.$confirm('是否确认删除公告编号为"' + noticeIds + '"的数据项?', "警告", {
- confirmButtonText: "确定",
- cancelButtonText: "取消",
- type: "warning"
- }).then(function() {
- return delNotice(noticeIds);
- }).then(() => {
- this.getList();
- this.msgSuccess("删除成功");
- }).catch(() => {});
+ this.$modal.confirm('是否确认删除公告编号为"' + noticeIds + '"的数据项?').then(function() {
+ return delNotice(noticeIds);
+ }).then(() => {
+ this.getList();
+ this.$modal.msgSuccess("删除成功");
+ }).catch(() => {});
}
}
};
--
Gitblit v1.9.2