Home Explore Help
Sign In
cairuisen_citu
/
citu
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

1、修改新任命排序

rayson 6 months ago
parent
3b663de8f4
commit
7f4397e3b0
17 changed files with 643 additions and 261 deletions
Split View Show Diff Stats
  1. 4 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/package-info.java
  2. 40 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/CustomDataPermissionAutoConfiguration.java
  3. 203 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/CustomDataPermissionRule.java
  4. 18 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/CustomDataPermissionRuleCustomizer.java
  5. 4 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/package-info.java
  6. 1 1
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdeMenuController.java
  7. 1 1
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdePermissionController.java
  8. 1 1
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdeRoleController.java
  9. 4 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/dataobject/permission/MdeRoleDO.java
  10. 1 1
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/mysql/appointment/NewAppointmentsMapper.java
  11. 8 5
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/mysql/permission/MdeUserRoleMapper.java
  12. 24 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/framework/datapermission/config/DataPermissionConfiguration.java
  13. 4 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/framework/datapermission/package-info.java
  14. 1 1
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/enterprise/bind/EnterpriseUserBindServiceImpl.java
  15. 326 250
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/permission/MdePermissionServiceImpl.java
  16. 2 0
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/permission/MdeRoleServiceImpl.java
  17. 1 1
      menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/user/MdeUserServiceImpl.java

+ 4 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/package-info.java
View File 

@@ -0,0 +1,4 @@
 
+/**
 
+ * 配置
 
+ */
 
+package com.citu.module.menduner.system.config;

+ 40 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/CustomDataPermissionAutoConfiguration.java
View File 

@@ -0,0 +1,40 @@
 
+package com.citu.module.menduner.system.config.permission;
 
+
 
+import cn.hutool.extra.spring.SpringUtil;
 
+import com.citu.module.menduner.system.api.permission.MendunerPermissionApi;
 
+import org.springframework.context.annotation.Bean;
 
+import org.springframework.context.annotation.Configuration;
 
+
 
+import java.util.List;
 
+
 
+/**
 
+ * 自定义的数据权限 AutoConfiguration
 
+ *
 
+ * @author Rayson
 
+ */
 
+@Configuration
 
+//@ConditionalOnClass(LoginUser.class)
 
+//@ConditionalOnBean(value = CustomDataPermissionRuleCustomizer.class)
 
+public class CustomDataPermissionAutoConfiguration {
 
+
 
+    @Bean
 
+    public CustomDataPermissionRule customDataPermissionRule(MendunerPermissionApi permissionApi,
 
+                                                             List<CustomDataPermissionRuleCustomizer> customizers) {
 
+        // Cloud 专属逻辑:优先使用本地的 MendunerPermissionApi 实现类,而不是 Feign 调用
 
+        // 原因:在创建租户时,租户还没创建好,导致 Feign 调用获取数据权限时,报“租户不存在”的错误
 
+        try {
 
+            MendunerPermissionApi permissionApiImpl = SpringUtil.getBean("mendunerPermissionApi", MendunerPermissionApi.class);
 
+            if (permissionApiImpl != null) {
 
+                permissionApi = permissionApiImpl;
 
+            }
 
+        } catch (Exception ignored) {
 
+        }
 
+
 
+        // 创建 CustomDataPermissionRule 对象
 
+        CustomDataPermissionRule rule = new CustomDataPermissionRule(permissionApi);
 
+        // 补全表配置
 
+        customizers.forEach(customizer -> customizer.customize(rule));
 
+        return rule;
 
+    }
 
+
 
+}

+ 203 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/CustomDataPermissionRule.java
View File 

@@ -0,0 +1,203 @@
 
+package com.citu.module.menduner.system.config.permission;
 
+
 
+import cn.hutool.core.collection.CollUtil;
 
+import cn.hutool.core.text.CharSequenceUtil;
 
+import cn.hutool.core.util.StrUtil;
 
+import com.baomidou.mybatisplus.core.metadata.TableInfoHelper;
 
+import com.citu.framework.common.util.collection.CollectionUtils;
 
+import com.citu.framework.common.util.json.JsonUtils;
 
+import com.citu.framework.datapermission.core.rule.DataPermissionRule;
 
+import com.citu.framework.mybatis.core.dataobject.BaseDO;
 
+import com.citu.framework.mybatis.core.util.MyBatisUtils;
 
+import com.citu.framework.security.core.LoginUser;
 
+import com.citu.framework.security.core.util.SecurityFrameworkUtils;
 
+import com.citu.module.menduner.system.api.permission.MendunerPermissionApi;
 
+import com.citu.module.system.api.permission.dto.DataPermissionRespDTO;
 
+import lombok.AllArgsConstructor;
 
+import lombok.extern.slf4j.Slf4j;
 
+import net.sf.jsqlparser.expression.*;
 
+import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
 
+import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
 
+import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
 
+import net.sf.jsqlparser.expression.operators.relational.InExpression;
 
+
 
+import java.util.HashMap;
 
+import java.util.HashSet;
 
+import java.util.Map;
 
+import java.util.Set;
 
+
 
+import static com.citu.module.menduner.common.util.LoginUserContext.checkIsEnterpriseUserRetBool;
 
+
 
+/**
 
+ * @author Rayson
 
+ * @description CustomDataPermissionRule
 
+ * 基于自定义的 {@link DataPermissionRule} 数据权限规则实现
 
+ * @create 2024/5/8 下午7:41
 
+ **/
 
+@AllArgsConstructor
 
+@Slf4j
 
+public class CustomDataPermissionRule implements DataPermissionRule {
 
+
 
+    /**
 
+     * LoginUser 的 Context 缓存 Key
 
+     */
 
+    protected static final String CONTEXT_KEY = CustomDataPermissionRule.class.getSimpleName();
 
+
 
+    static final Expression EXPRESSION_NULL = new NullValue();
 
+    /**
 
+     * 基于数据的表字段配置 TODO 目前只支持一个数据权限字段,xx_id 和 user_id 不能同时配置。
 
+     * 如基于部门的数据编号字段是 自定义xx_id,基于店铺的数据编号字段是 shop_id,通过该配置自定义,如 group_id。
 
+     * <p>
 
+     * key:表名
 
+     * value:字段名
 
+     */
 
+    private final static Map<String, String> DATA_COLUMNS = new HashMap<>();
 
+    /**
 
+     * 基于用户的表字段配置
 
+     * 一般情况下,每个表的数据编号字段是 user_id,通过该配置自定义,如 admin_user_id。
 
+     * <p>
 
+     * key:表名
 
+     * value:字段名
 
+     */
 
+    private final static Map<String, String> USER_COLUMNS = new HashMap<>();
 
+    /**
 
+     * 所有表名,是 {@link #DATA_COLUMNS} 和 {@link #USER_COLUMNS} 的合集
 
+     */
 
+    private final static Set<String> TABLE_NAMES = new HashSet<>();
 
+
 
+    private final MendunerPermissionApi permissionApi;
 
+
 
+    private static final String DATA_COLUMN_NAME = "enterprise_id";
 
+    private static final String USER_COLUMN_NAME = "user_id";
 
+
 
+    @Override
 
+    public Set<String> getTableNames() {
 
+        return TABLE_NAMES;
 
+    }
 
+
 
+    @Override
 
+    public Expression getExpression(String tableName, Alias tableAlias) {
 
+        // 只有登陆用户的情况下,才进行数据权限的处理
 
+        LoginUser loginUser = SecurityFrameworkUtils.getLoginUser();
 
+        if (loginUser == null) {
 
+            return null;
 
+        }
 
+
 
+        if (!checkIsEnterpriseUserRetBool()) {
 
+            // 不是企业
 
+            return null;
 
+        }
 
+        // 获得数据权限
 
+        DataPermissionRespDTO dataPermission = loginUser.getContext(CONTEXT_KEY, DataPermissionRespDTO.class);
 
+        // 从上下文中拿不到,则调用逻辑进行获取
 
+        if (dataPermission == null) {
 
+            Long enterpriseId = Long.valueOf(loginUser.getInfo().get(LoginUser.INFO_KEY_DATA_ID));
 
+            dataPermission = permissionApi.getDataPermission(loginUser.getId(), enterpriseId).getCheckedData();
 
+            if (dataPermission == null) {
 
+                log.error("[getExpression][LoginUser({}) 获取数据权限为 null]", JsonUtils.toJsonString(loginUser));
 
+                throw new NullPointerException(String.format("LoginUser(%d) Table(%s/%s) 未返回数据权限",
 
+                        loginUser.getId(), tableName, tableAlias.getName()));
 
+            }
 
+            // 添加到上下文中,避免重复计算
 
+            loginUser.setContext(CONTEXT_KEY, dataPermission);
 
+        }
 
+
 
+        // 情况一,如果是 ALL 可查看全部,则无需拼接条件
 
+        if (dataPermission.getAll()) {
 
+            return null;
 
+        }
 
+
 
+        // 情况二,即不能查看部门,又不能查看自己,则说明 100% 无权限
 
+        if (CollUtil.isEmpty(dataPermission.getDataIds())
 
+                && Boolean.FALSE.equals(dataPermission.getSelf())) {
 
+            return new EqualsTo(null, null); // WHERE null = null,可以保证返回的数据为空
 
+        }
 
+
 
+        // 情况三,拼接 data 和 User 的条件,最后组合
 
+        Expression dataExpression = buildDataExpression(tableName, tableAlias, dataPermission.getDataIds());
 
+        Expression userExpression = buildUserExpression(tableName, tableAlias, dataPermission.getSelf(), loginUser.getId());
 
+        if (dataExpression == null && userExpression == null) {
 
+            // TODO 芋艿:获得不到条件的时候,暂时不抛出异常,而是不返回数据
 
+            log.warn("[getExpression][LoginUser({}) Table({}/{}) DeptDataPermission({}) 构建的条件为空]",
 
+                    JsonUtils.toJsonString(loginUser), tableName, tableAlias, JsonUtils.toJsonString(dataPermission));
 
+            return EXPRESSION_NULL; // AND NULL
 
+        }
 
+
 
+        if (dataExpression == null) {
 
+            return userExpression;
 
+        }
 
+        if (userExpression == null) {
 
+            return dataExpression;
 
+        }
 
+        // // 目前,如果有指定数据 + 可查看自己,采用 OR 条件。即,WHERE (xx_id IN ? OR user_id = ?)
 
+        // return new Parenthesis(new OrExpression(dataExpression, userExpression));
 
+        // 改为 AND 条件。即,WHERE (xx_id IN ? and user_id = ?)
 
+        return new Parenthesis(new AndExpression(dataExpression, userExpression));
 
+    }
 
+
 
+    private Expression buildDataExpression(String tableName, Alias tableAlias, Set<Long> dataIds) {
 
+        // 如果不存在配置,则无需作为条件
 
+        String columnName = DATA_COLUMNS.get(tableName);
 
+        if (StrUtil.isEmpty(columnName)) {
 
+            return null;
 
+        }
 
+        // 如果为空,则无条件
 
+        if (CollUtil.isEmpty(dataIds)) {
 
+            return null;
 
+        }
 
+        // 拼接条件
 
+        return new InExpression(MyBatisUtils.buildColumn(tableName, tableAlias, columnName),
 
+                new ExpressionList<>(CollectionUtils.convertList(dataIds, LongValue::new)));
 
+    }
 
+
 
+    private Expression buildUserExpression(String tableName, Alias tableAlias, Boolean self, Long userId) {
 
+        // 如果不查看自己,则无需作为条件
 
+        if (Boolean.FALSE.equals(self)) {
 
+            return null;
 
+        }
 
+        String columnName = USER_COLUMNS.get(tableName);
 
+        if (StrUtil.isEmpty(columnName)) {
 
+            return null;
 
+        }
 
+        // 拼接条件
 
+        return new EqualsTo(MyBatisUtils.buildColumn(tableName, tableAlias, columnName), new LongValue(userId));
 
+    }
 
+
 
+    // ==================== 添加配置 ====================
 
+
 
+    public void addDataColumn(Class<? extends BaseDO> entityClass) {
 
+        addDataColumn(entityClass, DATA_COLUMN_NAME);
 
+    }
 
+
 
+    public void addDataColumn(Class<? extends BaseDO> entityClass, String columnName) {
 
+        String tableName = TableInfoHelper.getTableInfo(entityClass).getTableName();
 
+        addDataColumn(tableName, columnName);
 
+    }
 
+
 
+
 
+    public void addDataColumn(String tableName, String columnName) {
 
+        if (CharSequenceUtil.isEmpty(tableName)) {
 
+            return;
 
+        }
 
+        DATA_COLUMNS.put(tableName, columnName);
 
+        TABLE_NAMES.add(tableName);
 
+    }
 
+
 
+    public void addUserColumn(Class<? extends BaseDO> entityClass, String columnName) {
 
+        String tableName = TableInfoHelper.getTableInfo(entityClass).getTableName();
 
+        addUserColumn(tableName, columnName);
 
+    }
 
+
 
+    public void addUserColumn(String tableName, String columnName) {
 
+        if (CharSequenceUtil.isEmpty(tableName)) {
 
+            return;
 
+        }
 
+        USER_COLUMNS.put(tableName, columnName);
 
+        TABLE_NAMES.add(tableName);
 
+    }
 
+
 
+    public void addUserColumn(Class<? extends BaseDO> entityClass) {
 
+        addUserColumn(entityClass, USER_COLUMN_NAME);
 
+    }
 
+
 
+}

+ 18 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/CustomDataPermissionRuleCustomizer.java
View File 

@@ -0,0 +1,18 @@
 
+package com.citu.module.menduner.system.config.permission;
 
+
 
+/**
 
+ * @author Rayson
 
+ * @description CustomDataPermissionRuleCustomizer {@link CustomDataPermissionRule} 的自定义配置接口
 
+ **/
 
+@FunctionalInterface
 
+public interface CustomDataPermissionRuleCustomizer {
 
+
 
+    /**
 
+     * 自定义该权限规则
 
+     * 1. 调用 {@link CustomDataPermissionRule#addDataColumn(Class, String)} 方法,配置基于数据编号的过滤规则
 
+     * 2. 调用 {@link CustomDataPermissionRule#addUserColumn(Class, String)} 方法,配置基于用户编号的过滤规则
 
+     *
 
+     * @param rule 权限规则
 
+     */
 
+    void customize(CustomDataPermissionRule rule);
 
+}

+ 4 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/package-info.java
View File 

@@ -0,0 +1,4 @@
 
+/**
 
+ * 基于企业的数据权限规则
 
+ */
 
+package com.citu.module.menduner.system.config.permission;

+ 1 - 1
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdeMenuController.java
View File 

@@ -22,7 +22,7 @@ import java.util.List;
 
 
 import static com.citu.framework.common.pojo.CommonResult.success;
 
 
-@Tag(name = "管理后台 - 菜单")
 
+@Tag(name = "招聘端 - 菜单")
 
 @RestController
 
 @RequestMapping("/menduner/system/recruit/menu")
 
 @Validated

+ 1 - 1
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdePermissionController.java
View File 

@@ -40,7 +40,7 @@ import static com.citu.framework.security.core.util.SecurityFrameworkUtils.getLo
 
  *
 
  * @author Rayson
 
  */
 
-@Tag(name = "管理后台 - 权限")
 
+@Tag(name = "招聘端 - 权限")
 
 @RestController
 
 @RequestMapping("/menduner/system/recruit/permission")
 
 public class AppMdePermissionController {

+ 1 - 1
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdeRoleController.java
View File 

@@ -30,7 +30,7 @@ import static com.citu.framework.apilog.core.enums.OperateTypeEnum.EXPORT;
 
 import static com.citu.framework.common.pojo.CommonResult.success;
 
 import static java.util.Collections.singleton;
 
 
-@Tag(name = "管理后台 - 角色")
 
+@Tag(name = "招聘端 - 角色")
 
 @RestController
 
 @RequestMapping("/menduner/system/recruit/role")
 
 @Validated

+ 4 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/dataobject/permission/MdeRoleDO.java
View File 

@@ -30,6 +30,10 @@ public class MdeRoleDO extends TenantBaseDO {
 
      */
 
     @TableId
 
     private Long id;
 
+    /**
 
+     * 企业ID
 
+     */
 
+    private Long enterpriseId;
 
     /**
 
      * 角色名称
 
      */

+ 1 - 1
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/mysql/appointment/NewAppointmentsMapper.java
View File 

@@ -32,7 +32,7 @@ public interface NewAppointmentsMapper extends BaseMapperX<NewAppointmentsDO> {
 
                 .likeIfPresent(NewAppointmentsDO::getWorkTerritory, reqVO.getWorkTerritory())
 
                 .likeIfPresent(NewAppointmentsDO::getWorkHistory, reqVO.getWorkHistory())
 
                 .betweenIfPresent(NewAppointmentsDO::getCreateTime, reqVO.getCreateTime())
 
-                .orderByDesc(NewAppointmentsDO::getId));
 
+                .orderByDesc(NewAppointmentsDO::getAnnounceTime));
 
     }

+ 8 - 5
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/mysql/permission/MdeUserRoleMapper.java
View File 

@@ -11,18 +11,21 @@ import java.util.List;
 
 @Mapper
 
 public interface MdeUserRoleMapper extends BaseMapperX<MdeUserRoleDO> {
 
 
-    default List<MdeUserRoleDO> selectListByUserId(Long userId) {
 
-        return selectList(MdeUserRoleDO::getUserId, userId);
 
+    default List<MdeUserRoleDO> selectListByEnterpriseIdAndUserId(Long enterpriseId, Long userId) {
 
+        return selectList(MdeUserRoleDO::getEnterpriseId, enterpriseId, MdeUserRoleDO::getUserId, userId);
 
     }
 
 
-    default void deleteListByUserIdAndRoleIdIds(Long userId, Collection<Long> roleIds) {
 
+    default void deleteListByEnterpriseIdAndUserIdAndRoleIdIds(Long enterpriseId, Long userId, Collection<Long> roleIds) {
 
         delete(new LambdaQueryWrapper<MdeUserRoleDO>()
 
+                .eq(MdeUserRoleDO::getEnterpriseId, enterpriseId)
 
                 .eq(MdeUserRoleDO::getUserId, userId)
 
                 .in(MdeUserRoleDO::getRoleId, roleIds));
 
     }
 
 
-    default void deleteListByUserId(Long userId) {
 
-        delete(new LambdaQueryWrapper<MdeUserRoleDO>().eq(MdeUserRoleDO::getUserId, userId));
 
+    default void deleteListByEnterpriseIdAndUserId(Long enterpriseId, Long userId) {
 
+        delete(new LambdaQueryWrapper<MdeUserRoleDO>()
 
+                .eq(MdeUserRoleDO::getEnterpriseId, enterpriseId)
 
+                .eq(MdeUserRoleDO::getUserId, userId));
 
     }
 
 
     default void deleteListByRoleId(Long roleId) {

+ 24 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/framework/datapermission/config/DataPermissionConfiguration.java
View File 

@@ -0,0 +1,24 @@
 
+package com.citu.module.menduner.system.framework.datapermission.config;
 
+
 
+import com.citu.module.menduner.system.config.permission.CustomDataPermissionRuleCustomizer;
 
+import com.citu.module.menduner.system.dal.dataobject.permission.MdeRoleDO;
 
+import org.springframework.context.annotation.Bean;
 
+import org.springframework.context.annotation.Configuration;
 
+
 
+/**
 
+ * system 模块的数据权限 Configuration
 
+ *
 
+ * @author Rayson
 
+ */
 
+@Configuration(proxyBeanMethods = false)
 
+public class DataPermissionConfiguration {
 
+
 
+    @Bean
 
+    public CustomDataPermissionRuleCustomizer customDataPermissionRuleCustomizer() {
 
+        return rule -> {
 
+            // 角色
 
+            rule.addDataColumn(MdeRoleDO.class);
 
+        };
 
+    }
 
+
 
+}

+ 4 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/framework/datapermission/package-info.java
View File 

@@ -0,0 +1,4 @@
 
+/**
 
+ * menduner-system 模块的数据权限配置
 
+ */
 
+package com.citu.module.menduner.system.framework.datapermission;

+ 1 - 1
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/enterprise/bind/EnterpriseUserBindServiceImpl.java
View File 

@@ -206,7 +206,7 @@ public class EnterpriseUserBindServiceImpl implements EnterpriseUserBindService
 
         }
 
         mapper.insert(userBindDO);
 
         // 设置用户绑定企业角色
 
-        mdePermissionService.assignUserRoleByDefault(userBindDO.getUserId(), MdeDefaultRoleEnum.MENDUNER_ENTERPRISE_ROLE);
 
+        // mdePermissionService.assignUserRoleByDefault(userBindDO.getUserId(), MdeDefaultRoleEnum.MENDUNER_ENTERPRISE_ROLE);
 
     }
 
 
     @Override

+ 326 - 250
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/permission/MdePermissionServiceImpl.java
View File 

@@ -17,6 +17,7 @@ import com.citu.module.menduner.system.dal.dataobject.user.MdeUserDO;
 
 import com.citu.module.menduner.system.dal.mysql.permission.MdeRoleMenuMapper;
 
 import com.citu.module.menduner.system.dal.mysql.permission.MdeUserRoleMapper;
 
 import com.citu.module.menduner.system.dal.redis.RedisKeyConstants;
 
+import com.citu.module.menduner.system.enums.MendunerStatusEnum;
 
 import com.citu.module.menduner.system.enums.permission.MdeDefaultRoleEnum;
 
 import com.citu.module.menduner.system.service.enterprise.EnterpriseService;
 
 import com.citu.module.menduner.system.service.enterprise.bind.EnterpriseUserBindService;
 
@@ -73,312 +74,387 @@ public class MdePermissionServiceImpl implements MdePermissionService {
 
     @Resource
 
     @Lazy
 
     private EnterpriseService enterpriseService;
 
+//
 
+//    @Override
 
+//    public boolean hasAnyPermissions(Long userId, String... permissions) {
 
+//        // 如果为空,说明已经有权限
 
+//        if (ArrayUtil.isEmpty(permissions)) {
 
+//            return true;
 
+//        }
 
+//
 
+//        // 获得当前登录的角色。如果为空,说明没有权限
 
+//        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
 
+//        if (CollUtil.isEmpty(roles)) {
 
+//            return false;
 
+//        }
 
+//
 
+//        // 情况一:遍历判断每个权限,如果有一满足,说明有权限
 
+//        for (String permission : permissions) {
 
+//            if (hasAnyPermission(roles, permission)) {
 
+//                return true;
 
+//            }
 
+//        }
 
+//
 
+//        // 情况二:如果是超管,也说明有权限
 
+//        return roleService.hasAnySuperAdmin(convertSet(roles, MdeRoleDO::getId));
 
+//    }
 
+//
 
+//    /**
 
+//     * 判断指定角色,是否拥有该 permission 权限
 
+//     *
 
+//     * @param roles      指定角色数组
 
+//     * @param permission 权限标识
 
+//     * @return 是否拥有
 
+//     */
 
+//    private boolean hasAnyPermission(List<MdeRoleDO> roles, String permission) {
 
+//        List<Long> menuIds = menuService.getMenuIdListByPermissionFromCache(permission);
 
+//        // 采用严格模式,如果权限找不到对应的 Menu 的话,也认为没有权限
 
+//        if (CollUtil.isEmpty(menuIds)) {
 
+//            return false;
 
+//        }
 
+//
 
+//        // 判断是否有权限
 
+//        Set<Long> roleIds = convertSet(roles, MdeRoleDO::getId);
 
+//        for (Long menuId : menuIds) {
 
+//            // 获得拥有该菜单的角色编号集合
 
+//            Set<Long> menuRoleIds = getSelf().getMenuRoleIdListByMenuIdFromCache(menuId);
 
+//            // 如果有交集,说明有权限
 
+//            if (CollUtil.containsAny(menuRoleIds, roleIds)) {
 
+//                return true;
 
+//            }
 
+//        }
 
+//        return false;
 
+//    }
 
+//
 
+//    @Override
 
+//    public boolean hasAnyRoles(Long userId, String... roles) {
 
+//        // 如果为空,说明已经有权限
 
+//        if (ArrayUtil.isEmpty(roles)) {
 
+//            return true;
 
+//        }
 
+//
 
+//        // 获得当前登录的角色。如果为空,说明没有权限
 
+//        List<MdeRoleDO> roleList = getEnableUserRoleListByUserIdFromCache(userId);
 
+//        if (CollUtil.isEmpty(roleList)) {
 
+//            return false;
 
+//        }
 
+//
 
+//        // 判断是否有角色
 
+//        Set<String> userRoles = convertSet(roleList, MdeRoleDO::getCode);
 
+//        return CollUtil.containsAny(userRoles, Sets.newHashSet(roles));
 
+//    }
 
+//
 
+//    // ========== 角色-菜单的相关方法  ==========
 
+//
 
+//    @Override
 
+//    @DSTransactional // 多数据源,使用 @DSTransactional 保证本地事务,以及数据源的切换
 
+//    @Caching(evict = {
 
+//            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
 
+//                    allEntries = true),
 
+//            @CacheEvict(value = RedisKeyConstants.MDE_PERMISSION_MENU_ID_LIST,
 
+//                    allEntries = true) // allEntries 清空所有缓存,主要一次更新涉及到的 menuIds 较多,反倒批量会更快
 
+//    })
 
+//    public void assignRoleMenu(Long roleId, Set<Long> menuIds) {
 
+//        // 获得角色拥有菜单编号
 
+//        Set<Long> dbMenuIds = convertSet(roleMenuMapper.selectListByRoleId(roleId), MdeRoleMenuDO::getMenuId);
 
+//        // 计算新增和删除的菜单编号
 
+//        Set<Long> menuIdList = CollUtil.emptyIfNull(menuIds);
 
+//        Collection<Long> createMenuIds = CollUtil.subtract(menuIdList, dbMenuIds);
 
+//        Collection<Long> deleteMenuIds = CollUtil.subtract(dbMenuIds, menuIdList);
 
+//        // 执行新增和删除。对于已经授权的菜单,不用做任何处理
 
+//        if (CollUtil.isNotEmpty(createMenuIds)) {
 
+//            roleMenuMapper.insertBatch(CollectionUtils.convertList(createMenuIds, menuId -> {
 
+//                MdeRoleMenuDO entity = new MdeRoleMenuDO();
 
+//                entity.setRoleId(roleId);
 
+//                entity.setMenuId(menuId);
 
+//                return entity;
 
+//            }));
 
+//        }
 
+//        if (CollUtil.isNotEmpty(deleteMenuIds)) {
 
+//            roleMenuMapper.deleteListByRoleIdAndMenuIds(roleId, deleteMenuIds);
 
+//        }
 
+//    }
 
+//
 
+//    @Override
 
+//    @Transactional(rollbackFor = Exception.class)
 
+//    @Caching(evict = {
 
+//            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
 
+//                    allEntries = true), // allEntries 清空所有缓存,此处无法方便获得 roleId 对应的 menu 缓存们
 
+//            @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS,
 
+//                    allEntries = true) // allEntries 清空所有缓存,此处无法方便获得 roleId 对应的 user 缓存们
 
+//    })
 
+//    public void processRoleDeleted(Long roleId) {
 
+//        // 标记删除 UserRole
 
+//        userRoleMapper.deleteListByRoleId(roleId);
 
+//        // 标记删除 RoleMenu
 
+//        roleMenuMapper.deleteListByRoleId(roleId);
 
+//    }
 
+//
 
+//    @Override
 
+//    @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
 
+//    public void processMenuDeleted(Long menuId) {
 
+//        roleMenuMapper.deleteListByMenuId(menuId);
 
+//    }
 
+//
 
+//    @Override
 
+//    public Set<Long> getRoleMenuListByRoleId(Collection<Long> roleIds) {
 
+//        if (CollUtil.isEmpty(roleIds)) {
 
+//            return Collections.emptySet();
 
+//        }
 
+//
 
+//        // 如果是管理员的情况下,获取全部菜单编号
 
+//        if (roleService.hasAnySuperAdmin(roleIds)) {
 
+//            return convertSet(menuService.getMenuList(), MdeMenuDO::getId);
 
+//        }
 
+//        // 如果是非管理员的情况下,获得拥有的菜单编号
 
+//        return convertSet(roleMenuMapper.selectListByRoleId(roleIds), MdeRoleMenuDO::getMenuId);
 
+//    }
 
+//
 
+//    @Override
 
+//    @Cacheable(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
 
+//    public Set<Long> getMenuRoleIdListByMenuIdFromCache(Long menuId) {
 
+//        return convertSet(roleMenuMapper.selectListByMenuId(menuId), MdeRoleMenuDO::getRoleId);
 
+//    }
 
+//
 
+//    // ========== 用户-角色的相关方法  ==========
 
+//
 
+//    @Override
 
+//    @DSTransactional // 多数据源,使用 @DSTransactional 保证本地事务,以及数据源的切换
 
+//    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
 
+//    public void assignUserRole(Long enterpriseId,Long userId, Set<Long> roleIds) {
 
+//        // 获得角色拥有角色编号
 
+//        Set<Long> dbRoleIds = convertSet(userRoleMapper.selectListByEnterpriseIdAndUserId(enterpriseId,userId),
 
+//                MdeUserRoleDO::getRoleId);
 
+//        // 计算新增和删除的角色编号
 
+//        Set<Long> roleIdList = CollUtil.emptyIfNull(roleIds);
 
+//        Collection<Long> createRoleIds = CollUtil.subtract(roleIdList, dbRoleIds);
 
+//        Collection<Long> deleteMenuIds = CollUtil.subtract(dbRoleIds, roleIdList);
 
+//        // 执行新增和删除。对于已经授权的角色,不用做任何处理
 
+//        if (!CollectionUtil.isEmpty(createRoleIds)) {
 
+//            userRoleMapper.insertBatch(CollectionUtils.convertList(createRoleIds, roleId -> {
 
+//                MdeUserRoleDO entity = new MdeUserRoleDO();
 
+//                entity.setUserId(userId);
 
+//                entity.setRoleId(roleId);
 
+//                return entity;
 
+//            }));
 
+//        }
 
+//        if (!CollectionUtil.isEmpty(deleteMenuIds)) {
 
+//            userRoleMapper.deleteListByEnterpriseIdAndUserIdAndRoleIdIds(enterpriseId,userId, deleteMenuIds);
 
+//        }
 
+//    }
 
+//
 
+//    @Override
 
+//    public void assignUserRoleByDefault(Long userId, MdeDefaultRoleEnum roleEnum) {
 
+//        // 获得默认角色信息
 
+//        MdeRoleDO role = roleService.getRoleByDefault(roleEnum);
 
+//        MdeUserRoleDO entity = new MdeUserRoleDO();
 
+//        entity.setUserId(userId);
 
+//        entity.setRoleId(role.getId());
 
+//        userRoleMapper.insert(entity);
 
+//    }
 
+//
 
+//    @Override
 
+//    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key =  "#enterpriseId + ':' + #userId")
 
+//    public void processUserDeleted(Long enterpriseId,Long userId) {
 
+//        userRoleMapper.deleteListByEnterpriseIdAndUserId(enterpriseId,userId);
 
+//    }
 
+//
 
+//    @Override
 
+//    public Set<Long> getUserRoleIdListByUserId(Long enterpriseId,Long userId) {
 
+//        return convertSet(userRoleMapper.selectListByEnterpriseIdAndUserId(enterpriseId,userId), MdeUserRoleDO::getRoleId);
 
+//    }
 
+//
 
+//    @Override
 
+//    @Cacheable(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
 
+//    public Set<Long> getUserRoleIdListByUserIdFromCache(Long userId) {
 
+//        return getUserRoleIdListByUserId(userId);
 
+//    }
 
+//
 
+//    @Override
 
+//    public Set<Long> getUserRoleIdListByRoleId(Collection<Long> roleIds) {
 
+//        return convertSet(userRoleMapper.selectListByRoleIds(roleIds), MdeUserRoleDO::getUserId);
 
+//    }
 
+//
 
+//    /**
 
+//     * 获得用户拥有的角色,并且这些角色是开启状态的
 
+//     *
 
+//     * @param userId 用户编号
 
+//     * @return 用户拥有的角色
 
+//     */
 
+//    @VisibleForTesting
 
+//    List<MdeRoleDO> getEnableUserRoleListByUserIdFromCache(Long userId) {
 
+//        // 获得用户拥有的角色编号
 
+//        Set<Long> roleIds = getSelf().getUserRoleIdListByUserIdFromCache(userId);
 
+//        // 获得角色数组,并移除被禁用的
 
+//        List<MdeRoleDO> roles = roleService.getRoleListFromCache(roleIds);
 
+//        roles.removeIf(role -> !MendunerStatusEnum.ENABLE.getStatus().equals(role.getStatus()));
 
+//        return roles;
 
+//    }
 
+//
 
+//    // ========== 用户-部门的相关方法  ==========
 
+//
 
+//    @Override
 
+//    public void assignRoleDataScope(Long roleId, Integer dataScope, Set<Long> dataScopeDataIds) {
 
+//        roleService.updateRoleDataScope(roleId, dataScope, dataScopeDataIds);
 
+//    }
 
+//
 
+//    @Override
 
+//    @DataPermission(enable = false) // 关闭数据权限,不然就会出现递归获取数据权限的问题
 
+//    public DataPermissionRespDTO getDataPermission(Long userId, Long enterpriseId) {
 
+//        DataPermissionRespDTO result = new DataPermissionRespDTO();
 
+//        // 获得用户的角色
 
+//        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
 
+//        // 如果角色为空,则只能查看自己
 
+//        if (CollUtil.isEmpty(roles)) {
 
+//            result.setSelf(true);
 
+//            return result;
 
+//        }
 
+//
 
+//        // 获得用户的部门编号的缓存,通过 Guava 的 Suppliers 惰性求值,即有且仅有第一次发起 DB 的查询
 
+//        EnterpriseUserBindDO enterpriseUserBind = enterpriseUserBindService
 
+//                .selectByEnterpriseIdAndUserId(enterpriseId, userId);
 
+//        if (enterpriseUserBind == null) {
 
+//            // 找不到企业用户 or 禁用了
 
+//            return result;
 
+//        }
 
+//        // 遍历每个角色,计算
 
+//        for (MdeRoleDO role : roles) {
 
+//            // 为空时,跳过
 
+//            if (role.getDataScope() == null) {
 
+//                continue;
 
+//            }
 
+//            // 情况一,ALL 所有的数据权限
 
+//            if (Objects.equals(role.getDataScope(), DataScopeEnum.ALL.getScope())) {
 
+//                result.setAll(true);
 
+//                continue;
 
+//            }
 
+//            // 情况二,DEPT_CUSTOM 自定义
 
+//            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_CUSTOM.getScope())) {
 
+//                CollUtil.addAll(result.getDataIds(), role.getDataScopeEnterpriseIds());
 
+//                // 自定义可见部门时,保证可以看到自己所在的部门。否则,一些场景下可能会有问题。
 
+//                // 例如说,登录时,基于 t_user 的 username 查询会可能被 dept_id 过滤掉
 
+//                CollUtil.addAll(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
 
+//                continue;
 
+//            }
 
+//            // 情况三,DEPT_ONLY 自己所在的数据权限
 
+//            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_ONLY.getScope())) {
 
+//                CollectionUtils.addIfNotNull(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
 
+//                continue;
 
+//            }
 
+//            // 情况四,DEPT_DEPT_AND_CHILD 自己所在及以下的数据权限
 
+//            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_AND_CHILD.getScope())) {
 
+//                CollUtil.addAll(result.getDataIds(), enterpriseService
 
+//                        .getChildEnterpriseIdListFromCache(enterpriseUserBind.getEnterpriseId()));
 
+//                // 添加本身部门编号
 
+//                CollUtil.addAll(result.getDataIds(), enterpriseUserBind
 
+//                        .getEnterpriseId());
 
+//                continue;
 
+//            }
 
+//            // 情况五,SELF
 
+//            if (Objects.equals(role.getDataScope(), DataScopeEnum.SELF.getScope())) {
 
+//                //                if (!EnterpriseUserTypeEnum.ADMIN.getType()
 
+//                //                        .equals(enterpriseUserBind.getUserType())) {
 
+//                //                    // 不是管理员,加入自己的权限
 
+//                //                    result.setSelf(true);
 
+//                //                }
 
+//                // 20240718 更改 所有用户都只能看到自己的数据
 
+//                result.setSelf(true);
 
+//                continue;
 
+//            }
 
+//            // 未知情况,error log 即可
 
+//            log.error("[getDeptDataPermission][LoginUser({}) role({}) 无法处理]", userId, toJsonString(result));
 
+//        }
 
+//        return result;
 
+//    }
 
+//
 
+//
 
+//    /**
 
+//     * 获得自身的代理对象,解决 AOP 生效问题
 
+//     *
 
+//     * @return 自己
 
+//     */
 
+//    private MdePermissionServiceImpl getSelf() {
 
+//        return SpringUtil.getBean(getClass());
 
+//    }
 
+
 
 
     @Override
 
     public boolean hasAnyPermissions(Long userId, String... permissions) {
 
-        // 如果为空,说明已经有权限
 
-        if (ArrayUtil.isEmpty(permissions)) {
 
-            return true;
 
-        }
 
-
 
-        // 获得当前登录的角色。如果为空,说明没有权限
 
-        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
 
-        if (CollUtil.isEmpty(roles)) {
 
-            return false;
 
-        }
 
-
 
-        // 情况一:遍历判断每个权限,如果有一满足,说明有权限
 
-        for (String permission : permissions) {
 
-            if (hasAnyPermission(roles, permission)) {
 
-                return true;
 
-            }
 
-        }
 
-
 
-        // 情况二:如果是超管,也说明有权限
 
-        return roleService.hasAnySuperAdmin(convertSet(roles, MdeRoleDO::getId));
 
-    }
 
-
 
-    /**
 
-     * 判断指定角色,是否拥有该 permission 权限
 
-     *
 
-     * @param roles      指定角色数组
 
-     * @param permission 权限标识
 
-     * @return 是否拥有
 
-     */
 
-    private boolean hasAnyPermission(List<MdeRoleDO> roles, String permission) {
 
-        List<Long> menuIds = menuService.getMenuIdListByPermissionFromCache(permission);
 
-        // 采用严格模式,如果权限找不到对应的 Menu 的话,也认为没有权限
 
-        if (CollUtil.isEmpty(menuIds)) {
 
-            return false;
 
-        }
 
-
 
-        // 判断是否有权限
 
-        Set<Long> roleIds = convertSet(roles, MdeRoleDO::getId);
 
-        for (Long menuId : menuIds) {
 
-            // 获得拥有该菜单的角色编号集合
 
-            Set<Long> menuRoleIds = getSelf().getMenuRoleIdListByMenuIdFromCache(menuId);
 
-            // 如果有交集,说明有权限
 
-            if (CollUtil.containsAny(menuRoleIds, roleIds)) {
 
-                return true;
 
-            }
 
-        }
 
         return false;
 
     }
 
 
     @Override
 
     public boolean hasAnyRoles(Long userId, String... roles) {
 
-        // 如果为空,说明已经有权限
 
-        if (ArrayUtil.isEmpty(roles)) {
 
-            return true;
 
-        }
 
-
 
-        // 获得当前登录的角色。如果为空,说明没有权限
 
-        List<MdeRoleDO> roleList = getEnableUserRoleListByUserIdFromCache(userId);
 
-        if (CollUtil.isEmpty(roleList)) {
 
-            return false;
 
-        }
 
-
 
-        // 判断是否有角色
 
-        Set<String> userRoles = convertSet(roleList, MdeRoleDO::getCode);
 
-        return CollUtil.containsAny(userRoles, Sets.newHashSet(roles));
 
+        return false;
 
     }
 
 
-    // ========== 角色-菜单的相关方法  ==========
 
-
 
     @Override
 
-    @DSTransactional // 多数据源,使用 @DSTransactional 保证本地事务,以及数据源的切换
 
-    @Caching(evict = {
 
-            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
 
-                    allEntries = true),
 
-            @CacheEvict(value = RedisKeyConstants.MDE_PERMISSION_MENU_ID_LIST,
 
-                    allEntries = true) // allEntries 清空所有缓存,主要一次更新涉及到的 menuIds 较多,反倒批量会更快
 
-    })
 
     public void assignRoleMenu(Long roleId, Set<Long> menuIds) {
 
-        // 获得角色拥有菜单编号
 
-        Set<Long> dbMenuIds = convertSet(roleMenuMapper.selectListByRoleId(roleId), MdeRoleMenuDO::getMenuId);
 
-        // 计算新增和删除的菜单编号
 
-        Set<Long> menuIdList = CollUtil.emptyIfNull(menuIds);
 
-        Collection<Long> createMenuIds = CollUtil.subtract(menuIdList, dbMenuIds);
 
-        Collection<Long> deleteMenuIds = CollUtil.subtract(dbMenuIds, menuIdList);
 
-        // 执行新增和删除。对于已经授权的菜单,不用做任何处理
 
-        if (CollUtil.isNotEmpty(createMenuIds)) {
 
-            roleMenuMapper.insertBatch(CollectionUtils.convertList(createMenuIds, menuId -> {
 
-                MdeRoleMenuDO entity = new MdeRoleMenuDO();
 
-                entity.setRoleId(roleId);
 
-                entity.setMenuId(menuId);
 
-                return entity;
 
-            }));
 
-        }
 
-        if (CollUtil.isNotEmpty(deleteMenuIds)) {
 
-            roleMenuMapper.deleteListByRoleIdAndMenuIds(roleId, deleteMenuIds);
 
-        }
 
+
 
     }
 
 
     @Override
 
-    @Transactional(rollbackFor = Exception.class)
 
-    @Caching(evict = {
 
-            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
 
-                    allEntries = true), // allEntries 清空所有缓存,此处无法方便获得 roleId 对应的 menu 缓存们
 
-            @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS,
 
-                    allEntries = true) // allEntries 清空所有缓存,此处无法方便获得 roleId 对应的 user 缓存们
 
-    })
 
     public void processRoleDeleted(Long roleId) {
 
-        // 标记删除 UserRole
 
-        userRoleMapper.deleteListByRoleId(roleId);
 
-        // 标记删除 RoleMenu
 
-        roleMenuMapper.deleteListByRoleId(roleId);
 
+
 
     }
 
 
     @Override
 
-    @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
 
     public void processMenuDeleted(Long menuId) {
 
-        roleMenuMapper.deleteListByMenuId(menuId);
 
+
 
+    }
 
+
 
+    @Override
 
+    public Set<Long> getRoleMenuListByRoleId(Long roleId) {
 
+        return MdePermissionService.super.getRoleMenuListByRoleId(roleId);
 
     }
 
 
     @Override
 
     public Set<Long> getRoleMenuListByRoleId(Collection<Long> roleIds) {
 
-        if (CollUtil.isEmpty(roleIds)) {
 
-            return Collections.emptySet();
 
-        }
 
-
 
-        // 如果是管理员的情况下,获取全部菜单编号
 
-        if (roleService.hasAnySuperAdmin(roleIds)) {
 
-            return convertSet(menuService.getMenuList(), MdeMenuDO::getId);
 
-        }
 
-        // 如果是非管理员的情况下,获得拥有的菜单编号
 
-        return convertSet(roleMenuMapper.selectListByRoleId(roleIds), MdeRoleMenuDO::getMenuId);
 
+        return Set.of();
 
     }
 
 
     @Override
 
-    @Cacheable(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
 
     public Set<Long> getMenuRoleIdListByMenuIdFromCache(Long menuId) {
 
-        return convertSet(roleMenuMapper.selectListByMenuId(menuId), MdeRoleMenuDO::getRoleId);
 
+        return Set.of();
 
     }
 
 
-    // ========== 用户-角色的相关方法  ==========
 
-
 
     @Override
 
-    @DSTransactional // 多数据源,使用 @DSTransactional 保证本地事务,以及数据源的切换
 
-    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
 
     public void assignUserRole(Long userId, Set<Long> roleIds) {
 
-        // 获得角色拥有角色编号
 
-        Set<Long> dbRoleIds = convertSet(userRoleMapper.selectListByUserId(userId),
 
-                MdeUserRoleDO::getRoleId);
 
-        // 计算新增和删除的角色编号
 
-        Set<Long> roleIdList = CollUtil.emptyIfNull(roleIds);
 
-        Collection<Long> createRoleIds = CollUtil.subtract(roleIdList, dbRoleIds);
 
-        Collection<Long> deleteMenuIds = CollUtil.subtract(dbRoleIds, roleIdList);
 
-        // 执行新增和删除。对于已经授权的角色,不用做任何处理
 
-        if (!CollectionUtil.isEmpty(createRoleIds)) {
 
-            userRoleMapper.insertBatch(CollectionUtils.convertList(createRoleIds, roleId -> {
 
-                MdeUserRoleDO entity = new MdeUserRoleDO();
 
-                entity.setUserId(userId);
 
-                entity.setRoleId(roleId);
 
-                return entity;
 
-            }));
 
-        }
 
-        if (!CollectionUtil.isEmpty(deleteMenuIds)) {
 
-            userRoleMapper.deleteListByUserIdAndRoleIdIds(userId, deleteMenuIds);
 
-        }
 
+
 
     }
 
 
     @Override
 
     public void assignUserRoleByDefault(Long userId, MdeDefaultRoleEnum roleEnum) {
 
-        // 获得默认角色信息
 
-        MdeRoleDO role = roleService.getRoleByDefault(roleEnum);
 
-        MdeUserRoleDO entity = new MdeUserRoleDO();
 
-        entity.setUserId(userId);
 
-        entity.setRoleId(role.getId());
 
-        userRoleMapper.insert(entity);
 
+
 
     }
 
 
     @Override
 
-    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
 
     public void processUserDeleted(Long userId) {
 
-        userRoleMapper.deleteListByUserId(userId);
 
-    }
 
 
-    @Override
 
-    public Set<Long> getUserRoleIdListByUserId(Long userId) {
 
-        return convertSet(userRoleMapper.selectListByUserId(userId), MdeUserRoleDO::getRoleId);
 
     }
 
 
     @Override
 
-    @Cacheable(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
 
-    public Set<Long> getUserRoleIdListByUserIdFromCache(Long userId) {
 
-        return getUserRoleIdListByUserId(userId);
 
+    public Set<Long> getUserRoleIdListByRoleId(Collection<Long> roleIds) {
 
+        return Set.of();
 
     }
 
 
     @Override
 
-    public Set<Long> getUserRoleIdListByRoleId(Collection<Long> roleIds) {
 
-        return convertSet(userRoleMapper.selectListByRoleIds(roleIds), MdeUserRoleDO::getUserId);
 
+    public Set<Long> getUserRoleIdListByUserId(Long userId) {
 
+        return Set.of();
 
     }
 
 
-    /**
 
-     * 获得用户拥有的角色,并且这些角色是开启状态的
 
-     *
 
-     * @param userId 用户编号
 
-     * @return 用户拥有的角色
 
-     */
 
-    @VisibleForTesting
 
-    List<MdeRoleDO> getEnableUserRoleListByUserIdFromCache(Long userId) {
 
-        // 获得用户拥有的角色编号
 
-        Set<Long> roleIds = getSelf().getUserRoleIdListByUserIdFromCache(userId);
 
-        // 获得角色数组,并移除被禁用的
 
-        List<MdeRoleDO> roles = roleService.getRoleListFromCache(roleIds);
 
-        roles.removeIf(role -> !CommonStatusEnum.ENABLE.getStatus().equals(role.getStatus()));
 
-        return roles;
 
+    @Override
 
+    public Set<Long> getUserRoleIdListByUserIdFromCache(Long userId) {
 
+        return Set.of();
 
     }
 
 
-    // ========== 用户-部门的相关方法  ==========
 
-
 
     @Override
 
     public void assignRoleDataScope(Long roleId, Integer dataScope, Set<Long> dataScopeDataIds) {
 
-        roleService.updateRoleDataScope(roleId, dataScope, dataScopeDataIds);
 
+
 
     }
 
 
     @Override
 
-    @DataPermission(enable = false) // 关闭数据权限,不然就会出现递归获取数据权限的问题
 
     public DataPermissionRespDTO getDataPermission(Long userId, Long enterpriseId) {
 
-        DataPermissionRespDTO result = new DataPermissionRespDTO();
 
-        MdeUserDO user = userService.getMdeUser(userId);
 
-        // 用户信息不存在,则没有任何数据权限
 
-        if (user == null) {
 
-            return result;
 
-        }
 
-
 
-        // 获得用户的角色
 
-        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
 
-        // 如果角色为空,则只能查看自己
 
-        if (CollUtil.isEmpty(roles)) {
 
-            result.setSelf(true);
 
-            return result;
 
-        }
 
-
 
-        // 获得用户的部门编号的缓存,通过 Guava 的 Suppliers 惰性求值,即有且仅有第一次发起 DB 的查询
 
-        EnterpriseUserBindDO enterpriseUserBind = enterpriseUserBindService
 
-                .selectByEnterpriseIdAndUserId(enterpriseId, userId);
 
-        if (enterpriseUserBind == null) {
 
-            // 找不到企业用户 or 禁用了
 
-            return result;
 
-        }
 
-        // 遍历每个角色,计算
 
-        for (MdeRoleDO role : roles) {
 
-            // 为空时,跳过
 
-            if (role.getDataScope() == null) {
 
-                continue;
 
-            }
 
-            // 情况一,ALL 所有的数据权限
 
-            if (Objects.equals(role.getDataScope(), DataScopeEnum.ALL.getScope())) {
 
-                result.setAll(true);
 
-                continue;
 
-            }
 
-            // 情况二,DEPT_CUSTOM 自定义
 
-            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_CUSTOM.getScope())) {
 
-                CollUtil.addAll(result.getDataIds(), role.getDataScopeEnterpriseIds());
 
-                // 自定义可见部门时,保证可以看到自己所在的部门。否则,一些场景下可能会有问题。
 
-                // 例如说,登录时,基于 t_user 的 username 查询会可能被 dept_id 过滤掉
 
-                CollUtil.addAll(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
 
-                continue;
 
-            }
 
-            // 情况三,DEPT_ONLY 自己所在的数据权限
 
-            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_ONLY.getScope())) {
 
-                CollectionUtils.addIfNotNull(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
 
-                continue;
 
-            }
 
-            // 情况四,DEPT_DEPT_AND_CHILD 自己所在及以下的数据权限
 
-            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_AND_CHILD.getScope())) {
 
-                CollUtil.addAll(result.getDataIds(), enterpriseService
 
-                        .getChildEnterpriseIdListFromCache(enterpriseUserBind.getEnterpriseId()));
 
-                // 添加本身部门编号
 
-                CollUtil.addAll(result.getDataIds(), enterpriseUserBind
 
-                        .getEnterpriseId());
 
-                continue;
 
-            }
 
-            // 情况五,SELF
 
-            if (Objects.equals(role.getDataScope(), DataScopeEnum.SELF.getScope())) {
 
-                //                if (!EnterpriseUserTypeEnum.ADMIN.getType()
 
-                //                        .equals(enterpriseUserBind.getUserType())) {
 
-                //                    // 不是管理员,加入自己的权限
 
-                //                    result.setSelf(true);
 
-                //                }
 
-                // 20240718 更改 所有用户都只能看到自己的数据
 
-                result.setSelf(true);
 
-                continue;
 
-            }
 
-            // 未知情况,error log 即可
 
-            log.error("[getDeptDataPermission][LoginUser({}) role({}) 无法处理]", userId, toJsonString(result));
 
-        }
 
-        return result;
 
-    }
 
-
 
-
 
-    /**
 
-     * 获得自身的代理对象,解决 AOP 生效问题
 
-     *
 
-     * @return 自己
 
-     */
 
-    private MdePermissionServiceImpl getSelf() {
 
-        return SpringUtil.getBean(getClass());
 
+        return null;
 
     }
 
 }

+ 2 - 0
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/permission/MdeRoleServiceImpl.java
View File 

@@ -8,6 +8,7 @@ import com.baomidou.dynamic.datasource.annotation.DSTransactional;
 
 import com.citu.framework.common.pojo.PageResult;
 
 import com.citu.framework.common.util.collection.CollectionUtils;
 
 import com.citu.framework.common.util.object.BeanUtils;
 
+import com.citu.module.menduner.common.util.LoginUserContext;
 
 import com.citu.module.menduner.system.controller.base.permission.role.MdeRolePageReqVO;
 
 import com.citu.module.menduner.system.controller.base.permission.role.MdeRoleSaveReqVO;
 
 import com.citu.module.menduner.system.dal.dataobject.permission.MdeRoleDO;
 
@@ -63,6 +64,7 @@ public class MdeRoleServiceImpl implements MdeRoleService {
 
 
         // 2. 插入到数据库
 
         MdeRoleDO role = BeanUtils.toBean(createReqVO, MdeRoleDO.class)
 
+                .setEnterpriseId(LoginUserContext.getEnterpriseId())
 
                 .setType(ObjectUtil.defaultIfNull(type, RoleTypeEnum.CUSTOM.getType().toString()))
 
                 .setStatus(MendunerStatusEnum.ENABLE.getStatus())
 
                 .setDataScope(DataScopeEnum.ALL.getScope()); // 默认可查看所有数据。原因是,可能一些项目不需要项目权限

+ 1 - 1
menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/user/MdeUserServiceImpl.java
View File 

@@ -286,7 +286,7 @@ public class MdeUserServiceImpl implements MdeUserService {
 
 
         mdeUserMapper.insert(user);
 
         // 绑定默认角色
 
-        mdePermissionService.assignUserRoleByDefault(user.getId(), MdeDefaultRoleEnum.MENDUNER_DEFAULT_ROLE);
 
+        // mdePermissionService.assignUserRoleByDefault(user.getId(), MdeDefaultRoleEnum.MENDUNER_DEFAULT_ROLE);
 
         return user;
 
     }