manager/my-worker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加更严格的权限控制,对单条数据进行数据权限过滤

Browse Source
This commit is contained in:
thinkgem
2025-02-21 15:45:32 +08:00
parent 5f56575df4
commit de33f20797
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpUserController.java
View File

@@ -70,8 +70,15 @@ public class EmpUserController extends BaseController {
private RoleService roleService; private RoleService roleService;
@ModelAttribute @ModelAttribute
public EmpUser get(String userCode, boolean isNewRecord) { public EmpUser get(String userCode, boolean isNewRecord, Boolean isAll, String ctrlPermi) {
return empUserService.get(userCode, isNewRecord); EmpUser empUser = new EmpUser();
empUser.setUserCode(userCode);
empUser.setIsNewRecord(isNewRecord);
// 更严格的权限控制对单条数据进行数据权限过滤isAll 是一个开关,正常不需要添加)
if (!(isAll != null && isAll) || Global.isStrictMode()){
empUserService.addDataScopeFilter(empUser, ctrlPermi);
}
return empUserService.getAndValid(empUser);
} }
@RequiresPermissions("sys:empUser:view") @RequiresPermissions("sys:empUser:view")