权限

boman-api/boman-api-system/src/main/java/com/boman/system/api/RemoteDeptService.java

@@ -25,7 +25,7 @@ public interface RemoteDeptService {
     SysDept getById(@PathVariable("id") Long id);
 
     /**
-     * 功能描述: 拿到部门下所有的部门
+     * 功能描述: 拿到部门下所有的部门, 包含传过来的deptId
      *
      * @param deptId deptId
      * @return com.boman.common.core.web.domain.AjaxResult

boman-api/boman-api-system/src/main/java/com/boman/system/api/RemoteRoleDataService.java

@@ -3,6 +3,8 @@ package com.boman.system.api;
 import com.boman.common.core.constant.ServiceNameConstants;
 import com.boman.domain.SysRoleData;
 import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
@@ -16,12 +18,22 @@ import java.util.List;
 public interface RemoteRoleDataService {
 
     /**
-     * 功能描述: 根据userId查找此人的所有菜单
+     * 功能描述: 根据userId查找此人的所有roleData
      *
      * @param idList idList
      * @return java.util.List<com.boman.system.api.domain.SysMenu>
      */
     @PostMapping(value = "/roleData/listByRoleIdList")
     List<SysRoleData> listByRoleIdList(@RequestBody List<Long> idList);
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    @GetMapping(value = "/roleData/list/roleIds/{roleIds}/tableName/{tableName}")
+    List<SysRoleData> listByRoleIdListTableName(@PathVariable("roleIds") String roleIds, @PathVariable("tableName") String tableName);
 }
 

boman-api/boman-api-system/src/main/java/com/boman/system/api/model/LoginUser.java

@@ -1,6 +1,7 @@
 package com.boman.system.api.model;
 
 import java.io.Serializable;
+import java.util.List;
 import java.util.Set;
 
 import com.alibaba.fastjson.JSONObject;
@@ -65,6 +66,16 @@ public class LoginUser implements Serializable
      */
     private JSONObject userEnv;
 
+    /**
+     * 当前人所在部门以及下属部门所有人的userId
+     */
+    private List<Long> subDeptUserIds;
+
+    /**
+     * 当前人所在部门所有人的userId, 不包含子部门
+     */
+    private List<Long> deptUserIds;
+
     public String getToken()
     {
         return token;
@@ -162,4 +173,20 @@ public class LoginUser implements Serializable
     public void setUserEnv(JSONObject userEnv) {
         this.userEnv = userEnv;
     }
+
+    public List<Long> getSubDeptUserIds() {
+        return subDeptUserIds;
+    }
+
+    public void setSubDeptUserIds(List<Long> subDeptUserIds) {
+        this.subDeptUserIds = subDeptUserIds;
+    }
+
+    public List<Long> getDeptUserIds() {
+        return deptUserIds;
+    }
+
+    public void setDeptUserIds(List<Long> deptUserIds) {
+        this.deptUserIds = deptUserIds;
+    }
 }

boman-api/boman-domain/src/main/java/com.boman.domain/GenTable.java

@@ -13,6 +13,10 @@ public class GenTable extends BaseEntity
 
     /** 查询 */
     public static final String Q = "Q";
+    /** add */
+    public static final String A = "A";
+    /** modify */
+    public static final String M = "M";
 
     /** 编号 */
     private Long Id;

boman-common/boman-common-core/src/main/java/com/boman/common/core/utils/array/ArrayUtils.java

@@ -1,6 +1,8 @@
 package com.boman.common.core.utils.array;
 
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.List;
 
 /**
  * @author shiqian
@@ -18,4 +20,20 @@ public class ArrayUtils extends org.apache.commons.lang3.ArrayUtils {
     public static boolean arraysContains(String[] arr, String targetValue) {
         return Arrays.asList(arr).contains(targetValue);
     }
+
+    /**
+     * 按照逗号切割，转成list, 给id用的，因为id都是long
+     *
+     * @param ids ids
+     * @return 是否包含
+     */
+    public static List<Long> split(String ids) {
+        String[] split = ids.split(",");
+        List<Long> result = new ArrayList<>(split.length);
+        for (String idStr : split) {
+            result.add(Long.parseLong(idStr));
+        }
+
+        return result;
+    }
 }

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysDeptController.java

@@ -69,7 +69,7 @@ public class SysDeptController extends BaseController
     }
 
     /**
-     * 功能描述: 根据deptId查找部门下的所有部门
+     * 功能描述: 拿到部门下所有的部门, 包含传过来的deptId
      *
      * @param deptId deptId
      * @return com.boman.common.core.web.domain.AjaxResult

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysRoleDataController.java

@@ -80,6 +80,18 @@ public class SysRoleDataController extends BaseController
         return sysRoleDataService.listByRoleIdList(idList);
     }
 
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    @GetMapping(value = "/list/roleIds/{roleIds}/tableName/{tableName}")
+    public List<SysRoleData> listByRoleIdListTableName(@PathVariable("roleIds") String roleIds, @PathVariable("tableName") String tableName) {
+        return sysRoleDataService.listByRoleIdListTableName(roleIds, tableName);
+    }
+
     /**
      * 新增角色权限数据
      */

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysUserController.java

@@ -5,6 +5,11 @@ import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
 import javax.servlet.http.HttpServletResponse;
+
+import com.boman.common.core.utils.obj.ObjectUtils;
+import com.boman.system.api.domain.SysDept;
+import com.boman.system.service.*;
+import com.google.common.collect.Lists;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -30,10 +35,6 @@ import com.boman.common.security.annotation.PreAuthorize;
 import com.boman.system.api.domain.SysRole;
 import com.boman.system.api.domain.SysUser;
 import com.boman.system.api.model.LoginUser;
-import com.boman.system.service.ISysPermissionService;
-import com.boman.system.service.ISysPostService;
-import com.boman.system.service.ISysRoleService;
-import com.boman.system.service.ISysUserService;
 
 /**
  * 用户信息
@@ -56,6 +57,9 @@ public class SysUserController extends BaseController
     @Autowired
     private ISysPermissionService permissionService;
 
+    @Autowired
+    private ISysDeptService deptService;
+
     /**
      * 获取用户列表
      */
@@ -108,17 +112,41 @@ public class SysUserController extends BaseController
         {
             return R.fail("用户名或密码错误");
         }
+        LoginUser sysUserVo = new LoginUser();
+
         // 角色集合
         Set<String> roles = permissionService.getRolePermission(sysUser.getId());
         // 权限集合
         Set<String> permissions = permissionService.getMenuPermission(sysUser.getId());
-        LoginUser sysUserVo = new LoginUser();
+
+        // 当前人所在部门和下级部门的deptIdList
+        List<SysDept> sysDepts = deptService.listChildrenDepts(sysUser.getDeptId());
+        if (ObjectUtils.isNotEmpty(sysDepts)) {
+            // 所有部门
+            List<Long> childrenDeptIds = ObjectUtils.map(sysDepts, SysDept::getId);
+            List<SysUser> users = userService.listByDeptId(childrenDeptIds);
+            sysUserVo.setDeptUserIds(getUserIds(users));
+
+            // 去除本部门后的所有子部门
+            List<Long> child = ObjectUtils.filter(childrenDeptIds, deptId -> !deptId.equals(sysUser.getDeptId()));
+            List<SysUser> childUsers = userService.listByDeptId(child);
+            sysUserVo.setSubDeptUserIds(getUserIds(childUsers));
+        }
+
         sysUserVo.setSysUser(sysUser);
         sysUserVo.setRoles(roles);
         sysUserVo.setPermissions(permissions);
         return R.ok(sysUserVo);
     }
 
+    private List<Long> getUserIds(List<SysUser> users) {
+        List<Long> userIdList = Lists.newArrayListWithCapacity(0);
+        if (ObjectUtils.isNotEmpty(users)) {
+            userIdList = ObjectUtils.map(users, SysUser::getId);
+        }
+        return userIdList;
+    }
+
     /**
      * 获取用户信息
      * 

boman-modules/boman-system/src/main/java/com/boman/system/mapper/SysRoleDataMapper.java

@@ -67,4 +67,13 @@ public interface SysRoleDataMapper
      * @return 结果
      */
     public int deleteSysRoleDataByIds(Long[] ids);
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIdList  roleIdList
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    List<SysRoleData> listByRoleIdListTableName(@Param("roleIdList") List<Long> roleIdList, @Param("tableName") String tableName);
 }

boman-modules/boman-system/src/main/java/com/boman/system/service/ISysRoleDataService.java

@@ -66,4 +66,13 @@ public interface ISysRoleDataService
      * @return 结果
      */
     public int deleteSysRoleDataById(Long id);
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    List<SysRoleData> listByRoleIdListTableName(String roleIds, String tableName);
 }

boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysDeptServiceImpl.java

@@ -306,7 +306,7 @@ public class SysDeptServiceImpl implements ISysDeptService
      */
     private boolean hasChild(List<SysDept> list, SysDept t)
     {
-        return getChildList(list, t).size() > 0 ? true : false;
+        return getChildList(list, t).size() > 0;
     }
 
     /**
@@ -320,7 +320,11 @@ public class SysDeptServiceImpl implements ISysDeptService
         List<SysDept> allDepts = selectDeptList(new SysDept());
         SysDept sysDept = ObjectUtils.filterOne(allDepts, dept -> deptId.equals(dept.getId()));
         List<SysDept> returnData = Lists.newArrayListWithCapacity(16);
-        return recursionChildrenDepts(allDepts, sysDept, returnData);
+        List<SysDept> sysDepts = recursionChildrenDepts(allDepts, sysDept, returnData);
+        SysDept selfDept = new SysDept();
+        selfDept.setId(deptId);
+        sysDepts.add(selfDept);
+        return sysDepts;
     }
 
     private List<SysDept> recursionChildrenDepts(List<SysDept> allDepts, SysDept sysDept, List<SysDept> returnData) {

boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysRoleDataServiceImpl.java

@@ -4,6 +4,7 @@ import java.util.List;
 
 import com.boman.common.core.utils.DateUtils;
 import com.boman.common.core.utils.SecurityUtils;
+import com.boman.common.core.utils.array.ArrayUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import com.boman.system.mapper.SysRoleDataMapper;
@@ -108,4 +109,17 @@ public class SysRoleDataServiceImpl implements ISysRoleDataService
     {
         return sysRoleDataMapper.deleteSysRoleDataById(id);
     }
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    @Override
+    public List<SysRoleData> listByRoleIdListTableName(String roleIds, String tableName) {
+        List<Long> roleIdList = ArrayUtils.split(roleIds);
+        return sysRoleDataMapper.listByRoleIdListTableName(roleIdList, tableName);
+    }
 }

boman-modules/boman-system/src/main/resources/mapper/system/SysRoleDataMapper.xml

@@ -63,6 +63,15 @@
         order by role_sort asc
     </select>
 
+    <select id="listByRoleIdListTableName" resultMap="SysRoleDataResult">
+        <include refid="selectSysRoleDataVo"/>
+        where is_del = 'N' and table_name = #{tableName} and role_id in
+        <foreach collection="roleIdList" open="(" close=")" separator="," item="id">
+            #{id}
+        </foreach>
+        order by role_sort asc
+    </select>
+
     <insert id="insertSysRoleData" parameterType="com.boman.domain.SysRoleData">
         insert into sys_role_data
         <trim prefix="(" suffix=")" suffixOverrides=",">

boman-web-core/src/main/java/com/boman/web/core/controller/CommonController.java

@@ -43,15 +43,14 @@ public class CommonController {
     }
 
     /**
-     * 功能描述: getMaxId
+     * 功能描述: 根据条件count
      *
-     * @param tableName tableName
-     * @param pkName        pkName
-     * @return com.boman.common.core.web.domain.AjaxResult
+     * @param dto dto
+     * @return java.lang.Long
      */
-    @GetMapping("tableName/{tableName}/pkName/{pkName}")
-    public Long getMaxId(@PathVariable("tableName") String tableName, @PathVariable("pkName") String pkName) {
-        return commonService.getMaxId(tableName, pkName);
+    @GetMapping("count")
+    public int count(@RequestBody FormDataDto dto) {
+        return commonService.count(dto);
     }
 
 }

boman-web-core/src/main/java/com/boman/web/core/domain/TableContext.java

@@ -6,22 +6,47 @@ import com.boman.common.redis.RedisKey;
 import com.boman.common.redis.service.RedisService;
 import com.boman.domain.GenTable;
 import com.boman.domain.GenTableColumn;
+import com.boman.domain.SysRoleData;
+import com.boman.domain.exception.UnSuchFunctionException;
+import com.boman.system.api.RemoteMenuService;
+import com.boman.system.api.RemoteRoleDataService;
+import com.boman.system.api.domain.SysMenu;
+import com.boman.system.api.domain.SysUser;
+import com.boman.system.api.model.LoginUser;
+import com.boman.web.core.service.TableServiceCmdService;
+import com.boman.web.core.service.common.ICommonService;
+import com.boman.web.core.service.select.IBaseSelectService;
 import com.boman.web.core.utils.IdUtils;
+import org.springframework.stereotype.Component;
 
+import javax.annotation.Resource;
 import java.util.List;
 import java.util.Map;
 
-import static com.boman.common.core.utils.obj.ObjectUtils.ltZero;
-import static com.boman.common.core.utils.obj.ObjectUtils.requireNonNull;
+import static com.boman.common.core.utils.obj.ObjectUtils.*;
 import static com.boman.domain.constant.MaskConstant.*;
+import static com.boman.web.core.utils.AuthUtils.*;
+import static com.boman.web.core.utils.ColumnUtils.joinList;
 import static com.boman.web.core.utils.ColumnUtils.withoutHr;
 
 /**
  * @author shiqian
  * @date 2021年04月13日 11:07
  **/
+@Component
 public class TableContext {
 
+    @Resource
+    private TableServiceCmdService cmdService;
+    @Resource
+    private RemoteMenuService remoteMenuService;
+    @Resource
+    private RemoteRoleDataService remoteRoleDataService;
+    @Resource
+    private ICommonService commonService;
+    @Resource
+    private IBaseSelectService selectService;
+
     private Long id;
     private String pkName;
     private GenTable table;
@@ -31,8 +56,11 @@ public class TableContext {
     private JSONObject commitData;
     private List<GenTableColumn> columns;
 
-    public static TableContext createContext(FormDataDto dto) {
+    public TableContext createContext(FormDataDto dto) {
         TableContext context = new TableContext();
+
+        context.setActionType(ltZero(dto.getObjId()) ? ActionType.INSERT : ActionType.UPDATE);
+
         context.setId(dto.getObjId());
         String tableName = requireNonNull(dto.getTable(), "tableName is empty");
         context.setTableName(tableName);
@@ -41,28 +69,67 @@ public class TableContext {
         GenTable table = redisService.getCacheObject(RedisKey.TABLE_INFO + tableName);
         context.setTable(requireNonNull(table, "redis中没有此表，表名: " + tableName));
 
+        JSONObject fixedData = requireNonNull(dto.getFixedData(), "fixedData is empty");
+        context.setFixedData(fixedData);
+
         List<GenTableColumn> columns = table.getColumns();
         context.setColumns(columns);
 
         String pkName = IdUtils.getPkName(columns);
         context.setPkName(pkName);
 
-        JSONObject fixedData = requireNonNull(dto.getFixedData(), "fixedData is empty");
-        context.setFixedData(fixedData);
+        // 检查权限
+        checkObjectSaveAuth(context);
 
         JSONObject commitData = new JSONObject();
-        packCommitData(dto.getObjId(), context, columns, fixedData, commitData);
+        packCommitData(context, columns, fixedData, commitData);
         context.setCommitData(commitData);
 
-        return context;
+        return this;
+
+    }
+
+    private void checkObjectSaveAuth(TableContext context) {
+        GenTable genTable = context.getTable();
+        String tableName = genTable.getTableName();
+        boolean isInsert = ActionType.INSERT.equals(context.getActionType());
+        String fun = isInsert ? "新增功能" : "修改功能";
+        containsFunction(genTable.getMenuRole(), GenTable.A, "此模块:[" + tableName + "], 没有" + fun);
+        // 当前登陆人对应的menu，看看是否包含保存功能
+        LoginUser loginUser = getLoginUser();
+        List<SysMenu> menus = remoteMenuService.listMenusByUserId(loginUser.getUserid());
+        if (SysUser.isAdmin(loginUser.getUserid())) {
+            return;
+        }
+
+        List<String> permsList = map(menus, SysMenu::getPerms);
+        if (isInsert) {
+            String perms = packPermsKey(tableName, GenTable.A);
+            if (!permsList.contains(perms)) {
+                throw new UnSuchFunctionException("不好意思，您无权限操作");
+            }
+        } else {
+            String perms = packPermsKey(tableName, GenTable.M);
+            if (!permsList.contains(perms)) {
+                throw new UnSuchFunctionException("不好意思，您无权限操作");
+            }
 
+            List<Long> roleIdList = getLoginUserRoleIdList();
+            List<SysRoleData> roleDataList = remoteRoleDataService.listByRoleIdListTableName(joinList(roleIdList), tableName);
+            if (isEmpty(roleDataList)) {
+                //没有配，证明有此表的全部权限
+                return;
+            }
+            String dataScope = roleDataList.get(0).getDataScope();
+            // 不可以修改
+            if (!countByCreteBy(dataScope, loginUser, context)) {
+                throw new UnSuchFunctionException("不好意思，您无权限操作");
+            }
+        }
     }
 
 
-    private static void packCommitData(Long objId, TableContext context, List<GenTableColumn> columns
-            , JSONObject fixedData, JSONObject commitData) {
-        boolean isInsert = ltZero(objId);
-        context.setActionType(isInsert ? ActionType.INSERT : ActionType.UPDATE);
+    private static void packCommitData(TableContext context, List<GenTableColumn> columns, JSONObject fixedData, JSONObject commitData) {
         // 过滤掉hr字段
         columns = withoutHr(columns);
         for (GenTableColumn column : columns) {
@@ -75,7 +142,7 @@ public class TableContext {
             for (Map.Entry<String, Object> entry : fixedData.entrySet()) {
                 if (column.getColumnName().equalsIgnoreCase(entry.getKey())) {
                     // 新增
-                    if (isInsert) {
+                    if (ActionType.INSERT.equals(context.getActionType())) {
                         // 新增可修改, 并且新增可见，把新增的字段单独拿出来
                         if (INSERT_CAN_EDIT.equals(insertCanEdit) && INSERT_VISIBLE.equals(insertVisible)) {
                             commitData.put(entry.getKey(), entry.getValue());
@@ -95,6 +162,26 @@ public class TableContext {
         }
     }
 
+    /**
+     * 功能描述: 根据crete_by到数据库 count, 如果 >0 可以修改
+     *
+     * @param dataScope dataScope
+     * @param loginUser loginUser
+     * @param context   context.getPkName()   context.getId()
+     * @return boolean
+     */
+    public boolean countByCreteBy(String dataScope, LoginUser loginUser, TableContext context) {
+        JSONObject condition = new JSONObject();
+        condition.put(context.getPkName(), context.getId());
+        // 封装crete_by
+        cmdService.packAuthCondition(dataScope, condition, loginUser);
+        FormDataDto dto = new FormDataDto();
+        dto.setTable(context.getTableName());
+        dto.setFixedData(condition);
+        int count = commonService.count(dto);
+        return count > 0;
+    }
+
 
     /**                 get and set                               **/
 

boman-web-core/src/main/java/com/boman/web/core/mapper/StandardlyMapper.java

@@ -2,6 +2,7 @@ package com.boman.web.core.mapper;
 
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import com.boman.web.core.utils.ColumnUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.ibatis.annotations.*;
 import org.apache.ibatis.annotations.Param;
@@ -620,13 +621,12 @@ public interface StandardlyMapper {
                 StringBuilder conditionSql = new StringBuilder();
                 for (Map.Entry<String, Object> entry : packCondition.entrySet()) {
                     String key = entry.getKey();
-                    Object valueObj = entry.getValue();
-                    List<String> types = ((List<String>) valueObj);
-                    // {@link com.boman.system.common.TableServiceCmdService.packColCondition} 这里是拼参数的地方
-                    String value = types.get(0);
-                    String queryType = types.get(1);
-                    String columnType = types.get(2);
-                    conditionSql.append(key).append(covert(queryType, columnType, key, value)).append(" and ");
+                    List<Object> types = ((List<Object>) entry.getValue());
+                    // com.boman.web.core.service.TableServiceCmdService.packColCondition 这里是拼参数的地方
+                    Object valueObj = types.get(0);
+                    String queryType = (String) types.get(1);
+                    String columnType = (String) types.get(2);
+                    conditionSql.append(key).append(covert(queryType, columnType, key, valueObj)).append(" and ");
                 }
                 wholeSql.append(StringUtils.substringBeforeLast(conditionSql.toString(), " and"));
             }
@@ -638,50 +638,40 @@ public interface StandardlyMapper {
          * @param queryType  like > < =
          * @param columnType varchar char textarea timestamp
          * @param key        key
-         * @param value      value
+         * @param valueObj   valueObj
          * @return java.lang.String
          */
-        private String covert(String queryType, String columnType, String key, String value) {
+        private String covert(String queryType, String columnType, String key, Object valueObj) {
             // false 不需要转义
             boolean needEscape = columnType.contains(VARCHAR) || columnType.contains(CHAR)
                     || columnType.contains(DATETIME) || columnType.contains(TIMESTAMP);
+            Object value;
             switch (queryType) {
                 case EQ:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " = " + value;
                 case LIKE:
                     return " like " + "concat('%', #{condition." + key + "}, '%')";
                 case NE:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " != " + value;
                 case GT:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &gt; " + value;
                 case GTE:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &gt;= " + value;
                 case LT:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &lt; " + value;
                 case LTE:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &lt;= " + value;
                 default:
-                    String[] split = value.split(",");
-                    String front = split[0].replace("[", "");
-                    String back =  split[1].replace("]", "");
-                    String max, min;
-                    if (front.compareTo(back) > 0) {
-                        max = back;
-                        min = front;
-                    } else {
-                        max = front;
-                        min = back;
-                    }
+                    // in
+                    List<Object> list = ((List<Object>) valueObj);
+                    return  " in (" + ColumnUtils.joinList(list) + ")";
 
-                    max = needEscape ? escapeStr(max) : max;
-                    min = needEscape ? escapeStr(min) : min;
-                    return " between " + min + " and " + max;
             }
         }
     }

boman-web-core/src/main/java/com/boman/web/core/service/TableServiceCmdService.java

@@ -13,20 +13,31 @@ import com.boman.common.core.utils.obj.ObjectUtils;
 import com.boman.common.core.web.domain.AjaxResult;
 import com.boman.common.redis.RedisKey;
 import com.boman.common.redis.service.RedisService;
+import com.boman.domain.GenTable;
+import com.boman.domain.GenTableColumn;
 import com.boman.domain.SysDictData;
+import com.boman.domain.SysRoleData;
 import com.boman.domain.constant.*;
 import com.boman.gen.api.RemoteGenTableColumnService;
 import com.boman.gen.api.RemoteGenTableService;
-import com.boman.domain.GenTable;
-import com.boman.domain.GenTableColumn;
+import com.boman.system.api.RemoteDeptService;
 import com.boman.system.api.RemoteDictDataService;
+import com.boman.system.api.RemoteRoleDataService;
+import com.boman.system.api.RemoteUserService;
 import com.boman.system.api.domain.SysFile;
-import com.boman.web.core.domain.*;
+import com.boman.system.api.domain.SysRole;
+import com.boman.system.api.domain.SysUser;
+import com.boman.system.api.model.LoginUser;
+import com.boman.web.core.domain.ActionType;
+import com.boman.web.core.domain.FormDataDto;
+import com.boman.web.core.domain.RowResult;
+import com.boman.web.core.domain.TableContext;
 import com.boman.web.core.service.delete.IBaseDeleteService;
 import com.boman.web.core.service.save.IBaseSaveService;
 import com.boman.web.core.service.select.IBaseSelectService;
 import com.boman.web.core.service.submit.IBaseSubmitService;
 import com.boman.web.core.service.update.IBaseUpdateService;
+import com.boman.web.core.utils.AuthUtils;
 import com.boman.web.core.utils.IdUtils;
 import com.google.common.base.Strings;
 import com.google.common.collect.Lists;
@@ -45,6 +56,7 @@ import java.util.function.Predicate;
 
 import static com.boman.common.core.utils.obj.ObjectUtils.*;
 import static com.boman.domain.constant.FormDataConstant.*;
+import static com.boman.web.core.utils.AuthUtils.containsFunction;
 import static com.boman.web.core.utils.ColumnUtils.*;
 
 /**
@@ -70,18 +82,27 @@ public class TableServiceCmdService {
     @Resource
     private RestTemplate restTemplate;
     @Resource
+    private TableContext tableContext;
+    @Resource
     private RemoteDictDataService remoteDictDataService;
     @Resource
     private RemoteGenTableService remoteGenTableService;
     @Resource
     private RemoteGenTableColumnService remoteGenTableColumnService;
+    @Resource
+    private RemoteDeptService remoteDeptService;
+    @Resource
+    private RemoteRoleDataService remoteRoleDataService;
+    @Resource
+    private RemoteUserService remoteUserService;
 
     private static final Logger LOGGER = LoggerFactory.getLogger(TableServiceCmdService.class);
 
     public final AjaxResult objectSave(FormDataDto dto) {
         AjaxResult result = AjaxResult.success();
 
-        TableContext context = TableContext.createContext(dto);
+        // 权限校验在此方法中
+        TableContext context = tableContext.createContext(dto);
         // 拿到pkName和maxId
         String pkName = context.getPkName();
         JSONObject commitData = context.getCommitData();
@@ -208,17 +229,18 @@ public class TableServiceCmdService {
      */
     public AjaxResult queryList(FormDataDto dto) {
         requireNonNull(dto.getTable(), "tableName = [" + dto.getTable() + "] 此表不存在");
-
         GenTable genTable = getTableFromRedisByTableName(RedisKey.TABLE_INFO, dto.getTable());
         JSONObject fixedData = ifNullSetEmpty(dto.getFixedData());
         List<GenTableColumn> columns = genTable.getColumns();
 
         // 查询条件
         JSONObject condition = ifNullSetEmpty(fixedData.getJSONObject(CONDITION));
+        // 权限
+        checkQueryListAuth(genTable, condition);
         // 检查列
         checkColumn(condition, columns);
         // 封装好以后的查询条件
-        JSONObject packCondition = ifNullSetEmpty(packColCondition(columns, condition));
+        JSONObject packCondition = ifNullSetEmpty(selectService.packColCondition(columns, condition));
         JSONArray showData = fixedData.getJSONArray(SHOW_DATA);
         // 检查列
         checkColumn(showData, genTable.getColumns());
@@ -249,6 +271,26 @@ public class TableServiceCmdService {
         return AjaxResult.success(rows);
     }
 
+    private void checkQueryListAuth(GenTable genTable, JSONObject condition) {
+        containsFunction(genTable.getMenuRole(), GenTable.Q, "此模块:[" + genTable.getTableName() + "], 没有查询功能");
+
+        LoginUser loginUser = AuthUtils.getLoginUser();
+        if (SysUser.isAdmin(loginUser.getUserid())) {
+            return;
+        }
+
+        List<Long> roleIdList = map(loginUser.getSysUser().getRoles(), SysRole::getId);
+        List<SysRoleData> roleDataList = remoteRoleDataService.listByRoleIdList(roleIdList);
+        if (isEmpty(roleDataList)) {
+            return;
+        }
+        // 此张表所对应的roleData
+        SysRoleData roleData = filterOne(roleDataList, sysRoleData -> genTable.getTableName().equals(sysRoleData.getTableName()));
+        packAuthCondition(roleData.getDataScope(), condition, loginUser);
+    }
+
+
+
     private void handler(List<JSONObject> result, List<GenTableColumn> columns) {
         // 处理时间
         handlerDate(result, columns);
@@ -426,33 +468,6 @@ public class TableServiceCmdService {
         return AjaxResult.success(result);
     }
 
-    /**
-     * 功能描述: 封装成查询条件 key: 列名，  value：查询条件_查询类别
-     * eg: [{"config_name": ["系统配置", "EQ", "varchar(100)"]}]
-     *
-     * @param columns columns
-     * @return com.alibaba.fastjson.JSONObject
-     */
-    private JSONObject packColCondition(List<GenTableColumn> columns, JSONObject condition) {
-        requireNonNull(columns);
-
-        JSONObject result = new JSONObject(columns.size());
-        for (Map.Entry<String, Object> entry : condition.entrySet()) {
-            String key = entry.getKey();
-            Object value = entry.getValue();
-            for (GenTableColumn column : columns) {
-                // long string collection 暂时只作此三种类型判断
-                if (column.getColumnName().equalsIgnoreCase(key) && ObjectUtils.isNotEmpty(value)) {
-                    // columnType 作为判断需不需要转义的一个标准，防止索引失效
-                    result.put(key, Lists.newArrayList(String.valueOf(value), column.getQueryType(), column.getColumnType()));
-                    break;
-                }
-            }
-        }
-
-        return result;
-    }
-
     /**
      * 功能描述: 获取表单查询字段、按钮、表头
      * 注意: 都是从redis中拿的，如果数据库和redis不一致，则需刷新一下redis
@@ -806,5 +821,27 @@ public class TableServiceCmdService {
         }
         return sysDictData;
     }
+
+    public void packAuthCondition (String dataScope, JSONObject condition, LoginUser loginUser) {
+        requireNonNull(dataScope, "dataScope is empty");
+
+        switch (dataScope){
+            case SysRoleData.ALL_DATA:
+                break;
+            case SysRoleData.DIY_DATA:
+                break;
+            case SysRoleData.SELF_DEPT_DATA:
+                // 本部门人员
+                condition.put(FormDataConstant.CREATE_BY, loginUser.getDeptUserIds());
+                break;
+            case SysRoleData.ALL_DEPT_DATA:
+                // 本部门以及子部门
+                condition.put(FormDataConstant.CREATE_BY, loginUser.getSubDeptUserIds());
+                break;
+            default:
+                break;
+        }
+    }
+
 }
 

boman-web-core/src/main/java/com/boman/web/core/service/common/CommonServiceImpl.java

@@ -4,6 +4,7 @@ import com.alibaba.fastjson.JSONObject;
 import com.boman.common.redis.RedisKey;
 import com.boman.common.redis.service.RedisService;
 import com.boman.domain.GenTable;
+import com.boman.web.core.domain.FormDataDto;
 import com.boman.web.core.service.TableServiceCmdService;
 import com.boman.web.core.service.select.IBaseSelectService;
 import com.boman.web.core.utils.IdUtils;
@@ -63,4 +64,20 @@ public class CommonServiceImpl implements ICommonService {
     public Long getMaxId(String tableName, String pkName) {
         return IdUtils.getMaxId(tableName, pkName);
     }
+
+    /**
+     * 功能描述: 根据条件count
+     *
+     * @param dto dto
+     * @return java.lang.Long
+     */
+    @Override
+    public int count(FormDataDto dto) {
+        JSONObject condition = dto.getFixedData();
+        String tableName = dto.getTable();
+        requireNonNull(tableName, "tableName is empty");
+        GenTable genTable = cmdService.getTableFromRedisByTableName(RedisKey.TABLE_INFO, tableName);
+        JSONObject packCondition = selectService.packColCondition(genTable.getColumns(), condition);
+        return selectService.countByCondition(tableName, condition, packCondition);
+    }
 }

boman-web-core/src/main/java/com/boman/web/core/service/common/ICommonService.java

@@ -1,6 +1,7 @@
 package com.boman.web.core.service.common;
 
 import com.alibaba.fastjson.JSONObject;
+import com.boman.web.core.domain.FormDataDto;
 
 import java.util.List;
 
@@ -30,4 +31,12 @@ public interface ICommonService {
     List<JSONObject> getByMap(String tableName, JSONObject condition);
 
     Long getMaxId(String tableName, String pkName);
+
+    /**
+     * 功能描述: 根据条件count
+     *
+     * @param dto dto
+     * @return java.lang.Long
+     */
+    int count(FormDataDto dto);
 }

boman-web-core/src/main/java/com/boman/web/core/service/select/BaseSelectServiceImpl.java

@@ -2,17 +2,21 @@ package com.boman.web.core.service.select;
 
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import com.boman.common.core.utils.obj.ObjectUtils;
 import com.boman.common.redis.RedisKey;
 import com.boman.domain.GenTable;
+import com.boman.domain.GenTableColumn;
 import com.boman.web.core.mapper.StandardlyMapper;
 import com.boman.web.core.service.TableServiceCmdService;
 import com.boman.web.core.utils.ColumnUtils;
+import com.google.common.collect.Lists;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import java.util.List;
+import java.util.Map;
 
 import static com.boman.common.core.utils.obj.ObjectUtils.isEmpty;
 import static com.boman.common.core.utils.obj.ObjectUtils.requireNonNull;
@@ -136,4 +140,32 @@ public class BaseSelectServiceImpl implements IBaseSelectService {
 
         return mapper.selectByIdList(tableName, pkName, idList, showData);
     }
+
+    /**
+     * 功能描述: 封装成查询条件 key: 列名，  value：查询条件_查询类别
+     * eg: [{"config_name": ["系统配置", "EQ", "varchar(100)"]}]
+     *
+     * @param columns columns
+     * @return com.alibaba.fastjson.JSONObject
+     */
+    @Override
+    public JSONObject packColCondition(List<GenTableColumn> columns, JSONObject condition) {
+        requireNonNull(columns);
+
+        JSONObject result = new JSONObject(columns.size());
+        for (Map.Entry<String, Object> entry : condition.entrySet()) {
+            String key = entry.getKey();
+            Object value = entry.getValue();
+            for (GenTableColumn column : columns) {
+                // long string collection 暂时只作此三种类型判断
+                if (column.getColumnName().equalsIgnoreCase(key) && ObjectUtils.isNotEmpty(value)) {
+                    // columnType 作为判断需不需要转义的一个标准，防止索引失效
+                    result.put(key, Lists.newArrayList(value, column.getQueryType(), column.getColumnType()));
+                    break;
+                }
+            }
+        }
+
+        return result;
+    }
 }

boman-web-core/src/main/java/com/boman/web/core/service/select/IBaseSelectService.java

@@ -2,6 +2,7 @@ package com.boman.web.core.service.select;
 
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import com.boman.domain.GenTableColumn;
 
 import java.util.List;
 
@@ -74,4 +75,7 @@ public interface IBaseSelectService {
      * @return com.alibaba.fastjson.JSONObject
      */
     List<JSONObject> selectByIdList(String tableName, String pkName, List<Long> idList, List<String> showData);
+
+
+    JSONObject packColCondition(List<GenTableColumn> columns, JSONObject condition);
 }

boman-web-core/src/main/java/com/boman/web/core/utils/AuthUtils.java

@@ -0,0 +1,69 @@
+package com.boman.web.core.utils;
+
+import com.boman.common.core.constant.CacheConstants;
+import com.boman.common.core.utils.SecurityUtils;
+import com.boman.common.core.utils.SpringUtils;
+import com.boman.common.redis.service.RedisService;
+import com.boman.domain.exception.UnSuchFunctionException;
+import com.boman.system.api.domain.SysRole;
+import com.boman.system.api.model.LoginUser;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.List;
+
+import static com.boman.common.core.utils.obj.ObjectUtils.map;
+
+/**
+ * @author shiqian
+ * @date 2021年04月27日 10:48
+ **/
+public class AuthUtils {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(AuthUtils.class);
+
+
+    /**
+     * 功能描述: 某一张表是否有AMD....功能
+     *
+     * @param menuRole  AMDQSUE
+     * @param function  AMDQSUE中的其中一个
+     * @param errMsg    错误提示语
+     */
+    public static void containsFunction(String menuRole, String function, String errMsg) {
+        if (!menuRole.contains(function)) {
+            throw new UnSuchFunctionException(errMsg);
+        }
+    }
+
+    /**
+     * 功能描述: 拿到当前登陆人
+     */
+    public static LoginUser getLoginUser() {
+        RedisService redisService = SpringUtils.getBean(RedisService.class);
+        return redisService.getCacheObject(CacheConstants.LOGIN_TOKEN_KEY + SecurityUtils.getToken());
+    }
+
+    /**
+     * 功能描述: 封装表的perms   eg: sys_user:A sys_user:M sys_user:D
+     *
+     * @param tableName tableName
+     * @param btnType   AMDQSUE
+     * @return java.lang.String
+     */
+    public static String packPermsKey(String tableName, String btnType) {
+        return tableName + ":" + btnType.toUpperCase();
+    }
+
+    /**
+     * 功能描述: 当前登陆人对应的角色idList
+     *
+     * @return java.lang.Long
+     */
+    public static List<Long> getLoginUserRoleIdList() {
+        List<SysRole> roles = getLoginUser().getSysUser().getRoles();
+        return map(roles, SysRole::getId);
+    }
+
+
+}

boman-web-core/src/main/java/com/boman/web/core/utils/ColumnUtils.java

@@ -15,6 +15,7 @@ import org.apache.commons.lang3.BooleanUtils;
 
 import java.nio.charset.StandardCharsets;
 import java.sql.Timestamp;
+import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.List;
 import java.util.Map;