преди 3 години · 06513446a0
--- a/README.md
+++ b/README.md
@@ -74,7 +74,7 @@
 
				 
			
 
				 关于数据权限
			
 
				 * 参考（用户，角色，部门）列表接口用法
			
 
				-* 从 bo.getParam().get("dataScope") 即可获取数据权限生成的SQL
			
 
				+* 目前仅支持 XML 方式使用(后续修改为支持MP)
			
 
				 
			
 
				 关于vue与boot整合部署  
			
 
				 * [前端静态资源如何整合到后端访问](https://doc.ruoyi.vip/ruoyi-vue/other/faq.html#前端静态资源如何整合到后端访问)
			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
@@ -3,6 +3,7 @@ package com.ruoyi.framework.aspectj;
 
				 import cn.hutool.core.lang.Validator;
			
 
				 import cn.hutool.core.util.StrUtil;
			
 
				 import com.ruoyi.common.annotation.DataScope;
			
 
				+import com.ruoyi.common.core.domain.BaseEntity;
			
 
				 import com.ruoyi.common.core.domain.entity.SysRole;
			
 
				 import com.ruoyi.common.core.domain.entity.SysUser;
			
 
				 import com.ruoyi.common.core.domain.model.LoginUser;
			
@@ -145,7 +146,7 @@ public class DataScopeAspect
 
				 
			
 
				         if (StrUtil.isNotBlank(sqlString.toString()))
			
 
				         {
			
 
				-			putDataScope(joinPoint, sqlString.substring(4));
			
 
				+			putDataScope(joinPoint, "AND (" + sqlString.substring(4) + ")");
			
 
				 		}
			
 
				     }
			
 
				 
			
@@ -181,12 +182,17 @@ public class DataScopeAspect
 
				 		Object params = joinPoint.getArgs()[0];
			
 
				 		if (Validator.isNotNull(params))
			
 
				 		{
			
 
				-			try {
			
 
				-				Method getParams = params.getClass().getDeclaredMethod("getParams", null);
			
 
				-				Map<String, Object> invoke = (Map<String, Object>) getParams.invoke(params, null);
			
 
				-				invoke.put(DATA_SCOPE, sql);
			
 
				-			} catch (Exception e) {
			
 
				-				// 方法未找到 不处理
			
 
				+			if(params instanceof BaseEntity) {
			
 
				+				BaseEntity baseEntity = (BaseEntity) params;
			
 
				+				baseEntity.getParams().put(DATA_SCOPE, "");
			
 
				+			} else {
			
 
				+				try {
			
 
				+					Method getParams = params.getClass().getDeclaredMethod("getParams", null);
			
 
				+					Map<String, Object> invoke = (Map<String, Object>) getParams.invoke(params, null);
			
 
				+					invoke.put(DATA_SCOPE, sql);
			
 
				+				} catch (Exception e) {
			
 
				+					// 方法未找到 不处理
			
 
				+				}
			
 
				 			}
			
 
				 		}
			
 
				 	}
			
--- a/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
@@ -40,9 +40,7 @@
 
				             AND status = #{status}
			
 
				         </if>
			
 
				         <!-- 数据范围过滤 -->
			
 
				-        <if test="params.dataScope != null and params.dataScope != ''">
			
 
				-            AND ( ${params.dataScope} )
			
 
				-        </if>
			
 
				+        ${params.dataScope}
			
 
				         order by d.parent_id, d.order_num
			
 
				     </select>
			
 
				 
			
--- a/ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
@@ -58,9 +58,7 @@
 
				             and date_format(r.create_time,'%y%m%d') &lt;= date_format(#{role.params.endTime},'%y%m%d')
			
 
				         </if>
			
 
				         <!-- 数据范围过滤 -->
			
 
				-        <if test="role.params.dataScope != null and role.params.dataScope != ''">
			
 
				-            AND ( ${role.params.dataScope} )
			
 
				-        </if>
			
 
				+        ${role.params.dataScope}
			
 
				         order by r.role_sort
			
 
				     </select>
			
 
				 
			
@@ -83,9 +81,7 @@
 
				             and date_format(r.create_time,'%y%m%d') &lt;= date_format(#{params.endTime},'%y%m%d')
			
 
				         </if>
			
 
				         <!-- 数据范围过滤 -->
			
 
				-        <if test="params.dataScope != null and params.dataScope != ''">
			
 
				-            AND ( ${params.dataScope} )
			
 
				-        </if>
			
 
				+        ${params.dataScope}
			
 
				         order by r.role_sort
			
 
				     </select>
			
 
				 
			
--- a/ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysUserMapper.xml
@@ -106,9 +106,7 @@
 
				             ancestors) ))
			
 
				         </if>
			
 
				         <!-- 数据范围过滤 -->
			
 
				-        <if test="user.params.dataScope != null and user.params.dataScope != ''">
			
 
				-            AND ( ${user.params.dataScope} )
			
 
				-        </if>
			
 
				+        ${user.params.dataScope}
			
 
				     </select>
			
 
				 
			
 
				     <select id="selectUserList" parameterType="SysUser" resultMap="SysUserResult">
			
@@ -137,9 +135,7 @@
 
				             ancestors) ))
			
 
				         </if>
			
 
				         <!-- 数据范围过滤 -->
			
 
				-        <if test="params.dataScope != null and params.dataScope != ''">
			
 
				-            AND ( ${params.dataScope} )
			
 
				-        </if>
			
 
				+        ${params.dataScope}
			
 
				     </select>
			
 
				 
			
 
				     <select id="selectUserByUserName" parameterType="String" resultMap="SysUserResult">
			
--- a/ruoyi-ui/src/views/index.vue
+++ b/ruoyi-ui/src/views/index.vue
@@ -83,7 +83,6 @@
 
				             <el-collapse-item title="v2.2.1 - 2021-5-29">
			
 
				               <ol>
			
 
				                 <li>add 增加 security 权限框架 @Async 异步注解配置</li>
			
 
				-                <li>update 优化数据权限sql 解决MP apply注入附带 AND 语法问题</li>
			
 
				                 <li>update 优化dataScope参数防止注入</li>
			
 
				                 <li>update 优化参数&字典缓存操作</li>
			
 
				                 <li>update 增加修改包名文档</li>