根据用户查询拥有的权限

This commit is contained in:
ys.git 2025-12-04 14:59:39 +08:00
parent f0e5fcbae8
commit ea8502c2b9
3 changed files with 41 additions and 0 deletions

View File

@ -83,4 +83,13 @@ public class PermissionController {
permissionService.deleteRole(roleId);
return Response.ok().setMessage("删除角色成功");
}
// 根据用户查询权限
@GetMapping("/selectPermByUserId")
public Response selectPermByUserId(
@NotBlank String userId
) {
List<Permission> permissions = permissionService.selectPermissionByUser(userId);
return Response.ok().data(permissions);
}
}

View File

@ -21,4 +21,6 @@ public interface PermissionService {
void updateRole(@Valid UpdateRoleForm form);
void deleteRole(@NotBlank String roleId);
List<Permission> selectPermissionByUser(String userId);
}

View File

@ -12,11 +12,14 @@ import com.xdap.self_development.pojo.RoleAndPermissions;
import com.xdap.self_development.pojo.UserAndRoles;
import com.xdap.self_development.pojo.view.UserRoleAndPermissionView;
import com.xdap.self_development.service.PermissionService;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@ -140,4 +143,31 @@ public class PermissionServiceImpl implements PermissionService {
// 删除角色
bd.getBusinessDatabase().eq("id", roleId).doDelete(Role.class);
}
@Override
public List<Permission> selectPermissionByUser(String userId) {
if (StringUtils.isEmpty(userId)) {
throw new RuntimeException("请传入用户");
}
//查询用户所拥有的角色
List<UserAndRoles> userAndRoleIds = bd.getBusinessDatabase()
.eq("user_id", userId)
.doQuery(UserAndRoles.class);
if (ObjectUtils.isNotEmpty(userAndRoleIds)) {
List<String> roleIds = userAndRoleIds.stream().map(x -> x.getRoleId()).collect(Collectors.toList());
//查询角色权限
List<RoleAndPermissions> roleAndPermissions = bd.getBusinessDatabase()
.in("role_id", roleIds)
.doQuery(RoleAndPermissions.class);
if (ObjectUtils.isEmpty(roleAndPermissions)) {
throw new RuntimeException("该角色没有分配权限");
}
List<String> permissionIds = roleAndPermissions.stream().map(x -> x.getPermissionId()).collect(Collectors.toList());
//组装返回
return bd.getBusinessDatabase()
.in("id", permissionIds)
.doQuery(Permission.class);
}
return Collections.emptyList();
}
}