调整权限策略

2025-04-16 14:15:42 +08:00 · 2025-04-16 14:15:42 +08:00 · fffc4b9eab
commit fffc4b9eab
parent aed3cdf4a9
1 changed files with 12 additions and 4 deletions
--- a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/handler/DataScopeHandler.java
+++ b/cloud-manage-server/src/main/java/com/evotech/hd/cloud/handler/DataScopeHandler.java
@ -46,12 +46,20 @@ public class DataScopeHandler implements MultiDataPermissionHandler {
            if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisCloudUtils.getRoleType())){
                String roleCode = RedisCloudUtils.getRoleCode();
                Class<?> mapperClazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf(".")));
+                //优先检查是不是单角色权限
+                DataScope dataScope = mapperClazz.getAnnotation(DataScope.class);
+                if (ObjectUtils.isNotEmpty(dataScope) && dataScope.enabled()) {
+                    if(dataScope.permissionObject().equals(roleCode)){
+                        return buildDataScopeByAnnotation(dataScope);
+                    }
+                }
+                //如果不是, 检查多角色权限
                DataScopes dataScopesList = mapperClazz.getAnnotation(DataScopes.class);
                if (ObjectUtils.isNotEmpty(dataScopesList)) {
-                    for (DataScope dataScope :dataScopesList.value()){
-                        if(dataScope.enabled()){
-                            if(dataScope.permissionObject().equals(roleCode)){
-                                return buildDataScopeByAnnotation(dataScope);
+                    for (DataScope dataScopes :dataScopesList.value()){
+                        if(dataScopes.enabled()){
+                            if(dataScopes.permissionObject().equals(roleCode)){
+                                return buildDataScopeByAnnotation(dataScopes);
                            }
                        }
                    }