消息模块权限优化

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/PoNewsController.java

@@ -8,7 +8,9 @@ import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.PoNews;
+import com.ruoyi.system.domain.PoUser;
 import com.ruoyi.system.service.IPoNewsService;
+import com.ruoyi.system.service.impl.PoUserServiceImpl;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.repository.query.Param;
@@ -30,6 +32,9 @@ public class PoNewsController extends BaseController
 {
     @Autowired
     private IPoNewsService poNewsService;
+
+    @Autowired
+    private PoUserServiceImpl poUserService;
     /**
      * 查看详情
      * 点击详情获取一个消息详细内容根据newsId
@@ -105,11 +110,11 @@ public class PoNewsController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:news:add')")
     @Log(title = "新增消息", businessType = BusinessType.INSERT)
     @PostMapping("/add")
-    public AjaxResult add(@RequestBody @Param("poNews") PoNews poNews)
+    public AjaxResult add(@RequestBody @Param("poNews") PoNews poNews, @RequestBody @Param("poUser") PoUser poUser)
     {
-        if (!getUsername().equals("admin")){
-            return AjaxResult.error("新增消息失败当前用户不是管理员");
-        }
+        //判断当前用户是否有操作的权限
+        poUserService.checkUserAllowed(poUser);
+
         if (UserConstants.NOT_UNIQUE.equals(poNewsService.checkPostNewsTitleUnique(poNews))){
             return AjaxResult.error("新增失败"+poNews.getNewsTitle()+"已经存在");
         }
@@ -126,11 +131,14 @@ public class PoNewsController extends BaseController
     @PreAuthorize("@ss.hasPermi('system:news:edit')")
     @Log(title = "修改消息", businessType = BusinessType.UPDATE)
     @PutMapping("/edit")
-    public AjaxResult edit(@RequestBody PoNews poNews)
+    public AjaxResult edit(@RequestBody PoNews poNews ,@RequestBody PoUser poUser)
     {
-        if (!getUsername().equals("admin")){
-            return AjaxResult.error("修改消息失败当前用户不是管理员");
-        }
+        //校验是否有操作的权限
+        poUserService.checkUserAllowed(poUser);
+
+        //校验是否可以访问到数据
+        poUserService.checkUserDataScope(poUser.getUserId());
+
         if (UserConstants.NOT_UNIQUE.equals(poNewsService.checkPostNewsTitleUnique(poNews))
             ){
             return AjaxResult.error("修改失败"+poNews.getNewsTitle()+"已经存在");

ruoyi-system/src/main/java/com/ruoyi/system/domain/PoNews.java

@@ -46,7 +46,7 @@ public class PoNews extends BaseEntity
 
     /** 接收人电话 */
     @Excel(name = "接收人")
-    private String userId;
+    private String phonenumber;
 
     @Excel(name = "图片")
     private String image;
@@ -55,6 +55,14 @@ public class PoNews extends BaseEntity
     @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
     private Date newsTime;
 
+    public void setPhonenumber(String phonenumber) {
+        this.phonenumber = phonenumber;
+    }
+
+    public String getPhonenumber() {
+        return phonenumber;
+    }
+
     public void setNewsTime(Date newsTime){
         this.newsTime = newsTime;
     }
@@ -130,15 +138,7 @@ public class PoNews extends BaseEntity
     {
         return publisherId;
     }
-    public void setUserId(String userId)
-    {
-        this.userId = userId;
-    }
 
-    public String getUserId()
-    {
-        return userId;
-    }
 
     @Override
     public String toString() {
@@ -154,7 +154,6 @@ public class PoNews extends BaseEntity
                 .append("remark", getRemark())
                 .append("sort", getSort())
                 .append("publisherId", getPublisherId())
-                .append("userId", getUserId())
                 .append("delFlag",getDelFlag())
                 .append("image",getImage())
                 .append("newsTime",getNewsTime())

ruoyi-system/src/main/resources/mapper/system/PoNewsMapper.xml

@@ -16,15 +16,15 @@
         <result property="remark"    column="remark"    />
         <result property="sort"    column="sort"    />
         <result property="publisherId"    column="publisher_id"    />
-        <result property="userId"    column="user_id"  />
         <result property="delFlag" column="del_flag"/>
         <result property="image"   column="image"/>
         <result property="newsTime" column="news_time"/>
+        <result property="phonenumber" column="phonenumber"/>
     </resultMap>
 <!--查询po_news表所有-->
     <sql id="selectPoNewsVo">
         select news_id, news_title, news_content, status, create_by, create_time, update_by, update_time,
-               remark, sort, publisher_id, user_id ,del_flag ,image ,news_time from po_news
+               remark, sort, publisher_id, del_flag ,image ,news_time ,phonenumber from po_news
     </sql>
 
 <!--    分页查询-->
@@ -36,10 +36,10 @@
             <if test="status != null  and status != ''"> and status = #{status}</if>
             <if test="sort != null "> and sort = #{sort}</if>
             <if test="publisherId != null "> and publisher_id = #{publisherId}</if>
-            <if test="userId != null "> and user_id = #{userId}</if>
             <if test="delFlag != null and delFlag != ''">and del_flag = #{delFlag}</if>
             <if test="image != null and image != ''">and image = #{image}</if>
             <if test="newsTime != null ">and news_time = #{newsTime}</if>
+            <if test="phonenumber != null ">and phonenumber = #{phonenumber}</if>
         </where>
     </select>
 
@@ -64,10 +64,10 @@
             <if test="remark != null">remark,</if>
             <if test="sort != null">sort,</if>
             <if test="publisherId != null">publisher_id,</if>
-            <if test="userId != null">user_id,</if>
             <if test="delFlag != null and delFlag != ''">del_flag,</if>
             <if test="image != null and image != ''">image,</if>
             <if test="newsTime != null">news_time,</if>
+            <if test="phonenumber != null">phonenumber,</if>
         </trim>
         <trim prefix="values (" suffix=")" suffixOverrides=",">
             <if test="newsId != null">#{newsId},</if>
@@ -81,10 +81,10 @@
             <if test="remark != null">#{remark},</if>
             <if test="sort != null">#{sort},</if>
             <if test="publisherId != null">#{publisherId},</if>
-            <if test="userId != null">#{userId},</if>
             <if test="delFlag != null and delFlag != '' ">#{delFlag},</if>
             <if test="image != null and image != ''">#{image},</if>
             <if test="newsTime != null">#{newsTime},</if>
+            <if test="phonenumber != null ">#{phonenumber},</if>
         </trim>
     </insert>
 
@@ -102,10 +102,10 @@
             <if test="remark != null">remark = #{remark},</if>
             <if test="sort != null">sort = #{sort},</if>
             <if test="publisherId != null">publisher_id = #{publisherId},</if>
-            <if test="userId != null">user_id = #{userId},</if>
             <if test="delFlag != null and delFlag != ''">del_flag = #{delFlag}</if>
             <if test="image != null and image != ''">image = #{image}</if>
             <if test="newsTime != null">news_time = #{newsTime}</if>
+            <if test="phonenumber != null">phonenumber = #{phonenumber}</if>
         </trim>
         where news_id = #{newsId}
     </update>
@@ -167,7 +167,7 @@
 
     <!--    通过消息Id查询用户Id-->
     <select id="selectUserByNewsId" resultType="String">
-            select u.user_id from po_news n LEFT JOIN po_user u ON n.user_id = u.user_id
+            select u.phonenumber from po_news n LEFT JOIN po_user u ON n.phonenumber = u.phonenumber
             where n.news_id = #{newsId}
     </select>
 <!--    校验时间是否相同-->