权限完善

src/main/java/com/dc/dc_project/common/aop/CheckPermission.java

@@ -0,0 +1,73 @@
+package com.dc.dc_project.common.aop;
+
+import cn.dev33.satoken.SaManager;
+import cn.dev33.satoken.annotation.handler.SaAnnotationHandlerInterface;
+import cn.dev33.satoken.context.SaHolder;
+import cn.dev33.satoken.exception.SaTokenException;
+import cn.dev33.satoken.stp.StpUtil;
+
+import java.lang.reflect.AnnotatedElement;
+import java.util.Arrays;
+import java.util.List;
+
+public class CheckPermission implements SaAnnotationHandlerInterface<DcCheckPermission> {
+    @Override
+    public Class<DcCheckPermission> getHandlerAnnotationClass() {
+        return DcCheckPermission.class;
+    }
+
+    @Override
+    public void checkMethod(DcCheckPermission dcCheckPermission, AnnotatedElement annotatedElement) {
+
+        // 获取需要校验的权限数组
+        String[] requiredPermissions = dcCheckPermission.value();
+
+        // 如果没有配置权限，直接通过
+        if (requiredPermissions == null || requiredPermissions.length == 0) {
+            return;
+        }
+
+        // 获取当前用户拥有的权限列表
+        List<String> userPermissions = StpUtil.getPermissionList();
+        userPermissions = userPermissions.stream().map(permission -> {
+            int index = permission.indexOf('_');
+            return index != -1 ? permission.substring(0, index) : permission;
+        }).toList();
+
+        // 如果用户没有任何权限，直接抛出异常
+        if (userPermissions == null || userPermissions.isEmpty()) {
+            throw new SaTokenException("无权限访问：" + Arrays.toString(requiredPermissions));
+        }
+
+        // 检查是否满足任意一个权限（支持前缀匹配）
+        for (String requiredPermission : requiredPermissions) {
+            if (hasPermission(userPermissions, requiredPermission)) {
+                // 只要满足一个权限即可通过
+                return;
+            }
+        }
+
+        // 所有权限都不满足，抛出异常
+        throw new SaTokenException("无权限访问：" + Arrays.toString(requiredPermissions));
+
+
+    }
+
+    private boolean hasPermission(List<String> userPermissions, String requiredPermission) {
+        for (String userPermission : userPermissions) {
+            // 1. 精确匹配：用户权限完全等于需要的权限
+            if (userPermission.equals(requiredPermission)) {
+                return true;
+            }
+
+            // 2. 前缀匹配：用户权限是需要权限的前缀
+            // 例如：用户有 "system"，需要 "system:user"，则通过
+            // 例如：用户有 "system:user"，需要 "system:user:list"，则通过
+            if (requiredPermission.startsWith(userPermission + ":")) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+}

src/main/java/com/dc/dc_project/common/aop/DcCheckPermission.java

@@ -0,0 +1,14 @@
+package com.dc.dc_project.common.aop;
+
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ ElementType.METHOD, ElementType.TYPE})
+public @interface DcCheckPermission {
+
+    String[] value();
+}

src/main/java/com/dc/dc_project/config/SaTokenConfigure.java

@@ -17,11 +17,15 @@ public class SaTokenConfigure implements WebMvcConfigurer {
 
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
-        registry.addInterceptor(new SaInterceptor(h -> {
+        System.out.println("----- SaToken 拦截器启动成功！");
-
+        registry
-            //SaManager.getLog().debug("----- 请求path={}  提交token={}", SaHolder.getRequest().getRequestPath(), StpUtil.getTokenValue());
+                .addInterceptor(new SaInterceptor(h -> {
-            SaRouter.match("/project/**").check(StpUtil::checkLogin);
+                    SaRouter
-        })).addPathPatterns("/**").excludePathPatterns("/auth/**","/error","/favicon.ico");
+                            .match("/**")
+                            .notMatch("/auth/**")
+                            .check(r -> StpUtil.checkLogin());
+                }))
+                .addPathPatterns("/**");
     }
 
 }

src/main/java/com/dc/dc_project/config/StpInterfaceImpl.java

@@ -1,14 +1,18 @@
 package com.dc.dc_project.config;
 
+import cn.dev33.satoken.SaManager;
 import cn.dev33.satoken.stp.StpInterface;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.dc.dc_project.model.dto.PermissionDataDto;
 import com.dc.dc_project.model.pojo.Role;
 import com.dc.dc_project.model.pojo.UserRole;
+import com.dc.dc_project.service.PermissionService;
 import com.dc.dc_project.service.RoleService;
 import com.dc.dc_project.service.UserRoleService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
+
 import java.util.List;
 
 /**
@@ -21,6 +25,9 @@ public class StpInterfaceImpl implements StpInterface {
     @Autowired
     private UserRoleService userRoleService;
 
+    @Autowired
+    private PermissionService permissionService;
+
     @Autowired
     private RoleService roleService;
     /**
@@ -28,9 +35,17 @@ public class StpInterfaceImpl implements StpInterface {
      */
     @Override
     public List<String> getPermissionList(Object loginId, String loginType) {
-        LambdaQueryWrapper<UserRole> lambdaQueryWrapper = new LambdaQueryWrapper<UserRole>().eq(UserRole::getUserId, Long.valueOf(loginId.toString()));
+        // 2. 遍历角色列表，查询拥有的权限码
-        List<Long> roleIds = userRoleService.list(lambdaQueryWrapper).stream().map(UserRole::getRoleId).toList();
+        List<String> permissionList = (List<String>) SaManager.getSaTokenDao().getObject("satoken:role-find-permission:" + loginId);
-        return roleService.list(new LambdaQueryWrapper<Role>().in(Role::getId, roleIds)).stream().map(Role::getCode).toList();
+        if(permissionList == null) {
+            // 从数据库查询这个角色 id 所拥有的权限列表
+            Long userId = Long.valueOf(loginId.toString());
+            List<PermissionDataDto> permissionDataDtos = permissionService.getDataListByUserId(userId);
+            permissionList = permissionDataDtos.stream().map(p -> p.getCode() + "_" + p.getDataScopeType()).toList();
+            // 查好后，set 到缓存中
+            SaManager.getSaTokenDao().setObject("satoken:role-find-permission:" + loginId, permissionList, 60 * 60 * 24 * 30);
+        }
+        return permissionList;
     }
 
     /**

src/main/java/com/dc/dc_project/controller/sys/AuthController.java

@@ -25,7 +25,7 @@ public class AuthController {
         return userService.login(loginDto);
     }
 
-    @GetMapping("/logout")
+    @PostMapping("/logout")
     ResponseResult logout() {
         Long userId = StpUtil.getLoginIdAsLong();
         StpUtil.logout();

src/main/java/com/dc/dc_project/controller/sys/RoleController.java

@@ -4,10 +4,12 @@ package com.dc.dc_project.controller.sys;
 import cn.dev33.satoken.stp.StpUtil;
 import com.dc.dc_project.common.ResponseResult;
 import com.dc.dc_project.model.dto.RoleDto;
+import com.dc.dc_project.model.dto.RoleUserDto;
 import com.dc.dc_project.model.pojo.RecordResult;
 import com.dc.dc_project.service.RoleService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -44,5 +46,17 @@ public class RoleController {
         return roleService.delete(roleDto, userId);
     }
 
+    @PostMapping("/addUser")
+    public ResponseResult addUser(@RequestBody @Validated RoleUserDto roleUserDto) {
+        Long userId = StpUtil.getLoginIdAsLong();
+        return roleService.addUser(roleUserDto, userId);
+    }
+
+    @PostMapping("/deleteUser")
+    public ResponseResult removeUser(@RequestBody @Validated RoleUserDeleteDto roleUserDto) {
+        Long userId = StpUtil.getLoginIdAsLong();
+        return roleService.removeUser(roleUserDto, userId);
+    }
+
 
 }

src/main/java/com/dc/dc_project/controller/sys/RoleUserDeleteDto.java

@@ -0,0 +1,14 @@
+package com.dc.dc_project.controller.sys;
+
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import lombok.Data;
+
+@Data
+public class RoleUserDeleteDto {
+
+    @NotNull
+    @NotBlank
+    private Long id;
+}

src/main/java/com/dc/dc_project/controller/sys/UserController.java

@@ -1,8 +1,10 @@
 package com.dc.dc_project.controller.sys;
 
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.stp.StpUtil;
 import com.dc.dc_project.common.ResponseResult;
+import com.dc.dc_project.common.aop.DcCheckPermission;
 import com.dc.dc_project.model.dto.user.UpdateUserPasswordDto;
 import com.dc.dc_project.model.dto.user.UserInfoUpdateDto;
 import com.dc.dc_project.model.dto.user.UserReqDto;
@@ -16,6 +18,8 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.List;
+
 @RequiredArgsConstructor(onConstructor_ = @Autowired)
 @RestController
 @RequestMapping("/user")
@@ -24,6 +28,7 @@ public class UserController {
     private final UserService userService;
 
     @PostMapping("/list")
+    @DcCheckPermission("system:user:list")
     public ResponseResult UserList(@RequestBody UserReqDto userReqDto) {
         Long userId = StpUtil.getLoginIdAsLong();
         return userService.UserList(userReqDto, userId);
@@ -31,6 +36,8 @@ public class UserController {
 
     @PostMapping("/getUserInfo")
     ResponseResult getUserInfo() {
+        Long userId = StpUtil.getLoginIdAsLong();
+        List<String> permissions = StpUtil.getPermissionList();
         return userService.getUserInfo();
     }
 

src/main/java/com/dc/dc_project/enums/DataScopeType.java

@@ -10,16 +10,18 @@ import lombok.Getter;
 @Getter
 public enum DataScopeType {
 
-    ALL("SELF_ONLY", "仅限用户自己所属组织"),
+    ALL("SELF_ONLY", "仅限用户自己所属组织", 3),
-    SELF("SELF_AND_DESCENDANTS", "用户自己所属组织及其所有子孙组织"),
+    SELF("SELF_AND_DESCENDANTS", "用户自己所属组织及其所有子孙组织", 2),
-    CUSTOM("ALL_COMPANY ", "全公司所有组织");
+    CUSTOM("ALL_COMPANY ", "全公司所有组织", 1);
 
     private final String code;
     private final String desc;
+    private final Integer level;
 
-    DataScopeType(String code, String desc) {
+    DataScopeType(String code, String desc, Integer level) {
         this.code = code;
         this.desc = desc;
+        this.level = level;
     }
 
     public static DataScopeType getByCode(String code) {
@@ -39,4 +41,22 @@ public enum DataScopeType {
         }
         return null;
     }
+
+    public static Integer getLevelByCode(String code) {
+        for (DataScopeType value : DataScopeType.values()) {
+            if (value.getCode().equals(code)) {
+                return value.getLevel();
+            }
+        }
+        return null;
+    }
+
+    public static String getCodeByLevel(Integer level) {
+        for (DataScopeType value : DataScopeType.values()) {
+            if (value.getLevel().equals(level)) {
+                return value.getCode();
+            }
+        }
+        return null;
+    }
 }

src/main/java/com/dc/dc_project/mapper/PermissionMapper.java

@@ -1,5 +1,6 @@
 package com.dc.dc_project.mapper;
 
+import com.dc.dc_project.model.dto.PermissionDataDto;
 import com.dc.dc_project.model.dto.PermissionDto;
 import com.dc.dc_project.model.pojo.Permission;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
@@ -16,6 +17,8 @@ import java.util.List;
 public interface PermissionMapper extends BaseMapper<Permission> {
 
     List<Permission> getList(@Param("permissionDto") PermissionDto permissionDto);
+
+    List<PermissionDataDto> getDataListByUserId(Long userId);
 }
 
 

src/main/java/com/dc/dc_project/model/dto/PermissionDataDto.java

@@ -0,0 +1,24 @@
+package com.dc.dc_project.model.dto;
+
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class PermissionDataDto implements Serializable {
+
+    private Long id;
+
+    private String name;
+
+    private String code;
+
+    private Long parentId;
+
+    private Integer dataScopeType;
+}

src/main/java/com/dc/dc_project/model/dto/RoleUserDto.java

@@ -0,0 +1,18 @@
+package com.dc.dc_project.model.dto;
+
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import lombok.Data;
+
+@Data
+public class RoleUserDto {
+
+    @NotBlank
+    @NotNull
+    private Long userId;
+
+    @NotBlank
+    @NotNull
+    private Long roleId;
+}

src/main/java/com/dc/dc_project/model/pojo/Permission.java

@@ -99,76 +99,5 @@ public class Permission {
     @TableField(value = "is_deleted")
     private Integer isDeleted;
 
-    @Override
-    public boolean equals(Object that) {
-        if (this == that) {
-            return true;
-        }
-        if (that == null) {
-            return false;
-        }
-        if (getClass() != that.getClass()) {
-            return false;
-        }
-        Permission other = (Permission) that;
-        return (this.getId() == null ? other.getId() == null : this.getId().equals(other.getId()))
-            && (this.getParentId() == null ? other.getParentId() == null : this.getParentId().equals(other.getParentId()))
-            && (this.getName() == null ? other.getName() == null : this.getName().equals(other.getName()))
-            && (this.getCode() == null ? other.getCode() == null : this.getCode().equals(other.getCode()))
-            && (this.getType() == null ? other.getType() == null : this.getType().equals(other.getType()))
-            && (this.getPath() == null ? other.getPath() == null : this.getPath().equals(other.getPath()))
-            && (this.getMethod() == null ? other.getMethod() == null : this.getMethod().equals(other.getMethod()))
-            && (this.getIcon() == null ? other.getIcon() == null : this.getIcon().equals(other.getIcon()))
-            && (this.getSortOrder() == null ? other.getSortOrder() == null : this.getSortOrder().equals(other.getSortOrder()))
-            && (this.getStatus() == null ? other.getStatus() == null : this.getStatus().equals(other.getStatus()))
-            && (this.getRemark() == null ? other.getRemark() == null : this.getRemark().equals(other.getRemark()))
-            && (this.getCreatedAt() == null ? other.getCreatedAt() == null : this.getCreatedAt().equals(other.getCreatedAt()))
-            && (this.getUpdatedAt() == null ? other.getUpdatedAt() == null : this.getUpdatedAt().equals(other.getUpdatedAt()))
-            && (this.getIsDeleted() == null ? other.getIsDeleted() == null : this.getIsDeleted().equals(other.getIsDeleted()));
-    }
 
-    @Override
-    public int hashCode() {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + ((getId() == null) ? 0 : getId().hashCode());
-        result = prime * result + ((getParentId() == null) ? 0 : getParentId().hashCode());
-        result = prime * result + ((getName() == null) ? 0 : getName().hashCode());
-        result = prime * result + ((getCode() == null) ? 0 : getCode().hashCode());
-        result = prime * result + ((getType() == null) ? 0 : getType().hashCode());
-        result = prime * result + ((getPath() == null) ? 0 : getPath().hashCode());
-        result = prime * result + ((getMethod() == null) ? 0 : getMethod().hashCode());
-        result = prime * result + ((getIcon() == null) ? 0 : getIcon().hashCode());
-        result = prime * result + ((getSortOrder() == null) ? 0 : getSortOrder().hashCode());
-        result = prime * result + ((getStatus() == null) ? 0 : getStatus().hashCode());
-        result = prime * result + ((getRemark() == null) ? 0 : getRemark().hashCode());
-        result = prime * result + ((getCreatedAt() == null) ? 0 : getCreatedAt().hashCode());
-        result = prime * result + ((getUpdatedAt() == null) ? 0 : getUpdatedAt().hashCode());
-        result = prime * result + ((getIsDeleted() == null) ? 0 : getIsDeleted().hashCode());
-        return result;
-    }
-
-    @Override
-    public String toString() {
-        StringBuilder sb = new StringBuilder();
-        sb.append(getClass().getSimpleName());
-        sb.append(" [");
-        sb.append("Hash = ").append(hashCode());
-        sb.append(", id=").append(id);
-        sb.append(", parentId=").append(parentId);
-        sb.append(", name=").append(name);
-        sb.append(", code=").append(code);
-        sb.append(", type=").append(type);
-        sb.append(", path=").append(path);
-        sb.append(", method=").append(method);
-        sb.append(", icon=").append(icon);
-        sb.append(", sortOrder=").append(sortOrder);
-        sb.append(", status=").append(status);
-        sb.append(", remark=").append(remark);
-        sb.append(", createdAt=").append(createdAt);
-        sb.append(", updatedAt=").append(updatedAt);
-        sb.append(", isDeleted=").append(isDeleted);
-        sb.append("]");
-        return sb.toString();
-    }
 }

src/main/java/com/dc/dc_project/model/pojo/RolePermission.java

@@ -37,7 +37,7 @@ public class RolePermission {
      * 数据权限范围
      */
     @TableField(value = "data_scope_type")
-    private String dataScopeType;
+    private Integer dataScopeType;
 
     /**
      * 创建时间

src/main/java/com/dc/dc_project/service/PermissionService.java

@@ -2,11 +2,14 @@ package com.dc.dc_project.service;
 
 import com.dc.dc_project.common.ResponseResult;
 import com.dc.dc_project.model.dto.PermissionAddDto;
+import com.dc.dc_project.model.dto.PermissionDataDto;
 import com.dc.dc_project.model.dto.PermissionDto;
 import com.dc.dc_project.model.pojo.Permission;
 import com.baomidou.mybatisplus.extension.service.IService;
 import com.dc.dc_project.model.pojo.RolePermission;
 
+import java.util.List;
+
 /**
 * @author ADMIN
 * @description 针对表【sys_permission(系统权限表（菜单/接口控制）)】的数据库操作Service
@@ -53,4 +56,11 @@ public interface PermissionService extends IService<Permission> {
      * @return
      */
     ResponseResult deleteRP(RolePermission rolePermission, Long userId);
+
+    /**
+     * 获取权限数据列表(内部使用)
+     * @param userId
+     * @return
+     */
+    List<PermissionDataDto> getDataListByUserId(Long userId);
 }

src/main/java/com/dc/dc_project/service/RoleService.java

@@ -1,7 +1,9 @@
 package com.dc.dc_project.service;
 
 import com.dc.dc_project.common.ResponseResult;
+import com.dc.dc_project.controller.sys.RoleUserDeleteDto;
 import com.dc.dc_project.model.dto.RoleDto;
+import com.dc.dc_project.model.dto.RoleUserDto;
 import com.dc.dc_project.model.pojo.RecordResult;
 import com.dc.dc_project.model.pojo.Role;
 import com.baomidou.mybatisplus.extension.service.IService;
@@ -38,4 +40,20 @@ public interface RoleService extends IService<Role> {
      * @return
      */
     ResponseResult delete(RoleDto roleDto, Long userId);
+
+    /**
+     * 添加用户角色
+     * @param roleUserDto
+     * @param userId
+     * @return
+     */
+    ResponseResult addUser(RoleUserDto roleUserDto, Long userId);
+
+    /**
+     * 删除用户角色
+     * @param roleUserDto
+     * @param userId
+     * @return
+     */
+    ResponseResult removeUser(RoleUserDeleteDto roleUserDto, Long userId);
 }

src/main/java/com/dc/dc_project/service/impl/PermissionServiceImpl.java

@@ -8,6 +8,7 @@ import com.dc.dc_project.common.ResponseResult;
 import com.dc.dc_project.enums.DataScopeType;
 import com.dc.dc_project.enums.IsDeleted;
 import com.dc.dc_project.model.dto.PermissionAddDto;
+import com.dc.dc_project.model.dto.PermissionDataDto;
 import com.dc.dc_project.model.dto.PermissionDto;
 import com.dc.dc_project.model.pojo.Permission;
 import com.dc.dc_project.model.pojo.RolePermission;
@@ -79,7 +80,7 @@ public class PermissionServiceImpl extends ServiceImpl<PermissionMapper, Permiss
         if (rolePermission.getId() == null || rolePermission.getDataScopeType() == null) {
             return ResponseResult.error("参数错误");
         }
-        if (DataScopeType.getByCode(rolePermission.getDataScopeType()) ==  null){
+        if (DataScopeType.getCodeByLevel(rolePermission.getDataScopeType()) ==  null){
             return ResponseResult.error("数据权限类型错误");
         }
         RolePermission rolePermission1 = rolePermissionService.getById(rolePermission.getId());
@@ -92,7 +93,7 @@ public class PermissionServiceImpl extends ServiceImpl<PermissionMapper, Permiss
 
     @Override
     public ResponseResult addRP(RolePermission rolePermission, Long userId) {
-        if(rolePermission.getDataScopeType() != null && DataScopeType.getByCode(rolePermission.getDataScopeType()) == null){
+        if(rolePermission.getDataScopeType() != null && DataScopeType.getCodeByLevel(rolePermission.getDataScopeType()) == null){
             return ResponseResult.error("数据权限类型错误");
         }
         if (rolePermission.getRoleId() == null || rolePermission.getPermissionId() == null) {
@@ -121,6 +122,13 @@ public class PermissionServiceImpl extends ServiceImpl<PermissionMapper, Permiss
         return rolePermissionService.removeById(rolePermission.getId()) ? ResponseResult.success() : ResponseResult.error();
 
     }
+
+    @Override
+    public List<PermissionDataDto> getDataListByUserId(Long userId) {
+        List<PermissionDataDto> permissionDataDtos = permissionMapper.getDataListByUserId(userId);
+        System.out.println(permissionDataDtos);
+        return permissionDataDtos;
+    }
 }
 
 

src/main/java/com/dc/dc_project/service/impl/RoleServiceImpl.java

@@ -5,12 +5,18 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.dc.dc_project.common.ResponseResult;
 import com.dc.dc_project.common.ResultCode;
+import com.dc.dc_project.controller.sys.RoleUserDeleteDto;
 import com.dc.dc_project.enums.IsDeleted;
 import com.dc.dc_project.model.dto.RoleDto;
+import com.dc.dc_project.model.dto.RoleUserDto;
 import com.dc.dc_project.model.pojo.RecordResult;
 import com.dc.dc_project.model.pojo.Role;
+import com.dc.dc_project.model.pojo.UserRole;
 import com.dc.dc_project.service.RoleService;
 import com.dc.dc_project.mapper.RoleMapper;
+import com.dc.dc_project.service.UserRoleService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import lombok.extern.slf4j.Slf4j;
 
@@ -21,9 +27,13 @@ import lombok.extern.slf4j.Slf4j;
 */
 @Service
 @Slf4j
+@RequiredArgsConstructor(onConstructor_ = @Autowired)
 public class RoleServiceImpl extends ServiceImpl<RoleMapper, Role>
     implements RoleService{
 
+    private final RoleMapper roleMapper;
+    private final UserRoleService userRoleService;
+
     @Override
     public ResponseResult getList(RoleDto roleDto, Long userId) {
         LambdaQueryWrapper<Role> queryWrapper = new LambdaQueryWrapper<>();
@@ -70,6 +80,25 @@ public class RoleServiceImpl extends ServiceImpl<RoleMapper, Role>
         role.setIsDeleted(IsDeleted.YES.getCode());
         return this.updateById(role) ? ResponseResult.success() : ResponseResult.error();
     }
+
+    @Override
+    public ResponseResult addUser(RoleUserDto roleUserDto, Long userId) {
+        LambdaQueryWrapper<UserRole> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.eq(UserRole::getUserId, roleUserDto.getUserId()).eq(UserRole::getRoleId, roleUserDto.getRoleId());
+        if (userRoleService.exists(queryWrapper)){
+            return ResponseResult.error(ResultCode.FAILURE);
+        }
+        UserRole userRole = new UserRole();
+        userRole.setUserId(roleUserDto.getUserId());
+        userRole.setRoleId(roleUserDto.getRoleId());
+        userRole.setCreatedBy(userId.toString());
+        return userRoleService.save(userRole) ? ResponseResult.success() : ResponseResult.error();
+    }
+
+    @Override
+    public ResponseResult removeUser(RoleUserDeleteDto roleUserDto, Long userId) {
+        return userRoleService.removeById(roleUserDto.getId()) ? ResponseResult.success() : ResponseResult.error();
+    }
 }
 
 

src/main/java/com/dc/dc_project/service/impl/UserServiceImpl.java

@@ -12,6 +12,7 @@ import com.dc.dc_project.model.pojo.*;
 import com.dc.dc_project.model.vo.PersonnelVo;
 import com.dc.dc_project.model.vo.PositionVo;
 import com.dc.dc_project.model.vo.UserInfoVo;
+import com.dc.dc_project.service.PermissionService;
 import com.dc.dc_project.service.PersonnelService;
 import com.dc.dc_project.service.UserService;
 import lombok.RequiredArgsConstructor;
@@ -40,6 +41,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User>
     private final OrgMapper orgMapper;
     private final RoleMapper roleMapper;
     private final PositionMapper positionMapper;
+    private final PermissionService permissionService;
 
     @Override
     public ResponseResult login(LoginDto loginDto) {
@@ -100,6 +102,9 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User>
     @Override
     public ResponseResult UserList(UserReqDto userReqDto, Long userId) {
 
+
+
+
         return null;
     }
 

src/main/resources/mapper/PermissionMapper.xml

@@ -25,4 +25,23 @@
             and sp.is_deleted = 0
         </where>
     </select>
+
+    <select id="getDataListByUserId" resultType="com.dc.dc_project.model.dto.PermissionDataDto">
+        SELECT
+            sp.id,
+            sp.name,
+            sp.code,
+            sp.parent_id,
+            Max(srp.data_scope_type) AS data_scope_type
+        FROM sys_permission sp
+                 INNER JOIN sys_role_permission srp ON sp.id = srp.permission_id
+                 INNER JOIN sys_user_role sur ON srp.role_id = sur.role_id
+                 INNER JOIN sys_role sr ON sur.role_id = sr.id
+        WHERE sur.user_id = #{userId}
+          AND sp.status = 1
+          AND sp.is_deleted = 0
+          AND sr.status = 1
+          AND sr.is_deleted = 0
+        GROUP BY sp.id, sp.name, sp.code, sp.parent_id
+    </select>
 </mapper>