增加部门和用户管理页面的权限过滤

yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/dept/vo/dept/DeptListReqVO.java

@@ -3,6 +3,8 @@ package cn.iocoder.yudao.module.system.controller.admin.dept.vo.dept;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
+import java.util.Collection;
+
 @Schema(description = "管理后台 - 部门列表 Request VO")
 @Data
 public class DeptListReqVO {
@@ -13,4 +15,7 @@ public class DeptListReqVO {
     @Schema(description = "展示状态，参见 CommonStatusEnum 枚举类", example = "1")
     private Integer status;
 
+    @Schema(description = "deptId集合")
+    private Collection<Long> deptIds;
+
 }

yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/user/vo/user/UserSaveReqVO.java

@@ -38,6 +38,7 @@ public class UserSaveReqVO {
     private String remark;
 
     @Schema(description = "部门编号", example = "我是一个用户")
+    @NotBlank(message = "部门编号不能为空")
     @DiffLogField(name = "部门", function = DeptParseFunction.NAME)
     private Long deptId;
 

yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/dal/mysql/dept/DeptMapper.java

@@ -15,6 +15,7 @@ public interface DeptMapper extends BaseMapperX<DeptDO> {
     default List<DeptDO> selectList(DeptListReqVO reqVO) {
         return selectList(new LambdaQueryWrapperX<DeptDO>()
                 .likeIfPresent(DeptDO::getName, reqVO.getName())
+                .inIfPresent(DeptDO::getId,reqVO.getDeptIds())
                 .eqIfPresent(DeptDO::getStatus, reqVO.getStatus()));
     }
 

yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/dept/DeptServiceImpl.java

@@ -5,6 +5,8 @@ import cn.hutool.core.util.ObjectUtil;
 import cn.iocoder.yudao.framework.common.enums.CommonStatusEnum;
 import cn.iocoder.yudao.framework.common.util.object.BeanUtils;
 import cn.iocoder.yudao.framework.datapermission.core.annotation.DataPermission;
+import cn.iocoder.yudao.framework.security.core.LoginUser;
+import cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils;
 import cn.iocoder.yudao.module.system.controller.admin.dept.vo.dept.DeptListReqVO;
 import cn.iocoder.yudao.module.system.controller.admin.dept.vo.dept.DeptSaveReqVO;
 import cn.iocoder.yudao.module.system.dal.dataobject.dept.DeptDO;
@@ -167,11 +169,27 @@ public class DeptServiceImpl implements DeptService {
 
     @Override
     public List<DeptDO> getDeptList(DeptListReqVO reqVO) {
+        //只查自己的部门及以下
+        Long loginUserDeptId = SecurityFrameworkUtils.getLoginUserDeptId();
+        reqVO.setDeptIds(getDeptCondition(loginUserDeptId));
         List<DeptDO> list = deptMapper.selectList(reqVO);
         list.sort(Comparator.comparing(DeptDO::getSort));
         return list;
     }
-
+    /**
+     * 获得部门条件：查询指定部门的子部门编号们，包括自身
+     *
+     * @param deptId 部门编号
+     * @return 部门编号集合
+     */
+    private Set<Long> getDeptCondition(Long deptId) {
+        if (deptId == null) {
+            return Collections.emptySet();
+        }
+        Set<Long> deptIds = convertSet(getChildDeptList(deptId), DeptDO::getId);
+        deptIds.add(deptId); // 包括自身
+        return deptIds;
+    }
     @Override
     public List<DeptDO> getChildDeptList(Collection<Long> ids) {
         List<DeptDO> children = new LinkedList<>();

yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/user/AdminUserServiceImpl.java

@@ -173,7 +173,8 @@ public class AdminUserServiceImpl implements AdminUserService {
         if (ObjectUtil.notEqual(updateReqVO.getId(), SecurityFrameworkUtils.getLoginUserId())) {
             //进入这里说明不是自己，那就根据逻辑是否强制下线
             // 新增:如果更新了部门编号，则先查看该用户的id，根据id删除该用户token，强制下线重新登录
-            if (Objects.nonNull(updateReqVO.getDeptId())&&  !oldUser.getDeptId().equals(updateObj.getDeptId()) ) {
+            if (Objects.nonNull(updateReqVO.getDeptId())
+                    && !Objects.equals(updateObj.getDeptId(), oldUser.getDeptId())) {
                 OAuth2AccessTokenPageReqVO reqVO = new OAuth2AccessTokenPageReqVO();
                 reqVO.setUserId(oldUser.getId());
                 PageResult<OAuth2AccessTokenDO> accessTokenPage = oauth2TokenService.getAccessTokenPage(reqVO);

yudao-module-visit/src/main/java/cn/iocoder/yudao/module/visit/controller/admin/customerinfo/CustomerInfoController.java

@@ -93,16 +93,16 @@ public class CustomerInfoController {
     @GetMapping("/getByCompanyName")
     @Operation(summary = "通过公司名称带出基本信息")
     @Parameter(name = "companyName", description = "公司名称", required = true, example = "郑州小牛")
-    public CommonResult<List<CustomerInfoRespVO>> getCustomerInfoByCompanyName(@RequestParam("companyName") String companyName) {
-        List<CustomerInfoDO> customerInfo = customerInfoService.getCustomerInfoByCompanyName(companyName);
-        List<CustomerInfoRespVO> bean = BeanUtils.toBean(customerInfo, CustomerInfoRespVO.class);
+    public CommonResult<CustomerInfoRespVO> getCustomerInfoByCompanyName(@RequestParam("companyName") String companyName) {
+        CustomerInfoDO customerInfo = customerInfoService.getCustomerInfoByCompanyName(companyName);
+        CustomerInfoRespVO bean = BeanUtils.toBean(customerInfo, CustomerInfoRespVO.class);
         return success(bean);
     }
 
 
     @GetMapping("/getByPhone")
     @Operation(summary = "通过手机号带出基本信息")
-    @Parameter(name = "companyName", description = "联系方式", required = true, example = "156")
+    @Parameter(name = "contact", description = "联系方式", required = true, example = "156")
     public CommonResult<List<CustomerInfoRespVO>> getCustomerInfoByContact(@RequestParam("contact") String contact) {
         List<CustomerInfoDO> customerInfo = customerInfoService.getCustomerInfoByContact(contact);
         List<CustomerInfoRespVO> bean = BeanUtils.toBean(customerInfo, CustomerInfoRespVO.class);

yudao-module-visit/src/main/java/cn/iocoder/yudao/module/visit/dal/mysql/customerinfo/CustomerInfoMapper.java

@@ -53,17 +53,18 @@ public interface CustomerInfoMapper extends BaseMapperX<CustomerInfoDO> {
     }
 
     // 根据公司名称或手机号查询（根据任一条件带出符合条件的列表）
-    default List<CustomerInfoDO> selectListByCompanyName(String companyName) {
+    default CustomerInfoDO selectListByCompanyName(String companyName) {
         Long companyId = SecurityFrameworkUtils.getLoginUserDeptId();
-        return selectList(new LambdaQueryWrapperX<CustomerInfoDO>()
+        return selectOne(new LambdaQueryWrapperX<CustomerInfoDO>()
                 .eqIfPresent(CustomerInfoDO::getCompanyId, companyId)
-                .likeIfPresent(CustomerInfoDO::getCompanyName, companyName));
+                .eqIfPresent(CustomerInfoDO::getCompanyName, companyName)
+                .last("LIMIT 1"));
     }
     default List<CustomerInfoDO> selectListByContact(String contact) {
         Long companyId = SecurityFrameworkUtils.getLoginUserDeptId();
         return selectList(new LambdaQueryWrapperX<CustomerInfoDO>()
                 .eqIfPresent(CustomerInfoDO::getCompanyId, companyId)
-                .likeIfPresent(CustomerInfoDO::getContact, contact));
+                .eqIfPresent(CustomerInfoDO::getContact, contact));
     }
 
     default List<CustomerInfoDO> selectList(Long companyId){

yudao-module-visit/src/main/java/cn/iocoder/yudao/module/visit/service/customerinfo/CustomerInfoService.java

@@ -52,7 +52,7 @@ public interface CustomerInfoService {
      */
     PageResult<CustomerInfoDO> getCustomerInfoPage(CustomerInfoPageReqVO pageReqVO);
 
-    List<CustomerInfoDO> getCustomerInfoByCompanyName(String companyName);
+    CustomerInfoDO getCustomerInfoByCompanyName(String companyName);
     List<CustomerInfoDO> getCustomerInfoByContact(String contact);
 
 

yudao-module-visit/src/main/java/cn/iocoder/yudao/module/visit/service/customerinfo/CustomerInfoServiceImpl.java

@@ -123,7 +123,7 @@ public class CustomerInfoServiceImpl implements CustomerInfoService {
     }
 
     @Override
-    public List<CustomerInfoDO> getCustomerInfoByCompanyName(String companyName) {
+    public CustomerInfoDO getCustomerInfoByCompanyName(String companyName) {
         return customerInfoMapper.selectListByCompanyName(companyName);
     }
     @Override

yudao-ui/yudao-ui-admin-vue3/src/views/Profile/components/BasicInfo.vue

@@ -70,12 +70,12 @@ const schema = reactive<FormSchema[]>([
     label: t('profile.user.email'),
     component: 'Input'
   },
-  {
-    field: 'sex',
-    label: t('profile.user.sex'),
-    component: 'InputNumber',
-    value: 0
-  }
+  // {
+  //   field: 'sex',
+  //   label: t('profile.user.sex'),
+  //   component: 'InputNumber',
+  //   value: 0
+  // }
 ])
 const formRef = ref<FormExpose>() // 表单 Ref
 const submit = () => {

yudao-ui/yudao-ui-admin-vue3/src/views/system/user/UserForm.vue

@@ -132,6 +132,7 @@ const formRules = reactive<FormRules>({
   username: [{ required: true, message: '用户名称不能为空', trigger: 'blur' }],
   nickname: [{ required: true, message: '真实姓名不能为空', trigger: 'blur' }],
   password: [{ required: true, message: '用户密码不能为空', trigger: 'blur' }],
+  deptId: [{ required: true, message: '所属部门不能为空', trigger: 'blur' }],
   email: [
     {
       type: 'email',

yudao-ui/yudao-ui-admin-vue3/src/views/system/user/index.vue

@@ -206,12 +206,13 @@ import UserForm from './UserForm.vue'
 import UserImportForm from './UserImportForm.vue'
 import UserAssignRoleForm from './UserAssignRoleForm.vue'
 import DeptTree from './DeptTree.vue'
+import {useUserStore} from "@/store/modules/user";
 
 defineOptions({ name: 'SystemUser' })
 
 const message = useMessage() // 消息弹窗
 const { t } = useI18n() // 国际化
-
+const userStore = useUserStore()//用户信息
 const loading = ref(true) // 列表的加载中
 const total = ref(0) // 列表的总页数
 const list = ref([]) // 列表的数
@@ -229,6 +230,9 @@ const queryFormRef = ref() // 搜索的表单
 /** 查询列表 */
 const getList = async () => {
   loading.value = true
+  if (userStore.user.deptId!==100){//如果不是总公司用户，再过滤，总公司用户可以看到所有
+    queryParams.deptId = userStore.user.deptId
+  }
   try {
     const data = await UserApi.getUserPage(queryParams)
     list.value = data.list