Explorar el Código

fix: 修复权限模块6个缺陷 — v-auth指令短路、SQL参数绑定错误、getRoleList未实现等

1. admin-web: 修复v-auth指令被return;短路,按钮权限控制恢复生效
2. admin-web: 修复hasMenuPermission子串误匹配(exact match替换includes)
3. admin-web: 修复Auths/AuthAll组件误读authBtnList字段,改为permissions
4. AdminUserMapper.xml: 修复listAdminUser状态筛选参数绑定错误(mobilePhone→status)
5. StpInterfaceImpl: 实现getRoleList(),@SaCheckRole注解现在可用
6. 新增listUserRoles全链路(Mapper→Service→StpInterface)
7. SQL: init.sql/v9新增数据统计+停车券7个权限,新建v14幂等补丁脚本

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
skyline hace 2 semanas
padre
commit
69fb46e153

+ 1 - 1
admin-web/src/components/auth/authAll.vue

@@ -22,6 +22,6 @@ const { userInfos } = storeToRefs(stores);
 
 // 获取 pinia 中的用户权限
 const getUserAuthBtnList = computed(() => {
-	return judementSameArr(props.value, userInfos.value.authBtnList);
+	return judementSameArr(props.value, userInfos.value.permissions);
 });
 </script>

+ 1 - 1
admin-web/src/components/auth/auths.vue

@@ -22,7 +22,7 @@ const { userInfos } = storeToRefs(stores);
 // 获取 pinia 中的用户权限
 const getUserAuthBtnList = computed(() => {
 	let flag = false;
-	userInfos.value.authBtnList.map((val: string) => {
+	userInfos.value.permissions.map((val: string) => {
 		props.value.map((v) => {
 			if (val === v) flag = true;
 		});

+ 0 - 1
admin-web/src/directive/authDirective.ts

@@ -12,7 +12,6 @@ export function authDirective(app: App) {
 	// 单个权限验证(v-auth="xxx")
 	app.directive('auth', {
 		mounted(el, binding) {
-			return;
 			const stores = useUserInfo();
 			if(!binding.value||!stores.userInfos?.permissions){
 				return;

+ 1 - 1
admin-web/src/router/frontEnd.ts

@@ -151,7 +151,7 @@ export function hasRoles(roles: any, route: any) {
 }
 
 export function hasMenuPermission(permList: any, route: any) {
-	if (route.meta && route.meta.perm) return permList.some((perm: any) => route.meta.perm.includes(perm));
+	if (route.meta && route.meta.perm) return permList.includes(route.meta.perm);
 	else return true;
 }
 

+ 1 - 1
car-wash-admin/src/main/java/com/kym/admin/config/StpInterfaceImpl.java

@@ -40,7 +40,7 @@ public class StpInterfaceImpl implements StpInterface {
 
     @Override
     public List<String> getRoleList(Object loginId, String loginType) {
-        return null;
+        return adminUserService.listUserRoles(CommUtil.null2Long(loginId));
     }
 
 }

+ 13 - 2
car-wash-entity/src/main/resources/sql/init.sql

@@ -400,7 +400,18 @@ INSERT INTO `t_permission` (`id`, `company_id`, `name`, `value`, `pid`, `weight`
 (82, NULL, '投资人列表', 'investor.list', 20, 2),
 (83, NULL, '修改投资人', 'investor.modify', 20, 3),
 (84, NULL, '删除投资人', 'investor.delete', 20, 4),
-(85, NULL, '删除设备配置', 'deviceConfig.remove', 57, 3);
+(85, NULL, '删除设备配置', 'deviceConfig.remove', 57, 3),
+
+-- ====== 数据统计 ======
+(86, NULL, '数据统计', 'statistics', 0, 6),
+(87, NULL, '日统计列表', 'dailyStat.list', 86, 1),
+(88, NULL, '日统计同步', 'dailyStat.sync', 86, 2),
+(89, NULL, '月统计列表', 'monthStat.list', 86, 3),
+(90, NULL, '月统计同步', 'monthStat.sync', 86, 4),
+
+-- ====== 停车券管理 ======
+(91, NULL, '停车券管理', 'parkingCouponRecord', 0, 105),
+(92, NULL, '发放记录', 'parkingCouponRecord.list', 91, 1);
 
 -- ----------------------------
 -- 初始化用户角色关联
@@ -411,7 +422,7 @@ INSERT INTO `t_admin_user_role` (`admin_user_id`, `role_id`) VALUES
 
 -- ----------------------------
 -- 初始化超级管理员角色权限(permissions 字段为管道分隔字符串)
--- 注意:85 个权限值总长超过 GROUP_CONCAT 默认 1024,需先调大
+-- 注意:92 个权限值总长超过 GROUP_CONCAT 默认 1024,需先调大
 -- ----------------------------
 SET SESSION group_concat_max_len = 10000;
 UPDATE `t_role` SET `permissions` = (

+ 66 - 0
car-wash-entity/src/main/resources/sql/v14_permission_patch.sql

@@ -0,0 +1,66 @@
+-- ====================================================
+-- 权限补充脚本:添加代码中已使用但种子数据缺失的权限
+-- 可重复执行(幂等)
+-- 适用场景:
+--   1. 全新初始化 init.sql 后,补充后续版本新增的权限
+--   2. 运行 v9_permission_reset.sql 后,恢复被清除的权限
+--   3. 任意已运行的数据库,补齐缺失权限
+-- ====================================================
+
+-- ----------------------------
+-- 1. 数据统计模块(对应 DailyStatController / MonthStatController)
+-- ----------------------------
+INSERT IGNORE INTO `t_permission` (`id`, `company_id`, `name`, `value`, `pid`, `weight`) VALUES
+(NULL, NULL, '数据统计', 'statistics', 0, 6);
+
+-- 获取 statistics 的 ID(兼容 AUTO_INCREMENT 不同步的情况)
+SET @stat_pid = (SELECT `id` FROM `t_permission` WHERE `value` = 'statistics' LIMIT 1);
+
+INSERT IGNORE INTO `t_permission` (`id`, `company_id`, `name`, `value`, `pid`, `weight`) VALUES
+(NULL, NULL, '日统计列表', 'dailyStat.list', @stat_pid, 1),
+(NULL, NULL, '日统计同步', 'dailyStat.sync', @stat_pid, 2),
+(NULL, NULL, '月统计列表', 'monthStat.list', @stat_pid, 3),
+(NULL, NULL, '月统计同步', 'monthStat.sync', @stat_pid, 4);
+
+-- ----------------------------
+-- 2. 停车券模块(对应 ParkingCouponRecordController)
+-- ----------------------------
+INSERT IGNORE INTO `t_permission` (`id`, `company_id`, `name`, `value`, `pid`, `weight`) VALUES
+(NULL, NULL, '停车券管理', 'parkingCouponRecord', 0, 105);
+
+SET @pcr_pid = (SELECT `id` FROM `t_permission` WHERE `value` = 'parkingCouponRecord' LIMIT 1);
+
+INSERT IGNORE INTO `t_permission` (`id`, `company_id`, `name`, `value`, `pid`, `weight`) VALUES
+(NULL, NULL, '发放记录', 'parkingCouponRecord.list', @pcr_pid, 1);
+
+-- ----------------------------
+-- 3. 将新权限追加到超级管理员角色(role_id=1)
+--    先取出当前 permissions,再拼接增量,避免 MySQL 同表子查询限制
+-- ----------------------------
+SET SESSION group_concat_max_len = 10000;
+
+-- 取出超级管理员当前已有权限
+SET @current_perms = (SELECT `permissions` FROM `t_role` WHERE `id` = 1);
+
+-- 拼接尚未包含的新权限值
+SET @append_perms = (SELECT GROUP_CONCAT(`value` SEPARATOR '|')
+    FROM `t_permission`
+    WHERE `value` IN (
+        'statistics', 'dailyStat.list', 'dailyStat.sync',
+        'monthStat.list', 'monthStat.sync',
+        'parkingCouponRecord', 'parkingCouponRecord.list'
+    )
+    AND FIND_IN_SET(`value`, REPLACE(@current_perms, '|', ',')) = 0
+);
+
+-- 如果有新权限才更新
+UPDATE `t_role`
+SET `permissions` = CONCAT(@current_perms, '|', @append_perms)
+WHERE `id` = 1 AND @append_perms IS NOT NULL AND @append_perms != '';
+
+-- ----------------------------
+-- 验证(取消注释以检查结果)
+-- ----------------------------
+-- SELECT COUNT(*) AS perm_count FROM t_permission;          -- 应为 92
+-- SELECT `value` FROM t_permission ORDER BY id;
+-- SELECT permissions FROM t_role WHERE id = 1;

+ 15 - 4
car-wash-entity/src/main/resources/sql/v9_permission_reset.sql

@@ -140,12 +140,23 @@ INSERT INTO `t_permission` (`id`, `company_id`, `name`, `value`, `pid`, `weight`
 (82, NULL, '投资人列表', 'investor.list', 20, 2),
 (83, NULL, '修改投资人', 'investor.modify', 20, 3),
 (84, NULL, '删除投资人', 'investor.delete', 20, 4),
-(85, NULL, '删除设备配置', 'deviceConfig.remove', 57, 3);
+(85, NULL, '删除设备配置', 'deviceConfig.remove', 57, 3),
+
+-- ====== 数据统计 ======
+(86, NULL, '数据统计', 'statistics', 0, 6),
+(87, NULL, '日统计列表', 'dailyStat.list', 86, 1),
+(88, NULL, '日统计同步', 'dailyStat.sync', 86, 2),
+(89, NULL, '月统计列表', 'monthStat.list', 86, 3),
+(90, NULL, '月统计同步', 'monthStat.sync', 86, 4),
+
+-- ====== 停车券管理 ======
+(91, NULL, '停车券管理', 'parkingCouponRecord', 0, 105),
+(92, NULL, '发放记录', 'parkingCouponRecord.list', 91, 1);
 
 -- ----------------------------
 -- 3. 将全部权限写入超级管理员角色(role_id = 1)
 --    permissions 字段为管道分隔的权限值字符串
---    注意:85 个权限值总长超过 GROUP_CONCAT 默认 1024,需先调大
+--    注意:92 个权限值总长超过 GROUP_CONCAT 默认 1024,需先调大
 -- ----------------------------
 SET SESSION group_concat_max_len = 10000;
 UPDATE `t_role` SET `permissions` = (
@@ -154,6 +165,6 @@ UPDATE `t_role` SET `permissions` = (
 
 -- ====================================================
 -- 验证
--- SELECT COUNT(*) AS perm_count FROM t_permission;          -- 应为 85
--- SELECT permissions FROM t_role WHERE id = 1;              -- 应为85个值以|分隔
+-- SELECT COUNT(*) AS perm_count FROM t_permission;          -- 应为 92
+-- SELECT permissions FROM t_role WHERE id = 1;              -- 应为92个值以|分隔
 -- ====================================================

+ 2 - 0
car-wash-mapper/src/main/java/com/kym/mapper/AdminUserMapper.java

@@ -19,5 +19,7 @@ import java.util.List;
 public interface AdminUserMapper extends MyBaseMapper<AdminUser> {
     List<AdminUserVo> listUserPermissions(@Param("userId") Long loginId);
 
+    List<String> listUserRoles(@Param("userId") Long loginId);
+
     List<AdminUserVo> listAdminUser(@Param("params") CommonQueryParam params);
 }

+ 7 - 1
car-wash-mapper/src/main/resources/mappers/AdminUserMapper.xml

@@ -59,6 +59,12 @@
         WHERE t1.id = #{userId}
     </select>
 
+    <select id="listUserRoles" resultType="string" parameterType="java.lang.Long">
+        SELECT t3.role_name
+        FROM t_admin_user_role t2
+        LEFT JOIN t_role t3 ON t2.role_id = t3.id
+        WHERE t2.admin_user_id = #{userId}
+    </select>
 
     <select id="listAdminUser" resultMap="AdminUserVoMap" parameterType="com.kym.entity.queryParams.CommonQueryParam">
         SELECT
@@ -85,7 +91,7 @@
                 and t1.mobile_phone = #{params.mobilePhone}
             </if>
             <if test="params.status != null">
-                and t1.status = #{params.mobilePhone}
+                and t1.status = #{params.status}
             </if>
         </where>
     </select>

+ 2 - 0
car-wash-service/src/main/java/com/kym/service/AdminUserService.java

@@ -31,6 +31,8 @@ public interface AdminUserService extends MyBaseService<AdminUser> {
 
     List<AdminUserVo> listUserPermissions(Long loginId);
 
+    List<String> listUserRoles(Long loginId);
+
     PageBean<AdminUserVo> listAdminUser(CommonQueryParam params);
 
     String createAdminUser(AdminUserVo adminUserVo);

+ 5 - 0
car-wash-service/src/main/java/com/kym/service/impl/AdminUserServiceImpl.java

@@ -131,6 +131,11 @@ public class AdminUserServiceImpl extends MyBaseServiceImpl<AdminUserMapper, Adm
         return baseMapper.listUserPermissions(loginId);
     }
 
+    @Override
+    public List<String> listUserRoles(Long loginId) {
+        return baseMapper.listUserRoles(loginId);
+    }
+
     @Override
     public PageBean<AdminUserVo> listAdminUser(CommonQueryParam params) {
         PageHelper.startPage(params.getPageNum(), params.getPageSize());