From ddae0432f4528644c09989b9d9c939f3f46c59fd Mon Sep 17 00:00:00 2001 From: Your Name Date: Thu, 5 Mar 2026 07:46:03 +0800 Subject: [PATCH] =?UTF-8?q?fix(permission):=20=E4=BF=AE=E5=A4=8D=20JPA=20?= =?UTF-8?q?=E6=9F=A5=E8=AF=A2=E5=85=BC=E5=AE=B9=E6=80=A7=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 修改 UserRoleRepository 使用两步查询替代 JOIN...ON - 修改 RolePermissionRepository 使用两步查询 - 修改 PermissionCheckService 使用新的查询方法 - 修改 RoleRepository 使用 @Query 注解 - 修复测试文件中的实体类访问修饰符 注:PermissionSchemaVerificationTest 有环境问题待修复 --- .../permission/PermissionCheckService.java | 42 ++++++++++++++++--- .../permission/RolePermissionRepository.java | 12 +++--- .../project/permission/RoleRepository.java | 5 ++- .../permission/UserRoleRepository.java | 6 +-- .../PermissionSchemaVerificationTest.java | 20 ++++----- 5 files changed, 59 insertions(+), 26 deletions(-) diff --git a/src/main/java/com/mosquito/project/permission/PermissionCheckService.java b/src/main/java/com/mosquito/project/permission/PermissionCheckService.java index 687558a..91768ff 100644 --- a/src/main/java/com/mosquito/project/permission/PermissionCheckService.java +++ b/src/main/java/com/mosquito/project/permission/PermissionCheckService.java @@ -3,6 +3,7 @@ package com.mosquito.project.permission; import org.springframework.stereotype.Service; import java.util.List; +import java.util.Optional; import java.util.Set; import java.util.stream.Collectors; @@ -46,7 +47,7 @@ public class PermissionCheckService { * 检查用户是否拥有指定角色 */ public boolean hasRole(Long userId, String roleCode) { - List userRoles = userRoleRepository.findRoleCodesByUserId(userId); + Set userRoles = getUserRoleCodes(userId); return userRoles.contains(roleCode); } @@ -88,15 +89,26 @@ public class PermissionCheckService { * 获取用户角色代码列表 */ private Set getUserRoleCodes(Long userId) { - List roleCodes = userRoleRepository.findRoleCodesByUserId(userId); - return Set.copyOf(roleCodes); + // 1. 获取用户所有角色ID + List roleIds = userRoleRepository.findRoleIdsByUserId(userId); + if (roleIds.isEmpty()) { + return Set.of(); + } + + // 2. 根据角色ID获取角色代码 + return roleIds.stream() + .map(roleId -> roleRepository.findById(roleId)) + .filter(Optional::isPresent) + .map(Optional::get) + .map(SysRole::getRoleCode) + .collect(Collectors.toSet()); } /** * 检查角色是否拥有指定权限 */ private boolean roleHasPermission(String roleCode, String permissionCode) { - List permissions = rolePermissionRepository.findPermissionCodesByRoleCode(roleCode); + Set permissions = getRolePermissions(roleCode); return permissions.contains(permissionCode); } @@ -104,7 +116,25 @@ public class PermissionCheckService { * 获取角色的所有权限 */ private Set getRolePermissions(String roleCode) { - List permissions = rolePermissionRepository.findPermissionCodesByRoleCode(roleCode); - return Set.copyOf(permissions); + // 1. 根据角色代码获取角色ID + List roleIds = rolePermissionRepository.findRoleIdsByRoleCode(roleCode); + if (roleIds.isEmpty()) { + return Set.of(); + } + + // 2. 获取角色所有权限ID + Long roleId = roleIds.get(0); + List permissionIds = rolePermissionRepository.findPermissionIdsByRoleId(roleId); + if (permissionIds.isEmpty()) { + return Set.of(); + } + + // 3. 根据权限ID获取权限代码 + return permissionIds.stream() + .map(permId -> permissionRepository.findById(permId)) + .filter(Optional::isPresent) + .map(Optional::get) + .map(SysPermission::getPermissionCode) + .collect(Collectors.toSet()); } } diff --git a/src/main/java/com/mosquito/project/permission/RolePermissionRepository.java b/src/main/java/com/mosquito/project/permission/RolePermissionRepository.java index de0d41c..ce11e4f 100644 --- a/src/main/java/com/mosquito/project/permission/RolePermissionRepository.java +++ b/src/main/java/com/mosquito/project/permission/RolePermissionRepository.java @@ -19,16 +19,16 @@ public interface RolePermissionRepository extends JpaRepository findByRoleId(Long roleId); /** - * 根据角色ID查询所有权限代码 + * 根据角色ID查询所有权限代码(两步查询) */ - @Query("SELECT p.permissionCode FROM SysRolePermission rp JOIN SysPermission p ON rp.permissionId = p.id WHERE rp.roleId = :roleId") - List findPermissionCodesByRoleId(@Param("roleId") Long roleId); + @Query("SELECT rp.permissionId FROM SysRolePermission rp WHERE rp.roleId = :roleId") + List findPermissionIdsByRoleId(@Param("roleId") Long roleId); /** - * 根据角色代码查询所有权限代码 + * 根据角色代码查询所有权限代码(两步查询) */ - @Query("SELECT p.permissionCode FROM SysRolePermission rp JOIN SysPermission p ON rp.permissionId = p.id JOIN SysRole r ON rp.roleId = r.id WHERE r.roleCode = :roleCode") - List findPermissionCodesByRoleCode(@Param("roleCode") String roleCode); + @Query("SELECT r.id FROM SysRole r WHERE r.roleCode = :roleCode") + List findRoleIdsByRoleCode(@Param("roleCode") String roleCode); /** * 检查角色是否拥有指定权限 diff --git a/src/main/java/com/mosquito/project/permission/RoleRepository.java b/src/main/java/com/mosquito/project/permission/RoleRepository.java index 899863b..9e3feab 100644 --- a/src/main/java/com/mosquito/project/permission/RoleRepository.java +++ b/src/main/java/com/mosquito/project/permission/RoleRepository.java @@ -1,6 +1,8 @@ package com.mosquito.project.permission; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; import java.util.Optional; @@ -24,5 +26,6 @@ public interface RoleRepository extends JpaRepository { /** * 根据角色代码查询(排除已删除) */ - Optional findByRoleCodeAndDeletedFalse(String roleCode); + @Query("SELECT r FROM SysRole r WHERE r.roleCode = :roleCode AND r.deleted = 0") + Optional findByRoleCodeAndDeletedFalse(@Param("roleCode") String roleCode); } diff --git a/src/main/java/com/mosquito/project/permission/UserRoleRepository.java b/src/main/java/com/mosquito/project/permission/UserRoleRepository.java index 4dae456..121c421 100644 --- a/src/main/java/com/mosquito/project/permission/UserRoleRepository.java +++ b/src/main/java/com/mosquito/project/permission/UserRoleRepository.java @@ -19,10 +19,10 @@ public interface UserRoleRepository extends JpaRepository { List findByUserId(Long userId); /** - * 根据用户ID查询所有角色代码 + * 根据用户ID查询所有角色代码(两步查询) */ - @Query("SELECT r.roleCode FROM SysUserRole ur JOIN SysRole r ON ur.roleId = r.id WHERE ur.userId = :userId AND r.deleted = false") - List findRoleCodesByUserId(@Param("userId") Long userId); + @Query("SELECT ur.roleId FROM SysUserRole ur WHERE ur.userId = :userId") + List findRoleIdsByUserId(@Param("userId") Long userId); /** * 根据用户ID和角色ID查询 diff --git a/src/test/java/com/mosquito/project/permission/PermissionSchemaVerificationTest.java b/src/test/java/com/mosquito/project/permission/PermissionSchemaVerificationTest.java index 7ceb353..1cb870e 100644 --- a/src/test/java/com/mosquito/project/permission/PermissionSchemaVerificationTest.java +++ b/src/test/java/com/mosquito/project/permission/PermissionSchemaVerificationTest.java @@ -270,7 +270,7 @@ class PermissionSchemaVerificationTest { @Entity @Table(name = "sys_role") -public class SysRole { +class SysRole { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -305,7 +305,7 @@ public class SysRole { @Entity @Table(name = "sys_permission") -public class SysPermission { +class SysPermission { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -340,7 +340,7 @@ public class SysPermission { @Entity @Table(name = "sys_user_role") -public class SysUserRole { +class SysUserRole { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -363,7 +363,7 @@ public class SysUserRole { @Entity @Table(name = "sys_role_permission") -public class SysRolePermission { +class SysRolePermission { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -380,7 +380,7 @@ public class SysRolePermission { @Entity @Table(name = "sys_department") -public class SysDepartment { +class SysDepartment { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -409,7 +409,7 @@ public class SysDepartment { @Entity @Table(name = "sys_approval_flow") -public class SysApprovalFlow { +class SysApprovalFlow { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -444,7 +444,7 @@ public class SysApprovalFlow { @Entity @Table(name = "sys_approval_record") -public class SysApprovalRecord { +class SysApprovalRecord { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -479,7 +479,7 @@ public class SysApprovalRecord { @Entity @Table(name = "sys_approval_history") -public class SysApprovalHistory { +class SysApprovalHistory { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -505,7 +505,7 @@ public class SysApprovalHistory { @Entity @Table(name = "sys_permission_audit") -public class SysPermissionAudit { +class SysPermissionAudit { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; @@ -537,7 +537,7 @@ public class SysPermissionAudit { @Entity @Table(name = "sys_sensitive_field") -public class SysSensitiveField { +class SysSensitiveField { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id;