From 24011ae9ae2f20b9f2d54b3112039db98c7eed19 Mon Sep 17 00:00:00 2001
From: ruying408 <1877972603@qq.com>
Date: Thu, 11 Sep 2025 23:41:26 +0800
Subject: [PATCH] =?UTF-8?q?fix:=E7=BB=84=E7=BB=87=E6=9E=B6=E6=9E=84?=
 =?UTF-8?q?=E9=83=A8=E9=97=A8=E6=9F=A5=E8=AF=A2=E4=BA=BA=E5=91=98=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../core/exception/CoolPreconditions.java     |  8 ++++++
 .../com/cool/core/util/CoolSecurityUtil.java  |  6 +++++
 .../base/service/sys/BaseSysPermsService.java |  8 ++++++
 .../sys/impl/BaseSysPermsServiceImpl.java     |  5 ++++
 .../sys/impl/BaseSysUserServiceImpl.java      | 26 +++++++++++--------
 src/main/resources/banner.txt                 |  2 +-
 6 files changed, 43 insertions(+), 12 deletions(-)

diff --git a/src/main/java/com/cool/core/exception/CoolPreconditions.java b/src/main/java/com/cool/core/exception/CoolPreconditions.java
index 8779f3a..64cbb0e 100644
--- a/src/main/java/com/cool/core/exception/CoolPreconditions.java
+++ b/src/main/java/com/cool/core/exception/CoolPreconditions.java
@@ -1,6 +1,7 @@
 package com.cool.core.exception;
 
 import cn.hutool.core.util.ObjectUtil;
+import com.cool.core.request.R;
 import com.cool.core.util.I18nUtil;
 import java.util.Arrays;
 import java.util.Optional;
@@ -58,6 +59,13 @@ public class CoolPreconditions {
         returnData(true, data);
     }
 
+    public static void returnNoData(Object object) {
+        if (ObjectUtil.isEmpty(object)) {
+            R r = R.ok();
+            throw new CoolException(r.getMessage(), r.getCode());
+        }
+    }
+
     /**
      * 对象如果为空 就抛异常
      */
diff --git a/src/main/java/com/cool/core/util/CoolSecurityUtil.java b/src/main/java/com/cool/core/util/CoolSecurityUtil.java
index 5173cca..2dc6576 100644
--- a/src/main/java/com/cool/core/util/CoolSecurityUtil.java
+++ b/src/main/java/com/cool/core/util/CoolSecurityUtil.java
@@ -26,6 +26,12 @@ public class CoolSecurityUtil {
         return SecurityContextHolder.getContext().getAuthentication().getName();
     }
 
+    /**
+     * 是否为超级管理员
+     */
+    public static boolean isSuperAdmin() {
+        return "admin".equals(getAdminUsername());
+    }
     /**
      * 获得jwt中的信息
      *
diff --git a/src/main/java/com/cool/modules/base/service/sys/BaseSysPermsService.java b/src/main/java/com/cool/modules/base/service/sys/BaseSysPermsService.java
index 0e364db..e9cd9c2 100644
--- a/src/main/java/com/cool/modules/base/service/sys/BaseSysPermsService.java
+++ b/src/main/java/com/cool/modules/base/service/sys/BaseSysPermsService.java
@@ -88,6 +88,14 @@ public interface BaseSysPermsService {
      */
     Long[] getDepartmentIdsByRoleIds(Long[] roleIds);
 
+    /**
+     * 根据用户ID获得部门ID
+     *
+     * @param userId 角色ID数组
+     * @return 部门ID数组
+     */
+    Long[] getDepartmentIdsByUserId(Long userId);
+
     /**
      * 根据用户ID获得部门ID
      *
diff --git a/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysPermsServiceImpl.java b/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysPermsServiceImpl.java
index 42919a5..144bd84 100644
--- a/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysPermsServiceImpl.java
+++ b/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysPermsServiceImpl.java
@@ -83,6 +83,11 @@ public class BaseSysPermsServiceImpl implements BaseSysPermsService {
         return getLongs(roleIds);
     }
 
+    @Override
+    public Long[] getDepartmentIdsByUserId(Long userId) {
+        return (Long[]) coolCache.get("admin:department:" + userId);
+    }
+
     @Override
     public String[] getPermsCache(Long userId) {
         Object result = coolCache.get("admin:perms:" + userId);
diff --git a/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysUserServiceImpl.java b/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysUserServiceImpl.java
index 7ba615c..f150bbd 100644
--- a/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysUserServiceImpl.java
+++ b/src/main/java/com/cool/modules/base/service/sys/impl/BaseSysUserServiceImpl.java
@@ -6,6 +6,8 @@ import static com.cool.modules.base.entity.sys.table.BaseSysUserEntityTableDef.B
 import static com.cool.modules.base.entity.sys.table.BaseSysUserRoleEntityTableDef.BASE_SYS_USER_ROLE_ENTITY;
 import static com.mybatisflex.core.query.QueryMethods.groupConcat;
 
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.convert.Convert;
 import cn.hutool.core.lang.Dict;
 import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.StrUtil;
@@ -29,6 +31,7 @@ import com.mybatisflex.core.update.UpdateChain;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 
+import java.util.Collection;
 import java.util.List;
 
 /**
@@ -50,10 +53,17 @@ public class BaseSysUserServiceImpl extends BaseServiceImpl<BaseSysUserMapper, B
         String keyWord = requestParams.getStr("keyWord");
         Integer status = requestParams.getInt("status");
         Long[] departmentIds = requestParams.get("departmentIds", Long[].class);
-        JSONObject tokenInfo = CoolSecurityUtil.getAdminUserInfo(requestParams);
-        // 用户的部门权限
-        Long[] permsDepartmentArr = coolCache.get("admin:department:" + tokenInfo.get("userId"),
-            Long[].class);
+        CoolPreconditions.checkEmpty(departmentIds);
+        Collection<Long> intersectionDep = Convert.toList(Long.class, departmentIds);
+        if (!CoolSecurityUtil.isSuperAdmin()) {
+            // 用户的部门权限
+            Long[] permsDepartmentArr = baseSysPermsService.getDepartmentIdsByUserId(CoolSecurityUtil.getCurrentUserId());
+            CoolPreconditions.returnNoData(permsDepartmentArr);
+            // 取交集
+            intersectionDep = CollUtil.intersection(Convert.toList(Long.class, departmentIds), Convert.toList(Long.class, permsDepartmentArr));
+            CoolPreconditions.returnNoData(intersectionDep);
+        }
+
         if (DatabaseDialectUtils.isPostgresql()) {
             // 兼容postgresql
             qw.select("base_sys_user.id","base_sys_user.create_time","base_sys_user.department_id",
@@ -79,9 +89,6 @@ public class BaseSysUserServiceImpl extends BaseServiceImpl<BaseSysUserMapper, B
 
         // 不显示admin用户
         qw.and(BASE_SYS_USER_ENTITY.USERNAME.ne("admin"));
-        // 筛选部门
-        qw.and(BASE_SYS_USER_ENTITY.DEPARTMENT_ID.in(departmentIds,
-            ArrayUtil.isNotEmpty(departmentIds)));
         // 筛选状态
         qw.and(BASE_SYS_USER_ENTITY.STATUS.eq(status, status != null));
         // 搜索关键字
@@ -90,10 +97,7 @@ public class BaseSysUserServiceImpl extends BaseServiceImpl<BaseSysUserMapper, B
                 .or(BASE_SYS_USER_ENTITY.USERNAME.like(keyWord)));
         }
         // 过滤部门权限
-        qw.and(BASE_SYS_USER_ENTITY.DEPARTMENT_ID.in(
-            permsDepartmentArr == null || permsDepartmentArr.length == 0 ? new Long[]{null}
-                : permsDepartmentArr,
-            !CoolSecurityUtil.getAdminUsername().equals("admin")));
+        qw.and(BASE_SYS_USER_ENTITY.DEPARTMENT_ID.in(intersectionDep, ArrayUtil.isNotEmpty(intersectionDep)));
         if (DatabaseDialectUtils.isPostgresql()) {
             // 兼容postgresql
             qw.groupBy("base_sys_user.id","base_sys_user.create_time","base_sys_user.department_id",
diff --git a/src/main/resources/banner.txt b/src/main/resources/banner.txt
index 0fce0d9..547703b 100644
--- a/src/main/resources/banner.txt
+++ b/src/main/resources/banner.txt
@@ -1,4 +1,4 @@
-✨🌈✨[cool-admin-java-plus](https://gitee.com/hlc4417/cool-admin-java-plus)✨🌈✨
+🚀🚀🚀 ✨🌈✨[cool-admin-java-plus](https://gitee.com/hlc4417/cool-admin-java-plus)✨🌈✨ 🚀🚀🚀
    ______    ___      ___   _____              _       ______   ____    ____  _____  ____  _____
  .' ___  | .'   `.  .'   `.|_   _|    V8.x    / \     |_   _ `.|_   \  /   _||_   _||_   \|_   _|
 / .'   \_|/  .-.  \/  .-.  \ | |     ______  / _ \      | | `. \ |   \/   |    | |    |   \ | |