优化工作日志查看权限

- 移除了基于角色ID列表的动态查询，改为固定排除特定角色ID（1, 101, 162） -简化了查询参数，移除了不再使用的角色ID集合 - 增加了异常捕获和日志记录，以提高系统稳定性 - 注释了原来的动态查询逻辑，以便未来可能的恢复或调整
2024-10-10 18:30:25 +08:00 · 2024-10-10 18:30:25 +08:00 · 228e82e6ae
commit 228e82e6ae
parent 2dc56b3eec
3 changed files with 29 additions and 20 deletions
--- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/dal/mysql/worklog/LogInstanceMapper.java
+++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/dal/mysql/worklog/LogInstanceMapper.java
@ -98,7 +98,7 @@ public interface LogInstanceMapper extends BaseMapperX<LogInstanceDO> {
                                                @Param("userId") Long userId);

    @DataPermission(enable = false)
-    List<LogReadUserRespDTO> selectRaedUser(@Param("userId")Long userId, @Param("deptId")Long deptId, @Param("roleIds")Collection<Long> roleIds);
+    List<LogReadUserRespDTO> selectRaedUser(@Param("userId")Long userId, @Param("deptId")Long deptId);

    /**
     * 获取上一篇下一篇
--- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/worklog/LogInstanceServiceImpl.java
+++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/worklog/LogInstanceServiceImpl.java
@ -24,6 +24,7 @@ import cn.iocoder.yudao.module.system.service.worklog.dto.LogReadUserRespDTO;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import lombok.extern.slf4j.Slf4j;
 import org.mapstruct.ap.internal.util.Strings;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
@ -48,6 +49,7 @@ import static cn.iocoder.yudao.module.system.enums.ErrorCodeConstants.*;
 */
@Service
@Validated
+@Slf4j
 public class LogInstanceServiceImpl implements LogInstanceService {

    @Resource
@ -137,23 +139,29 @@ public class LogInstanceServiceImpl implements LogInstanceService {
        //创建日志时，查询可以查看发起人日志的用户组  用线程控制
        new Thread(() -> {

-            List<Long> roleIds = Arrays.asList(1L,101L);
-            String roleId = configApi.getConfigKey("system_work_log_role_id").getCheckedData();
-            if (Strings.isNotEmpty(roleId)) {
-                roleIds = Arrays.stream(roleId.split(",")).map(Long::valueOf).collect(Collectors.toList());
-            }
-            List<LogReadUserRespDTO> respDTOS = logInstanceMapper.selectRaedUser(userId, adminUserDO.getDeptId(), roleIds);
+            try {
+//                List<Long> roleIds = Arrays.asList(1L,101L);
+//                String roleId = configApi.getConfigKey("system_work_log_role_id").getCheckedData();
+//
+//                if (Strings.isNotEmpty(roleId)) {
+//                    roleIds = Arrays.stream(roleId.split(",")).map(Long::valueOf).collect(Collectors.toList());
+//                }
+                List<LogReadUserRespDTO> respDTOS = logInstanceMapper.selectRaedUser(userId, adminUserDO.getDeptId());

-            //特殊情况， 日志发起人为研发部时 手动添加查看者
-            if (adminUserDO.getDeptId() == 128L && adminUserDO.getId() != 126L) {
+                //特殊情况， 日志发起人为研发部时 手动添加查看者
+                if (adminUserDO.getDeptId() == 128L && adminUserDO.getId() != 126L) {

-                LogReadUserRespDTO dto = new LogReadUserRespDTO();
-                dto.setUserId(126L);
-                dto.setDeptId(128L);
-                respDTOS.add(dto);
+                    LogReadUserRespDTO dto = new LogReadUserRespDTO();
+                    dto.setUserId(126L);
+                    dto.setDeptId(128L);
+                    respDTOS.add(dto);
+                }
+
+                logReadService.createLogRule(respDTOS, logInstance.getId(), logInstance.getStartUserId());
+            } catch (Exception e) {
+                log.error("获取日志查看用户失败", e);
            }

-            logReadService.createLogRule(respDTOS, logInstance.getId(), logInstance.getStartUserId());
        }).start();

        // 返回
--- a/yudao-module-system/yudao-module-system-biz/src/main/resources/mapper/worklog/LogInstanceMapper.xml
+++ b/yudao-module-system/yudao-module-system-biz/src/main/resources/mapper/worklog/LogInstanceMapper.xml
@ -71,12 +71,13 @@
            WHERE
                role.permission = 'system:view-log:query'
                AND a.deleted = 0
-                <if test="roleIds != null and roleIds.size() > 0">
-                    AND a.role_id NOT IN
-                    <foreach collection="roleIds" item="roleId" open="(" close=")" separator=",">
-                        #{roleId}
-                    </foreach>
-                </if>
+                AND a.role_id NOT IN (1,101,162)
+<!--                <if test="roleIds != null and roleIds.size() > 0">-->
+<!--                    AND a.role_id NOT IN-->
+<!--                    <foreach collection="roleIds" item="roleId" open="(" close=")" separator=",">-->
+<!--                        #{roleId}-->
+<!--                    </foreach>-->
+<!--                </if>-->
        )  menu
        LEFT JOIN	system_role role on role.id  =  menu.role_id
        ) role_id ON u_role.role_id = role_id.id