权限增加

schoolNewsServ/system/src/main/resources/mapper/DeptRoleMapper.xml

@@ -79,6 +79,33 @@
     FROM tb_sys_dept_role dr
     LEFT JOIN tb_sys_dept d ON dr.dept_id = d.dept_id AND d.deleted = 0
     LEFT JOIN tb_sys_role r ON dr.role_id = r.role_id AND r.deleted = 0
+    INNER JOIN tb_resource_permission rp ON d.dept_id = rp.resource_id 
+        AND rp.resource_type = 4 
+        AND rp.deleted = 0
+        AND rp.can_read = 1
+        AND (
+            -- 全局权限：所有用户可访问
+            (rp.dept_id IS NULL AND rp.role_id IS NULL)
+            <if test="userDeptRoles != null and userDeptRoles.size() > 0">
+                OR EXISTS (
+                    SELECT 1 
+                    FROM (
+                        <foreach collection="userDeptRoles" item="udr" separator=" UNION ALL ">
+                            SELECT #{udr.deptID} AS dept_id, #{udr.deptPath} AS dept_path, #{udr.roleID} AS role_id
+                        </foreach>
+                    ) user_roles
+                    LEFT JOIN tb_sys_dept perm_dept ON perm_dept.dept_id = rp.dept_id AND perm_dept.deleted = 0
+                    WHERE 
+                       -- 部门级权限：当前部门或父部门（通过dept_path判断继承关系）
+                       (rp.role_id IS NULL AND rp.dept_id IS NOT NULL 
+                           AND user_roles.dept_path LIKE CONCAT(perm_dept.dept_path, '%'))
+                       -- 角色级权限：跨部门的角色权限
+                       OR (rp.dept_id IS NULL AND rp.role_id = user_roles.role_id)
+                       -- 精确权限：特定部门的特定角色
+                       OR (rp.dept_id = user_roles.dept_id AND rp.role_id = user_roles.role_id)
+                )
+            </if>
+        )
     WHERE dr.deleted = 0
     ORDER BY dr.dept_id, dr.role_id, dr.create_time DESC
   </select>