From 2599073f56d1fc86cd6b2e7fbf38378a0a6ad15e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90Li?=
 <15040126243@163.com>
Date: Wed, 15 Dec 2021 23:33:51 +0800
Subject: [PATCH] =?UTF-8?q?fix=20=E4=BF=AE=E5=A4=8D=E6=95=B0=E6=8D=AE?=
 =?UTF-8?q?=E6=9D=83=E9=99=90=20=E5=85=9C=E5=BA=95sql=E5=A4=84=E7=90=86?=
 =?UTF-8?q?=E9=80=BB=E8=BE=91=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../handler/PlusDataPermissionHandler.java    | 47 ++++++++++---------
 1 file changed, 25 insertions(+), 22 deletions(-)

diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java
index 527fa60a4..f3e32078d 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java
@@ -75,41 +75,44 @@ public class PlusDataPermissionHandler {
      */
     private String buildDataFilter(SysUser user, DataColumn[] dataColumns, boolean isSelect) {
         StringBuilder sqlString = new StringBuilder();
-
+        // 更新或删除需满足所有条件
+        String joinStr = isSelect ? " OR " : " AND ";
         StandardEvaluationContext context = new StandardEvaluationContext();
         context.setBeanResolver(beanResolver);
         context.setVariable("user", user);
-
-        for (DataColumn dataColumn : dataColumns) {
-            // 设置注解变量 key 为表达式变量 value 为变量值
-            context.setVariable(dataColumn.key(), dataColumn.value());
-            for (SysRole role : user.getRoles()) {
-                user.setRoleId(role.getRoleId());
-
-                // 获取角色权限泛型
-                DataScopeType type = DataScopeType.findCode(role.getDataScope());
-                if (ObjectUtil.isNull(type)) {
-                    throw new ServiceException("角色数据范围异常 => " + role.getDataScope());
-                }
-                // 全部数据权限直接返回
-                if (type == DataScopeType.ALL) {
-                    return "";
-                }
+        for (SysRole role : user.getRoles()) {
+            user.setRoleId(role.getRoleId());
+            // 获取角色权限泛型
+            DataScopeType type = DataScopeType.findCode(role.getDataScope());
+            if (ObjectUtil.isNull(type)) {
+                throw new ServiceException("角色数据范围异常 => " + role.getDataScope());
+            }
+            // 全部数据权限直接返回
+            if (type == DataScopeType.ALL) {
+                return "";
+            }
+            boolean isSuccess = false;
+            for (DataColumn dataColumn : dataColumns) {
                 // 不包含 key 变量 则不处理
                 if (!StringUtils.contains(type.getSqlTemplate(), "#" + dataColumn.key())) {
-                    sqlString.append(type.getElseSql());
                     continue;
                 }
-                // 更新或删除需满足所有条件
-                sqlString.append(isSelect ? " OR " : " AND ");
+                // 设置注解变量 key 为表达式变量 value 为变量值
+                context.setVariable(dataColumn.key(), dataColumn.value());
+
                 // 解析sql模板并填充
                 String sql = parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class);
-                sqlString.append(sql);
+                sqlString.append(joinStr).append(sql);
+                isSuccess = true;
+            }
+            // 未处理成功则填充兜底方案
+            if (!isSuccess) {
+                sqlString.append(joinStr).append(type.getElseSql());
             }
         }
 
         if (StringUtils.isNotBlank(sqlString.toString())) {
-            return sqlString.substring(isSelect ? 4 : 5);
+            return sqlString.substring(joinStr.length());
         }
         return "";
     }