2 月之前 · dea502314a
--- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/AppmanageController.java
+++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/AppmanageController.java
@@ -5,6 +5,7 @@ import io.swagger.annotations.ApiOperation;
 
				 import lombok.extern.slf4j.Slf4j;
			
 
				 import org.apache.shiro.authz.annotation.RequiresPermissions;
			
 
				 import org.jeecg.common.api.vo.Result;
			
 
				+import org.jeecg.common.aspect.annotation.PermissionData;
			
 
				 import org.jeecg.modules.system.entity.AppmanageEntity.*;
			
 
				 import org.jeecg.modules.system.service.AppmanageService;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
@@ -167,6 +168,19 @@ public class AppmanageController {
 
				         return Result.ok(appInfoService.isAppAdminOrDevOrOpe(appid));
			
 
				     }
			
 
				 
			
 
				+
			
 
				+    // 获取应用列表(权限隔离)
			
 
				+    @PermissionData
			
 
				+//    @RequiresPermissions("sys:app:admin")
			
 
				+    @RequestMapping(value = "/appList", method = RequestMethod.GET)
			
 
				+    public Result<List<AppBaseInfo>> adminAppList() {
			
 
				+        List<AppBaseInfo> appBaseInfos = appInfoService.appList();
			
 
				+        Result<List<AppBaseInfo>> result = new Result<>();
			
 
				+        result.setResult(appBaseInfos);
			
 
				+        result.setSuccess(true);
			
 
				+        return result;
			
 
				+    }
			
 
				+
			
 
				     // 应用注册审核通过后续处理（微服务调用）
			
 
				     @GetMapping("/afterAppCheckPass")
			
 
				     public void afterAppCheckPass(@RequestParam("appid")String appid){
			
--- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/mapper/AppBaseInfoMapper.java
+++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/mapper/AppBaseInfoMapper.java
@@ -28,4 +28,7 @@ public interface AppBaseInfoMapper extends BaseMapper<AppBaseInfo> {
 
				     // 从用户表找到用户账号
			
 
				     @Select("SELECT username from sys_user where id = #{id}")
			
 
				     String queryUsernameById(@Param("id") String id);
			
 
				+
			
 
				+    //应用列表（数据隔离）
			
 
				+    List<AppBaseInfo> appList(@Param("permissionSql") String permissionSql);
			
 
				 }
			
--- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/AppmanageService.java
+++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/AppmanageService.java
@@ -60,6 +60,9 @@ public interface AppmanageService  {
 
				     // 当前登录用户是否拥有平台应用管理员
			
 
				     boolean isAppAdmin();
			
 
				 
			
 
				+    // 应用列表(数据隔离)
			
 
				+    List<AppBaseInfo> appList();
			
 
				+
			
 
				     // 是否为应用管理员或开发负责人、运维负责人
			
 
				     boolean isAppAdminOrDevOrOpe(String appid);
			
 
				 
			
--- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/AppmanageServiceImpl.java
+++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/AppmanageServiceImpl.java
@@ -9,8 +9,10 @@ import org.apache.shiro.SecurityUtils;
 
				 import org.jeecg.common.api.dto.message.TemplateMessageDTO;
			
 
				 import org.jeecg.common.config.mqtoken.UserTokenContext;
			
 
				 import org.jeecg.common.constant.CommonConstant;
			
 
				+import org.jeecg.common.system.query.QueryGenerator;
			
 
				 import org.jeecg.common.system.vo.LoginUser;
			
 
				 import org.jeecg.common.util.RedisUtil;
			
 
				+import org.jeecg.common.util.oConvertUtils;
			
 
				 import org.jeecg.modules.base.service.BaseCommonService;
			
 
				 import org.jeecg.modules.client.AppManage.WorkFlowClient;
			
 
				 import org.jeecg.modules.system.controller.SysUserController;
			
@@ -651,6 +653,29 @@ public class AppmanageServiceImpl implements AppmanageService {
 
				         return loginUser.getId().equals(baseInfo.getAdmin());
			
 
				     }
			
 
				 
			
 
				+    @Override
			
 
				+    public List<AppBaseInfo> appList() {
			
 
				+        String sql = QueryGenerator.installAuthJdbc(AppBaseInfo.class);
			
 
				+        LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
			
 
				+        Boolean isAdmin = loginUser.getUsername().equals("admin");
			
 
				+        if (isAdmin) return baseInfoMapper.appList("");
			
 
				+        if (oConvertUtils.isNotEmpty(sql)){
			
 
				+            //对sql进行处理避免注入
			
 
				+            if (sql.startsWith(" and id in (")&& sql.endsWith(")")){
			
 
				+                StringBuilder inSql = new StringBuilder("AND id IN (");
			
 
				+                String inClause = sql.substring(" and id in (".length(), sql.length() - 1);
			
 
				+                List<String> ids = Arrays.asList(inClause.split(","));
			
 
				+                if (!ids.isEmpty()){
			
 
				+                    ids.forEach(id -> inSql.append(id).append(","));
			
 
				+                    inSql.deleteCharAt(inSql.length() - 1);
			
 
				+                }else inSql.append(inClause);
			
 
				+                inSql .append(") ");
			
 
				+                return baseInfoMapper.appList(inSql.toString());
			
 
				+            }
			
 
				+        }
			
 
				+        return new ArrayList<>();
			
 
				+    }
			
 
				+
			
 
				 
			
 
				     // 应用审核通过后一系列创建应用一级菜单、默认角色、授权操作(完整注册时)
			
 
				     public void afterAppCheckPass(String appid) {