Merge branch 'master' of http://49.4.53.36:3000/hotel/hotel-saas-backend

# Conflicts:
#	jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java

jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java

@@ -78,11 +78,7 @@ public class LoginController {
 	@RequestMapping(value = "/login", method = RequestMethod.POST)
 	public Result<JSONObject> login(@RequestHeader(value = "Auth") String auth, @RequestBody SysLoginModel sysLoginModel){
 		Result<JSONObject> result = new Result<JSONObject>();
-//		if(auth == null || !auth.equals(TENANT_KEY) || !auth.equals(PLATFORM_KEY)) {
-//			result.error500("未知的请求来源");
-//			return result;
-//		}
-		if(!(auth != null && (auth.equals(TENANT_KEY) || auth.equals(PLATFORM_KEY)))) {
+		if(auth == null || (!auth.equals(TENANT_KEY) && !auth.equals(PLATFORM_KEY))) {
 			result.error500("未知的请求来源");
 			return result;
 		}

jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java

@@ -9,10 +9,12 @@ import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
@@ -21,15 +23,9 @@ import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.util.PmsUtil;
 import org.jeecg.common.util.TokenUtils;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.modules.system.entity.SysPermission;
-import org.jeecg.modules.system.entity.SysPermissionDataRule;
-import org.jeecg.modules.system.entity.SysRole;
-import org.jeecg.modules.system.entity.SysRolePermission;
+import org.jeecg.modules.system.entity.*;
 import org.jeecg.modules.system.model.TreeModel;
-import org.jeecg.modules.system.service.ISysPermissionDataRuleService;
-import org.jeecg.modules.system.service.ISysPermissionService;
-import org.jeecg.modules.system.service.ISysRolePermissionService;
-import org.jeecg.modules.system.service.ISysRoleService;
+import org.jeecg.modules.system.service.*;
 import org.jeecgframework.poi.excel.ExcelImportUtil;
 import org.jeecgframework.poi.excel.def.NormalExcelConstants;
 import org.jeecgframework.poi.excel.entity.ExportParams;
@@ -82,6 +78,9 @@ public class SysRoleController {
 	@Autowired
 	private ISysPermissionService sysPermissionService;
 
+	@Autowired
+	private ISysUserRoleService sysUserRoleService;
+
 	/**
 	  * 分页列表查询
 	 * @param role
@@ -390,7 +389,20 @@ public class SysRoleController {
 			LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
 			query.eq(SysPermission::getDelFlag, CommonConstant.DEL_FLAG_0);
 			query.orderByAsc(SysPermission::getSortNo);
+			LoginUser authUser = TokenUtils.getAuthUser();
+			// 如果是租户用户 只取属于他自己的权限
+			if(authUser.getRelTenantIds() != null && !authUser.getRelTenantIds().isEmpty()) {
+				List<SysUserRole> userRoles = sysUserRoleService.list(Wrappers.<SysUserRole>query().eq("user_id",authUser.getId()));
+				List<String> roleIds = userRoles.stream().map(SysUserRole::getRoleId).collect(Collectors.toList());
+//				String  roleIds.stream().collect(Collectors.joining(","));
+				List<SysRolePermission> rolePermissions = sysRolePermissionService.list(Wrappers.<SysRolePermission>query().in("role_id",roleIds));
+				List<String> permissionIds = rolePermissions.stream().map(SysRolePermission::getPermissionId).distinct().collect(Collectors.toList());
+				query.in(SysPermission::getId,permissionIds);
+			}
+
+
 			List<SysPermission> list = sysPermissionService.list(query);
+
 			for(SysPermission sysPer : list) {
 				ids.add(sysPer.getId());
 			}