perf: 优化部分ids进行字符串分割后的校验

ruoyi-fastapi-backend/module_admin/controller/dept_controller.py

@@ -101,9 +101,10 @@ async def delete_system_dept(
     data_scope_sql: str = Depends(GetDataScope('SysDept')),
 ):
     dept_id_list = dept_ids.split(',')
-    for dept_id in dept_id_list:
+    if dept_id_list:
-        if not current_user.user.admin:
+        for dept_id in dept_id_list:
-            await DeptService.check_dept_data_scope_services(query_db, int(dept_id), data_scope_sql)
+            if not current_user.user.admin:
+                await DeptService.check_dept_data_scope_services(query_db, int(dept_id), data_scope_sql)
     delete_dept = DeleteDeptModel(deptIds=dept_ids)
     delete_dept.update_by = current_user.user.user_name
     delete_dept.update_time = datetime.now()

ruoyi-fastapi-backend/module_admin/controller/role_controller.py

@@ -131,10 +131,11 @@ async def delete_system_role(
     data_scope_sql: str = Depends(GetDataScope('SysDept')),
 ):
     role_id_list = role_ids.split(',')
-    for role_id in role_id_list:
+    if role_id_list:
-        await RoleService.check_role_allowed_services(RoleModel(roleId=int(role_id)))
+        for role_id in role_id_list:
-        if not current_user.user.admin:
+            await RoleService.check_role_allowed_services(RoleModel(roleId=int(role_id)))
-            await RoleService.check_role_data_scope_services(query_db, role_id, data_scope_sql)
+            if not current_user.user.admin:
+                await RoleService.check_role_data_scope_services(query_db, role_id, data_scope_sql)
     delete_role = DeleteRoleModel(roleIds=role_ids, updateBy=current_user.user.user_name, updateTime=datetime.now())
     delete_role_result = await RoleService.delete_role_services(query_db, delete_role)
     logger.info(delete_role_result.message)

ruoyi-fastapi-backend/module_admin/controller/user_controller.py

@@ -83,7 +83,9 @@ async def add_system_user(
 ):
     if not current_user.user.admin:
         await DeptService.check_dept_data_scope_services(query_db, add_user.dept_id, dept_data_scope_sql)
-        await RoleService.check_role_data_scope_services(query_db, ','.join([str(item) for item in add_user.role_ids]), role_data_scope_sql)
+        await RoleService.check_role_data_scope_services(
+            query_db, ','.join([str(item) for item in add_user.role_ids]), role_data_scope_sql
+        )
     add_user.password = PwdUtil.get_password_hash(add_user.password)
     add_user.create_by = current_user.user.user_name
     add_user.create_time = datetime.now()
@@ -111,7 +113,9 @@ async def edit_system_user(
     if not current_user.user.admin:
         await UserService.check_user_data_scope_services(query_db, edit_user.user_id, user_data_scope_sql)
         await DeptService.check_dept_data_scope_services(query_db, edit_user.dept_id, dept_data_scope_sql)
-        await RoleService.check_role_data_scope_services(query_db, ','.join([str(item) for item in edit_user.role_ids]), role_data_scope_sql)
+        await RoleService.check_role_data_scope_services(
+            query_db, ','.join([str(item) for item in edit_user.role_ids]), role_data_scope_sql
+        )
     edit_user.update_by = current_user.user.user_name
     edit_user.update_time = datetime.now()
     edit_user_result = await UserService.edit_user_services(query_db, edit_user)
@@ -130,14 +134,15 @@ async def delete_system_user(
     data_scope_sql: str = Depends(GetDataScope('SysUser')),
 ):
     user_id_list = user_ids.split(',')
-    if current_user.user.user_id in user_id_list:
+    if user_id_list:
-        logger.warning('当前登录用户不能删除')
+        if current_user.user.user_id in user_id_list:
-
+            logger.warning('当前登录用户不能删除')
-        return ResponseUtil.failure(msg='当前登录用户不能删除')
+
-    for user_id in user_id_list:
+            return ResponseUtil.failure(msg='当前登录用户不能删除')
-        await UserService.check_user_allowed_services(UserModel(userId=int(user_id)))
+        for user_id in user_id_list:
-        if not current_user.user.admin:
+            await UserService.check_user_allowed_services(UserModel(userId=int(user_id)))
-            await UserService.check_user_data_scope_services(query_db, int(user_id), data_scope_sql)
+            if not current_user.user.admin:
+                await UserService.check_user_data_scope_services(query_db, int(user_id), data_scope_sql)
     delete_user = DeleteUserModel(userIds=user_ids, updateBy=current_user.user.user_name, updateTime=datetime.now())
     delete_user_result = await UserService.delete_user_services(query_db, delete_user)
     logger.info(delete_user_result.message)

ruoyi-fastapi-backend/module_admin/service/role_service.py

@@ -92,14 +92,16 @@ class RoleService:
         :param data_scope_sql: 数据权限对应的查询sql语句
         :return: 校验结果
         """
-        for role_id in role_ids.split(','):
+        role_id_list = role_ids.split(',')
-            roles = await RoleDao.get_role_list(
+        if role_id_list:
-                query_db, RolePageQueryModel(roleId=int(role_id)), data_scope_sql, is_page=False
+            for role_id in role_id_list:
-            )
+                roles = await RoleDao.get_role_list(
-            if roles:
+                    query_db, RolePageQueryModel(roleId=int(role_id)), data_scope_sql, is_page=False
-                return CrudResponseModel(is_success=True, message='校验通过')
+                )
-            else:
+                if roles:
-                raise ServiceException(message='没有权限访问角色数据')
+                    return CrudResponseModel(is_success=True, message='校验通过')
+                else:
+                    raise ServiceException(message='没有权限访问角色数据')
 
     @classmethod
     async def check_role_name_unique_services(cls, query_db: AsyncSession, page_object: RoleModel):