[fix] WithRolesCondition sql 拼接错误

base/resource.go

@@ -144,7 +144,16 @@ func (this Resource) GetDBDriver() string {
 }
 
 func (this Resource) GetAuthDBTable(u contracts.User, params ...any) *db.Builder {
-	return this.GetDBTable(append(params, u)...)
+	builder := this.GetDBTable(append(params, u)...)
+
+	// 数据权限过滤
+	builder.Before(func(b *db.Builder, t string, data ...map[string]any) {
+		if t == db.TYPE_SELECT || t == db.TYPE_UPDATE || t == db.TYPE_DELETE {
+			this.WithRolesCondition(b, t, u.Roles()...)
+		}
+	})
+
+	return builder
 }
 
 // GetDBTable("Test", contracts.User)
@@ -180,8 +189,6 @@ func (this Resource) GetDBTable(params ...any) *db.Builder {
 				// 填充保存数据
 				this.fillSaveValue(data[i], user, db.TYPE_INSERT)
 			}
-		} else if user != nil {
-			this.WithRolesCondition(b, t, user.Roles()...)
 		}
 	})
 
@@ -255,7 +262,7 @@ func (this Resource) WithRolesCondition(b *db.Builder, t string, roles ...string
 			isFullRight = true
 			return db.ToSql()
 		} else if conditions.IsNotEmpty() {
-			db.WhereRaw(string(conditions.ToSql(nil)))
+			db.Where(conditions.ToSql(nil))
 
 			// 如果前面是无权限的sql查看, 这直接返回本次查询
 			if isFullNot {
@@ -268,23 +275,24 @@ func (this Resource) WithRolesCondition(b *db.Builder, t string, roles ...string
 			carry += " UNION "
 		}
 
-		carry += db.ToSql()
+		return fmt.Sprintf("%s(%s)", carry, db.ToSql())
-
-		return carry
 	}, "")
 
 	if isFullRight {
 		return nil
 	}
 
-	// select, delete, update
 	if isFullNot {
 		b.WhereRaw("false")
 	} else if subTables != "" {
 		if t == db.TYPE_SELECT {
-			b.Table(subTables, b.TableAlias)
+			b.FromSub(subTables, b.TableAlias)
 		} else {
-			b.WhereRaw(fmt.Sprintf("id in (SELECT temp.id FROM (%s) as temp)", subTables))
+			b.WhereRaw(fmt.Sprintf(
+				"`%s`.`id` in (SELECT `temp`.`id` FROM (%s) as `temp`)",
+				lo.Ternary(b.TableAlias != "", b.TableAlias, this.GetCode()),
+				subTables,
+			))
 		}
 	}