mirror of
https://gitee.com/youlaitech/youlai-mall.git
synced 2024-12-23 05:00:25 +08:00
feat(youlai-admin): 添加部门权限过滤
添加部门权限过滤
This commit is contained in:
zc
parent
a0bfa1e919
commit
3c052f57f2
@ -9,10 +9,15 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import com.youlai.admin.common.constant.SystemConstants;
|
||||
import com.youlai.admin.mapper.SysDeptMapper;
|
||||
import com.youlai.admin.pojo.entity.SysDept;
|
||||
import com.youlai.admin.pojo.entity.SysUser;
|
||||
import com.youlai.admin.pojo.vo.DeptVO;
|
||||
import com.youlai.admin.pojo.vo.TreeSelectVO;
|
||||
import com.youlai.admin.service.ISysDeptService;
|
||||
import com.youlai.admin.service.ISysRolePermissionService;
|
||||
import com.youlai.admin.service.ISysUserService;
|
||||
import com.youlai.common.constant.GlobalConstants;
|
||||
import com.youlai.common.web.util.JwtUtils;
|
||||
import lombok.AllArgsConstructor;
|
||||
import org.apache.logging.log4j.util.Strings;
|
||||
import org.springframework.stereotype.Service;
|
||||
import java.util.*;
|
||||
@ -25,9 +30,11 @@ import java.util.stream.Collectors;
|
||||
* @author <a href="mailto:xianrui0365@163.com">xianrui</a>
|
||||
* @date 2021-08-22
|
||||
*/
|
||||
@AllArgsConstructor
|
||||
@Service
|
||||
public class SysDeptServiceImpl extends ServiceImpl<SysDeptMapper, SysDept> implements ISysDeptService {
|
||||
|
||||
private ISysUserService iSysUserService;
|
||||
|
||||
/**
|
||||
* 部门表格(Table)层级列表
|
||||
@ -113,7 +120,9 @@ public class SysDeptServiceImpl extends ServiceImpl<SysDeptMapper, SysDept> impl
|
||||
.eq(SysDept::getStatus, GlobalConstants.STATUS_YES)
|
||||
.orderByAsc(SysDept::getSort)
|
||||
);
|
||||
List<TreeSelectVO> deptSelectList = recursionTreeSelectList(SystemConstants.ROOT_DEPT_ID, deptList);
|
||||
Long userId = JwtUtils.getUserId();
|
||||
SysUser user = iSysUserService.getById(userId);
|
||||
List<TreeSelectVO> deptSelectList = recursionTreeSelectList(user.getDeptId(), deptList);
|
||||
return deptSelectList;
|
||||
}
|
||||
|
||||
|
||||
@ -36,5 +36,9 @@
|
||||
<groupId>com.baomidou</groupId>
|
||||
<artifactId>mybatis-plus-boot-starter</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.youlai</groupId>
|
||||
<artifactId>common-web</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
||||
@ -28,9 +28,11 @@ public class MybatisPlusConfig {
|
||||
@Bean
|
||||
public MybatisPlusInterceptor mybatisPlusInterceptor() {
|
||||
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
|
||||
interceptor.addInnerInterceptor(new PaginationInnerInterceptor(DbType.MYSQL));
|
||||
//数据权限
|
||||
interceptor.addInnerInterceptor(new DataPermissionInterceptor(new DataPermissionHandlerImpl()));
|
||||
//分页插件
|
||||
interceptor.addInnerInterceptor(new PaginationInnerInterceptor(DbType.MYSQL));
|
||||
|
||||
return interceptor;
|
||||
}
|
||||
|
||||
|
||||
@ -1,11 +1,35 @@
|
||||
package com.youlai.common.mybatis.handler;
|
||||
|
||||
import cn.hutool.json.JSONObject;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.toolkit.ObjectUtils;
|
||||
import com.baomidou.mybatisplus.extension.plugins.handler.DataPermissionHandler;
|
||||
|
||||
import com.youlai.common.constant.GlobalConstants;
|
||||
import com.youlai.common.web.util.JwtUtils;
|
||||
import jdk.nashorn.internal.ir.JoinPredecessor;
|
||||
import jdk.nashorn.internal.ir.LexicalContext;
|
||||
import jdk.nashorn.internal.ir.LocalVariableConversion;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import net.sf.jsqlparser.expression.Expression;
|
||||
import net.logstash.logback.encoder.org.apache.commons.lang3.StringUtils;
|
||||
import net.sf.jsqlparser.JSQLParserException;
|
||||
import net.sf.jsqlparser.expression.*;
|
||||
import net.sf.jsqlparser.expression.operators.arithmetic.Concat;
|
||||
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
|
||||
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
|
||||
import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
|
||||
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
|
||||
import net.sf.jsqlparser.expression.operators.relational.LikeExpression;
|
||||
import net.sf.jsqlparser.expression.operators.relational.OldOracleJoinBinaryExpression;
|
||||
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
|
||||
import net.sf.jsqlparser.schema.Column;
|
||||
import net.sf.jsqlparser.schema.Table;
|
||||
import net.sf.jsqlparser.statement.select.*;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 部门数据权限
|
||||
@ -22,17 +46,19 @@ public class DataPermissionHandlerImpl implements DataPermissionHandler {
|
||||
Class<?> clazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf(".")));
|
||||
String methodName = mappedStatementId.substring(mappedStatementId.lastIndexOf(".") + 1);
|
||||
clazz.getAnnotatedSuperclass();
|
||||
|
||||
Method[] methods = clazz.getDeclaredMethods();
|
||||
for (Method method : methods) {
|
||||
InterceptorIgnore annotation = method.getAnnotation(InterceptorIgnore.class);
|
||||
if (ObjectUtils.isNotEmpty(annotation) && (method.getName().equals(methodName) || (method.getName() + "_COUNT").equals(methodName))) {
|
||||
// 获取当前的用户
|
||||
log.info(annotation.dataPermission());
|
||||
//LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest());
|
||||
//if (ObjectUtils.isNotEmpty(loginUser) && ObjectUtils.isNotEmpty(loginUser.getUser()) && !loginUser.getUser().isAdmin()) {
|
||||
// return dataScopeFilter(loginUser.getUser(), annotation.value(), where);
|
||||
//}
|
||||
Long userId = JwtUtils.getUserId();
|
||||
List<String> roles = JwtUtils.getRoles();
|
||||
if( !roles.isEmpty() && roles.contains(GlobalConstants.ROOT_ROLE_CODE)) {
|
||||
// 如果是超级管理员则放行
|
||||
return where;
|
||||
}else{
|
||||
return dataScopeFilter(userId, annotation.dataPermission(), where);
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (ClassNotFoundException e) {
|
||||
@ -44,78 +70,44 @@ public class DataPermissionHandlerImpl implements DataPermissionHandler {
|
||||
/**
|
||||
* 构建过滤条件
|
||||
*
|
||||
* @param user 当前登录用户
|
||||
* @param userId 当前登录用户id
|
||||
* @param where 当前查询条件
|
||||
* @return 构建后查询条件
|
||||
*/
|
||||
//public static Expression dataScopeFilter(SysUser user, String tableAlias, Expression where) {
|
||||
// Expression expression = null;
|
||||
// for (SysRole role : user.getRoles()) {
|
||||
// String dataScope = role.getDataScope();
|
||||
// if (DataScopeAspect.DATA_SCOPE_ALL.equals(dataScope)) {
|
||||
// return where;
|
||||
// }
|
||||
// if (DataScopeAspect.DATA_SCOPE_CUSTOM.equals(dataScope)) {
|
||||
// InExpression inExpression = new InExpression();
|
||||
// inExpression.setLeftExpression(buildColumn(tableAlias, "dept_id"));
|
||||
// SubSelect subSelect = new SubSelect();
|
||||
// PlainSelect select = new PlainSelect();
|
||||
// select.setSelectItems(Collections.singletonList(new SelectExpressionItem(new Column("dept_id"))));
|
||||
// select.setFromItem(new Table("sys_role_dept"));
|
||||
// EqualsTo equalsTo = new EqualsTo();
|
||||
// equalsTo.setLeftExpression(new Column("role_id"));
|
||||
// equalsTo.setRightExpression(new LongValue(role.getRoleId()));
|
||||
// select.setWhere(equalsTo);
|
||||
// subSelect.setSelectBody(select);
|
||||
// inExpression.setRightExpression(subSelect);
|
||||
// expression = ObjectUtils.isNotEmpty(expression) ? new OrExpression(expression, inExpression) : inExpression;
|
||||
// }
|
||||
// if (DataScopeAspect.DATA_SCOPE_DEPT.equals(dataScope)) {
|
||||
// EqualsTo equalsTo = new EqualsTo();
|
||||
// equalsTo.setLeftExpression(buildColumn(tableAlias, "dept_id"));
|
||||
// equalsTo.setRightExpression(new LongValue(user.getDeptId()));
|
||||
// expression = ObjectUtils.isNotEmpty(expression) ? new OrExpression(expression, equalsTo) : equalsTo;
|
||||
// }
|
||||
// if (DataScopeAspect.DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
|
||||
// InExpression inExpression = new InExpression();
|
||||
// inExpression.setLeftExpression(buildColumn(tableAlias, "dept_id"));
|
||||
// SubSelect subSelect = new SubSelect();
|
||||
// PlainSelect select = new PlainSelect();
|
||||
// select.setSelectItems(Collections.singletonList(new SelectExpressionItem(new Column("dept_id"))));
|
||||
// select.setFromItem(new Table("sys_dept"));
|
||||
// EqualsTo equalsTo = new EqualsTo();
|
||||
// equalsTo.setLeftExpression(new Column("dept_id"));
|
||||
// equalsTo.setRightExpression(new LongValue(user.getDeptId()));
|
||||
// Function function = new Function();
|
||||
// function.setName("find_in_set");
|
||||
// function.setParameters(new ExpressionList(new LongValue(user.getDeptId()) , new Column("ancestors")));
|
||||
// select.setWhere(new OrExpression(equalsTo, function));
|
||||
// subSelect.setSelectBody(select);
|
||||
// inExpression.setRightExpression(subSelect);
|
||||
// expression = ObjectUtils.isNotEmpty(expression) ? new OrExpression(expression, inExpression) : inExpression;
|
||||
// }
|
||||
// if (DataScopeAspect.DATA_SCOPE_SELF.equals(dataScope)) {
|
||||
// EqualsTo equalsTo = new EqualsTo();
|
||||
// equalsTo.setLeftExpression(buildColumn(tableAlias, "create_by"));
|
||||
// equalsTo.setRightExpression(new StringValue(user.getUserName()));
|
||||
// expression = ObjectUtils.isNotEmpty(expression) ? new OrExpression(expression, equalsTo) : equalsTo;
|
||||
// }
|
||||
// }
|
||||
// return ObjectUtils.isNotEmpty(where) ? new AndExpression(where, new Parenthesis(expression)) : expression;
|
||||
//}
|
||||
public static Expression dataScopeFilter(Long userId, String dataPermission, Expression where) {
|
||||
Expression expression = null;
|
||||
if(dataPermission.equals("1")){
|
||||
return where;
|
||||
}else{
|
||||
EqualsTo equalsTo = new EqualsTo(new Column( "id"),getDeptId(userId));
|
||||
expression = ObjectUtils.isNotEmpty(expression) ? new AndExpression(expression, equalsTo) : equalsTo;
|
||||
LikeExpression likeExpression = new LikeExpression();
|
||||
Function left = new Function();
|
||||
left.setName("concat");
|
||||
left.setParameters(new ExpressionList().addExpressions(new StringValue(","),new Column("tree_path"),new StringValue(",")));
|
||||
likeExpression.setLeftExpression(left);
|
||||
Function right = new Function();
|
||||
right.setName("concat");
|
||||
right.setParameters(new ExpressionList().addExpressions(new StringValue("%"),getDeptId(userId),new StringValue("%")));
|
||||
likeExpression.setRightExpression(right);
|
||||
expression = ObjectUtils.isNotEmpty(expression) ? new OrExpression(expression, likeExpression) : expression;
|
||||
}
|
||||
return ObjectUtils.isNotEmpty(where) ? new AndExpression(where, new Parenthesis(expression)) : expression;
|
||||
}
|
||||
|
||||
private static Expression getDeptId(Long userId){
|
||||
SubSelect subSelect = new SubSelect();
|
||||
PlainSelect select = new PlainSelect();
|
||||
select.setSelectItems(Collections.singletonList(new SelectExpressionItem(new Column("dept_id"))));
|
||||
select.setFromItem(new Table("sys_user"));
|
||||
EqualsTo equalsTo = new EqualsTo();
|
||||
equalsTo.setLeftExpression(new Column("id"));
|
||||
equalsTo.setRightExpression(new LongValue(userId));
|
||||
select.setWhere(equalsTo);
|
||||
subSelect.setSelectBody(select);
|
||||
return subSelect;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 构建Column
|
||||
*
|
||||
* @param tableAlias 表别名
|
||||
* @param columnName 字段名称
|
||||
* @return 带表别名字段
|
||||
*/
|
||||
//public static Column buildColumn(String tableAlias, String columnName) {
|
||||
// if (StringUtils.isNotEmpty(tableAlias)) {
|
||||
// columnName = tableAlias + "." + columnName;
|
||||
// }
|
||||
// return new Column(columnName);
|
||||
//}
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user