项目初始化

5554970f · yuwei · 301052e8 · 5554970f · 5554970f · 5554970f
Commit 5554970f authored Nov 22, 2019 by yuwei
5 changed files
--- a/datax-common/datax-common-core/src/main/java/cn/datax/common/base/BaseQueryParams.java
+++ b/datax-common/datax-common-core/src/main/java/cn/datax/common/base/BaseQueryParams.java
@@ -18,6 +18,8 @@ public class BaseQueryParams implements Serializable {
    private List<String> columnList;
    // 排序
    private List<OrderItem> orderList;
+    // 数据权限
+    private String dataScope;
    @Data
    public class OrderItem{

--- a/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/annotation/DataScope2.java
+++ b/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/annotation/DataScope2.java
@@ -10,7 +10,7 @@ import java.lang.annotation.*;
 @Retention(RetentionPolicy.RUNTIME)
 @Documented
 @Inherited
-public @interface DataScope2 {
+public @interface DataScopeAop {
    /**
     * 部门表的别名

--- a/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/aspectj/DataScopeAspect.java
+++ b/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/aspectj/DataScopeAspect.java
+package cn.datax.common.mybatis.aspectj;
+import java.lang.reflect.Method;
+import java.util.List;
+import cn.datax.common.base.BaseQueryParams;
+import cn.datax.common.core.DataConstant;
+import cn.datax.common.core.DataRole;
+import cn.datax.common.core.DataUser;
+import cn.datax.common.mybatis.annotation.DataScopeAop;
+import cn.datax.common.utils.SecurityUtil;
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.util.StrUtil;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.Signature;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+/**
+ * 数据过滤处理（基于注解式）
+ */
+@Slf4j
+@Aspect
+public class DataScopeAspect {
+    // 配置织入点
+    @Pointcut("@annotation(cn.datax.common.mybatis.annotation.DataScopeAop)")
+    public void dataScopePointCut() {
+    }
+    @Before("dataScopePointCut()")
+    public void doBefore(JoinPoint point) {
+        handleDataScope(point);
+    }
+    protected void handleDataScope(final JoinPoint joinPoint) {
+        // 获得注解
+        DataScopeAop dataScope = getAnnotationLog(joinPoint);
+        if (dataScope == null) {
+            return;
+        }
+        DataUser currentUser = SecurityUtil.getDataUser();
+        if (null != currentUser) {
+            // 如果是超级管理员，则不过滤数据
+            if (!currentUser.isAdmin()) {
+                dataScopeFilter(joinPoint, currentUser, dataScope);
+            }
+        }
+    }
+    /**
+     * 数据范围过滤
+     *
+     * @param user
+     * @param dataScope
+     */
+    private void dataScopeFilter(JoinPoint joinPoint, DataUser user, DataScopeAop dataScope) {
+        StringBuilder sqlString = new StringBuilder();
+        List<DataRole> roles = user.getRoles();
+        if (CollUtil.isNotEmpty(roles)){
+            for (DataRole role : roles){
+                Integer roleDataScope = role.getDataScope();
+                if (DataConstant.DataScope.ALL.getKey().equals(roleDataScope)) {
+                    sqlString = new StringBuilder();
+                    break;
+                } else if (DataConstant.DataScope.CUSTOM.getKey().equals(roleDataScope)) {
+                    sqlString.append(StrUtil.format(
+                            " OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ",
+                            dataScope.deptAlias()
+                            ,role.getId()
+                    ));
+                } else if (DataConstant.DataScope.DEPT.getKey().equals(roleDataScope)) {
+                    sqlString.append(StrUtil.format(
+                            " OR {}.dept_id IN ( SELECT dept_id FROM sys_user_dept WHERE user_id = {} ) ",
+                            dataScope.deptAlias()
+                            ,user.getId()
+                    ));
+                } else if (DataConstant.DataScope.DEPTANDCHILD.getKey().equals(roleDataScope)) {
+                    sqlString.append(StrUtil.format(
+                            " OR {}.dept_id IN ( SELECT descendant FROM sys_dept_relation WHERE ancestor = {} )",
+                            dataScope.deptAlias()
+                            ,role.getId()
+                    ));
+                } else if (DataConstant.DataScope.SELF.getKey().equals(roleDataScope)) {
+                    if (StrUtil.isNotBlank(dataScope.userAlias())) {
+                        sqlString.append(StrUtil.format(" OR {}.user_id = {} ", dataScope.userAlias(), user.getId()));
+                    } else {
+                        // 数据权限为仅本人且没有userAlias别名不查询任何数据
+                        sqlString.append(" OR 1=0 ");
+                    }
+                }
+            }
+        }
+        if (StrUtil.isNotBlank(sqlString.toString())) {
+            BaseQueryParams baseQueryParams = (BaseQueryParams) joinPoint.getArgs()[0];
+            baseQueryParams.setDataScope(" AND (" + sqlString.substring(4) + ")");
+        }
+        log.info("数据范围过滤:{}", sqlString);
+    }
+    /**
+     * 是否存在注解，如果存在就获取
+     */
+    private DataScopeAop getAnnotationLog(JoinPoint joinPoint) {
+        Signature signature = joinPoint.getSignature();
+        MethodSignature methodSignature = (MethodSignature) signature;
+        Method method = methodSignature.getMethod();
+        if (method != null) {
+            return method.getAnnotation(DataScopeAop.class);
+        }
+        return null;
+    }
+}
--- a/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/config/DataBatisPlusConfig.java
+++ b/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/config/DataBatisPlusConfig.java
 package cn.datax.common.mybatis.config;
+import cn.datax.common.mybatis.aspectj.DataScopeAspect;
 import cn.datax.common.mybatis.interceptor.DataScopeInterceptor;
 import com.baomidou.mybatisplus.extension.plugins.PaginationInterceptor;
 import org.mybatis.spring.annotation.MapperScan;
@@ -29,4 +30,14 @@ public class DataBatisPlusConfig {
 	public DataScopeInterceptor dataScopeInterceptor() {
 		return new DataScopeInterceptor();
 	}
+	/**
+	 * 数据过滤处理（基于注解式）
+	 *
+	 * @return dataScopeAspect
+	 */
+	@Bean
+	public DataScopeAspect dataScopeAspect() {
+		return new DataScopeAspect();
+	}
 }
--- a/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/interceptor/DataScopeInterceptor.java
+++ b/datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/interceptor/DataScopeInterceptor.java
@@ -104,6 +104,9 @@ public class DataScopeInterceptor extends AbstractSqlParserHandler implements In
 				} else if (DataConstant.DataScope.SELF.getKey().equals(roleDataScope)) {
 					if (StrUtil.isNotBlank(dataScope.getUserAlias())) {
 						sqlString.append(StrUtil.format(" OR {}.user_id = {} ", dataScope.getUserAlias(), user.getId()));
+					} else {
+						// 数据权限为仅本人且没有userAlias别名不查询任何数据
+						sqlString.append(" OR 1=0 ");
 					}
 				}
 			}