admin/wisdomisite-java
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
wisdomisite-java/src/main/java/com/zhgd/mybatis/DataScopeInterceptor.java

374 lines
17 KiB
Java
Raw Normal View History

数据权限
2024-04-23 20:01:26 +08:00
package com.zhgd.mybatis;
权限
2024-05-27 14:49:35 +08:00
import cn.hutool.core.collection.CollUtil;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import cn.hutool.core.util.ReflectUtil;
日志
2024-05-27 13:43:50 +08:00
import cn.hutool.core.util.StrUtil;
数据权限
2024-04-23 20:01:26 +08:00
import com.alibaba.fastjson.JSONObject;
不给新增企业不一致的车辆
2024-07-13 17:42:35 +08:00
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
数据权限
2024-04-23 20:01:26 +08:00
import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
import com.baomidou.mybatisplus.core.toolkit.StringPool;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
数据权限
2024-04-23 20:01:26 +08:00
import com.baomidou.mybatisplus.extension.parser.JsqlParserSupport;
import com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor;
import com.zhgd.annotation.DataScope;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import com.zhgd.jeecg.common.util.SpringContextUtils;
bug修改
2024-07-02 18:59:47 +08:00
import com.zhgd.xmgl.constant.Cts;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import com.zhgd.xmgl.entity.dto.OperLogDataChange;
import com.zhgd.xmgl.entity.dto.OperLogInsertChange;
bug修改
2024-04-24 01:15:10 +08:00
import com.zhgd.xmgl.security.util.SecurityUtils;
日志
2024-05-28 15:12:50 +08:00
import com.zhgd.xmgl.util.EnvironmentUtil;
调用bug修改
2024-06-06 21:13:17 +08:00
import com.zhgd.xmgl.util.LogMdcUtil;
日志
2024-06-06 23:21:11 +08:00
import com.zhgd.xmgl.util.PrintColorUtil;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import com.zhgd.xmgl.util.ThreadLocalUtil;
数据权限
2024-04-23 20:01:26 +08:00
import lombok.Setter;
bug修改
2024-04-24 01:15:10 +08:00
import lombok.extern.slf4j.Slf4j;
数据权限
2024-04-23 20:01:26 +08:00
import net.sf.jsqlparser.schema.Table;
import net.sf.jsqlparser.statement.insert.Insert;
import net.sf.jsqlparser.statement.select.*;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import org.apache.commons.lang3.StringUtils;
数据权限
2024-04-23 20:01:26 +08:00
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.executor.statement.StatementHandler;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import org.apache.ibatis.mapping.ParameterMapping;
数据权限
2024-04-23 20:01:26 +08:00
import org.apache.ibatis.mapping.SqlCommandType;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import org.apache.ibatis.reflection.MetaObject;
import org.apache.ibatis.session.Configuration;
数据权限
2024-04-23 20:01:26 +08:00
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import org.apache.ibatis.type.TypeHandlerRegistry;
bug修复
2024-05-05 22:34:36 +08:00
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
数据权限
2024-04-23 20:01:26 +08:00
bug修复
2024-05-05 22:34:36 +08:00
import javax.servlet.http.HttpServletRequest;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import java.lang.reflect.Array;
bug修改
2024-04-24 01:15:10 +08:00
import java.lang.reflect.Method;
数据权限
2024-04-23 20:01:26 +08:00
import java.sql.Connection;
import java.sql.SQLException;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import java.text.DateFormat;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
权限
2024-05-27 14:49:35 +08:00
import java.util.*;
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
import java.util.regex.Matcher;
数据权限
2024-04-23 20:01:26 +08:00
bug修改
2024-04-24 01:15:10 +08:00
@Slf4j
数据权限
2024-04-23 20:01:26 +08:00
public class DataScopeInterceptor extends JsqlParserSupport implements InnerInterceptor {
@Setter
private DataScopeHandler dataScopeHandler;
bug修复
2024-05-05 22:34:36 +08:00
public static boolean findIgnoreDataScope(Object parameter, DataScope annotation) {
if (annotation == null || !annotation.enable()) {
return true;
}
if (parameter instanceof Map) {
不给新增企业不一致的车辆
2024-07-13 17:42:35 +08:00
Map<?, ?> map = (Map<?, ?>) parameter;
for (Object k : map.keySet()) {
忽略数据权限
2024-07-29 17:30:42 +08:00
Object val = map.get(k);
不给新增企业不一致的车辆
2024-07-13 17:42:35 +08:00
if (k instanceof String) {
if (k.equals(Cts.IGNORE_DATA_SCOPE)) {
忽略数据权限
2024-07-29 17:30:42 +08:00
//查询只有一个参数map的时候key等于IGNORE_DATA_SCOPE不使用@Param时候
不给新增企业不一致的车辆
2024-07-13 17:42:35 +08:00
return true;
}
}
if (val instanceof QueryWrapper) {
String sqlSegment = ((QueryWrapper) val).getSqlSegment();
if (StrUtil.isNotBlank(sqlSegment) && sqlSegment.contains(Cts.IGNORE_DATA_SCOPE_CONDITION)) {
//调用mybatisplus的mapper方法使用last方法添加参数IGNORE_DATA_SCOPE_CONDITION
bug修复
2024-05-05 22:34:36 +08:00
return true;
}
忽略数据权限
2024-07-29 17:30:42 +08:00
} else if (val instanceof Map) {
Map innerMap = (Map) val;
for (Object entry : innerMap.entrySet()) {
Map.Entry<Object, Object> et = (Map.Entry<Object, Object>) entry;
if (et.getKey().equals(Cts.IGNORE_DATA_SCOPE)) {
//查询只有一个参数map的时候key等于IGNORE_DATA_SCOPE使用@Param时候
return true;
}
}
bug修复
2024-05-05 22:34:36 +08:00
}
}
}
if (parameter instanceof String) {
bug修改
2024-07-02 18:59:47 +08:00
return parameter.equals(Cts.IGNORE_DATA_SCOPE);
bug修复
2024-05-05 22:34:36 +08:00
}
return false;
}
打日志
2024-05-24 16:40:35 +08:00
public static boolean isNotSqlTest() {
try {
HttpServletRequest request = ((ServletRequestAttributes) (RequestContextHolder.currentRequestAttributes())).getRequest();
return request.getParameter("qqq") == null;
} catch (Exception e) {
return true;
}
}
日志
2024-05-28 15:12:50 +08:00
private static String getCallPositionForDev() {
StringBuilder sb = new StringBuilder();
StackTraceElement[] stackTrace = Thread.currentThread().getStackTrace();
for (StackTraceElement e : stackTrace) {
调用bug修改
2024-06-06 21:13:17 +08:00
if (e.getClassName().startsWith("com.zhgd") && LogMdcUtil.notInPackage(e.getClassName()) && !e.getClassName().contains("$$")) {
日志
2024-06-06 23:21:11 +08:00
sb.append("\r\n ");
调用bug修改
2024-06-06 21:13:17 +08:00
sb.append(StrUtil.subAfter(e.getClassName(), ".", true));
日志
2024-05-28 15:12:50 +08:00
sb.append(".");
sb.append(e.getMethodName());
sb.append("(");
sb.append(StrUtil.subAfter(e.getClassName(), ".", true));
sb.append(".java:");
sb.append(e.getLineNumber());
sb.append(")");
}
}
日志
2024-06-06 23:21:11 +08:00
return PrintColorUtil.getPrintColorStr(sb.toString());
日志
2024-05-28 15:12:50 +08:00
}
日志
2024-05-27 13:43:50 +08:00
private static String getCallPosition() {
StringBuilder sb = new StringBuilder();
StackTraceElement[] stackTrace = Thread.currentThread().getStackTrace();
for (StackTraceElement e : stackTrace) {
if (e.getClassName().startsWith("com.zhgd.xmgl")) {
sb.append(e.getClassName());
sb.append(".");
sb.append(e.getMethodName());
sb.append("(");
sb.append(StrUtil.subAfter(e.getClassName(), ".", true));
sb.append(".java:");
sb.append(e.getLineNumber());
日志
2024-05-27 15:42:54 +08:00
sb.append(")");
日志
2024-05-27 13:43:50 +08:00
break;
}
}
return sb.toString();
}
不给新增企业不一致的车辆
2024-07-13 17:42:35 +08:00
@Override
数据权限
2024-04-23 20:01:26 +08:00
public void beforePrepare(StatementHandler sh, Connection connection, Integer transactionTimeout) {
PluginUtils.MPStatementHandler mpSh = PluginUtils.mpStatementHandler(sh);
MappedStatement ms = mpSh.mappedStatement();
SqlCommandType sct = ms.getSqlCommandType();
try {
日志
2024-05-28 14:05:51 +08:00
Class<?> clazz = Class.forName(ms.getId().substring(0, ms.getId().lastIndexOf(StringPool.DOT)));
String methodName = ms.getId().substring(ms.getId().lastIndexOf(".") + 1);
代码规范
2024-07-19 18:26:48 +08:00
String dev = "gsx-other-env-show-dev";
if (dev.equals(EnvironmentUtil.getActiveEnvironment())) {
日志
2024-05-28 15:12:50 +08:00
//开发环境
if (sct == SqlCommandType.SELECT) {
日志
2024-06-06 23:21:11 +08:00
log.debug("查询mapper ↙↙↙ \r\n {}#{}{}", clazz.getName(), methodName, getCallPositionForDev());
日志
2024-05-28 15:12:50 +08:00
} else if (sct == SqlCommandType.UPDATE) {
日志
2024-06-06 23:21:11 +08:00
log.debug("更新mapper ↙↙↙ \r\n {}#{}{}", clazz.getName(), methodName, getCallPositionForDev());
日志
2024-05-28 15:12:50 +08:00
} else if (sct == SqlCommandType.INSERT) {
日志
2024-06-06 23:21:11 +08:00
log.debug("插入mapper ↙↙↙ \r\n {}#{}{}", clazz.getName(), methodName, getCallPositionForDev());
日志
2024-05-28 15:12:50 +08:00
} else if (sct == SqlCommandType.DELETE) {
日志
2024-06-06 23:21:11 +08:00
log.debug("删除mapper ↙↙↙ \r\n {}#{}{}", clazz.getName(), methodName, getCallPositionForDev());
日志
2024-05-28 15:12:50 +08:00
}
数据权限
2024-04-23 20:01:26 +08:00
}
线上不打印执行sql的日志
2024-09-07 15:12:42 +08:00
// else {
// if (sct == SqlCommandType.SELECT) {
// log.debug("查询mapper方法: {} >>> {}#{}", getCallPosition(), clazz.getName(), methodName);
// } else if (sct == SqlCommandType.UPDATE) {
// log.debug("更新mapper方法: {} >>> {}#{}", getCallPosition(), clazz.getName(), methodName);
// } else if (sct == SqlCommandType.INSERT) {
// log.debug("插入mapper方法: {} >>> {}#{}", getCallPosition(), clazz.getName(), methodName);
// } else if (sct == SqlCommandType.DELETE) {
// log.debug("删除mapper方法: {} >>> {}#{}", getCallPosition(), clazz.getName(), methodName);
// }
// }
数据权限
2024-04-23 20:01:26 +08:00
} catch (Exception e) {
bug修改
2024-04-24 01:15:10 +08:00
log.error(e.getMessage(), e);
数据权限
2024-04-23 20:01:26 +08:00
}
}
@Override
protected void processInsert(Insert insert, int index, String sql, Object obj) {
//dataScopeHandler.addParam(insert, obj);
}
不给新增企业不一致的车辆
2024-07-13 17:42:35 +08:00
@Override
数据权限
2024-04-23 20:01:26 +08:00
public void beforeQuery(Executor executor, MappedStatement ms, Object parameter, RowBounds rowBounds, ResultHandler resultHandler, BoundSql boundSql) throws SQLException {
try {
bug修改
2024-04-24 01:15:10 +08:00
if (SecurityUtils.getUser() == null) {
return;
}
数据权限
2024-04-23 20:01:26 +08:00
Class<?> clazz = Class.forName(ms.getId().substring(0, ms.getId().lastIndexOf(StringPool.DOT)));
bug修改
2024-04-24 21:50:28 +08:00
String methodName = ms.getId().substring(ms.getId().lastIndexOf(".") + 1);
bug修改
2024-04-24 01:15:10 +08:00
DataScope annotation = null;
Method[] declaredMethods = clazz.getDeclaredMethods();
bug修改
2024-04-24 21:50:28 +08:00
Optional<DataScope> dsOption = Arrays.stream(declaredMethods).filter(method -> method.getName().equals(methodName)).map(method -> method.getAnnotation(DataScope.class)).filter(Objects::nonNull).findFirst();
annotation = dsOption.orElseGet(() -> clazz.getAnnotation(DataScope.class));
bug修复
2024-05-05 22:34:36 +08:00
if (findIgnoreDataScope(parameter, annotation) && isNotSqlTest()) {
数据权限
2024-04-23 20:01:26 +08:00
return;
}
PluginUtils.MPBoundSql mpBs = PluginUtils.mpBoundSql(boundSql);
bug修复
2024-05-05 22:34:36 +08:00
JSONObject jo = new JSONObject();
jo.put("ds", annotation);
jo.put("parameter", parameter);
mpBs.sql(this.parserSingle(mpBs.sql(), jo));
数据权限
2024-04-23 20:01:26 +08:00
} catch (Exception e) {
bug修改
2024-04-24 01:15:10 +08:00
log.error(e.getMessage(), e);
数据权限
2024-04-23 20:01:26 +08:00
}
}
保存日志加上前后变化的数据
2024-07-31 17:36:14 +08:00
@Override
public void beforeUpdate(Executor executor, MappedStatement ms, Object parameter) throws SQLException {
try {
if (Objects.equals(ThreadLocalUtil.getByKey(Cts.TL_IS_FROM_WEB, Boolean.class), true)) {
SqlCommandType sct = ms.getSqlCommandType();
if (sct == SqlCommandType.UPDATE || sct == SqlCommandType.DELETE) {
String sql = this.getShowSql(ms.getConfiguration(), ms.getBoundSql(parameter));
String whereSql = StrUtil.subAfter(sql, "WHERE", true);
saveQueryResult(StrUtil.sub(ms.getId(), 0, StringUtils.lastIndexOf(ms.getId(), ".")), whereSql);
} else if (sct == SqlCommandType.INSERT) {
List<OperLogInsertChange> paramList = ThreadLocalUtil.getByKey(Cts.TL_INSERT_BEFORE_PARAM, List.class);
if (paramList == null) {
paramList = new ArrayList<>();
ThreadLocalUtil.addInKey(Cts.TL_INSERT_BEFORE_PARAM, paramList);
}
OperLogInsertChange operLogInsertChange = new OperLogInsertChange();
operLogInsertChange.setMapperName(StrUtil.sub(ms.getId(), 0, StringUtils.lastIndexOf(ms.getId(), ".")));
operLogInsertChange.setResult(new ArrayList<>(Arrays.asList(parameter)));
operLogInsertChange.setTimestamp(System.currentTimeMillis());
paramList.add(operLogInsertChange);
}
}
} catch (Exception e) {
log.error("前后数据变化错误", e);
}
}
private void saveQueryResult(String mapperName, String whereSql) throws ClassNotFoundException {
QueryWrapper<Object> wrapper = Wrappers.query().last("WHERE " + whereSql);
Object mapperObj = SpringContextUtils.getBean(Class.forName(mapperName));
Method selectListMethod = ReflectUtil.getMethod(mapperObj.getClass(), "selectList", QueryWrapper.class);
Object rs = ReflectUtil.invoke(mapperObj, selectListMethod, wrapper);
List<OperLogDataChange> paramList = ThreadLocalUtil.getByKey(Cts.TL_UPDATE_DEL_BEFORE_PARAM, List.class);
if (paramList == null) {
paramList = new ArrayList<>();
ThreadLocalUtil.addInKey(Cts.TL_UPDATE_DEL_BEFORE_PARAM, paramList);
}
OperLogDataChange operLogDataChange = new OperLogDataChange();
operLogDataChange.setMapperName(mapperName);
operLogDataChange.setWhereSql(whereSql);
operLogDataChange.setResult(rs);
operLogDataChange.setTimestamp(System.currentTimeMillis());
paramList.add(operLogDataChange);
}
/**
* 获取完整的sql
*
* @param configuration
* @param boundSql
* @return
*/
private String getShowSql(Configuration configuration, BoundSql boundSql) {
Object parameterObject = boundSql.getParameterObject();
List<ParameterMapping> parameterMappings = boundSql.getParameterMappings();
String sql = boundSql.getSql().replaceAll("[\\s]+", " ");
if (parameterMappings != null && parameterMappings.size() > 0 && parameterObject != null) {
TypeHandlerRegistry typeHandlerRegistry = configuration.getTypeHandlerRegistry();
if (typeHandlerRegistry.hasTypeHandler(parameterObject.getClass())) {
sql = sql.replaceFirst("\\?", Matcher.quoteReplacement(getParameterValue(parameterObject)));
} else {
MetaObject metaObject = configuration.newMetaObject(parameterObject);
for (ParameterMapping parameterMapping : parameterMappings) {
String propertyName = parameterMapping.getProperty();
if (metaObject.hasGetter(propertyName)) {
Object obj = metaObject.getValue(propertyName);
sql = sql.replaceFirst("\\?", Matcher.quoteReplacement(getParameterValue(obj)));
} else if (boundSql.hasAdditionalParameter(propertyName)) {
Object obj = boundSql.getAdditionalParameter(propertyName);
sql = sql.replaceFirst("\\?", Matcher.quoteReplacement(getParameterValue(obj)));
}
}
}
}
return sql;
}
private String getParameterValue(Object obj) {
String value = null;
if (obj instanceof String) {
value = "'" + obj.toString() + "'";
} else if (obj instanceof Date) {
DateFormat formatter = DateFormat.getDateTimeInstance(DateFormat.DEFAULT, DateFormat.DEFAULT, Locale.CHINA);
value = "'" + formatter.format(obj) + "'";
} else if (obj instanceof LocalDate) {
value = "'" + ((LocalDate) obj).format(DateTimeFormatter.ofPattern("yyyy-MM-dd")) + "'";
} else if (obj instanceof LocalDateTime) {
value = "'" + ((LocalDateTime) obj).format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss")) + "'";
} else {
if (obj != null) {
value = obj.toString();
} else {
value = "";
}
}
return value;
}
不给新增企业不一致的车辆
2024-07-13 17:42:35 +08:00
@Override
bug修复
2024-05-05 22:34:36 +08:00
protected void processSelect(Select select, int index, String sql, Object obj) {
this.processSelectBody(select.getSelectBody(), obj);
数据权限
2024-04-23 20:01:26 +08:00
}
protected void processSelectBody(SelectBody selectBody, Object obj) {
if (selectBody != null) {
if (selectBody instanceof PlainSelect) {
this.processPlainSelect((PlainSelect) selectBody, obj);
} else if (selectBody instanceof WithItem) {
WithItem withItem = (WithItem) selectBody;
this.processSelectBody(withItem.getSelectBody(), obj);
} else {
SetOperationList operationList = (SetOperationList) selectBody;
if (operationList.getSelects() != null && operationList.getSelects().size() > 0) {
this.processSelectBody(operationList.getSelects().get(0), obj);
}
}
}
}
protected void processPlainSelect(PlainSelect plainSelect, Object obj) {
FromItem fromItem = plainSelect.getFromItem();
if (fromItem instanceof Table) {
this.dataScopeHandler.getSqlSegment(plainSelect, obj);
} else {
processFromItem(fromItem, obj);
}
权限
2024-05-27 14:49:35 +08:00
// 如果还存在关联查询
List<Join> joins = plainSelect.getJoins();
if (CollUtil.isNotEmpty(joins)) {
for (Join join : joins) {
processJoin(join, obj);
}
}
数据权限
2024-04-23 20:01:26 +08:00
}
protected void processFromItem(FromItem fromItem, Object obj) {
if (fromItem instanceof SubSelect) {
SubSelect subSelect = (SubSelect) fromItem;
if (subSelect.getSelectBody() != null) {
processSelectBody(subSelect.getSelectBody(), obj);
}
}
}
权限
2024-05-27 14:49:35 +08:00
/**
* 处理关联查询
*
* @param join 关联查询
* @param obj
*/
protected void processJoin(Join join, Object obj) {
FromItem joinTable = join.getRightItem();
if (joinTable instanceof SubSelect) {
processSelectBody(((SubSelect) joinTable).getSelectBody(), obj);
}
}
数据权限
2024-04-23 20:01:26 +08:00
}
Reference in New Issue Copy Permalink