admin/wisdomisite-java
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

数据权限

Browse Source
This commit is contained in:
guoshengxiong 2024-04-23 20:01:26 +08:00
parent d334d50de0
commit 5331cb6036
7 changed files with 479 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/main/java/com/zhgd/annotation/DataScope.java Normal file
View File

@ -0,0 +1,18 @@
package com.zhgd.annotation;
/**
* @program: wisdomSite
* @description: 自定义数据权限注解
* @author: Mr.Peng
* @create: 2021-05-06 18:03
**/
import java.lang.annotation.*;
@Documented
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface DataScope {
int type() default 1; // 所属类型
}

15
src/main/java/com/zhgd/config/DataSourceOneConfig.java
View File

@ -3,14 +3,17 @@ package com.zhgd.config;
import com.baomidou.mybatisplus.annotation.DbType;
import com.baomidou.mybatisplus.core.MybatisConfiguration;
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
import com.baomidou.mybatisplus.extension.spring.MybatisSqlSessionFactoryBean;
import com.wflow.config.MyBatisPlusConfig;
import com.zhgd.mybatis.DataScopeHandler;
import com.zhgd.mybatis.DataScopeInterceptor;
import org.apache.ibatis.logging.stdout.StdOutImpl;
import org.apache.ibatis.session.SqlSessionFactory;
import org.mybatis.spring.SqlSessionTemplate;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.jdbc.DataSourceBuilder;
import org.springframework.context.annotation.Bean;
@ -20,7 +23,6 @@ import org.springframework.context.annotation.Primary;
import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
import org.springframework.jdbc.datasource.DataSourceTransactionManager;
import javax.annotation.Resource;
import javax.sql.DataSource;
@Configuration
@ -45,11 +47,20 @@ public class DataSourceOneConfig {
bean.setConfiguration(configuration);
bean.setMapperLocations(new PathMatchingResourcePatternResolver().getResources("classpath*:com/zhgd/xmgl/**/*.xml"));
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
DataScopeInterceptor dataScopeInterceptor = new DataScopeInterceptor();
dataScopeInterceptor.setDataScopeHandler(dataScopeHandler());
interceptor.addInnerInterceptor(dataScopeInterceptor);
interceptor.addInnerInterceptor(new PaginationInnerInterceptor(DbType.MYSQL));
bean.setPlugins(interceptor);
return bean.getObject();
}
@Bean
@ConditionalOnMissingBean
public DataScopeHandler dataScopeHandler() {
return new DataScopeHandler();
}
@Bean
@Primary
public DataSourceTransactionManager db1TransactionManager(@Qualifier("db1DataSource") DataSource dataSource) {

310
src/main/java/com/zhgd/mybatis/DataScopeHandler.java Normal file
View File

@ -0,0 +1,310 @@
package com.zhgd.mybatis;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.extension.plugins.handler.DataPermissionHandler;
import com.zhgd.xmgl.modules.worker.entity.EnterpriseInfo;
import com.zhgd.xmgl.modules.worker.mapper.EnterpriseInfoMapper;
import com.zhgd.xmgl.modules.worker.service.impl.UserEnterpriseServiceImpl;
import com.zhgd.xmgl.modules.xz.service.impl.XzSupplierQualificationApplyServiceImpl;
import com.zhgd.xmgl.security.entity.UserInfo;
import com.zhgd.xmgl.security.util.SecurityUtils;
import lombok.extern.slf4j.Slf4j;
import net.sf.jsqlparser.JSQLParserException;
import net.sf.jsqlparser.expression.Alias;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.Parenthesis;
import net.sf.jsqlparser.expression.StringValue;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
import net.sf.jsqlparser.expression.operators.relational.InExpression;
import net.sf.jsqlparser.expression.operators.relational.ItemsList;
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
import net.sf.jsqlparser.schema.Column;
import net.sf.jsqlparser.schema.Table;
import net.sf.jsqlparser.statement.select.FromItem;
import net.sf.jsqlparser.statement.select.Join;
import net.sf.jsqlparser.statement.select.PlainSelect;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Collectors;
@Slf4j
public class DataScopeHandler implements DataPermissionHandler {
@Lazy
@Autowired
private XzSupplierQualificationApplyServiceImpl xzSupplierQualificationApplyService;
@Lazy
@Autowired
private EnterpriseInfoMapper enterpriseInfoMapper;
//
//@Lazy
//@Autowired
//private IProjectService projectService;
//
//@Lazy
//@Autowired
//private IEnterpriseService enterpriseService;
//
//@Lazy
//@Autowired
//private IEngineeringService engineeringService;
//
//@Lazy
//@Autowired
//private ISystemUserDataScopeService systemUserDataScopeService;
@Lazy
@Autowired
private UserEnterpriseServiceImpl userEnterpriseService;
@Override
public Expression getSqlSegment(Expression where, String mappedStatementId) {
return null;
}
protected String getEngineeringSn() {
return "engineering_sn";
}
protected String getProjectSn() {
return "project_sn";
}
private String getEnterpriseSn() {
return "enterprise_sn";
}
public PlainSelect getSqlSegment(PlainSelect plainSelect, Object obj) {
UserInfo user = SecurityUtils.getUser();
if (user == null) {
return plainSelect;
}
Integer type = Integer.parseInt(obj.toString());
if (type == 1) {
return dataScopeFilterByProject(plainSelect, user);
}
// else if (type == 2 && user.getAccountType() == 4) {
// return dataScopeFilterByProject(plainSelect, user);
//} else if (type == 2) {
// return dataScopeFilterByEnt(plainSelect, user);
//}
return plainSelect;
}
private PlainSelect dataScopeFilterByProject(PlainSelect plainSelect, UserInfo user) {
init(plainSelect);
List<Expression> expressions = new ArrayList<>();
if (user.getAccountType() == 6) {
List<String> enterpriseIds = userEnterpriseService.getEnterpriseIdsIfSubProject();
List<String> filterEnterprises = getNeedFilterLeftExpression(plainSelect, getFieldEnterpriseTables(), "enterprise_id");
for (String filterEnterprise : filterEnterprises) {
inExpression(filterEnterprise, enterpriseIds, plainSelect);
}
} else if (user.getAccountType() == 11) {
List<String> filterEnterprises = getNeedFilterLeftExpression(plainSelect, getFieldEnterpriseTables(), "enterprise_id");
EnterpriseInfo ei = enterpriseInfoMapper.getXzSupplierByUserId(SecurityUtils.getUser().getUserId());
Long id;
if (ei == null) {
id = -1L;
} else {
id = ei.getId();
}
for (String filterEnterprise : filterEnterprises) {
String sql = StrUtil.format(" ({} = {} OR {} IN ( SELECT DISTINCT t.enterprise_id FROM " +
"(SELECT t.id FROM project_enterprise t WHERE t.enterprise_id = {}) t2 join project_enterprise t on find_in_set( t2.id, ancestors ) )) ",
filterEnterprise, id, filterEnterprise, id);
Expression expression = null;
try {
expression = CCJSqlParserUtil.parseCondExpression(sql);
expressions.add(expression);
} catch (JSQLParserException e) {
log.error(e.getMessage(), e);
}
}
Expression dataExpression;
if (expressions.size() > 1) {
//数据权限大于1个之间用或
OrExpression orExpression = new OrExpression(expressions.get(0), expressions.get(1));
for (int i = 2; i < expressions.size(); i++) {
orExpression = new OrExpression(orExpression, expressions.get(i));
}
// 数据权限使用单独的括号 防止与其他条件冲突
dataExpression = new Parenthesis(orExpression);
} else {
dataExpression = expressions.get(0);
}
Expression where = plainSelect.getWhere();
if (where != null) {
where = new AndExpression(where, dataExpression);
} else {
where = dataExpression;
}
plainSelect.setWhere(where);
}
//List<String> scopeIds = systemUserDataScopeService.list(Wrappers.<SystemUserDataScope>lambdaQuery().eq(SystemUserDataScope::getUserId, user.getUserId()))
// .stream().map(u -> u.getRelevanceId()).collect(Collectors.toList());
//if (user.getAccountType() == 4) {
// if (scopeIds.size() > 0) {
// inExpression(getAliasColumn(plainSelect, getEngineeringSn()), scopeIds, plainSelect);
// } else {
// equalsTo(getAliasColumn(plainSelect, getProjectSn()), user.getSn(), plainSelect);
// }
//}
//if (user.getAccountType() == 3) {
// List<String> engineeringSns = scopeIds.size() > 0 ? scopeIds : engineeringService.getSnListByEnterprise(user.getSn());
// if (engineeringSns.size() == 0) {
// engineeringSns.add("0");
// }
// inExpression(getAliasColumn(plainSelect, getEngineeringSn()), engineeringSns, plainSelect);
//}
//if (user.getAccountType() == 2) {
// List<String> projectSns = projectService.getSnListForGov(user.getSn());
// if (projectSns.size() == 0) {
// projectSns.add("0");
// }
// inExpression(getAliasColumn(plainSelect, getProjectSn()), projectSns, plainSelect);
//}
return plainSelect;
}
@NotNull
private List<String> getFieldEnterpriseTables() {
List<String> tables = new ArrayList<>();
tables.add("worker_info");
return tables;
}
private List<String> getNeedFilterLeftExpression(PlainSelect plainSelect, List<String> tables, String field) {
ArrayList<String> rtList = new ArrayList<>();
FromItem fromItem = plainSelect.getFromItem();
if (fromItem instanceof Table) {
Table table = (Table) fromItem;
String name = table.getName();
if (tables.contains(name)) {
String aliasName = table.getAlias().getName();
rtList.add((StringUtils.isEmpty(aliasName) ? name : aliasName) + "." + field);
}
}
List<Join> joins = plainSelect.getJoins();
//主表不是user表
if (!CollectionUtils.isEmpty(joins)) {
//判断join的表里有没有user表
for (Join join : joins) {
// 判断join里面是否存在user表不存在则新增
FromItem rightItem = join.getRightItem();
if (rightItem instanceof Table) {
Table joinTable = (Table) rightItem;
if (tables.contains(joinTable.getName())) {
String aliasName = joinTable.getAlias().getName();
rtList.add((StringUtils.isEmpty(aliasName) ? joinTable.getName() : aliasName) + "." + field);
}
}
}
}
return rtList;
}
//private PlainSelect dataScopeFilterByEnt(PlainSelect plainSelect, SecurityUser user) {
// init(plainSelect);
// if (user.getAccountType() == 3) {
// equalsTo(getAliasColumn(plainSelect, getEnterpriseSn()), user.getSn(), plainSelect);
// }
// if (user.getAccountType() == 2) {
// List<String> entSns = enterpriseService.getSnListForGov(user.getSn());
// if (entSns.size() == 0) {
// entSns.add("0");
// }
// inExpression(getAliasColumn(plainSelect, getEnterpriseSn()), entSns, plainSelect);
// }
// return plainSelect;
//}
private void equalsTo(String leftExpression, String rightExpression, PlainSelect plainSelect) {
EqualsTo equalsTo = new EqualsTo();
equalsTo.setLeftExpression(new Column(leftExpression));
equalsTo.setRightExpression(new StringValue(rightExpression));
AndExpression andExpression = new AndExpression(plainSelect.getWhere(), equalsTo);
plainSelect.setWhere(andExpression);
}
private void inExpression(String leftExpression, List<String> rightExpression, PlainSelect plainSelect) {
InExpression inExpression = new InExpression();
ItemsList itemsList = new ExpressionList(rightExpression.stream().map(StringValue::new).collect(Collectors.toList()));
inExpression.setLeftExpression(new Column(leftExpression));
inExpression.setRightItemsList(itemsList);
AndExpression andExpression = new AndExpression(plainSelect.getWhere(), inExpression);
plainSelect.setWhere(andExpression);
}
private String getAliasColumn(PlainSelect plainSelect, String sn) {
FromItem fromItem = plainSelect.getFromItem();
Alias alias = fromItem.getAlias();
StringBuilder prefix = new StringBuilder();
if (alias != null) {
prefix.append(alias).append(".");
}
return prefix.append(sn).toString();
}
private void init(PlainSelect plainSelect) {
Expression envCondition = null;
try {
envCondition = CCJSqlParserUtil.parseCondExpression("1 == 1");
} catch (JSQLParserException e) {
throw new RuntimeException(e);
}
Expression where = plainSelect.getWhere();
if (where == null) {
plainSelect.setWhere(envCondition);
}
}
//protected void addParam(Insert insert, Object obj){
// SecurityUser user = SecurityUtil.getUser();
// if (user == null) {
// return;
// }
// List<Column> columns = insert.getColumns();
// if (CollectionUtils.isEmpty(columns)) {
// // 针对不给列名的insert 不处理
// return;
// }
// if (user.getAccountType() == 4 || user.getAccountType() == 3) {
// if (!columns.stream().anyMatch(c -> c.toString().equals(getProjectSn()))) {
// columns.add(new Column(getProjectSn()));
// if (insert.getItemsList() != null) {
// ItemsList itemsList = insert.getItemsList();
// if (itemsList instanceof MultiExpressionList) {
// ((MultiExpressionList) itemsList).getExprList().forEach(el -> el.getExpressions().add(getProjectSn(obj)));
// } else {
// ((ExpressionList) itemsList).getExpressions().add(getProjectSn(obj));
// }
// } else {
// throw ExceptionUtils.mpe("Failed to process multiple-table update, please exclude the tableName or statementId");
// }
// }
// }
//}
//protected Expression getProjectSn(Object engineeringSn){
// SecurityUser user = SecurityUtil.getUser();
// if (user.getAccountType() == 4) {
// return new StringValue(user.getSn());
// }
// if (user.getAccountType() == 3) {
// return new StringValue(engineeringService.getOne(Wrappers.<Engineering>lambdaQuery().eq(Engineering::getEngineeringSn, engineeringSn)).getProjectSn());
// }
// return null;
//}
}

130
src/main/java/com/zhgd/mybatis/DataScopeInterceptor.java Normal file
View File

@ -0,0 +1,130 @@
package com.zhgd.mybatis;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.parser.SqlParserHelper;
import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
import com.baomidou.mybatisplus.core.toolkit.StringPool;
import com.baomidou.mybatisplus.extension.parser.JsqlParserSupport;
import com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor;
import com.zhgd.annotation.DataScope;
import lombok.Setter;
import net.sf.jsqlparser.schema.Table;
import net.sf.jsqlparser.statement.insert.Insert;
import net.sf.jsqlparser.statement.select.*;
import org.apache.commons.collections.MapUtils;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.executor.statement.StatementHandler;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.SqlCommandType;
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Map;
public class DataScopeInterceptor extends JsqlParserSupport implements InnerInterceptor {
@Setter
private DataScopeHandler dataScopeHandler;
public void beforePrepare(StatementHandler sh, Connection connection, Integer transactionTimeout) {
PluginUtils.MPStatementHandler mpSh = PluginUtils.mpStatementHandler(sh);
MappedStatement ms = mpSh.mappedStatement();
SqlCommandType sct = ms.getSqlCommandType();
try {
if (sct == SqlCommandType.INSERT) {
Class<?> clazz = Class.forName(ms.getId().substring(0, ms.getId().lastIndexOf(StringPool.DOT)));
//注解判断
DataScope annotation = clazz.getAnnotation(DataScope.class);
if (annotation == null || annotation.type() == 2) {
return;
}
if (InterceptorIgnoreHelper.willIgnoreTenantLine(ms.getId())) return;
if (SqlParserHelper.getSqlParserInfo(ms)) return;
PluginUtils.MPBoundSql mpBs = mpSh.mPBoundSql();
Map param = JSONObject.parseObject(JSON.toJSONString(mpBs.parameterObject()), Map.class);
mpBs.sql(parserMulti(mpBs.sql(), MapUtils.getString(param, "engineeringSn")));
}
} catch (Exception e) {
throw new RuntimeException(e);
}
}
@Override
protected void processInsert(Insert insert, int index, String sql, Object obj) {
//dataScopeHandler.addParam(insert, obj);
}
public void beforeQuery(Executor executor, MappedStatement ms, Object parameter, RowBounds rowBounds, ResultHandler resultHandler, BoundSql boundSql) throws SQLException {
try {
Class<?> clazz = Class.forName(ms.getId().substring(0, ms.getId().lastIndexOf(StringPool.DOT)));
DataScope annotation = clazz.getAnnotation(DataScope.class);
if (findIgnoreDataScope(parameter) || annotation == null) {
return;
}
PluginUtils.MPBoundSql mpBs = PluginUtils.mpBoundSql(boundSql);
mpBs.sql(this.parserSingle(mpBs.sql(), annotation.type()));
} catch (Exception e) {
throw new RuntimeException(e);
}
}
protected void processSelect(Select select, int index, String sql, Object obj) {
this.processSelectBody(select.getSelectBody(), obj);
}
private boolean findIgnoreDataScope(Object parameter) {
if (parameter instanceof Map) {
for (Object val : ((Map<?, ?>) parameter).values()) {
if (val instanceof String) {
if (val.equals("ignoreDataScope")) {
return true;
}
}
}
}
if (parameter instanceof String) {
return parameter.equals("ignoreDataScope");
}
return false;
}
protected void processSelectBody(SelectBody selectBody, Object obj) {
if (selectBody != null) {
if (selectBody instanceof PlainSelect) {
this.processPlainSelect((PlainSelect) selectBody, obj);
} else if (selectBody instanceof WithItem) {
WithItem withItem = (WithItem) selectBody;
this.processSelectBody(withItem.getSelectBody(), obj);
} else {
SetOperationList operationList = (SetOperationList) selectBody;
if (operationList.getSelects() != null && operationList.getSelects().size() > 0) {
this.processSelectBody(operationList.getSelects().get(0), obj);
}
}
}
}
protected void processPlainSelect(PlainSelect plainSelect, Object obj) {
FromItem fromItem = plainSelect.getFromItem();
if (fromItem instanceof Table) {
this.dataScopeHandler.getSqlSegment(plainSelect, obj);
} else {
processFromItem(fromItem, obj);
}
}
protected void processFromItem(FromItem fromItem, Object obj) {
if (fromItem instanceof SubSelect) {
SubSelect subSelect = (SubSelect) fromItem;
if (subSelect.getSelectBody() != null) {
processSelectBody(subSelect.getSelectBody(), obj);
}
}
}
}

2
src/main/java/com/zhgd/xmgl/modules/worker/mapper/WorkerInfoMapper.java
View File

@ -3,6 +3,7 @@ package com.zhgd.xmgl.modules.worker.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.zhgd.annotation.DataScope;
import com.zhgd.jeecg.common.mybatis.EntityMap;
import com.zhgd.xmgl.modules.worker.entity.WorkerInfo;
import com.zhgd.xmgl.modules.worker.entity.vo.*;
@ -22,6 +23,7 @@ import java.util.Map;
*/
@Mapper
@Repository
@DataScope
public interface WorkerInfoMapper extends BaseMapper<WorkerInfo> {
List<WorkerInfo> selectWorkerInfoList(Page<WorkerInfo> page, @Param("param") Map<String, Object> map);

10
src/main/java/com/zhgd/xmgl/modules/worker/service/impl/UserEnterpriseServiceImpl.java
View File

@ -71,13 +71,15 @@ public class UserEnterpriseServiceImpl extends ServiceImpl<UserEnterpriseMapper,
//项目子账号就筛选自己能看到的
Long userId = user.getUserId();
UserEnterprise userEnterprise = userEnterpriseMapper.selectOne(new LambdaQueryWrapper<UserEnterprise>().eq(UserEnterprise::getUserId, userId));
String enterpriseId;
if (userEnterprise == null || StringUtils.isBlank(userEnterprise.getEnterpriseId())) {
return null;
}
return Stream.of(StringUtils.split(userEnterprise.getEnterpriseId(), ",")).collect(Collectors.toList());
enterpriseId = "0";
} else {
throw new RuntimeException("非子账号,非法调用");
enterpriseId = userEnterprise.getEnterpriseId();
}
return Stream.of(StringUtils.split(enterpriseId, ",")).collect(Collectors.toList());
}
return null;
}
/**

5
src/main/java/com/zhgd/xmgl/modules/worker/service/impl/WorkerInfoServiceImpl.java
View File

@ -513,11 +513,6 @@ public class WorkerInfoServiceImpl extends ServiceImpl<WorkerInfoMapper, WorkerI
public PersonTypeAndEduStatisticsVo selectPersonTypeAndEduStatistics(Map<String, Object> map) {
Map<String, Object> data = new HashMap<>();
Map<String, Object> personType = new HashMap<>();
if (systemUserService.isSupplier()) {
EnterpriseInfo info = xzSupplierQualificationApplyService.getSupplierInfoByUserId(SecurityUtils.getUser().getUserId());
map.put("projectEnterpriseId", info.getProjectEnterpriseId());
map.put("supplierEnterpriseId", info.getId());
}
Map<String, Object> toaltPerson = workerInfoMapper.selectWorkerPersonTypeTotal(map);
Map<String, Object> presencePerson = workerInfoMapper.selectPresenceWorkerPersonTypeTotal(map);
Map<String, Object> attendancePerson = workerInfoMapper.selectAttendanceWorkerPersonTypeTotal(map);