657 lines
32 KiB
Java
657 lines
32 KiB
Java
package com.zhgd.mybatis;
|
||
|
||
import cn.hutool.core.collection.CollUtil;
|
||
import cn.hutool.core.convert.Convert;
|
||
import cn.hutool.core.util.StrUtil;
|
||
import com.alibaba.fastjson.JSONObject;
|
||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||
import com.baomidou.mybatisplus.extension.plugins.handler.DataPermissionHandler;
|
||
import com.zhgd.annotation.DataScope;
|
||
import com.zhgd.xmgl.modules.basicdata.enums.SystemUserAccountTypeEnum;
|
||
import com.zhgd.xmgl.modules.ocr.service.IOcrBuildLogService;
|
||
import com.zhgd.xmgl.modules.video.service.IAiAnalyseHardWareRecordService;
|
||
import com.zhgd.xmgl.modules.worker.entity.EnterpriseInfo;
|
||
import com.zhgd.xmgl.modules.worker.mapper.EnterpriseInfoMapper;
|
||
import com.zhgd.xmgl.modules.worker.service.impl.UserDevAuthorityServiceImpl;
|
||
import com.zhgd.xmgl.modules.worker.service.impl.UserEnterpriseServiceImpl;
|
||
import com.zhgd.xmgl.modules.xz.security.entity.XzSecurityQualityInspectionEnterprise;
|
||
import com.zhgd.xmgl.modules.xz.security.service.IXzSecurityQualityInspectionEnterpriseService;
|
||
import com.zhgd.xmgl.modules.xz.service.impl.XzSupplierQualificationApplyServiceImpl;
|
||
import com.zhgd.xmgl.security.entity.UserInfo;
|
||
import com.zhgd.xmgl.security.util.SecurityUtils;
|
||
import com.zhgd.xmgl.util.EnvironmentUtil;
|
||
import com.zhgd.xmgl.util.MapBuilder;
|
||
import lombok.extern.slf4j.Slf4j;
|
||
import net.sf.jsqlparser.JSQLParserException;
|
||
import net.sf.jsqlparser.expression.Alias;
|
||
import net.sf.jsqlparser.expression.Expression;
|
||
import net.sf.jsqlparser.expression.Parenthesis;
|
||
import net.sf.jsqlparser.expression.StringValue;
|
||
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
|
||
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
|
||
import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
|
||
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
|
||
import net.sf.jsqlparser.expression.operators.relational.InExpression;
|
||
import net.sf.jsqlparser.expression.operators.relational.ItemsList;
|
||
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
|
||
import net.sf.jsqlparser.schema.Column;
|
||
import net.sf.jsqlparser.schema.Table;
|
||
import net.sf.jsqlparser.statement.select.FromItem;
|
||
import net.sf.jsqlparser.statement.select.Join;
|
||
import net.sf.jsqlparser.statement.select.PlainSelect;
|
||
import org.apache.commons.collections.CollectionUtils;
|
||
import org.apache.commons.lang3.StringUtils;
|
||
import org.jetbrains.annotations.NotNull;
|
||
import org.springframework.beans.factory.annotation.Autowired;
|
||
import org.springframework.context.annotation.Lazy;
|
||
|
||
import java.util.*;
|
||
import java.util.function.Function;
|
||
import java.util.stream.Collectors;
|
||
|
||
@Slf4j
|
||
public class DataScopeHandler implements DataPermissionHandler {
|
||
@Lazy
|
||
@Autowired
|
||
EnvironmentUtil environmentUtil;
|
||
@Lazy
|
||
@Autowired
|
||
IAiAnalyseHardWareRecordService aiAnalyseHardWareRecordService;
|
||
@Lazy
|
||
@Autowired
|
||
private XzSupplierQualificationApplyServiceImpl xzSupplierQualificationApplyService;
|
||
@Lazy
|
||
@Autowired
|
||
private EnterpriseInfoMapper enterpriseInfoMapper;
|
||
@Lazy
|
||
@Autowired
|
||
private UserDevAuthorityServiceImpl userDevAuthorityService;
|
||
@Lazy
|
||
@Autowired
|
||
private UserEnterpriseServiceImpl userEnterpriseService;
|
||
@Lazy
|
||
@Autowired
|
||
private IOcrBuildLogService ocrBuildLogService;
|
||
@Lazy
|
||
@Autowired
|
||
private IXzSecurityQualityInspectionEnterpriseService xzSecurityQualityInspectionEnterpriseService;
|
||
|
||
@Override
|
||
public Expression getSqlSegment(Expression where, String mappedStatementId) {
|
||
return null;
|
||
}
|
||
|
||
protected String getEngineeringSn() {
|
||
return "engineering_sn";
|
||
}
|
||
|
||
protected String getProjectSn() {
|
||
return "project_sn";
|
||
}
|
||
|
||
/**
|
||
* 获取设置的过滤的表名和字段名
|
||
*
|
||
* @return
|
||
*/
|
||
private HashMap<String, String> getFieldEnterpriseTables() {
|
||
HashMap<String, String> tables = new HashMap<>(16);
|
||
tables.put("worker_info", "enterprise_id");
|
||
tables.put("team_info", "enterprise_id");
|
||
tables.put("department_info", "enterprise_id");
|
||
tables.put("xz_task_progress_content", "enterprise_id");
|
||
tables.put("xz_task_progress_alarm", "enterprise_id");
|
||
tables.put("xz_task_progress", "enterprise_id");
|
||
tables.put("quality_inspection_record", "enterprise_id");
|
||
tables.put("worker_info_audit_record", "enterprise_id");
|
||
tables.put("xz_material", "enterprise_id");
|
||
tables.put("inspect_task_record", "enterprise_id");
|
||
tables.put("xz_security_inspect_task_record", "enterprise_id");
|
||
// tables.put("xz_security_quality_inspection_record", "enterprise_id");
|
||
tables.put("exam_notice", "enterprise_id");
|
||
tables.put("exam_train_record", "enterprise_id");
|
||
tables.put("exam_course_record", "enterprise_id");
|
||
tables.put("xz_worker_safe_watch_alarm", "enterprise_id");
|
||
tables.put("dangerous_engineering_record", "responsibility_company_id");
|
||
tables.put("project_fine_record", "enterprise_id");
|
||
if (!environmentUtil.isBaise()) {
|
||
tables.put("car_info", "enterprise_id");
|
||
tables.put("enterprise_info", "id");
|
||
}
|
||
return tables;
|
||
}
|
||
|
||
private HashMap<String, String> getFieldVideoTables() {
|
||
HashMap<String, String> tables = new HashMap<>(16);
|
||
tables.put("video_item", "item_id");
|
||
return tables;
|
||
}
|
||
|
||
private HashMap<String, String> getFieldAiTables() {
|
||
HashMap<String, String> tables = new HashMap<>(16);
|
||
if (!environmentUtil.isBaise()) {
|
||
tables.put("ai_analyse_hard_ware_alarm_record", "hardware_id");
|
||
}
|
||
return tables;
|
||
}
|
||
|
||
public PlainSelect getSqlSegment(PlainSelect plainSelect, Object obj) {
|
||
UserInfo user = SecurityUtils.getUser();
|
||
if (user == null) {
|
||
return plainSelect;
|
||
}
|
||
return dataScopeFilterByProject(plainSelect, user, obj);
|
||
// else if (type == 2 && user.getAccountType() == 4) {
|
||
// return dataScopeFilterByProject(plainSelect, user);
|
||
//} else if (type == 2) {
|
||
// return dataScopeFilterByEnt(plainSelect, user);
|
||
//}
|
||
}
|
||
|
||
private PlainSelect dataScopeFilterByProject(PlainSelect plainSelect, UserInfo user, Object obj) {
|
||
JSONObject jo = (JSONObject) obj;
|
||
Object parameter = jo.get("parameter");
|
||
DataScope ds = jo.getObject("ds", DataScope.class);
|
||
init(plainSelect);
|
||
//expressions
|
||
List<Expression> expressions = new ArrayList<>();
|
||
Long userId = SecurityUtils.getUser().getUserId();
|
||
if (!DataScopeInterceptor.findIgnoreDataScope(parameter, ds)) {
|
||
if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_ADMINISTRATOR_ACCOUNT.getValue())) {
|
||
filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get1CompanySql(userId, userFilterItem));
|
||
} else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_DISTRICT_ACCOUNT.getValue())) {
|
||
filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get2CompanySql(userId, userFilterItem));
|
||
} else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_CITY_ACCOUNT.getValue())) {
|
||
filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get3CompanySql(userId, userFilterItem));
|
||
} else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.ENTERPRISE_SUB_ACCOUNT.getValue())) {
|
||
filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> get4CompanySql(userId, userFilterItem));
|
||
} else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.PROJECT_ACCOUNT.getValue())) {
|
||
filterForCompanyOrProject(plainSelect, ds, expressions, userId, (userFilterItem) -> {
|
||
return StrUtil.format(" \n" +
|
||
" {} in (\n" +
|
||
" select u.sn\n" +
|
||
" from system_user u\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" ) and {}.account_type = 6", userFilterItem, userId, StrUtil.subBefore(userFilterItem, ".", true));
|
||
});
|
||
} else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.PROJECT_SUB_ACCOUNT.getValue())) {
|
||
List<String> authEnterpriseIds = userEnterpriseService.getEnterpriseIdsIfSubProject();
|
||
authEnterpriseIds.add("0");
|
||
List<String> filterEnterprises = getNeedFilterLeftExpression(plainSelect, getFieldEnterpriseTables(), ds);
|
||
if (CollUtil.isNotEmpty(filterEnterprises)) {
|
||
for (String filterEnterprise : filterEnterprises) {
|
||
inExpression(filterEnterprise, authEnterpriseIds, plainSelect);
|
||
}
|
||
}
|
||
|
||
List<String> filterItems = getNeedFilterLeftExpression(plainSelect, getFieldVideoTables(), ds);
|
||
if (CollUtil.isNotEmpty(filterItems)) {
|
||
List<String> videoItems = userDevAuthorityService.getVideoItemsIfSubProject();
|
||
for (String item : filterItems) {
|
||
inExpression(item, videoItems, plainSelect);
|
||
}
|
||
}
|
||
|
||
List<String> filterAis = getNeedFilterLeftExpression(plainSelect, getFieldAiTables(), ds, true);
|
||
if (CollUtil.isNotEmpty(filterAis)) {
|
||
List<String> videoItems = aiAnalyseHardWareRecordService.getAiAnalyseHardIdsByUserId();
|
||
if (CollUtil.isEmpty(videoItems)) {
|
||
videoItems.add("0");
|
||
}
|
||
videoItems = videoItems.stream().map(s -> "'" + s + "'").collect(Collectors.toList());
|
||
for (String filterAi : filterAis) {
|
||
String sql = StrUtil.format(" ({}.hardware_id in ({}) OR ({}.quality_region_id in (select distinct quality_region_id from quality_region_to_user where user_id = {}))) ",
|
||
filterAi, StrUtil.join(",", videoItems), filterAi, userId);
|
||
expressions.add(parseCondExpression(sql));
|
||
}
|
||
}
|
||
|
||
//ocr施工日志施工单位
|
||
HashMap<String, String> ocrBuildLogTables = new HashMap<>();
|
||
ocrBuildLogTables.put("ocr_build_log", "id");
|
||
List<String> filterOcrBuildLogTables = getNeedFilterLeftExpression(plainSelect, ocrBuildLogTables, ds);
|
||
if (CollUtil.isNotEmpty(filterOcrBuildLogTables)) {
|
||
for (String filterEnterprise : filterOcrBuildLogTables) {
|
||
String uploaderIdField = StrUtil.subBefore(filterEnterprise, ".", false) + "." + "uploader_id";
|
||
String sql = StrUtil.format(" ( ({} in (select ocr_build_log_id from ocr_build_log_enterprise where enterprise_id in ({}))) OR ( {} = {}))",
|
||
filterEnterprise, StrUtil.join(",", authEnterpriseIds), uploaderIdField, userId);
|
||
try {
|
||
Expression expression = CCJSqlParserUtil.parseCondExpression(sql);
|
||
expressions.add(expression);
|
||
} catch (Exception e) {
|
||
log.error(e.getMessage(), e);
|
||
}
|
||
}
|
||
}
|
||
|
||
//安全隐患
|
||
HashMap<String, String> xzSecurityTables = new HashMap<>();
|
||
xzSecurityTables.put("xz_security_quality_inspection_record", "id");
|
||
List<String> filterXzSecurityEnterprises = getNeedFilterLeftExpression(plainSelect, xzSecurityTables, ds);
|
||
if (CollUtil.isNotEmpty(filterXzSecurityEnterprises)) {
|
||
List<String> enterpriseIds = userEnterpriseService.getEnterpriseIdsIfSubProject();
|
||
enterpriseIds.add("0");
|
||
List<Long> rids = xzSecurityQualityInspectionEnterpriseService.list(new LambdaQueryWrapper<XzSecurityQualityInspectionEnterprise>()
|
||
.in(XzSecurityQualityInspectionEnterprise::getEnterpriseId, enterpriseIds)).stream().map(XzSecurityQualityInspectionEnterprise::getInspectionId).collect(Collectors.toList());
|
||
rids.add(0L);
|
||
for (String item : filterXzSecurityEnterprises) {
|
||
inExpression(item, rids.stream().map(Convert::toStr).collect(Collectors.toList()), plainSelect);
|
||
}
|
||
}
|
||
|
||
} else if (Objects.equals(user.getAccountType(), SystemUserAccountTypeEnum.SUPPLIER.getValue())) {
|
||
List<String> filterEnterprises = getNeedFilterLeftExpression(plainSelect, getFieldEnterpriseTables(), ds);
|
||
EnterpriseInfo ei = enterpriseInfoMapper.getXzSupplierByUserId(userId);
|
||
Long id;
|
||
if (ei == null) {
|
||
id = -1L;
|
||
} else {
|
||
id = ei.getId();
|
||
}
|
||
for (String filterEnterprise : filterEnterprises) {
|
||
String sql = StrUtil.format(" ({} = {} OR {} IN ( SELECT DISTINCT t.enterprise_id FROM " +
|
||
"(SELECT t.id FROM project_enterprise t WHERE t.enterprise_id = {}) t2 join project_enterprise t on find_in_set( t2.id, ancestors ) )) ",
|
||
filterEnterprise, id, filterEnterprise, id);
|
||
expressions.add(parseCondExpression(sql));
|
||
}
|
||
|
||
//解析ai预警
|
||
List<String> filterAis = getNeedFilterLeftExpression(plainSelect, getFieldAiTables(), ds, true);
|
||
if (CollUtil.isNotEmpty(filterAis)) {
|
||
List<String> videoItems = aiAnalyseHardWareRecordService.getAiAnalyseHardIdsByEnterpriseId(id);
|
||
if (CollUtil.isEmpty(videoItems)) {
|
||
videoItems.add("0");
|
||
}
|
||
videoItems = videoItems.stream().map(s -> "'" + s + "'").collect(Collectors.toList());
|
||
for (String filterAi : filterAis) {
|
||
String sql = StrUtil.format(" ({}.hardware_id in ({}) OR ({}.quality_region_id in (select distinct quality_region_id from quality_region_to_user where user_id = {}))) ",
|
||
filterAi, StrUtil.join(",", videoItems), filterAi, userId);
|
||
expressions.add(parseCondExpression(sql));
|
||
}
|
||
}
|
||
}
|
||
if (expressions.size() > 0) {
|
||
Expression dataExpression;
|
||
if (expressions.size() > 1) {
|
||
//数据权限大于1个,之间用或
|
||
OrExpression orExpression = new OrExpression(expressions.get(0), expressions.get(1));
|
||
int i1 = 2;
|
||
for (int i = i1; i < expressions.size(); i++) {
|
||
orExpression = new OrExpression(orExpression, expressions.get(i));
|
||
}
|
||
// 数据权限使用单独的括号 防止与其他条件冲突
|
||
dataExpression = new Parenthesis(orExpression);
|
||
} else {
|
||
dataExpression = expressions.get(0);
|
||
}
|
||
Expression where = plainSelect.getWhere();
|
||
if (where != null) {
|
||
where = new AndExpression(where, dataExpression);
|
||
} else {
|
||
where = dataExpression;
|
||
}
|
||
plainSelect.setWhere(where);
|
||
}
|
||
|
||
}
|
||
|
||
|
||
if (!DataScopeInterceptor.isNotSqlTest()) {
|
||
String sql = " ('1qqq')";
|
||
try {
|
||
Expression expression = CCJSqlParserUtil.parseCondExpression(sql);
|
||
Expression where = plainSelect.getWhere();
|
||
if (where != null) {
|
||
where = new AndExpression(where, expression);
|
||
} else {
|
||
where = expression;
|
||
}
|
||
plainSelect.setWhere(where);
|
||
} catch (JSQLParserException e) {
|
||
throw new RuntimeException(e);
|
||
}
|
||
}
|
||
|
||
//List<String> scopeIds = systemUserDataScopeService.list(Wrappers.<SystemUserDataScope>lambdaQuery().eq(SystemUserDataScope::getUserId, user.getUserId()))
|
||
// .stream().map(u -> u.getRelevanceId()).collect(Collectors.toList());
|
||
//if (user.getAccountType() == 4) {
|
||
// if (scopeIds.size() > 0) {
|
||
// inExpression(getAliasColumn(plainSelect, getEngineeringSn()), scopeIds, plainSelect);
|
||
// } else {
|
||
// equalsTo(getAliasColumn(plainSelect, getProjectSn()), user.getSn(), plainSelect);
|
||
// }
|
||
//}
|
||
//if (user.getAccountType() == 3) {
|
||
// List<String> engineeringSns = scopeIds.size() > 0 ? scopeIds : engineeringService.getSnListByEnterprise(user.getSn());
|
||
// if (engineeringSns.size() == 0) {
|
||
// engineeringSns.add("0");
|
||
// }
|
||
// inExpression(getAliasColumn(plainSelect, getEngineeringSn()), engineeringSns, plainSelect);
|
||
//}
|
||
//if (user.getAccountType() == 2) {
|
||
// List<String> projectSns = projectService.getSnListForGov(user.getSn());
|
||
// if (projectSns.size() == 0) {
|
||
// projectSns.add("0");
|
||
// }
|
||
// inExpression(getAliasColumn(plainSelect, getProjectSn()), projectSns, plainSelect);
|
||
//}
|
||
return plainSelect;
|
||
}
|
||
|
||
/**
|
||
* 过滤企业或项目的用户权限
|
||
*
|
||
* @param plainSelect
|
||
* @param ds
|
||
* @param expressions
|
||
* @param userId
|
||
* @param companySqlProvider
|
||
*/
|
||
private void filterForCompanyOrProject(PlainSelect plainSelect, DataScope ds, List<Expression> expressions, Long userId, Function<String, String> companySqlProvider) {
|
||
List<String> userFilterItems = getAuthUserFilterItem(plainSelect, ds);
|
||
List<String> ownFilterItems = getOwnUserFilterItem(plainSelect, ds);
|
||
for (int i = 0; i < userFilterItems.size(); i++) {
|
||
String userFilterItem = userFilterItems.get(i);
|
||
String sql = StrUtil.format(" (({}) OR {}={})",
|
||
companySqlProvider.apply(userFilterItem),
|
||
ownFilterItems.get(i),
|
||
userId);
|
||
expressions.add(parseCondExpression(sql));
|
||
}
|
||
}
|
||
|
||
@NotNull
|
||
private List<String> getOwnUserFilterItem(PlainSelect plainSelect, DataScope ds) {
|
||
List<String> ownFilterItems = getNeedFilterLeftExpression(plainSelect, new MapBuilder<String, String>()
|
||
.put("system_user", "user_id")
|
||
.build(), ds);
|
||
return ownFilterItems;
|
||
}
|
||
|
||
/**
|
||
* 获取企业查询的用户权限的sql的表和字段
|
||
*
|
||
* @param plainSelect
|
||
* @param ds
|
||
* @return
|
||
*/
|
||
@NotNull
|
||
private List<String> getAuthUserFilterItem(PlainSelect plainSelect, DataScope ds) {
|
||
List<String> userFilterItems = getNeedFilterLeftExpression(plainSelect, new MapBuilder<String, String>()
|
||
.put("system_user", "sn")
|
||
.build(), ds);
|
||
return userFilterItems;
|
||
}
|
||
|
||
private String get1CompanySql(Long userId, String userFilterItem) {
|
||
String sql = StrUtil.format(" \n" +
|
||
" {} in (\n" +
|
||
" SELECT DISTINCT\n" +
|
||
" c.company_sn \n" +
|
||
" FROM\n" +
|
||
" company c\n" +
|
||
" JOIN company head ON c.headquarters_sn = head.company_sn\n" +
|
||
" JOIN system_user u ON head.company_sn = u.sn \n" +
|
||
" WHERE\n" +
|
||
" u.user_id ={}\n" +
|
||
" UNION ALL\n" +
|
||
" select a.project_sn\n" +
|
||
" FROM project a\n" +
|
||
" INNER JOIN company cp ON a.company_sn = cp.company_sn\n" +
|
||
" INNER JOIN company b ON cp.parent_id = b.company_id\n" +
|
||
" INNER JOIN company f ON b.parent_id = f.company_id\n" +
|
||
" JOIN system_user u on f.headquarters_sn=u.sn\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" )", userFilterItem, userId, userId);
|
||
return sql;
|
||
}
|
||
|
||
private String get2CompanySql(Long userId, String userFilterItem) {
|
||
String sql = StrUtil.format(" \n" +
|
||
" {} in (\n" +
|
||
" SELECT DISTINCT\n" +
|
||
" cp.company_sn \n" +
|
||
" FROM project a\n" +
|
||
" INNER JOIN company cp ON a.company_sn = cp.company_sn\n" +
|
||
" INNER JOIN company b ON cp.parent_id = b.company_id\n" +
|
||
" INNER JOIN company f ON b.parent_id = f.company_id\n" +
|
||
" JOIN system_user u on f.company_sn=u.sn\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" UNION ALL\n" +
|
||
" SELECT DISTINCT\n" +
|
||
" b.company_sn \n" +
|
||
" FROM project a\n" +
|
||
" INNER JOIN company cp ON a.company_sn = cp.company_sn\n" +
|
||
" INNER JOIN company b ON cp.parent_id = b.company_id\n" +
|
||
" INNER JOIN company f ON b.parent_id = f.company_id\n" +
|
||
" JOIN system_user u on f.company_sn=u.sn\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" UNION ALL\n" +
|
||
" select a.project_sn\n" +
|
||
" FROM project a\n" +
|
||
" INNER JOIN company cp ON a.company_sn = cp.company_sn\n" +
|
||
" INNER JOIN company b ON cp.parent_id = b.company_id\n" +
|
||
" INNER JOIN company f ON b.parent_id = f.company_id\n" +
|
||
" JOIN system_user u on f.company_sn=u.sn\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" )", userFilterItem, userId, userId, userId);
|
||
return sql;
|
||
}
|
||
|
||
private String get3CompanySql(Long userId, String userFilterItem) {
|
||
String sql = StrUtil.format(" \n" +
|
||
" {} in (\n" +
|
||
" SELECT DISTINCT\n" +
|
||
" cp.company_sn \n" +
|
||
" FROM project a\n" +
|
||
" INNER JOIN company cp ON a.company_sn = cp.company_sn\n" +
|
||
" INNER JOIN company b ON cp.parent_id = b.company_id\n" +
|
||
" JOIN system_user u on b.company_sn=u.sn\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" UNION ALL\n" +
|
||
" select a.project_sn\n" +
|
||
" FROM project a\n" +
|
||
" INNER JOIN company cp ON a.company_sn = cp.company_sn\n" +
|
||
" INNER JOIN company b ON cp.parent_id = b.company_id\n" +
|
||
" JOIN system_user u on b.company_sn=u.sn\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" )", userFilterItem, userId, userId);
|
||
return sql;
|
||
}
|
||
|
||
private String get4CompanySql(Long userId, String userFilterItem) {
|
||
String sql = StrUtil.format(" \n" +
|
||
" {} in (\n" +
|
||
" select a.project_sn\n" +
|
||
" FROM project a\n" +
|
||
" INNER JOIN company cp ON a.company_sn = cp.company_sn\n" +
|
||
" JOIN system_user u on cp.company_sn=u.sn\n" +
|
||
" WHERE u.user_id={}\n" +
|
||
" )", userFilterItem, userId);
|
||
return sql;
|
||
}
|
||
|
||
/**
|
||
* 获取转换后的sql表达式
|
||
*
|
||
* @param sql
|
||
* @return
|
||
*/
|
||
private Expression parseCondExpression(String sql) {
|
||
Expression expression = null;
|
||
try {
|
||
expression = CCJSqlParserUtil.parseCondExpression(sql);
|
||
} catch (JSQLParserException e) {
|
||
log.error(e.getMessage(), e);
|
||
}
|
||
return expression;
|
||
}
|
||
|
||
/**
|
||
* 获取需要过滤的表别名或加字段
|
||
*
|
||
* @param plainSelect
|
||
* @param tables
|
||
* @param ds
|
||
* @param onlyAlas false:表别名.字段 true:表别名
|
||
* @return
|
||
*/
|
||
private List<String> getNeedFilterLeftExpression(PlainSelect plainSelect, Map<String, String> tables, DataScope ds, boolean onlyAlas) {
|
||
ArrayList<String> rtList = new ArrayList<>();
|
||
String[] dsArr = ds.includeTable();
|
||
if (dsArr.length > 0) {
|
||
Map<String, String> nt = new HashMap<>(16);
|
||
for (String ds1 : dsArr) {
|
||
if (tables.containsKey(ds1)) {
|
||
nt.put(ds1, tables.get(ds1));
|
||
}
|
||
}
|
||
tables = nt;
|
||
}
|
||
FromItem fromItem = plainSelect.getFromItem();
|
||
if (fromItem instanceof Table) {
|
||
Table table = (Table) fromItem;
|
||
String name = table.getName();
|
||
if (tables.get(name) != null) {
|
||
String aliasName = null;
|
||
Alias alias = table.getAlias();
|
||
if (alias != null) {
|
||
aliasName = alias.getName();
|
||
}
|
||
String e;
|
||
if (onlyAlas) {
|
||
e = (StringUtils.isEmpty(aliasName) ? name : aliasName);
|
||
} else {
|
||
e = (StringUtils.isEmpty(aliasName) ? name : aliasName) + "." + tables.get(name);
|
||
}
|
||
rtList.add(e);
|
||
}
|
||
}
|
||
List<Join> joins = plainSelect.getJoins();
|
||
//主表不是user表
|
||
if (!CollectionUtils.isEmpty(joins)) {
|
||
//判断join的表里有没有user表
|
||
for (Join join : joins) {
|
||
// 判断join里面是否存在user表,不存在则新增
|
||
FromItem rightItem = join.getRightItem();
|
||
if (rightItem instanceof Table) {
|
||
Table joinTable = (Table) rightItem;
|
||
if (tables.get(joinTable.getName()) != null) {
|
||
String aliasName = null;
|
||
Alias alias = joinTable.getAlias();
|
||
if (alias != null) {
|
||
aliasName = alias.getName();
|
||
}
|
||
String e;
|
||
if (onlyAlas) {
|
||
e = (StringUtils.isEmpty(aliasName) ? joinTable.getName() : aliasName);
|
||
} else {
|
||
e = (StringUtils.isEmpty(aliasName) ? joinTable.getName() : aliasName) + "." + tables.get(joinTable.getName());
|
||
}
|
||
rtList.add(e);
|
||
}
|
||
}
|
||
}
|
||
}
|
||
return rtList;
|
||
|
||
}
|
||
|
||
private List<String> getNeedFilterLeftExpression(PlainSelect plainSelect, Map<String, String> tables, DataScope ds) {
|
||
return getNeedFilterLeftExpression(plainSelect, tables, ds, false);
|
||
}
|
||
|
||
//private PlainSelect dataScopeFilterByEnt(PlainSelect plainSelect, SecurityUser user) {
|
||
// init(plainSelect);
|
||
// if (user.getAccountType() == 3) {
|
||
// equalsTo(getAliasColumn(plainSelect, getEnterpriseSn()), user.getSn(), plainSelect);
|
||
// }
|
||
// if (user.getAccountType() == 2) {
|
||
// List<String> entSns = enterpriseService.getSnListForGov(user.getSn());
|
||
// if (entSns.size() == 0) {
|
||
// entSns.add("0");
|
||
// }
|
||
// inExpression(getAliasColumn(plainSelect, getEnterpriseSn()), entSns, plainSelect);
|
||
// }
|
||
// return plainSelect;
|
||
//}
|
||
|
||
private void equalsTo(String leftExpression, String rightExpression, PlainSelect plainSelect) {
|
||
EqualsTo equalsTo = new EqualsTo();
|
||
equalsTo.setLeftExpression(new Column(leftExpression));
|
||
equalsTo.setRightExpression(new StringValue(rightExpression));
|
||
AndExpression andExpression = new AndExpression(plainSelect.getWhere(), equalsTo);
|
||
plainSelect.setWhere(andExpression);
|
||
}
|
||
|
||
private void inExpression(String leftExpression, List<String> rightExpression, PlainSelect plainSelect) {
|
||
InExpression inExpression = new InExpression();
|
||
ItemsList itemsList = new ExpressionList(rightExpression.stream().map(StringValue::new).collect(Collectors.toList()));
|
||
inExpression.setLeftExpression(new Column(leftExpression));
|
||
inExpression.setRightItemsList(itemsList);
|
||
AndExpression andExpression = new AndExpression(plainSelect.getWhere(), inExpression);
|
||
plainSelect.setWhere(andExpression);
|
||
}
|
||
|
||
private String getAliasColumn(PlainSelect plainSelect, String sn) {
|
||
FromItem fromItem = plainSelect.getFromItem();
|
||
Alias alias = fromItem.getAlias();
|
||
StringBuilder prefix = new StringBuilder();
|
||
if (alias != null) {
|
||
prefix.append(alias).append(".");
|
||
}
|
||
return prefix.append(sn).toString();
|
||
}
|
||
|
||
private void init(PlainSelect plainSelect) {
|
||
Expression envCondition = null;
|
||
try {
|
||
envCondition = CCJSqlParserUtil.parseCondExpression("1 == 1");
|
||
} catch (JSQLParserException e) {
|
||
log.error(e.getMessage(), e);
|
||
}
|
||
Expression where = plainSelect.getWhere();
|
||
if (where == null) {
|
||
plainSelect.setWhere(envCondition);
|
||
}
|
||
}
|
||
|
||
//protected void addParam(Insert insert, Object obj){
|
||
// SecurityUser user = SecurityUtil.getUser();
|
||
// if (user == null) {
|
||
// return;
|
||
// }
|
||
// List<Column> columns = insert.getColumns();
|
||
// if (CollectionUtils.isEmpty(columns)) {
|
||
// // 针对不给列名的insert 不处理
|
||
// return;
|
||
// }
|
||
// if (user.getAccountType() == 4 || user.getAccountType() == 3) {
|
||
// if (!columns.stream().anyMatch(c -> c.toString().equals(getProjectSn()))) {
|
||
// columns.add(new Column(getProjectSn()));
|
||
// if (insert.getItemsList() != null) {
|
||
// ItemsList itemsList = insert.getItemsList();
|
||
// if (itemsList instanceof MultiExpressionList) {
|
||
// ((MultiExpressionList) itemsList).getExprList().forEach(el -> el.getExpressions().add(getProjectSn(obj)));
|
||
// } else {
|
||
// ((ExpressionList) itemsList).getExpressions().add(getProjectSn(obj));
|
||
// }
|
||
// } else {
|
||
// throw ExceptionUtils.mpe("Failed to process multiple-table update, please exclude the tableName or statementId");
|
||
// }
|
||
// }
|
||
// }
|
||
//}
|
||
|
||
//protected Expression getProjectSn(Object engineeringSn){
|
||
// SecurityUser user = SecurityUtil.getUser();
|
||
// if (user.getAccountType() == 4) {
|
||
// return new StringValue(user.getSn());
|
||
// }
|
||
// if (user.getAccountType() == 3) {
|
||
// return new StringValue(engineeringService.getOne(Wrappers.<Engineering>lambdaQuery().eq(Engineering::getEngineeringSn, engineeringSn)).getProjectSn());
|
||
// }
|
||
// return null;
|
||
//}
|
||
}
|