admin/wisdomisite-java
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
wisdomisite-java/src/main/java/com/zhgd/mybatis/DataScopeHandler.java
guoshengxiong b525b1eda5 bug修复
2024-04-29 23:07:31 +08:00

356 lines
15 KiB
Java
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package com.zhgd.mybatis;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.extension.plugins.handler.DataPermissionHandler;
import com.zhgd.annotation.DataScope;
import com.zhgd.xmgl.modules.worker.entity.EnterpriseInfo;
import com.zhgd.xmgl.modules.worker.mapper.EnterpriseInfoMapper;
import com.zhgd.xmgl.modules.worker.service.impl.UserDevAuthorityServiceImpl;
import com.zhgd.xmgl.modules.worker.service.impl.UserEnterpriseServiceImpl;
import com.zhgd.xmgl.modules.xz.service.impl.XzSupplierQualificationApplyServiceImpl;
import com.zhgd.xmgl.security.entity.UserInfo;
import com.zhgd.xmgl.security.util.SecurityUtils;
import lombok.extern.slf4j.Slf4j;
import net.sf.jsqlparser.JSQLParserException;
import net.sf.jsqlparser.expression.Alias;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.Parenthesis;
import net.sf.jsqlparser.expression.StringValue;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
import net.sf.jsqlparser.expression.operators.relational.InExpression;
import net.sf.jsqlparser.expression.operators.relational.ItemsList;
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
import net.sf.jsqlparser.schema.Column;
import net.sf.jsqlparser.schema.Table;
import net.sf.jsqlparser.statement.select.FromItem;
import net.sf.jsqlparser.statement.select.Join;
import net.sf.jsqlparser.statement.select.PlainSelect;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
@Slf4j
public class DataScopeHandler implements DataPermissionHandler {
@Lazy
@Autowired
private XzSupplierQualificationApplyServiceImpl xzSupplierQualificationApplyService;
@Lazy
@Autowired
private EnterpriseInfoMapper enterpriseInfoMapper;
@Lazy
@Autowired
private UserDevAuthorityServiceImpl userDevAuthorityService;
//
//@Lazy
//@Autowired
//private IProjectService projectService;
//
//@Lazy
//@Autowired
//private IEnterpriseService enterpriseService;
//
//@Lazy
//@Autowired
//private IEngineeringService engineeringService;
//
//@Lazy
//@Autowired
//private ISystemUserDataScopeService systemUserDataScopeService;
@Lazy
@Autowired
private UserEnterpriseServiceImpl userEnterpriseService;
@Override
public Expression getSqlSegment(Expression where, String mappedStatementId) {
return null;
}
protected String getEngineeringSn() {
return "engineering_sn";
}
protected String getProjectSn() {
return "project_sn";
}
private HashMap<String, String> getFieldEnterpriseTables() {
HashMap<String, String> tables = new HashMap<>();
tables.put("worker_info", "enterprise_id");
tables.put("department_info", "enterprise_id");
tables.put("xz_task_progress_content", "enterprise_id");
tables.put("xz_task_progress_alarm", "enterprise_id");
tables.put("xz_task_progress", "enterprise_id");
tables.put("enterprise_info", "id");
tables.put("quality_inspection_record", "enterprise_id");
tables.put("worker_info_audit_record", "enterprise_id");
tables.put("car_info", "enterprise_id");
tables.put("xz_material", "enterprise_id");
tables.put("inspect_task_record", "enterprise_id");
tables.put("xz_security_inspect_task_record", "enterprise_id");
return tables;
}
private HashMap<String, String> getFieldVideoTables() {
HashMap<String, String> tables = new HashMap<>();
tables.put("video_item", "item_id");
return tables;
}
public PlainSelect getSqlSegment(PlainSelect plainSelect, Object obj) {
UserInfo user = SecurityUtils.getUser();
if (user == null) {
return plainSelect;
}
return dataScopeFilterByProject(plainSelect, user, obj);
// else if (type == 2 && user.getAccountType() == 4) {
// return dataScopeFilterByProject(plainSelect, user);
//} else if (type == 2) {
// return dataScopeFilterByEnt(plainSelect, user);
//}
}
private PlainSelect dataScopeFilterByProject(PlainSelect plainSelect, UserInfo user, Object obj) {
DataScope ds = (DataScope) obj;
init(plainSelect);
List<Expression> expressions = new ArrayList<>();
if (user.getAccountType() == 6) {
List<String> filterEnterprises = getNeedFilterLeftExpression(plainSelect, getFieldEnterpriseTables(), ds);
if (CollUtil.isNotEmpty(filterEnterprises)) {
List<String> enterpriseIds = userEnterpriseService.getEnterpriseIdsIfSubProject();
for (String filterEnterprise : filterEnterprises) {
inExpression(filterEnterprise, enterpriseIds, plainSelect);
}
}
List<String> filterItems = getNeedFilterLeftExpression(plainSelect, getFieldVideoTables(), ds);
if (CollUtil.isNotEmpty(filterItems)) {
List<String> videoItems = userDevAuthorityService.getVideoItemsIfSubProject();
for (String item : filterItems) {
inExpression(item, videoItems, plainSelect);
}
}
} else if (user.getAccountType() == 11) {
List<String> filterEnterprises = getNeedFilterLeftExpression(plainSelect, getFieldEnterpriseTables(), ds);
EnterpriseInfo ei = enterpriseInfoMapper.getXzSupplierByUserId(SecurityUtils.getUser().getUserId());
Long id;
if (ei == null) {
id = -1L;
} else {
id = ei.getId();
}
for (String filterEnterprise : filterEnterprises) {
String sql = StrUtil.format(" ({} = {} OR {} IN ( SELECT DISTINCT t.enterprise_id FROM " +
"(SELECT t.id FROM project_enterprise t WHERE t.enterprise_id = {}) t2 join project_enterprise t on find_in_set( t2.id, ancestors ) )) ",
filterEnterprise, id, filterEnterprise, id);
Expression expression = null;
try {
expression = CCJSqlParserUtil.parseCondExpression(sql);
expressions.add(expression);
} catch (JSQLParserException e) {
log.error(e.getMessage(), e);
}
}
Expression dataExpression;
if (expressions.size() > 1) {
//数据权限大于1个之间用或
OrExpression orExpression = new OrExpression(expressions.get(0), expressions.get(1));
for (int i = 2; i < expressions.size(); i++) {
orExpression = new OrExpression(orExpression, expressions.get(i));
}
// 数据权限使用单独的括号 防止与其他条件冲突
dataExpression = new Parenthesis(orExpression);
} else {
dataExpression = expressions.get(0);
}
Expression where = plainSelect.getWhere();
if (where != null) {
where = new AndExpression(where, dataExpression);
} else {
where = dataExpression;
}
plainSelect.setWhere(where);
}
//List<String> scopeIds = systemUserDataScopeService.list(Wrappers.<SystemUserDataScope>lambdaQuery().eq(SystemUserDataScope::getUserId, user.getUserId()))
// .stream().map(u -> u.getRelevanceId()).collect(Collectors.toList());
//if (user.getAccountType() == 4) {
// if (scopeIds.size() > 0) {
// inExpression(getAliasColumn(plainSelect, getEngineeringSn()), scopeIds, plainSelect);
// } else {
// equalsTo(getAliasColumn(plainSelect, getProjectSn()), user.getSn(), plainSelect);
// }
//}
//if (user.getAccountType() == 3) {
// List<String> engineeringSns = scopeIds.size() > 0 ? scopeIds : engineeringService.getSnListByEnterprise(user.getSn());
// if (engineeringSns.size() == 0) {
// engineeringSns.add("0");
// }
// inExpression(getAliasColumn(plainSelect, getEngineeringSn()), engineeringSns, plainSelect);
//}
//if (user.getAccountType() == 2) {
// List<String> projectSns = projectService.getSnListForGov(user.getSn());
// if (projectSns.size() == 0) {
// projectSns.add("0");
// }
// inExpression(getAliasColumn(plainSelect, getProjectSn()), projectSns, plainSelect);
//}
return plainSelect;
}
private List<String> getNeedFilterLeftExpression(PlainSelect plainSelect, Map<String, String> tables, DataScope ds) {
ArrayList<String> rtList = new ArrayList<>();
String[] dsArr = ds.includeTable();
if (dsArr.length > 0) {
Map<String, String> nt = new HashMap<>();
for (String ds1 : dsArr) {
if (tables.containsKey(ds1)) {
nt.put(ds1, tables.get(ds1));
}
}
tables = nt;
}
FromItem fromItem = plainSelect.getFromItem();
if (fromItem instanceof Table) {
Table table = (Table) fromItem;
String name = table.getName();
if (tables.get(name) != null) {
String aliasName = null;
Alias alias = table.getAlias();
if (alias != null) {
aliasName = alias.getName();
}
rtList.add((StringUtils.isEmpty(aliasName) ? name : aliasName) + "." + tables.get(name));
}
}
List<Join> joins = plainSelect.getJoins();
//主表不是user表
if (!CollectionUtils.isEmpty(joins)) {
//判断join的表里有没有user表
for (Join join : joins) {
// 判断join里面是否存在user表不存在则新增
FromItem rightItem = join.getRightItem();
if (rightItem instanceof Table) {
Table joinTable = (Table) rightItem;
if (tables.get(joinTable.getName()) != null) {
String aliasName = null;
Alias alias = joinTable.getAlias();
if (alias != null) {
aliasName = alias.getName();
}
rtList.add((StringUtils.isEmpty(aliasName) ? joinTable.getName() : aliasName) + "." + tables.get(joinTable.getName()));
}
}
}
}
return rtList;
}
//private PlainSelect dataScopeFilterByEnt(PlainSelect plainSelect, SecurityUser user) {
// init(plainSelect);
// if (user.getAccountType() == 3) {
// equalsTo(getAliasColumn(plainSelect, getEnterpriseSn()), user.getSn(), plainSelect);
// }
// if (user.getAccountType() == 2) {
// List<String> entSns = enterpriseService.getSnListForGov(user.getSn());
// if (entSns.size() == 0) {
// entSns.add("0");
// }
// inExpression(getAliasColumn(plainSelect, getEnterpriseSn()), entSns, plainSelect);
// }
// return plainSelect;
//}
private void equalsTo(String leftExpression, String rightExpression, PlainSelect plainSelect) {
EqualsTo equalsTo = new EqualsTo();
equalsTo.setLeftExpression(new Column(leftExpression));
equalsTo.setRightExpression(new StringValue(rightExpression));
AndExpression andExpression = new AndExpression(plainSelect.getWhere(), equalsTo);
plainSelect.setWhere(andExpression);
}
private void inExpression(String leftExpression, List<String> rightExpression, PlainSelect plainSelect) {
InExpression inExpression = new InExpression();
ItemsList itemsList = new ExpressionList(rightExpression.stream().map(StringValue::new).collect(Collectors.toList()));
inExpression.setLeftExpression(new Column(leftExpression));
inExpression.setRightItemsList(itemsList);
AndExpression andExpression = new AndExpression(plainSelect.getWhere(), inExpression);
plainSelect.setWhere(andExpression);
}
private String getAliasColumn(PlainSelect plainSelect, String sn) {
FromItem fromItem = plainSelect.getFromItem();
Alias alias = fromItem.getAlias();
StringBuilder prefix = new StringBuilder();
if (alias != null) {
prefix.append(alias).append(".");
}
return prefix.append(sn).toString();
}
private void init(PlainSelect plainSelect) {
Expression envCondition = null;
try {
envCondition = CCJSqlParserUtil.parseCondExpression("1 == 1");
} catch (JSQLParserException e) {
log.error(e.getMessage(), e);
}
Expression where = plainSelect.getWhere();
if (where == null) {
plainSelect.setWhere(envCondition);
}
}
//protected void addParam(Insert insert, Object obj){
// SecurityUser user = SecurityUtil.getUser();
// if (user == null) {
// return;
// }
// List<Column> columns = insert.getColumns();
// if (CollectionUtils.isEmpty(columns)) {
// // 针对不给列名的insert 不处理
// return;
// }
// if (user.getAccountType() == 4 || user.getAccountType() == 3) {
// if (!columns.stream().anyMatch(c -> c.toString().equals(getProjectSn()))) {
// columns.add(new Column(getProjectSn()));
// if (insert.getItemsList() != null) {
// ItemsList itemsList = insert.getItemsList();
// if (itemsList instanceof MultiExpressionList) {
// ((MultiExpressionList) itemsList).getExprList().forEach(el -> el.getExpressions().add(getProjectSn(obj)));
// } else {
// ((ExpressionList) itemsList).getExpressions().add(getProjectSn(obj));
// }
// } else {
// throw ExceptionUtils.mpe("Failed to process multiple-table update, please exclude the tableName or statementId");
// }
// }
// }
//}
//protected Expression getProjectSn(Object engineeringSn){
// SecurityUser user = SecurityUtil.getUser();
// if (user.getAccountType() == 4) {
// return new StringValue(user.getSn());
// }
// if (user.getAccountType() == 3) {
// return new StringValue(engineeringService.getOne(Wrappers.<Engineering>lambdaQuery().eq(Engineering::getEngineeringSn, engineeringSn)).getProjectSn());
// }
// return null;
//}
}
Reference in New Issue View Git Blame Copy Permalink