From 6ca853516671882e8e54d9630a4299f12fbcf9aa Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期四, 13 一月 2022 11:14:33 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/satoken' into dev
---
ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java | 118 ++++++++++++++++++++++++++++++++++++++++++++---------------
1 files changed, 88 insertions(+), 30 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java
index 527fa60..2318f6f 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java
@@ -1,6 +1,7 @@
package com.ruoyi.framework.handler;
import cn.hutool.core.annotation.AnnotationUtil;
+import cn.hutool.core.collection.ConcurrentHashSet;
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.ClassUtil;
import cn.hutool.core.util.ObjectUtil;
@@ -11,12 +12,14 @@
import com.ruoyi.common.core.service.UserService;
import com.ruoyi.common.enums.DataScopeType;
import com.ruoyi.common.exception.ServiceException;
-import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.helper.DataPermissionHelper;
+import com.ruoyi.common.utils.LoginUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import lombok.extern.slf4j.Slf4j;
import net.sf.jsqlparser.JSQLParserException;
import net.sf.jsqlparser.expression.Expression;
+import net.sf.jsqlparser.expression.Parenthesis;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
import org.springframework.context.expression.BeanFactoryResolver;
@@ -30,40 +33,68 @@
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
/**
* 鏁版嵁鏉冮檺杩囨护
*
* @author Lion Li
+ * @version 3.5.0
*/
@Slf4j
public class PlusDataPermissionHandler {
+ /**
+ * 鏂规硶鎴栫被(鍚嶇О) 涓� 娉ㄨВ鐨勬槧灏勫叧绯荤紦瀛�
+ */
+ private final Map<String, DataPermission> dataPermissionCacheMap = new ConcurrentHashMap<>();
+
+ /**
+ * 鏃犳晥娉ㄨВ鏂规硶缂撳瓨鐢ㄤ簬蹇�熻繑鍥�
+ */
+ private final Set<String> inavlidCacheSet = new ConcurrentHashSet<>();
+
+ /**
+ * spel 瑙f瀽鍣�
+ */
private final ExpressionParser parser = new SpelExpressionParser();
private final ParserContext parserContext = new TemplateParserContext();
+ /**
+ * bean瑙f瀽鍣� 鐢ㄤ簬澶勭悊 spel 琛ㄨ揪寮忎腑瀵� bean 鐨勮皟鐢�
+ */
private final BeanResolver beanResolver = new BeanFactoryResolver(SpringUtils.getBeanFactory());
+
public Expression getSqlSegment(Expression where, String mappedStatementId, boolean isSelect) {
DataColumn[] dataColumns = findAnnotation(mappedStatementId);
if (ArrayUtil.isEmpty(dataColumns)) {
+ inavlidCacheSet.add(mappedStatementId);
return where;
}
- SysUser currentUser = SpringUtils.getBean(UserService.class).selectUserById(SecurityUtils.getUserId());
+ SysUser currentUser = DataPermissionHelper.getVariable("user");
+ if (ObjectUtil.isNull(currentUser)) {
+ currentUser = SpringUtils.getBean(UserService.class).selectUserById(LoginUtils.getUserId());
+ DataPermissionHelper.setVariable("user", currentUser);
+ }
// 濡傛灉鏄秴绾х鐞嗗憳锛屽垯涓嶈繃婊ゆ暟鎹�
- if (StringUtils.isNull(currentUser) || currentUser.isAdmin()) {
+ if (ObjectUtil.isNull(currentUser) || currentUser.isAdmin()) {
return where;
}
- String dataFilterSql = buildDataFilter(currentUser, dataColumns, isSelect);
+ String dataFilterSql = buildDataFilter(dataColumns, isSelect);
if (StringUtils.isBlank(dataFilterSql)) {
return where;
}
try {
Expression expression = CCJSqlParserUtil.parseExpression(dataFilterSql);
+ // 鏁版嵁鏉冮檺浣跨敤鍗曠嫭鐨勬嫭鍙� 闃叉涓庡叾浠栨潯浠跺啿绐�
+ Parenthesis parenthesis = new Parenthesis(expression);
if (ObjectUtil.isNotNull(where)) {
- return new AndExpression(where, expression);
+ return new AndExpression(where, parenthesis);
} else {
- return expression;
+ return parenthesis;
}
} catch (JSQLParserException e) {
throw new ServiceException("鏁版嵁鏉冮檺瑙f瀽寮傚父 => " + e.getMessage());
@@ -73,43 +104,47 @@
/**
* 鏋勯�犳暟鎹繃婊ql
*/
- private String buildDataFilter(SysUser user, DataColumn[] dataColumns, boolean isSelect) {
+ private String buildDataFilter(DataColumn[] dataColumns, boolean isSelect) {
StringBuilder sqlString = new StringBuilder();
-
+ // 鏇存柊鎴栧垹闄ら渶婊¤冻鎵�鏈夋潯浠�
+ String joinStr = isSelect ? " OR " : " AND ";
+ SysUser user = DataPermissionHelper.getVariable("user");
StandardEvaluationContext context = new StandardEvaluationContext();
context.setBeanResolver(beanResolver);
- context.setVariable("user", user);
-
- for (DataColumn dataColumn : dataColumns) {
- // 璁剧疆娉ㄨВ鍙橀噺 key 涓鸿〃杈惧紡鍙橀噺 value 涓哄彉閲忓��
- context.setVariable(dataColumn.key(), dataColumn.value());
- for (SysRole role : user.getRoles()) {
- user.setRoleId(role.getRoleId());
-
- // 鑾峰彇瑙掕壊鏉冮檺娉涘瀷
- DataScopeType type = DataScopeType.findCode(role.getDataScope());
- if (ObjectUtil.isNull(type)) {
- throw new ServiceException("瑙掕壊鏁版嵁鑼冨洿寮傚父 => " + role.getDataScope());
- }
- // 鍏ㄩ儴鏁版嵁鏉冮檺鐩存帴杩斿洖
- if (type == DataScopeType.ALL) {
- return "";
- }
+ DataPermissionHelper.getContext().forEach(context::setVariable);
+ for (SysRole role : user.getRoles()) {
+ user.setRoleId(role.getRoleId());
+ // 鑾峰彇瑙掕壊鏉冮檺娉涘瀷
+ DataScopeType type = DataScopeType.findCode(role.getDataScope());
+ if (ObjectUtil.isNull(type)) {
+ throw new ServiceException("瑙掕壊鏁版嵁鑼冨洿寮傚父 => " + role.getDataScope());
+ }
+ // 鍏ㄩ儴鏁版嵁鏉冮檺鐩存帴杩斿洖
+ if (type == DataScopeType.ALL) {
+ return "";
+ }
+ boolean isSuccess = false;
+ for (DataColumn dataColumn : dataColumns) {
// 涓嶅寘鍚� key 鍙橀噺 鍒欎笉澶勭悊
if (!StringUtils.contains(type.getSqlTemplate(), "#" + dataColumn.key())) {
- sqlString.append(type.getElseSql());
continue;
}
- // 鏇存柊鎴栧垹闄ら渶婊¤冻鎵�鏈夋潯浠�
- sqlString.append(isSelect ? " OR " : " AND ");
+ // 璁剧疆娉ㄨВ鍙橀噺 key 涓鸿〃杈惧紡鍙橀噺 value 涓哄彉閲忓��
+ context.setVariable(dataColumn.key(), dataColumn.value());
+
// 瑙f瀽sql妯℃澘骞跺~鍏�
String sql = parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class);
- sqlString.append(sql);
+ sqlString.append(joinStr).append(sql);
+ isSuccess = true;
+ }
+ // 鏈鐞嗘垚鍔熷垯濉厖鍏滃簳鏂规
+ if (!isSuccess) {
+ sqlString.append(joinStr).append(type.getElseSql());
}
}
if (StringUtils.isNotBlank(sqlString.toString())) {
- return sqlString.substring(isSelect ? 4 : 5);
+ return sqlString.substring(joinStr.length());
}
return "";
}
@@ -123,12 +158,35 @@
List<Method> methods = Arrays.stream(ClassUtil.getDeclaredMethods(clazz))
.filter(method -> method.getName().equals(methodName)).collect(Collectors.toList());
DataPermission dataPermission;
+ // 鑾峰彇鏂规硶娉ㄨВ
for (Method method : methods) {
+ dataPermission = dataPermissionCacheMap.get(method.getName());
+ if (ObjectUtil.isNotNull(dataPermission)) {
+ return dataPermission.value();
+ }
if (AnnotationUtil.hasAnnotation(method, DataPermission.class)) {
dataPermission = AnnotationUtil.getAnnotation(method, DataPermission.class);
+ dataPermissionCacheMap.put(method.getName(), dataPermission);
return dataPermission.value();
}
}
+ dataPermission = dataPermissionCacheMap.get(clazz.getName());
+ if (ObjectUtil.isNotNull(dataPermission)) {
+ return dataPermission.value();
+ }
+ // 鑾峰彇绫绘敞瑙�
+ if (AnnotationUtil.hasAnnotation(clazz, DataPermission.class)) {
+ dataPermission = AnnotationUtil.getAnnotation(clazz, DataPermission.class);
+ dataPermissionCacheMap.put(clazz.getName(), dataPermission);
+ return dataPermission.value();
+ }
return null;
}
+
+ /**
+ * 鏄惁涓烘棤鏁堟柟娉� 鏃犳暟鎹潈闄�
+ */
+ public boolean isInvalid(String mappedStatementId) {
+ return inavlidCacheSet.contains(mappedStatementId);
+ }
}
--
Gitblit v1.9.3