From ddc8bd1139980f75b8eab632a430752b8f880989 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期日, 27 十月 2024 23:25:22 +0800
Subject: [PATCH] [重大更新] update (实验性功能慎更)重构数据权限实现逻辑 支持任意mapper方法标注注解 无需再找真实mapper标注
---
ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/mapper/TestDemoMapper.java | 8 +
ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/config/MybatisPlusConfig.java | 11 ++
ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/interceptor/PlusDataPermissionInterceptor.java | 10 -
ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/aspect/DataPermissionAspect.java | 50 ++++++++++
ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/helper/DataPermissionHelper.java | 28 +++++
ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java | 146 +++++------------------------
6 files changed, 123 insertions(+), 130 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/aspect/DataPermissionAspect.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/aspect/DataPermissionAspect.java
new file mode 100644
index 0000000..1c83cc3
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/aspect/DataPermissionAspect.java
@@ -0,0 +1,50 @@
+package org.dromara.common.mybatis.aspect;
+
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.AfterReturning;
+import org.aspectj.lang.annotation.AfterThrowing;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.dromara.common.mybatis.annotation.DataPermission;
+import org.dromara.common.mybatis.helper.DataPermissionHelper;
+
+/**
+ * 鏁版嵁鏉冮檺澶勭悊
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@Aspect
+public class DataPermissionAspect {
+
+ /**
+ * 澶勭悊璇锋眰鍓嶆墽琛�
+ */
+ @Before(value = "@annotation(dataPermission)")
+ public void doBefore(JoinPoint joinPoint, DataPermission dataPermission) {
+ DataPermissionHelper.setPermission(dataPermission);
+ }
+
+ /**
+ * 澶勭悊瀹岃姹傚悗鎵ц
+ *
+ * @param joinPoint 鍒囩偣
+ */
+ @AfterReturning(pointcut = "@annotation(dataPermission)")
+ public void doAfterReturning(JoinPoint joinPoint, DataPermission dataPermission) {
+ DataPermissionHelper.removePermission();
+ }
+
+ /**
+ * 鎷︽埅寮傚父鎿嶄綔
+ *
+ * @param joinPoint 鍒囩偣
+ * @param e 寮傚父
+ */
+ @AfterThrowing(value = "@annotation(dataPermission)", throwing = "e")
+ public void doAfterThrowing(JoinPoint joinPoint, DataPermission dataPermission, Exception e) {
+ DataPermissionHelper.removePermission();
+ }
+
+}
diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/config/MybatisPlusConfig.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/config/MybatisPlusConfig.java
index 0bc5b66..f7d14ee 100644
--- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/config/MybatisPlusConfig.java
+++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/config/MybatisPlusConfig.java
@@ -10,6 +10,7 @@
import com.baomidou.mybatisplus.extension.plugins.inner.TenantLineInnerInterceptor;
import org.dromara.common.core.factory.YmlPropertySourceFactory;
import org.dromara.common.core.utils.SpringUtils;
+import org.dromara.common.mybatis.aspect.DataPermissionAspect;
import org.dromara.common.mybatis.handler.InjectionMetaObjectHandler;
import org.dromara.common.mybatis.handler.MybatisExceptionHandler;
import org.dromara.common.mybatis.interceptor.PlusDataPermissionInterceptor;
@@ -51,7 +52,15 @@
* 鏁版嵁鏉冮檺鎷︽埅鍣�
*/
public PlusDataPermissionInterceptor dataPermissionInterceptor() {
- return new PlusDataPermissionInterceptor(SpringUtils.getProperty("mybatis-plus.mapperPackage"));
+ return new PlusDataPermissionInterceptor();
+ }
+
+ /**
+ * 鏁版嵁鏉冮檺鍒囬潰澶勭悊鍣�
+ */
+ @Bean
+ public DataPermissionAspect dataPermissionAspect() {
+ return new DataPermissionAspect();
}
/**
diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java
index ab7e0f6..f46ec69 100644
--- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java
+++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java
@@ -1,6 +1,5 @@
package org.dromara.common.mybatis.handler;
-import cn.hutool.core.annotation.AnnotationUtil;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ObjectUtil;
import lombok.extern.slf4j.Slf4j;
@@ -9,7 +8,6 @@
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.expression.operators.relational.ParenthesedExpressionList;
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
-import org.apache.ibatis.io.Resources;
import org.dromara.common.core.domain.dto.RoleDTO;
import org.dromara.common.core.domain.model.LoginUser;
import org.dromara.common.core.exception.ServiceException;
@@ -21,27 +19,17 @@
import org.dromara.common.mybatis.enums.DataScopeType;
import org.dromara.common.mybatis.helper.DataPermissionHelper;
import org.dromara.common.satoken.utils.LoginHelper;
-import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.expression.BeanFactoryResolver;
-import org.springframework.core.io.Resource;
-import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
-import org.springframework.core.io.support.ResourcePatternResolver;
-import org.springframework.core.type.ClassMetadata;
-import org.springframework.core.type.classreading.CachingMetadataReaderFactory;
import org.springframework.expression.BeanResolver;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.ParserContext;
import org.springframework.expression.common.TemplateParserContext;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
-import org.springframework.util.ClassUtils;
-import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.HashSet;
-import java.util.Map;
import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Function;
/**
@@ -54,11 +42,6 @@
public class PlusDataPermissionHandler {
/**
- * 鏂规硶鎴栫被(鍚嶇О) 涓� 娉ㄨВ鐨勬槧灏勫叧绯荤紦瀛�
- */
- private final Map<String, DataPermission> dataPermissionCacheMap = new ConcurrentHashMap<>();
-
- /**
* spel 瑙f瀽鍣�
*/
private final ExpressionParser parser = new SpelExpressionParser();
@@ -69,15 +52,6 @@
private final BeanResolver beanResolver = new BeanFactoryResolver(SpringUtils.getBeanFactory());
/**
- * 鏋勯�犳柟娉曪紝鎵弿鎸囧畾鍖呬笅鐨� Mapper 绫诲苟鍒濆鍖栫紦瀛�
- *
- * @param mapperPackage Mapper 绫绘墍鍦ㄧ殑鍖呰矾寰�
- */
- public PlusDataPermissionHandler(String mapperPackage) {
- scanMapperClasses(mapperPackage);
- }
-
- /**
* 鑾峰彇鏁版嵁杩囨护鏉′欢鐨� SQL 鐗囨
*
* @param where 鍘熷鐨勬煡璇㈡潯浠惰〃杈惧紡
@@ -86,24 +60,24 @@
* @return 鏁版嵁杩囨护鏉′欢鐨� SQL 鐗囨
*/
public Expression getSqlSegment(Expression where, String mappedStatementId, boolean isSelect) {
- // 鑾峰彇鏁版嵁鏉冮檺閰嶇疆
- DataPermission dataPermission = getDataPermission(mappedStatementId);
- // 鑾峰彇褰撳墠鐧诲綍鐢ㄦ埛淇℃伅
- LoginUser currentUser = DataPermissionHelper.getVariable("user");
- if (ObjectUtil.isNull(currentUser)) {
- currentUser = LoginHelper.getLoginUser();
- DataPermissionHelper.setVariable("user", currentUser);
- }
- // 濡傛灉鏄秴绾х鐞嗗憳鎴栫鎴风鐞嗗憳锛屽垯涓嶈繃婊ゆ暟鎹�
- if (LoginHelper.isSuperAdmin() || LoginHelper.isTenantAdmin()) {
- return where;
- }
- // 鏋勯�犳暟鎹繃婊ゆ潯浠剁殑 SQL 鐗囨
- String dataFilterSql = buildDataFilter(dataPermission, isSelect);
- if (StringUtils.isBlank(dataFilterSql)) {
- return where;
- }
try {
+ // 鑾峰彇鏁版嵁鏉冮檺閰嶇疆
+ DataPermission dataPermission = DataPermissionHelper.getPermission();
+ // 鑾峰彇褰撳墠鐧诲綍鐢ㄦ埛淇℃伅
+ LoginUser currentUser = DataPermissionHelper.getVariable("user");
+ if (ObjectUtil.isNull(currentUser)) {
+ currentUser = LoginHelper.getLoginUser();
+ DataPermissionHelper.setVariable("user", currentUser);
+ }
+ // 濡傛灉鏄秴绾х鐞嗗憳鎴栫鎴风鐞嗗憳锛屽垯涓嶈繃婊ゆ暟鎹�
+ if (LoginHelper.isSuperAdmin() || LoginHelper.isTenantAdmin()) {
+ return where;
+ }
+ // 鏋勯�犳暟鎹繃婊ゆ潯浠剁殑 SQL 鐗囨
+ String dataFilterSql = buildDataFilter(dataPermission, isSelect);
+ if (StringUtils.isBlank(dataFilterSql)) {
+ return where;
+ }
Expression expression = CCJSqlParserUtil.parseExpression(dataFilterSql);
// 鏁版嵁鏉冮檺浣跨敤鍗曠嫭鐨勬嫭鍙� 闃叉涓庡叾浠栨潯浠跺啿绐�
ParenthesedExpressionList<Expression> parenthesis = new ParenthesedExpressionList<>(expression);
@@ -114,6 +88,8 @@
}
} catch (JSQLParserException e) {
throw new ServiceException("鏁版嵁鏉冮檺瑙f瀽寮傚父 => " + e.getMessage());
+ } finally {
+ DataPermissionHelper.removePermission();
}
}
@@ -170,8 +146,11 @@
context.setVariable(dataColumn.key()[i], dataColumn.value()[i]);
}
+ // 蹇界暐鏁版嵁鏉冮檺 闃叉spel琛ㄨ揪寮忓唴鏈夊叾浠杝ql鏌ヨ瀵艰嚧姝诲惊鐜皟鐢�
+ String sql = DataPermissionHelper.ignore(() ->
+ parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class)
+ );
// 瑙f瀽sql妯℃澘骞跺~鍏�
- String sql = parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class);
conditions.add(joinStr + sql);
isSuccess = true;
}
@@ -189,86 +168,11 @@
}
/**
- * 鎵弿鎸囧畾鍖呬笅鐨� Mapper 绫伙紝骞舵煡鎵惧叾涓甫鏈夌壒瀹氭敞瑙g殑鏂规硶鎴栫被
- *
- * @param mapperPackage Mapper 绫绘墍鍦ㄧ殑鍖呰矾寰�
- */
- private void scanMapperClasses(String mapperPackage) {
- // 鍒涘缓璧勬簮瑙f瀽鍣ㄥ拰鍏冩暟鎹鍙栧伐鍘�
- PathMatchingResourcePatternResolver resolver = new PathMatchingResourcePatternResolver();
- CachingMetadataReaderFactory factory = new CachingMetadataReaderFactory();
- // 灏� Mapper 鍖呰矾寰勬寜鍒嗛殧绗︽媶鍒嗕负鏁扮粍
- String[] packagePatternArray = StringUtils.splitPreserveAllTokens(mapperPackage, ConfigurableApplicationContext.CONFIG_LOCATION_DELIMITERS);
- String classpath = ResourcePatternResolver.CLASSPATH_ALL_URL_PREFIX;
- try {
- for (String packagePattern : packagePatternArray) {
- // 灏嗗寘璺緞杞崲涓鸿祫婧愯矾寰�
- String path = ClassUtils.convertClassNameToResourcePath(packagePattern);
- // 鑾峰彇鎸囧畾璺緞涓嬬殑鎵�鏈� .class 鏂囦欢璧勬簮
- Resource[] resources = resolver.getResources(classpath + path + "/*.class");
- for (Resource resource : resources) {
- // 鑾峰彇璧勬簮鐨勭被鍏冩暟鎹�
- ClassMetadata classMetadata = factory.getMetadataReader(resource).getClassMetadata();
- // 鑾峰彇璧勬簮瀵瑰簲鐨勭被瀵硅薄
- Class<?> clazz = Resources.classForName(classMetadata.getClassName());
- // 鏌ユ壘绫讳腑鐨勭壒瀹氭敞瑙�
- findAnnotation(clazz);
- }
- }
- } catch (Exception e) {
- log.error("鍒濆鍖栨暟鎹畨鍏ㄧ紦瀛樻椂鍑洪敊:{}", e.getMessage());
- }
- }
-
- /**
- * 鍦ㄦ寚瀹氱殑绫讳腑鏌ユ壘鐗瑰畾鐨勬敞瑙� DataPermission锛屽苟灏嗗甫鏈夎繖涓敞瑙g殑鏂规硶鎴栫被瀛樺偍鍒� dataPermissionCacheMap 涓�
- *
- * @param clazz 瑕佹煡鎵剧殑绫�
- */
- private void findAnnotation(Class<?> clazz) {
- DataPermission dataPermission;
- for (Method method : clazz.getMethods()) {
- if (method.isDefault() || method.isVarArgs()) {
- continue;
- }
- String mappedStatementId = clazz.getName() + "." + method.getName();
- if (AnnotationUtil.hasAnnotation(method, DataPermission.class)) {
- dataPermission = AnnotationUtil.getAnnotation(method, DataPermission.class);
- dataPermissionCacheMap.put(mappedStatementId, dataPermission);
- }
- }
- if (AnnotationUtil.hasAnnotation(clazz, DataPermission.class)) {
- dataPermission = AnnotationUtil.getAnnotation(clazz, DataPermission.class);
- dataPermissionCacheMap.put(clazz.getName(), dataPermission);
- }
- }
-
- /**
- * 鏍规嵁鏄犲皠璇彞 ID 鎴栫被鍚嶈幏鍙栧搴旂殑 DataPermission 娉ㄨВ瀵硅薄
- *
- * @param mapperId 鏄犲皠璇彞 ID
- * @return DataPermission 娉ㄨВ瀵硅薄锛屽鏋滀笉瀛樺湪鍒欒繑鍥� null
- */
- public DataPermission getDataPermission(String mapperId) {
- // 妫�鏌ョ紦瀛樹腑鏄惁鍖呭惈鏄犲皠璇彞 ID 瀵瑰簲鐨� DataPermission 娉ㄨВ瀵硅薄
- if (dataPermissionCacheMap.containsKey(mapperId)) {
- return dataPermissionCacheMap.get(mapperId);
- }
- // 濡傛灉缂撳瓨涓笉鍖呭惈鏄犲皠璇彞 ID 瀵瑰簲鐨� DataPermission 娉ㄨВ瀵硅薄锛屽垯灏濊瘯浣跨敤绫诲悕浣滀负閿煡鎵�
- String clazzName = mapperId.substring(0, mapperId.lastIndexOf("."));
- if (dataPermissionCacheMap.containsKey(clazzName)) {
- return dataPermissionCacheMap.get(clazzName);
- }
- return null;
- }
-
- /**
* 妫�鏌ョ粰瀹氱殑鏄犲皠璇彞 ID 鏄惁鏈夋晥锛屽嵆鏄惁鑳藉鎵惧埌瀵瑰簲鐨� DataPermission 娉ㄨВ瀵硅薄
*
- * @param mapperId 鏄犲皠璇彞 ID
* @return 濡傛灉鎵惧埌瀵瑰簲鐨� DataPermission 娉ㄨВ瀵硅薄锛屽垯杩斿洖 false锛涘惁鍒欒繑鍥� true
*/
- public boolean invalid(String mapperId) {
- return getDataPermission(mapperId) == null;
+ public boolean invalid() {
+ return DataPermissionHelper.getPermission() == null;
}
}
diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/helper/DataPermissionHelper.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/helper/DataPermissionHelper.java
index 932f173..f03d74e 100644
--- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/helper/DataPermissionHelper.java
+++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/helper/DataPermissionHelper.java
@@ -9,6 +9,7 @@
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import org.dromara.common.core.utils.reflect.ReflectUtils;
+import org.dromara.common.mybatis.annotation.DataPermission;
import java.util.HashMap;
import java.util.Map;
@@ -29,6 +30,33 @@
private static final ThreadLocal<Stack<Integer>> REENTRANT_IGNORE = ThreadLocal.withInitial(Stack::new);
+ private static final ThreadLocal<DataPermission> PERMISSION_CACHE = new ThreadLocal<>();
+
+ /**
+ * 鑾峰彇褰撳墠鎵цmapper鏉冮檺娉ㄨВ
+ *
+ * @return 杩斿洖褰撳墠鎵цmapper鏉冮檺娉ㄨВ
+ */
+ public static DataPermission getPermission() {
+ return PERMISSION_CACHE.get();
+ }
+
+ /**
+ * 璁剧疆褰撳墠鎵цmapper鏉冮檺娉ㄨВ
+ *
+ * @param dataPermission 鏁版嵁鏉冮檺娉ㄨВ
+ */
+ public static void setPermission(DataPermission dataPermission) {
+ PERMISSION_CACHE.set(dataPermission);
+ }
+
+ /**
+ * 鍒犻櫎褰撳墠鎵цmapper鏉冮檺娉ㄨВ
+ */
+ public static void removePermission() {
+ PERMISSION_CACHE.remove();
+ }
+
/**
* 浠庝笂涓嬫枃涓幏鍙栨寚瀹氶敭鐨勫彉閲忓�硷紝骞跺皢鍏惰浆鎹负鎸囧畾鐨勭被鍨�
*
diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/interceptor/PlusDataPermissionInterceptor.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/interceptor/PlusDataPermissionInterceptor.java
index 85a4d0a..587a998 100644
--- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/interceptor/PlusDataPermissionInterceptor.java
+++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/interceptor/PlusDataPermissionInterceptor.java
@@ -39,11 +39,9 @@
/**
* 鏋勯�犲嚱鏁帮紝鍒濆鍖� PlusDataPermissionHandler 瀹炰緥
- *
- * @param mapperPackage 鎵弿鐨勬槧灏勫櫒鍖�
*/
- public PlusDataPermissionInterceptor(String mapperPackage) {
- this.dataPermissionHandler = new PlusDataPermissionHandler(mapperPackage);
+ public PlusDataPermissionInterceptor() {
+ this.dataPermissionHandler = new PlusDataPermissionHandler();
}
/**
@@ -64,7 +62,7 @@
return;
}
// 妫�鏌ユ槸鍚︾己灏戞湁鏁堢殑鏁版嵁鏉冮檺娉ㄨВ
- if (dataPermissionHandler.invalid(ms.getId())) {
+ if (dataPermissionHandler.invalid()) {
return;
}
// 瑙f瀽 sql 鍒嗛厤瀵瑰簲鏂规硶
@@ -92,7 +90,7 @@
return;
}
// 妫�鏌ユ槸鍚︾己灏戞湁鏁堢殑鏁版嵁鏉冮檺娉ㄨВ
- if (dataPermissionHandler.invalid(ms.getId())) {
+ if (dataPermissionHandler.invalid()) {
return;
}
PluginUtils.MPBoundSql mpBs = mpSh.mPBoundSql();
diff --git a/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/mapper/TestDemoMapper.java b/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/mapper/TestDemoMapper.java
index 57efdc7..19b2d52 100644
--- a/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/mapper/TestDemoMapper.java
+++ b/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/mapper/TestDemoMapper.java
@@ -34,14 +34,18 @@
@DataColumn(key = "deptName", value = "dept_id"),
@DataColumn(key = "userName", value = "user_id")
})
- List<TestDemo> selectList(IPage<TestDemo> page, @Param(Constants.WRAPPER) Wrapper<TestDemo> queryWrapper);
+ default <P extends IPage<TestDemoVo>> P selectVoPage(IPage<TestDemo> page, Wrapper<TestDemo> wrapper) {
+ return selectVoPage(page, wrapper, this.currentVoClass());
+ }
@Override
@DataPermission({
@DataColumn(key = "deptName", value = "dept_id"),
@DataColumn(key = "userName", value = "user_id")
})
- List<TestDemo> selectList(@Param(Constants.WRAPPER) Wrapper<TestDemo> queryWrapper);
+ default List<TestDemoVo> selectVoList(Wrapper<TestDemo> wrapper) {
+ return selectVoList(wrapper, this.currentVoClass());
+ }
@Override
@DataPermission(value = {
--
Gitblit v1.9.3