From f1208474f771a1c233d7425c8ed13fbaa0d521ac Mon Sep 17 00:00:00 2001
From: baoshiwei <baoshiwei@shlanbao.cn>
Date: 星期三, 12 三月 2025 09:35:13 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/5.X' into 5.X
---
ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java | 208 +++++++++++++++++++++++++++++++++------------------
1 files changed, 133 insertions(+), 75 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java
index 5ac74c3..a354707 100644
--- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java
+++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/PlusDataPermissionHandler.java
@@ -3,11 +3,12 @@
import cn.hutool.core.annotation.AnnotationUtil;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ObjectUtil;
+import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import net.sf.jsqlparser.JSQLParserException;
import net.sf.jsqlparser.expression.Expression;
-import net.sf.jsqlparser.expression.Parenthesis;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
+import net.sf.jsqlparser.expression.operators.relational.ParenthesedExpressionList;
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
import org.apache.ibatis.io.Resources;
import org.dromara.common.core.domain.dto.RoleDTO;
@@ -28,19 +29,13 @@
import org.springframework.core.io.support.ResourcePatternResolver;
import org.springframework.core.type.ClassMetadata;
import org.springframework.core.type.classreading.CachingMetadataReaderFactory;
-import org.springframework.expression.BeanResolver;
-import org.springframework.expression.ExpressionParser;
-import org.springframework.expression.ParserContext;
+import org.springframework.expression.*;
import org.springframework.expression.common.TemplateParserContext;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.util.ClassUtils;
-import java.lang.reflect.Method;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Function;
@@ -54,7 +49,7 @@
public class PlusDataPermissionHandler {
/**
- * 鏂规硶鎴栫被(鍚嶇О) 涓� 娉ㄨВ鐨勬槧灏勫叧绯荤紦瀛�
+ * 绫诲悕绉颁笌娉ㄨВ鐨勬槧灏勫叧绯荤紦瀛�(鐢变簬aop鏃犳硶鎷︽埅mybatis鎺ュ彛绫讳笂鐨勬敞瑙� 鍙兘閫氳繃鍚姩棰勬壂鎻忕殑鏂瑰紡杩涜)
*/
private final Map<String, DataPermission> dataPermissionCacheMap = new ConcurrentHashMap<>();
@@ -86,27 +81,27 @@
* @return 鏁版嵁杩囨护鏉′欢鐨� SQL 鐗囨
*/
public Expression getSqlSegment(Expression where, String mappedStatementId, boolean isSelect) {
- // 鑾峰彇鏁版嵁鏉冮檺閰嶇疆
- DataPermission dataPermission = getDataPermission(mappedStatementId);
- // 鑾峰彇褰撳墠鐧诲綍鐢ㄦ埛淇℃伅
- LoginUser currentUser = DataPermissionHelper.getVariable("user");
- if (ObjectUtil.isNull(currentUser)) {
- currentUser = LoginHelper.getLoginUser();
- DataPermissionHelper.setVariable("user", currentUser);
- }
- // 濡傛灉鏄秴绾х鐞嗗憳鎴栫鎴风鐞嗗憳锛屽垯涓嶈繃婊ゆ暟鎹�
- if (LoginHelper.isSuperAdmin() || LoginHelper.isTenantAdmin()) {
- return where;
- }
- // 鏋勯�犳暟鎹繃婊ゆ潯浠剁殑 SQL 鐗囨
- String dataFilterSql = buildDataFilter(dataPermission, isSelect);
- if (StringUtils.isBlank(dataFilterSql)) {
- return where;
- }
try {
+ // 鑾峰彇鏁版嵁鏉冮檺閰嶇疆
+ DataPermission dataPermission = getDataPermission(mappedStatementId);
+ // 鑾峰彇褰撳墠鐧诲綍鐢ㄦ埛淇℃伅
+ LoginUser currentUser = DataPermissionHelper.getVariable("user");
+ if (ObjectUtil.isNull(currentUser)) {
+ currentUser = LoginHelper.getLoginUser();
+ DataPermissionHelper.setVariable("user", currentUser);
+ }
+ // 濡傛灉鏄秴绾х鐞嗗憳鎴栫鎴风鐞嗗憳锛屽垯涓嶈繃婊ゆ暟鎹�
+ if (LoginHelper.isSuperAdmin() || LoginHelper.isTenantAdmin()) {
+ return where;
+ }
+ // 鏋勯�犳暟鎹繃婊ゆ潯浠剁殑 SQL 鐗囨
+ String dataFilterSql = buildDataFilter(dataPermission, isSelect);
+ if (StringUtils.isBlank(dataFilterSql)) {
+ return where;
+ }
Expression expression = CCJSqlParserUtil.parseExpression(dataFilterSql);
// 鏁版嵁鏉冮檺浣跨敤鍗曠嫭鐨勬嫭鍙� 闃叉涓庡叾浠栨潯浠跺啿绐�
- Parenthesis parenthesis = new Parenthesis(expression);
+ ParenthesedExpressionList<Expression> parenthesis = new ParenthesedExpressionList<>(expression);
if (ObjectUtil.isNotNull(where)) {
return new AndExpression(where, parenthesis);
} else {
@@ -114,6 +109,8 @@
}
} catch (JSQLParserException e) {
throw new ServiceException("鏁版嵁鏉冮檺瑙f瀽寮傚父 => " + e.getMessage());
+ } finally {
+ DataPermissionHelper.removePermission();
}
}
@@ -132,10 +129,33 @@
joinStr = " " + dataPermission.joinStr() + " ";
}
LoginUser user = DataPermissionHelper.getVariable("user");
- StandardEvaluationContext context = new StandardEvaluationContext();
+ Object defaultValue = "-1";
+ NullSafeStandardEvaluationContext context = new NullSafeStandardEvaluationContext(defaultValue);
+ context.addPropertyAccessor(new NullSafePropertyAccessor(context.getPropertyAccessors().get(0), defaultValue));
context.setBeanResolver(beanResolver);
DataPermissionHelper.getContext().forEach(context::setVariable);
Set<String> conditions = new HashSet<>();
+ // 浼樺厛璁剧疆鍙橀噺
+ List<String> keys = new ArrayList<>();
+ Map<DataColumn, Boolean> ignoreMap = new HashMap<>();
+ for (DataColumn dataColumn : dataPermission.value()) {
+ if (dataColumn.key().length != dataColumn.value().length) {
+ throw new ServiceException("瑙掕壊鏁版嵁鑼冨洿寮傚父 => key涓巚alue闀垮害涓嶅尮閰�");
+ }
+ // 鍖呭惈鏉冮檺鏍囪瘑绗� 杩欑洿鎺ヨ烦杩�
+ if (StringUtils.isNotBlank(dataColumn.permission()) &&
+ CollUtil.contains(user.getMenuPermission(), dataColumn.permission())
+ ) {
+ ignoreMap.put(dataColumn, Boolean.TRUE);
+ continue;
+ }
+ // 璁剧疆娉ㄨВ鍙橀噺 key 涓鸿〃杈惧紡鍙橀噺 value 涓哄彉閲忓��
+ for (int i = 0; i < dataColumn.key().length; i++) {
+ context.setVariable(dataColumn.key()[i], dataColumn.value()[i]);
+ }
+ keys.addAll(Arrays.stream(dataColumn.key()).map(key -> "#" + key).toList());
+ }
+
for (RoleDTO role : user.getRoles()) {
user.setRoleId(role.getRoleId());
// 鑾峰彇瑙掕壊鏉冮檺娉涘瀷
@@ -145,33 +165,30 @@
}
// 鍏ㄩ儴鏁版嵁鏉冮檺鐩存帴杩斿洖
if (type == DataScopeType.ALL) {
- return "";
+ return StringUtils.EMPTY;
}
boolean isSuccess = false;
for (DataColumn dataColumn : dataPermission.value()) {
- if (dataColumn.key().length != dataColumn.value().length) {
- throw new ServiceException("瑙掕壊鏁版嵁鑼冨洿寮傚父 => key涓巚alue闀垮害涓嶅尮閰�");
- }
- // 涓嶅寘鍚� key 鍙橀噺 鍒欎笉澶勭悊
- if (!StringUtils.containsAny(type.getSqlTemplate(),
- Arrays.stream(dataColumn.key()).map(key -> "#" + key).toArray(String[]::new)
- )) {
- continue;
- }
// 鍖呭惈鏉冮檺鏍囪瘑绗� 杩欑洿鎺ヨ烦杩�
- if (StringUtils.isNotBlank(dataColumn.permission()) &&
- CollUtil.contains(user.getMenuPermission(), dataColumn.permission())
- ) {
+ if (ignoreMap.containsKey(dataColumn)) {
+ // 淇澶氳鑹蹭笌鏉冮檺鏍囪瘑绗﹀叡鐢ㄩ棶棰� https://gitee.com/dromara/RuoYi-Vue-Plus/issues/IB4CS4
+ conditions.add(joinStr + " 1 = 1 ");
isSuccess = true;
continue;
}
- // 璁剧疆娉ㄨВ鍙橀噺 key 涓鸿〃杈惧紡鍙橀噺 value 涓哄彉閲忓��
- for (int i = 0; i < dataColumn.key().length; i++) {
- context.setVariable(dataColumn.key()[i], dataColumn.value()[i]);
+ // 涓嶅寘鍚� key 鍙橀噺 鍒欎笉澶勭悊
+ if (!StringUtils.containsAny(type.getSqlTemplate(), keys.toArray(String[]::new))) {
+ continue;
}
-
+ // 褰撳墠娉ㄨВ涓嶆弧瓒虫ā鏉� 涓嶅鐞�
+ if (!StringUtils.containsAny(type.getSqlTemplate(), dataColumn.key())) {
+ continue;
+ }
+ // 蹇界暐鏁版嵁鏉冮檺 闃叉spel琛ㄨ揪寮忓唴鏈夊叾浠杝ql鏌ヨ瀵艰嚧姝诲惊鐜皟鐢�
+ String sql = DataPermissionHelper.ignore(() ->
+ parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class)
+ );
// 瑙f瀽sql妯℃澘骞跺~鍏�
- String sql = parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class);
conditions.add(joinStr + sql);
isSuccess = true;
}
@@ -185,7 +202,7 @@
String sql = StreamUtils.join(conditions, Function.identity(), "");
return sql.substring(joinStr.length());
}
- return "";
+ return StringUtils.EMPTY;
}
/**
@@ -212,34 +229,14 @@
// 鑾峰彇璧勬簮瀵瑰簲鐨勭被瀵硅薄
Class<?> clazz = Resources.classForName(classMetadata.getClassName());
// 鏌ユ壘绫讳腑鐨勭壒瀹氭敞瑙�
- findAnnotation(clazz);
+ if (AnnotationUtil.hasAnnotation(clazz, DataPermission.class)) {
+ DataPermission dataPermission = AnnotationUtil.getAnnotation(clazz, DataPermission.class);
+ dataPermissionCacheMap.put(clazz.getName(), dataPermission);
+ }
}
}
} catch (Exception e) {
log.error("鍒濆鍖栨暟鎹畨鍏ㄧ紦瀛樻椂鍑洪敊:{}", e.getMessage());
- }
- }
-
- /**
- * 鍦ㄦ寚瀹氱殑绫讳腑鏌ユ壘鐗瑰畾鐨勬敞瑙� DataPermission锛屽苟灏嗗甫鏈夎繖涓敞瑙g殑鏂规硶鎴栫被瀛樺偍鍒� dataPermissionCacheMap 涓�
- *
- * @param clazz 瑕佹煡鎵剧殑绫�
- */
- private void findAnnotation(Class<?> clazz) {
- DataPermission dataPermission;
- for (Method method : clazz.getMethods()) {
- if (method.isDefault() || method.isVarArgs()) {
- continue;
- }
- String mappedStatementId = clazz.getName() + "." + method.getName();
- if (AnnotationUtil.hasAnnotation(method, DataPermission.class)) {
- dataPermission = AnnotationUtil.getAnnotation(method, DataPermission.class);
- dataPermissionCacheMap.put(mappedStatementId, dataPermission);
- }
- }
- if (AnnotationUtil.hasAnnotation(clazz, DataPermission.class)) {
- dataPermission = AnnotationUtil.getAnnotation(clazz, DataPermission.class);
- dataPermissionCacheMap.put(clazz.getName(), dataPermission);
}
}
@@ -250,9 +247,9 @@
* @return DataPermission 娉ㄨВ瀵硅薄锛屽鏋滀笉瀛樺湪鍒欒繑鍥� null
*/
public DataPermission getDataPermission(String mapperId) {
- // 妫�鏌ョ紦瀛樹腑鏄惁鍖呭惈鏄犲皠璇彞 ID 瀵瑰簲鐨� DataPermission 娉ㄨВ瀵硅薄
- if (dataPermissionCacheMap.containsKey(mapperId)) {
- return dataPermissionCacheMap.get(mapperId);
+ // 妫�鏌ヤ笂涓嬫枃涓槸鍚﹀寘鍚槧灏勮鍙� ID 瀵瑰簲鐨� DataPermission 娉ㄨВ瀵硅薄
+ if (DataPermissionHelper.getPermission() != null) {
+ return DataPermissionHelper.getPermission();
}
// 濡傛灉缂撳瓨涓笉鍖呭惈鏄犲皠璇彞 ID 瀵瑰簲鐨� DataPermission 娉ㄨВ瀵硅薄锛屽垯灏濊瘯浣跨敤绫诲悕浣滀负閿煡鎵�
String clazzName = mapperId.substring(0, mapperId.lastIndexOf("."));
@@ -271,4 +268,65 @@
public boolean invalid(String mapperId) {
return getDataPermission(mapperId) == null;
}
+
+ /**
+ * 瀵规墍鏈塶ull鍙橀噺鎵句笉鍒扮殑鍙橀噺杩斿洖榛樿鍊�
+ */
+ @AllArgsConstructor
+ private static class NullSafeStandardEvaluationContext extends StandardEvaluationContext {
+
+ private final Object defaultValue;
+
+ @Override
+ public Object lookupVariable(String name) {
+ Object obj = super.lookupVariable(name);
+ // 濡傛灉璇诲彇鍒扮殑鍊兼槸 null锛屽垯杩斿洖榛樿鍊�
+ if (obj == null) {
+ return defaultValue;
+ }
+ return obj;
+ }
+
+ }
+
+ /**
+ * 瀵规墍鏈塶ull鍙橀噺鎵句笉鍒扮殑鍙橀噺杩斿洖榛樿鍊� 濮旀墭妯″紡 灏嗕笉闇�瑕佸鐞嗙殑鏂规硶濮旀墭缁欏師澶勭悊鍣�
+ */
+ @AllArgsConstructor
+ private static class NullSafePropertyAccessor implements PropertyAccessor {
+
+ private final PropertyAccessor delegate;
+ private final Object defaultValue;
+
+ @Override
+ public Class<?>[] getSpecificTargetClasses() {
+ return delegate.getSpecificTargetClasses();
+ }
+
+ @Override
+ public boolean canRead(EvaluationContext context, Object target, String name) throws AccessException {
+ return delegate.canRead(context, target, name);
+ }
+
+ @Override
+ public TypedValue read(EvaluationContext context, Object target, String name) throws AccessException {
+ TypedValue value = delegate.read(context, target, name);
+ // 濡傛灉璇诲彇鍒扮殑鍊兼槸 null锛屽垯杩斿洖榛樿鍊�
+ if (value.getValue() == null) {
+ return new TypedValue(defaultValue);
+ }
+ return value;
+ }
+
+ @Override
+ public boolean canWrite(EvaluationContext context, Object target, String name) throws AccessException {
+ return delegate.canWrite(context, target, name);
+ }
+
+ @Override
+ public void write(EvaluationContext context, Object target, String name, Object newValue) throws AccessException {
+ delegate.write(context, target, name, newValue);
+ }
+ }
+
}
--
Gitblit v1.9.3