admin/lx-admin-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix 修复数据权限 兜底sql处理逻辑问题

Browse Source
This commit is contained in:
疯狂的狮子Li 2021-12-15 23:33:51 +08:00
parent 317f6d5c87
commit 2599073f56
1 changed files with 25 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
ruoyi-framework/src/main/java/com/ruoyi/framework/handler/PlusDataPermissionHandler.java
View File

@ -75,17 +75,13 @@ public class PlusDataPermissionHandler {
*/ */
private String buildDataFilter(SysUser user, DataColumn[] dataColumns, boolean isSelect) { private String buildDataFilter(SysUser user, DataColumn[] dataColumns, boolean isSelect) {
StringBuilder sqlString = new StringBuilder(); StringBuilder sqlString = new StringBuilder();
// 更新或删除需满足所有条件
String joinStr = isSelect ? " OR " : " AND ";
StandardEvaluationContext context = new StandardEvaluationContext(); StandardEvaluationContext context = new StandardEvaluationContext();
context.setBeanResolver(beanResolver); context.setBeanResolver(beanResolver);
context.setVariable("user", user); context.setVariable("user", user);
for (DataColumn dataColumn : dataColumns) {
// 设置注解变量 key 为表达式变量 value 为变量值
context.setVariable(dataColumn.key(), dataColumn.value());
for (SysRole role : user.getRoles()) { for (SysRole role : user.getRoles()) {
user.setRoleId(role.getRoleId()); user.setRoleId(role.getRoleId());
// 获取角色权限泛型 // 获取角色权限泛型
DataScopeType type = DataScopeType.findCode(role.getDataScope()); DataScopeType type = DataScopeType.findCode(role.getDataScope());
if (ObjectUtil.isNull(type)) { if (ObjectUtil.isNull(type)) {
@ -95,21 +91,28 @@ public class PlusDataPermissionHandler {
if (type == DataScopeType.ALL) { if (type == DataScopeType.ALL) {
return ""; return "";
} }
boolean isSuccess = false;
for (DataColumn dataColumn : dataColumns) {
// 不包含 key 变量 则不处理 // 不包含 key 变量 则不处理
if (!StringUtils.contains(type.getSqlTemplate(), "#" + dataColumn.key())) { if (!StringUtils.contains(type.getSqlTemplate(), "#" + dataColumn.key())) {
sqlString.append(type.getElseSql());
continue; continue;
} }
// 更新或删除需满足所有条件 // 设置注解变量 key 为表达式变量 value 为变量值
sqlString.append(isSelect ? " OR " : " AND "); context.setVariable(dataColumn.key(), dataColumn.value());
// 解析sql模板并填充 // 解析sql模板并填充
String sql = parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class); String sql = parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class);
sqlString.append(sql); sqlString.append(joinStr).append(sql);
isSuccess = true;
}
// 未处理成功则填充兜底方案
if (!isSuccess) {
sqlString.append(joinStr).append(type.getElseSql());
} }
} }
if (StringUtils.isNotBlank(sqlString.toString())) { if (StringUtils.isNotBlank(sqlString.toString())) {
return sqlString.substring(isSelect ? 4 : 5); return sqlString.substring(joinStr.length());
} }
return ""; return "";
} }