remove 移除过期代码 数据权限
This commit is contained in:
疯狂的狮子li
parent
6c4882b907
commit
4e04f5e967
@ -1,32 +0,0 @@
|
|||||||
package com.ruoyi.common.annotation;
|
|
||||||
|
|
||||||
import java.lang.annotation.*;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 数据权限过滤注解
|
|
||||||
*
|
|
||||||
* @author ruoyi
|
|
||||||
* @deprecated 3.6.0 移除 {@link com.ruoyi.common.annotation.DataPermission}
|
|
||||||
*/
|
|
||||||
@Target(ElementType.METHOD)
|
|
||||||
@Retention(RetentionPolicy.RUNTIME)
|
|
||||||
@Documented
|
|
||||||
@Deprecated
|
|
||||||
public @interface DataScope {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 部门表的别名
|
|
||||||
*/
|
|
||||||
String deptAlias() default "";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 用户表的别名
|
|
||||||
*/
|
|
||||||
String userAlias() default "";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 是否过滤用户权限
|
|
||||||
*/
|
|
||||||
boolean isUser() default false;
|
|
||||||
|
|
||||||
}
|
|
||||||
@ -1,142 +0,0 @@
|
|||||||
package com.ruoyi.framework.aspectj;
|
|
||||||
|
|
||||||
import com.ruoyi.common.annotation.DataScope;
|
|
||||||
import com.ruoyi.common.core.domain.BaseEntity;
|
|
||||||
import com.ruoyi.common.core.domain.entity.SysRole;
|
|
||||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
|
||||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
|
||||||
import com.ruoyi.common.core.service.UserService;
|
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import com.ruoyi.common.utils.StringUtils;
|
|
||||||
import com.ruoyi.common.utils.spring.SpringUtils;
|
|
||||||
import org.aspectj.lang.JoinPoint;
|
|
||||||
import org.aspectj.lang.annotation.Aspect;
|
|
||||||
import org.aspectj.lang.annotation.Before;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 数据过滤处理
|
|
||||||
*
|
|
||||||
* @author Lion Li
|
|
||||||
* @deprecated 3.6.0 移除 {@link com.ruoyi.framework.handler.PlusDataPermissionHandler}
|
|
||||||
*/
|
|
||||||
@Aspect
|
|
||||||
@Component
|
|
||||||
@Deprecated
|
|
||||||
public class DataScopeAspect {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 全部数据权限
|
|
||||||
*/
|
|
||||||
public static final String DATA_SCOPE_ALL = "1";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 自定数据权限
|
|
||||||
*/
|
|
||||||
public static final String DATA_SCOPE_CUSTOM = "2";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 部门数据权限
|
|
||||||
*/
|
|
||||||
public static final String DATA_SCOPE_DEPT = "3";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 部门及以下数据权限
|
|
||||||
*/
|
|
||||||
public static final String DATA_SCOPE_DEPT_AND_CHILD = "4";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 仅本人数据权限
|
|
||||||
*/
|
|
||||||
public static final String DATA_SCOPE_SELF = "5";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 数据权限过滤关键字
|
|
||||||
*/
|
|
||||||
public static final String DATA_SCOPE = "dataScope";
|
|
||||||
|
|
||||||
@Before("@annotation(controllerDataScope)")
|
|
||||||
public void doBefore(JoinPoint point, DataScope controllerDataScope) throws Throwable {
|
|
||||||
clearDataScope(point);
|
|
||||||
handleDataScope(point, controllerDataScope);
|
|
||||||
}
|
|
||||||
|
|
||||||
protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope) {
|
|
||||||
// 获取当前的用户
|
|
||||||
LoginUser loginUser = SecurityUtils.getLoginUser();
|
|
||||||
if (StringUtils.isNotNull(loginUser)) {
|
|
||||||
SysUser currentUser = SpringUtils.getBean(UserService.class).selectUserById(loginUser.getUserId());
|
|
||||||
// 如果是超级管理员,则不过滤数据
|
|
||||||
if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) {
|
|
||||||
dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
|
|
||||||
controllerDataScope.userAlias(), controllerDataScope.isUser());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 数据范围过滤
|
|
||||||
*
|
|
||||||
* @param joinPoint 切点
|
|
||||||
* @param user 用户
|
|
||||||
* @param userAlias 别名
|
|
||||||
*/
|
|
||||||
public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, boolean isUser) {
|
|
||||||
StringBuilder sqlString = new StringBuilder();
|
|
||||||
|
|
||||||
// 将 "." 提取出,不写别名为单表查询,写别名为多表查询
|
|
||||||
deptAlias = StringUtils.isNotBlank(deptAlias) ? deptAlias + "." : "";
|
|
||||||
userAlias = StringUtils.isNotBlank(userAlias) ? userAlias + "." : "";
|
|
||||||
|
|
||||||
for (SysRole role : user.getRoles()) {
|
|
||||||
String dataScope = role.getDataScope();
|
|
||||||
if (DATA_SCOPE_ALL.equals(dataScope)) {
|
|
||||||
sqlString = new StringBuilder();
|
|
||||||
break;
|
|
||||||
} else if (DATA_SCOPE_CUSTOM.equals(dataScope)) {
|
|
||||||
sqlString.append(StringUtils.format(
|
|
||||||
" OR {}dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ",
|
|
||||||
deptAlias, role.getRoleId()));
|
|
||||||
} else if (DATA_SCOPE_DEPT.equals(dataScope)) {
|
|
||||||
sqlString.append(StringUtils.format(" OR {}dept_id = {} ",
|
|
||||||
deptAlias, user.getDeptId()));
|
|
||||||
} else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
|
|
||||||
sqlString.append(StringUtils.format(
|
|
||||||
" OR {}dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
|
|
||||||
deptAlias, user.getDeptId(), user.getDeptId()));
|
|
||||||
} else if (DATA_SCOPE_SELF.equals(dataScope)) {
|
|
||||||
if (isUser) {
|
|
||||||
sqlString.append(StringUtils.format(" OR {}user_id = {} ",
|
|
||||||
userAlias, user.getUserId()));
|
|
||||||
} else {
|
|
||||||
// 数据权限为仅本人且没有userAlias别名不查询任何数据
|
|
||||||
sqlString.append(" OR 1=0 ");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (StringUtils.isNotBlank(sqlString.toString())) {
|
|
||||||
putDataScope(joinPoint, sqlString.substring(4));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 拼接权限sql前先清空params.dataScope参数防止注入
|
|
||||||
*/
|
|
||||||
private void clearDataScope(final JoinPoint joinPoint) {
|
|
||||||
Object params = joinPoint.getArgs()[0];
|
|
||||||
if (StringUtils.isNotNull(params)) {
|
|
||||||
putDataScope(joinPoint, "");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private static void putDataScope(JoinPoint joinPoint, String sql) {
|
|
||||||
Object params = joinPoint.getArgs()[0];
|
|
||||||
if (StringUtils.isNotNull(params)) {
|
|
||||||
if (params instanceof BaseEntity) {
|
|
||||||
BaseEntity baseEntity = (BaseEntity) params;
|
|
||||||
baseEntity.getParams().put(DATA_SCOPE, sql);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@ -42,10 +42,6 @@
|
|||||||
<if test="status != null and status != ''">
|
<if test="status != null and status != ''">
|
||||||
AND status = #{status}
|
AND status = #{status}
|
||||||
</if>
|
</if>
|
||||||
<!-- <!– 数据范围过滤 –>-->
|
|
||||||
<!-- <if test="params.dataScope != null and params.dataScope != ''">-->
|
|
||||||
<!-- AND ( ${params.dataScope} )-->
|
|
||||||
<!-- </if>-->
|
|
||||||
order by d.parent_id, d.order_num
|
order by d.parent_id, d.order_num
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
|
|||||||
@ -60,10 +60,6 @@
|
|||||||
<if test="role.params.endTime != null and role.params.endTime != ''"><!-- 结束时间检索 -->
|
<if test="role.params.endTime != null and role.params.endTime != ''"><!-- 结束时间检索 -->
|
||||||
and date_format(r.create_time,'%y%m%d') <= date_format(#{role.params.endTime},'%y%m%d')
|
and date_format(r.create_time,'%y%m%d') <= date_format(#{role.params.endTime},'%y%m%d')
|
||||||
</if>
|
</if>
|
||||||
<!-- <!– 数据范围过滤 –>-->
|
|
||||||
<!-- <if test="role.params.dataScope != null and role.params.dataScope != ''">-->
|
|
||||||
<!-- AND ( ${role.params.dataScope} )-->
|
|
||||||
<!-- </if>-->
|
|
||||||
order by r.role_sort
|
order by r.role_sort
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@ -88,10 +84,6 @@
|
|||||||
<if test="params.endTime != null and params.endTime != ''"><!-- 结束时间检索 -->
|
<if test="params.endTime != null and params.endTime != ''"><!-- 结束时间检索 -->
|
||||||
and date_format(r.create_time,'%y%m%d') <= date_format(#{params.endTime},'%y%m%d')
|
and date_format(r.create_time,'%y%m%d') <= date_format(#{params.endTime},'%y%m%d')
|
||||||
</if>
|
</if>
|
||||||
<!-- <!– 数据范围过滤 –>-->
|
|
||||||
<!-- <if test="params.dataScope != null and params.dataScope != ''">-->
|
|
||||||
<!-- AND ( ${params.dataScope} )-->
|
|
||||||
<!-- </if>-->
|
|
||||||
order by r.role_sort
|
order by r.role_sort
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
|
|||||||
@ -108,10 +108,6 @@
|
|||||||
AND (u.dept_id = #{user.deptId} OR u.dept_id IN ( SELECT t.dept_id FROM sys_dept t WHERE find_in_set(#{user.deptId},
|
AND (u.dept_id = #{user.deptId} OR u.dept_id IN ( SELECT t.dept_id FROM sys_dept t WHERE find_in_set(#{user.deptId},
|
||||||
ancestors) ))
|
ancestors) ))
|
||||||
</if>
|
</if>
|
||||||
<!-- <!– 数据范围过滤 –>-->
|
|
||||||
<!-- <if test="user.params.dataScope != null and user.params.dataScope != ''">-->
|
|
||||||
<!-- AND ( ${user.params.dataScope} )-->
|
|
||||||
<!-- </if>-->
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<select id="selectUserList" parameterType="SysUser" resultMap="SysUserResult">
|
<select id="selectUserList" parameterType="SysUser" resultMap="SysUserResult">
|
||||||
@ -142,10 +138,6 @@
|
|||||||
AND (u.dept_id = #{deptId} OR u.dept_id IN ( SELECT t.dept_id FROM sys_dept t WHERE find_in_set(#{deptId},
|
AND (u.dept_id = #{deptId} OR u.dept_id IN ( SELECT t.dept_id FROM sys_dept t WHERE find_in_set(#{deptId},
|
||||||
ancestors) ))
|
ancestors) ))
|
||||||
</if>
|
</if>
|
||||||
<!-- <!– 数据范围过滤 –>-->
|
|
||||||
<!-- <if test="params.dataScope != null and params.dataScope != ''">-->
|
|
||||||
<!-- AND ( ${params.dataScope} )-->
|
|
||||||
<!-- </if>-->
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<select id="selectAllocatedList" parameterType="SysUser" resultMap="SysUserResult">
|
<select id="selectAllocatedList" parameterType="SysUser" resultMap="SysUserResult">
|
||||||
@ -161,10 +153,6 @@
|
|||||||
<if test="user.phonenumber != null and user.phonenumber != ''">
|
<if test="user.phonenumber != null and user.phonenumber != ''">
|
||||||
AND u.phonenumber like concat('%', #{user.phonenumber}, '%')
|
AND u.phonenumber like concat('%', #{user.phonenumber}, '%')
|
||||||
</if>
|
</if>
|
||||||
<!-- <!– 数据范围过滤 –>-->
|
|
||||||
<!-- <if test="user.params.dataScope != null and user.params.dataScope != ''">-->
|
|
||||||
<!-- AND ( ${user.params.dataScope} )-->
|
|
||||||
<!-- </if>-->
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<select id="selectUnallocatedList" parameterType="SysUser" resultMap="SysUserResult">
|
<select id="selectUnallocatedList" parameterType="SysUser" resultMap="SysUserResult">
|
||||||
@ -181,10 +169,6 @@
|
|||||||
<if test="user.phonenumber != null and user.phonenumber != ''">
|
<if test="user.phonenumber != null and user.phonenumber != ''">
|
||||||
AND u.phonenumber like concat('%', #{user.phonenumber}, '%')
|
AND u.phonenumber like concat('%', #{user.phonenumber}, '%')
|
||||||
</if>
|
</if>
|
||||||
<!-- <!– 数据范围过滤 –>-->
|
|
||||||
<!-- <if test="user.params.dataScope != null and user.params.dataScope != ''">-->
|
|
||||||
<!-- AND ( ${user.params.dataScope} )-->
|
|
||||||
<!-- </if>-->
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<select id="selectUserByUserName" parameterType="String" resultMap="SysUserResult">
|
<select id="selectUserByUserName" parameterType="String" resultMap="SysUserResult">
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user