From 6d5a0d8a7e487db4ba278647f85fc86018558e0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90li?= <15040126243@163.com> Date: Sun, 30 May 2021 02:20:21 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E5=AE=8C=E7=BE=8E=E4=BF=AE=E5=A4=8D?= =?UTF-8?q?=20=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E5=8A=9F=E8=83=BD(?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=8D=95=E8=A1=A8=E5=A4=9A=E8=A1=A8=E8=BF=87?= =?UTF-8?q?=E6=BB=A4)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ruoyi/common/annotation/DataScope.java | 7 +- .../framework/aspectj/DataScopeAspect.java | 234 ++++++++---------- .../service/impl/SysConfigServiceImpl.java | 5 +- .../service/impl/SysUserServiceImpl.java | 4 +- 4 files changed, 114 insertions(+), 136 deletions(-) diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java index 176878e9d..155f7c3a7 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java @@ -8,7 +8,7 @@ import java.lang.annotation.Target; /** * 数据权限过滤注解 - * + * * @author ruoyi */ @Target(ElementType.METHOD) @@ -25,4 +25,9 @@ public @interface DataScope * 用户表的别名 */ public String userAlias() default ""; + + /** + * 是否过滤用户权限 + */ + public boolean isUser() default false; } diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java index 9003bfc33..e8ef10185 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java @@ -24,169 +24,145 @@ import java.util.Map; /** * 数据过滤处理 * - * @author ruoyi + * @author Lion Li */ @Aspect @Component -public class DataScopeAspect -{ - /** - * 全部数据权限 - */ - public static final String DATA_SCOPE_ALL = "1"; +public class DataScopeAspect { - /** - * 自定数据权限 - */ - public static final String DATA_SCOPE_CUSTOM = "2"; + /** + * 全部数据权限 + */ + public static final String DATA_SCOPE_ALL = "1"; - /** - * 部门数据权限 - */ - public static final String DATA_SCOPE_DEPT = "3"; + /** + * 自定数据权限 + */ + public static final String DATA_SCOPE_CUSTOM = "2"; - /** - * 部门及以下数据权限 - */ - public static final String DATA_SCOPE_DEPT_AND_CHILD = "4"; + /** + * 部门数据权限 + */ + public static final String DATA_SCOPE_DEPT = "3"; - /** - * 仅本人数据权限 - */ - public static final String DATA_SCOPE_SELF = "5"; + /** + * 部门及以下数据权限 + */ + public static final String DATA_SCOPE_DEPT_AND_CHILD = "4"; - /** - * 数据权限过滤关键字 - */ - public static final String DATA_SCOPE = "dataScope"; + /** + * 仅本人数据权限 + */ + public static final String DATA_SCOPE_SELF = "5"; - // 配置织入点 - @Pointcut("@annotation(com.ruoyi.common.annotation.DataScope)") - public void dataScopePointCut() - { - } + /** + * 数据权限过滤关键字 + */ + public static final String DATA_SCOPE = "dataScope"; - @Before("dataScopePointCut()") - public void doBefore(JoinPoint point) throws Throwable - { + // 配置织入点 + @Pointcut("@annotation(com.ruoyi.common.annotation.DataScope)") + public void dataScopePointCut() { + } + + @Before("dataScopePointCut()") + public void doBefore(JoinPoint point) throws Throwable { clearDataScope(point); - handleDataScope(point); - } + handleDataScope(point); + } - protected void handleDataScope(final JoinPoint joinPoint) - { - // 获得注解 - DataScope controllerDataScope = getAnnotationLog(joinPoint); - if (controllerDataScope == null) - { - return; - } - // 获取当前的用户 - LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest()); - if (Validator.isNotNull(loginUser)) - { - SysUser currentUser = loginUser.getUser(); - // 如果是超级管理员,则不过滤数据 - if (Validator.isNotNull(currentUser) && !currentUser.isAdmin()) - { - dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), - controllerDataScope.userAlias()); - } - } - } + protected void handleDataScope(final JoinPoint joinPoint) { + // 获得注解 + DataScope controllerDataScope = getAnnotationLog(joinPoint); + if (controllerDataScope == null) { + return; + } + // 获取当前的用户 + LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest()); + if (Validator.isNotNull(loginUser)) { + SysUser currentUser = loginUser.getUser(); + // 如果是超级管理员,则不过滤数据 + if (Validator.isNotNull(currentUser) && !currentUser.isAdmin()) { + dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), + controllerDataScope.userAlias(), controllerDataScope.isUser()); + } + } + } - /** - * 数据范围过滤 - * - * @param joinPoint 切点 - * @param user 用户 - * @param userAlias 别名 - */ - public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias) - { - StringBuilder sqlString = new StringBuilder(); + /** + * 数据范围过滤 + * + * @param joinPoint 切点 + * @param user 用户 + * @param userAlias 别名 + */ + public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, boolean isUser) { + StringBuilder sqlString = new StringBuilder(); // 将 "." 提取出,不写别名为单表查询,写别名为多表查询 deptAlias = StrUtil.isNotBlank(deptAlias) ? deptAlias + "." : ""; userAlias = StrUtil.isNotBlank(userAlias) ? userAlias + "." : ""; - for (SysRole role : user.getRoles()) - { - String dataScope = role.getDataScope(); - if (DATA_SCOPE_ALL.equals(dataScope)) - { - sqlString = new StringBuilder(); - break; - } - else if (DATA_SCOPE_CUSTOM.equals(dataScope)) - { - sqlString.append(StrUtil.format( - " OR {}dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, - role.getRoleId())); - } - else if (DATA_SCOPE_DEPT.equals(dataScope)) - { - sqlString.append(StrUtil.format(" OR {}dept_id = {} ", deptAlias, user.getDeptId())); - } - else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) - { - sqlString.append(StrUtil.format( - " OR {}dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )", - deptAlias, user.getDeptId(), user.getDeptId())); - } - else if (DATA_SCOPE_SELF.equals(dataScope)) - { - if (StrUtil.isNotBlank(userAlias)) - { - sqlString.append(StrUtil.format(" OR {}user_id = {} ", userAlias, user.getUserId())); - } - else - { - // 数据权限为仅本人且没有userAlias别名不查询任何数据 - sqlString.append(" OR 1=0 "); - } - } - } + for (SysRole role : user.getRoles()) { + String dataScope = role.getDataScope(); + if (DATA_SCOPE_ALL.equals(dataScope)) { + sqlString = new StringBuilder(); + break; + } else if (DATA_SCOPE_CUSTOM.equals(dataScope)) { + sqlString.append(StrUtil.format( + " OR {}dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", + deptAlias, role.getRoleId())); + } else if (DATA_SCOPE_DEPT.equals(dataScope)) { + sqlString.append(StrUtil.format(" OR {}dept_id = {} ", + deptAlias, user.getDeptId())); + } else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) { + sqlString.append(StrUtil.format( + " OR {}dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )", + deptAlias, user.getDeptId(), user.getDeptId())); + } else if (DATA_SCOPE_SELF.equals(dataScope)) { + if (isUser) { + sqlString.append(StrUtil.format(" OR {}user_id = {} ", + userAlias, user.getUserId())); + } else { + // 数据权限为仅本人且没有userAlias别名不查询任何数据 + sqlString.append(" OR 1=0 "); + } + } + } - if (StrUtil.isNotBlank(sqlString.toString())) - { + if (StrUtil.isNotBlank(sqlString.toString())) { putDataScope(joinPoint, sqlString.substring(4)); } - } + } - /** - * 是否存在注解,如果存在就获取 - */ - private DataScope getAnnotationLog(JoinPoint joinPoint) - { - Signature signature = joinPoint.getSignature(); - MethodSignature methodSignature = (MethodSignature) signature; - Method method = methodSignature.getMethod(); + /** + * 是否存在注解,如果存在就获取 + */ + private DataScope getAnnotationLog(JoinPoint joinPoint) { + Signature signature = joinPoint.getSignature(); + MethodSignature methodSignature = (MethodSignature) signature; + Method method = methodSignature.getMethod(); - if (method != null) - { - return method.getAnnotation(DataScope.class); - } - return null; - } + if (method != null) { + return method.getAnnotation(DataScope.class); + } + return null; + } /** * 拼接权限sql前先清空params.dataScope参数防止注入 */ - private void clearDataScope(final JoinPoint joinPoint) - { + private void clearDataScope(final JoinPoint joinPoint) { Object params = joinPoint.getArgs()[0]; - if (Validator.isNotNull(params)) - { + if (Validator.isNotNull(params)) { putDataScope(joinPoint, ""); } } private static void putDataScope(JoinPoint joinPoint, String sql) { Object params = joinPoint.getArgs()[0]; - if (Validator.isNotNull(params)) - { - if(params instanceof BaseEntity) { + if (Validator.isNotNull(params)) { + if (params instanceof BaseEntity) { BaseEntity baseEntity = (BaseEntity) params; baseEntity.getParams().put(DATA_SCOPE, sql); } else { diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysConfigServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysConfigServiceImpl.java index 2376d8b57..7b5d061ca 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysConfigServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysConfigServiceImpl.java @@ -32,9 +32,6 @@ import java.util.Map; @Service public class SysConfigServiceImpl extends ServiceImpl implements ISysConfigService { - @Autowired - private SysConfigMapper configMapper; - @Autowired private RedisCache redisCache; @@ -160,7 +157,7 @@ public class SysConfigServiceImpl extends ServiceImpl impl private ISysConfigService configService; @Override - @DataScope(deptAlias = "d", userAlias = "u") + @DataScope(deptAlias = "d", userAlias = "u", isUser = true) public TableDataInfo selectPageUserList(SysUser user) { return PageUtils.buildDataInfo(baseMapper.selectPageUserList(PageUtils.buildPage(), user)); } @@ -64,7 +64,7 @@ public class SysUserServiceImpl extends ServiceImpl impl * @return 用户信息集合信息 */ @Override - @DataScope(deptAlias = "d", userAlias = "u") + @DataScope(deptAlias = "d", userAlias = "u", isUser = true) public List selectUserList(SysUser user) { return baseMapper.selectUserList(user); }