tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 优化权限部分的代码

Browse Source 
优化权限部分的代码,完善注释
This commit is contained in:
Theo
2024-12-04 23:46:40 +08:00
parent 2a31d2943e
commit e0fd189196
1 changed files with 29 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/main/java/com/youlai/boot/core/handler/MyDataPermissionHandler.java
View File

@@ -24,21 +24,41 @@ import java.lang.reflect.Method;
@Slf4j @Slf4j
public class MyDataPermissionHandler implements DataPermissionHandler { public class MyDataPermissionHandler implements DataPermissionHandler {
/**
* 获取数据权限的sql片段
* @param where 查询条件
* @param mappedStatementId mapper接口方法的全路径
* @return sql片段
*/
@Override @Override
@SneakyThrows @SneakyThrows
public Expression getSqlSegment(Expression where, String mappedStatementId) { public Expression getSqlSegment(Expression where, String mappedStatementId) {
// 如果是超级管理员,直接返回
if(SecurityUtils.isRoot()){
return where;
}
// 获取当前用户的数据权限
Integer dataScope = SecurityUtils.getDataScope();
DataScopeEnum dataScopeEnum = IBaseEnum.getEnumByValue(dataScope, DataScopeEnum.class);
// 如果是全部数据权限,直接返回
if (DataScopeEnum.ALL.equals(dataScopeEnum)) {
return where;
}
// 获取当前执行的接口类
Class<?> clazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf(StringPool.DOT))); Class<?> clazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf(StringPool.DOT)));
// 获取当前执行的方法名称
String methodName = mappedStatementId.substring(mappedStatementId.lastIndexOf(StringPool.DOT) + 1); String methodName = mappedStatementId.substring(mappedStatementId.lastIndexOf(StringPool.DOT) + 1);
// 获取当前执行的接口类里所有的方法
Method[] methods = clazz.getDeclaredMethods(); Method[] methods = clazz.getDeclaredMethods();
for (Method method : methods) { for (Method method : methods) {
//找到当前执行的方法
if (method.getName().equals(methodName)) { if (method.getName().equals(methodName)) {
DataPermission annotation = method.getAnnotation(DataPermission.class); DataPermission annotation = method.getAnnotation(DataPermission.class);
// 如果没有注解或者是超级管理员,直接返回 // 判断当前执行的方法是否有权限注解,如果没有注解直接返回
if (annotation == null || SecurityUtils.isRoot() ) { if (annotation == null ) {
return where; return where;
} }
return dataScopeFilter(annotation.deptAlias(), annotation.deptIdColumnName(), annotation.userAlias(), annotation.userIdColumnName(), where); return dataScopeFilter(annotation.deptAlias(), annotation.deptIdColumnName(), annotation.userAlias(), annotation.userIdColumnName(), dataScopeEnum,where);
} }
} }
return where; return where;
@@ -51,17 +71,12 @@ public class MyDataPermissionHandler implements DataPermissionHandler {
* @return 构建后查询条件 * @return 构建后查询条件
*/ */
@SneakyThrows @SneakyThrows
public static Expression dataScopeFilter(String deptAlias, String deptIdColumnName, String userAlias, String userIdColumnName, Expression where) { public static Expression dataScopeFilter(String deptAlias, String deptIdColumnName, String userAlias, String userIdColumnName,DataScopeEnum dataScopeEnum, Expression where) {
// 获取部门和用户的别名
String deptColumnName = StrUtil.isNotBlank(deptAlias) ? (deptAlias + StringPool.DOT + deptIdColumnName) : deptIdColumnName; String deptColumnName = StrUtil.isNotBlank(deptAlias) ? (deptAlias + StringPool.DOT + deptIdColumnName) : deptIdColumnName;
String userColumnName = StrUtil.isNotBlank(userAlias) ? (userAlias + StringPool.DOT + userIdColumnName) : userIdColumnName; String userColumnName = StrUtil.isNotBlank(userAlias) ? (userAlias + StringPool.DOT + userIdColumnName) : userIdColumnName;
// 获取当前用户的数据权限
Integer dataScope = SecurityUtils.getDataScope();
DataScopeEnum dataScopeEnum = IBaseEnum.getEnumByValue(dataScope, DataScopeEnum.class);
Long deptId, userId; Long deptId, userId;
String appendSqlStr; String appendSqlStr;
switch (dataScopeEnum) { switch (dataScopeEnum) {