gitee
/
roses
mirror of https://gitee.com/stylefeng/roses
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

【8.1.1】【db】更新数据范围校验

pull/60/head
fengshuonan 2024-02-29 13:31:58 +08:00
parent 08b3195e3c
commit 99614201e8
2 changed files with 138 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
kernel-d-db/db-sdk-mp/src/main/java/cn/stylefeng/roses/kernel/db/mp/datascope/ProjectDataScopeHandler.java
View File

@ -1,5 +1,10 @@
package cn.stylefeng.roses.kernel.db.mp.datascope; package cn.stylefeng.roses.kernel.db.mp.datascope;
import cn.hutool.core.collection.ListUtil;
import cn.hutool.core.util.ObjectUtil;
import cn.stylefeng.roses.kernel.db.mp.datascope.config.DataScopeConfig;
import cn.stylefeng.roses.kernel.db.mp.datascope.holder.DataScopeHolder;
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler; import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler;
import net.sf.jsqlparser.expression.Expression; import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.LongValue; import net.sf.jsqlparser.expression.LongValue;
@ -18,19 +23,70 @@ import java.util.Arrays;
*/ */
public class ProjectDataScopeHandler implements MultiDataPermissionHandler { public class ProjectDataScopeHandler implements MultiDataPermissionHandler {
/**
* id
*/
public static final Long NONE_ID_VALUE = -1L;
/**
* id
*/
public static final String DEFAULT_USER_ID_FIELD_NAME = "user_id";
/**
* id
*/
public static final String DEFAULT_ORG_ID_FIELD_NAME = "org_id";
@Override @Override
public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) { public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) {
// 获取数据范围上下文的配置,如果没有则直接略过
DataScopeConfig dataScopeConfig = DataScopeHolder.get();
if (ObjectUtil.isEmpty(dataScopeConfig)) {
return null;
}
// 数据校验处理
dataScopeConfig = this.validateDataScopeConfig(dataScopeConfig);
if (dataScopeConfig == null) {
return null;
}
// 获取数据范围的类型
DataScopeTypeEnum dataScopeTypeEnum = dataScopeConfig.getDataScopeType();
switch (dataScopeTypeEnum) {
// 如果是全部数据返回空不对sql进行处理
case ALL:
return null;
// 如果是本部门数据,则限制查询只能查询本部门数据
case DEPT:
// todo
break;
case DEPT_WITH_CHILD:
// 本部门及以下数据
break;
case COMPANY_WITH_CHILD:
// 本公司及以下数据
break;
case DEFINE:
// 指定部门数据
break;
case SELF:
// 仅本人数据
}
// 创建 org_id 列 // 创建 org_id 列
Column column = new Column("org_id"); Column column = new Column("org_id");
// 创建 IN 表达式的值列表 // 创建 IN 表达式的值列表
ExpressionList expressionList = new ExpressionList(); ExpressionList expressionList = new ExpressionList();
expressionList.setExpressions(Arrays.asList( expressionList.setExpressions(Arrays.asList(new LongValue(1), new LongValue(2), new LongValue(3)));
new LongValue(1),
new LongValue(2),
new LongValue(3)
));
// 创建 IN 表达式 // 创建 IN 表达式
InExpression inExpression = new InExpression(); InExpression inExpression = new InExpression();
@ -40,4 +96,78 @@ public class ProjectDataScopeHandler implements MultiDataPermissionHandler {
return inExpression; return inExpression;
} }
/**
*
*
* @author fengshuonan
* @since 2024-02-29 11:00
*/
private DataScopeConfig validateDataScopeConfig(DataScopeConfig dataScopeConfig) {
if (dataScopeConfig == null) {
return null;
}
DataScopeTypeEnum dataScopeType = dataScopeConfig.getDataScopeType();
if (dataScopeType == null) {
return null;
}
// 如果数据范围为全部直接返回空也就是不进行数据范围sql拦截器
if (DataScopeTypeEnum.ALL.equals(dataScopeType)) {
return null;
}
// 如果数据范围是本人则查询本人id是否传递
else if (DataScopeTypeEnum.SELF.equals(dataScopeType)) {
if (ObjectUtil.isEmpty(dataScopeConfig.getUserId())) {
dataScopeConfig.setUserId(NONE_ID_VALUE);
}
if (ObjectUtil.isEmpty(dataScopeConfig.getUserIdFieldName())) {
dataScopeConfig.setUserIdFieldName(DEFAULT_USER_ID_FIELD_NAME);
}
}
// 如果是本公司及以下数据则查询公司id是否传递
else if (DataScopeTypeEnum.COMPANY_WITH_CHILD.equals(dataScopeType)) {
if (ObjectUtil.isEmpty(dataScopeConfig.getUserCompanyId())) {
dataScopeConfig.setUserCompanyId(NONE_ID_VALUE);
}
if (ObjectUtil.isEmpty(dataScopeConfig.getOrgIdFieldName())) {
dataScopeConfig.setOrgIdFieldName(DEFAULT_ORG_ID_FIELD_NAME);
}
}
// 如果是本部门及以下数据则查询部门id是否传递
else if (DataScopeTypeEnum.DEPT_WITH_CHILD.equals(dataScopeType)) {
if (ObjectUtil.isEmpty(dataScopeConfig.getUserDeptId())) {
dataScopeConfig.setUserDeptId(NONE_ID_VALUE);
}
if (ObjectUtil.isEmpty(dataScopeConfig.getOrgIdFieldName())) {
dataScopeConfig.setOrgIdFieldName(DEFAULT_ORG_ID_FIELD_NAME);
}
}
// 如果是本部门数据则查询部门id是否传递
else if (DataScopeTypeEnum.DEPT.equals(dataScopeType)) {
if (ObjectUtil.isEmpty(dataScopeConfig.getUserDeptId())) {
dataScopeConfig.setUserDeptId(NONE_ID_VALUE);
}
if (ObjectUtil.isEmpty(dataScopeConfig.getOrgIdFieldName())) {
dataScopeConfig.setOrgIdFieldName(DEFAULT_ORG_ID_FIELD_NAME);
}
}
// 如果是指定部门数据则查询部门id是否传递
else if (DataScopeTypeEnum.DEFINE.equals(dataScopeType)) {
if (ObjectUtil.isEmpty(dataScopeConfig.getSpecificOrgIds())) {
dataScopeConfig.setSpecificOrgIds(ListUtil.list(true, NONE_ID_VALUE));
}
if (ObjectUtil.isEmpty(dataScopeConfig.getOrgIdFieldName())) {
dataScopeConfig.setOrgIdFieldName(DEFAULT_ORG_ID_FIELD_NAME);
}
}
return dataScopeConfig;
}
} }

5
kernel-d-db/db-sdk-mp/src/main/java/cn/stylefeng/roses/kernel/db/mp/datascope/config/DataScopeConfig.java
View File

@ -1,5 +1,6 @@
package cn.stylefeng.roses.kernel.db.mp.datascope.config; package cn.stylefeng.roses.kernel.db.mp.datascope.config;
import cn.stylefeng.roses.kernel.db.mp.datascope.ProjectDataScopeHandler;
import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum; import cn.stylefeng.roses.kernel.rule.enums.permission.DataScopeTypeEnum;
import lombok.Data; import lombok.Data;
@ -42,11 +43,11 @@ public class DataScopeConfig {
/** /**
* *
*/ */
private String orgIdFieldName = "org_id"; private String orgIdFieldName = ProjectDataScopeHandler.DEFAULT_ORG_ID_FIELD_NAME;
/** /**
* *
*/ */
private String userIdFieldName = "user_id"; private String userIdFieldName = ProjectDataScopeHandler.DEFAULT_USER_ID_FIELD_NAME;
} }