From 921c462b1268a342583eac8e1275a3ad7ae8d20d Mon Sep 17 00:00:00 2001
From: ZhengJie <201507802@qq.com>
Date: Thu, 7 May 2020 19:05:24 +0800
Subject: [PATCH] =?UTF-8?q?[=E4=BB=A3=E7=A0=81=E5=AE=8C=E5=96=84](v2.5):?=
=?UTF-8?q?=20v2.5=20beta=20=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E4=BD=BF?=
=?UTF-8?q?=E5=8D=87=E7=BA=A7=EF=BC=8C=E7=8E=B0=E5=8F=AF=E9=80=9A=E8=BF=87?=
=?UTF-8?q?=E6=B3=A8=E8=A7=A3[@DataPermission]=E6=8E=A7=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
DataPermission 类中有详细说明和使用示例
SecurityUtils 中加入获取当前用户的数据权限的方法
2.5 Beta 详情:https://www.ydyno.com/archives/1225.html
---
.../zhengjie/annotation/DataPermission.java | 47 ++++++++
.../system/service/impl/DataServiceImpl.java | 104 ++++++++++++++++++
.../zhengjie/utils/enums/DataScopeEnum.java | 50 +++++++++
3 files changed, 201 insertions(+)
create mode 100644 eladmin-common/src/main/java/me/zhengjie/annotation/DataPermission.java
create mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java
create mode 100644 eladmin-system/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java
diff --git a/eladmin-common/src/main/java/me/zhengjie/annotation/DataPermission.java b/eladmin-common/src/main/java/me/zhengjie/annotation/DataPermission.java
new file mode 100644
index 00000000..5ba01d9a
--- /dev/null
+++ b/eladmin-common/src/main/java/me/zhengjie/annotation/DataPermission.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2019-2020 Zheng Jie
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package me.zhengjie.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ *
+ * 用于判断是否过滤数据权限
+ * 1、如果没有用到 @OneToOne 这种关联关系,只需要填写 fieldName [参考:DeptQueryCriteria.class]
+ * 2、如果用到了 @OneToOne ,fieldName 和 joinName 都需要填写,拿UserQueryCriteria.class举例:
+ * 应该是 @DataPermission(joinName = "dept", fieldName = "id")
+ *
+ * @author Zheng Jie
+ * @website https://docs.auauz.net
+ * @date 2020-05-07
+ **/
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface DataPermission {
+
+ /**
+ * Entity 中的字段名称
+ */
+ String fieldName() default "";
+
+ /**
+ * Entity 中与部门关联的字段名称
+ */
+ String joinName() default "";
+}
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java
new file mode 100644
index 00000000..d5c0b8ed
--- /dev/null
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/DataServiceImpl.java
@@ -0,0 +1,104 @@
+/*
+ * Copyright 2019-2020 Zheng Jie
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package me.zhengjie.modules.system.service.impl;
+
+import lombok.RequiredArgsConstructor;
+import me.zhengjie.modules.system.domain.Dept;
+import me.zhengjie.modules.system.service.DataService;
+import me.zhengjie.modules.system.service.DeptService;
+import me.zhengjie.modules.system.service.RoleService;
+import me.zhengjie.modules.system.service.dto.RoleSmallDto;
+import me.zhengjie.modules.system.service.dto.UserDto;
+import me.zhengjie.utils.enums.DataScopeEnum;
+import org.springframework.cache.annotation.CacheConfig;
+import org.springframework.cache.annotation.Cacheable;
+import org.springframework.stereotype.Service;
+import java.util.*;
+
+/**
+ * @author Zheng Jie
+ * @website https://docs.auauz.net
+ * @description 数据权限服务实现
+ * @date 2020-05-07
+ **/
+@Service
+@RequiredArgsConstructor
+@CacheConfig(cacheNames = "role")
+public class DataServiceImpl implements DataService {
+
+ private final RoleService roleService;
+ private final DeptService deptService;
+
+ @Cacheable
+ public List getDeptIds(UserDto user) {
+ // 用于存储部门id
+ Set deptIds = new HashSet<>();
+ // 查询用户角色
+ List roleSet = roleService.findByUsersId(user.getId());
+ // 获取对应的部门ID
+ for (RoleSmallDto role : roleSet) {
+ DataScopeEnum dataScopeEnum = DataScopeEnum.find(role.getDataScope());
+ switch (Objects.requireNonNull(dataScopeEnum)) {
+ case THIS_LEVEL:
+ deptIds.add(user.getDept().getId());
+ break;
+ case CUSTOMIZE:
+ deptIds.addAll(getCustomize(deptIds, role));
+ break;
+ }
+ }
+ return new ArrayList<>(deptIds);
+ }
+
+ /**
+ * 获取自定义的数据权限
+ * @param deptIds 部门ID
+ * @param role 角色
+ * @return 数据权限ID
+ */
+ public Set getCustomize(Set deptIds, RoleSmallDto role){
+ Set depts = deptService.findByRoleIds(role.getId());
+ for (Dept dept : depts) {
+ deptIds.add(dept.getId());
+ List deptChildren = deptService.findByPid(dept.getId());
+ if (deptChildren != null && deptChildren.size() != 0) {
+ deptIds.addAll(getDeptChildren(deptChildren));
+ }
+ }
+ return deptIds;
+ }
+
+ /**
+ * 递归获取子级部门
+ * @param deptList 部门
+ * @return 数据权限
+ */
+ @Cacheable
+ public List getDeptChildren(List deptList) {
+ List list = new ArrayList<>();
+ deptList.forEach(dept -> {
+ if (dept!=null && dept.getEnabled()){
+ List depts = deptService.findByPid(dept.getId());
+ if(deptList.size() != 0){
+ list.addAll(getDeptChildren(depts));
+ }
+ list.add(dept.getId());
+ }
+ }
+ );
+ return list;
+ }
+}
diff --git a/eladmin-system/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java b/eladmin-system/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java
new file mode 100644
index 00000000..ab38d1e0
--- /dev/null
+++ b/eladmin-system/src/main/java/me/zhengjie/utils/enums/DataScopeEnum.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2019-2020 Zheng Jie
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package me.zhengjie.utils.enums;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ *
+ * 数据权限枚举
+ *
+ * @author Zheng Jie
+ * @date 2020-05-07
+ */
+@Getter
+@AllArgsConstructor
+public enum DataScopeEnum {
+
+ ALL("全部", "全部的数据权限"),
+
+ THIS_LEVEL("本级", "自己部门的数据权限"),
+
+ CUSTOMIZE("自定义", "自定义的数据权限");
+
+ private final String value;
+ private final String description;
+
+ public static DataScopeEnum find(String val) {
+ for (DataScopeEnum dataScopeEnum : DataScopeEnum.values()) {
+ if (val.equals(dataScopeEnum.getValue())) {
+ return dataScopeEnum;
+ }
+ }
+ return null;
+ }
+
+}