You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
165 lines
5.2 KiB
165 lines
5.2 KiB
package com.ruoyi.framework.aspectj; |
|
|
|
import java.lang.reflect.Method; |
|
import org.aspectj.lang.JoinPoint; |
|
import org.aspectj.lang.Signature; |
|
import org.aspectj.lang.annotation.Aspect; |
|
import org.aspectj.lang.annotation.Before; |
|
import org.aspectj.lang.annotation.Pointcut; |
|
import org.aspectj.lang.reflect.MethodSignature; |
|
import org.springframework.stereotype.Component; |
|
import com.ruoyi.common.utils.ServletUtils; |
|
import com.ruoyi.common.utils.StringUtils; |
|
import com.ruoyi.common.utils.spring.SpringUtils; |
|
import com.ruoyi.framework.aspectj.lang.annotation.DataScope; |
|
import com.ruoyi.framework.security.LoginUser; |
|
import com.ruoyi.framework.security.service.TokenService; |
|
import com.ruoyi.framework.web.domain.BaseEntity; |
|
import com.ruoyi.project.system.domain.SysRole; |
|
import com.ruoyi.project.system.domain.SysUser; |
|
|
|
/** |
|
* 数据过滤处理 |
|
* |
|
* @author ruoyi |
|
*/ |
|
@Aspect |
|
@Component |
|
public class DataScopeAspect |
|
{ |
|
/** |
|
* 全部数据权限 |
|
*/ |
|
public static final String DATA_SCOPE_ALL = "1"; |
|
|
|
/** |
|
* 自定数据权限 |
|
*/ |
|
public static final String DATA_SCOPE_CUSTOM = "2"; |
|
|
|
/** |
|
* 部门数据权限 |
|
*/ |
|
public static final String DATA_SCOPE_DEPT = "3"; |
|
|
|
/** |
|
* 部门及以下数据权限 |
|
*/ |
|
public static final String DATA_SCOPE_DEPT_AND_CHILD = "4"; |
|
|
|
/** |
|
* 仅本人数据权限 |
|
*/ |
|
public static final String DATA_SCOPE_SELF = "5"; |
|
|
|
/** |
|
* 数据权限过滤关键字 |
|
*/ |
|
public static final String DATA_SCOPE = "dataScope"; |
|
|
|
// 配置织入点 |
|
@Pointcut("@annotation(com.ruoyi.framework.aspectj.lang.annotation.DataScope)") |
|
public void dataScopePointCut() |
|
{ |
|
} |
|
|
|
@Before("dataScopePointCut()") |
|
public void doBefore(JoinPoint point) throws Throwable |
|
{ |
|
handleDataScope(point); |
|
} |
|
|
|
protected void handleDataScope(final JoinPoint joinPoint) |
|
{ |
|
// 获得注解 |
|
DataScope controllerDataScope = getAnnotationLog(joinPoint); |
|
if (controllerDataScope == null) |
|
{ |
|
return; |
|
} |
|
// 获取当前的用户 |
|
LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest()); |
|
SysUser currentUser = loginUser.getUser(); |
|
if (currentUser != null) |
|
{ |
|
// 如果是超级管理员,则不过滤数据 |
|
if (!currentUser.isAdmin()) |
|
{ |
|
dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), |
|
controllerDataScope.userAlias()); |
|
} |
|
} |
|
} |
|
|
|
/** |
|
* 数据范围过滤 |
|
* |
|
* @param joinPoint 切点 |
|
* @param user 用户 |
|
* @param alias 别名 |
|
*/ |
|
public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias) |
|
{ |
|
StringBuilder sqlString = new StringBuilder(); |
|
|
|
for (SysRole role : user.getRoles()) |
|
{ |
|
String dataScope = role.getDataScope(); |
|
if (DATA_SCOPE_ALL.equals(dataScope)) |
|
{ |
|
sqlString = new StringBuilder(); |
|
break; |
|
} |
|
else if (DATA_SCOPE_CUSTOM.equals(dataScope)) |
|
{ |
|
sqlString.append(StringUtils.format( |
|
" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, |
|
role.getRoleId())); |
|
} |
|
else if (DATA_SCOPE_DEPT.equals(dataScope)) |
|
{ |
|
sqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, user.getDeptId())); |
|
} |
|
else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) |
|
{ |
|
sqlString.append(StringUtils.format( |
|
" OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )", |
|
deptAlias, user.getDeptId(), user.getDeptId())); |
|
} |
|
else if (DATA_SCOPE_SELF.equals(dataScope)) |
|
{ |
|
if (StringUtils.isNotBlank(userAlias)) |
|
{ |
|
sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId())); |
|
} |
|
else |
|
{ |
|
// 数据权限为仅本人且没有userAlias别名不查询任何数据 |
|
sqlString.append(" OR 1=0 "); |
|
} |
|
} |
|
} |
|
|
|
if (StringUtils.isNotBlank(sqlString.toString())) |
|
{ |
|
BaseEntity baseEntity = (BaseEntity) joinPoint.getArgs()[0]; |
|
baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")"); |
|
} |
|
} |
|
|
|
/** |
|
* 是否存在注解,如果存在就获取 |
|
*/ |
|
private DataScope getAnnotationLog(JoinPoint joinPoint) |
|
{ |
|
Signature signature = joinPoint.getSignature(); |
|
MethodSignature methodSignature = (MethodSignature) signature; |
|
Method method = methodSignature.getMethod(); |
|
|
|
if (method != null) |
|
{ |
|
return method.getAnnotation(DataScope.class); |
|
} |
|
return null; |
|
} |
|
}
|
|
|