diff --git a/qiaoba-apis/qiaoba-api-system/src/main/java/com/qiaoba/api/system/entity/param/SysUserParam.java b/qiaoba-apis/qiaoba-api-system/src/main/java/com/qiaoba/api/system/entity/param/SysUserParam.java index da791ee..9a2b911 100644 --- a/qiaoba-apis/qiaoba-api-system/src/main/java/com/qiaoba/api/system/entity/param/SysUserParam.java +++ b/qiaoba-apis/qiaoba-api-system/src/main/java/com/qiaoba/api/system/entity/param/SysUserParam.java @@ -1,10 +1,9 @@ package com.qiaoba.api.system.entity.param; +import com.qiaoba.common.base.entity.DataScopeParam; import lombok.Getter; import lombok.Setter; -import java.io.Serializable; - /** * 用户查询参数 * @@ -14,9 +13,7 @@ import java.io.Serializable; */ @Getter @Setter -public class SysUserParam implements Serializable { - - private static final long serialVersionUID = 1L; +public class SysUserParam extends DataScopeParam { private String username; @@ -33,4 +30,5 @@ public class SysUserParam implements Serializable { private String beginTime; private String endTime; + } diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/aspectj/DataScopeAspect.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/aspectj/DataScopeAspect.java index b3a948e..5bab27d 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/aspectj/DataScopeAspect.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/aspectj/DataScopeAspect.java @@ -5,6 +5,8 @@ import cn.hutool.core.util.StrUtil; import com.qiaoba.auth.annotation.DataScope; import com.qiaoba.auth.entity.LoginUser; import com.qiaoba.auth.entity.dto.RoleDto; +import com.qiaoba.auth.utils.SecurityUtil; +import com.qiaoba.common.base.entity.DataScopeParam; import com.qiaoba.common.base.utils.DatabaseUtil; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.Aspect; @@ -13,6 +15,7 @@ import org.springframework.stereotype.Component; import java.util.ArrayList; import java.util.List; +import java.util.Objects; /** * 数据过滤处理 @@ -47,25 +50,32 @@ public class DataScopeAspect { */ public static final String DATA_SCOPE_SELF = "5"; - /** - * 数据权限过滤关键字 - */ - public static final String DATA_SCOPE = "dataScope"; @Before("@annotation(controllerDataScope)") public void doBefore(JoinPoint point, DataScope controllerDataScope) throws Throwable { + LoginUser loginUser = SecurityUtil.getLoginUser(); + if (Objects.isNull(loginUser)) { + return; + } + Object[] args = point.getArgs(); + for (Object arg : args) { + if (Objects.nonNull(arg) && arg instanceof DataScopeParam) { + dataScopeFilter((DataScopeParam) arg, loginUser, controllerDataScope.deptAlias(), controllerDataScope.userAlias()); + break; + } + } } /** * 数据范围过滤 * - * @param joinPoint 切点 + * @param param 入参 * @param user 用户 * @param deptAlias 部门别名 * @param userAlias 用户别名 */ - public static void dataScopeFilter(JoinPoint joinPoint, LoginUser user, String deptAlias, String userAlias) { + public static void dataScopeFilter(DataScopeParam param, LoginUser user, String deptAlias, String userAlias) { StringBuilder sqlString = new StringBuilder(); List conditions = new ArrayList(); @@ -104,6 +114,10 @@ public class DataScopeAspect { if (CollUtil.isEmpty(conditions)) { sqlString.append(StrUtil.format(" OR {}.dept_id = 0 ", deptAlias)); } + + if (StrUtil.isNotBlank(sqlString)) { + param.setDataScope(" AND (" + sqlString.substring(4) + ")"); + } } } diff --git a/qiaoba-auth/src/main/resources/META-INF/spring.factories b/qiaoba-auth/src/main/resources/META-INF/spring.factories index 45d4f1d..74fb571 100644 --- a/qiaoba-auth/src/main/resources/META-INF/spring.factories +++ b/qiaoba-auth/src/main/resources/META-INF/spring.factories @@ -4,4 +4,5 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ com.qiaoba.auth.handler.LogoutHandler,\ com.qiaoba.auth.filters.JwtAuthenticationTokenFilter,\ com.qiaoba.auth.advice.SecurityExceptionAdvice,\ + com.qiaoba.auth.aspectj.DataScopeAspect,\ com.qiaoba.auth.config.SpringSecurityConfig diff --git a/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/entity/DataScopeParam.java b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/entity/DataScopeParam.java new file mode 100644 index 0000000..c0b1c2f --- /dev/null +++ b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/entity/DataScopeParam.java @@ -0,0 +1,23 @@ +package com.qiaoba.common.base.entity; + +import lombok.Getter; +import lombok.Setter; + +import java.io.Serializable; + +/** + * 数据权限 + * + * @author ailanyin + * @version 1.0 + * @since 2023/5/23 9:36 + */ +@Getter +@Setter +public class DataScopeParam implements Serializable { + + private static final long serialVersionUID = 1L; + + private String dataScope; + +} diff --git a/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysUserServiceImpl.java b/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysUserServiceImpl.java index fcd21b2..01bd8ba 100644 --- a/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysUserServiceImpl.java +++ b/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysUserServiceImpl.java @@ -12,6 +12,7 @@ import com.qiaoba.api.system.entity.SysUserRole; import com.qiaoba.api.system.entity.dto.SysUserDto; import com.qiaoba.api.system.entity.param.SysUserParam; import com.qiaoba.api.system.entity.vo.SysUserVo; +import com.qiaoba.auth.annotation.DataScope; import com.qiaoba.auth.utils.SecurityUtil; import com.qiaoba.common.base.exceptions.ServiceException; import com.qiaoba.common.database.entity.PageQuery; @@ -102,6 +103,7 @@ public class SysUserServiceImpl implements SysUserService { } @Override + @DataScope(userAlias = "u",deptAlias = "t2") public TableDataInfo selectVoPageList(SysUserParam param, PageQuery pageQuery) { Page page = sysUserMapper.selectVoPageList(pageQuery.build(), param); return TableDataInfo.build(page); diff --git a/qiaoba-modules/qiaoba-module-system/src/main/resources/mapper/SysUserMapper.xml b/qiaoba-modules/qiaoba-module-system/src/main/resources/mapper/SysUserMapper.xml index 336d8f3..f81f138 100644 --- a/qiaoba-modules/qiaoba-module-system/src/main/resources/mapper/SysUserMapper.xml +++ b/qiaoba-modules/qiaoba-module-system/src/main/resources/mapper/SysUserMapper.xml @@ -65,6 +65,7 @@ AND u.create_time <= #{param.endTime} + ${param.dataScope}