Skip to content

A
amos-boot-biz
Commit 81d21b0d authored by tianbo's avatar tianbo
Browse files
Options

数据权限拦截器优化

parent f87ef47f
Hide whitespace changes
Inline Side-by-side
Showing with 20 additions and 29 deletions
amos-boot-biz-common/src/main/java/com/yeejoin/amos/boot/biz/common/interceptors/PermissionInterceptor.java
View file @ 81d21b0d
......@@ -79,26 +79,13 @@ public class PermissionInterceptor implements Interceptor {
if(!ValidationUtil.isEmpty(dataAuth)){
dataAuthRule = !ValidationUtil.isEmpty(dataAuthRule) ? dataAuthRule : dataAuth.interfacePath();
}
// 数据权限地址为空返回空数据
if(ValidationUtil.isEmpty(dataAuthRule)){
// method.getReturnType().isPrimitive() = true 是count语句
PermissionInterceptorContext.clean();
return method.getReturnType().isPrimitive() ? invocation.proceed() : null;
}
ReginParams reginParam = JSON.parseObject(redisUtils.get(RedisKey.buildReginKey(RequestContext.getExeUserId()
, RequestContext.getToken())).toString(), ReginParams.class);
if (ValidationUtil.isEmpty(reginParam) || ValidationUtil.isEmpty(reginParam.getUserModel())) {
// method.getReturnType().isPrimitive() = true 是count语句
PermissionInterceptorContext.clean();
return method.getReturnType().isPrimitive() ? invocation.proceed() : null;
}
// 用户数据权限配置信息
Map<String, List<PermissionDataruleModel>> dataAuthorization = Privilege.permissionDataruleClient.queryByUser(reginParam.getUserModel().getUserId(),
dataAuthRule).getResult();
// 没有数据权限直接返回空数据
if (ValidationUtil.isEmpty(dataAuthorization)) {
PermissionInterceptorContext.clean();
return method.getReturnType().isPrimitive() ? invocation.proceed() : null;
Map<String, List<PermissionDataruleModel>> dataAuthorization = null;
if (!ValidationUtil.isEmpty(reginParam) && !ValidationUtil.isEmpty(reginParam.getUserModel())) {
dataAuthorization = Privilege.permissionDataruleClient.queryByUser(reginParam.getUserModel().getUserId(),
dataAuthRule).getResult();
}
BoundSql boundSql = (BoundSql) metaObject.getValue("delegate.boundSql");
......@@ -194,15 +181,19 @@ public class PermissionInterceptor implements Interceptor {
mainTable : selectBody.getFromItem().getAlias().getName();
String authSql;
// 过滤没有配置数据权限的用户组
Map<String, List<PermissionDataruleModel>> nonEmptyDataAuthorization =
dataAuthorization.entrySet().stream().filter(map -> !ValidationUtil.isEmpty(map.getValue())).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
// 没有配置数据权限直接返回 false 条件
if (ValidationUtil.isEmpty(nonEmptyDataAuthorization)) {
if (ValidationUtil.isEmpty(dataAuthorization)) {
authSql = falseCondition;
} else {
// 解析数据权限sql
authSql = parseDataAuthorization(nonEmptyDataAuthorization, reginParams, mainTableAlias, boundSql);
// 过滤没有配置数据权限的用户组
Map<String, List<PermissionDataruleModel>> nonEmptyDataAuthorization =
dataAuthorization.entrySet().stream().filter(map -> !ValidationUtil.isEmpty(map.getValue())).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
// 没有配置数据权限直接返回 false 条件
if (ValidationUtil.isEmpty(nonEmptyDataAuthorization)) {
authSql = falseCondition;
} else {
// 解析数据权限sql
authSql = parseDataAuthorization(nonEmptyDataAuthorization, reginParams, mainTableAlias, boundSql);
}
}
// 替换数据权限
if (!ValidationUtil.isEmpty(authSql)) {
......
amos-boot-system-supervision/src/main/resources/db/mapper/dbTemplate_check.xml
View file @ 81d21b0d
......@@ -2041,12 +2041,12 @@
<!-- <if test="orgCode != null">-->
<!-- AND c.org_code = #{orgCode}-->
<!-- </if>-->
ORDER BY c.check_time DESC
<choose>
<when test="pageSize==-1"></when>
<when test="pageSize!=-1">limit #{offset},#{pageSize}</when>
</choose>
</where>
ORDER BY c.check_time DESC
<choose>
<when test="pageSize==-1"></when>
<when test="pageSize!=-1">limit #{offset},#{pageSize}</when>
</choose>
</select>
<select id="getCheckListByTaskId" resultType="com.yeejoin.amos.supervision.dao.entity.Check">
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment