今天小編給大家分享一下怎么用Springboot+mybatis-plus+注解實現(xiàn)數(shù)據(jù)權(quán)限隔離的相關(guān)知識點(diǎn)���,內(nèi)容詳細(xì)��,邏輯清晰�����,相信大部分人都還太了解這方面的知識�����,所以分享這篇文章給大家參考一下�����,希望大家閱讀完這篇文章后有所收獲,下面我們一起來了解一下吧���。
成都創(chuàng)新互聯(lián)公司專業(yè)為企業(yè)提供贛州網(wǎng)站建設(shè)�、贛州做網(wǎng)站��、贛州網(wǎng)站設(shè)計���、贛州網(wǎng)站制作等企業(yè)網(wǎng)站建設(shè)���、網(wǎng)頁設(shè)計與制作、贛州企業(yè)網(wǎng)站模板建站服務(wù)���,10多年贛州做網(wǎng)站經(jīng)驗�����,不只是建網(wǎng)站�����,更提供有價值的思路和整體網(wǎng)絡(luò)服務(wù)�����。
1.創(chuàng)建注解
當(dāng)此注解打在類上�����,不需要傳參�����,該類下所有查詢接口開啟數(shù)據(jù)隔離�;打在方法上默認(rèn)開啟數(shù)據(jù)隔離�,傳參為false則該方法關(guān)閉驗證
/**
* 數(shù)據(jù)權(quán)限驗證注解
* @author xiaohua
* @date 2021/6/23
*/
@Documented
@Target({METHOD, ANNOTATION_TYPE, TYPE})
@Retention(RUNTIME)
public @interface DataPermission {
/**
* 是否要進(jìn)行數(shù)據(jù)權(quán)限隔離
*/
boolean isPermi() default true;
}2. 具體實現(xiàn)
@Component
@Intercepts({@Signature(type = StatementHandler.class, method = "prepare", args = {Connection.class, Integer.class})})
public class DataPermissionInterceptor implements Interceptor {
private static final Logger logger = LoggerFactory.getLogger(DataPermissionInterceptor.class);
@Autowired
private TokenService tokenService;
//掃描的包路徑(根據(jù)自己的項目路徑來),這里是取的配置里的包路徑
@Value("${permission.package-path}")
private String packagePath;
private final static String DEPT_ID = "dept_id";
private final static String USER_ID = "create_user";
private static List classNames;
@Override
public Object intercept(Invocation invocation) throws Throwable {
try {
LoginInfo user = tokenService.getLoginInfo();
if (user == null){
return invocation.proceed();
}
List deptIds = (List) Convert.toList(user.getDataScope());
if (deptIds == null){
deptIds = new ArrayList<>();
}
//反射掃包會比較慢�����,這里做了個懶加載
if (classNames == null) {
synchronized (LazyInit.class){
if (classNames == null){
//掃描指定包路徑下所有包含指定注解的類
Set> classSet = ClassUtil.scanPackageByAnnotation(packagePath, DataPermission.class);
if (classSet == null && classSet.size() == 0){
classNames = new ArrayList<>();
} else {
//取得類全名
classNames = classSet.stream().map(Class::getName).collect(Collectors.toList());
}
}
}
}
// 拿到mybatis的一些對象
StatementHandler statementHandler = PluginUtils.realTarget(invocation.getTarget());
MetaObject metaObject = SystemMetaObject.forObject(statementHandler);
MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement");
// mappedStatement.getId()為執(zhí)行的mapper方法的全路徑名,newId為執(zhí)行的mapper方法的類全名
String newId = mappedStatement.getId().substring(0, mappedStatement.getId().lastIndexOf("."));
// 如果不是指定的方法�����,直接結(jié)束攔截
if (!classNames.contains(newId)) {
return invocation.proceed();
}
String newName = mappedStatement.getId().substring(mappedStatement.getId().lastIndexOf(".") + 1, mappedStatement.getId().length());
//是否開啟數(shù)據(jù)權(quán)限
boolean isPermi = true;
Class clazz = Class.forName(newId);
//遍歷方法
for (Method method : clazz.getDeclaredMethods()) {
//方法是否含有DataPermission注解���,如果含有注解則將數(shù)據(jù)結(jié)果過濾
if (method.isAnnotationPresent(DataPermission.class) && newName.equals(method.getName())) {
DataPermission dataPermission = method.getAnnotation(DataPermission.class);
if (dataPermission != null) {
//不驗證
if (!dataPermission.isPermi()) {
isPermi = false;
} else { //開啟驗證
isPermi = true;
}
}
}
}
if (isPermi){
// 獲取到原始sql語句
String sql = statementHandler.getBoundSql().getSql();
// 解析并返回新的SQL語句���,只處理查詢sql
if (mappedStatement.getSqlCommandType().toString().equals("SELECT")) {
// String newSql = getNewSql(sql,deptIds,user.getUserId());
sql = getSql(sql,deptIds,user.getUserId());
}
// 修改sql
metaObject.setValue("delegate.boundSql.sql", sql);
}
return invocation.proceed();
} catch (Exception e){
logger.error("數(shù)據(jù)權(quán)限隔離異常:", e);
return invocation.proceed();
}
}
/**
* 解析SQL語句���,并返回新的SQL語句
* 注意,該方法使用了JSqlParser來操作SQL�,該依賴包Mybatis-plus已經(jīng)集成了。如果要單獨(dú)使用�,請先自行導(dǎo)入依賴
*
* @param sql 原SQL
* @return 新SQL
*/
private String getSql(String sql,List deptIds,Long userId) {
try {
String condition = "";
String permissionSql = "(";
if (deptIds.size() > 0){
for (Long deptId : deptIds) {
if ("(".equals(permissionSql)){
permissionSql = permissionSql + deptId;
} else {
permissionSql = permissionSql + "," + deptId;
}
}
permissionSql = permissionSql + ")";
// 修改原語句
condition = DEPT_ID +" in " + permissionSql;
} else {
condition = USER_ID +" = " + userId;
}
if (StringUtils.isBlank(condition)){
return sql;
}
Select select = (Select)CCJSqlParserUtil.parse(sql);
PlainSelect plainSelect = (PlainSelect)select.getSelectBody();
//取得原SQL的where條件
final Expression expression = plainSelect.getWhere();
//增加新的where條件
final Expression envCondition = CCJSqlParserUtil.parseCondExpression(condition);
if (expression == null) {
plainSelect.setWhere(envCondition);
} else {
AndExpression andExpression = new AndExpression(expression, envCondition);
plainSelect.setWhere(andExpression);
}
return plainSelect.toString();
} catch (JSQLParserException e) {
logger.error("解析原SQL并構(gòu)建新SQL錯誤:" + e);
return sql;
}
}以上就是“怎么用Springboot+mybatis-plus+注解實現(xiàn)數(shù)據(jù)權(quán)限隔離”這篇文章的所有內(nèi)容,感謝各位的閱讀�����!相信大家閱讀完這篇文章都有很大的收獲����,小編每天都會為大家更新不同的知識,如果還想學(xué)習(xí)更多的知識��,請關(guān)注創(chuàng)新互聯(lián)行業(yè)資訊頻道����。
網(wǎng)站欄目:怎么用Springboot+mybatis-plus+注解實現(xiàn)數(shù)據(jù)權(quán)限隔離
URL分享:
http://weahome.cn/article/pseosi.html
重慶分公司
重慶分公司
