1.修改DataFilter，弃用DataScope传参方式，改用ThreadLocal方式

5 years ago · 32106034a3
8 changed files with 145 additions and 23 deletions
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
@ -50,6 +50,8 @@ public class DataFilterAspect {
     */
    private static final ThreadLocal<Boolean> hasConditions = new ThreadLocal();

+    public static final ThreadLocal<String> sqlFilter = new ThreadLocal();
+
    @Autowired
    private LoginUserUtil loginUserUtil;

@ -63,6 +65,10 @@ public class DataFilterAspect {

    @Before("@annotation(com.epmet.commons.mybatis.annotation.DataFilter)")
    public void dataFilter(JoinPoint point) {
+
+        //清空
+        sqlFilter.set(null);
+
        // 通过反射，取到注解属性
        DataFilter dataFilterAnno = ((MethodSignature) point.getSignature()).getMethod().getAnnotation(DataFilter.class);
        String tableAlias = dataFilterAnno.tableAlias();
@ -71,7 +77,7 @@ public class DataFilterAspect {
        String requirePermission = AccessOpeAspect.requirePermissionTl.get();
        // 没有配置所需权限，不做操作，打印提示日志
        if (StringUtils.isBlank(requirePermission)) {
-            log.warn("Api编码需要指定所需权限，请在Api上使用@RequirePermission注解完成所需权限配置");
+            log.warn("接口缺少所需权限配置，请在Controller方法上使用@RequirePermission注解完成所需权限配置");
            return;
        }

@ -107,13 +113,18 @@ public class DataFilterAspect {
        String sqlFilterSegment = getSqlFilterSegment(userId, permCacheResultDTO.getRoleIdList(), requirePermission,
                permCacheResultDTO.getOrgIdPath(), permCacheResultDTO.getGridId(), tableAlias, permCacheResultDTO.getDeptIdList());

-        // 填充到Service方法列表中的DataScope对象中
-        Object[] methodArgs = point.getArgs();
-        for (Object methodArg : methodArgs) {
-            if (methodArg instanceof DataScope) {
-                ((DataScope) methodArg).setSqlFilter(sqlFilterSegment);
-                return;
-            }
+        // 方式1.填充到Service方法列表中的DataScope对象中。如果dao入参是用DTO的话，那么再加一个DataScope入参，sql中会报错提示#{}参数找不到，因此改用方法2
+        //Object[] methodArgs = point.getArgs();
+        //for (Object methodArg : methodArgs) {
+        //    if (methodArg instanceof DataScope) {
+        //        ((DataScope) methodArg).setSqlFilter(sqlFilterSegment);
+        //        return;
+        //    }
+        //}
+
+        // 方式2，采用ThreadLocal传参到DataFilterInterceptor中
+        if (StringUtils.isNotBlank(sqlFilterSegment)) {
+            sqlFilter.set(sqlFilterSegment);
        }
    }

--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java
@ -11,6 +11,7 @@ package com.epmet.commons.mybatis.interceptor;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
 import com.baomidou.mybatisplus.extension.handlers.AbstractSqlParserHandler;
+import com.epmet.commons.mybatis.aspect.DataFilterAspect;
 import com.epmet.commons.mybatis.entity.DataScope;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.ibatis.executor.statement.StatementHandler;
@ -53,8 +54,8 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I
        String originalSql = boundSql.getSql();
        Object paramObj = boundSql.getParameterObject();

-        // 判断参数里是否有DataScope对象
-        DataScope scope = null;
+        // 方式1.判断参数里是否有DataScope对象
+        /*DataScope scope = null;
        if (paramObj instanceof DataScope) {
            // 直接传入DataScope，不分页？
            scope = (DataScope) paramObj;
@ -75,25 +76,34 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I
        if (scope == null) {
            return invocation.proceed();
        }
-
-        // 拼接新SQL
-        String orderBy = "ORDER BY";
-        String groupBy = "GROUP BY";
        String sqlFilter = scope.getSqlFilter();
+         */
+
+        // 方式2.从ThreadLocal中取sqlFilter
+        String sqlFilter = DataFilterAspect.sqlFilter.get();
+
        if (StringUtils.isBlank(sqlFilter)) {
            return invocation.proceed();
        }
+
+        // 没有where就拼接where，有了where就拼接AND
        if (originalSql.indexOf("WHERE") == 0) {
            // 不包含where，需要手动拼接上
            sqlFilter = " WHERE ".concat(sqlFilter);
+        } else {
+            sqlFilter = " AND (".concat(sqlFilter).concat(")");
        }

+        // 拼接新SQL
+        String orderBy = "ORDER BY";
+        String groupBy = "GROUP BY";
+
        if (originalSql.indexOf(groupBy) > -1) {
            originalSql = originalSql.replace(groupBy, sqlFilter + groupBy);
        } else if (originalSql.indexOf(orderBy) > -1) {
            originalSql = originalSql.replace(orderBy, sqlFilter + orderBy);
        } else {
-            originalSql = originalSql.concat(" AND (").concat(scope.getSqlFilter()).concat(")");
+            originalSql = originalSql.concat(sqlFilter);
        }

        // 重写SQL
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/annotation/RequirePermission.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/annotation/RequirePermission.java
@ -16,6 +16,8 @@

 package com.epmet.commons.tools.annotation;

+import com.epmet.commons.tools.enums.RequirePermissionEnum;
+
 import java.lang.annotation.*;

 /**
@ -28,9 +30,5 @@ import java.lang.annotation.*;
@Retention(RetentionPolicy.RUNTIME)
@Documented
 public @interface RequirePermission {
-
-    String key() default "";
-
-    String desc() default "";
-
+    RequirePermissionEnum requirePermission();
 }
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/AccessOpeAspect.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/AccessOpeAspect.java
@ -9,6 +9,7 @@
 package com.epmet.commons.tools.aspect;

 import com.epmet.commons.tools.annotation.RequirePermission;
+import com.epmet.commons.tools.enums.RequirePermissionEnum;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Before;
@ -35,8 +36,8 @@ public class AccessOpeAspect {
        // 取RequirePermission注解
        MethodSignature methodSignature = (MethodSignature) point.getSignature();
        RequirePermission requirePermissionAnno = methodSignature.getMethod().getAnnotation(RequirePermission.class);
-        String key = requirePermissionAnno.key();
-        String desc = requirePermissionAnno.desc();
+        RequirePermissionEnum requirePermissionEnum = requirePermissionAnno.requirePermission();
+        String key = requirePermissionEnum.getKey();

        // 放入ThreadLocal，供DataFilterAspect中使用
        requirePermissionTl.set(key);
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/config/PermissionInitializer.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/config/PermissionInitializer.java
@ -0,0 +1,30 @@
+//package com.epmet.commons.tools.config;
+//
+//import com.epmet.commons.tools.annotation.RequirePermission;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.context.ApplicationContext;
+//import org.springframework.context.annotation.Configuration;
+//
+//import javax.annotation.PostConstruct;
+//import java.util.Map;
+//
+//@Configuration
+//public class PermissionInitializer {
+//
+//    @Autowired
+//    private ApplicationContext applicationContext;
+//
+//    /**
+//     * 初始化操作权限
+//     */
+//    @PostConstruct
+//    public void initOpePermissions() {
+//        Map<String, Object> beanMap = applicationContext.getBeansWithAnnotation(RequirePermission.class);
+//        for (Map.Entry<String, Object> entry : beanMap.entrySet()) {
+//            System.out.println(entry);
+//        }
+//
+//    }
+//
+//
+//}
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/enums/RequirePermissionEnum.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/enums/RequirePermissionEnum.java
@ -0,0 +1,69 @@
+package com.epmet.commons.tools.enums;
+
+public enum RequirePermissionEnum {
+
+    WORK_GRASSROOTS_GROUP_AUDITINGLIST("work_grassroots_group_auditinglist", "基层治理-群组管理-待审核列表", "基层治理-群组管理-待审核列表"),
+    WORK_GRASSROOTS_GROUP_AUDIT("work_grassroots_group_audit", "基层治理-群组管理-审核建组", "基层治理-群组管理-审核建组"),
+    WORK_GRASSROOTS_GROUP_GROUPSINTHEGRID("work_grassroots_group_groupsinthegrid", "基层治理-群组管理-本网格小组列表", "基层治理-群组管理-本网格小组列表"),
+    WORK_GRASSROOTS_RESI_WARMHEARTED_AUDITINGLIST("work_grassroots_resi_warmhearted_auditinglist", "基层治理-居民管理-热心居民待审核列表", "基层治理-居民管理-热心居民待审核列表"),
+    WORK_GRASSROOTS_RESI_WARMHEARTED_AUDITHISTORYLIST("work_grassroots_resi_warmhearted_audithistorylist", "基层治理-居民管理-热心审核历史", "基层治理-居民管理-热心审核历史"),
+    WORK_GRASSROOTS_RESI_WARMHEARTED_AUDIT("work_grassroots_resi_warmhearted_audit", "基层治理-居民管理-热心居民审核", "基层治理-居民管理-热心居民审核"),
+    ORG_AGENCY_TRACE("org_agency_trace", "组织-查看上级机关", "组织-查看上级机关"),
+    ORG_AGENCY_UPDATE("org_agency_update", "组织-机关单位-编辑", "组织-机关单位-编辑"),
+    ORG_SUBAGENCY_LIST("org_subagency_list", "组织-下级机关-列表", "组织-下级机关-列表"),
+    ORG_SUBAGENCY_CREATE("org_subagency_create", "组织-下级机关-新增", "组织-下级机关-新增"),
+    ORG_SUBAGENCY_DELETE("org_subagency_delete", "组织-下级机关-删除", "组织-下级机关-删除"),
+    ORG_STAFF_DETAIL("org_staff_detail", "组织-工作人员-详情", "组织-工作人员-详情"),
+    ORG_STAFF_LIST("org_staff_list", "组织-工作人员-列表", "组织-工作人员-列表"),
+    ORG_STAFF_CREATE("org_staff_create", "组织-工作人员-新增", "组织-工作人员-新增"),
+    ORG_STAFF_UPDATE("org_staff_update", "组织-工作人员-编辑", "组织-工作人员-编辑"),
+    ORG_STAFF_FORBIDDEN("org_staff_forbidden", "组织-工作人员-禁用", "组织-工作人员-禁用"),
+    ORG_DEPARTMENT_LIST("org_department_list", "组织-直属部门-部门列表", "组织-直属部门-部门列表"),
+    ORG_DEPARTMENT_CREATE("org_department_create", "组织-直属部门-新增部门", "组织-直属部门-新增部门"),
+    ORG_DEPARTMENT_UPDATE("org_department_update", "组织-直属部门-编辑部门", "组织-直属部门-编辑部门"),
+    ORG_DEPARTMENT_DELETE("org_department_delete", "组织-直属部门-删除", "组织-直属部门-删除"),
+    ORG_DEPARTMENT_STAFF_ADD("org_department_staff_add", "组织-直属部门-添加人员", "组织-直属部门-添加人员"),
+    ORG_DEPARTMENT_STAFF_REMOVE("org_department_staff_remove", "组织-直属部门-移除人员", "组织-直属部门-移除人员"),
+    ORG_DEPARTMENT_STAFF_LIST("org_department_staff_list", "组织-直属部门-人员列表", "组织-直属部门-人员列表"),
+    ORG_GRID_LIST("org_grid_list", "组织-治理网格-网格列表", "组织-治理网格-网格列表"),
+    ORG_GRID_CREATE("org_grid_create", "组织-治理网格-新增网格", "组织-治理网格-新增网格"),
+    ORG_GRID_UPDATE("org_grid_update", "组织-治理网格-编辑网格", "组织-治理网格-编辑网格"),
+    ORG_GRID_DELETE("org_grid_delete", "组织-治理网格-删除", "组织-治理网格-删除"),
+    ORG_GRID_STAFF_ADD("org_grid_staff_add", "组织-治理网格-新增网格工作人员", "组织-治理网格-新增网格工作人员"),
+    ORG_GRID_STAFF_REMOVE("org_grid_staff_remove", "组织-治理网格-移除网格工作人员", "组织-治理网格-移除网格工作人员"),
+    ORG_PARTYMEMBER_SUMMARY("org_partymember_summary", "组织-党员-汇总信息", "组织-党员-汇总信息");
+
+    private String key;
+    private String name;
+    private String brief;
+
+    RequirePermissionEnum(String key, String name, String brief) {
+        this.key = key;
+        this.name = name;
+        this.brief = brief;
+    }
+
+    public String getKey() {
+        return key;
+    }
+
+    public void setKey(String key) {
+        this.key = key;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getBrief() {
+        return brief;
+    }
+
+    public void setBrief(String brief) {
+        this.brief = brief;
+    }
+}
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/StaffRoleController.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/StaffRoleController.java
@ -2,6 +2,7 @@ package com.epmet.controller;

 import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.commons.tools.annotation.RequirePermission;
+import com.epmet.commons.tools.enums.RequirePermissionEnum;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.ValidatorUtils;
 import com.epmet.dto.GovStaffRoleDTO;
@ -65,7 +66,7 @@ public class StaffRoleController {
     * @return
     */
    @PostMapping("staffsinrole")
-    //@RequirePermission(key = "org_staff_list")
+    //@RequirePermission(requirePermission = RequirePermissionEnum.ORG_STAFF_LIST)
    public Result<List<GovStaffRoleResultDTO>> getStaffsInRole(@RequestBody StaffRoleFormDTO staffRoleFormDTO) {
        ValidatorUtils.validateEntity(staffRoleFormDTO, StaffRoleFormDTO.GetStaffsInRole.class);
        String roleKey = staffRoleFormDTO.getRoleKey();
@ -82,6 +83,7 @@ public class StaffRoleController {
     * @Date 2020.04.26 13:06
     **/
    @PostMapping("getcustomerstaffroles")
+    //@RequirePermission(requirePermission = RequirePermissionEnum.ORG_STAFF_LIST)
    public Result<StaffRolesResultDTO> getCustomerStaffRoles(@RequestBody CommonUserFormDTO commonUserFormDTO){
        ValidatorUtils.validateEntity(commonUserFormDTO);
        return staffRoleService.getStaffRoles(commonUserFormDTO);
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java
@ -133,6 +133,7 @@ public class StaffRoleServiceImpl extends BaseServiceImpl<StaffRoleDao, StaffRol
     * @Date 2020.04.26 10:59
     **/
    @Override
+    //@DataFilter(tableAlias = "role")
    public Result<StaffRolesResultDTO> getStaffRoles(CommonUserFormDTO userParam) {
        return new Result<StaffRolesResultDTO>().ok(baseDao.getStaffRoles(userParam));
    }