新增数据权限过滤注解

sql/ry_20180903.sql

@@ -374,8 +374,8 @@ insert into sys_role_dept values ('2', '105');
 drop table if exists sys_user_post;
 create table sys_user_post
 (
-	user_id varchar(64) not null comment '用户ID',
-	post_id varchar(64) not null comment '岗位ID',
+	user_id int(11) not null comment '用户ID',
+	post_id int(11) not null comment '岗位ID',
 	primary key (user_id, post_id)
 ) engine=innodb default charset=utf8 comment = '用户与岗位关联表';
 
@@ -450,8 +450,8 @@ create table sys_dict_data
 	dict_label       varchar(100)    default ''                 comment '字典标签',
 	dict_value       varchar(100)    default ''                 comment '字典键值',
 	dict_type        varchar(100)    default ''                 comment '字典类型',
-	css_class        varchar(500)    default ''                 comment '样式属性（其他样式扩展）',
-	list_class       varchar(500)    default ''                 comment '表格回显样式',
+	css_class        varchar(100)    default ''                 comment '样式属性（其他样式扩展）',
+	list_class       varchar(100)    default ''                 comment '表格回显样式',
 	is_default       char(1)         default 'N'                comment '是否默认（Y是 N否）',
     status 			 char(1) 		 default '0'			    comment '状态（0正常 1停用）',
     create_by        varchar(64)     default ''                 comment '创建者',

src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java

@@ -0,0 +1,122 @@
+package com.ruoyi.framework.aspectj;
+
+import java.lang.reflect.Method;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.Signature;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.stereotype.Component;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.security.ShiroUtils;
+import com.ruoyi.framework.aspectj.lang.annotation.DataScope;
+import com.ruoyi.framework.web.domain.BaseEntity;
+import com.ruoyi.project.system.role.domain.Role;
+import com.ruoyi.project.system.user.domain.User;
+
+/**
+ * 数据过滤处理
+ * 
+ * @author ruoyi
+ */
+@Aspect
+@Component
+public class DataScopeAspect
+{
+    /**
+     * 全部数据权限
+     */
+    public static final String DATA_SCOPE_ALL = "1";
+
+    /**
+     * 自定数据权限
+     */
+    public static final String DATA_SCOPE_CUSTOM = "2";
+
+    /**
+     * 数据权限过滤关键字
+     */
+    public static final String DATA_SCOPE = "dataScope";
+
+    // 配置织入点
+    @Pointcut("@annotation(com.ruoyi.framework.aspectj.lang.annotation.DataScope)")
+    public void dataScopePointCut()
+    {
+    }
+
+    @Before("dataScopePointCut()")
+    public void doBefore(JoinPoint point) throws Throwable
+    {
+        handleDataScope(point);
+    }
+
+    protected void handleDataScope(final JoinPoint joinPoint)
+    {
+        // 获得注解
+        DataScope controllerDataScope = getAnnotationLog(joinPoint);
+        if (controllerDataScope == null)
+        {
+            return;
+        }
+        // 获取当前的用户
+        User currentUser = ShiroUtils.getUser();
+        if (currentUser != null)
+        {
+            // 如果是超级管理员，则不过滤数据
+            if (!currentUser.isAdmin())
+            {
+                dataScopeFilter(joinPoint, currentUser, controllerDataScope.tableAlias());
+            }
+        }
+    }
+
+    /**
+     * 数据范围过滤
+     * 
+     * @param da 部门表别名
+     * @return 标准连接条件对象
+     */
+    public static void dataScopeFilter(JoinPoint joinPoint, User user, String alias)
+    {
+        StringBuilder sqlString = new StringBuilder();
+
+        for (Role role : user.getRoles())
+        {
+            String dataScope = role.getDataScope();
+            if (DATA_SCOPE_ALL.equals(dataScope))
+            {
+                sqlString = new StringBuilder();
+                break;
+            }
+            else if (DATA_SCOPE_CUSTOM.equals(dataScope))
+            {
+                sqlString.append(StringUtils.format(
+                        " OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", alias,
+                        role.getRoleId()));
+            }
+        }
+
+        if (StringUtils.isNotBlank(sqlString.toString()))
+        {
+            BaseEntity baseEntity = (BaseEntity) joinPoint.getArgs()[0];
+            baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
+        }
+    }
+
+    /**
+     * 是否存在注解，如果存在就获取
+     */
+    private DataScope getAnnotationLog(JoinPoint joinPoint)
+    {
+        Signature signature = joinPoint.getSignature();
+        MethodSignature methodSignature = (MethodSignature) signature;
+        Method method = methodSignature.getMethod();
+
+        if (method != null)
+        {
+            return method.getAnnotation(DataScope.class);
+        }
+        return null;
+    }
+}

src/main/java/com/ruoyi/framework/aspectj/DataSourceAspect.java

@@ -11,7 +11,7 @@ import org.slf4j.LoggerFactory;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.framework.aspectj.lang.annotation.Ds;
+import com.ruoyi.framework.aspectj.lang.annotation.DataSource;
 import com.ruoyi.framework.datasource.DynamicDataSourceContextHolder;
 
 /**
@@ -22,11 +22,11 @@ import com.ruoyi.framework.datasource.DynamicDataSourceContextHolder;
 @Aspect
 @Order(1)
 @Component
-public class DsAspect
+public class DataSourceAspect
 {
     protected Logger logger = LoggerFactory.getLogger(getClass());
 
-    @Pointcut("@annotation(com.ruoyi.framework.aspectj.lang.annotation.Ds)")
+    @Pointcut("@annotation(com.ruoyi.framework.aspectj.lang.annotation.DataSource)")
     public void dsPointCut()
     {
 
@@ -39,7 +39,7 @@ public class DsAspect
 
         Method method = signature.getMethod();
 
-        Ds dataSource = method.getAnnotation(Ds.class);
+        DataSource dataSource = method.getAnnotation(DataSource.class);
 
         if (StringUtils.isNotNull(dataSource))
         {

src/main/java/com/ruoyi/framework/aspectj/lang/annotation/DataScope.java

@@ -0,0 +1,21 @@
+package com.ruoyi.framework.aspectj.lang.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 数据权限过滤注解
+ * 
+ * @author ruoyi
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface DataScope
+{
+    /** 表的别名 */
+    String tableAlias() default "";
+}

src/main/java/com/ruoyi/framework/aspectj/lang/annotation/DataSource.java

@@ -14,7 +14,7 @@ import com.ruoyi.framework.aspectj.lang.enums.DataSourceType;
  */
 @Target(ElementType.METHOD)
 @Retention(RetentionPolicy.RUNTIME)
-public @interface Ds
+public @interface DataSource
 {
     /**
      * 切换数据源名称

src/main/java/com/ruoyi/framework/config/ResourcesConfig.java

@@ -32,7 +32,7 @@ public class ResourcesConfig implements WebMvcConfigurer
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry)
     {
-        /** 头像上传路径 */
+        /** 文件上传路径 */
         registry.addResourceHandler("/profile/**").addResourceLocations("file:" + RuoYiConfig.getProfile());
 
         /** swagger配置 */

src/main/java/com/ruoyi/framework/datascope/DataScopeUtils.java

@@ -1,72 +0,0 @@
-package com.ruoyi.framework.datascope;
-
-import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.common.utils.security.ShiroUtils;
-import com.ruoyi.project.system.role.domain.Role;
-import com.ruoyi.project.system.user.domain.User;
-
-/**
- * 数据范围处理
- * 
- * @author ruoyi
- */
-public class DataScopeUtils
-{
-    /**
-     * 全部数据权限
-     */
-    public static final String DATA_SCOPE_ALL = "1";
-
-    /**
-     * 自定数据权限
-     */
-    public static final String DATA_SCOPE_CUSTOM = "2";
-
-    /**
-     * 数据范围过滤
-     * 
-     * @return 标准连接条件对象
-     */
-    public static String dataScopeFilter()
-    {
-        return dataScopeFilter("u");
-    }
-
-    /**
-     * 数据范围过滤
-     * 
-     * @param da 部门表别名
-     * @return 标准连接条件对象
-     */
-    public static String dataScopeFilter(String da)
-    {
-        User user = ShiroUtils.getUser();
-        // 如果是超级管理员，则不过滤数据
-        if (user.isAdmin())
-        {
-            return StringUtils.EMPTY;
-        }
-
-        StringBuilder sqlString = new StringBuilder();
-
-        for (Role role : user.getRoles())
-        {
-            String dataScope = role.getDataScope();
-            if (DATA_SCOPE_ALL.equals(dataScope))
-            {
-                sqlString = new StringBuilder();
-                break;
-            }
-            else if (DATA_SCOPE_CUSTOM.equals(dataScope))
-            {
-                sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", da, role.getRoleId()));
-            }
-        }
-
-        if (StringUtils.isNotBlank(sqlString.toString()))
-        {
-            return " AND (" + sqlString.substring(4) + ")";
-        }
-        return StringUtils.EMPTY;
-    }
-}

src/main/java/com/ruoyi/project/system/dept/service/DeptServiceImpl.java

@@ -9,7 +9,7 @@ import org.springframework.stereotype.Service;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.security.ShiroUtils;
-import com.ruoyi.framework.datascope.DataScopeUtils;
+import com.ruoyi.framework.aspectj.lang.annotation.DataScope;
 import com.ruoyi.project.system.dept.domain.Dept;
 import com.ruoyi.project.system.dept.mapper.DeptMapper;
 import com.ruoyi.project.system.role.domain.Role;
@@ -31,9 +31,9 @@ public class DeptServiceImpl implements IDeptService
      * @return 部门信息集合
      */
     @Override
+    @DataScope(tableAlias = "d")
     public List<Dept> selectDeptList(Dept dept)
     {
-        dept.getParams().put("dataScope", DataScopeUtils.dataScopeFilter("d"));
         return deptMapper.selectDeptList(dept);
     }
 

src/main/java/com/ruoyi/project/system/role/service/RoleServiceImpl.java

@@ -11,7 +11,7 @@ import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.support.Convert;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.security.ShiroUtils;
-import com.ruoyi.framework.datascope.DataScopeUtils;
+import com.ruoyi.framework.aspectj.lang.annotation.DataScope;
 import com.ruoyi.project.system.role.domain.Role;
 import com.ruoyi.project.system.role.domain.RoleDept;
 import com.ruoyi.project.system.role.domain.RoleMenu;
@@ -48,9 +48,9 @@ public class RoleServiceImpl implements IRoleService
      * @return 角色数据集合信息
      */
     @Override
+    @DataScope(tableAlias = "u")
     public List<Role> selectRoleList(Role role)
     {
-        role.getParams().put("dataScope", DataScopeUtils.dataScopeFilter());
         return roleMapper.selectRoleList(role);
     }
 

src/main/java/com/ruoyi/project/system/user/service/UserServiceImpl.java

@@ -8,7 +8,7 @@ import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.support.Convert;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.security.ShiroUtils;
-import com.ruoyi.framework.datascope.DataScopeUtils;
+import com.ruoyi.framework.aspectj.lang.annotation.DataScope;
 import com.ruoyi.framework.shiro.service.PasswordService;
 import com.ruoyi.project.system.post.domain.Post;
 import com.ruoyi.project.system.post.mapper.PostMapper;
@@ -55,10 +55,10 @@ public class UserServiceImpl implements IUserService
      * @return 用户信息集合信息
      */
     @Override
+    @DataScope(tableAlias = "u")
     public List<User> selectUserList(User user)
     {
         // 生成数据权限过滤条件
-        user.getParams().put("dataScope", DataScopeUtils.dataScopeFilter());
         return userMapper.selectUserList(user);
     }