添加数据权限访问范围实现

da359a72 · 赵啸非 · 81bee35e · da359a72
Commit da359a72 authored May 22, 2024 by 赵啸非
Hide whitespace changes
Inline Side-by-side

Showing with 70 additions and 0 deletions

base-manager/src/main/java/com/mortals/xhx/base/framework/aspect/DataPermissionAspect.java ...rtals/xhx/base/framework/aspect/DataPermissionAspect.java +70 -0

No files found.
--- a/base-manager/src/main/java/com/mortals/xhx/base/framework/aspect/DataPermissionAspect.java
+++ b/base-manager/src/main/java/com/mortals/xhx/base/framework/aspect/DataPermissionAspect.java
+package com.mortals.xhx.base.framework.aspect;
+
+import com.mortals.framework.service.IAuthTokenService;
+import com.mortals.framework.service.IUser;
+import com.mortals.xhx.annotation.DataPermission;
+import com.mortals.xhx.common.utils.RuleQueryGenerator;
+import com.mortals.xhx.module.dimension.model.DimensionResourceRuleEntity;
+import com.mortals.xhx.module.dimension.service.DimensionResourceRuleService;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.util.ObjectUtils;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.Method;
+import java.util.List;
+
+@Aspect
+@Slf4j
+@Component
+public class DataPermissionAspect {
+
+    @Autowired
+    private DimensionResourceRuleService dimensionResourceRuleService;
+    @Autowired
+    private IAuthTokenService authTokenService;
+
+    public static final String DATA_PERMISSION_SEARCH_SQL = "DATA_PERMISSION_SEARCH_SQL";
+
+    @Pointcut("@annotation(com.mortals.xhx.annotation.DataPermission)")
+    public void pointCut() {
+
+    }
+
+    @Around("pointCut()")
+    public Object around(ProceedingJoinPoint point) throws Throwable {
+        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        HttpServletRequest request = attributes.getRequest();
+        String componentRoute = request.getServletPath();
+        IUser loginUser = authTokenService.getLoginUser(request);
+        MethodSignature signature = (MethodSignature) point.getSignature();
+        Method method = signature.getMethod();
+        DataPermission permissionData = method.getAnnotation(DataPermission.class);
+        if (!ObjectUtils.isEmpty(permissionData)&&!ObjectUtils.isEmpty(componentRoute)) {
+            //获取授权方式
+            String permissionType = permissionData.permissionType();
+            //获取组件路由  通过controller 获取
+            // String componentRoute = permissionData.componentRoute();
+            // 查找当前用户此资源路径下的所有规则
+            List<DimensionResourceRuleEntity> componentRules = dimensionResourceRuleService.getRoleComponentRule(loginUser.getId(), componentRoute);
+            if (!ObjectUtils.isEmpty(componentRules)) {
+                //在request添加属性
+                //todo 构建数据权限sql 并设置到request中。
+                String permissionSql = RuleQueryGenerator.getPermissionSql(componentRules, loginUser);
+                log.info("permissionSql:{}", permissionSql);
+
+                request.setAttribute(DATA_PERMISSION_SEARCH_SQL, permissionSql);
+            }
+        }
+        return point.proceed();
+    }
+
+}