增加对数据范围的支持

06a3be80 · naan1993 · 2a3046a5 · 06a3be80 · 06a3be80 · 06a3be80
Commit 06a3be80 authored Jul 25, 2017 by naan1993
8 changed files
--- a/src/main/java/com/stylefeng/guns/common/constant/factory/ConstantFactory.java
+++ b/src/main/java/com/stylefeng/guns/common/constant/factory/ConstantFactory.java
@@ -14,6 +14,7 @@ import com.stylefeng.guns.core.util.ToolUtil;
 import org.springframework.context.annotation.DependsOn;
 import org.springframework.stereotype.Component;
+import java.util.ArrayList;
 import java.util.List;
 /**
@@ -286,4 +287,40 @@ public class ConstantFactory implements IConstantFactory {
        return LogObjectHolder.me().get().toString();
    }
+    /**
+     * 获取子部门id
+     */
+    @Override
+    public List<Integer> getSubDeptId(Integer deptid) {
+        Wrapper<Dept> wrapper = new EntityWrapper<>();
+        wrapper = wrapper.like("pids", "%[" + deptid + "]%");
+        List<Dept> depts = this.deptMapper.selectList(wrapper);
+        ArrayList<Integer> deptids = new ArrayList<>();
+        if(depts != null || depts.size() > 0){
+            for (Dept dept : depts) {
+                deptids.add(dept.getId());
+            }
+        }
+        return deptids;
+    }
+    /**
+     * 获取所有父部门id
+     */
+    @Override
+    public List<Integer> getParentDeptIds(Integer deptid) {
+        Dept dept = deptMapper.selectById(deptid);
+        String pids = dept.getPids();
+        String[] split = pids.split(",");
+        ArrayList<Integer> parentDeptIds = new ArrayList<>();
+        for (String s : split) {
+            parentDeptIds.add(Integer.valueOf(StrKit.removeSuffix(StrKit.removePrefix(s, "["), "]")));
+        }
+        return parentDeptIds;
+    }
 }
--- a/src/main/java/com/stylefeng/guns/common/constant/factory/IConstantFactory.java
+++ b/src/main/java/com/stylefeng/guns/common/constant/factory/IConstantFactory.java
@@ -110,4 +110,14 @@ public interface IConstantFactory {
     */
    String getCacheObject(String para);
+    /**
+     * 获取子部门id
+     */
+    List<Integer> getSubDeptId(Integer deptid);
+    /**
+     * 获取所有父部门id
+     */
+    List<Integer> getParentDeptIds(Integer deptid);
 }
--- a/src/main/java/com/stylefeng/guns/config/MybatisPlusConfig.java
+++ b/src/main/java/com/stylefeng/guns/config/MybatisPlusConfig.java
@@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.plugins.PaginationInterceptor;
 import com.stylefeng.guns.common.constant.DSEnum;
 import com.stylefeng.guns.config.properties.DruidProperties;
 import com.stylefeng.guns.config.properties.MutiDataSourceProperties;
+import com.stylefeng.guns.core.datascope.DataScopeInterceptor;
 import com.stylefeng.guns.core.mutidatesource.DynamicDataSource;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -95,4 +96,12 @@ public class MybatisPlusConfig {
    public PaginationInterceptor paginationInterceptor() {
        return new PaginationInterceptor();
    }
+    /**
+     * 数据范围mybatis插件
+     */
+    @Bean
+    public DataScopeInterceptor dataScopeInterceptor() {
+        return new DataScopeInterceptor();
+    }
 }
--- a/src/main/java/com/stylefeng/guns/core/datascope/DataScope.java
+++ b/src/main/java/com/stylefeng/guns/core/datascope/DataScope.java
+package com.stylefeng.guns.core.datascope;
+import java.util.List;
+/**
+ * 数据范围
+ *
+ * @author fengshuonan
+ * @date 2017-07-23 22:19
+ */
+public class DataScope {
+    /**
+     * 限制范围的字段名称
+     */
+    private String scopeName = "deptid";
+    /**
+     * 限制范围的
+     */
+    private List<Integer> deptIds;
+    public DataScope() {
+    }
+    public DataScope(List<Integer> deptIds) {
+        this.deptIds = deptIds;
+    }
+    public DataScope(String scopeName, List<Integer> deptIds) {
+        this.scopeName = scopeName;
+        this.deptIds = deptIds;
+    }
+    public List<Integer> getDeptIds() {
+        return deptIds;
+    }
+    public void setDeptIds(List<Integer> deptIds) {
+        this.deptIds = deptIds;
+    }
+    public String getScopeName() {
+        return scopeName;
+    }
+    public void setScopeName(String scopeName) {
+        this.scopeName = scopeName;
+    }
+}
--- a/src/main/java/com/stylefeng/guns/core/datascope/DataScopeInterceptor.java
+++ b/src/main/java/com/stylefeng/guns/core/datascope/DataScopeInterceptor.java
+package com.stylefeng.guns.core.datascope;
+import com.baomidou.mybatisplus.toolkit.PluginUtils;
+import com.stylefeng.guns.core.support.CollectionKit;
+import org.apache.ibatis.executor.statement.StatementHandler;
+import org.apache.ibatis.mapping.BoundSql;
+import org.apache.ibatis.mapping.MappedStatement;
+import org.apache.ibatis.mapping.SqlCommandType;
+import org.apache.ibatis.plugin.*;
+import org.apache.ibatis.reflection.MetaObject;
+import org.apache.ibatis.reflection.SystemMetaObject;
+import java.sql.Connection;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+/**
+ * 数据范围的拦截器
+ *
+ * @author fengshuonan
+ * @date 2017-07-23 21:26
+ */
+@Intercepts({@Signature(type = StatementHandler.class, method = "prepare", args = {Connection.class, Integer.class})})
+public class DataScopeInterceptor implements Interceptor {
+    @Override
+    public Object intercept(Invocation invocation) throws Throwable {
+        StatementHandler statementHandler = (StatementHandler) PluginUtils.realTarget(invocation.getTarget());
+        MetaObject metaStatementHandler = SystemMetaObject.forObject(statementHandler);
+        MappedStatement mappedStatement = (MappedStatement) metaStatementHandler.getValue("delegate.mappedStatement");
+        if (!SqlCommandType.SELECT.equals(mappedStatement.getSqlCommandType())) {
+            return invocation.proceed();
+        }
+        BoundSql boundSql = (BoundSql) metaStatementHandler.getValue("delegate.boundSql");
+        String originalSql = boundSql.getSql();
+        Object parameterObject = boundSql.getParameterObject();
+        //查找参数中包含DataScope类型的参数
+        DataScope dataScope = findDataScopeObject(parameterObject);
+        if (dataScope == null) {
+            return invocation.proceed();
+        } else {
+            String scopeName = dataScope.getScopeName();
+            List<Integer> deptIds = dataScope.getDeptIds();
+            String join = CollectionKit.join(deptIds, ",");
+            originalSql = "select * from (" + originalSql + ") temp_data_scope where temp_data_scope." + scopeName + " in (" + join + ")";
+            metaStatementHandler.setValue("delegate.boundSql.sql", originalSql);
+            return invocation.proceed();
+        }
+    }
+    /**
+     * 查找对象是否包括DataScope类
+     */
+    public DataScope findDataScopeObject(Object parameterObj) {
+        if (parameterObj instanceof DataScope) {
+            return (DataScope) parameterObj;
+        } else if (parameterObj instanceof Map) {
+            for (Object val : ((Map<?, ?>) parameterObj).values()) {
+                if (val instanceof DataScope) {
+                    return (DataScope) val;
+                }
+            }
+        }
+        return null;
+    }
+    @Override
+    public Object plugin(Object target) {
+        return Plugin.wrap(target, this);
+    }
+    @Override
+    public void setProperties(Properties properties) {
+    }
+}
--- a/src/main/java/com/stylefeng/guns/core/shiro/ShiroKit.java
+++ b/src/main/java/com/stylefeng/guns/core/shiro/ShiroKit.java
@@ -15,6 +15,8 @@
 */
 package com.stylefeng.guns.core.shiro;
+import com.stylefeng.guns.common.constant.Const;
+import com.stylefeng.guns.common.constant.factory.ConstantFactory;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.crypto.hash.Md5Hash;
 import org.apache.shiro.crypto.hash.SimpleHash;
@@ -22,6 +24,7 @@ import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.util.ByteSource;
+import java.util.List;
 import java.util.Random;
 /**
@@ -267,4 +270,28 @@ public class ShiroKit {
        return "";
    }
+    /**
+     * 获取当前用户的部门数据范围的集合
+     */
+    public static List<Integer> getDeptDataScope() {
+        Integer deptId = getUser().getDeptId();
+        List<Integer> subDeptIds = ConstantFactory.me().getSubDeptId(deptId);
+        subDeptIds.add(deptId);
+        return subDeptIds;
+    }
+    /**
+     * 判断当前用户是否是超级管理员
+     */
+    public static boolean isAdmin() {
+        List<Integer> roleList = ShiroKit.getUser().getRoleList();
+        for (Integer integer : roleList) {
+            String singleRoleTip = ConstantFactory.me().getSingleRoleTip(integer);
+            if (singleRoleTip.equals(Const.ADMIN_NAME)) {
+                return true;
+            }
+        }
+        return false;
+    }
 }
--- a/src/main/java/com/stylefeng/guns/modular/system/controller/UserMgrController.java
+++ b/src/main/java/com/stylefeng/guns/modular/system/controller/UserMgrController.java
@@ -13,6 +13,7 @@ import com.stylefeng.guns.common.exception.BussinessException;
 import com.stylefeng.guns.common.persistence.dao.UserMapper;
 import com.stylefeng.guns.common.persistence.model.User;
 import com.stylefeng.guns.config.properties.GunsProperties;
+import com.stylefeng.guns.core.datascope.DataScope;
 import com.stylefeng.guns.core.db.Db;
 import com.stylefeng.guns.core.log.LogObjectHolder;
 import com.stylefeng.guns.core.shiro.ShiroKit;
@@ -98,6 +99,7 @@ public class UserMgrController extends BaseController {
        if (ToolUtil.isEmpty(userId)) {
            throw new BussinessException(BizExceptionEnum.REQUEST_NULL);
        }
+        assertAuth(userId);
        User user = this.userMapper.selectById(userId);
        model.addAttribute(user);
        model.addAttribute("roleName", ConstantFactory.me().getRoleName(user.getRoleid()));
@@ -160,7 +162,8 @@ public class UserMgrController extends BaseController {
    @Permission
    @ResponseBody
    public Object list(@RequestParam(required = false) String name, @RequestParam(required = false) String beginTime, @RequestParam(required = false) String endTime, @RequestParam(required = false) Integer deptid) {
-        List<Map<String, Object>> users = managerDao.selectUsers(name, beginTime, endTime, deptid);
+        DataScope dataScope = new DataScope(ShiroKit.getDeptDataScope());
+        List<Map<String, Object>> users = managerDao.selectUsers(dataScope, name, beginTime, endTime, deptid);
        return new UserWarpper(users).warp();
    }
@@ -208,6 +211,7 @@ public class UserMgrController extends BaseController {
            this.userMapper.updateById(UserFactory.createUser(user));
            return SUCCESS_TIP;
        } else {
+            assertAuth(user.getId());
            ShiroUser shiroUser = ShiroKit.getUser();
            if (shiroUser.getId().equals(user.getId())) {
                this.userMapper.updateById(UserFactory.createUser(user));
@@ -223,7 +227,7 @@ public class UserMgrController extends BaseController {
     */
    @RequestMapping("/delete")
    @BussinessLog(value = "删除管理员", key = "userId", dict = Dict.UserDict)
-    @Permission(Const.ADMIN_NAME)
+    @Permission
    @ResponseBody
    public Tip delete(@RequestParam Integer userId) {
        if (ToolUtil.isEmpty(userId)) {
@@ -233,6 +237,7 @@ public class UserMgrController extends BaseController {
        if (userId.equals(Const.ADMIN_ID)) {
            throw new BussinessException(BizExceptionEnum.CANT_DELETE_ADMIN);
        }
+        assertAuth(userId);
        this.managerDao.setStatus(userId, ManagerStatus.DELETED.getCode());
        return SUCCESS_TIP;
    }
@@ -246,6 +251,7 @@ public class UserMgrController extends BaseController {
        if (ToolUtil.isEmpty(userId)) {
            throw new BussinessException(BizExceptionEnum.REQUEST_NULL);
        }
+        assertAuth(userId);
        return this.userMapper.selectById(userId);
    }
@@ -260,6 +266,7 @@ public class UserMgrController extends BaseController {
        if (ToolUtil.isEmpty(userId)) {
            throw new BussinessException(BizExceptionEnum.REQUEST_NULL);
        }
+        assertAuth(userId);
        User user = this.userMapper.selectById(userId);
        user.setSalt(ShiroKit.getRandomSalt(5));
        user.setPassword(ShiroKit.md5(Const.DEFAULT_PWD, user.getSalt()));
@@ -282,6 +289,7 @@ public class UserMgrController extends BaseController {
        if (userId.equals(Const.ADMIN_ID)) {
            throw new BussinessException(BizExceptionEnum.CANT_FREEZE_ADMIN);
        }
+        assertAuth(userId);
        this.managerDao.setStatus(userId, ManagerStatus.FREEZED.getCode());
        return SUCCESS_TIP;
    }
@@ -297,6 +305,7 @@ public class UserMgrController extends BaseController {
        if (ToolUtil.isEmpty(userId)) {
            throw new BussinessException(BizExceptionEnum.REQUEST_NULL);
        }
+        assertAuth(userId);
        this.managerDao.setStatus(userId, ManagerStatus.OK.getCode());
        return SUCCESS_TIP;
    }
@@ -316,6 +325,7 @@ public class UserMgrController extends BaseController {
        if (userId.equals(Const.ADMIN_ID)) {
            throw new BussinessException(BizExceptionEnum.CANT_CHANGE_ADMIN);
        }
+        assertAuth(userId);
        this.managerDao.setRoles(userId, roleIds);
        return SUCCESS_TIP;
    }
@@ -335,4 +345,19 @@ public class UserMgrController extends BaseController {
        }
        return pictureName;
    }
+    /**
+     * 判断当前登录的用户是否有操作这个用户的权限
+     */
+    private void assertAuth(Integer userId) {
+        List<Integer> deptDataScope = ShiroKit.getDeptDataScope();
+        User user = this.userMapper.selectById(userId);
+        Integer deptid = user.getDeptid();
+        if (deptDataScope.contains(deptid)) {
+            return;
+        } else {
+            throw new BussinessException(BizExceptionEnum.NO_PERMITION);
+        }
+    }
 }
--- a/src/main/java/com/stylefeng/guns/modular/system/dao/UserMgrDao.java
+++ b/src/main/java/com/stylefeng/guns/modular/system/dao/UserMgrDao.java
 package com.stylefeng.guns.modular.system.dao;
-import java.util.List;
+import com.stylefeng.guns.common.persistence.model.User;
-import java.util.Map;
+import com.stylefeng.guns.core.datascope.DataScope;
 import org.apache.ibatis.annotations.Param;
-import com.stylefeng.guns.common.persistence.model.User;
+import java.util.List;
+import java.util.Map;
 /**
 * 管理员的dao
@@ -38,7 +38,7 @@ public interface UserMgrDao {
     * @return
     * @date 2017年2月12日 下午9:14:34
     */
-    List<Map<String, Object>> selectUsers(@Param("name") String name, @Param("beginTime") String beginTime, @Param("endTime") String endTime, @Param("deptid") Integer deptid);
+    List<Map<String, Object>> selectUsers(@Param("dataScope") DataScope dataScope, @Param("name") String name, @Param("beginTime") String beginTime, @Param("endTime") String endTime, @Param("deptid") Integer deptid);
    /**
     * 设置用户的角色