From 9a6d758fc708d70b46e625993be1a50e7ce7e7cb Mon Sep 17 00:00:00 2001 From: zhoumingfa Date: Thu, 20 Feb 2025 22:59:30 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E6=95=B0=E6=8D=AE=E8=8C=83?= =?UTF-8?q?=E5=9B=B4=E7=BB=84=E4=BB=B6=EF=BC=8C=E8=A7=A3=E5=86=B3=E4=BA=86?= =?UTF-8?q?=E4=BB=A5=E9=83=A8=E9=97=A8in=E7=9A=84=E6=83=85=E5=86=B5?= =?UTF-8?q?=E4=B8=8B=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E4=B8=BA=E6=9C=AC?= =?UTF-8?q?=E4=BA=BA=E6=97=B6=E6=9C=80=E7=BB=88=E6=9F=A5=E7=9C=8B=E7=9A=84?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E8=BF=98=E6=98=AF=E9=83=A8=E9=97=A8=E5=85=A8?= =?UTF-8?q?=E9=83=A8=E6=95=B0=E6=8D=AE=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../constant/DataScopeViewTypeEnum.java | 2 +- .../datascope/domain/DataScopeSqlConfig.java | 2 +- .../datascope/domain/DataScopeViewTypeVO.java | 2 +- .../service/DataScopeSqlConfigService.java | 25 ++++++++++++---- .../service/DataScopeViewService.java | 23 +++++++++----- .../constant/DataScopeViewTypeEnum.java | 2 +- .../datascope/domain/DataScopeSqlConfig.java | 2 +- .../datascope/domain/DataScopeViewTypeVO.java | 2 +- .../service/DataScopeSqlConfigService.java | 30 +++++++++++++------ .../service/DataScopeViewService.java | 23 +++++++++----- 10 files changed, 76 insertions(+), 37 deletions(-) diff --git a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java index c6ce9e20..2350e2c4 100644 --- a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java +++ b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java @@ -5,7 +5,7 @@ import net.lab1024.sa.base.common.enumeration.BaseEnum; /** - * 数据范围 种类 + * 数据可见范围类型 * * @Author 1024创新实验室: 罗伊 * @Date 2020/11/28 20:59:17 diff --git a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java index 65995c74..3ba5c42f 100644 --- a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java +++ b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java @@ -25,7 +25,7 @@ public class DataScopeSqlConfig { /** * join sql 具体实现类 */ - private Class joinSqlImplClazz; + private Class joinSqlImplClazz; private String joinSql; diff --git a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java index 17b55fa8..106a2fc6 100644 --- a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java +++ b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java @@ -5,7 +5,7 @@ import lombok.Builder; import lombok.Data; /** - * 数据范围 + * 数据可见范围 * * @Author 1024创新实验室: 罗伊 * @Date 2020/11/28 20:59:17 diff --git a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java index 38200442..b7063914 100644 --- a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java +++ b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java @@ -46,6 +46,11 @@ public class DataScopeSqlConfigService { private static final String DEPARTMENT_PARAM = "#departmentIds"; + /** + * 用于拼接查看本人数据范围的 SQL + */ + private static final String CREATE_USER_ID_EQUALS = "create_user_id = "; + private final ConcurrentHashMap dataScopeMethodMap = new ConcurrentHashMap<>(); @Resource @@ -94,14 +99,23 @@ public class DataScopeSqlConfigService { * 组装需要拼接的sql */ public String getJoinSql(Map paramMap, DataScopeSqlConfig sqlConfigDTO) { - DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType(); - String joinSql = sqlConfigDTO.getJoinSql(); Long employeeId = SmartRequestUtil.getRequestUserId(); if (employeeId == null) { return ""; } + + DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType(); + DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); + + // 数据权限设置为仅本人可见时 直接返回 create_user_id = employeeId + if (DataScopeViewTypeEnum.ME == viewTypeEnum) { + return CREATE_USER_ID_EQUALS + employeeId; + } + + String joinSql = sqlConfigDTO.getJoinSql(); + if (DataScopeWhereInTypeEnum.CUSTOM_STRATEGY == sqlConfigDTO.getDataScopeWhereInType()) { - Class strategyClass = sqlConfigDTO.getJoinSqlImplClazz(); + Class strategyClass = sqlConfigDTO.getJoinSqlImplClazz(); if (strategyClass == null) { log.warn("data scope custom strategy class is null"); return ""; @@ -111,11 +125,10 @@ public class DataScopeSqlConfigService { log.warn("data scope custom strategy class:{} ,bean is null", sqlConfigDTO.getJoinSqlImplClazz()); return ""; } - DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); return powerStrategy.getCondition(viewTypeEnum,paramMap, sqlConfigDTO); } if (DataScopeWhereInTypeEnum.EMPLOYEE == sqlConfigDTO.getDataScopeWhereInType()) { - List canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(dataScopeTypeEnum, employeeId); + List canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(viewTypeEnum, employeeId); if (CollectionUtils.isEmpty(canViewEmployeeIds)) { return ""; } @@ -124,7 +137,7 @@ public class DataScopeSqlConfigService { return sql; } if (DataScopeWhereInTypeEnum.DEPARTMENT == sqlConfigDTO.getDataScopeWhereInType()) { - List canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(dataScopeTypeEnum, employeeId); + List canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(viewTypeEnum, employeeId); if (CollectionUtils.isEmpty(canViewDepartmentIds)) { return ""; } diff --git a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java index b426af30..15585731 100644 --- a/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java +++ b/smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java @@ -44,10 +44,9 @@ public class DataScopeViewService { private DepartmentService departmentService; /** - * 获取某人可以查看的所有人员信息 + * 获取某人可以查看的所有人员数据 */ - public List getCanViewEmployeeId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) { - DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); + public List getCanViewEmployeeId(DataScopeViewTypeEnum viewType, Long employeeId) { if (DataScopeViewTypeEnum.ME == viewType) { return this.getMeEmployeeIdList(employeeId); } @@ -57,16 +56,17 @@ public class DataScopeViewService { if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) { return this.getDepartmentAndSubEmployeeIdList(employeeId); } + // 可以查看所有员工数据 return Lists.newArrayList(); } /** - * 获取某人可以查看的所有部门信息 + * 获取某人可以查看的所有部门数据 */ - public List getCanViewDepartmentId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) { - DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); + public List getCanViewDepartmentId(DataScopeViewTypeEnum viewType, Long employeeId) { if (DataScopeViewTypeEnum.ME == viewType) { - return this.getMeDepartmentIdList(employeeId); + // 数据可见范围类型为本人时 不可以查看任何部门数据 + return Lists.newArrayList(0L); } if (DataScopeViewTypeEnum.DEPARTMENT == viewType) { return this.getMeDepartmentIdList(employeeId); @@ -74,6 +74,7 @@ public class DataScopeViewService { if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) { return this.getDepartmentAndSubIdList(employeeId); } + // 可以查看所有部门数据 return Lists.newArrayList(); } @@ -91,10 +92,16 @@ public class DataScopeViewService { * 根据员工id 获取各数据范围最大的可见范围 map */ public DataScopeViewTypeEnum getEmployeeDataScopeViewType(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) { - if (employeeId == null) { + EmployeeEntity employeeEntity = employeeDao.selectById(employeeId); + if (employeeEntity == null || employeeEntity.getEmployeeId() == null) { return DataScopeViewTypeEnum.ME; } + // 如果是超级管理员 则可查看全部 + if (employeeEntity.getAdministratorFlag()) { + return DataScopeViewTypeEnum.ALL; + } + List roleIdList = roleEmployeeDao.selectRoleIdByEmployeeId(employeeId); //未设置角色 默认本人 if (CollectionUtils.isEmpty(roleIdList)) { diff --git a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java index c6ce9e20..2350e2c4 100644 --- a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java +++ b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java @@ -5,7 +5,7 @@ import net.lab1024.sa.base.common.enumeration.BaseEnum; /** - * 数据范围 种类 + * 数据可见范围类型 * * @Author 1024创新实验室: 罗伊 * @Date 2020/11/28 20:59:17 diff --git a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java index 65995c74..3ba5c42f 100644 --- a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java +++ b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java @@ -25,7 +25,7 @@ public class DataScopeSqlConfig { /** * join sql 具体实现类 */ - private Class joinSqlImplClazz; + private Class joinSqlImplClazz; private String joinSql; diff --git a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java index 17b55fa8..106a2fc6 100644 --- a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java +++ b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java @@ -5,7 +5,7 @@ import lombok.Builder; import lombok.Data; /** - * 数据范围 + * 数据可见范围 * * @Author 1024创新实验室: 罗伊 * @Date 2020/11/28 20:59:17 diff --git a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java index b28b5c79..0202a3c7 100644 --- a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java +++ b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java @@ -33,7 +33,7 @@ import java.util.concurrent.ConcurrentHashMap; * @Date 2020/11/28 20:59:17 * @Wechat zhuoda1024 * @Email lab1024@163.com - * @Copyright 1024创新实验室 + * @Copyright 1024创新实验室 */ @Slf4j @Service @@ -46,6 +46,11 @@ public class DataScopeSqlConfigService { private static final String DEPARTMENT_PARAM = "#departmentIds"; + /** + * 用于拼接查看本人数据范围的 SQL + */ + private static final String CREATE_USER_ID_EQUALS = "create_user_id = "; + private final ConcurrentHashMap dataScopeMethodMap = new ConcurrentHashMap<>(); @Resource @@ -84,7 +89,6 @@ public class DataScopeSqlConfigService { /** * 根据调用的方法获取,此方法的配置信息 - * */ public DataScopeSqlConfig getSqlConfig(String method) { return this.dataScopeMethodMap.get(method); @@ -94,14 +98,23 @@ public class DataScopeSqlConfigService { * 组装需要拼接的sql */ public String getJoinSql(Map paramMap, DataScopeSqlConfig sqlConfigDTO) { - DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType(); - String joinSql = sqlConfigDTO.getJoinSql(); Long employeeId = SmartRequestUtil.getRequestUserId(); if (employeeId == null) { return ""; } + + DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType(); + DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); + + // 数据权限设置为仅本人可见时 直接返回 create_user_id = employeeId + if (DataScopeViewTypeEnum.ME == viewTypeEnum) { + return CREATE_USER_ID_EQUALS + employeeId; + } + + String joinSql = sqlConfigDTO.getJoinSql(); + if (DataScopeWhereInTypeEnum.CUSTOM_STRATEGY == sqlConfigDTO.getDataScopeWhereInType()) { - Class strategyClass = sqlConfigDTO.getJoinSqlImplClazz(); + Class strategyClass = sqlConfigDTO.getJoinSqlImplClazz(); if (strategyClass == null) { log.warn("data scope custom strategy class is null"); return ""; @@ -111,11 +124,10 @@ public class DataScopeSqlConfigService { log.warn("data scope custom strategy class:{} ,bean is null", sqlConfigDTO.getJoinSqlImplClazz()); return ""; } - DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); - return powerStrategy.getCondition(viewTypeEnum,paramMap, sqlConfigDTO); + return powerStrategy.getCondition(viewTypeEnum, paramMap, sqlConfigDTO); } if (DataScopeWhereInTypeEnum.EMPLOYEE == sqlConfigDTO.getDataScopeWhereInType()) { - List canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(dataScopeTypeEnum, employeeId); + List canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(viewTypeEnum, employeeId); if (CollectionUtils.isEmpty(canViewEmployeeIds)) { return ""; } @@ -124,7 +136,7 @@ public class DataScopeSqlConfigService { return sql; } if (DataScopeWhereInTypeEnum.DEPARTMENT == sqlConfigDTO.getDataScopeWhereInType()) { - List canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(dataScopeTypeEnum, employeeId); + List canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(viewTypeEnum, employeeId); if (CollectionUtils.isEmpty(canViewDepartmentIds)) { return ""; } diff --git a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java index f478c608..818c2449 100644 --- a/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java +++ b/smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java @@ -44,10 +44,9 @@ public class DataScopeViewService { private DepartmentService departmentService; /** - * 获取某人可以查看的所有人员信息 + * 获取某人可以查看的所有人员数据 */ - public List getCanViewEmployeeId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) { - DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); + public List getCanViewEmployeeId(DataScopeViewTypeEnum viewType, Long employeeId) { if (DataScopeViewTypeEnum.ME == viewType) { return this.getMeEmployeeIdList(employeeId); } @@ -57,16 +56,17 @@ public class DataScopeViewService { if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) { return this.getDepartmentAndSubEmployeeIdList(employeeId); } + // 可以查看所有员工数据 return Lists.newArrayList(); } /** - * 获取某人可以查看的所有部门信息 + * 获取某人可以查看的所有部门数据 */ - public List getCanViewDepartmentId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) { - DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId); + public List getCanViewDepartmentId(DataScopeViewTypeEnum viewType, Long employeeId) { if (DataScopeViewTypeEnum.ME == viewType) { - return this.getMeDepartmentIdList(employeeId); + // 数据可见范围类型为本人时 不可以查看任何部门数据 + return Lists.newArrayList(0L); } if (DataScopeViewTypeEnum.DEPARTMENT == viewType) { return this.getMeDepartmentIdList(employeeId); @@ -74,6 +74,7 @@ public class DataScopeViewService { if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) { return this.getDepartmentAndSubIdList(employeeId); } + // 可以查看所有部门数据 return Lists.newArrayList(); } @@ -91,10 +92,16 @@ public class DataScopeViewService { * 根据员工id 获取各数据范围最大的可见范围 map */ public DataScopeViewTypeEnum getEmployeeDataScopeViewType(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) { - if (employeeId == null) { + EmployeeEntity employeeEntity = employeeDao.selectById(employeeId); + if (employeeEntity == null || employeeEntity.getEmployeeId() == null) { return DataScopeViewTypeEnum.ME; } + // 如果是超级管理员 则可查看全部 + if (employeeEntity.getAdministratorFlag()) { + return DataScopeViewTypeEnum.ALL; + } + List roleIdList = roleEmployeeDao.selectRoleIdByEmployeeId(employeeId); //未设置角色 默认本人 if (CollectionUtils.isEmpty(roleIdList)) {