xinyin025/smart-admin
1
0
Fork 0
mirror of https://gitee.com/lab1024/smart-admin.git synced 2025-11-04 18:33:43 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

优化数据范围组件,解决了以部门in的情况下数据权限为本人时最终查看的数据还是部门全部数据的问题

Browse Source
This commit is contained in:
zhoumingfa
2025-02-20 22:59:30 +08:00
parent ac0f1ae2b9
commit 9a6d758fc7
10 changed files with 76 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java
View File

@@ -5,7 +5,7 @@ import net.lab1024.sa.base.common.enumeration.BaseEnum;
/**
* 数据范围 种类
* 数据可见范围类型
*
* @Author 1024创新实验室: 罗伊
* @Date 2020/11/28 20:59:17

2
smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java
View File

@@ -25,7 +25,7 @@ public class DataScopeSqlConfig {
/**
* join sql 具体实现类
*/
private Class joinSqlImplClazz;
private Class<?> joinSqlImplClazz;
private String joinSql;

2
smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java
View File

@@ -5,7 +5,7 @@ import lombok.Builder;
import lombok.Data;
/**
* 数据范围
* 数据可见范围
*
* @Author 1024创新实验室: 罗伊
* @Date 2020/11/28 20:59:17

25
smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java
View File

@@ -46,6 +46,11 @@ public class DataScopeSqlConfigService {
private static final String DEPARTMENT_PARAM = "#departmentIds";
/**
* 用于拼接查看本人数据范围的 SQL
*/
private static final String CREATE_USER_ID_EQUALS = "create_user_id = ";
private final ConcurrentHashMap<String, DataScopeSqlConfig> dataScopeMethodMap = new ConcurrentHashMap<>();
@Resource
@@ -94,14 +99,23 @@ public class DataScopeSqlConfigService {
* 组装需要拼接的sql
*/
public String getJoinSql(Map<String, Object> paramMap, DataScopeSqlConfig sqlConfigDTO) {
DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType();
String joinSql = sqlConfigDTO.getJoinSql();
Long employeeId = SmartRequestUtil.getRequestUserId();
if (employeeId == null) {
return "";
}
DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType();
DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
// 数据权限设置为仅本人可见时 直接返回 create_user_id = employeeId
if (DataScopeViewTypeEnum.ME == viewTypeEnum) {
return CREATE_USER_ID_EQUALS + employeeId;
}
String joinSql = sqlConfigDTO.getJoinSql();
if (DataScopeWhereInTypeEnum.CUSTOM_STRATEGY == sqlConfigDTO.getDataScopeWhereInType()) {
Class strategyClass = sqlConfigDTO.getJoinSqlImplClazz();
Class<?> strategyClass = sqlConfigDTO.getJoinSqlImplClazz();
if (strategyClass == null) {
log.warn("data scope custom strategy class is null");
return "";
@@ -111,11 +125,10 @@ public class DataScopeSqlConfigService {
log.warn("data scope custom strategy class{} ,bean is null", sqlConfigDTO.getJoinSqlImplClazz());
return "";
}
DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
return powerStrategy.getCondition(viewTypeEnum,paramMap, sqlConfigDTO);
}
if (DataScopeWhereInTypeEnum.EMPLOYEE == sqlConfigDTO.getDataScopeWhereInType()) {
List<Long> canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(dataScopeTypeEnum, employeeId);
List<Long> canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(viewTypeEnum, employeeId);
if (CollectionUtils.isEmpty(canViewEmployeeIds)) {
return "";
}
@@ -124,7 +137,7 @@ public class DataScopeSqlConfigService {
return sql;
}
if (DataScopeWhereInTypeEnum.DEPARTMENT == sqlConfigDTO.getDataScopeWhereInType()) {
List<Long> canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(dataScopeTypeEnum, employeeId);
List<Long> canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(viewTypeEnum, employeeId);
if (CollectionUtils.isEmpty(canViewDepartmentIds)) {
return "";
}

23
smart-admin-api-java17-springboot3/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java
View File

@@ -44,10 +44,9 @@ public class DataScopeViewService {
private DepartmentService departmentService;
/**
* 获取某人可以查看的所有人员信息
* 获取某人可以查看的所有人员数据
*/
public List<Long> getCanViewEmployeeId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) {
DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
public List<Long> getCanViewEmployeeId(DataScopeViewTypeEnum viewType, Long employeeId) {
if (DataScopeViewTypeEnum.ME == viewType) {
return this.getMeEmployeeIdList(employeeId);
}
@@ -57,16 +56,17 @@ public class DataScopeViewService {
if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) {
return this.getDepartmentAndSubEmployeeIdList(employeeId);
}
// 可以查看所有员工数据
return Lists.newArrayList();
}
/**
* 获取某人可以查看的所有部门信息
* 获取某人可以查看的所有部门数据
*/
public List<Long> getCanViewDepartmentId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) {
DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
public List<Long> getCanViewDepartmentId(DataScopeViewTypeEnum viewType, Long employeeId) {
if (DataScopeViewTypeEnum.ME == viewType) {
return this.getMeDepartmentIdList(employeeId);
// 数据可见范围类型为本人时 不可以查看任何部门数据
return Lists.newArrayList(0L);
}
if (DataScopeViewTypeEnum.DEPARTMENT == viewType) {
return this.getMeDepartmentIdList(employeeId);
@@ -74,6 +74,7 @@ public class DataScopeViewService {
if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) {
return this.getDepartmentAndSubIdList(employeeId);
}
// 可以查看所有部门数据
return Lists.newArrayList();
}
@@ -91,10 +92,16 @@ public class DataScopeViewService {
* 根据员工id 获取各数据范围最大的可见范围 map<dataScopeType,viewType></>
*/
public DataScopeViewTypeEnum getEmployeeDataScopeViewType(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) {
if (employeeId == null) {
EmployeeEntity employeeEntity = employeeDao.selectById(employeeId);
if (employeeEntity == null || employeeEntity.getEmployeeId() == null) {
return DataScopeViewTypeEnum.ME;
}
// 如果是超级管理员 则可查看全部
if (employeeEntity.getAdministratorFlag()) {
return DataScopeViewTypeEnum.ALL;
}
List<Long> roleIdList = roleEmployeeDao.selectRoleIdByEmployeeId(employeeId);
//未设置角色 默认本人
if (CollectionUtils.isEmpty(roleIdList)) {

2
smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/constant/DataScopeViewTypeEnum.java
View File

@@ -5,7 +5,7 @@ import net.lab1024.sa.base.common.enumeration.BaseEnum;
/**
* 数据范围 种类
* 数据可见范围类型
*
* @Author 1024创新实验室: 罗伊
* @Date 2020/11/28 20:59:17

2
smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeSqlConfig.java
View File

@@ -25,7 +25,7 @@ public class DataScopeSqlConfig {
/**
* join sql 具体实现类
*/
private Class joinSqlImplClazz;
private Class<?> joinSqlImplClazz;
private String joinSql;

2
smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/domain/DataScopeViewTypeVO.java
View File

@@ -5,7 +5,7 @@ import lombok.Builder;
import lombok.Data;
/**
* 数据范围
* 数据可见范围
*
* @Author 1024创新实验室: 罗伊
* @Date 2020/11/28 20:59:17

26
smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java
View File

@@ -46,6 +46,11 @@ public class DataScopeSqlConfigService {
private static final String DEPARTMENT_PARAM = "#departmentIds";
/**
* 用于拼接查看本人数据范围的 SQL
*/
private static final String CREATE_USER_ID_EQUALS = "create_user_id = ";
private final ConcurrentHashMap<String, DataScopeSqlConfig> dataScopeMethodMap = new ConcurrentHashMap<>();
@Resource
@@ -84,7 +89,6 @@ public class DataScopeSqlConfigService {
/**
* 根据调用的方法获取,此方法的配置信息
*
*/
public DataScopeSqlConfig getSqlConfig(String method) {
return this.dataScopeMethodMap.get(method);
@@ -94,14 +98,23 @@ public class DataScopeSqlConfigService {
* 组装需要拼接的sql
*/
public String getJoinSql(Map<String, Object> paramMap, DataScopeSqlConfig sqlConfigDTO) {
DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType();
String joinSql = sqlConfigDTO.getJoinSql();
Long employeeId = SmartRequestUtil.getRequestUserId();
if (employeeId == null) {
return "";
}
DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType();
DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
// 数据权限设置为仅本人可见时 直接返回 create_user_id = employeeId
if (DataScopeViewTypeEnum.ME == viewTypeEnum) {
return CREATE_USER_ID_EQUALS + employeeId;
}
String joinSql = sqlConfigDTO.getJoinSql();
if (DataScopeWhereInTypeEnum.CUSTOM_STRATEGY == sqlConfigDTO.getDataScopeWhereInType()) {
Class strategyClass = sqlConfigDTO.getJoinSqlImplClazz();
Class<?> strategyClass = sqlConfigDTO.getJoinSqlImplClazz();
if (strategyClass == null) {
log.warn("data scope custom strategy class is null");
return "";
@@ -111,11 +124,10 @@ public class DataScopeSqlConfigService {
log.warn("data scope custom strategy class{} ,bean is null", sqlConfigDTO.getJoinSqlImplClazz());
return "";
}
DataScopeViewTypeEnum viewTypeEnum = dataScopeViewService.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
return powerStrategy.getCondition(viewTypeEnum, paramMap, sqlConfigDTO);
}
if (DataScopeWhereInTypeEnum.EMPLOYEE == sqlConfigDTO.getDataScopeWhereInType()) {
List<Long> canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(dataScopeTypeEnum, employeeId);
List<Long> canViewEmployeeIds = dataScopeViewService.getCanViewEmployeeId(viewTypeEnum, employeeId);
if (CollectionUtils.isEmpty(canViewEmployeeIds)) {
return "";
}
@@ -124,7 +136,7 @@ public class DataScopeSqlConfigService {
return sql;
}
if (DataScopeWhereInTypeEnum.DEPARTMENT == sqlConfigDTO.getDataScopeWhereInType()) {
List<Long> canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(dataScopeTypeEnum, employeeId);
List<Long> canViewDepartmentIds = dataScopeViewService.getCanViewDepartmentId(viewTypeEnum, employeeId);
if (CollectionUtils.isEmpty(canViewDepartmentIds)) {
return "";
}

23
smart-admin-api-java8-springboot2/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeViewService.java
View File

@@ -44,10 +44,9 @@ public class DataScopeViewService {
private DepartmentService departmentService;
/**
* 获取某人可以查看的所有人员信息
* 获取某人可以查看的所有人员数据
*/
public List<Long> getCanViewEmployeeId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) {
DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
public List<Long> getCanViewEmployeeId(DataScopeViewTypeEnum viewType, Long employeeId) {
if (DataScopeViewTypeEnum.ME == viewType) {
return this.getMeEmployeeIdList(employeeId);
}
@@ -57,16 +56,17 @@ public class DataScopeViewService {
if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) {
return this.getDepartmentAndSubEmployeeIdList(employeeId);
}
// 可以查看所有员工数据
return Lists.newArrayList();
}
/**
* 获取某人可以查看的所有部门信息
* 获取某人可以查看的所有部门数据
*/
public List<Long> getCanViewDepartmentId(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) {
DataScopeViewTypeEnum viewType = this.getEmployeeDataScopeViewType(dataScopeTypeEnum, employeeId);
public List<Long> getCanViewDepartmentId(DataScopeViewTypeEnum viewType, Long employeeId) {
if (DataScopeViewTypeEnum.ME == viewType) {
return this.getMeDepartmentIdList(employeeId);
// 数据可见范围类型为本人时 不可以查看任何部门数据
return Lists.newArrayList(0L);
}
if (DataScopeViewTypeEnum.DEPARTMENT == viewType) {
return this.getMeDepartmentIdList(employeeId);
@@ -74,6 +74,7 @@ public class DataScopeViewService {
if (DataScopeViewTypeEnum.DEPARTMENT_AND_SUB == viewType) {
return this.getDepartmentAndSubIdList(employeeId);
}
// 可以查看所有部门数据
return Lists.newArrayList();
}
@@ -91,10 +92,16 @@ public class DataScopeViewService {
* 根据员工id 获取各数据范围最大的可见范围 map<dataScopeType,viewType></>
*/
public DataScopeViewTypeEnum getEmployeeDataScopeViewType(DataScopeTypeEnum dataScopeTypeEnum, Long employeeId) {
if (employeeId == null) {
EmployeeEntity employeeEntity = employeeDao.selectById(employeeId);
if (employeeEntity == null || employeeEntity.getEmployeeId() == null) {
return DataScopeViewTypeEnum.ME;
}
// 如果是超级管理员 则可查看全部
if (employeeEntity.getAdministratorFlag()) {
return DataScopeViewTypeEnum.ALL;
}
List<Long> roleIdList = roleEmployeeDao.selectRoleIdByEmployeeId(employeeId);
//未设置角色 默认本人
if (CollectionUtils.isEmpty(roleIdList)) {