/*
|
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
|
*
|
* Redistribution and use in source and binary forms, with or without
|
* modification, are permitted provided that the following conditions are met:
|
*
|
* Redistributions of source code must retain the above copyright notice,
|
* this list of conditions and the following disclaimer.
|
* Redistributions in binary form must reproduce the above copyright
|
* notice, this list of conditions and the following disclaimer in the
|
* documentation and/or other materials provided with the distribution.
|
* Neither the name of the dreamlu.net developer nor the names of its
|
* contributors may be used to endorse or promote products derived from
|
* this software without specific prior written permission.
|
* Author: Chill 庄骞 (smallchill@163.com)
|
*/
|
package org.springblade.core.datascope.handler;
|
|
import lombok.RequiredArgsConstructor;
|
import org.springblade.core.datascope.enums.DataScopeEnum;
|
import org.springblade.core.datascope.model.DataScopeModel;
|
import org.springblade.core.secure.BladeUser;
|
import org.springblade.core.tool.constant.RoleConstant;
|
import org.springblade.core.tool.utils.BeanUtil;
|
import org.springblade.core.tool.utils.Func;
|
import org.springblade.core.tool.utils.PlaceholderUtil;
|
import org.springblade.core.tool.utils.StringUtil;
|
|
import java.util.ArrayList;
|
import java.util.List;
|
import java.util.Objects;
|
|
/**
|
* 默认数据权限规则
|
*
|
* @author Chill
|
*/
|
@RequiredArgsConstructor
|
public class BladeDataScopeHandler implements DataScopeHandler {
|
|
private final ScopeModelHandler scopeModelHandler;
|
|
@Override
|
public String sqlCondition(String mapperId, DataScopeModel dataScope, BladeUser bladeUser, String originalSql) {
|
|
//数据权限资源编号
|
String code = dataScope.getResourceCode();
|
|
//根据mapperId从数据库中获取对应模型
|
DataScopeModel dataScopeDb = scopeModelHandler.getDataScopeByMapper(mapperId, bladeUser.getRoleId());
|
|
//mapperId配置未取到则从数据库中根据资源编号获取
|
if (dataScopeDb == null && StringUtil.isNotBlank(code)) {
|
dataScopeDb = scopeModelHandler.getDataScopeByCode(code);
|
}
|
|
//未从数据库找到对应配置则采用默认
|
dataScope = (dataScopeDb != null) ? dataScopeDb : dataScope;
|
|
//判断数据权限类型并组装对应Sql
|
Integer scopeRule = Objects.requireNonNull(dataScope).getScopeType();
|
DataScopeEnum scopeTypeEnum = DataScopeEnum.of(scopeRule);
|
List<Long> ids = new ArrayList<>();
|
String whereSql = "where scope.{} in ({})";
|
if (DataScopeEnum.ALL == scopeTypeEnum || StringUtil.containsAny(bladeUser.getRoleName(), RoleConstant.ADMINISTRATOR)) {
|
return null;
|
} else if (DataScopeEnum.CUSTOM == scopeTypeEnum) {
|
whereSql = PlaceholderUtil.getDefaultResolver().resolveByMap(dataScope.getScopeValue(), BeanUtil.toMap(bladeUser));
|
} else if (DataScopeEnum.OWN == scopeTypeEnum) {
|
ids.add(bladeUser.getUserId());
|
} else if (DataScopeEnum.OWN_DEPT == scopeTypeEnum) {
|
ids.addAll(Func.toLongList(bladeUser.getDeptId()));
|
} else if (DataScopeEnum.OWN_DEPT_CHILD == scopeTypeEnum) {
|
List<Long> deptIds = Func.toLongList(bladeUser.getDeptId());
|
ids.addAll(deptIds);
|
deptIds.forEach(deptId -> {
|
List<Long> deptIdList = scopeModelHandler.getDeptAncestors(deptId);
|
ids.addAll(deptIdList);
|
});
|
}
|
return StringUtil.format("select {} from ({}) scope " + whereSql, Func.toStr(dataScope.getScopeField(), "*"), originalSql, dataScope.getScopeColumn(), StringUtil.join(ids));
|
}
|
|
}
|
