mybatisplus添加数据权限过滤(自定义拦截器,sql拦截)

    import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
    import com.baomidou.mybatisplus.extension.handlers.AbstractSqlParserHandler;
    import lombok.AllArgsConstructor;
    import lombok.extern.slf4j.Slf4j;
    import org.apache.ibatis.executor.statement.StatementHandler;
    import org.apache.ibatis.mapping.BoundSql;
    import org.apache.ibatis.mapping.MappedStatement;
    import org.apache.ibatis.mapping.SqlCommandType;
    import org.apache.ibatis.plugin.*;
    import org.apache.ibatis.reflection.MetaObject;
    import org.apache.ibatis.reflection.SystemMetaObject;
    import org.springframework.stereotype.Component;

    import javax.sql.DataSource;
    import java.sql.Connection;
    import java.util.Properties;

    @Slf4j
    @AllArgsConstructor
    @Intercepts({@Signature(type = StatementHandler.class, method = "prepare", args = {Connection.class, Integer.class})})
    @Component
    public class DataScopeInterceptor  extends AbstractSqlParserHandler implements Interceptor {
        private DataSource dataSource;

        @Override
        public Object intercept(Invocation invocation) throws Throwable {
            StatementHandler statementHandler = PluginUtils.realTarget(invocation.getTarget());
            MetaObject metaObject = SystemMetaObject.forObject(statementHandler);
            this.sqlParser(metaObject);
            // 先判断是不是SELECT操作 不是直接过滤
            MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement");
            if (!SqlCommandType.SELECT.equals(mappedStatement.getSqlCommandType())) {
                return invocation.proceed();
            }
            BoundSql boundSql = (BoundSql) metaObject.getValue("delegate.boundSql");
            // 执行的SQL语句
            String originalSql = boundSql.getSql();
            // SQL语句的参数
            Object parameterObject = boundSql.getParameterObject();

                originalSql = "select * from (" + originalSql + ") temp_data_scope where temp_data_scope." + 1 + " in (" + 2 + ")";
                metaObject.setValue("delegate.boundSql.sql", originalSql);
                return invocation.proceed();
        }

        /**
         * 生成拦截对象的代理
         *
         * @param target 目标对象
         * @return 代理对象
         */
        @Override
        public Object plugin(Object target) {
            if (target instanceof StatementHandler) {
                return Plugin.wrap(target, this);
            }
            return target;
        }

        /**
         * mybatis配置的属性
         *
         * @param properties mybatis配置的属性
         */
        @Override
        public void setProperties(Properties properties) {

        }

        /**
         * 查找参数是否包括DataScope对象
         *
         * @param parameterObj 参数列表
         * @return DataScope
         */
    //    private DataScope findDataScopeObject(Object parameterObj) {
    //        if (parameterObj instanceof DataScope) {
    //            return (DataScope) parameterObj;
    //        } else if (parameterObj instanceof Map) {
    //            for (Object val : ((Map<?, ?>) parameterObj).values()) {
    //                if (val instanceof DataScope) {
    //                    return (DataScope) val;
    //                }
    //            }
    //        }
    //        return null;
    //    }
    }

以下代码添加至mybatisplusconfig

    /**
     * 数据权限插件
     *
     * @return DataScopeInterceptor
     */
    @Bean
    @ConditionalOnMissingBean
    public DataScopeInterceptor dataScopeInterceptor(DataSource dataSource) {
        return new DataScopeInterceptor(dataSource);
    }

 原文:https://blog.rain888.cn/archives/328.html

posted @ 2021-01-22 10:49  旧时繁华  阅读(20026)  评论(4编辑  收藏  举报