package com.gaotao.common.aspect; import com.gaotao.common.annotation.DataScope; import com.gaotao.common.utils.StringUtils; import com.gaotao.core.domain.BaseEntity; import com.gaotao.modules.sys.entity.SysUserEntity; import org.apache.shiro.SecurityUtils; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.springframework.stereotype.Component; /** * 数据过滤处理 */ @Aspect @Component public class DataScopeAspect { /** * 数据权限过滤关键字 */ public static final String DATA_SCOPE = "dataScope"; @Before("@annotation(dataScope)") public void doBefore(JoinPoint joinPoint, DataScope dataScope) { clearDataScope(joinPoint); handleDataScope(joinPoint, dataScope); } protected void handleDataScope(final JoinPoint joinPoint, DataScope dataScope) { //获取当前登录用户部门id SysUserEntity currentUser = (SysUserEntity) SecurityUtils.getSubject().getPrincipal(); String site = currentUser.getSite(); StringBuilder sqlString = new StringBuilder(); if(currentUser.isAdmin()){ return; } //判断参数类型,分别处理,部门分类 if (StringUtils.isNotEmpty(dataScope.deptAlias())) { sqlString.append("CHARINDEX(" + dataScope.deptAlias() + ".site, '" + site + "')>0"); } //判断参数类型,分别处理,用户分类 if (StringUtils.isNotBlank(sqlString.toString())) { Object params = joinPoint.getArgs()[0]; if (StringUtils.isNotNull(params) && params instanceof BaseEntity) { BaseEntity baseEntity = (BaseEntity) params; baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString + ")"); } } } /** * 拼接权限sql前先清空params.dataScope参数防止注入 */ private void clearDataScope(final JoinPoint joinPoint) { Object params = joinPoint.getArgs()[0]; if (StringUtils.isNotNull(params) && params instanceof BaseEntity) { BaseEntity baseEntity = (BaseEntity) params; baseEntity.getParams().put(DATA_SCOPE, ""); } } }