AuthAOP切面代码更新 2022/9/1

PAS/src/main/java/cn/cslg/pas/common/config/InnerInterceptor/LizzMybatisIntercepts.java

@@ -56,13 +56,12 @@ public class LizzMybatisIntercepts implements InnerInterceptor {
         Map<String,Object> maps= SecurityUtils.getDataScope(); //获得线程里保存的functionId
         if (maps != null) {
             SecurityUtils.cleanDataScope(); //当第一次进来后删除线程保存的functionId,避免后续使用的查询sql进来
-            Integer functionId =Integer.parseInt(maps.get("functionId").toString());
             String token =maps.get("token").toString();
             //查询数据规则
             //设定formdata类型参数
             RequestBody requestBody =  new FormBody.Builder()
                     .add("loginId", maps.get("loginId").toString())
-                    .add("functionId",functionId.toString())
+                    .add("functionId",maps.get("functionId").toString())
                     .build();
             //建立连接
             OkHttpClient okHttpClient = new OkHttpClient();
@@ -99,7 +98,8 @@ public class LizzMybatisIntercepts implements InnerInterceptor {
                 PersonnelVO personnelVO =cacheUtils.getLoginUserPersonnel(loginUtils.getId());
             for(int i=0;i<jsonArray.size();i++){
                 String sql1= TreeUtils.reSql(JSONObject.parseObject( jsonArray.get(i).toString()) ,dataSources,personnelVO);
-                sqls += jsonArray.size()!=i+1 ?  sql1+" OR ":sql1;
+                if(!sql1.equals("")){
+                sqls += jsonArray.size()!=i+1 ?  sql1+" OR ":sql1;}
             }
             // 根据sql语句结构，将拼接sql放入合适的位置
             if(Localsql.contains("order by")){

PAS/src/main/java/cn/cslg/pas/common/utils/auth/AuthAop.java

@@ -5,8 +5,6 @@ import cn.cslg.pas.common.model.PersonnelVO;
 import cn.cslg.pas.common.utils.CacheUtils;
 import cn.cslg.pas.common.utils.Response;
 import cn.cslg.pas.common.utils.SecurityUtils.LoginUtils;
-import cn.dev33.satoken.exception.NotLoginException;
-import cn.hutool.json.JSONString;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
@@ -14,11 +12,9 @@ import okhttp3.*;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.*;
-import org.aspectj.lang.reflect.CodeSignature;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestAttributes;
 import org.springframework.web.context.request.RequestContextHolder;
@@ -27,7 +23,6 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 import javax.script.ScriptEngine;
 import javax.script.ScriptEngineManager;
 import javax.servlet.http.HttpServletRequest;
-import java.lang.reflect.Field;
 import java.lang.reflect.Method;
 import java.util.List;
 
@@ -57,37 +52,22 @@ public class AuthAop {
 
     @Around("annotationPointcut()")
     public Object doAround(ProceedingJoinPoint joinPoint) throws Throwable {
+        Boolean isPass =true;
         // 获得注解上的参数值
         MethodSignature ms = (MethodSignature) joinPoint.getSignature();
         Method method = ms.getMethod();
         checkAuth myAnnotation = method.getAnnotation(checkAuth.class);
-        Integer functionId =myAnnotation.FunId();
-        // 将请求里的token保存到字段token里
+       String functionId =myAnnotation.FunId();
         //RequestContextHolder：持有上下文的Request容器,获取到当前请求的request
         RequestAttributes ra = RequestContextHolder.getRequestAttributes();
         ServletRequestAttributes sra = (ServletRequestAttributes) ra;
         HttpServletRequest httpRequest = sra.getRequest();
-        String tem =httpRequest.getHeader("Cookie");
+        String tem =httpRequest.getHeader("Cookie");//获得请求里的token
         Object[] args = joinPoint.getArgs();
-        //遍历参数 修改带有需求字段对象的值
-        for (Object obj : args) {
-            try {
-                Class<?> resultClz = obj.getClass();
-                //获取class里的所有字段  父类字段获取不到
-                Field[] fieldInfo = resultClz.getFields();
-                for (Field field : fieldInfo) {
-                    if ("token".equals(field.getName())) {
-                            field.set(obj,tem);
-                        break; }
-                }
-            } catch (Exception e) {
-            }
-        }
-
         //根据登录人的id以及功能id获得计算逻辑
         RequestBody requestBody =  new FormBody.Builder()
                 .add("loginId", loginUtils.getId().toString())
-                .add("functionId",functionId.toString())
+                .add("functionId",functionId)
                 .build();
         OkHttpClient okHttpClient = new OkHttpClient();
 
@@ -98,8 +78,13 @@ public class AuthAop {
                 .build();
         String resBody = okHttpClient.newCall(request).execute().body().string();
         JSONArray jsonArray = JSONArray.parseArray(resBody);
-
-        Boolean isPass =true;
+        if(jsonArray.get(0).toString().equals("-1")){
+         return Response.error("没有该功能");
+        }
+        //判断是否含有功能并且是不做限制
+        else if(jsonArray.size()==1&&jsonArray.get(0).equals("0")){
+            return joinPoint.proceed();
+        }
        if(jsonArray.size()>0){   // 如果查询结果的size大于0证明有限制逻辑
            RequestBody reBodySource =  new FormBody.Builder()
                    .add("tableName", "local")
@@ -121,7 +106,6 @@ public class AuthAop {
            PersonnelVO personnelVO =cacheUtils.getLoginUserPersonnel(loginUtils.getId());
            String  sqls ="";
            for(int i=0;i<jsonArray.size();i++){
-
                String sql=TreeUtils.reCompute(JSONObject.parseObject(jsonArray.get(i).toString()),args,dataSources,personnelVO);
                sqls += jsonArray.size()!=i+1 ?  sql+" || ":sql;
            }

PAS/src/main/java/cn/cslg/pas/common/utils/auth/TreeUtils.java

@@ -26,8 +26,12 @@ public class TreeUtils {
     // 处理sql语句，返回拼接sql
     public static   String reSql(JSONObject jsonObject,List<DataSource> dataSource,PersonnelVO personnelVO) throws NoSuchFieldException, IllegalAccessException {
         String sql ="";
+        //判断是否为逻辑
+        if (jsonObject.get("nodeType").equals("logic")){
+            sql ="";
+        }
         //符合二叉树形式
-       if (jsonObject.containsKey("left")&&jsonObject.containsKey("right")){
+       else if (jsonObject.containsKey("left")&&jsonObject.containsKey("right")){
       sql=  recursionTree(jsonObject,dataSource,personnelVO);}
        // 不符合二叉树形式（单条数据）
        else{
@@ -53,10 +57,15 @@ public class TreeUtils {
      */
     public static   String reCompute(JSONObject jsonObject,Object[] object,List<DataSource> dataSource,PersonnelVO personnelVO) throws NoSuchFieldException, IllegalAccessException {
         String sql="";
+         //判断是否为sql类型规则
+           if (jsonObject.get("nodeType").equals("sql")){
+               sql ="1==1";
+           }
 
-        if (jsonObject.containsKey("left")&&jsonObject.containsKey("right")){
+         //判断是否为单条数据
+      else if (jsonObject.containsKey("left")&&jsonObject.containsKey("right")){
             sql=  cRecursionTree(jsonObject,object,dataSource,personnelVO);}
-        // 不符合二叉树形式（单条数据）
+        // 不为sql类型的二叉树形式
         else{
             String field = distinguishFields(jsonObject.get("field").toString(),object,dataSource,personnelVO);
             String value= distinguishValues(jsonObject.get("value").toString(),object);
@@ -246,7 +255,7 @@ reField = "("+tem.substring(0,tem.length() - 1)+")";
                     Class personClass =personnelVO.getClass();
                     Field dataField = personClass.getDeclaredField(field);
                     dataField.setAccessible(true);
-                    reField =dataField.get(personnelVO).toString();
+                    reField ="'"+dataField.get(personnelVO).toString()+"'";
                     break;
                 }
 

PAS/src/main/java/cn/cslg/pas/common/utils/auth/checkAuth.java

@@ -13,7 +13,7 @@ import java.lang.annotation.RetentionPolicy;
  * @description 数据权限(增删改)条件判断注解
  */
 public @interface checkAuth {
-    int FunId() default 0;
+    String FunId() default "0";
 
 }
 

PAS/src/main/java/cn/cslg/pas/controller/ProjectController.java

@@ -48,12 +48,14 @@ public class ProjectController {
 
 
     @PostMapping("list")
+    @checkAuth(FunId = "/project/list")
     @Operation(summary = "专题库列表")
     public String getPageList(@RequestBody ProjectVO params) {
 
         return Response.success(projectService.getPageList(params));
     }
 
+    @checkAuth(FunId = "/project/add")
     @PostMapping("add")
     @Operation(summary = "新增专题库")
     public String add(@RequestBody Project project) {
@@ -64,7 +66,7 @@ public class ProjectController {
         return projectService.add(project);
     }
 
-    @Permission(roles = {2})
+    @checkAuth(FunId = "/project/edit")
     @PostMapping("edit")
     @Operation(summary = "编辑专题库")
     public String edit(@RequestBody Project project) {
@@ -72,7 +74,7 @@ public class ProjectController {
     }
 
     @PostMapping("delete")
-    @checkAuth(FunId = 10)
+    @checkAuth(FunId = "/project/delete")
     @Operation(summary = "删除专题库")
     public String delete(Integer id) {
         return projectService.delete(id);
@@ -112,7 +114,7 @@ public class ProjectController {
     }
 
     @PostMapping("share")
-    @Permission(roles = {1, 2})
+    @checkAuth(FunId = "/project/share")
     @Operation(summary = "分享专题库")
     public String share(Integer id, @RequestBody List<Integer> userIds) {
         return projectService.share(id, userIds);
@@ -125,6 +127,7 @@ public class ProjectController {
         return projectService.importExcel(file);
     }
 
+    @checkAuth(FunId = "/project/export/list")
     @PostMapping("/export/list")
     @Operation(summary = "导出专题库信息列表")
     public void exportProjectList(HttpServletResponse response) {

PAS/src/main/java/cn/cslg/pas/controller/ProjectUserController.java

@@ -4,6 +4,7 @@ import cn.cslg.pas.common.core.annotation.Permission;
 import cn.cslg.pas.common.core.base.Constants;
 import cn.cslg.pas.common.model.vo.ProjectUserVO;
 import cn.cslg.pas.common.utils.Response;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.domain.ProjectUser;
 import cn.cslg.pas.service.ProjectUserService;
 import io.swagger.v3.oas.annotations.Operation;
@@ -34,21 +35,21 @@ public class ProjectUserController {
         return Response.success(projectUserService.getPageList(params));
     }
 
-    @Permission(roles = {2})
+    @checkAuth(FunId = "/project/user/add")
     @PostMapping("add")
     @Operation(summary = "新增成员")
     public String add(@RequestBody ProjectUser projectUser) {
         return projectUserService.add(projectUser);
     }
 
-    @Permission(roles = {2})
+    @checkAuth(FunId = "/project/user/edit")
     @PostMapping("edit")
     @Operation(summary = "编辑成员")
     public String edit(@RequestBody ProjectUser projectUser) {
         return projectUserService.edit(projectUser);
     }
 
-    @Permission(roles = {2})
+    @checkAuth(FunId = "/project/user/delete")
     @PostMapping("delete")
     @Operation(summary = "删除成员")
     public String delete(Integer id) {

PAS/src/main/java/cn/cslg/pas/service/ProjectService.java

@@ -9,6 +9,7 @@ import cn.cslg.pas.common.model.vo.*;
 import cn.cslg.pas.common.utils.*;
 import cn.cslg.pas.common.utils.SecurityUtils.LoginUtils;
 import cn.cslg.pas.common.utils.SecurityUtils.SecurityUtils;
+import cn.cslg.pas.common.utils.auth.checkAuth;
 import cn.cslg.pas.domain.*;
 import cn.cslg.pas.mapper.ProjectMapper;
 import cn.hutool.core.collection.CollUtil;
@@ -33,6 +34,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import lombok.RequiredArgsConstructor;
 import org.apache.poi.ss.usermodel.PictureData;
+import org.aspectj.lang.reflect.MethodSignature;
 import org.springframework.beans.BeanUtils;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.scheduling.annotation.Async;
@@ -44,6 +46,7 @@ import org.springframework.web.multipart.MultipartFile;
 
 import javax.servlet.http.HttpServletResponse;
 import java.io.*;
+import java.lang.reflect.Method;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
 import java.util.stream.Collectors;
@@ -114,7 +117,7 @@ public class ProjectService extends ServiceImpl<ProjectMapper, Project> {
         Map<String, Object> m = new HashMap<>();
         m.put("token", LoginUtils.getToken());
         m.put("loginId", loginUtils.getId());
-        m.put("functionId", 8);
+        m.put("functionId", "/project/list");
         PersonnelVO user = cacheUtils.getLoginUserPersonnel(loginUtils.getId());
         List<Integer> projectIds = new ArrayList<Integer>() {{
             add(-1);