定义注解

  1. /**
  2.  * 数据权限过滤注解
  3.  */
  4. @Target(ElementType.METHOD)
  5. @Retention(RetentionPolicy.RUNTIME)
  6. @Documented
  7. public @interface CompanyDateScope {
  8. }

切面实现

  1. package com.ruoyi.framework.aspectj;
  3. import com.ruoyi.common.utils.StringUtils;
  4. import com.ruoyi.common.utils.security.ShiroUtils;
  5. import com.ruoyi.framework.aspectj.lang.annotation.CompanyDateScope;
  6. import com.ruoyi.framework.aspectj.lang.annotation.DataScope;
  7. import com.ruoyi.framework.web.domain.BaseEntity;
  8. import com.ruoyi.project.system.user.domain.User;
  9. import org.aspectj.lang.JoinPoint;
  10. import org.aspectj.lang.Signature;
  11. import org.aspectj.lang.annotation.Aspect;
  12. import org.aspectj.lang.annotation.Before;
  13. import org.aspectj.lang.annotation.Pointcut;
  14. import org.aspectj.lang.reflect.MethodSignature;
  15. import org.springframework.stereotype.Component;
  17. import java.lang.reflect.Method;
  19. @Aspect
  20. @Component
  21. public class CompanyDataScopeAspect {
  22.     /**
  23.      * 数据权限过滤关键字
  24.      */
  25.     public static final String DATA_SCOPE = "dataScope";
  27.     /**
  28.      * @param joinPoint
  29.      * @param companyId
  30.      */
  31.     public static void dataScopeFilter(JoinPoint joinPoint, Long companyId) {
  32.         String filterSql = StringUtils.format("and company_id = {}", companyId);
  33.         Object params = joinPoint.getArgs()[0];
  34.         if (StringUtils.isNotNull(params) && params instanceof BaseEntity) {
  35.             BaseEntity baseEntity = (BaseEntity) params;
  36.             baseEntity.getParams().put(DATA_SCOPE, filterSql);
  37.         }
  38.     }
  40.     // 配置织入点
  41.     @Pointcut("@annotation(com.ruoyi.framework.aspectj.lang.annotation.CompanyDateScope)")
  42.     public void dataScopePointCut() { }
  44.     @Before("dataScopePointCut()")
  45.     public void doBefore(JoinPoint point) throws Throwable {
  46.         handleDataScope(point);
  47.     }
  49.     protected void handleDataScope(final JoinPoint joinPoint) {
  50.         // 获得注解
  51.         CompanyDateScope controllerDataScope = getAnnotationLog(joinPoint);
  52.         if (controllerDataScope == null) {
  53.             return;
  54.         }
  55.         // 获取当前的用户
  56.         User currentUser = ShiroUtils.getSysUser();
  57.         // 如果公司id大于0说明要过滤数据
  58.         if (currentUser != null && currentUser.getCompanyId() != 0) {
  59.             dataScopeFilter(joinPoint, currentUser.getCompanyId());
  60.         }
  61.     }
  63.     /**
  64.      * 是否存在注解,如果存在就获取
  65.      */
  66.     private CompanyDateScope getAnnotationLog(JoinPoint joinPoint) {
  67.         Signature signature = joinPoint.getSignature();
  68.         MethodSignature methodSignature = (MethodSignature) signature;
  69.         Method method = methodSignature.getMethod();
  71.         if (method != null) {
  72.             return method.getAnnotation(CompanyDateScope.class);
  73.         }
  74.         return null;
  75.     }
  76. }

在 mapper 方法上增加注解

  1. /**
  2.  * 产品Mapper接口
  3.  */
  4. public interface ProductMapper {
  5.     ...
  7.     @CompanyDateScope
  8.     List<ProductVO> selectProductList(ProductQO product);
  10.     ...
  11. }

在 where 最后面增加过滤数据的 sql 语句

  1. ...
  3. <select id="selectProductList" parameterType="com.ruoyi.project.api.domain.qo.ProductQO" resultMap="ProductResult">
  4.     <include refid="selectProductVo"/>
  5.     <where>
  6.         <if test="name != null  and name != ''">and name like concat('%', #{name}, '%')</if>
  7.         ${params.dataScope}
  8.     </where>
  9. </select>
  11. ...