溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
實現效果
日常sql中直接使用權限字段實現權限內數據篩選,無需入參,直接使用,使用形式為:
select * from crh_snp.channelinfo where short_code in (${commonEnBranchNo})
注意事項說明
1、添加插件若使用xml形式mybatis可在配置文件中plugins標簽中添加,本項目實際使用的為注解形式mybatis,需要通過SqlSessionFactoryBean代碼方式添加或者SqlSessionFactoryBean的xml配置形式,代碼在jar包中無法操作,只能使用xml配置形式,故需要覆蓋SqlSessionFactoryBean配置
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<property name="mapperLocations">
<list>
<value>classpath*:xmlmapper/*.xml</value>
<value>classpath*:resources/xmlmapper/*.xml</value>
</list>
</property>
<property name="plugins">
<array>
<bean class="com.cairh.xpe.snp.backend.interceptor.MybatisInterceptor"/>
</array>
</property>
</bean>
2、jdbc的jar包中配置了sqlSessionFactory,本項目中配置進行覆蓋,注意spring中同名類后加載的會覆蓋先加載的類,需要保證本項目配置的類后加載。spring配置文件掃描會先加載本工程項目bean,可通過新增額外的配置文件放在原配置文件后實現后加載,如
<context-param> <param-name>contextConfigLocation</param-name> <param-value> classpath*:spring-beans.xml classpath*:spring-person.xml </param-value> </context-param>
3、注意添加的參數需要${}形式使用,#{}會經過預編譯獲取到的sql參數為問號,無法直接替換
攔截器實現類
@Intercepts({
@Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class})
})
public class MybatisInterceptor implements Interceptor {
// private Logger logger = LoggerFactory.getLogger(getClass());
@Override
public Object intercept(Invocation invocation) throws Throwable {
if (invocation.getTarget() instanceof Executor && invocation.getArgs().length==4) {
String sql = getSqlByInvocation(invocation);
//將操作員可操作的渠道、用戶id及營業部作通用字段放到sql中統一解析
if(sql.contains("commonEnShortCode")){
sql = addPremissionParam(sql);
resetSql2Invocation(invocation, sql);
}
}
return invocation.proceed();
}
@Override
public Object plugin(Object target) {
return Plugin.wrap(target, this);
}
@Override
public void setProperties(Properties properties) {}
/**
* 通用權限字段添加,目前支持:commonEnShortCode、commonEnBrokerUserId、commonEnBranchNo
* @param sql
* @return
*/
private String addPremissionParam(String sql) {
CrhUser crhUser = (CrhUser) RequestUtil.getRequest().getAttribute(CrhUser.CRH_USER_SESSION);
BackendRoleServiceImpl backendRoleService = (BackendRoleServiceImpl)SpringContext.getBean("backendRoleServiceImpl");
if(sql.contains("commonEnBranchNo")){
List<String> enBranchNoList = backendRoleService.getEnBranchNo(crhUser.getUser_id());
String enBranchNoSql = "select to_char(column_value) from TABLE(SELECT F_TO_T_IN('"+ StringUtils.join(enBranchNoList,",")+"') FROM DUAL)";
sql = sql.replace("${commonEnBranchNo}", enBranchNoSql);
}
return sql;
}
/**
* 獲取當前sql
* @param invocation
* @return
*/
private String getSqlByInvocation(Invocation invocation) {
final Object[] args = invocation.getArgs();
MappedStatement ms = (MappedStatement) args[0];
Object parameterObject = args[1];
BoundSql boundSql = ms.getBoundSql(parameterObject);
return boundSql.getSql();
}
/**
* 將sql重新設置到invocation中
* @param invocation
* @param sql
* @throws SQLException
*/
private void resetSql2Invocation(Invocation invocation, String sql) throws SQLException {
final Object[] args = invocation.getArgs();
MappedStatement statement = (MappedStatement) args[0];
Object parameterObject = args[1];
BoundSql boundSql = statement.getBoundSql(parameterObject);
MappedStatement newStatement = newMappedStatement(statement, new BoundSqlSource(boundSql));
MetaObject msObject = MetaObject.forObject(newStatement, new DefaultObjectFactory(), new DefaultObjectWrapperFactory(),new DefaultReflectorFactory());
msObject.setValue("sqlSource.boundSql.sql", sql);
args[0] = newStatement;
}
private MappedStatement newMappedStatement(MappedStatement ms, SqlSource newSqlSource) {
MappedStatement.Builder builder =
new MappedStatement.Builder(ms.getConfiguration(), ms.getId(), newSqlSource, ms.getSqlCommandType());
builder.resource(ms.getResource());
builder.fetchSize(ms.getFetchSize());
builder.statementType(ms.getStatementType());
builder.keyGenerator(ms.getKeyGenerator());
if (ms.getKeyProperties() != null && ms.getKeyProperties().length != 0) {
StringBuilder keyProperties = new StringBuilder();
for (String keyProperty : ms.getKeyProperties()) {
keyProperties.append(keyProperty).append(",");
}
keyProperties.delete(keyProperties.length() - 1, keyProperties.length());
builder.keyProperty(keyProperties.toString());
}
builder.timeout(ms.getTimeout());
builder.parameterMap(ms.getParameterMap());
builder.resultMaps(ms.getResultMaps());
builder.resultSetType(ms.getResultSetType());
builder.cache(ms.getCache());
builder.flushCacheRequired(ms.isFlushCacheRequired());
builder.useCache(ms.isUseCache());
return builder.build();
}
}
public class BoundSqlSource implements SqlSource {
private BoundSql boundSql;
public BoundSqlSource(BoundSql boundSql) {
this.boundSql = boundSql;
}
@Override
public BoundSql getBoundSql(Object parameterObject) {
return boundSql;
}
}
總結
以上就是這篇文章的全部內容了,希望本文的內容對大家的學習或者工作具有一定的參考學習價值,謝謝大家對億速云的支持。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
