mybatis拦截器实现通用权限字段添加的方法

2023-08-14 01:19:05 341

实现效果

日常sql中直接使用权限字段实现权限内数据筛选，无需入参，直接使用，使用形式为：

select*fromcrh_snp.channelinfowhereshort_codein(${commonEnBranchNo})

注意事项说明

1、添加插件若使用xml形式mybatis可在配置文件中plugins标签中添加，本项目实际使用的为注解形式mybatis，需要通过SqlSessionFactoryBean代码方式添加或者SqlSessionFactoryBean的xml配置形式，代码在jar包中无法操作，只能使用xml配置形式，故需要覆盖SqlSessionFactoryBean配置





classpath*:xmlmapper/*.xml
classpath*:resources/xmlmapper/*.xml

2、jdbc的jar包中配置了sqlSessionFactory，本项目中配置进行覆盖，注意spring中同名类后加载的会覆盖先加载的类，需要保证本项目配置的类后加载。spring配置文件扫描会先加载本工程项目bean，可通过新增额外的配置文件放在原配置文件后实现后加载，如


contextConfigLocation

classpath*:spring-beans.xml
classpath*:spring-person.xml

3、注意添加的参数需要${}形式使用，#{}会经过预编译获取到的sql参数为问号，无法直接替换

拦截器实现类

@Intercepts({
@Signature(type=Executor.class,method="query",args={MappedStatement.class,Object.class,RowBounds.class,ResultHandler.class})
})
publicclassMybatisInterceptorimplementsInterceptor{

//privateLoggerlogger=LoggerFactory.getLogger(getClass());

@Override
publicObjectintercept(Invocationinvocation)throwsThrowable{

if(invocation.getTarget()instanceofExecutor&&invocation.getArgs().length==4){
Stringsql=getSqlByInvocation(invocation);
//将操作员可操作的渠道、用户id及营业部作通用字段放到sql中统一解析
if(sql.contains("commonEnShortCode")){
sql=addPremissionParam(sql);
resetSql2Invocation(invocation,sql);
}
}

returninvocation.proceed();
}

@Override
publicObjectplugin(Objecttarget){
returnPlugin.wrap(target,this);
}

@Override
publicvoidsetProperties(Propertiesproperties){}



/**
*通用权限字段添加，目前支持：commonEnShortCode、commonEnBrokerUserId、commonEnBranchNo
*@paramsql
*@return
*/
privateStringaddPremissionParam(Stringsql){
CrhUsercrhUser=(CrhUser)RequestUtil.getRequest().getAttribute(CrhUser.CRH_USER_SESSION);
BackendRoleServiceImplbackendRoleService=(BackendRoleServiceImpl)SpringContext.getBean("backendRoleServiceImpl");
if(sql.contains("commonEnBranchNo")){
ListenBranchNoList=backendRoleService.getEnBranchNo(crhUser.getUser_id());
StringenBranchNoSql="selectto_char(column_value)fromTABLE(SELECTF_TO_T_IN('"+StringUtils.join(enBranchNoList,",")+"')FROMDUAL)";
sql=sql.replace("${commonEnBranchNo}",enBranchNoSql);
}
returnsql;
}

/**
*获取当前sql
*@paraminvocation
*@return
*/
privateStringgetSqlByInvocation(Invocationinvocation){
finalObject[]args=invocation.getArgs();
MappedStatementms=(MappedStatement)args[0];
ObjectparameterObject=args[1];
BoundSqlboundSql=ms.getBoundSql(parameterObject);
returnboundSql.getSql();
}

/**
*将sql重新设置到invocation中
*@paraminvocation
*@paramsql
*@throwsSQLException
*/
privatevoidresetSql2Invocation(Invocationinvocation,Stringsql)throwsSQLException{
finalObject[]args=invocation.getArgs();
MappedStatementstatement=(MappedStatement)args[0];
ObjectparameterObject=args[1];
BoundSqlboundSql=statement.getBoundSql(parameterObject);
MappedStatementnewStatement=newMappedStatement(statement,newBoundSqlSource(boundSql));
MetaObjectmsObject=MetaObject.forObject(newStatement,newDefaultObjectFactory(),newDefaultObjectWrapperFactory(),newDefaultReflectorFactory());
msObject.setValue("sqlSource.boundSql.sql",sql);
args[0]=newStatement;
}

privateMappedStatementnewMappedStatement(MappedStatementms,SqlSourcenewSqlSource){
MappedStatement.Builderbuilder=
newMappedStatement.Builder(ms.getConfiguration(),ms.getId(),newSqlSource,ms.getSqlCommandType());
builder.resource(ms.getResource());
builder.fetchSize(ms.getFetchSize());
builder.statementType(ms.getStatementType());
builder.keyGenerator(ms.getKeyGenerator());
if(ms.getKeyProperties()!=null&&ms.getKeyProperties().length!=0){
StringBuilderkeyProperties=newStringBuilder();
for(StringkeyProperty:ms.getKeyProperties()){
keyProperties.append(keyProperty).append(",");
}
keyProperties.delete(keyProperties.length()-1,keyProperties.length());
builder.keyProperty(keyProperties.toString());
}
builder.timeout(ms.getTimeout());
builder.parameterMap(ms.getParameterMap());
builder.resultMaps(ms.getResultMaps());
builder.resultSetType(ms.getResultSetType());
builder.cache(ms.getCache());
builder.flushCacheRequired(ms.isFlushCacheRequired());
builder.useCache(ms.isUseCache());

returnbuilder.build();
}
}

publicclassBoundSqlSourceimplementsSqlSource{

privateBoundSqlboundSql;

publicBoundSqlSource(BoundSqlboundSql){
this.boundSql=boundSql;
}

@Override
publicBoundSqlgetBoundSql(ObjectparameterObject){
returnboundSql;
}
}

总结

以上就是这篇文章的全部内容了，希望本文的内容对大家的学习或者工作具有一定的参考学习价值，谢谢大家对毛票票的支持。

mybatis拦截器实现通用权限字段添加的方法

热门推荐

随机推荐