2024-3-28 安全检查注解替换。

zd-api/zd-security-api/src/main/java/com/zd/security/api/bo/CheckClapBo.java

@@ -81,6 +81,9 @@ public class CheckClapBo extends PageQuery implements Serializable {
     @ApiModelProperty("创建人ID")
     private Long createBy;
 
+    @ApiModelProperty("权限获取的用户id集合")
+    private List<Long> userList;
+
     @ApiModelProperty("上传照片")
     private List <UploadDto> imgDtoList = new ArrayList <>();
 

zd-api/zd-security-api/src/main/java/com/zd/security/api/bo/CheckHazardBo.java

@@ -128,4 +128,7 @@ public class CheckHazardBo extends PageQuery implements Serializable {
 
     @ApiModelProperty("人员类型：1是检查人员，2是整改人员")
     private Integer staffType;
+
+    @ApiModelProperty("权限获取的用户id集合")
+    private List<Long> userList;
 }

zd-api/zd-security-api/src/main/java/com/zd/security/api/bo/CheckRectifyBo.java

@@ -84,4 +84,7 @@ public class CheckRectifyBo extends PageQuery implements Serializable {
 
     @ApiModelProperty("隐患id集合")
     private List<Long> checkHazardIds;
+
+    @ApiModelProperty("权限获取的用户id集合")
+    private List<Long> userList;
 }

zd-modules/zd-security/src/main/java/com/zd/security/config/DataScopeInterceptor.java

@@ -1,288 +0,0 @@
-package com.zd.security.config;
-
-import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
-import com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor;
-import com.zd.common.core.security.TokenService;
-import com.zd.common.core.utils.DateUtils;
-import com.zd.common.core.utils.ServletUtils;
-import com.zd.common.core.utils.SpringUtils;
-import com.zd.common.core.utils.StringUtils;
-import com.zd.model.entity.*;
-import com.zd.model.enums.DataPermissionEnum;
-import com.zd.security.scope.DataPermission;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.ibatis.executor.Executor;
-import org.apache.ibatis.mapping.BoundSql;
-import org.apache.ibatis.mapping.MappedStatement;
-import org.apache.ibatis.session.ResultHandler;
-import org.apache.ibatis.session.RowBounds;
-import javax.servlet.http.HttpSession;
-import java.lang.reflect.Method;
-import java.util.*;
-import java.util.stream.Collectors;
-
-/**
- * <p>数据权限</p>
- *
- * @author: linft
- * @date: 2023/4/19
- * @since:
- */
-@Slf4j
-public class DataScopeInterceptor implements InnerInterceptor {
-
-    @Override
-    public void beforeQuery(Executor executor, MappedStatement ms, Object parameter, RowBounds rowBounds,
-                            ResultHandler resultHandler, BoundSql boundSql) {
-        long startTime = System.currentTimeMillis();
-        log.info("beforeQuery  starting.........,startTime :{}",startTime);
-        PluginUtils.MPBoundSql mpBs = PluginUtils.mpBoundSql(boundSql);
-        String originalSql = boundSql.getSql();
-
-        LoginModel loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest());
-        if (loginUser != null) {
-            HttpSession session = ServletUtils.getRequest().getSession();
-            String key = null;
-            DataPermission dataScope = getDataPermission(ms);
-            if (dataScope == null) {
-                long strap = DateUtils.getCurrentTimeMillisRound() - 200;
-                Map<String,DataPermission> map = getDataPermissionBySession(strap,loginUser,session);
-                Set<String> set = map.keySet();
-                if (set != null && !set.isEmpty()) {
-                    List<String> list = new ArrayList(set);
-                    key = list.get(0);
-                    dataScope = map.get(key);
-                }
-                dataScope = (DataPermission) session.getAttribute(key);
-                log.info("【数据权限】注解接收获取注解信息：key = {}, dataScope = {}", key, dataScope);
-            }
-            if (dataScope == null) {
-                return;
-            }
-            //检查排除的角色项
-            String[] arr = dataScope.exclusions();
-            List<LoginRole> useRoles = null;
-            if (arr != null && arr.length > 0) {
-                List<String> list = Arrays.asList(arr);
-                useRoles = loginUser.getRoles().stream().filter(r -> !list.contains(r.getRoleKey())).collect(Collectors.toList());
-            } else {
-                useRoles = loginUser.getRoles();
-            }
-
-            Long roleId = null;
-            Integer scope = DataPermissionEnum.DATA_SCOPE_ALL.getType();
-            //检查指定的角色项
-            String roleKey = dataScope.roleKey();
-            if (useRoles != null && !useRoles.isEmpty()) {
-                if (!"".equals(roleKey)) {
-                    List<LoginRole> roles = useRoles.stream().filter(r -> roleKey.equals(r.getRoleKey())).collect(Collectors.toList());
-                    if (roles != null && !roles.isEmpty()) {
-                        roleId = roles.get(0).getRoleId();
-                        scope = roles.get(0).getDataScope();
-                    }
-                }
-                if (roleId == null) {
-                    List<LoginRole> roles = useRoles.stream().sorted(Comparator.comparing(LoginRole::getDataScope)).collect(Collectors.toList());
-                    roleId = roles.get(0).getRoleId();
-                    scope = roles.get(0).getDataScope();
-                }
-            }
-            // 如果是超级管理员，则不过滤数据
-            if (!loginUser.isAdmin()) {
-                if (scope == null || DataPermissionEnum.DATA_SCOPE_ALL.getType() == scope) {
-                    log.info("【数据权限】 所有权限或未分配，不处理");
-                } else if (DataPermissionEnum.DATA_SCOPE_DEPT.getType() == scope) {
-                    log.info("【数据权限】 部门权限，查本部门数据");
-                    SysDeptUser deptUser = getDeptUser(session, loginUser);
-                    List<Long> userIds = getPermissionUserIds(deptUser,Boolean.FALSE);
-                    originalSql = sqlHandle(originalSql, dataScope, loginUser, Boolean.TRUE, userIds);
-                } else if (DataPermissionEnum.DATA_SCOPE_DEPT_AND_CHILD.getType() == scope) {
-                    log.info("【数据权限】 部门及子部门权限，查本部门及下属部门数据");
-                    SysDeptUser deptUser = getDeptUser(session, loginUser);
-                    List<Long> userIds = getPermissionUserIds(deptUser,Boolean.TRUE);
-                    originalSql = sqlHandle(originalSql, dataScope, loginUser, Boolean.TRUE, userIds);
-                } else if (DataPermissionEnum.DATA_SCOPE_SELF.getType() == scope) {
-                    log.info("【数据权限】 个人权限，只可查个人创建的数据");
-                    originalSql = sqlHandle(originalSql, dataScope, loginUser, Boolean.FALSE, null);
-                } else if (DataPermissionEnum.DATA_SCOPE_CUSTOM.getType() == scope) {
-                    log.info("【数据权限】 自定义，查自定义指定的部分数据");
-                    List<Long> userIds = getCustomRoleUserIds(session, loginUser.getToken(), roleId);
-                    originalSql = sqlHandle(originalSql, dataScope, loginUser, Boolean.TRUE, userIds);
-                }
-            }
-            session.removeAttribute(key);
-        }
-        mpBs.sql(originalSql);
-        long endTime = System.currentTimeMillis();
-        long executionTime = (endTime - startTime) / 1000;
-        log.info("beforeQuery end,endTime:{},takes about {} seconds",endTime,executionTime);
-    }
-
-    private DataPermission getDataPermission(MappedStatement ms) {
-        DataPermission dataAuth = null;
-        String id = ms.getId();
-        try {
-            String className = id.substring(0, id.lastIndexOf("."));
-            String methodName = id.substring(id.lastIndexOf(".") + 1);
-            final Class<?> cls = Class.forName(className);
-            final Method[] methods = cls.getMethods();
-            for (Method method : methods) {
-                if (method.getName().equals(methodName) && method.isAnnotationPresent(DataPermission.class)) {
-                    dataAuth = method.getAnnotation(DataPermission.class);
-                    break;
-                }
-            }
-            return dataAuth;
-        } catch (Exception e) {
-            log.info("【数据权限】 获取权限注解异常，异常信息:",e);
-        }
-        return null;
-    }
-
-    /**
-     * 拼装本部门/本部门及以下 对应用户id
-     * @param deptUser
-     * @param needChildDept
-     * @return
-     */
-    private List<Long> getPermissionUserIds(SysDeptUser deptUser, Boolean needChildDept) {
-        List<Long> userIds = deptUser.getDeptUserIds();
-        if (needChildDept != null && needChildDept) {
-            SysDeptUser childUsers = deptUser.getChildDeptUser();
-            if (childUsers != null) {
-                userIds.addAll(childUsers.getDeptUserIds());
-            }
-        }
-        return userIds;
-    }
-
-    /**
-     * sql处理
-     * @param originalSql
-     * @param dataScope
-     * @param userIds
-     * @return
-     */
-    private String sqlHandle(String originalSql, DataPermission dataScope, LoginModel loginUser, boolean isMulti, List<Long> userIds) {
-        long startTime = System.currentTimeMillis();
-        log.info("sqlHandle starting.........,startTime:{}",startTime);
-        String fieldSql = dataScope.field();
-        if(!"".equals(dataScope.tableAlias()) && !"*".equals(dataScope.tableAlias())){
-            fieldSql = dataScope.tableAlias()+"."+fieldSql;
-        }
-        StringBuilder buffer = new StringBuilder();
-        if (isMulti) {
-            //处理拼接的sql
-            if (userIds != null && !userIds.isEmpty()) {
-                buffer.append(fieldSql + " in(");
-                for (Long id : userIds) {
-                    if (buffer.toString().endsWith("(")) {
-                        buffer.append(id);
-                    } else {
-                        buffer.append(", " + id);
-                    }
-                }
-                buffer.append(")");
-            }
-        } else {
-            buffer.append(fieldSql+" = "+loginUser.getUserId());
-        }
-
-        long endTime = System.currentTimeMillis();
-        long executionTime = (endTime - startTime) / 1000;
-
-        String  result = makeSqlQuery(dataScope.tableAlias(), originalSql, buffer.toString());
-        log.info("sqlHandle  end,endTime:{},takes about {} seconds",endTime,executionTime);
-        return result;
-    }
-
-    /**
-     * 数据权限SQL拼接处理
-     *
-     * @param originalSql
-     * @param injectSql
-     * @return
-     */
-    private String makeSqlQuery(String tableAlias, String originalSql, String injectSql) {
-        if (StringUtils.isNotEmpty(injectSql)) {
-            if (!originalSql.contains("1=1") && !originalSql.contains("1 = 1") && StringUtils.isEmpty(tableAlias)) {
-                if (!originalSql.toUpperCase().contains(" WHERE ")) {
-                    if (originalSql.toUpperCase().contains(" ORDER BY")) {
-                        return originalSql.toUpperCase().replace("ORDER", "WHERE " + injectSql + " ORDER");
-                    } else if (originalSql.toUpperCase().contains(" GROUP BY")) {
-                        return originalSql.toUpperCase().replace("GROUP", "WHERE " + injectSql + " GROUP");
-                    } else {
-                        return String.format("%s WHERE %s", originalSql, injectSql);
-                    }
-                } else {
-                    if (originalSql.toUpperCase().contains(" ORDER BY")) {
-                        return originalSql.toUpperCase().replace("ORDER", "AND " + injectSql + " ORDER");
-                    } else if (originalSql.toUpperCase().contains(" GROUP BY")) {
-                        return originalSql.toUpperCase().replace("GROUP", "AND " + injectSql + " GROUP");
-                    } else if (originalSql.toUpperCase().contains(" LIMIT")) {
-                        return originalSql.toUpperCase().replace("LIMIT", "AND " + injectSql + " LIMIT");
-                    } else {
-                        return String.format("%s AND %s", originalSql, injectSql);
-                    }
-                }
-            } else {
-                if (originalSql.contains("1=1") && originalSql.contains(" " + tableAlias + ".")) {
-                    return originalSql.replace("1=1", injectSql);
-                }
-                if (originalSql.contains("1 = 1") && originalSql.contains(" " + tableAlias + ".")) {
-                    return originalSql.replace("1 = 1", injectSql);
-                }
-                if ((originalSql.contains("1=1") || originalSql.contains("1 = 1")) && tableAlias.equals("*")) {
-                    originalSql = originalSql.replace("1=1", injectSql);
-                    return originalSql.replace("1 = 1", injectSql);
-                }
-                return originalSql;
-            }
-        }
-        return originalSql;
-    }
-
-    /**
-     * 权限注解
-     * @param strap
-     * @param loginUser
-     * @param session
-     * @return
-     */
-    private Map<String, DataPermission> getDataPermissionBySession(long strap, LoginModel loginUser, HttpSession session){
-        Map<String, DataPermission> map = new HashMap<>();
-        for (int i=0;i<10;i++) {
-            String key = loginUser.getToken()+"_"+strap+"_"+loginUser.getUserId();
-            DataPermission permission = (DataPermission) session.getAttribute(key);
-            if (permission != null) {
-                map.put(key, permission);
-                return map;
-            }
-            strap = strap + 100;
-        }
-        return map;
-    }
-
-    /**
-     * 部门/部门及以下用户权限实体
-     * @param session
-     * @param loginUser
-     * @return
-     */
-    private SysDeptUser getDeptUser(HttpSession session, LoginModel loginUser) {
-        String deptKey = loginUser.getToken() + "_" + loginUser.getDeptId();
-        return (SysDeptUser) session.getAttribute(deptKey);
-    }
-
-    /**
-     * 自定义数据权限角色用户
-     * @param session
-     * @param token
-     * @param roleId
-     * @return
-     */
-    private List<Long> getCustomRoleUserIds(HttpSession session, String token, Long roleId) {
-        String key = token + "_" + roleId;
-        return (List<Long>) session.getAttribute(key);
-    }
-}

zd-modules/zd-security/src/main/java/com/zd/security/config/MybatisPlusConfig.java

@@ -33,12 +33,5 @@ public class MybatisPlusConfig {
         return new AutoFillHandler();
     }
 
-    /**
-     * 数据权限插件
-     *
-     * @return DataScopeInterceptor
-     */
-    public DataScopeInterceptor dataScopeInterceptor() {
-        return new DataScopeInterceptor();
-    }
+
 }

zd-modules/zd-security/src/main/java/com/zd/security/controller/CheckClapController.java

@@ -21,6 +21,8 @@ import com.zd.security.api.vo.CheckClapVo;
 import com.zd.security.entity.CheckClap;
 import com.zd.security.entity.CheckStaffUser;
 import com.zd.security.entity.Upload;
+import com.zd.security.scope.DataPermission;
+import com.zd.security.scope.DataPermissionAspect;
 import com.zd.security.service.CheckClapService;
 import com.zd.security.service.CheckStaffUserService;
 import com.zd.security.service.UploadService;
@@ -52,9 +54,6 @@ import java.util.stream.Collectors;
 @RequestMapping("/checkClap")
 public class CheckClapController  extends AbstractController {
 
-    //创建锁
-    private Lock lock = new ReentrantLock();
-
     @Autowired
     private CheckClapService checkClapService;
 
@@ -80,16 +79,15 @@ public class CheckClapController  extends AbstractController {
      */
 
 //    @DataPermission(tableAlias = "",  permissionStr = PerPrefix.SECURITY_CLAP)
+    @DataPermission(roleKey="rectifyGentle")
     @PreAuthorize(hasPermi = PerPrefix.SECURITY_CLAP + PerFun.LIST)
     @GetMapping(value = "/list")
     public ResultData list(CheckClapBo checkClapBo) {
-        Page <CheckClapVo> page;
-        lock.lock();
-        try {
-            page = checkClapService.selCheckClapList(checkClapBo);
-        }finally {
-            lock.unlock();
-        }
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkClapBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
+        Page <CheckClapVo> page = checkClapService.selCheckClapList(checkClapBo);
         return ResultData.success(page);
     }
 
@@ -99,8 +97,13 @@ public class CheckClapController  extends AbstractController {
      * @param checkClapBo
      * @return
      */
+    @DataPermission(roleKey="rectifyGentle")
     @GetMapping(value = "/appList")
     public ResultData appList(CheckClapBo checkClapBo) {
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkClapBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
         checkClapBo.setMyRelated(1);
         Page <CheckClapVo> page = checkClapService.selCheckClapList(checkClapBo);
         Optional.ofNullable(page.getRecords()).orElseGet(Collections::emptyList)

zd-modules/zd-security/src/main/java/com/zd/security/controller/CheckHazardController.java

@@ -21,6 +21,7 @@ import com.zd.security.api.vo.CheckManageVo;
 import com.zd.security.api.vo.CheckRectifyApplyVo;
 import com.zd.security.entity.*;
 import com.zd.security.scope.DataPermission;
+import com.zd.security.scope.DataPermissionAspect;
 import com.zd.security.service.*;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -29,8 +30,6 @@ import org.springframework.web.bind.annotation.*;
 import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
-import java.util.concurrent.locks.Lock;
-import java.util.concurrent.locks.ReentrantLock;
 import java.util.function.Function;
 import java.util.stream.Collectors;
 
@@ -46,9 +45,6 @@ import java.util.stream.Collectors;
 @RequestMapping("/checkHazard")
 public class CheckHazardController extends AbstractController {
 
-    //创建锁
-    private Lock lock = new ReentrantLock();
-
     @Autowired
     private CheckHazardService checkHazardService;
 
@@ -64,10 +60,6 @@ public class CheckHazardController extends AbstractController {
     @Autowired
     private FileConfigUtils fileConfigUtils;
 
-
-    @Autowired
-    private CheckOptionService checkOptionService;
-
     @Autowired
     private CheckStaffUserService checkStaffUserService;
 
@@ -118,10 +110,14 @@ public class CheckHazardController extends AbstractController {
      * @param checkHazardBo
      * @return
      */
-    @DataPermission(tableAlias = "m")
+    @DataPermission()
     @PreAuthorize(hasPermi = PerPrefix.SECURITY_CHECKHAZARD + PerFun.LIST)
     @GetMapping(value = "/list")
     public ResultData list(CheckHazardBo checkHazardBo) {
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkHazardBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
         Page <CheckHazardVo> page = checkHazardService.checkHazardList(checkHazardBo);
         return ResultData.success(page);
     }
@@ -132,16 +128,15 @@ public class CheckHazardController extends AbstractController {
      * @param checkHazardBo
      * @return
      */
+    @DataPermission()
     @PreAuthorize(hasPermi = PerPrefix.SECURITY_CHECKHAZARD + PerFun.LIST)
     @GetMapping(value = "/overList")
     public ResultData overList(CheckHazardBo checkHazardBo) {
-        Page <CheckHazardVo> page;
-        lock.lock();
-        try {
-            page = checkHazardService.overList(checkHazardBo);
-        }finally {
-            lock.unlock();
-        }
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkHazardBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
+        Page <CheckHazardVo> page = checkHazardService.overList(checkHazardBo);
         return ResultData.success(page);
     }
 
@@ -150,16 +145,15 @@ public class CheckHazardController extends AbstractController {
      * @param checkHazardBo
      * @return
      */
+    @DataPermission(roleKey="rectifyGentle")
     @PreAuthorize(hasPermi = PerPrefix.SECURITY_CHECKHAZARD + PerFun.LIST)
     @GetMapping(value = "/rectifyList")
     public ResultData rectifyList(CheckHazardBo checkHazardBo) {
-        Page <CheckHazardVo> page;
-        lock.lock();
-        try {
-            page = checkHazardService.rectifyList(checkHazardBo);
-        }finally {
-            lock.unlock();
-        }
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkHazardBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
+        Page <CheckHazardVo> page = checkHazardService.rectifyList(checkHazardBo);
         return ResultData.success(page);
     }
 
@@ -168,16 +162,15 @@ public class CheckHazardController extends AbstractController {
      * @param checkHazardBo
      * @return
      */
+    @DataPermission(roleKey="checkGentle")
     @PreAuthorize(hasPermi = PerPrefix.SECURITY_CHECKHAZARD + PerFun.LIST)
     @GetMapping(value = "/recheckList")
     public ResultData recheckList(CheckHazardBo checkHazardBo) {
-        Page <CheckHazardVo> page;
-        lock.lock();
-        try {
-            page = checkHazardService.recheckList(checkHazardBo);
-        }finally {
-            lock.unlock();
-        }
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkHazardBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
+        Page <CheckHazardVo> page = checkHazardService.recheckList(checkHazardBo);
         return ResultData.success(page);
     }
 
@@ -186,8 +179,13 @@ public class CheckHazardController extends AbstractController {
      * @param checkHazardBo
      * @return
      */
+    @DataPermission()
     @GetMapping(value = "/appHazardList")
     public ResultData appHazardList(CheckHazardBo checkHazardBo) {
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkHazardBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
         Page <CheckHazardVo> page = checkHazardService.checkHazardList(checkHazardBo);
         return ResultData.success(page);
     }
@@ -503,17 +501,15 @@ public class CheckHazardController extends AbstractController {
      * @param checkHazardBo
      * @return
      */
-
+    @DataPermission()
     @PreAuthorize(hasPermi = PerPrefix.SECURITY_CHECKHAZARD + PerFun.LIST)
     @GetMapping(value = "/unableRectifyList")
     public ResultData unableRectifyList(CheckHazardBo checkHazardBo) {
-        Page <CheckHazardVo> page;
-        lock.lock();
-        try {
-            page = checkHazardService.unableRectifyList(checkHazardBo);
-        }finally {
-            lock.unlock();
-        }
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkHazardBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
+        Page <CheckHazardVo> page = checkHazardService.unableRectifyList(checkHazardBo);;
         return ResultData.success(page);
     }
 

zd-modules/zd-security/src/main/java/com/zd/security/controller/CheckRectifyController.java

@@ -18,6 +18,8 @@ import com.zd.security.entity.CheckHazard;
 import com.zd.security.entity.CheckManage;
 import com.zd.security.entity.CheckRectify;
 import com.zd.security.entity.CheckStaffUser;
+import com.zd.security.scope.DataPermission;
+import com.zd.security.scope.DataPermissionAspect;
 import com.zd.security.service.*;
 import com.zd.security.service.impl.WordService;
 import io.swagger.annotations.ApiOperation;
@@ -47,9 +49,6 @@ import java.util.concurrent.locks.ReentrantLock;
 @RequestMapping("/checkRectify")
 public class CheckRectifyController  extends AbstractController {
 
-    //创建锁
-    private Lock lock = new ReentrantLock();
-
     @Autowired
     private CheckHazardService checkHazardService;
 
@@ -261,16 +260,15 @@ public class CheckRectifyController  extends AbstractController {
      * @param checkRectifyBo
      * @return
      */
+    @DataPermission(roleKey="checkGentle")
     @PreAuthorize(hasPermi = PerPrefix.SECURITY_RECTIFY + PerFun.LIST)
     @GetMapping(value = "/list")
     public ResultData list(CheckRectifyBo checkRectifyBo) {
-        Page <CheckRectifyVo> page;
-        lock.lock();
-        try {
-            page = checkRectifyService.selCheckRectifyList(checkRectifyBo);
-        }finally {
-            lock.unlock();
-        }
+        //参数检查
+        List<Long> userList = DataPermissionAspect.threadLocal.get(); // 获取数据
+        checkRectifyBo.setUserList(userList);
+        DataPermissionAspect.threadLocal.remove();
+        Page <CheckRectifyVo> page = checkRectifyService.selCheckRectifyList(checkRectifyBo);
         return ResultData.success(page);
     }
 

zd-modules/zd-security/src/main/java/com/zd/security/controller/TestController.java

@@ -27,7 +27,6 @@ public class TestController extends AbstractController {
     private CheckTestService checkTestService;
 
 
-    @DataPermission(tableAlias = "m")
     @Log(title = "安全服务-测试添加", businessType = BusinessType.INSERT)
     @GetMapping(value = "/perms1")
     public ResultData perms1(String str) {
@@ -89,7 +88,7 @@ public class TestController extends AbstractController {
      * @param id
      * @return
      */
-    @DataPermission(tableAlias = "")
+    @DataPermission()
     @GetMapping(value = "/findById")
     public ResultData findById(Long id) {
         CheckTest checkTest = checkTestService.getById(id);
@@ -101,7 +100,7 @@ public class TestController extends AbstractController {
      * @param testBo
      * @return
      */
-    @DataPermission(tableAlias = "")
+    @DataPermission()
     @PostMapping(value = "/list")
     public ResultData list(@RequestBody CheckTestBo testBo) {
         //查询条件
@@ -125,7 +124,7 @@ public class TestController extends AbstractController {
         return ResultData.success(result);
     }
 
-    @DataPermission(tableAlias = "", field = "")
+    @DataPermission()
     @PostMapping(value = "/page")
     public ResultData page(@RequestBody CheckTestBo testBo) {
         //查询条件

zd-modules/zd-security/src/main/java/com/zd/security/service/impl/CheckClapServiceImpl.java

@@ -10,7 +10,6 @@ import com.zd.security.api.bo.CheckClapBo;
 import com.zd.security.api.vo.CheckClapVo;
 import com.zd.security.entity.CheckClap;
 import com.zd.security.mapper.CheckClapMapper;
-import com.zd.security.scope.DataPermission;
 import com.zd.security.service.CheckClapService;
 import com.zd.system.api.feign.RemoteDeptService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -39,7 +38,6 @@ public class CheckClapServiceImpl extends ServiceImpl<CheckClapMapper, CheckClap
     private CheckClapMapper checkClapMapper;
 
     @Override
-    @DataPermission(tableAlias = "cc", roleKey="rectifyGentle")
     public Page <CheckClapVo> selCheckClapList(CheckClapBo checkClapBo) {
         Page<CheckClapVo> page = new Page <>(checkClapBo.getPageNum(),checkClapBo.getPageSize());
         ResultData <List <SysDept>> resultData = remoteDeptService.getDeptListBySubset(tokenService.getLoginUser().getDeptId());

zd-modules/zd-security/src/main/java/com/zd/security/service/impl/CheckHazardServiceImpl.java

@@ -173,7 +173,6 @@ public class CheckHazardServiceImpl extends ServiceImpl<CheckHazardMapper, Check
     }
 
     @Override
-    @DataPermission(tableAlias = "m", roleKey="rectifyGentle")
     public Page <CheckHazardVo> rectifyList(CheckHazardBo checkHazardBo) {
         Page<CheckHazardVo> page = new Page <>(checkHazardBo.getPageNum(),checkHazardBo.getPageSize());
         checkHazardBo.setNewDeptId(tokenService.getLoginUser().getDeptId());
@@ -182,7 +181,6 @@ public class CheckHazardServiceImpl extends ServiceImpl<CheckHazardMapper, Check
     }
 
     @Override
-    @DataPermission(tableAlias = "m", roleKey="checkGentle")
     public Page <CheckHazardVo> recheckList(CheckHazardBo checkHazardBo) {
         Page<CheckHazardVo> page = new Page <>(checkHazardBo.getPageNum(),checkHazardBo.getPageSize());
         checkHazardBo.setNewDeptId(tokenService.getLoginUser().getDeptId());
@@ -191,7 +189,6 @@ public class CheckHazardServiceImpl extends ServiceImpl<CheckHazardMapper, Check
     }
 
     @Override
-    @DataPermission(tableAlias = "m")
     public Page <CheckHazardVo> overList(CheckHazardBo checkHazardBo) {
         Page<CheckHazardVo> page = new Page <>(checkHazardBo.getPageNum(),checkHazardBo.getPageSize());
         checkHazardBo.setNewDeptId(tokenService.getLoginUser().getDeptId());
@@ -337,7 +334,6 @@ public class CheckHazardServiceImpl extends ServiceImpl<CheckHazardMapper, Check
     }
 
     @Override
-    @DataPermission(tableAlias = "m")
     public Page <CheckHazardVo> unableRectifyList(CheckHazardBo checkHazardBo) {
         Page<CheckHazardVo> page = new Page <>(checkHazardBo.getPageNum(),checkHazardBo.getPageSize());
         checkHazardBo.setNewDeptId(tokenService.getLoginUser().getDeptId());

zd-modules/zd-security/src/main/java/com/zd/security/service/impl/CheckRectifyServiceImpl.java

@@ -75,7 +75,6 @@ public class CheckRectifyServiceImpl extends ServiceImpl<CheckRectifyMapper, Che
     private TokenService tokenService;
 
     @Override
-    @DataPermission(tableAlias = "cm", roleKey="checkGentle")
     public Page <CheckRectifyVo> selCheckRectifyList(CheckRectifyBo checkRectifyBo) {
         Page<CheckRectifyVo> page = new Page <>(checkRectifyBo.getPageNum(),checkRectifyBo.getPageSize());
         ResultData<List<SysDept>> resultData = remoteDeptService.getDeptListBySubset(tokenService.getLoginUser().getDeptId());

zd-modules/zd-security/src/main/resources/mapper/CheckClapMapper.xml

@@ -43,7 +43,10 @@
             </if>
             <if test="checkClapBo.myRelated != 1">
                 cc.create_by = #{checkClapBo.createBy} or find_in_set(#{checkClapBo.createBy} ,cc.can_rectify_ids)
-                or 1=1
+                <if test="checkClapBo.userList!=null and checkClapBo.userList.size > 0">
+                    or cc.create_by IN
+                    <foreach item="item" collection="checkClapBo.userList" separator="," open="(" close=")" index="">'${item}'</foreach>
+                </if>
             </if>
             <!--or (-->
             <!--<if test="checkClapBo.sysDeptList !=null and checkClapBo.sysDeptList.size > 0">-->

zd-modules/zd-security/src/main/resources/mapper/CheckHazardMapper.xml

@@ -77,7 +77,10 @@
                         sec_check_member cm where cm.user_id = #{checkHazardBo.createBy})
                         OR m.`sub_id` in(select csu.sub_id from sec_check_staff_user csu where csu.`user_id` =
                         #{checkHazardBo.createBy} and csu.staff_type = 2)
-                        or 1=1
+                        <if test="checkHazardBo.userList!=null and checkHazardBo.userList.size > 0">
+                            or m.create_by IN
+                            <foreach item="item" collection="checkHazardBo.userList" separator="," open="(" close=")" index="">'${item}'</foreach>
+                        </if>
                     </if>
                     <!--or (-->
                     <!--<if test="checkHazardBo.sysDeptList !=null and checkHazardBo.sysDeptList.size > 0">-->
@@ -102,7 +105,10 @@
                         m.create_by = #{checkHazardBo.createBy}
                         OR m.`sub_id` in(select csu.sub_id from sec_check_staff_user csu where csu.`user_id` =
                         #{checkHazardBo.createBy})
-                        or 1=1
+                        <if test="checkHazardBo.userList!=null and checkHazardBo.userList.size > 0">
+                            or m.create_by IN
+                            <foreach item="item" collection="checkHazardBo.userList" separator="," open="(" close=")" index="">'${item}'</foreach>
+                        </if>
                     </if>
                     <!--or (-->
                     <!--<if test="checkHazardBo.sysDeptList !=null and checkHazardBo.sysDeptList.size > 0">-->

zd-modules/zd-security/src/main/resources/mapper/CheckRectifyMapper.xml

@@ -60,7 +60,10 @@
                 <if test="checkRectifyBo.myRelated != 1">
                     cm.create_by = #{checkRectifyBo.createBy} OR cm.`check_plan_id` in (SELECT cm.`check_plan_id` FROM sec_check_member cm where cm.user_id = #{checkRectifyBo.createBy})
                     OR cm.`sub_id` in(select csu.sub_id from sec_check_staff_user csu where csu.`user_id` = #{checkRectifyBo.createBy})
-                    or 1=1
+                    <if test="checkRectifyBo.userList!=null and checkRectifyBo.userList.size > 0">
+                        or cm.create_by IN
+                        <foreach item="item" collection="checkRectifyBo.userList" separator="," open="(" close=")" index="">'${item}'</foreach>
+                    </if>
                 </if>
                 <!--or (-->
                 <!--<if test="checkRectifyBo.sysDeptList !=null and checkRectifyBo.sysDeptList.size > 0">-->