| | |
|---|
| | | import org.aspectj.lang.annotation.Pointcut;
|
|---|
| | | import org.aspectj.lang.reflect.MethodSignature;
|
|---|
| | | import org.springframework.stereotype.Component;
|
|---|
| | | import com.ruoyi.common.utils.ServletUtils;
|
|---|
| | | import com.ruoyi.common.utils.SecurityUtils;
|
|---|
| | | import com.ruoyi.common.utils.StringUtils;
|
|---|
| | | import com.ruoyi.common.utils.spring.SpringUtils;
|
|---|
| | | import com.ruoyi.framework.aspectj.lang.annotation.DataScope;
|
|---|
| | | import com.ruoyi.framework.security.LoginUser;
|
|---|
| | | import com.ruoyi.framework.security.service.TokenService;
|
|---|
| | | import com.ruoyi.framework.web.domain.BaseEntity;
|
|---|
| | | import com.ruoyi.project.system.domain.SysRole;
|
|---|
| | | import com.ruoyi.project.system.domain.SysUser;
|
|---|
| | |
|---|
| | | @Before("dataScopePointCut()")
|
|---|
| | | public void doBefore(JoinPoint point) throws Throwable
|
|---|
| | | {
|
|---|
| | | clearDataScope(point);
|
|---|
| | | handleDataScope(point);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | |
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | | // 获取当前的用户
|
|---|
| | | LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest());
|
|---|
| | | LoginUser loginUser = SecurityUtils.getLoginUser();
|
|---|
| | | if (StringUtils.isNotNull(loginUser))
|
|---|
| | | {
|
|---|
| | | SysUser currentUser = loginUser.getUser();
|
|---|
| | |
|---|
| | | }
|
|---|
| | | return null;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * 拼接权限sql前先清空params.dataScope参数防止注入
|
|---|
| | | */
|
|---|
| | | private void clearDataScope(final JoinPoint joinPoint)
|
|---|
| | | {
|
|---|
| | | Object params = joinPoint.getArgs()[0];
|
|---|
| | | if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
|
|---|
| | | {
|
|---|
| | | BaseEntity baseEntity = (BaseEntity) params;
|
|---|
| | | baseEntity.getParams().put(DATA_SCOPE, "");
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | }
|
|---|
