springboot权限验证学习-下资源-CSDN文库

共45个文件

java：23个

xml：13个

meta：5个

spring

boot

spring

boot

51 浏览量 2024-04-28 14:10:31 上传评论收藏 41KB ZIP 举报

资源推荐

资源详情

资源评论

收起资源包目录

auth.zip （45个子文件）

auth

sql语句.sql 6KB

pom.xml 756B

stu01

pom.xml 2KB

src

test

java

com

wujialiang

auth

AppTest.java 685B

main

resources

mapper

UserMapper.xml 381B

ResouceMapper.xml 881B

DataMapper.xml 337B

application.yml 357B

java

com

wujialiang

auth

mapper

ResouceMapper.java 601B

UserMapper.java 566B

DataMapper.java 438B

annotation

Auth.java 497B

controller

UserTestConroller.java 838B

UserController.java 3KB

context

UserContext.java 459B

component

ApplicationStartup.java 4KB

service

UserService.java 2KB

App.java 1KB

entity

RoleResource.java 155B

UserRole.java 147B

Role.java 140B

Resource.java 193B

User.java 177B

Data.java 178B

util

JwtUtil.java 2KB

config

MybatisPlusConfig.java 1KB

interceptor

LoginInterceptor.java 2KB

DataInterceptor.java 5KB

AuthInterceptor.java 3KB

MyPaginationInterceptor.java 4KB

.idea

jarRepositories.xml 1KB

dataSources

1cf73eb7-b065-402b-a250-3d62207e80dd

storage_v2

_src_

schema

performance_schema.kIw0nw.meta 76B

javaauth01.SyKL7Q.meta 65B

sys.zb4BAA.meta 61B

information_schema.FNRwLQ.meta 76B

mysql.osA4Bg.meta 63B

1cf73eb7-b065-402b-a250-3d62207e80dd.xml 35KB

dataSources.local.xml 1010B

workspace.xml 5KB

misc.xml 609B

dataSources.xml 866B

compiler.xml 771B

.gitignore 184B

encodings.xml 426B

.gitignore 490B

package com.wujialiang.auth.interceptor; import com.baomidou.mybatisplus.core.toolkit.PluginUtils; import com.wujialiang.auth.context.UserContext; import lombok.extern.slf4j.Slf4j; import net.sf.jsqlparser.JSQLParserException; import net.sf.jsqlparser.expression.*; import net.sf.jsqlparser.expression.operators.conditional.AndExpression; import net.sf.jsqlparser.expression.operators.relational.EqualsTo; import net.sf.jsqlparser.parser.CCJSqlParserUtil; import net.sf.jsqlparser.schema.Column; import net.sf.jsqlparser.schema.Table; import net.sf.jsqlparser.statement.Statement; import net.sf.jsqlparser.statement.select.*; import org.apache.ibatis.executor.statement.StatementHandler; import org.apache.ibatis.mapping.MappedStatement; import org.apache.ibatis.plugin.Interceptor; import org.apache.ibatis.plugin.Intercepts; import org.apache.ibatis.plugin.Invocation; import org.apache.ibatis.plugin.Signature; import org.apache.ibatis.reflection.MetaObject; import org.apache.ibatis.reflection.SystemMetaObject; import org.springframework.core.annotation.Order; import java.sql.Connection; import java.util.ArrayList; import java.util.List; /** * 原生mybatis拦截方式，如果用该类拦截SQL，需要注意和分页插件的顺序 * * @author RudeCrab */ @Slf4j //@Component @Order(value = 1000) @Intercepts({@Signature(type = StatementHandler.class, method = "prepare", args = {Connection.class, Integer.class})}) public class DataInterceptor implements Interceptor { @Override public Object intercept(Invocation invocation) throws Throwable { // 拿到mybatis的一些对象,等下要操作 StatementHandler statementHandler = PluginUtils.realTarget(invocation.getTarget()); MetaObject metaObject = SystemMetaObject.forObject(statementHandler); MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement"); // id为执行的mapper方法的全路径名，如com.rudecrab.mapper.UserMapper.insertUser String id = mappedStatement.getId(); log.info("mapper: ==> {}", id); // 如果不是指定的方法，直接结束拦截 // 如果方法多可以存到一个集合里，然后判断当前拦截的是否存在集合中 if (!"com.wujialiang.auth.mapper.DataMapper.getAllDatas".equals(id)) { return invocation.proceed(); } // 获取到原始sql语句 String sql = statementHandler.getBoundSql().getSql(); log.info("原始SQL语句： ==> {}", sql); sql = getSql(sql); // 修改sql metaObject.setValue("delegate.boundSql.sql", sql); log.info("拦截后SQL语句：==>{}", sql); return invocation.proceed(); } /** * 解析SQL语句，并返回新的SQL语句 * @param sql 原SQL * @return 新SQL */ private String getSql(String sql) { try { // 解析语句 Statement stmt = CCJSqlParserUtil.parse(sql); Select selectStatement = (Select) stmt; PlainSelect ps = (PlainSelect) selectStatement.getSelectBody(); // 拿到表信息 FromItem fromItem = ps.getFromItem(); Table table = (Table) fromItem; String mainTable = table.getAlias() == null ? table.getName() : table.getAlias().getName(); List<Join> joins = ps.getJoins(); if (joins == null) { joins = new ArrayList<>(1); } // 创建连表join条件 Join join = new Join(); join.setInner(true); join.setRightItem(new Table("user_company uc")); // 第一个：两表通过company_id连接 EqualsTo joinExpression = new EqualsTo(); joinExpression.setLeftExpression(new Column(mainTable + ".company_id")); joinExpression.setRightExpression(new Column("uc.company_id")); // 第二个条件：和当前登录用户id匹配 EqualsTo userIdExpression = new EqualsTo(); userIdExpression.setLeftExpression(new Column("uc.user_id")); //并没有UserContext.getCurrentUserName()，所以先写死 userIdExpression.setRightExpression(new LongValue("1")); //userIdExpression.setRightExpression(new LongValue(UserContext.getCurrentUserName())); //userIdExpression.setRightExpression(new StringValue(UserContext.getCurrentUserName())); // 将两个条件拼接起来 join.setOnExpression(new AndExpression(joinExpression, userIdExpression)); joins.add(join); ps.setJoins(joins); // 修改原语句 sql = ps.toString(); } catch (JSQLParserException e) { e.printStackTrace(); } return sql; } }

评论收藏

内容反馈