From 291d18bba71dcb2f30780838077bc2e08c588813 Mon Sep 17 00:00:00 2001 From: ranke <213539@qq.com> Date: Mon, 19 Jan 2026 09:43:01 +0800 Subject: [PATCH] =?UTF-8?q?userId=E6=94=B9=E4=B8=BA=20workcode=20,=20?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E7=9A=84?= =?UTF-8?q?=E9=97=AE=E9=A2=98.=20=20http://172.16.46.63:31560/index.php=3F?= =?UTF-8?q?m=3Dtask&f=3Dview&taskID=3D715?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../rule/dept/DeptDataPermissionRule.java | 29 ++++++++++++++++--- .../core/handler/DefaultDBFieldHandler.java | 7 +++-- .../framework/security/core/LoginUser.java | 3 ++ .../core/util/SecurityFrameworkUtils.java | 14 +++++++++ .../oauth2/OAuth2TokenServiceImpl.java | 1 + 5 files changed, 48 insertions(+), 6 deletions(-) diff --git a/zt-framework/zt-spring-boot-starter-biz-data-permission/src/main/java/com/zt/plat/framework/datapermission/core/rule/dept/DeptDataPermissionRule.java b/zt-framework/zt-spring-boot-starter-biz-data-permission/src/main/java/com/zt/plat/framework/datapermission/core/rule/dept/DeptDataPermissionRule.java index ea4a8a93..4a4befdb 100644 --- a/zt-framework/zt-spring-boot-starter-biz-data-permission/src/main/java/com/zt/plat/framework/datapermission/core/rule/dept/DeptDataPermissionRule.java +++ b/zt-framework/zt-spring-boot-starter-biz-data-permission/src/main/java/com/zt/plat/framework/datapermission/core/rule/dept/DeptDataPermissionRule.java @@ -18,19 +18,24 @@ import com.zt.plat.framework.tenant.core.context.CompanyContextHolder; import com.zt.plat.framework.tenant.core.context.DeptContextHolder; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; +import net.sf.jsqlparser.JSQLParserException; import net.sf.jsqlparser.expression.Alias; import net.sf.jsqlparser.expression.Expression; import net.sf.jsqlparser.expression.LongValue; import net.sf.jsqlparser.expression.NullValue; +import net.sf.jsqlparser.expression.StringValue; import net.sf.jsqlparser.expression.operators.conditional.AndExpression; import net.sf.jsqlparser.expression.operators.conditional.OrExpression; import net.sf.jsqlparser.expression.operators.relational.*; +import net.sf.jsqlparser.parser.CCJSqlParserUtil; import net.sf.jsqlparser.schema.Column; import net.sf.jsqlparser.schema.Table; import net.sf.jsqlparser.statement.select.ParenthesedSelect; import net.sf.jsqlparser.statement.select.PlainSelect; import net.sf.jsqlparser.statement.select.SelectItem; +import org.apache.commons.lang3.StringUtils; +import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Map; @@ -67,7 +72,16 @@ public class DeptDataPermissionRule implements DataPermissionRule { private static final String DEPT_COLUMN_NAME = "dept_id"; private static final String USER_COLUMN_NAME = "user_id"; - static final Expression EXPRESSION_NULL = new NullValue(); + static final Expression EXPRESSION_NULL; + + static { + try { + EXPRESSION_NULL = CCJSqlParserUtil.parseCondExpression("1 = 0"); + } catch (JSQLParserException e) { + throw new RuntimeException(e); + } + } + public static final String SYSTEM_USERS = "system_users"; private final PermissionCommonApi permissionApi; @@ -177,7 +191,9 @@ public class DeptDataPermissionRule implements DataPermissionRule { // 情况三,拼接 Dept 和 Company User 的条件,最后组合 Expression deptExpression = buildDeptExpression(tableName, tableAlias, effectiveDeptIds); // Expression deptExpression = buildDeptExpression(tableName, tableAlias, deptDataPermission.getDeptIds()); - Expression userExpression = buildUserExpression(tableName, tableAlias, effectiveSelf, loginUser.getId()); + // 使用工号替换 UserId + String userWorkCode = SecurityFrameworkUtils.getLoginUserWorkCode(); + Expression userExpression = buildUserExpression(tableName, tableAlias, effectiveSelf, loginUser.getId(), userWorkCode); if (deptExpression == null && userExpression == null) { // TODO ZT:获得不到条件的时候,暂时不抛出异常,而是不返回数据 log.warn("[getExpression][LoginUser({}) Table({}/{}) DeptDataPermission({}) 构建的条件为空]", @@ -241,7 +257,7 @@ public class DeptDataPermissionRule implements DataPermissionRule { new ParenthesedExpressionList(new ExpressionList(CollectionUtils.convertList(deptIds, LongValue::new)))); } - private Expression buildUserExpression(String tableName, Alias tableAlias, Boolean self, Long userId) { + private Expression buildUserExpression(String tableName, Alias tableAlias, Boolean self, Long userId, String workCode) { // 如果不查看自己,则无需作为条件 if (Boolean.FALSE.equals(self)) { return null; @@ -250,8 +266,13 @@ public class DeptDataPermissionRule implements DataPermissionRule { if (StrUtil.isEmpty(columnName)) { return null; } + // 拼接条件 - return new EqualsTo(MyBatisUtils.buildColumn(tableName, tableAlias, columnName), new LongValue(userId)); + if (StrUtil.isBlank(workCode)) { + return new EqualsTo(MyBatisUtils.buildColumn(tableName, tableAlias, columnName), new LongValue(userId)); + } else { + return new EqualsTo(MyBatisUtils.buildColumn(tableName, tableAlias, columnName), new StringValue(workCode)); + } } // ==================== 添加配置 ==================== diff --git a/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/handler/DefaultDBFieldHandler.java b/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/handler/DefaultDBFieldHandler.java index ec449926..b3306ac0 100644 --- a/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/handler/DefaultDBFieldHandler.java +++ b/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/handler/DefaultDBFieldHandler.java @@ -11,6 +11,7 @@ import com.zt.plat.framework.security.core.LoginUser; import com.zt.plat.framework.security.core.util.SecurityFrameworkUtils; import com.zt.plat.framework.web.core.util.WebFrameworkUtils; import jakarta.annotation.Resource; +import org.apache.commons.lang3.StringUtils; import org.apache.ibatis.reflection.MetaObject; import org.springframework.context.annotation.Lazy; import org.springframework.util.ReflectionUtils; @@ -48,14 +49,16 @@ public class DefaultDBFieldHandler implements MetaObjectHandler { } Long userId = getUserId(); + String userWorkCode = SecurityFrameworkUtils.getLoginUserWorkCode(); + String savedUserWorkCodeOrUserId = StringUtils.isNotEmpty(userWorkCode) ? userWorkCode : userId == null ? null : userId.toString(); String userNickname = SecurityFrameworkUtils.getLoginUserNickname(); // 当前登录用户不为空,创建人为空,则当前登录用户为创建人 if (Objects.nonNull(userId) && Objects.isNull(baseDO.getCreator())) { - baseDO.setCreator(userId.toString()); + baseDO.setCreator(savedUserWorkCodeOrUserId); } // 当前登录用户不为空,更新人为空,则当前登录用户为更新人 if (Objects.nonNull(userId) && Objects.isNull(baseDO.getUpdater())) { - baseDO.setUpdater(userId.toString()); + baseDO.setUpdater(savedUserWorkCodeOrUserId); } } if (Objects.nonNull(metaObject) && metaObject.getOriginalObject() instanceof BusinessBaseDO businessBaseDO) { diff --git a/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/LoginUser.java b/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/LoginUser.java index f9b739dd..cf026e49 100644 --- a/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/LoginUser.java +++ b/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/LoginUser.java @@ -31,6 +31,9 @@ public class LoginUser { // 用户关联的岗位信息 public static final String INFO_KEY_POST_IDS = "postIds"; + // 工号 + public static final String INFO_KEY_WORK_CODE = "workCode"; + /** * 用户编号 */ diff --git a/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/util/SecurityFrameworkUtils.java b/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/util/SecurityFrameworkUtils.java index 48a2bac1..e9efb450 100644 --- a/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/util/SecurityFrameworkUtils.java +++ b/zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/util/SecurityFrameworkUtils.java @@ -15,6 +15,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetailsS import org.springframework.util.StringUtils; import java.util.Collections; +import java.util.Map; /** * 安全服务工具类 @@ -93,6 +94,19 @@ public class SecurityFrameworkUtils { return loginUser != null ? loginUser.getVisitCompanyId() : null; } + @Nullable + public static String getLoginUserWorkCode() { + LoginUser loginUser = getLoginUser(); + if (loginUser == null) { + return null; + } + Map info = loginUser.getInfo(); + if (info == null) { + return null; + } + return MapUtil.getStr(info, LoginUser.INFO_KEY_WORK_CODE); + } + /** * 获得当前用户的编号,从上下文中 * diff --git a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/OAuth2TokenServiceImpl.java b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/OAuth2TokenServiceImpl.java index eee1404e..33552e9f 100644 --- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/OAuth2TokenServiceImpl.java +++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/OAuth2TokenServiceImpl.java @@ -203,6 +203,7 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService { .put(LoginUser.INFO_KEY_TENANT_ID, user.getTenantId().toString()) .put(LoginUser.INFO_KEY_USERNAME, user.getUsername()) .put(LoginUser.INFO_KEY_PHONE, user.getMobile()) + .put(LoginUser.INFO_KEY_WORK_CODE, user.getWorkcode()) .put(LoginUser.INFO_KEY_POST_IDS, CollUtil.isEmpty(user.getPostIds()) ? "[]" : JsonUtils.toJsonString(user.getPostIds())) .build(); } else if (userType.equals(UserTypeEnum.MEMBER.getValue())) {