userId改为 workcode , 修复数据权限的问题. http://172.16.46.63:31560/index.php?m=task&f=view&taskID=715

zt-framework/zt-spring-boot-starter-biz-data-permission/src/main/java/com/zt/plat/framework/datapermission/core/rule/dept/DeptDataPermissionRule.java

@@ -18,19 +18,24 @@ import com.zt.plat.framework.tenant.core.context.CompanyContextHolder;
 import com.zt.plat.framework.tenant.core.context.DeptContextHolder;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import net.sf.jsqlparser.JSQLParserException;
 import net.sf.jsqlparser.expression.Alias;
 import net.sf.jsqlparser.expression.Expression;
 import net.sf.jsqlparser.expression.LongValue;
 import net.sf.jsqlparser.expression.NullValue;
+import net.sf.jsqlparser.expression.StringValue;
 import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
 import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
 import net.sf.jsqlparser.expression.operators.relational.*;
+import net.sf.jsqlparser.parser.CCJSqlParserUtil;
 import net.sf.jsqlparser.schema.Column;
 import net.sf.jsqlparser.schema.Table;
 import net.sf.jsqlparser.statement.select.ParenthesedSelect;
 import net.sf.jsqlparser.statement.select.PlainSelect;
 import net.sf.jsqlparser.statement.select.SelectItem;
+import org.apache.commons.lang3.StringUtils;
 
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
@@ -67,7 +72,16 @@ public class DeptDataPermissionRule implements DataPermissionRule {
     private static final String DEPT_COLUMN_NAME = "dept_id";
     private static final String USER_COLUMN_NAME = "user_id";
 
-    static final Expression EXPRESSION_NULL = new NullValue();
+    static final Expression EXPRESSION_NULL;
+
+    static {
+        try {
+            EXPRESSION_NULL = CCJSqlParserUtil.parseCondExpression("1 = 0");
+        } catch (JSQLParserException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
     public static final String SYSTEM_USERS = "system_users";
 
     private final PermissionCommonApi permissionApi;
@@ -177,7 +191,9 @@ public class DeptDataPermissionRule implements DataPermissionRule {
         // 情况三，拼接 Dept 和 Company User 的条件，最后组合
         Expression deptExpression = buildDeptExpression(tableName, tableAlias, effectiveDeptIds);
 //        Expression deptExpression = buildDeptExpression(tableName, tableAlias, deptDataPermission.getDeptIds());
-        Expression userExpression = buildUserExpression(tableName, tableAlias, effectiveSelf, loginUser.getId());
+        // 使用工号替换 UserId
+        String userWorkCode = SecurityFrameworkUtils.getLoginUserWorkCode();
+        Expression userExpression = buildUserExpression(tableName, tableAlias, effectiveSelf, loginUser.getId(), userWorkCode);
         if (deptExpression == null && userExpression == null) {
             // TODO ZT：获得不到条件的时候，暂时不抛出异常，而是不返回数据
             log.warn("[getExpression][LoginUser({}) Table({}/{}) DeptDataPermission({}) 构建的条件为空]",
@@ -241,7 +257,7 @@ public class DeptDataPermissionRule implements DataPermissionRule {
                 new ParenthesedExpressionList(new ExpressionList<LongValue>(CollectionUtils.convertList(deptIds, LongValue::new))));
     }
 
-    private Expression buildUserExpression(String tableName, Alias tableAlias, Boolean self, Long userId) {
+    private Expression buildUserExpression(String tableName, Alias tableAlias, Boolean self, Long userId, String workCode) {
         // 如果不查看自己，则无需作为条件
         if (Boolean.FALSE.equals(self)) {
             return null;
@@ -250,8 +266,13 @@ public class DeptDataPermissionRule implements DataPermissionRule {
         if (StrUtil.isEmpty(columnName)) {
             return null;
         }
+
         // 拼接条件
+        if (StrUtil.isBlank(workCode)) {
             return new EqualsTo(MyBatisUtils.buildColumn(tableName, tableAlias, columnName), new LongValue(userId));
+        } else {
+            return new EqualsTo(MyBatisUtils.buildColumn(tableName, tableAlias, columnName), new StringValue(workCode));
+        }
     }
 
     // ==================== 添加配置 ====================

zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/handler/DefaultDBFieldHandler.java

@@ -11,6 +11,7 @@ import com.zt.plat.framework.security.core.LoginUser;
 import com.zt.plat.framework.security.core.util.SecurityFrameworkUtils;
 import com.zt.plat.framework.web.core.util.WebFrameworkUtils;
 import jakarta.annotation.Resource;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.ibatis.reflection.MetaObject;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.util.ReflectionUtils;
@@ -48,14 +49,16 @@ public class DefaultDBFieldHandler implements MetaObjectHandler {
             }
 
             Long userId = getUserId();
+            String userWorkCode = SecurityFrameworkUtils.getLoginUserWorkCode();
+            String savedUserWorkCodeOrUserId = StringUtils.isNotEmpty(userWorkCode) ? userWorkCode : userId == null ? null : userId.toString();
             String userNickname = SecurityFrameworkUtils.getLoginUserNickname();
             // 当前登录用户不为空，创建人为空，则当前登录用户为创建人
             if (Objects.nonNull(userId) && Objects.isNull(baseDO.getCreator())) {
-                baseDO.setCreator(userId.toString());
+                baseDO.setCreator(savedUserWorkCodeOrUserId);
             }
             // 当前登录用户不为空，更新人为空，则当前登录用户为更新人
             if (Objects.nonNull(userId) && Objects.isNull(baseDO.getUpdater())) {
-                baseDO.setUpdater(userId.toString());
+                baseDO.setUpdater(savedUserWorkCodeOrUserId);
             }
         }
         if (Objects.nonNull(metaObject) && metaObject.getOriginalObject() instanceof BusinessBaseDO businessBaseDO) {

zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/LoginUser.java

@@ -31,6 +31,9 @@ public class LoginUser {
     // 用户关联的岗位信息
     public static final String INFO_KEY_POST_IDS = "postIds";
 
+    // 工号
+    public static final String INFO_KEY_WORK_CODE = "workCode";
+
     /**
      * 用户编号
      */

zt-framework/zt-spring-boot-starter-security/src/main/java/com/zt/plat/framework/security/core/util/SecurityFrameworkUtils.java

@@ -15,6 +15,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetailsS
 import org.springframework.util.StringUtils;
 
 import java.util.Collections;
+import java.util.Map;
 
 /**
  * 安全服务工具类
@@ -93,6 +94,19 @@ public class SecurityFrameworkUtils {
         return loginUser != null ? loginUser.getVisitCompanyId() : null;
     }
 
+    @Nullable
+    public static String getLoginUserWorkCode() {
+        LoginUser loginUser = getLoginUser();
+        if (loginUser == null) {
+            return null;
+        }
+        Map<String, String> info = loginUser.getInfo();
+        if (info == null) {
+            return null;
+        }
+        return MapUtil.getStr(info, LoginUser.INFO_KEY_WORK_CODE);
+    }
+
     /**
      * 获得当前用户的编号，从上下文中
      *

zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/OAuth2TokenServiceImpl.java

@@ -215,6 +215,7 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService {
                     .put(LoginUser.INFO_KEY_TENANT_ID, user.getTenantId().toString())
                     .put(LoginUser.INFO_KEY_USERNAME, user.getUsername())
                     .put(LoginUser.INFO_KEY_PHONE, user.getMobile())
+                    .put(LoginUser.INFO_KEY_WORK_CODE, user.getWorkcode())
                     .put(LoginUser.INFO_KEY_POST_IDS, CollUtil.isEmpty(user.getPostIds()) ? "[]" : JsonUtils.toJsonString(user.getPostIds()))
                     .build();
         } else if (userType.equals(UserTypeEnum.MEMBER.getValue())) {