zgty/zt-dsc
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1. 新增 api 调用日志记录,历史版本回滚

Browse Source 
2. 新增用户角色权限监督功能
This commit is contained in:
chenbowen
2025-10-31 09:28:59 +08:00
parent b618f833d1
commit ddee4da72a
43 changed files with 2454 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
zt-framework/zt-spring-boot-starter-biz-tenant/src/main/java/com/zt/plat/framework/tenant/core/web/CompanyVisitContextInterceptor.java
View File

@@ -20,30 +20,68 @@ public class CompanyVisitContextInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
// 解析 header 并设置 visitCompanyId
LoginUser loginUser = SecurityFrameworkUtils.getLoginUser();
Long companyId = WebFrameworkUtils.getCompanyId(request);
// 优先使用请求头上的公司信息,若缺失则回退到请求属性或当前登录用户已缓存的访问公司
if (companyId == null || companyId <= 0L) {
Long attrCompanyId = resolveLong(request.getAttribute(WebFrameworkUtils.HEADER_VISIT_COMPANY_ID));
if (attrCompanyId != null && attrCompanyId > 0L) {
companyId = attrCompanyId;
} else if (loginUser != null && loginUser.getVisitCompanyId() != null && loginUser.getVisitCompanyId() > 0L) {
companyId = loginUser.getVisitCompanyId();
}
}
String companyName = WebFrameworkUtils.getCompanyName(request);
if (companyId <= 0L) {
// 如果没有设置 companyId则忽略
if (companyName == null || companyName.isEmpty()) {
Object attrCompanyName = request.getAttribute(WebFrameworkUtils.HEADER_VISIT_COMPANY_NAME);
if (attrCompanyName instanceof String) {
companyName = (String) attrCompanyName;
} else if (loginUser != null) {
companyName = loginUser.getVisitCompanyName();
}
}
Long deptId = WebFrameworkUtils.getDeptId(request);
// 部门信息同样遵循“请求头 -> 请求属性 -> 登录缓存”的回退顺序
if (deptId == null || deptId <= 0L) {
Long attrDeptId = resolveLong(request.getAttribute(WebFrameworkUtils.HEADER_VISIT_DEPT_ID));
if (attrDeptId != null && attrDeptId > 0L) {
deptId = attrDeptId;
} else if (loginUser != null && loginUser.getVisitDeptId() != null && loginUser.getVisitDeptId() > 0L) {
deptId = loginUser.getVisitDeptId();
}
}
String deptName = WebFrameworkUtils.getDeptName(request);
if (deptName == null || deptName.isEmpty()) {
Object attrDeptName = request.getAttribute(WebFrameworkUtils.HEADER_VISIT_DEPT_NAME);
if (attrDeptName instanceof String) {
deptName = (String) attrDeptName;
} else if (loginUser != null) {
deptName = loginUser.getVisitDeptName();
}
}
if (companyId == null || companyId <= 0L) {
CompanyContextHolder.setIgnore(true);
return true;
}
Long deptId = WebFrameworkUtils.getDeptId(request);
String deptName = WebFrameworkUtils.getDeptName(request);
LoginUser loginUser = SecurityFrameworkUtils.getLoginUser();
CompanyContextHolder.setIgnore(false);
CompanyContextHolder.setCompanyId(companyId);
if (loginUser == null) {
return true;
}
if (deptId > 0L) {
// 同步最新的访问公司/部门到登录用户对象,供后续数据权限及上下文读取
loginUser.setVisitCompanyId(companyId);
loginUser.setVisitCompanyName(companyName);
if (deptId != null && deptId > 0L) {
loginUser.setVisitDeptId(deptId);
loginUser.setVisitDeptName(deptName);
}
// if (!securityFrameworkService.hasAnyPermissions(PERMISSION)) {
// throw exception0(GlobalErrorCodeConstants.FORBIDDEN.getCode(), "您无权切换部门");
// }
loginUser.setVisitCompanyId(companyId);
loginUser.setVisitCompanyName(companyName);
CompanyContextHolder.setCompanyId(companyId);
return true;
}
@@ -55,4 +93,18 @@ public class CompanyVisitContextInterceptor implements HandlerInterceptor {
loginUser.setVisitCompanyId(0L);
}
}
private Long resolveLong(Object value) {
if (value instanceof Number) {
return ((Number) value).longValue();
}
if (value instanceof String) {
try {
return Long.parseLong(((String) value).trim());
} catch (NumberFormatException ignored) {
return null;
}
}
return null;
}
}