feat:qms权限组件-临时提交

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/core/aspect/QmsPermissionAspect.java

@@ -0,0 +1,78 @@
+package com.zt.plat.module.qms.core.aspect;
+
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import com.alibaba.fastjson.parser.Feature;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.zt.plat.framework.common.pojo.CommonResult;
+import com.zt.plat.framework.common.pojo.PageResult;
+import com.zt.plat.framework.security.core.LoginUser;
+import com.zt.plat.module.qms.core.aspect.annotation.Dict;
+import com.zt.plat.module.qms.core.aspect.annotation.QmsPermission;
+import com.zt.plat.module.qms.core.constant.CommonConstant;
+import com.zt.plat.module.qms.core.legend.LegendApi;
+import com.zt.plat.module.qms.core.legend.LegendConvertUtils;
+import com.zt.plat.module.qms.core.legend.vo.DictModel;
+import com.zt.plat.module.qms.framework.datapermission.QMSPermissionContextHolder;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.Signature;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.util.*;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
+
+import static com.zt.plat.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
+import static com.zt.plat.module.qms.core.constant.CacheConstant.QMS_DICT_BIZ_CACHE;
+import static com.zt.plat.module.qms.core.constant.CacheConstant.QMS_DICT_TABLE_CACHE;
+import static com.zt.plat.module.qms.core.constant.DataTypeConstant.DICT_ANNOTATION_SPLIT;
+
+@Aspect
+@Component
+@Slf4j
+public class QmsPermissionAspect {
+    /**
+     * 定义切点Pointcut
+     */
+    @Pointcut("@annotation(com.zt.plat.module.qms.core.aspect.annotation.QmsPermission)")
+    public void executeService() {
+    }
+
+    @Before("executeService()")
+    public void doBefore(JoinPoint point) throws Throwable {
+        handleDataScope(point);
+    }
+
+    private void handleDataScope(JoinPoint joinPoint){
+        QmsPermission annotation = getAnnotationByJoinPoint(joinPoint);
+        if(annotation == null)
+            return;
+        QMSPermissionContextHolder.setContext(true,  annotation.deptDataRoleCodes(), annotation.moduleDataRoleCodes(), annotation.deptIdColumn(), annotation.userIdColumn(), annotation.custom());
+    }
+
+    private QmsPermission getAnnotationByJoinPoint(JoinPoint joinPoint) {
+        Signature signature = joinPoint.getSignature();
+        MethodSignature methodSignature = (MethodSignature) signature;
+        Method method = methodSignature.getMethod();
+
+        if (method != null) {
+            return method.getAnnotation(QmsPermission.class);
+        }
+        return null;
+    }
+
+}

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/core/aspect/annotation/QmsPermission.java

@@ -0,0 +1,27 @@
+package com.zt.plat.module.qms.core.aspect.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface QmsPermission {
+
+    boolean enable() default true;  //默认开启
+
+    //部门数据查看权限
+    String deptDataRoleCodes() default "";         //指定部门数据查看角色，多值半角逗号分隔
+
+    //模块数据权限-具有此角色可查看本模块所有数据
+    String moduleDataRoleCodes() default "ytjyAdmin";         //指定所有数据查看角色，多值半角逗号分隔
+
+    String deptIdColumn() default "DEPT_ID";        //部门id列
+
+    String userIdColumn() default "CREATOR";        //人员id列
+
+    //todo 考虑支持模块自定义扩展。参数传入表达式，通过表达式计算权限
+    String custom() default "";
+
+}

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/framework/datapermission/QMSDataPermissionDTO.java

@@ -0,0 +1,32 @@
+package com.zt.plat.module.qms.framework.datapermission;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Data;
+
+import java.util.HashSet;
+import java.util.Set;
+
+@Schema(description = "QMS的数据权限 Response DTO")
+@Data
+public class QMSDataPermissionDTO {
+
+    @Schema(description = "是否可查看全部数据", requiredMode = Schema.RequiredMode.REQUIRED, example = "true")
+    private Boolean all;
+
+    @Schema(description = "是否可查看自己的数据", requiredMode = Schema.RequiredMode.REQUIRED, example = "true")
+    private Boolean self;
+
+    @Schema(description = "可查看的部门编号数组", requiredMode = Schema.RequiredMode.REQUIRED, example = "[1, 3]")
+    private Set<Long> deptIds;
+
+    @Schema(description = "可查看的公司编号数组", requiredMode = Schema.RequiredMode.REQUIRED, example = "[1, 3]")
+    private Long companyId;
+
+    public QMSDataPermissionDTO() {
+        this.all = false;
+        this.self = false;
+        this.deptIds = new HashSet<>();
+        this.companyId = 0L;
+    }
+
+}

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/framework/datapermission/QMSPermissionContextHolder.java

@@ -0,0 +1,81 @@
+package com.zt.plat.module.qms.framework.datapermission;
+
+import com.alibaba.ttl.TransmittableThreadLocal;
+
+
+public class QMSPermissionContextHolder {
+    // 是否启用
+    private static final ThreadLocal<Boolean> enable = new TransmittableThreadLocal<>();
+
+    private static final ThreadLocal<String> deptDataRoleCodes = new TransmittableThreadLocal<>();       //部门数据查看权限
+    private static final ThreadLocal<String> moduleDataRoleCodes = new TransmittableThreadLocal<>();   //模块数据权限
+    private static final ThreadLocal<String> deptIdColumn = new TransmittableThreadLocal<>();           //部门id列
+    private static final ThreadLocal<String> userIdColumn = new TransmittableThreadLocal<>();           //人员id列
+    private static final ThreadLocal<String> custom = new TransmittableThreadLocal<>();           //人员id列
+
+    public static void setEnable(Boolean ignore) {
+        enable.set(ignore);
+    }
+
+    public static boolean shouldExecute() {
+        return Boolean.TRUE.equals(enable.get());
+    }
+
+    public static void setContext(boolean enable, String deptDataRoleCode, String moduleDataRoleCode, String deptIdColumn, String userIdColumn, String custom){
+        QMSPermissionContextHolder.setEnable(enable);
+        QMSPermissionContextHolder.deptDataRoleCodes.set(deptDataRoleCode);
+        QMSPermissionContextHolder.moduleDataRoleCodes.set(moduleDataRoleCode);
+        QMSPermissionContextHolder.deptIdColumn.set(deptIdColumn);
+        QMSPermissionContextHolder.userIdColumn.set(userIdColumn);
+        QMSPermissionContextHolder.custom.set(custom);
+    }
+
+    public static void setDeptDataRoleCode(String deptDataRoleCode) {
+        QMSPermissionContextHolder.deptDataRoleCodes.set(deptDataRoleCode);
+    }
+    public static String getDeptDataRoleCode() {
+        return deptDataRoleCodes.get();
+    }
+
+    public static void setModuleDataRoleCodes(String moduleDataRoleCodes) {
+        QMSPermissionContextHolder.moduleDataRoleCodes.set(moduleDataRoleCodes);
+    }
+    public static String getModuleDataRoleCodes() {
+        return moduleDataRoleCodes.get();
+    }
+
+    public static void setDeptIdColumn(String deptIdColumn) {
+        QMSPermissionContextHolder.deptIdColumn.set(deptIdColumn);
+    }
+    public static String getDeptIdColumn() {
+        if(deptIdColumn.get() == null || deptIdColumn.get().length() == 0)
+            return "DEPT_ID";
+        return deptIdColumn.get();
+    }
+
+    public static void setUserIdColumn(String userIdColumn) {
+        QMSPermissionContextHolder.userIdColumn.set(userIdColumn);
+    }
+    public static String getUserIdColumn() {
+        if(userIdColumn.get() == null || userIdColumn.get().length() == 0)
+            return "CREATOR";
+        return userIdColumn.get();
+    }
+
+    public static void setCustom(String custom) {
+        QMSPermissionContextHolder.custom.set(custom);
+    }
+    public static String getCustom() {
+        return custom.get();
+    }
+
+    public static void clear() {
+        enable.remove();
+        deptDataRoleCodes.remove();
+        moduleDataRoleCodes.remove();
+        deptIdColumn.remove();
+        userIdColumn.remove();
+        custom.remove();
+
+    }
+}

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/framework/mybatis/QMSDataPermissionConfig.java

@@ -0,0 +1,42 @@
+package com.zt.plat.module.qms.framework.mybatis;
+
+
+import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
+import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor;
+import com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor;
+import com.zt.plat.module.qms.framework.datapermission.QMSMultiDataPermissionHandler;
+import jakarta.annotation.PostConstruct;
+import org.aspectj.lang.annotation.After;
+import org.springframework.beans.factory.SmartInitializingSingleton;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.List;
+
+//@Configuration
+public class QMSDataPermissionConfig implements SmartInitializingSingleton {
+    @Autowired
+    private MybatisPlusInterceptor mybatisPlusInterceptor;
+
+    @Autowired
+    private QMSMultiDataPermissionHandler qmsMultiDataPermissionHandler;
+
+    @Override
+    public void afterSingletonsInstantiated() {
+        List<InnerInterceptor> interceptors = mybatisPlusInterceptor.getInterceptors();
+        // 避免重复注册
+        boolean exists = interceptors.stream()
+                .filter(i -> i instanceof DataPermissionInterceptor)
+                .map(i -> (DataPermissionInterceptor) i)
+                .anyMatch(i -> i.getDataPermissionHandler() == qmsMultiDataPermissionHandler);
+        if (!exists) {
+            mybatisPlusInterceptor.addInnerInterceptor(new DataPermissionInterceptor(qmsMultiDataPermissionHandler));
+        }
+    }
+
+//    @PostConstruct
+//    public void addDataPermissionInterceptor() {
+//
+//    }
+
+}

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/device/controller/admin/DeviceApplyController.java

@@ -100,7 +100,6 @@ public class DeviceApplyController extends AbstractFileUploadController implemen
 
     @GetMapping("/page")
     @Operation(summary = "获得设备通用流程,验收、降级、停用、报废、还原、启用分页")
-    @PreAuthorize("@ss.hasPermission('qms:device-apply:query')")
     public CommonResult<PageResult<DeviceApplyRespVO>> getDeviceApplyPage(@Valid DeviceApplyPageReqVO pageReqVO) {
         PageResult<DeviceApplyDO> pageResult = deviceApplyService.getDeviceApplyPage(pageReqVO);
         return success(BeanUtils.toBean(pageResult, DeviceApplyRespVO.class));

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/device/controller/admin/DeviceConfigFlowController.java

@@ -97,7 +97,6 @@ public class DeviceConfigFlowController implements BusinessControllerMarker {
 
     @GetMapping("/page")
     @Operation(summary = "获得设备通用流程配置分页")
-    @PreAuthorize("@ss.hasPermission('qms:device-config-flow:query')")
     public CommonResult<PageResult<DeviceConfigFlowRespVO>> getDeviceConfigFlowPage(@Valid DeviceConfigFlowPageReqVO pageReqVO) {
         PageResult<DeviceConfigFlowDO> pageResult = deviceConfigFlowService.getDeviceConfigFlowPage(pageReqVO);
         return success(BeanUtils.toBean(pageResult, DeviceConfigFlowRespVO.class));

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/device/controller/admin/DeviceProductController.java

@@ -122,7 +122,7 @@ public class DeviceProductController extends AbstractFileUploadController implem
 
     @GetMapping("/page")
     @Operation(summary = "获得设备-设备大类分页")
-    @PreAuthorize("@ss.hasPermission('resource:device-product:query')")
+//    @PreAuthorize("@ss.hasPermission('resource:device-product:query')")
     public CommonResult<PageResult<DeviceProductRespVO>> getDeviceProductPage(@Valid DeviceProductPageReqVO pageReqVO) {
         PageResult<DeviceProductDO> pageResult = deviceProductService.getDeviceProductPage(pageReqVO);
         return success(BeanUtils.toBean(pageResult, DeviceProductRespVO.class));

zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/resource/device/dal/mapper/DeviceApplyMapper.java

@@ -3,6 +3,7 @@ package com.zt.plat.module.qms.resource.device.dal.mapper;
 import com.zt.plat.framework.common.pojo.PageResult;
 import com.zt.plat.framework.mybatis.core.query.LambdaQueryWrapperX;
 import com.zt.plat.framework.mybatis.core.mapper.BaseMapperX;
+import com.zt.plat.module.qms.core.aspect.annotation.QmsPermission;
 import com.zt.plat.module.qms.resource.device.controller.vo.DeviceApplyPageReqVO;
 import com.zt.plat.module.qms.resource.device.dal.dataobject.DeviceApplyDO;
 import org.apache.ibatis.annotations.Mapper;
@@ -15,9 +16,10 @@ import org.apache.ibatis.annotations.Mapper;
 @Mapper
 public interface DeviceApplyMapper extends BaseMapperX<DeviceApplyDO> {
 
+    @QmsPermission
     default PageResult<DeviceApplyDO> selectPage(DeviceApplyPageReqVO reqVO) {
-        return selectPage(reqVO, new LambdaQueryWrapperX<DeviceApplyDO>()
+        LambdaQueryWrapperX<DeviceApplyDO> wrapper = new LambdaQueryWrapperX<>();
-                .likeIfPresent(DeviceApplyDO::getBusinessName, reqVO.getBusinessName())
+        wrapper.likeIfPresent(DeviceApplyDO::getBusinessName, reqVO.getBusinessName())
                 .likeIfPresent(DeviceApplyDO::getApplyDepartmentName, reqVO.getApplyDepartmentName())
                 .eqIfPresent(DeviceApplyDO::getApplyDepartment, reqVO.getApplyDepartment())
                 .likeIfPresent(DeviceApplyDO::getApplyUserName, reqVO.getApplyUserName())
@@ -39,7 +41,8 @@ public interface DeviceApplyMapper extends BaseMapperX<DeviceApplyDO> {
                 .eqIfPresent(DeviceApplyDO::getSystemDepartmentCode, reqVO.getSystemDepartmentCode())
                 .eqIfPresent(DeviceApplyDO::getRemark, reqVO.getRemark())
                 .betweenIfPresent(DeviceApplyDO::getCreateTime, reqVO.getCreateTime())
-                .orderByDesc(DeviceApplyDO::getId));
+                .orderByDesc(DeviceApplyDO::getId);
+        return selectPage(reqVO, wrapper);
     }
 
 }