mybatis拦截器数据权限过滤

1.项目结构2.pom.xml3.基础配置

spring.xmlmybatis-config.xml 4.测试代码

User实体类数据库字段随便建几个吧UserMapperUserMapper.xmlmybatis拦截器解析类 5.测试类

最终打印日志sql

1.项目结构

2.pom.xml

org.example
    spring-mybatis-source
    1.0-SNAPSHOT

    
        8
        8
    

    
        org.springframework.boot
        spring-boot-starter-parent
        2.5.5
    

    

        
            junit
            junit
            4.12
            test
        

        
            org.springframework.boot
            spring-boot-starter-web
        

        
            org.mybatis
            mybatis
            3.5.3
        

        
            mysql
            mysql-connector-java
            5.1.38
        

        
            org.slf4j
            slf4j-api
            1.7.12
        

        
            org.slf4j
            slf4j-log4j12
            1.7.12
        

        
            log4j
            log4j
            1.2.17
        

        
            org.apache.maven.plugins
            maven-surefire-plugin
            2.4.2
        

        
            cn.hutool
            hutool-core
            4.4.5
        

        
            cn.hutool
            hutool-cache
            4.4.5
        

        
            org.mybatis
            mybatis-spring
            2.0.3
        

        
            org.springframework
            spring-jdbc
            5.3.9
        

        
            commons-dbcp
            commons-dbcp
            1.4
        

        
            commons-pool
            commons-pool
            1.6

3.基础配置 spring.xml

mybatis-config.xml

4.测试代码 User实体类数据库字段随便建几个吧

package com.lmh.entity;

private Long id;

    private String username;

    private String password;

    private String email;

    private String headImage;

    private String countryName;

	// ...get set

UserMapper

import com.lmh.entity.User;

public interface UserMapper {

   User findUserById(@Param("password") String password);
}

UserMapper.xml





    
        select
            id id,
            user_name username,
            user_password password,
            user_email email,
            head_image headImage,
            country_name countryName
        from sys_user where user_password = #{password}
        
        ]]>

mybatis拦截器

@Intercepts(
        @Signature(
                type = Executor.class,
                method = "query",
                args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class}
        )
)
public class PrivilegeExecutorInterceptor implements Interceptor {
    @Override
    public Object intercept(Invocation invocation) throws Throwable {
        //获取executor对象
        Executor executor = (Executor)invocation.getTarget();
        //获取到mappedStatement
        MappedStatement ms = (MappedStatement)invocation.getArgs()[0];
        //查询参数
        Object parameterObject = invocation.getArgs()[1];
        //获取boundSql
        BoundSql boundSql = ms.getBoundSql(parameterObject);
        String sql = boundSql.getSql();
        if (sql.contains(")) {
            sql = AddAuthParser.parse(sql);
        }
        BoundSql newBoundSql = new BoundSql(ms.getConfiguration(), sql, boundSql.getParameterMappings(), parameterObject);
        //这里没有使用缓存
        return executor.query(ms, parameterObject,  RowBounds.DEFAULT, Executor.NO_RESULT_HANDLER, null, newBoundSql);
    }

    
    @Override
    public Object plugin(Object target) {
        return Plugin.wrap(target, this);
    }

    @Override
    public void setProperties(Properties properties) {

    }
}

public class CountryPrivilegeInfo {

    
    private String joiner = "and";

    
    private String symbol = "in";

    
    private String columnName;

    
    private String privilegeDimension;

    
    private List rolePrivileges = getCountryFromContext();

    public CountryPrivilegeInfo(String joiner, String symbol, String columnName, String privilegeDimension) {
        this.joiner = joiner;
        this.symbol = symbol;
        this.columnName = columnName;
        this.privilegeDimension = privilegeDimension;
    }

    
    private List getCountryFromContext() {
        List list = new ArrayList<>();
        list.add("cn");
        list.add("us");
        return list;
    }
}

//省略 get set

解析类

public class AddAuthParser {

    
    public static String parse(String sql) {
        StringBuilder finalSql = new StringBuilder();
        String[] preSplit = sql.split(");
        String preSql = preSplit[1];
        String addAuthSql = preSql.substring(0, preSql.indexOf("/>"));
        String suffixSql = preSql.substring(preSql.indexOf("/>") + "/>".length());
        return finalSql.append(preSplit[0]).
                append(doParseAddAuthSql(addAuthSql)).
                append(suffixSql).toString();
    }

    
    private static String doParseAddAuthSql(String sql) {
        //数据权限维度。实例工作中为地区、数据角色等维度
        String privilegeDimension = getValueByProperty("privilegeDimension", sql);
        String columnName = getValueByProperty("columnName", sql);
        String symbol = getValueByProperty("symbol", sql);
        String joiner = getValueByProperty("joiner", sql);
        CountryPrivilegeInfo countryPrivilegeInfo = new CountryPrivilegeInfo(joiner, symbol, columnName, privilegeDimension);
        StringBuilder privilegeStr = new StringBuilder(" ( ");
        List rolePrivileges = countryPrivilegeInfo.getRolePrivileges();
        for (int i = 0; i < rolePrivileges.size(); i++) {
            privilegeStr.append("'").append(rolePrivileges.get(i)).append("'");
            if (i < rolePrivileges.size() - 1) {
                privilegeStr.append(", ");
            }
        }
        privilegeStr.append(" ) ");
        return " " + joiner + " "+ columnName + " "+ symbol + " " +privilegeStr;
    }

    private static String getValueByProperty(String property, String sql) {
        sql = sql.replace(" ", "");
        String open = property + "='";
        String close = "'";
        String[] split = sql.split(open);
        String value = split[1].substring(0, split[1].indexOf(close));
        return value.trim();
    }
}

5.测试类

public static void main(String[] args) {

        ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("spring.xml");
        
  
        UserMapper userMapper = (UserMapper)context.getBean("userMapper");
        User userById = userMapper.findUserById("123456");
        System.out.println("userById = " + userById);

        
    }

最终打印日志sql

UserMapper.findUserById - ==>  Preparing: select id id, user_name username, user_password password, user_email email, head_image headImage, country_name countryName from sys_user where user_password = ? and country_name in ( 'cn', 'us' ) 

UserMapper.findUserById - ==> Parameters: 123456(String)

这样就实现了加上一个标签，就对登陆用户的数据权限进行了过滤

]]>

mybatis拦截器数据权限过滤

Java相关栏目本月热门文章