@SuppressWarnings("all") protected boolean matchCreatorId(Object result, String userId) { if (null == result) { return true; } if (result instanceof RecordCreationEntity) { return userId.equals(((RecordCreationEntity) result).getCreatorId()); } else if (result instanceof Collection) { Collection<?> collection = ((Collection) result); //删掉不能访问的对象 collection.removeAll(collection.stream().filter((Object o) -> !matchCreatorId(o, userId)).collect(Collectors.toList())); } else { try { return userId.equals(PropertyUtils.getProperty(result, "creatorId")); } catch (Exception ignore) { } } return true; } }
@SuppressWarnings("unchecked") protected boolean doRWAccess(OwnCreatedDataAccessConfig access, AuthorizingContext context, Object controller) { //获取注解 Object id = context.getParamContext().<String>getParameter(context.getDefinition().getDataAccessDefinition().getIdParameterName()).orElse(null); //通过QueryController获取QueryService //然后调用selectByPk 查询旧的数据,进行对比 if (controller instanceof QueryController) { //判断是否满足条件(泛型为 RecordCreationEntity) Class entityType = ClassUtils.getGenericType(controller.getClass(), 0); if (ClassUtils.instanceOf(entityType, RecordCreationEntity.class)) { QueryService<RecordCreationEntity, Object> queryService = ((QueryController<RecordCreationEntity, Object, Entity>) controller).getService(); RecordCreationEntity oldData = queryService.selectByPk(id); if (oldData != null && !context.getAuthentication().getUser().getId().equals(oldData.getCreatorId())) { return false; } } } return true; }
@SuppressWarnings("all") protected boolean matchCreatorId(Object result, String userId) { if (null == result) { return true; } if (result instanceof RecordCreationEntity) { return userId.equals(((RecordCreationEntity) result).getCreatorId()); } else if (result instanceof Collection) { Collection<?> collection = ((Collection) result); //删掉不能访问的对象 collection.removeAll(collection.stream().filter((Object o) -> !matchCreatorId(o, userId)).collect(Collectors.toList())); } else { try { return userId.equals(PropertyUtils.getProperty(result, "creatorId")); } catch (Exception ignore) { } } return true; } }
@SuppressWarnings("unchecked") protected boolean doRWAccess(OwnCreatedDataAccessConfig access, AuthorizingContext context, Object controller) { //获取注解 Object id = context.getParamContext().<String>getParameter(context.getDefinition().getDataAccessDefinition().getIdParameterName()).orElse(null); //通过QueryController获取QueryService //然后调用selectByPk 查询旧的数据,进行对比 if (controller instanceof QueryController) { //判断是否满足条件(泛型为 RecordCreationEntity) Class entityType = ClassUtils.getGenericType(controller.getClass(), 0); if (ClassUtils.instanceOf(entityType, RecordCreationEntity.class)) { QueryService<RecordCreationEntity, Object> queryService = ((QueryController<RecordCreationEntity, Object, Entity>) controller).getService(); RecordCreationEntity oldData = queryService.selectByPk(id); if (oldData != null && !context.getAuthentication().getUser().getId().equals(oldData.getCreatorId())) { return false; } } } return true; }