feat(REQ-2300)：获取提交数据的workspaceId

2024-07-26 18:48:02 +08:00 · 2024-07-26 18:48:02 +08:00 · 52f5e9b546
commit 52f5e9b546
parent 3934d0337f
2 changed files with 37 additions and 5 deletions
--- a/axzo-common-data-permission/src/main/java/cn/axzo/framework/datapermission/annotation/DataPermission.java
+++ b/axzo-common-data-permission/src/main/java/cn/axzo/framework/datapermission/annotation/DataPermission.java
@ -34,4 +34,10 @@ public @interface DataPermission {
     */
    String key_personId() default "personId";

+    /**
+     * 请求体的workspaceId
+     *
+     * @return
+     */
+    String requestBodyWorkspaceId() default "";
 }
--- a/axzo-common-data-permission/src/main/java/cn/axzo/framework/datapermission/aop/DataPermissionInterceptor.java
+++ b/axzo-common-data-permission/src/main/java/cn/axzo/framework/datapermission/aop/DataPermissionInterceptor.java
@ -11,6 +11,8 @@ import cn.axzo.karma.client.feign.tyr.request.GetMergeMatchDataReq;
 import cn.axzo.karma.client.feign.tyr.request.MatchDataObjectReq;
 import cn.axzo.karma.client.feign.tyr.response.MatchDataObjectResp;
 import cn.axzo.karma.client.feign.tyr.response.MergeMatchDataResp;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
@ -27,6 +29,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 import javax.servlet.http.HttpServletRequest;
 import java.util.Objects;
 import java.util.Optional;
+import java.util.stream.Collectors;

 import static cn.axzo.framework.datapermission.context.DataPermissionContextHolder.DATA_PERMISSION_HEADER;

@ -114,7 +117,7 @@ public class DataPermissionInterceptor {
 //        String dataPermissionHeader = httpRequest.getHeader(DATA_PERMISSION_HEADER);
        // header中有值，表示数据权限规则已经被解析，只需要获取数据去使用
 //        if (StringUtils.isBlank(dataPermissionHeader)) {
-            resolveRule(dataPermission);
+            resolveRule(dataPermission, httpRequest);
 //            return;
 //        }

@ -127,14 +130,14 @@ public class DataPermissionInterceptor {
     * 解析数据权限规则
     * @param dataPermission
     */
-    private void resolveRule(DataPermission dataPermission) {
+    private void resolveRule(DataPermission dataPermission, HttpServletRequest httpRequest) {

        ContextInfo contextInfo = ContextInfoHolder.get();
        if (contextInfo == null || contextInfo.getUserInfo() == null || StringUtils.isBlank(dataPermission.bizCode())) {
            return;
        }

-        Optional<MatchDataObjectResp> matchDataObjectOptional = this.matchRule(dataPermission);
+        Optional<MatchDataObjectResp> matchDataObjectOptional = this.matchRule(dataPermission, httpRequest);
        if (!matchDataObjectOptional.isPresent()) {
            log.warn("no match data rule, bizCode:{}, personId：{}, ouId:{}, workspaceId:{}",
                    dataPermission.bizCode(),
@ -155,14 +158,22 @@ public class DataPermissionInterceptor {
        DataPermissionContextHolder.setContext(dataPermissionContext);
    }

-    private Optional<MatchDataObjectResp> matchRule(DataPermission dataPermission) {
+    private Optional<MatchDataObjectResp> matchRule(DataPermission dataPermission, HttpServletRequest httpRequest) {

        ContextInfo contextInfo = ContextInfoHolder.get();
+        Long workspaceId = null;
+        String requestBodyWorkspaceId = dataPermission.requestBodyWorkspaceId();
+        if (StringUtils.isNotBlank(requestBodyWorkspaceId)) {
+            workspaceId = getRequestBodyWorkspaceId(httpRequest, requestBodyWorkspaceId);
+        }
+        if (Objects.isNull(workspaceId)) {
+            workspaceId = contextInfo.getWorkspaceId();
+        }

        MatchDataObjectReq matchDataObjectReq = MatchDataObjectReq.builder()
                .dataObjectCode(dataPermission.bizCode())
                .ouId(contextInfo.getOuId())
-                .workspaceId(contextInfo.getWorkspaceId())
+                .workspaceId(workspaceId)
                .personId(contextInfo.getUserInfo().getPersonId())
                .build();

@ -190,4 +201,19 @@ public class DataPermissionInterceptor {
        dataPermissionContext.setPersonIds(mergeMatchDataResp.getPersonIds());
        return dataPermissionContext;
    }
+
+    private Long getRequestBodyWorkspaceId(HttpServletRequest httpRequest, String requestBodyWorkspaceIdKey) {
+        try {
+            String requestBody = httpRequest.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
+            ObjectMapper mapper = new ObjectMapper();
+            JsonNode rootNode = mapper.readTree(requestBody);
+            String workspaceId = rootNode.path(requestBodyWorkspaceIdKey).asText();
+            if (StringUtils.isNotBlank(workspaceId)) {
+                return Long.valueOf(workspaceId);
+            }
+        } catch (Exception e) {
+            log.warn("获取提交body里面的workspaceId出错", e);
+        }
+        return null;
+    }
 }