fix: 优化用户访问权限

This commit is contained in:
tangwei 2026-07-08 17:53:49 +08:00
parent 673e974e93
commit 74e7cf9ac7
3 changed files with 62 additions and 8 deletions

View File

@ -13,16 +13,45 @@ import io.swagger.v3.oas.models.info.Contact;
@Configuration
public class SwaggerConfig {
// @Bean
// public OpenAPI projectOpenAPI() {
// return new OpenAPI()
// .info(new Info()
// .title("项目API 接口文档")
// .version("3.0")
// .description("")
// .contact(new Contact().name("郑顺利").email("13910913995@163.com"))
// );
// }
@Bean
public OpenAPI projectOpenAPI() {
// 定义 Header 中的 Token 参数
SecurityScheme securityScheme = new SecurityScheme()
.type(SecurityScheme.Type.APIKEY) // 类型为 API Key
.in(SecurityScheme.In.HEADER) // 放在 Header
.name("token"); // Header 的名称也可改为 Authorization
// 1. 定义第一个 Headertoken
SecurityScheme tokenScheme = new SecurityScheme()
.type(SecurityScheme.Type.APIKEY)
.in(SecurityScheme.In.HEADER)
.name("token")
.description("用户认证 Token");
// 2. 定义第二个 Header租户ID示例
SecurityScheme tenantScheme = new SecurityScheme()
.type(SecurityScheme.Type.APIKEY)
.in(SecurityScheme.In.HEADER)
.name("Tenant_Id")
.description("租户标识");
// 3. 将两个安全方案注册到 Components
Components components = new Components()
.addSecuritySchemes("tokenAuth", tokenScheme)
.addSecuritySchemes("tenantAuth", tenantScheme);
// 4. 创建 SecurityRequirement同时要求两个 Header 都必须提供
SecurityRequirement securityRequirement = new SecurityRequirement()
.addList("tokenAuth"); // 关联上面的安全方案名称
.addList("tokenAuth") // 引用 token 方案
.addList("tenantAuth"); // 引用 tenant 方案
return new OpenAPI()
.info(new Info()
@ -31,8 +60,8 @@ public class SwaggerConfig {
.description("")
.contact(new Contact().name("郑顺利").email("13910913995@163.com"))
)
.components(new Components().addSecuritySchemes("tokenAuth", securityScheme))
.addSecurityItem(securityRequirement);
.components(components)
.addSecurityItem(securityRequirement); // 一次性添加
}
// @Bean

View File

@ -9,10 +9,12 @@ import com.yfd.platform.common.*;
import com.yfd.platform.common.exception.BizException;
import com.yfd.platform.qgc_base.domain.MsOperationLog;
import com.yfd.platform.qgc_base.domain.MsOperationLogDetail;
import com.yfd.platform.qgc_base.domain.vo.DataScopeApplyResult;
import com.yfd.platform.qgc_base.entity.vo.BatchDeleteAo;
import com.yfd.platform.qgc_base.entity.vo.DataParam;
import com.yfd.platform.qgc_base.mapper.MsOperationLogDetailMapper;
import com.yfd.platform.qgc_base.mapper.MsOperationLogMapper;
import com.yfd.platform.qgc_base.service.IDataScopeFilterService;
import com.yfd.platform.qgc_env.wq.entity.vo.*;
import com.yfd.platform.qgc_env.wq.service.EnvWqDataService;
import com.yfd.platform.qgc_env.wt.entity.vo.WbsbVo;
@ -45,6 +47,9 @@ import org.apache.commons.collections4.CollectionUtils;
@Service
public class EnvWqDataServiceImpl implements EnvWqDataService {
@Resource
private IDataScopeFilterService dataScopeFilterService;
private static final String WQ_HOUR_TABLE_NAME = "SD_WQ_R";
private static final String WQ_DAY_TABLE_NAME = "SD_WQDAY_S";
private static final String WQ_MONTH_TABLE_NAME = "SD_WQDRTP_S";
@ -4610,6 +4615,13 @@ public class EnvWqDataServiceImpl implements EnvWqDataService {
.append("AND NVL(t.USFL, 1) = 1 ");
Map<String, Object> paramMap = new HashMap<>();
DataScopeApplyResult scopeApplyResult = dataScopeFilterService.appendCurrentUserStationScope(sql, paramMap, "t.RSTCD");
if (scopeApplyResult.isEmptyResult()) {
dataSourceResult.setData(new ArrayList<>());
dataSourceResult.setTotal(0L);
return dataSourceResult;
}
String filterSql = buildWqPointFilterCondition(dataSourceRequest.getFilter(), paramMap, new int[]{0});
if (StrUtil.isNotBlank(filterSql)) {
sql.append(" AND ").append(filterSql);

View File

@ -5,6 +5,8 @@ import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.yfd.platform.common.*;
import com.yfd.platform.common.exception.BizException;
import com.yfd.platform.qgc_base.domain.vo.DataScopeApplyResult;
import com.yfd.platform.qgc_base.service.IDataScopeFilterService;
import com.yfd.platform.qgc_env.wt.entity.vo.DfltkwFacilityCountVo;
import com.yfd.platform.qgc_env.wt.entity.vo.FishSpawnVo;
import com.yfd.platform.qgc_env.wt.entity.vo.RstcdTreeInfoVo;
@ -58,6 +60,9 @@ public class SdWtMonitorServiceImpl implements SdWtMonitorService {
@Resource
private JdbcTemplate jdbcTemplate;
@Resource
private IDataScopeFilterService dataScopeFilterService;
@Override
public DataSourceResult getEvnmAutoMonitorList(DataSourceRequest dataSourceRequest) {
DataSourceLoadOptionsBase loadOptions = dataSourceRequest == null ? null : dataSourceRequest.toDevRequest();
@ -2886,6 +2891,14 @@ public class SdWtMonitorServiceImpl implements SdWtMonitorService {
}
Map<String, Object> paramMap = new HashMap<>();
DataScopeApplyResult scopeApplyResult = dataScopeFilterService.appendCurrentUserStationScope(sql, paramMap, "t.RSTCD");
if (scopeApplyResult.isEmptyResult()) {
dataSourceResult.setData(new ArrayList<>());
dataSourceResult.setTotal(0L);
return dataSourceResult;
}
// Map<String, Object> paramMap = new HashMap<>();
if (StrUtil.isNotEmpty(bldsttCcode)) {
paramMap.put("bldsttCcode", bldsttCcode);
}