controller层
public Page<Material> selectListData(Material material, HttpServletRequest request, HttpServletResponse response) {
// 数据权限过滤 不是超级管理员
if (!material.getCurrentUser().isSuperAdmin()) {
materialService.addDataScopeFilter(material, UserDataScope.CTRL_PERMI_HAVE);
}
Page<Material> page = materialService.findSelectPage(new Page<Material>(request, response), material);
return page;
}
service层
拼接sql
@Override
public void addDataScopeFilter(Material entity, String ctrlPermi) {
// entity.getSqlMap().getDataScope().addFilter("dsfCompany", "Company", "a.fcreateorgid", "a.create_by",
// ctrlPermi);
entity.getSqlMap().getDataScope().addFilter("dsfCompany",
"EXISTS ( SELECT 1 FROM 角色权限表(ctrl) WHERE ctrl_permi = '1' AND ctrl_type = 'Company' "
+ "AND role_code IN ( SELECT ROLE_CODE FROM 用户与角色关联表(USER) WHERE USER_CODE = '"
+ UserUtils.getUser().getId() + "' ) AND FIND_IN_SET(ctrl_data,a.fuseorgid ) > 0)");
entity.getSqlMap().getDataScope().addFilter("dsfCompany1",
"EXISTS ( SELECT 1 FROM 角色权限表(ctrl) WHERE ctrl_permi = '1' AND ctrl_type = 'Company' "
+ "AND role_code IN ( SELECT ROLE_CODE FROM 用户与角色关联表(USER) WHERE USER_CODE = '"
+ UserUtils.getUser().getId() + "' ) AND FIND_IN_SET(ctrl_data,M.fuseorgid ) > 0)");
}