列字段导出权限
针对数据列表的列进行权限控制后,列表导出数据时与列权限相对应
需基于列表列字段权限控制已完成
举例: 打卡时间字段已做权限控制,在列表中隐藏,则在导出时,也不会导出
权限控制步骤
后台导出方法添加权限逻辑,获取需导出的字段,将所有需要导出字段逗号隔开,拼接字符串
@RequestMapping(value = "/exportXls")
@PermissionData(pageComponent = "jeecg/JeecgDemoList")
public ModelAndView exportXls(HttpServletRequest request, JeecgDemo jeecgDemo) {
//获取导出表格字段
String exportFields = jeecgDemoService.getExportFields();
return super.exportXls(request, jeecgDemo, JeecgDemo.class, "单表模型",exportFields);
}
public String getExportFields() {
//获取当前登录人
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
//权限配置列导出示例
List<String> noAuthList = new ArrayList<>();
List<String> exportFieldsList = new ArrayList<>();
//1.此前缀必须与列表字段权限控制前缀一致
String permsPrefix = "testdemo:";
//查询配置菜单有效字段
List<String> allAuth = this.baseMapper.queryAllAuth(permsPrefix);
//查询已授权字段
List<String> userAuth = this.baseMapper.queryUserAuth(sysUser.getId(),permsPrefix);
//列出未授权字段
for(String perms : allAuth){
if(!userAuth.contains(perms)){
noAuthList.add(perms.substring(permsPrefix.length()));
}
}
//实体类中字段与未授权字段比较,列出需导出字段
Field[] fileds = JeecgDemo.class.getDeclaredFields();
List<Field> list = new ArrayList(Arrays.asList(fileds));
for(Field field : list){
if(!noAuthList.contains(field.getName())){
exportFieldsList.add(field.getName());
}
}
return exportFieldsList != null && exportFieldsList.size()>0 ? String.join(",", exportFieldsList) : "";
}
JeecgDemoMapper.xml中查询字段的参考:
<!-- 查询所有符合前缀且有效字段 -->
<select id="queryAllAuth" resultType="java.lang.String">
select perms from sys_permission
where perms
like concat(concat('%',#{permsPrefix}),'%')
and del_flag=0
and status='1'
</select>
<!-- 查询用户已授权字段 -->
<select id="queryUserAuth" resultType="java.lang.String">
select DISTINCT perms from sys_user_role sur,
sys_role_permission srp,
sys_permission sp
where sur.role_id = srp.role_id
and sp.id = srp.permission_id
and sur.user_id = #{userId}
and sp.perms like concat(concat('%',#{permsPrefix}),'%')
</select>