# mybatis-plus-interceptor **Repository Path**: qiuchengze/mybatis-plus-interceptor ## Basic Information - **Project Name**: mybatis-plus-interceptor - **Description**: mybatis plus 插件(多租户、数据权限、字段脱敏) - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 3 - **Forks**: 3 - **Created**: 2023-11-28 - **Last Updated**: 2025-08-14 ## Categories & Tags **Categories**: Uncategorized **Tags**: 工具类 ## README # mybatis-plus-interceptor #### 介绍 mybatis plus 插件(多租户、数据权限、字段脱敏) #### 软件架构 #### 安装教程 #### 使用说明 1. 脱敏 1.1 注解 1.1.1 @Sensitive - 脱敏:方法或类注解(是否对方法或类进行脱敏扫描) ``` /** * 脱敏开关注解 */ @Retention(RetentionPolicy.RUNTIME) @Target({ElementType.METHOD, ElementType.TYPE}) public @interface Sensitive { } ``` 1.1.2 @FieldSensitive - 脱敏:字段注解(字段进行何种类型的脱敏) ``` /** * 字段脱敏注解 */ @Retention(RetentionPolicy.RUNTIME) @Target({ElementType.FIELD}) public @interface FieldSensitive { DesensitizedUtil.DesensitizedType type() default DesensitizedUtil.DesensitizedType.PASSWORD; } ``` - 支持的脱敏类型枚举 ``` /** * 支持的脱敏类型枚举 * * @author dazer and neusoft and qiaomu */ public enum DesensitizedType { //用户id USER_ID, //中文名 CHINESE_NAME, //身份证号 ID_CARD, //座机号 FIXED_PHONE, //手机号 MOBILE_PHONE, //地址 ADDRESS, //电子邮件 EMAIL, //密码 PASSWORD, //中国大陆车牌,包含普通车辆、新能源车辆 CAR_LICENSE, //银行卡 BANK_CARD } ``` 1.2 SensitiveAspect - 需要继承top.cenze.interceptor.aspect.SensitiveAspect。 ``` @Aspect @Component public class SensitiveAspect extends top.cenze.interceptor.aspect.SensitiveAspect { } ``` 1.3 实例 - 需要进行脱敏的方法或类使用注解@Sensitive ``` @Sensitive @MultiTenant(includeTables = {"sys_user"}) @ApiOperation(value = "用户管理-用户分页查找") @ApiImplicitParams({ @ApiImplicitParam(name = "vo.memberId", value = "请求用户id", dataType = "Long", required = false), @ApiImplicitParam(name = "vo.pageNumber", value = "分页页数", dataType = "Integer", required = true), @ApiImplicitParam(name = "vo.pageSize", value = "每页记录数", dataType = "Integer", required = true), @ApiImplicitParam(name = "vo.userName", value = "用户名称", dataType = "String", required = false), }) @RequestMapping(value = "/findUserByPage", consumes = "application/json;charset=UTF-8", produces = "application/json;charset=UTF-8") public Result findUserByPage(@RequestBody SysUserVo vo) { ...; } ``` - 返回对象中需要脱敏的字段增加注解@FieldSensitive ``` @Data @ApiModel(value = "用户信息") public class UserInfoCollectDto extends SysUser { @ApiModelProperty(value = "用户ID") private Long userId; @ApiModelProperty(value = "人脸头像") private String humanFaceImage; @ApiModelProperty(value = "企业名称/用户姓名") private String realName; @ApiModelProperty(value = "企业名称/用户姓名简称") private String shortName; @ApiModelProperty(value = "统一社会信用码") private String unifyCreditCode; @FieldSensitive(type = DesensitizedUtil.DesensitizedType.CHINESE_NAME) @ApiModelProperty(value = "法人姓名") private String legalPersonName; @FieldSensitive(type = DesensitizedUtil.DesensitizedType.PASSWORD) @ApiModelProperty(value = "法人手机号") private String legalPersonMobile; @FieldSensitive(type = DesensitizedUtil.DesensitizedType.ID_CARD) @ApiModelProperty(value = "法人身份证号") private String legalPersonCertNo; ...; } ``` 2. 数据权限 2.1 注解 ``` public @interface CenzeDataPrems { // 忽略权限(管理员跳过) DataPermsEnum[] ignorePerms() default {DataPermsEnum.ADMIN}; // 指定权限(默认平台) DataPermsEnum[] includePerms() default {DataPermsEnum.PLAT}; // 忽略表 String[] ignoreTables() default {}; // 包含表 String[] includeTables() default {}; } ``` 2.2 yml配置 ``` dataprems: tenant-id-column-name: platform_id company-id-column-name: company_id department-id-column-name: department_id create-by-id-column-name: create_by_id ignore-tables: include-tables: ``` 2.3 数据权限定义 ``` public enum DataPermsEnum { ADMIN(9, "系统"), PLAT(0, "平台"), CMPY_ONLY(1, "本公司"), CMPY_SUBS(2, "本公司及子公司"), CMPY_ALL(3, "相同根公司的所有公司"), DEPT_ONLY(4, "本部门"), DEPT_SUBS(5, "本部门及子部门"), DEPT_ALL(6, "相同根部门的所有部门"), OWNR(7, "自己"), ; } ``` 2.4 数据权限信息对象 ``` public class UserRolePerms { // @ApiModelProperty(value = "用户id") private Long userId; // @ApiModelProperty(value = "用户是否为管理员") private Boolean admin = false; // @ApiModelProperty(value = "用户数据权限范围") private Integer dataPermsScope; // @ApiModelProperty(value = "用户所属租户id") private Long tenantId; // @ApiModelProperty(value = "用户所属公司id") private Long companyId; // @ApiModelProperty(value = "子公司id集合") private List subCompanyIds; // @ApiModelProperty(value = "相同根公司的所有公司id集合") private List allCompanyIds; // @ApiModelProperty(value = "用户所属部门id") private Long departmentId; // @ApiModelProperty(value = "子部门id集合") private List subDepartmentIds; // @ApiModelProperty(value = "相同根部门的所有部门id集合") private List allDepartmentIds; } ``` 2.5 MybatisPlusConfig ``` @Configuration public class MybatisPlusConfig extends CenzeMybatisPlusConfig { public MybatisPlusConfig(@Value("${dataprems.tenant-id-column-name}") String tenantIdColumnName, @Value("${dataprems.company-id-column-name}") String companyIdColumnName, @Value("${dataprems.department-id-column-name}") String departmentIdColumnName, @Value("${dataprems.create-by-id-column-name}") String createByIdColumnName, @Value("${dataprems.ignore-tables}") String ignoreTableNames, @Value("${dataprems.include-tables}") String includeTableNames ) { super(tenantIdColumnName, companyIdColumnName, departmentIdColumnName, createByIdColumnName, ignoreTableNames, includeTableNames); } } ``` 2.6 实现用户数据权限数据服务类 ``` @Component public class UserRolePremsService extends CenzeUserRolePermsService { @Autowired private UserDataScopeComponent userDataScopeComponent; @Override public UserRolePerms getUserRolePerms(JoinPoint point) { Object userId = AspectUtil.getParamByName(point, "memberId"); if (ObjectUtil.isNotNull(userId)) { String str = userDataScopeComponent.getUserRolePermsByRedis(Convert.toLong(userId)); // log.info("getUserRolePerms perms: {}", str); if (StrUtil.isNotEmpty(str)) { // UserRolePerms perms = new UserRolePerms(); // perms.setTenantId(1L); // perms.setUserId(4L); // perms.setDataPermsScope(DataPermsScopeEnum.PLAT); // perms.setCompanyId(5L); // perms.setIsAdmin(false); // return perms; return JSON.parseObject(str, UserRolePerms.class);; } } return null; } } ``` 2.7 使用案例 ``` @CenzeDataPrems(includeTables = {"wms_inventory"}) @ApiOperation(value = "分页查询") @PostMapping(value = "/page") public Result> page(@RequestBody @Validated InventoryPageReq req) { log.info("page req: {}", JSON.toJSONString(req)); return Result.Success(wmsInventoryService.getPage(req)); } ``` #### 参与贡献