1

pom.xml

@@ -127,6 +127,11 @@
             <artifactId>gson</artifactId>
             <version>2.8.2</version>
         </dependency>
+        <dependency>
+			<groupId>com.alibaba</groupId>
+			<artifactId>fastjson</artifactId>
+			<version>1.2.37</version>
+		</dependency>
         
         <dependency>
 			<groupId>org.springframework.boot</groupId>

src/main/java/com/chinaitop/depot/utils/CustomFilter.java

@@ -0,0 +1,61 @@
+package com.chinaitop.depot.utils;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.lang.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
+
+import com.chinaitop.depot.utils.DataPolicyEngine;
+import com.chinaitop.depot.utils.ParameterRequestWrapper;
+
+public class CustomFilter implements Filter {
+
+	@Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+ 
+    }
+	
+	@Override
+	public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
+			throws IOException, ServletException {
+		ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper((HttpServletRequest) arg0);
+		HttpServletRequest request = (HttpServletRequest) arg0;
+		HttpSession session = request.getSession();
+		String orgId = "";
+		if (session != null){
+			orgId = ObjectUtils.toString(session.getAttribute("orgId"), "");
+		}
+		if (StringUtils.isNotBlank(orgId)) {
+			DataPolicyEngine.set(orgId);
+		}
+
+		if (StringUtils.isNotBlank(orgId)) {
+			// 将参数追加到request url 之后
+			requestWrapper.addParameter("orgId", orgId);
+			requestWrapper.addParameter("unitid", orgId);
+			requestWrapper.addParameter("unitId", orgId);
+			// 将参数追加到request 的body 中
+			requestWrapper.addParameterToBody("orgId", orgId);
+			requestWrapper.addParameterToBody("unitid", orgId);
+			requestWrapper.addParameterToBody("unitId", orgId);
+		}
+
+		arg2.doFilter(requestWrapper, arg1);
+		DataPolicyEngine.remove();
+	}
+
+	@Override
+    public void destroy() {
+ 
+    }
+
+}

src/main/java/com/chinaitop/depot/utils/DataPolicyEngine.java

@@ -0,0 +1,61 @@
+package com.chinaitop.depot.utils;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+
+/**
+ * 
+ * @author hf
+ * 
+ * @description 数据策略（数据权限控制使用）
+ * 
+ * 
+ */
+public class DataPolicyEngine {
+	//log信息输出对象
+	protected static final Log log = LogFactory.getLog(DataPolicyEngine.class); 
+
+	//本地线程，用于存储线程公共对象
+	private static ThreadLocal threadLocalSession = new ThreadLocal();
+	
+	
+	/**
+	 * @description 获取本地执行线程
+	 *
+	 * @return ThreadLocal 
+	 * 
+	 */
+	public static ThreadLocal getThreadLocalSession() {
+		return threadLocalSession;
+	}
+	
+	/**
+	 * @description 在线程内设置存储对象
+	 * 
+	 */
+	public static void set(Object obj) {
+		threadLocalSession.set(obj);
+
+	}
+	
+	/**
+	 * @description 获取在线程内设置存储的对象
+	 * 
+	 */
+	public static Object get() {
+		return threadLocalSession.get();
+
+	}
+
+	/**
+	 * @description 移除在线程内设置存储的对象
+	 * 
+	 */
+	public static void remove() {
+		threadLocalSession.remove();
+
+	}
+	
+	
+}

src/main/java/com/chinaitop/depot/utils/ParameterRequestWrapper.java

@@ -0,0 +1,233 @@
+package com.chinaitop.depot.utils;
+
+import com.alibaba.fastjson.JSONObject;
+import org.springframework.util.StringUtils;
+
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * request 请求参数添加
+ *
+ * @Description TODO
+ * @Date 2022/12/13 09:41
+ * @Author fxw
+ * @Version 1.0
+ */
+public class ParameterRequestWrapper extends HttpServletRequestWrapper {
+
+    private Map<String, String[]> params = new HashMap<String, String[]>();
+    private byte[] body;
+
+    public ParameterRequestWrapper(HttpServletRequest request) {
+        // 将request交给父类，以便于调用对应方法的时候，将其输出，
+        // 其实父亲类的实现方式和第一种new的方式类似
+        super(request);
+        //将参数表，赋予给当前的Map以便于持有request中的参数
+        //由于request并没有提供现成的获取json字符串的方法，所以我们需要将body中的流转为字符串
+        String json = getPostData(request);
+        if (!StringUtils.isEmpty(json)) {
+            // body 赋值
+            this.body = getData(json).getBytes();
+        }
+        // 请求参数赋值
+        this.params.putAll(request.getParameterMap());
+    }
+
+    /**
+     * 重载一个构造方法-- 扩展参数
+     *
+     * @param request
+     * @param extendParams
+     */
+    public ParameterRequestWrapper(HttpServletRequest request, Map<String, Object> extendParams) {
+        this(request);
+        //这里将扩展参数写入参数表
+        addAllParameters(extendParams);
+    }
+
+    /**
+     * 增加多个参数
+     *
+     * @param otherParams
+     */
+    public void addAllParameters(Map<String, Object> otherParams) {
+        for (Map.Entry<String, Object> entry : otherParams.entrySet()) {
+            addParameter(entry.getKey(), entry.getValue());
+        }
+    }
+
+    /**
+     * 增加参数
+     */
+    public void addParameter(String name, Object value) {
+        if (value != null) {
+            if (value instanceof String[]) {
+                params.put(name, (String[]) value);
+            } else if (value instanceof String) {
+                params.put(name, new String[]{(String) value});
+            } else {
+                params.put(name, new String[]{String.valueOf(value)});
+            }
+        }
+    }
+    
+    /**
+     * 删除参数
+     */
+    public void deleteParameter(String key) {
+    	params.remove(key);
+    }
+
+    /**
+     * 增加body 参数
+     *
+     * @param name
+     * @param value
+     */
+    public void addParameterToBody(String name, Object value) {
+        byte[] json = this.body;
+        if (null == json) {
+            return;
+        }
+        String jsonStr = new String(json);
+        try {
+            Map<String, Object> mapData = JSONObject.parseObject(jsonStr, Map.class);
+            if (value != null) {
+                mapData.put(name, value);
+                this.body = JSONObject.toJSONString(mapData).getBytes();
+            }
+        } catch (Exception ex) {
+            // 转换异常
+        }
+
+    }
+
+    /**
+     * 删除body 参数
+     *
+     * @param name
+     * @param value
+     */
+    public void deleteParameterToBody(String key) {
+        byte[] json = this.body;
+        if (null == json) {
+            return;
+        }
+        String jsonStr = new String(json);
+        try {
+            Map<String, Object> mapData = JSONObject.parseObject(jsonStr, Map.class);
+            mapData.remove(key);
+            this.body = JSONObject.toJSONString(mapData).getBytes();
+        } catch (Exception ex) {
+            // 转换异常
+        }
+
+    }
+
+
+    /**
+     * body中参数解密
+     *
+     * @param json
+     * @return
+     */
+    private String getData(String json) {
+        //加密，如果传过来的是加密数据，先解密，未加密直接返回原json
+//        if(StringUtils.isNotEmpty(json)){
+//            json = AES256Util.decode(json);
+//            if(StringUtils.isEmpty(json)){
+//                return "";
+//            }
+//            JSONObject object = JSONUtil.parseObj(json);
+//            return JSONUtil.toJsonStr(object);
+//        }
+        //不加密
+        return json;
+
+    }
+
+    /**
+     * 获取body 参数
+     *
+     * @param request
+     * @return
+     */
+    public static String getPostData(HttpServletRequest request) {
+        StringBuilder data = new StringBuilder();
+        String line;
+        BufferedReader reader;
+        try {
+            reader = request.getReader();
+            while (null != (line = reader.readLine())) {
+                data.append(line);
+            }
+        } catch (IOException e) {
+            return null;
+        }
+        return data.toString();
+    }
+
+    @Override
+    public String getParameter(String name) {//重写getParameter，代表参数从当前类中的map获取
+        String[] values = params.get(name);
+        if (values == null || values.length == 0) {
+            return null;
+        }
+        return values[0];
+    }
+
+    @Override
+    public String[] getParameterValues(String name) {//同上
+        return params.get(name);
+    }
+
+    @Override
+    public BufferedReader getReader() throws IOException {
+        return new BufferedReader(new InputStreamReader(getInputStream()));
+    }
+
+    /**
+     * 在使用@RequestBody注解的时候，其实框架是调用了getInputStream()方法，所以我们要重写这个方法
+     *
+     * @return
+     * @throws IOException
+     */
+    @Override
+    public ServletInputStream getInputStream() throws IOException {
+        if (body == null) {
+            body = new byte[0];
+        }
+        final ByteArrayInputStream bais = new ByteArrayInputStream(body);
+        return new ServletInputStream() {
+            @Override
+            public boolean isFinished() {
+                return false;
+            }
+
+            @Override
+            public boolean isReady() {
+                return false;
+            }
+
+            @Override
+            public void setReadListener(ReadListener readListener) {
+
+            }
+
+            @Override
+            public int read() throws IOException {
+                return bais.read();
+            }
+        };
+    }
+
+}

src/main/java/com/chinaitop/depot/utils/WebConfig.java

@@ -0,0 +1,39 @@
+package com.chinaitop.depot.utils;
+
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @desc 注册bean, 将自定义过滤器添加到过滤器链中
+ * @Author fxw
+ * @date 2019/3/11
+ * @return
+ */
+@Configuration
+public class WebConfig {
+
+   /**
+    * 注册过滤器,有两种方式：
+    * 1) 使用 @Component 注解<br>
+    * 2) 添加到过滤器链中，此方式适用于使用第三方的过滤器。将过滤器写到 WebConfig 类中，如下：
+    */
+   @Bean
+   public FilterRegistrationBean filterRegistrationBean() {
+
+      FilterRegistrationBean registrationBean = new FilterRegistrationBean();
+
+      CustomFilter filter = new CustomFilter();
+      registrationBean.setFilter(filter);
+
+      //设置过滤器拦截请求
+      List<String> urls = new ArrayList<>();
+      urls.add("/*");
+      registrationBean.setUrlPatterns(urls);
+
+      return registrationBean;
+   }
+
+}