#157

example/example-app/example-app-cmd-domain/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-app</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-app/example-app-cmd-meta/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-app</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-app/example-app-query/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-app</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-app/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>springboot-example</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <packaging>pom</packaging>

example/example-domain/example-domain-leave/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-domain</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-domain/example-domain-user/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-domain</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-domain/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>springboot-example</artifactId>
-       <version>3.4.18</version>
+       <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

example/example-infra/example-infra-flow/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-infra</artifactId>
-       <version>3.4.18</version>
+       <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-infra/example-infra-jpa/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-infra</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-infra/example-infra-security/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>example-infra</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

example/example-infra/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>springboot-example</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <packaging>pom</packaging>

example/example-interface/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>springboot-example</artifactId>
-        <version>3.4.18</version>
+        <version>3.4.19</version>
     </parent>
 
     <artifactId>example-interface</artifactId>

example/example-server/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>springboot-example</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-       <version>3.4.18</version>
+       <version>3.4.19</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

example/pom.xml

@@ -19,7 +19,7 @@
     </parent>
 
     <artifactId>springboot-example</artifactId>
-    <version>3.4.18</version>
+    <version>3.4.19</version>
 
     <name>springboot-example</name>
     <description>springboot-example project for Spring Boot</description>

pom.xml

@@ -12,7 +12,7 @@
 
     <groupId>com.codingapi.springboot</groupId>
     <artifactId>springboot-parent</artifactId>
-    <version>3.4.18</version>
+    <version>3.4.19</version>
 
     <url>https://github.com/codingapi/springboot-framewrok</url>
     <name>springboot-parent</name>

springboot-starter-data-authorization/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>springboot-parent</artifactId>
-       <version>3.4.18</version>
+       <version>3.4.19</version>
     </parent>
 
     <name>springboot-starter-data-authorization</name>

springboot-starter-data-authorization/src/main/java/com/codingapi/springboot/authorization/enhancer/DataPermissionSQLEnhancer.java

@@ -3,15 +3,25 @@
 
 import com.codingapi.springboot.authorization.handler.Condition;
 import com.codingapi.springboot.authorization.handler.RowHandler;
+import net.sf.jsqlparser.expression.BinaryExpression;
 import net.sf.jsqlparser.expression.Expression;
+import net.sf.jsqlparser.expression.ExpressionVisitorAdapter;
+import net.sf.jsqlparser.expression.SignedExpression;
+import net.sf.jsqlparser.expression.operators.arithmetic.Subtraction;
 import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
+import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
+import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
+import net.sf.jsqlparser.expression.operators.relational.InExpression;
+import net.sf.jsqlparser.expression.operators.relational.LikeExpression;
 import net.sf.jsqlparser.parser.CCJSqlParserUtil;
 import net.sf.jsqlparser.schema.Table;
 import net.sf.jsqlparser.statement.Statement;
 import net.sf.jsqlparser.statement.select.*;
+import net.sf.jsqlparser.util.TablesNamesFinder;
 
 import java.sql.SQLException;
 import java.util.List;
+import java.util.Set;
 
 /**
  * 数据权限 SQL 增强器
@@ -100,9 +110,52 @@ private void enhanceDataPermissionInSelect(PlainSelect plainSelect) throws Excep
                 }
             }
         }
+
+        Expression expression =  plainSelect.getWhere();
+        this.handlerSubSelect(expression);
     }
 
 
+    private void handlerSubSelect(Expression expression) throws Exception {
+        if(expression!=null){
+            if(expression instanceof AndExpression){
+                AndExpression andExpression = (AndExpression) expression;
+                Expression leftExpression =  andExpression.getLeftExpression();
+                Expression rightExpression =  andExpression.getRightExpression();
+
+                this.handlerSubSelect(leftExpression);
+                this.handlerSubSelect(rightExpression);
+
+            }
+            if(expression instanceof OrExpression){
+                OrExpression orExpression = (OrExpression) expression;
+                Expression leftExpression =  orExpression.getLeftExpression();
+                Expression rightExpression =  orExpression.getRightExpression();
+
+                this.handlerSubSelect(leftExpression);
+                this.handlerSubSelect(rightExpression);
+            }
+
+            if(expression instanceof InExpression){
+                InExpression inExpression = (InExpression) expression;
+                Expression leftExpression =  inExpression.getLeftExpression();
+                Expression rightExpression =  inExpression.getRightExpression();
+
+                this.handlerSubSelect(leftExpression);
+                this.handlerSubSelect(rightExpression);
+            }
+
+            if(expression instanceof ParenthesedSelect){
+                ParenthesedSelect  parenthesedSelect = (ParenthesedSelect) expression;
+                this.enhanceDataPermissionInSelect(parenthesedSelect.getPlainSelect());
+            }
+
+            if(expression instanceof PlainSelect){
+                this.enhanceDataPermissionInSelect((PlainSelect) expression);
+            }
+        }
+    }
+
     // 注入数据权限条件
     private void injectDataPermissionCondition(PlainSelect plainSelect, Table table, Expression where) throws Exception {
         String tableName = table.getName();

springboot-starter-data-authorization/src/test/java/com/codingapi/springboot/authorization/DataAuthorizationContextTest.java

@@ -1,13 +1,11 @@
 package com.codingapi.springboot.authorization;
 
 import com.codingapi.springboot.authorization.current.CurrentUser;
-import com.codingapi.springboot.authorization.enhancer.DataPermissionSQLEnhancer;
 import com.codingapi.springboot.authorization.entity.Depart;
 import com.codingapi.springboot.authorization.entity.Unit;
 import com.codingapi.springboot.authorization.entity.User;
 import com.codingapi.springboot.authorization.filter.DefaultDataAuthorizationFilter;
 import com.codingapi.springboot.authorization.handler.Condition;
-import com.codingapi.springboot.authorization.handler.RowHandler;
 import com.codingapi.springboot.authorization.interceptor.SQLRunningContext;
 import com.codingapi.springboot.authorization.mask.ColumnMaskContext;
 import com.codingapi.springboot.authorization.mask.impl.BankCardMask;
@@ -17,14 +15,6 @@
 import com.codingapi.springboot.authorization.repository.UnitRepository;
 import com.codingapi.springboot.authorization.repository.UserRepository;
 import lombok.extern.slf4j.Slf4j;
-import net.sf.jsqlparser.expression.Expression;
-import net.sf.jsqlparser.parser.CCJSqlParserUtil;
-import net.sf.jsqlparser.schema.Column;
-import net.sf.jsqlparser.statement.Statement;
-import net.sf.jsqlparser.statement.select.PlainSelect;
-import net.sf.jsqlparser.statement.select.Select;
-import net.sf.jsqlparser.statement.select.SelectItem;
-import net.sf.jsqlparser.statement.select.SelectItemVisitor;
 import org.junit.jupiter.api.MethodOrderer;
 import org.junit.jupiter.api.Order;
 import org.junit.jupiter.api.Test;
@@ -37,7 +27,6 @@
 import org.springframework.test.annotation.Rollback;
 
 import java.time.LocalDate;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
@@ -281,73 +270,43 @@ public boolean supportColumnAuthorization(String tableName, String columnName, O
     }
 
 
-//    @Test
+    @Test
     @Order(4)
-    void test4() throws Exception{
-        String sql = "SELECT\n" +
-                "\tt.* \n" +
-                "FROM\n" +
-                "\t(\n" +
-                "\t\tSELECT\n" +
-                "\t\t\tUNYiV.id AS '历史工作经历编号',\n" +
-                "\t\t\tUNYiV.company_name AS '历史工作单位',\n" +
-                "\t\t\tUNYiV.depart_name AS '历史工作部门',\n" +
-                "\t\t\tUNYiV.post_name AS '历史工作岗位',\n" +
-                "\t\t\tUNYiV.start_date AS '开始时间',\n" +
-                "\t\t\tUNYiV.end_date AS '结束时间',\n" +
-                "\t\t\towasH.员工编号 AS '员工编号',\n" +
-                "\t\t\towasH.员工姓名 AS '员工姓名',\n" +
-                "\t\t\towasH.员工生日 AS '员工生日',\n" +
-                "\t\t\towasH.员工地址 AS '员工地址',\n" +
-                "\t\t\towasH.身份证号码 AS '身份证号码',\n" +
-                "\t\t\towasH.手机号 AS '手机号',\n" +
-                "\t\t\towasH.部门编号 AS '部门编号',\n" +
-                "\t\t\towasH.岗位编号 AS '岗位编号',\n" +
-                "\t\t\towasH.任现职编号 AS '任现职编号',\n" +
-                "\t\t\towasH.社团编号 AS '社团编号',\n" +
-                "\t\t\towasH.社团名称 AS '社团名称',\n" +
-                "\t\t\towasH.创建时间 AS '创建时间' \n" +
-                "\t\tFROM\n" +
-                "\t\t\tt_work AS pehMS,\n" +
-                "\t\t\tt_employee AS OGwG7,\n" +
-                "\t\t\tt_work_history AS UNYiV,\n" +
-                "\t\t\t(\n" +
-                "\t\t\t\tSELECT\n" +
-                "\t\t\t\t\tWXJj8.id AS '员工编号',\n" +
-                "\t\t\t\t\tWXJj8.NAME AS '员工姓名',\n" +
-                "\t\t\t\t\tWXJj8.birth_date AS '员工生日',\n" +
-                "\t\t\t\t\tWXJj8.address AS '员工地址',\n" +
-                "\t\t\t\t\tWXJj8.id_card AS '身份证号码',\n" +
-                "\t\t\t\t\tWXJj8.phone AS '手机号',\n" +
-                "\t\t\t\t\tWXJj8.depart_id AS '部门编号',\n" +
-                "\t\t\t\t\tWXJj8.post_id AS '岗位编号',\n" +
-                "\t\t\t\t\tWXJj8.work_id AS '任现职编号',\n" +
-                "\t\t\t\t\trnGD4.id AS '社团编号',\n" +
-                "\t\t\t\t\trnGD4.NAME AS '社团名称',\n" +
-                "\t\t\t\t\trnGD4.create_date AS '创建时间' \n" +
-                "\t\t\t\tFROM\n" +
-                "\t\t\t\t\tt_employee AS WXJj8,\n" +
-                "\t\t\t\t\tt_league_employee AS dEj96,\n" +
-                "\t\t\t\t\tt_league AS rnGD4 \n" +
-                "\t\t\t\tWHERE\n" +
-                "\t\t\t\t\trnGD4.id < 100 \n" +
-                "\t\t\t\t\tAND dEj96.employee_id = WXJj8.id \n" +
-                "\t\t\t\t\tAND dEj96.league_id = rnGD4.id \n" +
-                "\t\t\t\t\tAND 1 = 1 \n" +
-                "\t\t\t) AS owasH \n" +
-                "\t\tWHERE\n" +
-                "\t\t\tUNYiV.employee_id = OGwG7.id \n" +
-                "\t\t\tAND OGwG7.work_id = pehMS.id \n" +
-                "\t\t\tAND owasH.任现职编号 = pehMS.id \n" +
-                "\t\t\tAND 1 = 1 \n" +
-                "\t) AS t , t_employee AS e where t.员工编号 = e.id and e.id = 1";
+    void test4() throws Exception {
+
+        unitRepository.deleteAll();
+        departRepository.deleteAll();
+        userRepository.deleteAll();
+
+        Unit rootUnit = new Unit("Coding总公司");
+        unitRepository.save(rootUnit);
+
+        Unit sdUnit = new Unit("Coding山东分公司", rootUnit.getId());
+        unitRepository.save(sdUnit);
+
+        Depart jgbDepart = new Depart("Coding架构部", rootUnit.getId());
+        departRepository.save(jgbDepart);
+
+        Depart xmbDepart = new Depart("Coding项目部", sdUnit.getId());
+        departRepository.save(xmbDepart);
+
+        User lorne = new User("lorne", LocalDate.parse("1991-01-01"), "beijing", "110105199003078999", "13812345678", jgbDepart);
+        User bob = new User("bob", LocalDate.parse("1991-01-01"), "beijing", "110105199003078999", "13812345678", xmbDepart);
+        User tom = new User("tom", LocalDate.parse("1991-01-01"), "beijing", "110105199003078999", "13812345678", xmbDepart);
+
+        userRepository.save(lorne);
+        userRepository.save(bob);
+        userRepository.save(tom);
+
+        String sql = "select * from t_user where phone like '%1%' and id > 1 and depart_id in (select id from t_depart where id > 0)";
 
 
         DataAuthorizationContext.getInstance().clearDataAuthorizationFilters();
         DataAuthorizationContext.getInstance().addDataAuthorizationFilter(new DefaultDataAuthorizationFilter() {
             @Override
             public Condition rowAuthorization(String tableName, String tableAlias) {
-                return super.rowAuthorization(tableName, tableAlias);
+                String conditionTemplate = "%s.id > -100 ";
+                return Condition.formatCondition(conditionTemplate, tableAlias);
             }
 
             @Override
@@ -358,21 +317,24 @@ public <T> T columnAuthorization(String tableName, String columnName, T value) {
 
             @Override
             public boolean supportColumnAuthorization(String tableName, String columnName, Object value) {
-                return true;
+                if ("t_depart".equalsIgnoreCase(tableName)) {
+                    return true;
+                }
+                return false;
             }
 
             @Override
             public boolean supportRowAuthorization(String tableName, String tableAlias) {
-                return true;
+                if ("t_depart".equalsIgnoreCase(tableName)) {
+                    return true;
+                }
+                return false;
             }
         });
 
-
         List<Map<String, Object>> data = jdbcTemplate.queryForList(sql);
-//        System.out.println(data);
+        System.out.println(data);
     }
 
 
-
-
 }