feat-ISelectAbility-view接口的权限可以被子类覆盖

ximatai · Oct 24, 2024 · 2d78ef7 · 2d78ef7
1 parent 4607691
commit 2d78ef7
Showing 1 changed file with 20 additions and 12 deletions.
diff --git a/muyun-core/src/main/java/net/ximatai/muyun/ability/curd/std/ISelectAbility.java b/muyun-core/src/main/java/net/ximatai/muyun/ability/curd/std/ISelectAbility.java
@@ -128,6 +128,25 @@ default PageResult view(@Parameter(description = "页码") @QueryParam("page") I
         return view(page, size, noPage, sort, null, null);
     }
 
+    /**
+     * @return 权限条件 SQL
+     */
+    default String getAuthCondition() {
+        String authCondition = "and 1=1";
+        if (this instanceof IAuthAbility authAbility) {
+            ApiRequest apiRequest = authAbility.getApiRequest();
+            String module = apiRequest.getModule();
+            String action = apiRequest.getAction();
+            if (apiRequest.isNotBlank() // view 接口可能被程序内部调用，这种情况不应该拼装权限
+                && isModuleMatchingPath(module)
+                && "view".equals(action)) {
+                String userID = authAbility.getUser().getId();
+                authCondition = authAbility.getAuthorizationService().getAuthCondition(userID, module, action);
+            }
+        }
+        return authCondition;
+    }
+
     default PageResult view(Integer page,
                             Long size,
                             Boolean noPage,
@@ -156,18 +175,7 @@ default PageResult view(Integer page,
             orderColumns.addAll(getSortDefaultColumns());
         }
 
-        String authCondition = "and 1=1";
-        if (this instanceof IAuthAbility authAbility) {
-            ApiRequest apiRequest = authAbility.getApiRequest();
-            String module = apiRequest.getModule();
-            String action = apiRequest.getAction();
-            if (apiRequest.isNotBlank() // view 接口可能被程序内部调用，这种情况不应该拼装权限
-                && isModuleMatchingPath(module)
-                && "view".equals(action)) {
-                String userID = authAbility.getUser().getId();
-                authCondition = authAbility.getAuthorizationService().getAuthCondition(userID, module, action);
-            }
-        }
+        String authCondition = getAuthCondition();
 
         StringBuilder queryCondition = new StringBuilder();