mybatis-plus 全域性攔截器
阿新 • • 發佈:2021-10-09
問題
在專案中遇到一個問題,前端輸入一些html標籤時,傳到後臺會被轉義掉。導致回顯的時候資料錯誤
原因和思路
debug時看到後臺接收到的資料就已經是被轉義掉的。存入到資料庫時資料也就錯誤了。我把原資料存入到資料庫時,顯示是正常的。所以我就想著在存入資料庫時對資料進行下解碼
程式碼
package com.sgcc.sgcip.biz.economy.util; import com.baomidou.mybatisplus.core.toolkit.PluginUtils; import com.baomidou.mybatisplus.extension.handlers.AbstractSqlParserHandler;import org.apache.commons.lang3.StringEscapeUtils; import org.apache.ibatis.executor.statement.StatementHandler; import org.apache.ibatis.mapping.BoundSql; import org.apache.ibatis.mapping.MappedStatement; import org.apache.ibatis.mapping.ParameterMapping; import org.apache.ibatis.mapping.SqlCommandType;import org.apache.ibatis.plugin.*; import org.apache.ibatis.reflection.DefaultReflectorFactory; import org.apache.ibatis.reflection.MetaObject; import org.apache.ibatis.reflection.SystemMetaObject; import org.apache.ibatis.reflection.factory.DefaultObjectFactory; import org.apache.ibatis.reflection.factory.ObjectFactory;import org.apache.ibatis.reflection.wrapper.DefaultObjectWrapperFactory; import org.apache.ibatis.reflection.wrapper.ObjectWrapperFactory; import org.springframework.stereotype.Component; import java.sql.Connection; import java.util.List; import java.util.Properties; @Intercepts({ @Signature(type = StatementHandler.class, method = "prepare", args = { Connection.class, Integer.class }) }) @Component public class DataScopeInterceptor extends AbstractSqlParserHandler implements Interceptor { private static final ObjectFactory DEFAULT_OBJECT_FACTORY = new DefaultObjectFactory(); private static final ObjectWrapperFactory DEFAULT_OBJECT_WRAPPER_FACTORY = new DefaultObjectWrapperFactory(); @Override public Object intercept(Invocation invocation) throws Throwable { StatementHandler statementHandler = PluginUtils.realTarget(invocation.getTarget()); MetaObject metaObject = SystemMetaObject.forObject(statementHandler); this.sqlParser(metaObject); // 先判斷是不是update 和 insert操作 不是直接過濾 MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement"); if (!SqlCommandType.UPDATE.equals(mappedStatement.getSqlCommandType()) && !SqlCommandType.INSERT .equals(mappedStatement.getSqlCommandType())) { return invocation.proceed(); } BoundSql boundSql = (BoundSql) metaObject.getValue("delegate.boundSql"); //入參 Object parameterObject = boundSql.getParameterObject(); List<ParameterMapping> parameterMappings = boundSql.getParameterMappings(); modifyLikeSql(parameterObject,parameterMappings); return invocation.proceed(); } public static void modifyLikeSql(Object parameterObject,List<ParameterMapping> parameterMappings) { for(ParameterMapping parameterMapping:parameterMappings) { String property = parameterMapping.getProperty(); MetaObject metaObject = MetaObject.forObject(parameterObject, DEFAULT_OBJECT_FACTORY, DEFAULT_OBJECT_WRAPPER_FACTORY, new DefaultReflectorFactory()); Object val = metaObject.getValue(property); if (val != null && val instanceof String) { val = StringEscapeUtils.unescapeXml(val.toString()); metaObject.setValue(property, val); } } } /** * 生成攔截物件的代理 * * @param target 目標物件 * @return 代理物件 */ @Override public Object plugin(Object target) { if (target instanceof StatementHandler) { return Plugin.wrap(target, this); } return target; } /** * mybatis配置的屬性 * * @param properties mybatis配置的屬性 */ @Override public void setProperties(Properties properties) { } }
這裡只對新增和修改的語句進行修改