Merge pull request #2938 from liuxx001/3.0

fix #2930 修复BlockAttackInnerInterceptor与逻辑删除字段共用的时候拦截失效的问题

mybatis-plus-core/src/main/java/com/baomidou/mybatisplus/core/metadata/TableInfoHelper.java

@@ -55,6 +55,11 @@ public class TableInfoHelper {
      */
     private static final Map<Class<?>, TableInfo> TABLE_INFO_CACHE = new ConcurrentHashMap<>();
 
+    /**
+     * 储存表名对应的反射类表信息
+     */
+    private static final Map<String, TableInfo> TABLE_NAME_INFO_CACHE = new ConcurrentHashMap<>();
+
     /**
      * 默认表主键名称
      */
@@ -89,6 +94,21 @@ public class TableInfoHelper {
         return tableInfo;
     }
 
+    /**
+     * <p>
+     * 根据表名获取实体映射表信息
+     * </p>
+     *
+     * @param tableName 表名
+     * @return 数据库表反射信息
+     */
+    public static TableInfo getTableInfo(String tableName) {
+        if(StringUtils.isBlank(tableName)){
+            return null;
+        }
+        return TABLE_NAME_INFO_CACHE.get(tableName);
+    }
+
     /**
      * <p>
      * 获取所有实体映射表信息
@@ -118,10 +138,15 @@ public class TableInfoHelper {
                 // 不是同一个 Configuration,进行重新初始化
                 targetTableInfo = initTableInfo(configuration, builderAssistant.getCurrentNamespace(), clazz);
                 TABLE_INFO_CACHE.put(clazz, targetTableInfo);
+                TABLE_NAME_INFO_CACHE.put(targetTableInfo.getTableName(), targetTableInfo);
             }
             return targetTableInfo;
         }
-        return TABLE_INFO_CACHE.computeIfAbsent(clazz, key -> initTableInfo(configuration, builderAssistant.getCurrentNamespace(), key));
+        return TABLE_INFO_CACHE.computeIfAbsent(clazz, key -> {
+            TableInfo tableInfo = initTableInfo(configuration, builderAssistant.getCurrentNamespace(), key);
+            TABLE_NAME_INFO_CACHE.put(tableInfo.getTableName(), tableInfo);
+            return tableInfo;
+        });
     }
 
     /**

mybatis-plus-extension/src/main/java/com/baomidou/mybatisplus/extension/plugins/inner/BlockAttackInnerInterceptor.java

@@ -15,10 +15,13 @@
  */
 package com.baomidou.mybatisplus.extension.plugins.inner;
 
+import com.baomidou.mybatisplus.core.metadata.TableInfo;
+import com.baomidou.mybatisplus.core.metadata.TableInfoHelper;
 import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
 import com.baomidou.mybatisplus.core.toolkit.Assert;
 import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
 import com.baomidou.mybatisplus.extension.parser.JsqlParserSupport;
+import net.sf.jsqlparser.expression.BinaryExpression;
 import net.sf.jsqlparser.expression.Expression;
 import net.sf.jsqlparser.expression.Parenthesis;
 import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
@@ -57,22 +60,30 @@ public class BlockAttackInnerInterceptor extends JsqlParserSupport implements In
 
     @Override
     protected void processDelete(Delete delete, int index, String sql, Object obj) {
-        this.checkWhere(delete.getWhere(), "Prohibition of full table deletion");
+        this.checkWhere(delete.getTable().getName(), delete.getWhere(), "Prohibition of full table deletion");
     }
 
     @Override
     protected void processUpdate(Update update, int index, String sql, Object obj) {
-        this.checkWhere(update.getWhere(), "Prohibition of table update operation");
+        this.checkWhere(update.getTable().getName(), update.getWhere(), "Prohibition of table update operation");
     }
 
-    protected void checkWhere(Expression where, String ex) {
-        Assert.isFalse(this.fullMatch(where), ex);
+    protected void checkWhere(String tableName, Expression where, String ex) {
+        Assert.isFalse(this.fullMatch(where, this.getTableLogicField(tableName)), ex);
     }
 
-    private boolean fullMatch(Expression where) {
+    private boolean fullMatch(Expression where, String logicField) {
         if (where == null) {
             return true;
         }
+        if (StringUtils.isNotBlank(logicField) && (where instanceof BinaryExpression)) {
+
+            BinaryExpression binaryExpression = (BinaryExpression) where;
+            if (StringUtils.equals(binaryExpression.getLeftExpression().toString(), logicField) || StringUtils.equals(binaryExpression.getRightExpression().toString(), logicField)) {
+                return true;
+            }
+        }
+
         if (where instanceof EqualsTo) {
             // example: 1=1
             EqualsTo equalsTo = (EqualsTo) where;
@@ -84,17 +95,35 @@ public class BlockAttackInnerInterceptor extends JsqlParserSupport implements In
         } else if (where instanceof OrExpression) {
 
             OrExpression orExpression = (OrExpression) where;
-            return fullMatch(orExpression.getLeftExpression()) || fullMatch(orExpression.getRightExpression());
+            return fullMatch(orExpression.getLeftExpression(), logicField) || fullMatch(orExpression.getRightExpression(), logicField);
         } else if (where instanceof AndExpression) {
 
             AndExpression andExpression = (AndExpression) where;
-            return fullMatch(andExpression.getLeftExpression()) && fullMatch(andExpression.getRightExpression());
+            return fullMatch(andExpression.getLeftExpression(), logicField) && fullMatch(andExpression.getRightExpression(), logicField);
         } else if (where instanceof Parenthesis) {
             // example: (1 = 1)
             Parenthesis parenthesis = (Parenthesis) where;
-            return fullMatch(parenthesis.getExpression());
+            return fullMatch(parenthesis.getExpression(), logicField);
         }
 
         return false;
     }
+
+    /**
+     * 获取表名中的逻辑删除字段
+     *
+     * @param tableName 表名
+     * @return 逻辑删除字段
+     */
+    private String getTableLogicField(String tableName) {
+        if (StringUtils.isBlank(tableName)) {
+            return StringUtils.EMPTY;
+        }
+
+        TableInfo tableInfo = TableInfoHelper.getTableInfo(tableName);
+        if (tableInfo == null || !tableInfo.isWithLogicDelete() || tableInfo.getLogicDeleteFieldInfo() == null) {
+            return StringUtils.EMPTY;
+        }
+        return tableInfo.getLogicDeleteFieldInfo().getColumn();
+    }
 }