背景
最近在做一个权限可见的功能。每一个订单都有创建人和创建人部门,而查询订单时可以查看自己的或者自己可见部门的。
比如你可以看电商组下的订单,那么自然可以看到电商A组下的订单。
使用ES写一个demo
搭建ES及数据初始化
java
docker run -p 9200:9200 -p 9300:9300 --name es-container -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:8.10.3ES索引的映射
java
{
"order": {
"mappings": {
"properties": {
"createrId": {
"type": "keyword"
},
"department": {
"type": "keyword"
},
"departmentTree": {
"type": "keyword"
},
"id": {
"type": "keyword"
},
"name": {
"type": "text"
}
}
}
}
}其中数据如下
方案1
场景:你可以看电商组(departMentId = 1)下的订单,那么自然可以看到电商A组下(departMentId = 2,3)的订单。
我通过查询你的权限可以获取大部门电商组(departMentId = 1),然后查询大部门的子部门,从而拿到了部门的全集。
代码略,不推荐,因为部门ID多。
方案2
场景:你可以看电商组(departMentId = 1)下的订单,那么自然可以看到电商A组下(departMentId = 2,3)的订单。
但是我在订单上存储的是这个人的部门链,如下图departmentTree
实操
java
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>elasticsearch-rest-high-level-client</artifactId>
<version>7.17.3</version>
</dependency>
java
import org.apache.http.HttpHost;
import org.elasticsearch.action.search.SearchRequest;
import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.client.RequestOptions;
import org.elasticsearch.client.RestClient;
import org.elasticsearch.client.RestHighLevelClient;
import org.elasticsearch.index.query.BoolQueryBuilder;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.search.SearchHit;
import org.elasticsearch.search.builder.SearchSourceBuilder;
import java.io.IOException;
/**
* @author chaird
* @create 2020-08-27 21:42
*/
public class Start {
public static void main(String[] args) throws Exception {
// 创建 REST 高级客户端
RestHighLevelClient client = new RestHighLevelClient(
RestClient.builder(new HttpHost("101.200.123.220", 9200, "http")));
try {
// 创建搜索请求
SearchRequest searchRequest = new SearchRequest("order");
SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder();
BoolQueryBuilder boolQueryBuilder = QueryBuilders.boolQuery();
//id = 1
//boolQueryBuilder.filter(QueryBuilders.termQuery("id", 1));
//department = 1
//boolQueryBuilder.filter(QueryBuilders.termQuery("department", 1));
// id in (1,2)
//boolQueryBuilder.filter(QueryBuilders.termsQuery("id", Arrays.asList(1,2)));
// db departmentTree =[1,2,3] 命中一个就行,部门查询
boolQueryBuilder.filter(QueryBuilders.termQuery("departmentTree", 1));
// where id = 1 or department = 3
// BoolQueryBuilder orFilter = QueryBuilders.boolQuery();
// orFilter.should(QueryBuilders.termQuery("id", 1));
// orFilter.should(QueryBuilders.termQuery("department", 3));
// boolQueryBuilder.filter(orFilter);
searchSourceBuilder.query(boolQueryBuilder);
//System.out.println(searchSourceBuilder.toString());
searchRequest.source(searchSourceBuilder);
// 执行搜索请求
SearchResponse searchResponse = client.search(searchRequest, RequestOptions.DEFAULT);
// 处理搜索结果
for (SearchHit hit : searchResponse.getHits().getHits()) {
System.out.println(hit.getSourceAsString());
}
} catch (IOException e) {
e.printStackTrace();
} finally {
try {
// 关闭客户端
client.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}