Spring系列——MybatisPlus

标签：截取   pos   update   mave   group   注入   escape   ssim   evel   

以前是Mybatis XML配套的方式去写，而MybaitsPlus是Mybatis的增强版，抛去了XML文件内容。后者虽然减少了很多繁琐的SQL内容编写，但是同样的，对于复杂的SQL场景，类似流似的SQL生成还是没有XML写法直观。

2. 特性

• 无侵入：只做增强不做改变，引入它不会对现有工程产生影响，如丝般顺滑
• 损耗小：启动即会自动注入基本 CURD，性能基本无损耗，直接面向对象操作
• 强大的 CRUD 操作：内置通用 Mapper、通用 Service，仅仅通过少量配置即可实现单表大部分 CRUD 操作，更有强大的条件构造器，满足各类使用需求
• 支持 Lambda 形式调用：通过 Lambda 表达式，方便的编写各类查询条件，无需再担心字段写错
• 支持主键自动生成：支持多达 4 种主键策略（内含分布式唯一 ID 生成器 - Sequence），可自由配置，完美解决主键问题
• 支持 ActiveRecord 模式：支持 ActiveRecord 形式调用，实体类只需继承 Model 类即可进行强大的 CRUD 操作
• 支持自定义全局通用操作：支持全局通用方法注入（ Write once, use anywhere ）
• 内置代码生成器：采用代码或者 Maven 插件可快速生成 Mapper 、 Model 、 Service 、 Controller 层代码，支持模板引擎，更有超多自定义配置等您来使用
• 内置分页插件：基于 MyBatis 物理分页，开发者无需关心具体操作，配置好插件之后，写分页等同于普通 List 查询
• 分页插件支持多种数据库：支持 MySQL、MariaDB、Oracle、DB2、H2、HSQL、SQLite、Postgre、SQLServer 等多种数据库
• 内置性能分析插件：可输出 Sql 语句以及其执行时间，建议开发测试时启用该功能，能快速揪出慢查询
• 内置全局拦截插件：提供全表 delete 、 update 操作智能分析阻断，也可自定义拦截规则，预防误操作

3. Mybatis层次结构

4. Maven依赖

  com.baomidou
            mybatis-plus-boot-starter
            3.4.0com.alibaba
            druid-spring-boot-starter
            1.2.23

5. 插件机制

插件是方便自定义额外功能，比如分页、模糊查询处理特殊字符。我们在编写插件时，除了需要让插件类实现 Interceptor 接口外，还需要通过注解标注 该插件的拦截点。所谓拦截点指的是插件所能拦截的方法，MyBatis 所允许拦截的方法如下:

• Executor: update, query, flushStatements, commit, rollback, getTransaction, close, isClosed
• ParameterHandler: getParameterObject, setParameters
• ResultSetHandler: handleResultSets, handleOutputParameters
• StatementHandler: prepare, parameterize, batch, update, query

5.1 原理

（1）配置加载插件

com.baomidou.mybatisplus.autoconfigure.MybatisPlusAutoConfiguration：加载任何实现org.apache.ibatis.plugin.Interceptor的自定义插件类。

public MybatisPlusAutoConfiguration(MybatisPlusProperties properties,
                                        ObjectProvider interceptorsProvider,
                                        ObjectProvider typeHandlersProvider,
                                        ObjectProvider languageDriversProvider,
                                        ResourceLoader resourceLoader,
                                        ObjectProvider databaseIdProvider,
                                        ObjectProvider> configurationCustomizersProvider,
                                        ObjectProvider> mybatisPlusPropertiesCustomizerProvider,
                                        ApplicationContext applicationContext) {
        this.properties = properties;
        this.interceptors = interceptorsProvider.getIfAvailable();
        this.typeHandlers = typeHandlersProvider.getIfAvailable();
        this.languageDrivers = languageDriversProvider.getIfAvailable();
        this.resourceLoader = resourceLoader;
        this.databaseIdProvider = databaseIdProvider.getIfAvailable();
        this.configurationCustomizers = configurationCustomizersProvider.getIfAvailable();
        this.mybatisPlusPropertiesCustomizers = mybatisPlusPropertiesCustomizerProvider.getIfAvailable();
        this.applicationContext = applicationContext;
    }

@Bean
@ConditionalOnMissingBean
 public SqlSessionFactory sqlSessionFactory(DataSource dataSource) throws Exception {
  // ...
  if (!ObjectUtils.isEmpty(this.interceptors)) {
     factory.setPlugins(this.interceptors);
  }
  // ...
}

（2）Executor

org.apache.ibatis.session.defaults.DefaultSqlSessionFactory#openSessionFromDataSource

private SqlSession openSessionFromDataSource(ExecutorType execType, TransactionIsolationLevel level, boolean autoCommit) {
    Transaction tx = null;
    try {
      // ...
      // 创建Executor
      final Executor executor = configuration.newExecutor(tx, execType);
      return new DefaultSqlSession(configuration, executor, autoCommit);
    } 
    catch (Exception e) {...} 
    finally {...}
  }

com.baomidou.mybatisplus.core.MybatisConfiguration#newExecutor

public Executor newExecutor(Transaction transaction, ExecutorType executorType) {
        if (useDeprecatedExecutor) {
            executorType = executorType == null ? defaultExecutorType : executorType;
            executorType = executorType == null ? ExecutorType.SIMPLE : executorType;
            Executor executor;
            if (ExecutorType.BATCH == executorType) {
                executor = new MybatisBatchExecutor(this, transaction);
            } else if (ExecutorType.REUSE == executorType) {
                executor = new MybatisReuseExecutor(this, transaction);
            } else {
                executor = new MybatisSimpleExecutor(this, transaction);
            }
            if (cacheEnabled) {
                executor = new MybatisCachingExecutor(executor);
            }
            // 植入插件
            executor = (Executor) interceptorChain.pluginAll(executor);
            return executor;
        }
        return super.newExecutor(transaction, executorType);
    }

org.apache.ibatis.plugin.InterceptorChain#pluginAll

public Object pluginAll(Object target) {
    // 遍历拦截器
    for (Interceptor interceptor : interceptors) {
      target = interceptor.plugin(target);
    }
    return target;
  }

?案例插件?

public Object plugin(Object target) {
        return Plugin.wrap(target, this);
    }

?org.apache.ibatis.plugin.Plugin#wrap

public static Object wrap(Object target, Interceptor interceptor) {
    // 获取@Intercepts注解的信息，每一个@Signature注解圈定一个方法
    Map, Set> signatureMap = getSignatureMap(interceptor);
    Class> type = target.getClass();
    // 获取目标类实现的接口
    Class>[] interfaces = getAllInterfaces(type, signatureMap);
    if (interfaces.length > 0) {
      // JDK动态代理，调用invoke方法
      return Proxy.newProxyInstance(
          type.getClassLoader(),
          interfaces,
          new Plugin(target, interceptor, signatureMap));
    }
    return target;
  }

?org.apache.ibatis.plugin.Plugin#invoke

public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
    try {
      Set methods = signatureMap.get(method.getDeclaringClass());
      if (methods != null && methods.contains(method)) {
        // 如何方法声明的类包含@Signature声明的方法，则调用拦截器
        return interceptor.intercept(new Invocation(target, method, args));
      }
      return method.invoke(target, args);
    } catch (Exception e) {
      throw ExceptionUtil.unwrapThrowable(e);
    }
  }

（3）StatementHandler

com.baomidou.mybatisplus.core.executor.MybatisSimpleExecutor#doQuery

public  List doQuery(MappedStatement ms, Object parameter, RowBounds rowBounds, ResultHandler resultHandler, BoundSql boundSql) throws SQLException {
        Statement stmt = null;
        try {
            Configuration configuration = ms.getConfiguration();
            // 创建StatementHandler
            StatementHandler handler = configuration.newStatementHandler(wrapper, ms, parameter, rowBounds, resultHandler, boundSql);
            stmt = prepareStatement(handler, ms.getStatementLog(), false);
            return stmt == null ? Collections.emptyList() : handler.query(stmt, resultHandler);
        } finally {
            closeStatement(stmt);
        }
    }

org.apache.ibatis.session.Configuration#newStatementHandler

public StatementHandler newStatementHandler(Executor executor, MappedStatement mappedStatement, Object parameterObject, RowBounds rowBounds, ResultHandler resultHandler, BoundSql boundSql) {
    StatementHandler statementHandler = new RoutingStatementHandler(executor, mappedStatement, parameterObject, rowBounds, resultHandler, boundSql);
    // 植入插件
    statementHandler = (StatementHandler) 
interceptorChain.pluginAll(statementHandler);
    return statementHandler;
  }

（4）ParameterHandler

org.apache.ibatis.executor.statement.BaseStatementHandler#BaseStatementHandler

protected BaseStatementHandler(Executor executor, MappedStatement mappedStatement, Object parameterObject, RowBounds rowBounds, ResultHandler resultHandler, BoundSql boundSql) {
    // ...
    // 创建ParameterHandler
    this.parameterHandler = configuration.newParameterHandler(mappedStatement, parameterObject, boundSql);
    // 创建ResultSetHandler
    this.resultSetHandler = configuration.newResultSetHandler(executor, mappedStatement, rowBounds, parameterHandler, resultHandler, boundSql);
  }

org.apache.ibatis.session.Configuration#newParameterHandler

public ParameterHandler newParameterHandler(MappedStatement mappedStatement, Object parameterObject, BoundSql boundSql) {
    ParameterHandler parameterHandler = mappedStatement.getLang().createParameterHandler(mappedStatement, parameterObject, boundSql);
    // 植入插件
    parameterHandler = (ParameterHandler) interceptorChain.pluginAll(parameterHandler);
    return parameterHandler;
  }

（5）ResultHandler

org.apache.ibatis.session.Configuration#newResultSetHandler

public ResultSetHandler newResultSetHandler(Executor executor, MappedStatement mappedStatement, RowBounds rowBounds, ParameterHandler parameterHandler,
      ResultHandler resultHandler, BoundSql boundSql) {
    ResultSetHandler resultSetHandler = new DefaultResultSetHandler(executor, mappedStatement, parameterHandler, resultHandler, boundSql, rowBounds);
    // 植入插件
    resultSetHandler = (ResultSetHandler) 
interceptorChain.pluginAll(resultSetHandler);
    return resultSetHandler;
  }

4.2 实战

（1）分页插件

   @Bean
    public PaginationInnerInterceptor paginationInnerInterceptor() {
        PaginationInnerInterceptor paginationInnerInterceptor = new PaginationInnerInterceptor();
        paginationInnerInterceptor.setDbType(DbType.MYSQL);
        return paginationInnerInterceptor;
    }

    @Bean
    public MybatisPlusInterceptor mybatisPlusInterceptor(ObjectProvider> innerInterceptorProviders) {
        MybatisPlusInterceptor mybatisPlusInterceptor = new MybatisPlusInterceptor();
        List interceptors = innerInterceptorProviders.getIfAvailable();
        if (!CollectionUtils.isEmpty(interceptors)) {
            for (InnerInterceptor innerInterceptor : interceptors) {
                mybatisPlusInterceptor.addInnerInterceptor(innerInterceptor);
            }
        }
        return mybatisPlusInterceptor;
    }

（2）模糊查询处理特殊字符

         @Bean
    public FuzzyQueryInterceptor fuzzyQueryInterceptor() {
        return new FuzzyQueryInterceptor();
    }

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.ibatis.cache.CacheKey;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.plugin.*;
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
import priv.whh.std.boot.mybatis.plus.util.EscapeUtil;

import java.lang.reflect.InvocationTargetException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Properties;
import java.util.Set;

/**
 * 模糊查询拦截器方法，处理模糊查询中包含特殊字符（_、%、\）
 *
 */
@Intercepts({
        @Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class,
                RowBounds.class, ResultHandler.class}),
        @Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class,
                RowBounds.class, ResultHandler.class, CacheKey.class, BoundSql.class})})
public class FuzzyQueryInterceptor implements Interceptor {
    private static final String LIKE = " like ";
    private static final String QUESTION_MARK = "?";
    private static final String LIKE_WITH_QUESTION_MARK = " like ?";
    private static final String UNDERLINE = "_";
    private static final String PERCENT = "%";
    private static final String EW = "ew";
    private static final String EW_PARAM_NAME_VALUE_PAIRS = "ew.paramNameValuePairs.";
    private static final String DOUBLE_SLASH = "\\";
    private static final String DOUBLE_SLASH_WITH_SPOT = "\\.";
    private static final String DOUBLE_SLASH_WITH_QUESTION_MARK = "\\?";

    @Override
    public Object intercept(Invocation invocation) throws InvocationTargetException, IllegalAccessException {
        // 拦截sql
        Object[] args = invocation.getArgs();
        MappedStatement statement = (MappedStatement) args[0];
        Object parameterObject = args[1];
        BoundSql boundSql = statement.getBoundSql(parameterObject);
        String sql = boundSql.getSql();
        // 处理特殊字符
        Object param = modifyLikeSql(sql, parameterObject, boundSql);
        args[1] = param;
        // 返回
        return invocation.proceed();
    }

    @Override
    public Object plugin(Object target) {
        return Plugin.wrap(target, this);
    }

    @Override
    public void setProperties(Properties properties) {

    }

    @SuppressWarnings("unchecked")
    public static Object modifyLikeSql(String sql, Object parameterObject, BoundSql boundSql) {
        boolean paramJudge = parameterObject instanceof HashMap || parameterObject instanceof String;
        if (!paramJudge) {
            return parameterObject;
        }
        if (!sql.toLowerCase().contains(LIKE) || !sql.toLowerCase().contains(QUESTION_MARK)) {
            return parameterObject;
        }
        // 获取关键字的个数（去重）
        String[] strList = sql.split(DOUBLE_SLASH_WITH_QUESTION_MARK);
        Set keyNames = new HashSet();
        for (int i = 0; i  parameter;
            if (parameterObject instanceof HashMap) {
                parameter = (HashMap) parameterObject;
            } else {
                parameter = new HashMap(2);
                parameter.put(keyName, parameterObject);
            }
            if (keyName.contains(EW_PARAM_NAME_VALUE_PAIRS) && sql.toLowerCase().contains(LIKE_WITH_QUESTION_MARK)) {
                // 第一种情况：在业务层进行条件构造产生的模糊查询关键字
                QueryWrapper

6.?缓存机制

7. 会话机制

9. 配置

10. FAQ

Q：Mybatis如何做到防SQL注入？

A:? Mybatis 使用 #{?} 时，会进行sql的预编译（select from t_user where a = ?)；使用${?}时，不会进行sql的预编译(select from t_user where a = 1)，这样的话，会有sql注入的风险。经测试，sql注入无法注入两条sql语句，会报错。只能注入类似(select * from t_user where a = 1 or 1 = 1), 注入的变量为 “‘1’ or 1 = 1”;

Q：除了配置的方式，QueryWrap可以通过打断点的方式查看组装的SQL吗？

A：不能

Q：数据库时间戳接收用Date还是LocalDateTime接收好？

Q：在继承BaseMapper文件中, MybatisPlus是否支持任意自定义对象返回，如返回Person？

Q：Mybatis-plus selectOne函数如何限制返回一条数据？

11. 结尾

本文到这里就结束了，感谢看到最后的朋友，都看到最后了，点个赞再走啊，如有不对之处还请多多指正。

Spring系列——MybatisPlus

标签：截取   pos   update   mave   group   注入   escape   ssim   evel   

原文地址：https://blog.51cto.com/14969174/2542687