ibiz4j 发布系统代码

app_web/src/pages/ou/ibzdepartment-tree-exp-view/ibzdepartment-tree-exp-view-base.vue

 <template>
 <div class='view-container detreeexpview ibzdepartment-tree-exp-view'>
     <app-studioaction :viewTitle="$t(model.srfTitle)" viewName="ibzdepartmenttreeexpview"></app-studioaction>
-    <card class='view-card   view-no-toolbar'  :dis-hover="true" :bordered="false">
-        <p slot='title'>
-        <span class='caption-info'>{{$t(model.srfTitle)}}</span>
-        </p>
+    <card class='view-card  view-no-caption  view-no-toolbar'  :dis-hover="true" :bordered="false">
         <div class='content-container'>
             <div class='view-top-messages'>
             </div>

app_web/src/pages/ou/ibzorganization-tree-exp-view/ibzorganization-tree-exp-view-base.vue

 <template>
 <div class='view-container detreeexpview ibzorganization-tree-exp-view'>
     <app-studioaction :viewTitle="$t(model.srfTitle)" viewName="ibzorganizationtreeexpview"></app-studioaction>
-    <card class='view-card   view-no-toolbar'  :dis-hover="true" :bordered="false">
-        <p slot='title'>
-        <span class='caption-info'>{{$t(model.srfTitle)}}</span>
-        </p>
+    <card class='view-card  view-no-caption  view-no-toolbar'  :dis-hover="true" :bordered="false">
         <div class='content-container'>
             <div class='view-top-messages'>
             </div>

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/IIBZDepartmentService.java

@@ -65,6 +65,9 @@ public interface IIBZDepartmentService extends IService<IBZDepartment>{
      */
     boolean execute(String sql, Map param);
 
+    List<IBZDepartment> getIbzdepartmentByIds(List<String> ids) ;
+    List<IBZDepartment> getIbzdepartmentByEntities(List<IBZDepartment> entities) ;
+
 }
 
 

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/IIBZDeptMemberService.java

@@ -56,6 +56,7 @@ public interface IIBZDeptMemberService extends IService<IBZDeptMember>{
      */
     boolean execute(String sql, Map param);
 
+
 }
 
 

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/IIBZEmployeeService.java

@@ -63,6 +63,9 @@ public interface IIBZEmployeeService extends IService<IBZEmployee>{
      */
     boolean execute(String sql, Map param);
 
+    List<IBZEmployee> getIbzemployeeByIds(List<String> ids) ;
+    List<IBZEmployee> getIbzemployeeByEntities(List<IBZEmployee> entities) ;
+
 }
 
 

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/IIBZOrganizationService.java

@@ -61,6 +61,9 @@ public interface IIBZOrganizationService extends IService<IBZOrganization>{
      */
     boolean execute(String sql, Map param);
 
+    List<IBZOrganization> getIbzorganizationByIds(List<String> ids) ;
+    List<IBZOrganization> getIbzorganizationByEntities(List<IBZOrganization> entities) ;
+
 }
 
 

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/impl/IBZDepartmentServiceImpl.java

@@ -281,6 +281,26 @@ public class IBZDepartmentServiceImpl extends ServiceImpl<IBZDepartmentMapper, I
         return true;
     }
 
+    @Override
+    public List<IBZDepartment> getIbzdepartmentByIds(List<String> ids) {
+         return this.listByIds(ids);
+    }
+
+    @Override
+    public List<IBZDepartment> getIbzdepartmentByEntities(List<IBZDepartment> entities) {
+        List ids =new ArrayList();
+        for(IBZDepartment entity : entities){
+            Serializable id=entity.getDeptid();
+            if(!ObjectUtils.isEmpty(id)){
+                ids.add(id);
+            }
+        }
+        if(ids.size()>0)
+           return this.listByIds(ids);
+        else
+           return entities;
+    }
+
 }
 
 

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/impl/IBZDeptMemberServiceImpl.java

@@ -238,6 +238,7 @@ public class IBZDeptMemberServiceImpl extends ServiceImpl<IBZDeptMemberMapper, I
         return true;
     }
 
+
 }
 
 

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/impl/IBZEmployeeServiceImpl.java

@@ -256,6 +256,26 @@ public class IBZEmployeeServiceImpl extends ServiceImpl<IBZEmployeeMapper, IBZEm
         return true;
     }
 
+    @Override
+    public List<IBZEmployee> getIbzemployeeByIds(List<String> ids) {
+         return this.listByIds(ids);
+    }
+
+    @Override
+    public List<IBZEmployee> getIbzemployeeByEntities(List<IBZEmployee> entities) {
+        List ids =new ArrayList();
+        for(IBZEmployee entity : entities){
+            Serializable id=entity.getUserid();
+            if(!ObjectUtils.isEmpty(id)){
+                ids.add(id);
+            }
+        }
+        if(ids.size()>0)
+           return this.listByIds(ids);
+        else
+           return entities;
+    }
+
 }
 
 

ibzou-core/src/main/java/cn/ibizlab/core/ou/service/impl/IBZOrganizationServiceImpl.java

@@ -242,6 +242,26 @@ public class IBZOrganizationServiceImpl extends ServiceImpl<IBZOrganizationMappe
         return true;
     }
 
+    @Override
+    public List<IBZOrganization> getIbzorganizationByIds(List<String> ids) {
+         return this.listByIds(ids);
+    }
+
+    @Override
+    public List<IBZOrganization> getIbzorganizationByEntities(List<IBZOrganization> entities) {
+        List ids =new ArrayList();
+        for(IBZOrganization entity : entities){
+            Serializable id=entity.getOrgid();
+            if(!ObjectUtils.isEmpty(id)){
+                ids.add(id);
+            }
+        }
+        if(ids.size()>0)
+           return this.listByIds(ids);
+        else
+           return entities;
+    }
+
 }
 
 

ibzou-core/src/main/resources/liquibase/h2_table.xml

@@ -4,7 +4,7 @@
 
 
     <!--输出实体[IBZORG]数据结构 -->
-    <changeSet author="a_A_5d9d78509" id="tab-ibzorg-440-1">
+    <changeSet author="a_A_5d9d78509" id="tab-ibzorg-441-1">
         <createTable tableName="IBZORG">
                 <column name="ORGID" remarks="" type="VARCHAR(100)">
                     <constraints primaryKey="true" primaryKeyName="PK_IBZORG_ORGID"/>
@@ -126,7 +126,7 @@
 
 
     <!--输出实体[IBZDEPT]数据结构 -->
-    <changeSet author="a_A_5d9d78509" id="tab-ibzdept-694-4">
+    <changeSet author="a_A_5d9d78509" id="tab-ibzdept-695-4">
         <createTable tableName="IBZDEPT">
                 <column name="DEPTID" remarks="" type="VARCHAR(100)">
                     <constraints primaryKey="true" primaryKeyName="PK_IBZDEPT_DEPTID"/>
@@ -161,7 +161,7 @@
     </changeSet>
 
         <!--输出实体[IBZORG]外键关系 -->
-    <changeSet author="a_A_5d9d78509" id="fk-ibzorg-440-5">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzorg-441-5">
        <addForeignKeyConstraint baseColumnNames="PORGID" baseTableName="IBZORG" constraintName="DER1N_IBZORG_IBZORG_PORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
     </changeSet>
         <!--输出实体[IBZEMP]外键关系 -->
@@ -179,10 +179,10 @@
        <addForeignKeyConstraint baseColumnNames="USERID" baseTableName="IBZDEPTMEMBER" constraintName="DER1N_IBZDEPTMEMBER_IBZEMP_USE" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="USERID" referencedTableName="IBZEMP" validate="true"/>
     </changeSet>
         <!--输出实体[IBZDEPT]外键关系 -->
-    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-694-10">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-695-10">
        <addForeignKeyConstraint baseColumnNames="PDEPTID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZDEPT_PDEPTID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="DEPTID" referencedTableName="IBZDEPT" validate="true"/>
     </changeSet>
-    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-694-11">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-695-11">
        <addForeignKeyConstraint baseColumnNames="ORGID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZORG_ORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
     </changeSet>
 

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDepartmentResource.java

@@ -109,7 +109,7 @@ public class IBZDepartmentResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
     }
 
-    //
+    //@PreAuthorize("hasPermission(this.ibzdepartmentService.getIbzdepartmentByIds(#ids),'ibzou-IBZDepartment-Remove')")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZDepartment" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -129,7 +129,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Update')")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentService.getIbzdepartmentByEntities(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos)),'ibzou-IBZDepartment-Update')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZDepartment" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -255,7 +255,7 @@ public class IBZDepartmentResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
     }
 
-    //
+    //@PreAuthorize("hasPermission(this.ibzdepartmentService.getIbzdepartmentByIds(#ids),'ibzou-IBZDepartment-Remove')")
     @ApiOperation(value = "RemoveBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "RemoveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganization(@RequestBody List<String> ids) {
@@ -276,7 +276,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Update')")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentService.getIbzdepartmentByEntities(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos)),'ibzou-IBZDepartment-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "UpdateBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -335,3 +335,4 @@ public class IBZDepartmentResource {
                 .body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
+

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDeptMemberResource.java

@@ -58,7 +58,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZDeptMember" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -77,7 +77,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "createBatch", tags = {"IBZDeptMember" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -92,7 +92,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveBatch", tags = {"IBZDeptMember" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -123,7 +123,7 @@ public class IBZDeptMemberResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZDeptMember" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -171,7 +171,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -195,7 +195,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "createBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -216,7 +216,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -253,7 +253,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZEmployee(@RequestBody List<String> ids) {
@@ -303,7 +303,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -327,7 +327,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "createBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -348,7 +348,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -385,7 +385,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZDepartmentIBZEmployee(@RequestBody List<String> ids) {
@@ -435,7 +435,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -459,7 +459,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -480,7 +480,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -517,7 +517,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZEmployee(@RequestBody List<String> ids) {
@@ -567,7 +567,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -591,7 +591,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -612,7 +612,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -649,7 +649,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZDepartmentIBZEmployee(@RequestBody List<String> ids) {
@@ -687,3 +687,4 @@ public class IBZDeptMemberResource {
                 .body(new PageImpl(ibzdeptmemberMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
+

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZEmployeeResource.java

@@ -54,7 +54,7 @@ public class IBZEmployeeResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByIds(#ids),'ibzou-IBZEmployee-Remove')")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZEmployee" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -111,7 +111,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByEntities(this.ibzemployeeMapping.toDomain(#ibzemployeedtos)),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZEmployee" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -178,7 +178,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByIds(#ids),'ibzou-IBZEmployee-Remove')")
     @ApiOperation(value = "RemoveBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZDepartment(@RequestBody List<String> ids) {
@@ -241,7 +241,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByEntities(this.ibzemployeeMapping.toDomain(#ibzemployeedtos)),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -322,7 +322,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByIds(#ids),'ibzou-IBZEmployee-Remove')")
     @ApiOperation(value = "RemoveBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganization(@RequestBody List<String> ids) {
@@ -385,7 +385,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByEntities(this.ibzemployeeMapping.toDomain(#ibzemployeedtos)),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -466,7 +466,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByIds(#ids),'ibzou-IBZEmployee-Remove')")
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZDepartment(@RequestBody List<String> ids) {
@@ -529,7 +529,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
+    //@PreAuthorize("hasPermission(this.ibzemployeeService.getIbzemployeeByEntities(this.ibzemployeeMapping.toDomain(#ibzemployeedtos)),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -603,3 +603,4 @@ public class IBZEmployeeResource {
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
+

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZOrganizationResource.java

@@ -64,7 +64,7 @@ public class IBZOrganizationResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos),'ibzou-IBZOrganization-Update')")
+    //@PreAuthorize("hasPermission(this.ibzorganizationService.getIbzorganizationByEntities(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos)),'ibzou-IBZOrganization-Update')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZOrganization" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
@@ -114,7 +114,7 @@ public class IBZOrganizationResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.remove(ibzorganization_id));
     }
 
-    //
+    //@PreAuthorize("hasPermission(this.ibzorganizationService.getIbzorganizationByIds(#ids),'ibzou-IBZOrganization-Remove')")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZOrganization" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -201,3 +201,4 @@ public class IBZOrganizationResource {
                 .body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
+

ibzou-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java

@@ -11,7 +11,6 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
 import java.io.Serializable;
-import java.lang.reflect.Field;
 import java.util.*;
 
 /**
@@ -23,10 +22,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     @Value("${ibiz.enablePermissionValid:false}")
     boolean enablePermissionValid;  //是否开启权限校验
-    /**
-     *实体主键标识
-     */
-    private String keyFieldTag="keyfield";
     /**
      * 实体行为鉴权
      * @param authentication
@@ -81,10 +76,9 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     private Set<String> getAuthorities(Authentication authentication , String action){
         Collection authorities=authentication.getAuthorities();
         Set<String> userAuthorities = new HashSet();
-        Iterator var2 = authorities.iterator();
-
-        while(var2.hasNext()) {
-            GrantedAuthority authority = (GrantedAuthority)var2.next();
+        Iterator it = authorities.iterator();
+        while(it.hasNext()) {
+            GrantedAuthority authority = (GrantedAuthority)it.next();
             if(authority.getAuthority().contains(action))
                 userAuthorities.add(authority.getAuthority());
         }
@@ -153,16 +147,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             }
         }
 
-        if(action.endsWith("Save")){
-            String keyFieldName=permissionField.get(keyFieldTag);
-            Object srfKey=entity.get(keyFieldName);
-            if(ObjectUtils.isEmpty(srfKey))
-                action="Create";
-            else
-                action="Update";
-        }
-
-       if(action.endsWith("Create")){
+        if(action.endsWith("Create") || action.endsWith("Save")){
             if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue))
                 return false;
             if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue))
@@ -195,44 +180,24 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         String orgField="orgid";  //组织属性
         String orgDeptField="orgsecid"; //部门属性
         String createManField="createman"; //创建人属性
-        String keyField="";//主键属性
 
         DEFieldCacheMap.getFieldMap(entityBase.getClass().getName());
-        Map <Field, DEField> preFields= SearchDEField(entityBase.getClass().getName()); //从缓存中获取当前类预置属性
+        Map <String, DEField> preFields= DEFieldCacheMap.getDEFields(entityBase.getClass()); //从缓存中获取当前类预置属性
 
-        for (Map.Entry<Field,DEField> entry : preFields.entrySet()){
-            Field preField=entry.getKey();//获取注解字段
+        for (Map.Entry<String,DEField> entry : preFields.entrySet()){
+            String fieldName=entry.getKey();//获取注解字段
             DEField fieldAnnotation=entry.getValue();//获取注解值
             DEPredefinedFieldType prefieldType=fieldAnnotation.preType();
             if(prefieldType==prefieldType.ORGID)//用户配置系统预置属性-组织机构标识
-                orgField=preField.getName();
+                orgField=fieldName;
             if(prefieldType==prefieldType.ORGSECTORID)//用户配置系统预置属性-部门标识
-                orgDeptField=preField.getName();
-            if(fieldAnnotation.isKeyField())//用户配置系统预置属性-部门标识
-                keyField=preField.getName();
+                orgDeptField=fieldName;
+            if(prefieldType==prefieldType.CREATEMAN)//用户配置系统预置属性-部门标识
+                createManField=fieldName;
         }
         permissionFiled.put("orgfield",orgField);
         permissionFiled.put("orgsecfield",orgDeptField);
         permissionFiled.put("createmanfield",createManField);
-        permissionFiled.put("keyfield",keyField);
         return permissionFiled;
     }
-
-    /**
-     *获取含有@DEField注解的实体属性
-     * @param className do对象类名
-     * @return
-     */
-    private Map <Field, DEField> SearchDEField(String className){
-
-        List<Field> fields =  DEFieldCacheMap.getFields(className);
-        Map <Field, DEField> deFieldMap =new HashMap<>();
-        for(Field field:fields){
-            DEField deField=field.getAnnotation(DEField.class);
-            if(!ObjectUtils.isEmpty(deField)) {
-                deFieldMap.put(field,deField);
-            }
-        }
-        return deFieldMap;
-    }
 }
\ No newline at end of file