ibiz4j 发布系统代码

app_web/README.md

@@ -117,7 +117,9 @@ $ yarn build
         |─ ─ favicon.ico                        图标
 ​    |─ ─ src                                    工程文件夹
         |─ ─ assets                             静态资源
+        |─ ─ codelist                           动态代码表服务
         |─ ─ components                         基础组件，主要包含编辑器组件和其他全局使用的组件
+        |─ ─ counter                            计数器服务
         |─ ─ engine                             引擎文件，主要封装了内置视图的内置逻辑
         |─ ─ environments                       环境文件
 ​        |─ ─ interface                          接口文件
@@ -150,6 +152,7 @@ $ yarn build
                 |─ ─ YYY-ui-logic-base.ts       应用实体界面处理逻辑文件
                 |─ ─ YYY-ui-logic.ts            自定义应用实体界面处理逻辑文件
         |─ ─ utils                              工具类文件
+        |─ ─ utilservice                        应用功能服务
         |─ ─ widgets                            部件文件夹
             |─ ─ appde                          应用实体名称
 ​                |─ ─  XXX                       部件名称

app_web/package.json

@@ -24,7 +24,7 @@
     "element-ui": "^2.13.0",
     "file-saver": "^2.0.2",
     "font-awesome": "^4.7.0",
-    "ibiz-gantt-elastic": "^1.0.6",
+    "ibiz-gantt-elastic": "^1.0.8",
     "interactjs": "^1.9.4",
     "moment": "^2.24.0",
     "path-to-regexp": "^6.1.0",

app_web/yarn.lock

@@ -5209,10 +5209,10 @@ human-signals@^1.1.1:
   resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-1.1.1.tgz#c5b1cd14f50aeae09ab6c59fe63ba3395fe4dfa3"
   integrity sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw==
 
-ibiz-gantt-elastic@^1.0.6:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/ibiz-gantt-elastic/-/ibiz-gantt-elastic-1.0.6.tgz#1e74b0c1a684d90a6d1b203606ad52fcf613f799"
-  integrity sha512-8sHiSh4dRMzOQxVvKj0OeJEAoIbLeqChfMRJ4Tabum+1qYTFqZC3LNBDxg4O+xBGPi4iMBqeBjssosi25FZpOA==
+ibiz-gantt-elastic@^1.0.8:
+  version "1.0.8"
+  resolved "https://registry.yarnpkg.com/ibiz-gantt-elastic/-/ibiz-gantt-elastic-1.0.8.tgz#d7c40b6b0068a9303772594608375d42b8dbcb61"
+  integrity sha512-vlawRcYGiNv6N8N9Wx2ZO7oorV3R6dZWYT7Yvb2lxWfdWYX+cK1KZP0p+2S/Is1/A7+eDFhu60iZ2nf7LExaFQ==
   dependencies:
     dayjs "^1.8.16"
     resize-observer-polyfill "^1.5.1"

config.xml

@@ -37,11 +37,6 @@
 	  git clone -b master $para2 ibzou/
       export NODE_OPTIONS=--max-old-space-size=4096
       cd ibzou/
-      mvn clean package -Papi
-      cd ibzou-provider/ibzou-provider-api
-      mvn -Papi docker:build
-      mvn -Papi docker:push
-      docker -H $para1 stack deploy --compose-file=src/main/docker/ibzou-provider-api.yaml ibzlab-rt --with-registry-auth      
       </command>
     </hudson.tasks.Shell>
   </builders>

ibzou-core/pom.xml

@@ -94,4 +94,75 @@
 
 	</dependencies>
 
+    <properties>
+        <maven.build.timestamp.format>yyyyMMddHHmmss</maven.build.timestamp.format>
+    </properties>
+    <profiles>
+        <profile>
+            <id>diff</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.liquibase</groupId>
+                        <artifactId>liquibase-maven-plugin</artifactId>
+                        <version>{$liquibase.version}</version>
+                        <executions>
+                            <execution>
+                                <id>prepare-newdb</id>
+                                <configuration>
+                                    <changeLogFile>{$project.basedir}/src/main/resources/liquibase/h2_table.xml</changeLogFile>
+                                    <driver>org.h2.Driver</driver>
+                                    <url>jdbc:h2:file:{$project.build.directory}/db/new;MODE=mysql</url>
+                                    <username>root</username>
+                                    <dropFirst>true</dropFirst>
+                                </configuration>
+                                <phase>process-resources</phase>
+                                <goals>
+                                    <goal>update</goal>
+                                </goals>
+                            </execution>
+                            <execution>
+                                <id>prepare-olddb</id>
+                                <configuration>
+                                    <changeLogFile>{$project.basedir}/src/main/resources/liquibase/master_table.xml</changeLogFile>
+                                    <driver>org.h2.Driver</driver>
+                                    <url>jdbc:h2:file:{$project.build.directory}/db/last;MODE=mysql</url>
+                                    <username>root</username>
+                                    <dropFirst>true</dropFirst>
+                                </configuration>
+                                <phase>process-resources</phase>
+                                <goals>
+                                    <goal>update</goal>
+                                </goals>
+                            </execution>
+                            <execution>
+                                <id>make-diff</id>
+                                <configuration>
+                                    <changeLogFile>{$project.basedir}/src/main/resources/liquibase/empty.xml</changeLogFile>
+                                    <diffChangeLogFile>{$project.basedir}/src/main/resources/liquibase/changelog/{$maven.build.timestamp}_changelog.xml</diffChangeLogFile>
+                                    <driver>org.h2.Driver</driver>
+                                    <url>jdbc:h2:file:{$project.build.directory}/db/last;MODE=mysql</url>
+                                    <username>root</username>
+                                    <password></password>
+                                    <referenceUrl>jdbc:h2:file:{$project.build.directory}/db/new;MODE=mysql</referenceUrl>
+                                    <referenceDriver>org.h2.Driver</referenceDriver>
+                                    <referenceUsername>root</referenceUsername>
+                                    <verbose>true</verbose>
+                                    <logging>debug</logging>
+                                    <contexts>!test</contexts>
+                                    <diffExcludeObjects>Index:.*,table:IBZFILE,IBZUSER,IBZDATAAUDIT</diffExcludeObjects>
+                                </configuration>
+                                <phase>process-resources</phase>
+                                <goals>
+                                    <goal>diff</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+
 </project>

ibzou-core/src/main/resources/liquibase/h2.xml

@@ -5,7 +5,6 @@
         xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.1.xsd">
 
     <include file="changelog/20190625112530_init_ibizsys.xml" relativeToChangelogFile="true"/>
-    <include file="changelog/20190817112530_init_ibizsys_audit.xml" relativeToChangelogFile="true"/>
     <include file="h2_table.xml" relativeToChangelogFile="true"/>
     <include file="view.xml" relativeToChangelogFile="true"/>
     

ibzou-dependencies/pom.xml

@@ -46,9 +46,6 @@
         <!--  Security  -->
         <spring-cloud-security.version>2.1.1.RELEASE</spring-cloud-security.version>
 
-        <!--  Activity  -->
-        <activiti.version>7.1.0.M2</activiti.version>
-
         <maven-jar-plugin.version>3.1.1</maven-jar-plugin.version>
         <!--logstash-logback-encoder-->
         <logstash.version>5.2</logstash.version>
@@ -63,7 +60,10 @@
         <jsonwebtoken-jjwt.version>0.9.1</jsonwebtoken-jjwt.version>
 
         <!--Liquibase数据库版本更新工具-->
-        <liquibase.version>3.6.3</liquibase.version>
+        <liquibase.version>3.8.7</liquibase.version>
+
+        <!--H2内存数据库-->
+        <h2.version>1.4.200</h2.version>
 
         <!--caffeine缓存-->
         <caffeine-cache.version>2.6.0</caffeine-cache.version>
@@ -127,6 +127,13 @@
                 <version>${liquibase.version}</version>
             </dependency>
 
+            <!--  H2  -->
+            <dependency>
+                <groupId>com.h2database</groupId>
+                <artifactId>h2</artifactId>
+                <version>${h2.version}</version>
+            </dependency>
+
             <!--  Swagger2  -->
             <dependency>
                 <groupId>io.springfox</groupId>
@@ -173,23 +180,6 @@
                 <version>${drools-version}</version>
             </dependency>
 
-            <!-- Activiti -->
-            <dependency>
-                <groupId>org.activiti</groupId>
-                <artifactId>activiti-spring-boot-starter</artifactId>
-                <version>${activiti.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.activiti</groupId>
-                <artifactId>activiti-json-converter</artifactId>
-                <version>${activiti.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.activiti</groupId>
-                <artifactId>activiti-image-generator</artifactId>
-                <version>${activiti.version}</version>
-            </dependency>
-
             <!--  Error  -->
 
             <!--  Security  -->
@@ -312,6 +302,12 @@
             <artifactId>druid-spring-boot-starter</artifactId>
         </dependency>
 
+        <!--  H2内存库 -->
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+        </dependency>
+
         <!--  Error -->
 
         <!--  Security  -->

ibzou-provider/ibzou-provider-api/src/main/docker/Dockerfile

@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
     sleep ${IBZ_SLEEP} && \
     java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzou-provider-api.jar
 
-EXPOSE 40001
+EXPOSE 8081
 
 ADD ibzou-provider-api.jar /ibzou-provider-api.jar

ibzou-provider/ibzou-provider-api/src/main/docker/ibzou-provider-api.yaml

@@ -3,21 +3,9 @@ services:
   ibzou-provider-api:
     image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzou-provider-api:latest
     ports:
-      - "40001:40001"
+      - "8081:8081"
     networks:
       - agent_network
-    environment:
-      - SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
-      - SERVER_PORT=40001
-      - SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
-      - SPRING_REDIS_HOST=172.16.100.243
-      - SPRING_REDIS_PORT=6379
-      - SPRING_REDIS_DATABASE=0
-      - SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
-      - SPRING_DATASOURCE_PASSWORD=@6dEfb3@
-      - SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
-      - SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
-      - SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
     deploy:
       mode: replicated
       replicas: 1

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDepartmentResource.java

@@ -65,7 +65,6 @@ public class IBZDepartmentResource {
         IBZDepartmentDTO dto = ibzdepartmentMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-
     @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
     @ApiOperation(value = "createBatch", tags = {"IBZDepartment" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/batch")
@@ -123,7 +122,7 @@ public class IBZDepartmentResource {
 
 
 
-    @PreAuthorize("hasPermission('Remove',{#ibzdepartment_id,{this.getEntity(),'Sql'}})")
+    @PreAuthorize("hasPermission(#ibzdepartment_id,'Remove',{this.getEntity(),'Sql'})")
     @ApiOperation(value = "Remove", tags = {"IBZDepartment" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}")
     @Transactional
@@ -161,7 +160,7 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    @PreAuthorize("hasPermission('Get',{#context,'CurDept',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
 	@ApiOperation(value = "fetchCurDept", tags = {"IBZDepartment" } ,notes = "fetchCurDept")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/fetchcurdept")
 	public ResponseEntity<List<IBZDepartmentDTO>> fetchCurDept(IBZDepartmentSearchContext context) {
@@ -174,7 +173,7 @@ public class IBZDepartmentResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'CurDept',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
 	@ApiOperation(value = "searchCurDept", tags = {"IBZDepartment" } ,notes = "searchCurDept")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdepartments/searchcurdept")
 	public ResponseEntity<Page<IBZDepartmentDTO>> searchCurDept(@RequestBody IBZDepartmentSearchContext context) {
@@ -183,7 +182,7 @@ public class IBZDepartmentResource {
                 .body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZDepartment" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/fetchdefault")
 	public ResponseEntity<List<IBZDepartmentDTO>> fetchDefault(IBZDepartmentSearchContext context) {
@@ -196,7 +195,7 @@ public class IBZDepartmentResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZDepartment" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdepartments/searchdefault")
 	public ResponseEntity<Page<IBZDepartmentDTO>> searchDefault(@RequestBody IBZDepartmentSearchContext context) {

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDeptMemberResource.java

@@ -55,7 +55,7 @@ public class IBZDeptMemberResource {
 
 
 
-    @PreAuthorize("hasPermission(#ibzdeptmember_id,'Update',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "Update", tags = {"IBZDeptMember" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -67,7 +67,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission(#ibzdeptmember_id,'Update',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZDeptMember" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -78,7 +78,7 @@ public class IBZDeptMemberResource {
 
 
 
-    @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "Create", tags = {"IBZDeptMember" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers")
     @Transactional
@@ -88,8 +88,7 @@ public class IBZDeptMemberResource {
         IBZDeptMemberDTO dto = ibzdeptmemberMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-
-    @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "createBatch", tags = {"IBZDeptMember" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -125,7 +124,7 @@ public class IBZDeptMemberResource {
 
 
 
-    @PreAuthorize("hasPermission(#ibzdeptmember_id,'Get',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
     @ApiOperation(value = "Get", tags = {"IBZDeptMember" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzdeptmembers/{ibzdeptmember_id}")
     public ResponseEntity<IBZDeptMemberDTO> get(@PathVariable("ibzdeptmember_id") String ibzdeptmember_id) {
@@ -137,7 +136,7 @@ public class IBZDeptMemberResource {
 
 
 
-    @PreAuthorize("hasPermission('Remove',{#ibzdeptmember_id,{this.getEntity(),'Sql'}})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "Remove", tags = {"IBZDeptMember" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -161,7 +160,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.checkKey(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZDeptMember" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdeptmembers/fetchdefault")
 	public ResponseEntity<List<IBZDeptMemberDTO>> fetchDefault(IBZDeptMemberSearchContext context) {
@@ -174,7 +173,7 @@ public class IBZDeptMemberResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZDeptMember" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdeptmembers/searchdefault")
 	public ResponseEntity<Page<IBZDeptMemberDTO>> searchDefault(@RequestBody IBZDeptMemberSearchContext context) {

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZEmployeeResource.java

@@ -55,7 +55,7 @@ public class IBZEmployeeResource {
 
 
 
-    @PreAuthorize("hasPermission('Remove',{#ibzemployee_id,{this.getEntity(),'Sql'}})")
+    @PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{this.getEntity(),'Sql'})")
     @ApiOperation(value = "Remove", tags = {"IBZEmployee" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/{ibzemployee_id}")
     @Transactional
@@ -96,7 +96,6 @@ public class IBZEmployeeResource {
         IBZEmployeeDTO dto = ibzemployeeMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-
     @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
     @ApiOperation(value = "createBatch", tags = {"IBZEmployee" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/batch")
@@ -174,7 +173,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeMapping.toDto(ibzemployeeService.getDraft(new IBZEmployee())));
     }
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZEmployee" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzemployees/fetchdefault")
 	public ResponseEntity<List<IBZEmployeeDTO>> fetchDefault(IBZEmployeeSearchContext context) {
@@ -187,7 +186,7 @@ public class IBZEmployeeResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZEmployee" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzemployees/searchdefault")
 	public ResponseEntity<Page<IBZEmployeeDTO>> searchDefault(@RequestBody IBZEmployeeSearchContext context) {

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZOrganizationResource.java

@@ -97,7 +97,6 @@ public class IBZOrganizationResource {
         IBZOrganizationDTO dto = ibzorganizationMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-
     @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
     @ApiOperation(value = "createBatch", tags = {"IBZOrganization" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/batch")
@@ -125,7 +124,7 @@ public class IBZOrganizationResource {
 
 
 
-    @PreAuthorize("hasPermission('Remove',{#ibzorganization_id,{this.getEntity(),'Sql'}})")
+    @PreAuthorize("hasPermission(#ibzorganization_id,'Remove',{this.getEntity(),'Sql'})")
     @ApiOperation(value = "Remove", tags = {"IBZOrganization" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}")
     @Transactional
@@ -161,7 +160,7 @@ public class IBZOrganizationResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationMapping.toDto(ibzorganizationService.getDraft(new IBZOrganization())));
     }
 
-    @PreAuthorize("hasPermission('Get',{#context,'SelectSOrg',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectSOrg-all')")
 	@ApiOperation(value = "fetch查询下级单位", tags = {"IBZOrganization" } ,notes = "fetch查询下级单位")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchselectsorg")
 	public ResponseEntity<List<IBZOrganizationDTO>> fetchSelectSOrg(IBZOrganizationSearchContext context) {
@@ -174,7 +173,7 @@ public class IBZOrganizationResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'SelectSOrg',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectSOrg-all')")
 	@ApiOperation(value = "search查询下级单位", tags = {"IBZOrganization" } ,notes = "search查询下级单位")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/searchselectsorg")
 	public ResponseEntity<Page<IBZOrganizationDTO>> searchSelectSOrg(@RequestBody IBZOrganizationSearchContext context) {
@@ -183,7 +182,7 @@ public class IBZOrganizationResource {
                 .body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'SelectPOrg',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectPOrg-all')")
 	@ApiOperation(value = "fetch查询上级单位", tags = {"IBZOrganization" } ,notes = "fetch查询上级单位")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchselectporg")
 	public ResponseEntity<List<IBZOrganizationDTO>> fetchSelectPOrg(IBZOrganizationSearchContext context) {
@@ -196,7 +195,7 @@ public class IBZOrganizationResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'SelectPOrg',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectPOrg-all')")
 	@ApiOperation(value = "search查询上级单位", tags = {"IBZOrganization" } ,notes = "search查询上级单位")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/searchselectporg")
 	public ResponseEntity<Page<IBZOrganizationDTO>> searchSelectPOrg(@RequestBody IBZOrganizationSearchContext context) {
@@ -205,7 +204,7 @@ public class IBZOrganizationResource {
                 .body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZOrganization" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchdefault")
 	public ResponseEntity<List<IBZOrganizationDTO>> fetchDefault(IBZOrganizationSearchContext context) {
@@ -218,7 +217,7 @@ public class IBZOrganizationResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZOrganization" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/searchdefault")
 	public ResponseEntity<Page<IBZOrganizationDTO>> searchDefault(@RequestBody IBZOrganizationSearchContext context) {

ibzou-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java

@@ -39,10 +39,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * 实体行为操作标识
      */
     private String DEActionType="DEACTION";
-    /**
-     * 实体数据集操作标识
-     */
-    private String DataSetTag="DATASET";
     /**
      *实体主键标识
      */
@@ -52,95 +48,32 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     @Lazy
     private MongoTemplate mongoTemplate;
 
-    /**
-     * 表格权限检查 ：用于检查当前用户是否拥有表格数据的读取、删除权限
-     *
-     * @param authentication
-     * @param deAction     表格行为，如：[READ,DELETE]
-     * @param gridParam     表格参数，如：当前表格所处实体(EntityName)、表格删除的数据主键(srfkeys)
-     * @return true/false true则允许当前行为，false拒绝行为
-     */
+
     @Override
     public boolean hasPermission(Authentication authentication, Object deAction, Object gridParam) {
-
-        //未开启权限校验、超级管理员则不进行权限检查
-        if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1  || !enablePermissionValid)
             return true;
-
-        String action = "";
-        String deStorageMode;
-        if (deAction instanceof String)
-            action = (String) deAction;
-
-        if (StringUtils.isEmpty(action))
-            return false;
-
-        //获取当前用户权限列表
-        JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermissionList();
-
-        if(userPermission==null)
-            return false;
-
-        List gridParamList = (ArrayList) gridParam;
-        if(action.equalsIgnoreCase("remove")){
-            //准备参数
-            Object srfKey =gridParamList.get(0);
-            EntityBase entity = (EntityBase) gridParamList.get(1);
-            deStorageMode= (String) gridParamList.get(2);
-            String entityName = entity.getClass().getSimpleName();
-
-            //获取实体行为权限信息
-            JSONObject permissionList=userPermission.getJSONObject("entities");
-
-            //检查是否有操作权限[create.update.delete.read]
-            if(!validDEActionHasPermission(permissionList,entityName,action)){
-                return false;
-            }
-            //检查是否有数据权限
-            return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
-        }
-        else{
-            //准备参数
-            Object searchContext=gridParamList.get(0);
-            String dataSetName=String.valueOf(gridParamList.get(1));
-            EntityBase entity = (EntityBase) gridParamList.get(2);
-            deStorageMode= (String) gridParamList.get(3);
-            String entityName = entity.getClass().getSimpleName();
-
-            //获取数据集权限信息
-            JSONObject permissionList=userPermission.getJSONObject("entities");
-
-            if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName))
-                return false;
-
-            //检查是否有访问数据集的权限
-            if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
-                return false;
-            }
-        }
-                return true;
     }
 
 
     /**
-     * 表单权限检查 ：用于检查当前用户是否拥有表单的新建、编辑、删除权限
+     * 实体行为权限检查 ：用于检查当前用户是否拥有实体的新建、编辑、删除权限
      *
      * @param authentication
      * @param srfKey         当前操作数据的主键
      * @param action         当前操作行为：如：[READ、UPDATE、DELETE]
-     * @param formParam      表单参数对象
+     * @param params         相关参数
      * @return true/false true则允许当前行为，false拒绝行为
      */
     @Override
-    public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object formParam) {
+    public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object params) {
 
         //未开启权限校验、超级管理员则不进行权限检查
         if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1  || !enablePermissionValid)
             return true;
 
-        List formParamList = (ArrayList) formParam;
-        EntityBase  entity = (EntityBase) formParamList.get(0);
-        String deStorageMode= (String) formParamList.get(1);
+        List paramList = (ArrayList) params;
+        EntityBase  entity = (EntityBase) paramList.get(0);
+        String deStorageMode= (String) paramList.get(1);
 
         if (StringUtils.isEmpty(entity))
             return false;
@@ -211,33 +144,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         return hasPermission;
     }
 
-    /**
-     * 数据集合权限校验
-     * @param userPermission
-     * @param entityName
-     * @param dataSetName
-     * userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
-     * @return
-     */
-    private boolean validDataSetHasPermission(JSONObject userPermission,String entityName ,String dataSetName){
-
-        boolean hasPermission=false;
-        if(userPermission==null)
-            return false;
-        if(!userPermission.containsKey(entityName))
-            return false;
-        JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
-        if(!entity.containsKey(DataSetTag))
-            return false;
-        JSONObject dataSetList=entity.getJSONObject(DataSetTag);//获取数据集
-        if(!dataSetList.containsKey(dataSetName))
-            return false;
-        JSONArray dataRange=dataSetList.getJSONArray(dataSetName);//获取数据范围
-        if(dataRange!=null && dataRange.size()>0){
-            hasPermission=true;
-        }
-        return hasPermission;
-    }
 
     /**
      * 根据实体存储模式，进行鉴权
@@ -366,28 +272,28 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
         for(int i=0;i<oppriList.size();i++){
             String permissionCond=oppriList.getString(i);//权限配置条件
-            if(permissionCond.equals("CURORG")){   //本单位
+            if(permissionCond.equals("curorg")){   //本单位
                 permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get());
             }
-            else if(permissionCond.equals("PORG")){//上级单位
+            else if(permissionCond.equals("porg")){//上级单位
                 permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgParent)).get());
             }
-            else if(permissionCond.equals("SORG")){//下级单位
+            else if(permissionCond.equals("sorg")){//下级单位
                 permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgChild)).get());
             }
-            else if(permissionCond.equals("CREATEMAN")){//建立人
+            else if(permissionCond.equals("createman")){//建立人
                 permissionSQL.or(new QueryBuilder().and(createManField).is(AuthenticationUser.getAuthenticationUser().getUserid()).get());
             }
-            else if(permissionCond.equals("CURORGDEPT")){//本部门
+            else if(permissionCond.equals("curorgdept")){//本部门
                 permissionSQL.or(new QueryBuilder().and(orgDeptField).is(AuthenticationUser.getAuthenticationUser().getMdeptid()).get());
             }
-            else if(permissionCond.equals("PORGDEPT")){//上级部门
+            else if(permissionCond.equals("porgdept")){//上级部门
                 permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptParent)).get());
             }
-            else if(permissionCond.equals("SORGDEPT")){//下级部门
+            else if(permissionCond.equals("sorgdept")){//下级部门
                 permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptChild)).get());
             }
-            else if(permissionCond.equals("ALL")){
+            else if(permissionCond.equals("all")){
                 permissionSQL.or(new QueryBuilder().get());
             }
         }
@@ -417,28 +323,28 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         for(int i=0;i<oppriList.size();i++){
             permissionSQL.append("OR");
             String permissionCond=oppriList.getString(i);//权限配置条件
-            if(permissionCond.equals("CURORG")){   //本单位
+            if(permissionCond.equals("curorg")){   //本单位
                 permissionSQL.append(String.format("(%s='%s')",orgField,AuthenticationUser.getAuthenticationUser().getOrgid()));
             }
-            else if(permissionCond.equals("PORG")){//上级单位
+            else if(permissionCond.equals("porg")){//上级单位
                 permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgParent)));
             }
-            else if(permissionCond.equals("SORG")){//下级单位
+            else if(permissionCond.equals("sorg")){//下级单位
                 permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgChild)));
             }
-            else if(permissionCond.equals("CREATEMAN")){//建立人
+            else if(permissionCond.equals("createman")){//建立人
                 permissionSQL.append(String.format("(%s='%s')",createManField,AuthenticationUser.getAuthenticationUser().getUserid()));
             }
-            else if(permissionCond.equals("CURORGDEPT")){//本部门
+            else if(permissionCond.equals("curorgdept")){//本部门
                 permissionSQL.append(String.format("(%s='%s')",orgDeptField,AuthenticationUser.getAuthenticationUser().getMdeptid()));
             }
-            else if(permissionCond.equals("PORGDEPT")){//上级部门
+            else if(permissionCond.equals("porgdept")){//上级部门
                 permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptParent)));
             }
-            else if(permissionCond.equals("SORGDEPT")){//下级部门
+            else if(permissionCond.equals("sorgdept")){//下级部门
                 permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild)));
             }
-            else if(permissionCond.equals("ALL")){//全部数据
+            else if(permissionCond.equals("all")){//全部数据
                 permissionSQL.append("(1=1)");
             }
             else{

ibzou-util/src/main/java/cn/ibizlab/util/security/AuthenticationUser.java

@@ -6,13 +6,11 @@ import lombok.AllArgsConstructor;
 import lombok.Data;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.util.ObjectUtils;
-import java.util.Map;
-import java.util.HashMap;
 import java.sql.Timestamp;
-import java.util.Collection;
-import java.util.Set;
+import java.util.*;
 import com.alibaba.fastjson.JSONObject;
 
 @Data
@@ -58,7 +56,7 @@ public class AuthenticationUser implements UserDetails
 	private String memo;
 	private Map <String,Object> sessionParams;
 	@JsonIgnore
-	private   Collection<GrantedAuthority> authorities;
+	private Collection<GrantedAuthority> authorities;
 
     private int superuser;
     private JSONObject permissionList;
@@ -144,4 +142,15 @@ public class AuthenticationUser implements UserDetails
 		else
 			return new HashMap<>();
     }
+
+	public Collection<GrantedAuthority> getAuthorities() {
+		if(authorities==null && permissionList !=null){
+			if(permissionList.getJSONArray("authorities")!=null){
+				authorities=new ArrayList<>();
+				permissionList.getJSONArray("authorities").
+				forEach(item->authorities.add(new SimpleGrantedAuthority(String.valueOf(item))));
+			}
+		}
+		return authorities;
+	}
 }

ibzou-util/src/main/java/cn/ibizlab/util/service/SimpleUserService.java

@@ -12,7 +12,7 @@ import com.alibaba.fastjson.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
-
+import org.springframework.security.core.authority.AuthorityUtils;
 /**
  * 实体[IBZUSER] 服务对象接口实现
  */
@@ -44,6 +44,8 @@ public class SimpleUserService implements AuthenticationUserService{
 		user.setOrgid(domains);
 		user.setOrgcode(domains);
 		user.setOrgname(domains);
+		user.setSuperuser(1);
+		user.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_SUPERADMIN"));
 
 		return user;
 	}