提交 2de9ab42 编写于 作者: ibizdev's avatar ibizdev

ibiz4j 发布系统代码

上级 816e8081
......@@ -26,7 +26,7 @@
"element-ui": "^2.13.0",
"file-saver": "^2.0.2",
"font-awesome": "^4.7.0",
"ibiz-gantt-elastic": "^1.0.13",
"ibiz-gantt-elastic": "^1.0.15",
"ibiz-vue-lib": "^0.1.9",
"interactjs": "^1.9.4",
"moment": "^2.24.0",
......
......@@ -108,15 +108,20 @@ export default {
},
main_grid: {
columns: {
deptid: "部门标识",
deptcode: "部门代码",
deptname: "部门名称",
shortname: "部门简称",
orgname: "单位",
pdeptname: "上级部门",
deptlevel: "部门级别",
shortname: "部门简称",
bcode: "业务编码",
leadername: "分管领导",
showorder: "排序",
createdate: "创建时间",
updatedate: "最后修改时间",
orgid: "单位",
pdeptid: "上级部门",
leaderid: "分管领导标识",
},
uiactions: {
},
......
......@@ -107,15 +107,20 @@ export default {
},
main_grid: {
columns: {
deptid: '部门标识',
deptcode: '部门代码',
deptname: '部门名称',
shortname: '部门简称',
orgname: '单位',
pdeptname: '上级部门',
deptlevel: '部门级别',
shortname: '部门简称',
bcode: '业务编码',
leadername: '分管领导',
showorder: '排序',
createdate: '创建时间',
updatedate: '最后修改时间',
orgid: '单位',
pdeptid: '上级部门',
leaderid: '分管领导标识',
},
uiactions: {
},
......
......@@ -17,7 +17,7 @@
</i-col>
<i-col v-show="detailsModel.pdeptname.visible" :style="{}" :lg="{ span: 24, offset: 0 }">
<app-form-item name='pdeptname' :itemRules="this.rules.pdeptname" class='' :caption="$t('entities.ibzdepartment.main_form.details.pdeptname')" uiStyle="DEFAULT" :labelWidth="130" :isShowCaption="true" :error="detailsModel.pdeptname.error" :isEmptyCaption="false" labelPos="LEFT">
<app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="srforgid" :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
<app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="orgid" :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
</app-form-item>
</i-col>
......@@ -52,7 +52,7 @@
:value='data.leadername'
valueitem="leaderid"
url="/ibzorganizations/${selected-orgid}/ibzemployees/picker"
treeurl="/ibzorganizations/${orgid}/suborg/picker"
:multiple="true"
filter="srforgid"
:fillmap="{'id':'leaderid','label':'leadername'}"
......@@ -930,6 +930,14 @@ export default class MainBase extends Vue implements ControlInterface {
* @memberof Main
*/
public resetFormData({ name, newVal, oldVal }: { name: string, newVal: any, oldVal: any }): void {
if (Object.is(name, 'orgid')) {
this.onFormItemValueChange({ name: 'pdeptname', value: null });
this.onFormItemValueChange({ name: 'pdeptid', value: null });
}
if (Object.is(name, 'orgid')) {
this.onFormItemValueChange({ name: 'leadername', value: null });
this.onFormItemValueChange({ name: 'leaderid', value: null });
}
}
/**
......
......@@ -26,6 +26,11 @@ export default class MainModel {
]
}else{
return [
{
name: 'leaderid',
prop: 'leaderid',
dataType: 'TEXT',
},
{
name: 'bcode',
prop: 'bcode',
......@@ -47,25 +52,25 @@ export default class MainModel {
dataType: 'TEXT',
},
{
name: 'srfkey',
name: 'srfdataaccaction',
prop: 'deptid',
dataType: 'TEXT',
},
{
name: 'srfdataaccaction',
name: 'srfkey',
prop: 'deptid',
dataType: 'TEXT',
},
{
name: 'leadername',
prop: 'leadername',
dataType: 'TEXT',
},
{
name: 'pdeptid',
prop: 'parentdeptid',
dataType: 'PICKUP',
},
{
name: 'deptid',
prop: 'deptid',
dataType: 'TEXT',
},
{
name: 'orgid',
prop: 'orgid',
......@@ -76,6 +81,16 @@ export default class MainModel {
prop: 'deptcode',
dataType: 'TEXT',
},
{
name: 'orgname',
prop: 'orgname',
dataType: 'PICKUPTEXT',
},
{
name: 'pdeptname',
prop: 'parentdeptname',
dataType: 'PICKUPTEXT',
},
{
name: 'shortname',
prop: 'shortname',
......
......@@ -26,7 +26,7 @@
</i-col>
<i-col v-show="detailsModel.pdeptname.visible" :style="{}" :lg="{ span: 24, offset: 0 }">
<app-form-item name='pdeptname' :itemRules="this.rules.pdeptname" class='' :caption="$t('entities.ibzdepartment.newform_form.details.pdeptname')" uiStyle="DEFAULT" :labelWidth="130" :isShowCaption="true" :error="detailsModel.pdeptname.error" :isEmptyCaption="false" labelPos="LEFT">
<app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="srforgid" :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
<app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="orgid" :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
</app-form-item>
</i-col>
......
......@@ -126,7 +126,7 @@
<!--输出实体[IBZDEPT]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-ibzdept-665-4">
<changeSet author="a_A_5d9d78509" id="tab-ibzdept-680-4">
<createTable tableName="IBZDEPT">
<column name="DEPTID" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_IBZDEPT_DEPTID"/>
......@@ -179,10 +179,10 @@
<addForeignKeyConstraint baseColumnNames="USERID" baseTableName="IBZDEPTMEMBER" constraintName="DER1N_IBZDEPTMEMBER_IBZEMP_USE" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="USERID" referencedTableName="IBZEMP" validate="true"/>
</changeSet>
<!--输出实体[IBZDEPT]外键关系 -->
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-665-10">
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-680-10">
<addForeignKeyConstraint baseColumnNames="PDEPTID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZDEPT_PDEPTID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="DEPTID" referencedTableName="IBZDEPT" validate="true"/>
</changeSet>
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-665-11">
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-680-11">
<addForeignKeyConstraint baseColumnNames="ORGID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZORG_ORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
</changeSet>
......
......@@ -57,7 +57,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
//@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Create')")
@ApiOperation(value = "createBatch", tags = {"IBZDepartment" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......@@ -74,14 +74,14 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdto),'ibzou-IBZDepartment-Save')")
@ApiOperation(value = "Save", tags = {"IBZDepartment" }, notes = "Save")
@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/save")
public ResponseEntity<Boolean> save(@RequestBody IBZDepartmentDTO ibzdepartmentdto) {
return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.save(ibzdepartmentMapping.toDomain(ibzdepartmentdto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
//@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Save')")
@ApiOperation(value = "SaveBatch", tags = {"IBZDepartment" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......@@ -109,7 +109,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdepartmentMapping,this.permissionDTO,#ids})")
//
@ApiOperation(value = "RemoveBatch", tags = {"IBZDepartment" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......@@ -129,7 +129,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
//@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Update')")
@ApiOperation(value = "UpdateBatch", tags = {"IBZDepartment" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......@@ -179,7 +179,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK)
.body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
//@PreAuthorize("hasPermission('','Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdto),'ibzou-IBZDepartment-Create')")
@ApiOperation(value = "CreateByIBZOrganization", tags = {"IBZDepartment" }, notes = "CreateByIBZOrganization")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments")
@Transactional
......@@ -191,7 +191,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
//@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Create')")
@ApiOperation(value = "createBatchByIBZOrganization", tags = {"IBZDepartment" }, notes = "createBatchByIBZOrganization")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
public ResponseEntity<Boolean> createBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......@@ -203,7 +203,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(true);
}
//@PreAuthorize("hasPermission(#ibzdepartment_id,'Get',{'Sql',this.ibzdepartmentMapping,this.permissionDTO})")
@PostAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(returnObject.body),'ibzou-IBZDepartment-Get')")
@ApiOperation(value = "GetByIBZOrganization", tags = {"IBZDepartment" }, notes = "GetByIBZOrganization")
@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}")
public ResponseEntity<IBZDepartmentDTO> getByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id) {
......@@ -212,7 +212,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdto),'ibzou-IBZDepartment-Save')")
@ApiOperation(value = "SaveByIBZOrganization", tags = {"IBZDepartment" }, notes = "SaveByIBZOrganization")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/save")
public ResponseEntity<Boolean> saveByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZDepartmentDTO ibzdepartmentdto) {
......@@ -221,7 +221,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.save(domain));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
//@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Save')")
@ApiOperation(value = "SaveBatchByIBZOrganization", tags = {"IBZDepartment" }, notes = "SaveBatchByIBZOrganization")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/savebatch")
public ResponseEntity<Boolean> saveBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......@@ -247,7 +247,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentMapping.toDto(ibzdepartmentService.getDraft(domain)));
}
//@PreAuthorize("hasPermission(#ibzdepartment_id,'Remove',{'Sql',this.ibzdepartmentMapping,this.permissionDTO})")
@PreAuthorize("hasPermission(this.ibzdepartmentService.get(#ibzdepartment_id),'ibzou-IBZDepartment-Remove')")
@ApiOperation(value = "RemoveByIBZOrganization", tags = {"IBZDepartment" }, notes = "RemoveByIBZOrganization")
@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}")
@Transactional
......@@ -255,7 +255,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdepartmentMapping,this.permissionDTO,#ids})")
//
@ApiOperation(value = "RemoveBatchByIBZOrganization", tags = {"IBZDepartment" }, notes = "RemoveBatchByIBZOrganization")
@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
public ResponseEntity<Boolean> removeBatchByIBZOrganization(@RequestBody List<String> ids) {
......@@ -263,7 +263,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(true);
}
//@PreAuthorize("hasPermission(#ibzdepartment_id,'Update',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
@PreAuthorize("hasPermission(this.ibzdepartmentService.get(#ibzdepartment_id),'ibzou-IBZDepartment-Update')")
@ApiOperation(value = "UpdateByIBZOrganization", tags = {"IBZDepartment" }, notes = "UpdateByIBZOrganization")
@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}")
@Transactional
......@@ -276,7 +276,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
//@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Update')")
@ApiOperation(value = "UpdateBatchByIBZOrganization", tags = {"IBZDepartment" }, notes = "UpdateBatchByIBZOrganization")
@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
public ResponseEntity<Boolean> updateBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......
......@@ -64,7 +64,7 @@ public class IBZOrganizationResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.ibzorganizationMapping,#ibzorganizationdtos})")
//@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos),'ibzou-IBZOrganization-Update')")
@ApiOperation(value = "UpdateBatch", tags = {"IBZOrganization" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
......@@ -83,7 +83,7 @@ public class IBZOrganizationResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.ibzorganizationMapping,#ibzorganizationdtos})")
//@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos),'ibzou-IBZOrganization-Create')")
@ApiOperation(value = "createBatch", tags = {"IBZOrganization" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
......@@ -91,14 +91,14 @@ public class IBZOrganizationResource {
return ResponseEntity.status(HttpStatus.OK).body(true);
}
//@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzorganizationMapping,#ibzorganizationdto})")
@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdto),'ibzou-IBZOrganization-Save')")
@ApiOperation(value = "Save", tags = {"IBZOrganization" }, notes = "Save")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/save")
public ResponseEntity<Boolean> save(@RequestBody IBZOrganizationDTO ibzorganizationdto) {
return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.save(ibzorganizationMapping.toDomain(ibzorganizationdto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.ibzorganizationMapping,#ibzorganizationdtos})")
//@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos),'ibzou-IBZOrganization-Save')")
@ApiOperation(value = "SaveBatch", tags = {"IBZOrganization" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
......@@ -114,7 +114,7 @@ public class IBZOrganizationResource {
return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.remove(ibzorganization_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzorganizationMapping,this.permissionDTO,#ids})")
//
@ApiOperation(value = "RemoveBatch", tags = {"IBZOrganization" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......
......@@ -23,7 +23,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
@Value("${ibiz.enablePermissionValid:false}")
boolean enablePermissionValid; //是否开启权限校验
/**
*实体主键标识
*/
private String keyFieldTag="keyfield";
/**
* 实体行为鉴权
* @param authentication
......@@ -39,18 +42,18 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true;
String strAction=String.valueOf(action);
Set<String> entityDataRange = getAuthorities(authentication,strAction);
if(entityDataRange.size()==0)
Set<String> userAuthorities = getAuthorities(authentication,strAction);
if(userAuthorities.size()==0)
return false;
//拥有全部数据访问权限时,则跳过权限检查
if(isAllData(strAction,entityDataRange)){
if(isAllData(strAction,userAuthorities)){
return true;
}
if(entity instanceof ArrayList){
List<EntityBase> entities= (List<EntityBase>) entity;
for(EntityBase entityBase: entities){
boolean result=actionValid(entityBase,strAction,entityDataRange);
boolean result=actionValid(entityBase, strAction ,userAuthorities);
if(!result){
return false;
}
......@@ -58,7 +61,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
}
else{
EntityBase entityBase= (EntityBase) entity;
return actionValid(entityBase,strAction,entityDataRange);
return actionValid(entityBase , strAction ,userAuthorities);
}
return true;
}
......@@ -77,15 +80,15 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
*/
private Set<String> getAuthorities(Authentication authentication , String action){
Collection authorities=authentication.getAuthorities();
Set<String> entityDataRange = new HashSet();
Set<String> userAuthorities = new HashSet();
Iterator var2 = authorities.iterator();
while(var2.hasNext()) {
GrantedAuthority authority = (GrantedAuthority)var2.next();
if(authority.getAuthority().contains(action))
entityDataRange.add(authority.getAuthority());
userAuthorities.add(authority.getAuthority());
}
return entityDataRange;
return userAuthorities;
}
/**
......@@ -106,10 +109,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
/**
* 实体行为权限校验
* @param entity
* @param entityDataRange
* @param userAuthorities
* @return
*/
private boolean actionValid(EntityBase entity, String action, Set<String> entityDataRange){
private boolean actionValid(EntityBase entity, String action , Set<String> userAuthorities){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String orgField=permissionField.get("orgfield");
......@@ -129,47 +132,56 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
Set<String> userOrg = new HashSet<>();
Set<String> userOrgDept = new HashSet<>();
for(String permissionCond:entityDataRange){
if(permissionCond.endsWith("curorg")){ //本单位
for(String authority:userAuthorities){
if(authority.endsWith("curorg")){ //本单位
userOrg.add(authenticationUser.getOrgid());
}
else if(permissionCond.endsWith("porg")){//上级单位
else if(authority.endsWith("porg")){//上级单位
userOrg.addAll(orgParent);
}
else if(permissionCond.endsWith("sorg")){//下级单位
else if(authority.endsWith("sorg")){//下级单位
userOrg.addAll(orgChild);
}
else if(permissionCond.endsWith("curorgdept")){//本部门
else if(authority.endsWith("curorgdept")){//本部门
userOrgDept.add(authenticationUser.getMdeptid());
}
else if(permissionCond.endsWith("porgdept")){//上级部门
else if(authority.endsWith("porgdept")){//上级部门
userOrgDept.addAll(orgDeptParent);
}
else if(permissionCond.endsWith("sorgdept")){//下级部门
else if(authority.endsWith("sorgdept")){//下级部门
userOrgDept.addAll(orgDeptChild);
}
}
if(action.endsWith("Create")){
if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue))
return false;
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue))
return false;
if(!ObjectUtils.isEmpty(crateManFieldValue) && !crateManFieldValue.equals(authenticationUser.getUserid()))
return false;
return true;
if(action.endsWith("Save")){
String keyFieldName=permissionField.get(keyFieldTag);
Object srfKey=entity.get(keyFieldName);
if(ObjectUtils.isEmpty(srfKey))
action="Create";
else
action="Update";
}
else{
if(!ObjectUtils.isEmpty(orgFieldValue) && userOrg.contains(orgFieldValue))
return true;
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && userOrgDept.contains(orgDeptFieldValue))
return true;
if(!ObjectUtils.isEmpty(crateManFieldValue) && crateManFieldValue.equals(authenticationUser.getUserid()))
return true;
return false;
}
if(action.endsWith("Create")){
if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue))
return false;
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue))
return false;
if(!ObjectUtils.isEmpty(crateManFieldValue) && !authenticationUser.getUserid().equals(crateManFieldValue))
return false;
return true;
}
else{
if(!ObjectUtils.isEmpty(orgFieldValue) && userOrg.contains(orgFieldValue))
return true;
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && userOrgDept.contains(orgDeptFieldValue))
return true;
if(!ObjectUtils.isEmpty(crateManFieldValue) && authenticationUser.getUserid().equals(crateManFieldValue))
return true;
return false;
}
}
/**
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册