ibiz4j 发布系统代码

app_web/package.json

@@ -26,7 +26,7 @@
     "element-ui": "^2.13.0",
     "file-saver": "^2.0.2",
     "font-awesome": "^4.7.0",
-    "ibiz-gantt-elastic": "^1.0.13",
+    "ibiz-gantt-elastic": "^1.0.15",
     "ibiz-vue-lib": "^0.1.9",
     "interactjs": "^1.9.4",
     "moment": "^2.24.0",

app_web/src/locale/lanres/ibzdepartment/ibzdepartment_en_US.ts

@@ -108,15 +108,20 @@ export default {
 	},
 	main_grid: {
 		columns: {
-			deptid: "部门标识",
 			deptcode: "部门代码",
 			deptname: "部门名称",
-			shortname: "部门简称",
+			orgname: "单位",
+			pdeptname: "上级部门",
 			deptlevel: "部门级别",
+			shortname: "部门简称",
 			bcode: "业务编码",
+			leadername: "分管领导",
 			showorder: "排序",
 			createdate: "创建时间",
 			updatedate: "最后修改时间",
+			orgid: "单位",
+			pdeptid: "上级部门",
+			leaderid: "分管领导标识",
 		},
 		uiactions: {
 		},

app_web/src/locale/lanres/ibzdepartment/ibzdepartment_zh_CN.ts

@@ -107,15 +107,20 @@ export default {
 	},
 	main_grid: {
 		columns: {
-			deptid: '部门标识',
 			deptcode: '部门代码',
 			deptname: '部门名称',
-			shortname: '部门简称',
+			orgname: '单位',
+			pdeptname: '上级部门',
 			deptlevel: '部门级别',
+			shortname: '部门简称',
 			bcode: '业务编码',
+			leadername: '分管领导',
 			showorder: '排序',
 			createdate: '创建时间',
 			updatedate: '最后修改时间',
+			orgid: '单位',
+			pdeptid: '上级部门',
+			leaderid: '分管领导标识',
 		},
 		uiactions: {
 		},

app_web/src/widgets/ibzdepartment/main-form/main-form-base.vue

@@ -17,7 +17,7 @@
 </i-col>
 <i-col v-show="detailsModel.pdeptname.visible" :style="{}"  :lg="{ span: 24, offset: 0 }">
     <app-form-item name='pdeptname' :itemRules="this.rules.pdeptname" class='' :caption="$t('entities.ibzdepartment.main_form.details.pdeptname')" uiStyle="DEFAULT" :labelWidth="130" :isShowCaption="true" :error="detailsModel.pdeptname.error" :isEmptyCaption="false" labelPos="LEFT">
-    <app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="srforgid"  :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
+    <app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="orgid"  :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
 </app-form-item>
 
 </i-col>
@@ -52,7 +52,7 @@
   :value='data.leadername'
   valueitem="leaderid"
   url="/ibzorganizations/${selected-orgid}/ibzemployees/picker"
-  treeurl="/ibzorganizations/${orgid}/suborg/picker"
+  
   :multiple="true"
   filter="srforgid"
   :fillmap="{'id':'leaderid','label':'leadername'}"
@@ -930,6 +930,14 @@ export default class MainBase extends Vue implements ControlInterface {
      * @memberof Main
      */
     public resetFormData({ name, newVal, oldVal }: { name: string, newVal: any, oldVal: any }): void {
+        if (Object.is(name, 'orgid')) {
+            this.onFormItemValueChange({ name: 'pdeptname', value: null });
+            this.onFormItemValueChange({ name: 'pdeptid', value: null });
+        }
+        if (Object.is(name, 'orgid')) {
+            this.onFormItemValueChange({ name: 'leadername', value: null });
+            this.onFormItemValueChange({ name: 'leaderid', value: null });
+        }
     }
 
     /**

app_web/src/widgets/ibzdepartment/main-grid/main-grid-base.vue

@@ -22,51 +22,51 @@
             <template v-if="!isSingleSelect">
                 <el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
             </template>
-            <template v-if="getColumnState('deptid')">
-                <el-table-column show-overflow-tooltip :prop="'deptid'" :label="$t('entities.ibzdepartment.main_grid.columns.deptid')" :width="150"  :align="'left'" :sortable="'custom'">
+            <template v-if="getColumnState('deptcode')">
+                <el-table-column show-overflow-tooltip :prop="'deptcode'" :label="$t('entities.ibzdepartment.main_grid.columns.deptcode')" :width="150"  :align="'left'" :sortable="'custom'">
                     <template v-slot:header="{column}">
                       <span class="column-header ">
-                        {{$t('entities.ibzdepartment.main_grid.columns.deptid')}}
+                        {{$t('entities.ibzdepartment.main_grid.columns.deptcode')}}
                       </span>
                     </template>
                     <template v-slot="{row,column,$index}">
-                        <span>{{row.deptid}}</span>
+                        <span>{{row.deptcode}}</span>
                     </template>
                 </el-table-column>
             </template>
-            <template v-if="getColumnState('deptcode')">
-                <el-table-column show-overflow-tooltip :prop="'deptcode'" :label="$t('entities.ibzdepartment.main_grid.columns.deptcode')" :width="150"  :align="'left'" :sortable="'custom'">
+            <template v-if="getColumnState('deptname')">
+                <el-table-column show-overflow-tooltip :prop="'deptname'" :label="$t('entities.ibzdepartment.main_grid.columns.deptname')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot:header="{column}">
                       <span class="column-header ">
-                        {{$t('entities.ibzdepartment.main_grid.columns.deptcode')}}
+                        {{$t('entities.ibzdepartment.main_grid.columns.deptname')}}
                       </span>
                     </template>
                     <template v-slot="{row,column,$index}">
-                        <span>{{row.deptcode}}</span>
+                        <span>{{row.deptname}}</span>
                     </template>
                 </el-table-column>
             </template>
-            <template v-if="getColumnState('deptname')">
-                <el-table-column show-overflow-tooltip :prop="'deptname'" :label="$t('entities.ibzdepartment.main_grid.columns.deptname')" :width="150"  :align="'left'" :sortable="'custom'">
+            <template v-if="getColumnState('orgname')">
+                <el-table-column show-overflow-tooltip :prop="'orgname'" :label="$t('entities.ibzdepartment.main_grid.columns.orgname')" :width="100"  :align="'left'" :sortable="'custom'">
                     <template v-slot:header="{column}">
                       <span class="column-header ">
-                        {{$t('entities.ibzdepartment.main_grid.columns.deptname')}}
+                        {{$t('entities.ibzdepartment.main_grid.columns.orgname')}}
                       </span>
                     </template>
                     <template v-slot="{row,column,$index}">
-                        <span>{{row.deptname}}</span>
+                        <span>{{row.orgname}}</span>
                     </template>
                 </el-table-column>
             </template>
-            <template v-if="getColumnState('shortname')">
-                <el-table-column show-overflow-tooltip :prop="'shortname'" :label="$t('entities.ibzdepartment.main_grid.columns.shortname')" :width="150"  :align="'left'" :sortable="'custom'">
+            <template v-if="getColumnState('pdeptname')">
+                <el-table-column show-overflow-tooltip :prop="'pdeptname'" :label="$t('entities.ibzdepartment.main_grid.columns.pdeptname')" :width="100"  :align="'left'" :sortable="'custom'">
                     <template v-slot:header="{column}">
                       <span class="column-header ">
-                        {{$t('entities.ibzdepartment.main_grid.columns.shortname')}}
+                        {{$t('entities.ibzdepartment.main_grid.columns.pdeptname')}}
                       </span>
                     </template>
                     <template v-slot="{row,column,$index}">
-                        <span>{{row.shortname}}</span>
+                        <span>{{row.pdeptname}}</span>
                     </template>
                 </el-table-column>
             </template>
@@ -82,6 +82,18 @@
                     </template>
                 </el-table-column>
             </template>
+            <template v-if="getColumnState('shortname')">
+                <el-table-column show-overflow-tooltip :prop="'shortname'" :label="$t('entities.ibzdepartment.main_grid.columns.shortname')" :width="150"  :align="'left'" :sortable="'custom'">
+                    <template v-slot:header="{column}">
+                      <span class="column-header ">
+                        {{$t('entities.ibzdepartment.main_grid.columns.shortname')}}
+                      </span>
+                    </template>
+                    <template v-slot="{row,column,$index}">
+                        <span>{{row.shortname}}</span>
+                    </template>
+                </el-table-column>
+            </template>
             <template v-if="getColumnState('bcode')">
                 <el-table-column show-overflow-tooltip :prop="'bcode'" :label="$t('entities.ibzdepartment.main_grid.columns.bcode')" :width="150"  :align="'left'" :sortable="'custom'">
                     <template v-slot:header="{column}">
@@ -94,6 +106,18 @@
                     </template>
                 </el-table-column>
             </template>
+            <template v-if="getColumnState('leadername')">
+                <el-table-column show-overflow-tooltip :prop="'leadername'" :label="$t('entities.ibzdepartment.main_grid.columns.leadername')" :width="250"  :align="'left'" :sortable="'custom'">
+                    <template v-slot:header="{column}">
+                      <span class="column-header ">
+                        {{$t('entities.ibzdepartment.main_grid.columns.leadername')}}
+                      </span>
+                    </template>
+                    <template v-slot="{row,column,$index}">
+                        <span>{{row.leadername}}</span>
+                    </template>
+                </el-table-column>
+            </template>
             <template v-if="getColumnState('showorder')">
                 <el-table-column show-overflow-tooltip :prop="'showorder'" :label="$t('entities.ibzdepartment.main_grid.columns.showorder')" :width="150"  :align="'left'" :sortable="'custom'">
                     <template v-slot:header="{column}">
@@ -130,6 +154,42 @@
                     </template>
                 </el-table-column>
             </template>
+            <template v-if="getColumnState('orgid')">
+                <el-table-column show-overflow-tooltip :prop="'orgid'" :label="$t('entities.ibzdepartment.main_grid.columns.orgid')" :width="100"  :align="'left'" :sortable="'custom'">
+                    <template v-slot:header="{column}">
+                      <span class="column-header ">
+                        {{$t('entities.ibzdepartment.main_grid.columns.orgid')}}
+                      </span>
+                    </template>
+                    <template v-slot="{row,column,$index}">
+                        <span>{{row.orgid}}</span>
+                    </template>
+                </el-table-column>
+            </template>
+            <template v-if="getColumnState('pdeptid')">
+                <el-table-column show-overflow-tooltip :prop="'pdeptid'" :label="$t('entities.ibzdepartment.main_grid.columns.pdeptid')" :width="100"  :align="'left'" :sortable="'custom'">
+                    <template v-slot:header="{column}">
+                      <span class="column-header ">
+                        {{$t('entities.ibzdepartment.main_grid.columns.pdeptid')}}
+                      </span>
+                    </template>
+                    <template v-slot="{row,column,$index}">
+                        <span>{{row.pdeptid}}</span>
+                    </template>
+                </el-table-column>
+            </template>
+            <template v-if="getColumnState('leaderid')">
+                <el-table-column show-overflow-tooltip :prop="'leaderid'" :label="$t('entities.ibzdepartment.main_grid.columns.leaderid')" :width="100"  :align="'left'" :sortable="'custom'">
+                    <template v-slot:header="{column}">
+                      <span class="column-header ">
+                        {{$t('entities.ibzdepartment.main_grid.columns.leaderid')}}
+                      </span>
+                    </template>
+                    <template v-slot="{row,column,$index}">
+                        <span>{{row.leaderid}}</span>
+                    </template>
+                </el-table-column>
+            </template>
             <template v-if="adaptiveState">
                 <el-table-column></el-table-column>
             </template>
@@ -607,13 +667,6 @@ export default class MainBase extends Vue implements ControlInterface {
      * @memberof Main
      */
     public allColumns: any[] = [
-        {
-            name: 'deptid',
-            label: '部门标识',
-            langtag: 'entities.ibzdepartment.main_grid.columns.deptid',
-            show: true,
-            util: 'px'
-        },
         {
             name: 'deptcode',
             label: '部门代码',
@@ -629,11 +682,18 @@ export default class MainBase extends Vue implements ControlInterface {
             util: 'px'
         },
         {
-            name: 'shortname',
-            label: '部门简称',
-            langtag: 'entities.ibzdepartment.main_grid.columns.shortname',
+            name: 'orgname',
+            label: '单位',
+            langtag: 'entities.ibzdepartment.main_grid.columns.orgname',
             show: true,
-            util: 'px'
+            util: 'PX'
+        },
+        {
+            name: 'pdeptname',
+            label: '上级部门',
+            langtag: 'entities.ibzdepartment.main_grid.columns.pdeptname',
+            show: true,
+            util: 'PX'
         },
         {
             name: 'deptlevel',
@@ -642,6 +702,13 @@ export default class MainBase extends Vue implements ControlInterface {
             show: true,
             util: 'px'
         },
+        {
+            name: 'shortname',
+            label: '部门简称',
+            langtag: 'entities.ibzdepartment.main_grid.columns.shortname',
+            show: true,
+            util: 'px'
+        },
         {
             name: 'bcode',
             label: '业务编码',
@@ -649,6 +716,13 @@ export default class MainBase extends Vue implements ControlInterface {
             show: true,
             util: 'px'
         },
+        {
+            name: 'leadername',
+            label: '分管领导',
+            langtag: 'entities.ibzdepartment.main_grid.columns.leadername',
+            show: true,
+            util: 'PX'
+        },
         {
             name: 'showorder',
             label: '排序',
@@ -670,6 +744,27 @@ export default class MainBase extends Vue implements ControlInterface {
             show: true,
             util: 'px'
         },
+        {
+            name: 'orgid',
+            label: '单位',
+            langtag: 'entities.ibzdepartment.main_grid.columns.orgid',
+            show: false,
+            util: 'PX'
+        },
+        {
+            name: 'pdeptid',
+            label: '上级部门',
+            langtag: 'entities.ibzdepartment.main_grid.columns.pdeptid',
+            show: false,
+            util: 'PX'
+        },
+        {
+            name: 'leaderid',
+            label: '分管领导标识',
+            langtag: 'entities.ibzdepartment.main_grid.columns.leaderid',
+            show: false,
+            util: 'PX'
+        },
     ]
 
     /**

app_web/src/widgets/ibzdepartment/main-grid/main-grid-model.ts

@@ -26,6 +26,11 @@ export default class MainModel {
       ]
     }else{
 		  return [
+        {
+          name: 'leaderid',
+          prop: 'leaderid',
+          dataType: 'TEXT',
+        },
         {
           name: 'bcode',
           prop: 'bcode',
@@ -47,25 +52,25 @@ export default class MainModel {
           dataType: 'TEXT',
         },
         {
-          name: 'srfkey',
+          name: 'srfdataaccaction',
           prop: 'deptid',
           dataType: 'TEXT',
         },
         {
-          name: 'srfdataaccaction',
+          name: 'srfkey',
           prop: 'deptid',
           dataType: 'TEXT',
         },
+        {
+          name: 'leadername',
+          prop: 'leadername',
+          dataType: 'TEXT',
+        },
         {
           name: 'pdeptid',
           prop: 'parentdeptid',
           dataType: 'PICKUP',
         },
-        {
-          name: 'deptid',
-          prop: 'deptid',
-          dataType: 'TEXT',
-        },
         {
           name: 'orgid',
           prop: 'orgid',
@@ -76,6 +81,16 @@ export default class MainModel {
           prop: 'deptcode',
           dataType: 'TEXT',
         },
+        {
+          name: 'orgname',
+          prop: 'orgname',
+          dataType: 'PICKUPTEXT',
+        },
+        {
+          name: 'pdeptname',
+          prop: 'parentdeptname',
+          dataType: 'PICKUPTEXT',
+        },
         {
           name: 'shortname',
           prop: 'shortname',

app_web/src/widgets/ibzdepartment/new-form-form/new-form-form-base.vue

@@ -26,7 +26,7 @@
 </i-col>
 <i-col v-show="detailsModel.pdeptname.visible" :style="{}"  :lg="{ span: 24, offset: 0 }">
     <app-form-item name='pdeptname' :itemRules="this.rules.pdeptname" class='' :caption="$t('entities.ibzdepartment.newform_form.details.pdeptname')" uiStyle="DEFAULT" :labelWidth="130" :isShowCaption="true" :error="detailsModel.pdeptname.error" :isEmptyCaption="false" labelPos="LEFT">
-    <app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="srforgid"  :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
+    <app-department-select :data="data" :context="JSON.parse(JSON.stringify(context))" url="/ibzorganizations/${orgid}/ibzdepartments/picker" filter="orgid"  :fillMap="{'id':'pdeptid','label':'pdeptname'}" :multiple="false" style="" @select-change="onFormItemValueChange"></app-department-select>
 </app-form-item>
 
 </i-col>

ibzou-core/src/main/resources/liquibase/h2_table.xml

@@ -126,7 +126,7 @@
 
 
     <!--输出实体[IBZDEPT]数据结构 -->
-    <changeSet author="a_A_5d9d78509" id="tab-ibzdept-665-4">
+    <changeSet author="a_A_5d9d78509" id="tab-ibzdept-680-4">
         <createTable tableName="IBZDEPT">
                 <column name="DEPTID" remarks="" type="VARCHAR(100)">
                     <constraints primaryKey="true" primaryKeyName="PK_IBZDEPT_DEPTID"/>
@@ -179,10 +179,10 @@
        <addForeignKeyConstraint baseColumnNames="USERID" baseTableName="IBZDEPTMEMBER" constraintName="DER1N_IBZDEPTMEMBER_IBZEMP_USE" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="USERID" referencedTableName="IBZEMP" validate="true"/>
     </changeSet>
         <!--输出实体[IBZDEPT]外键关系 -->
-    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-665-10">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-680-10">
        <addForeignKeyConstraint baseColumnNames="PDEPTID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZDEPT_PDEPTID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="DEPTID" referencedTableName="IBZDEPT" validate="true"/>
     </changeSet>
-    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-665-11">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-680-11">
        <addForeignKeyConstraint baseColumnNames="ORGID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZORG_ORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
     </changeSet>
 

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDepartmentResource.java

@@ -57,7 +57,7 @@ public class IBZDepartmentResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Create')")
     @ApiOperation(value = "createBatch", tags = {"IBZDepartment" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -74,14 +74,14 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
+    @PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdto),'ibzou-IBZDepartment-Save')")
     @ApiOperation(value = "Save", tags = {"IBZDepartment" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/save")
     public ResponseEntity<Boolean> save(@RequestBody IBZDepartmentDTO ibzdepartmentdto) {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.save(ibzdepartmentMapping.toDomain(ibzdepartmentdto)));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Save')")
     @ApiOperation(value = "SaveBatch", tags = {"IBZDepartment" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -109,7 +109,7 @@ public class IBZDepartmentResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdepartmentMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatch", tags = {"IBZDepartment" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -129,7 +129,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Update')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZDepartment" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -179,7 +179,7 @@ public class IBZDepartmentResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-    //@PreAuthorize("hasPermission('','Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
+    @PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdto),'ibzou-IBZDepartment-Create')")
     @ApiOperation(value = "CreateByIBZOrganization", tags = {"IBZDepartment" },  notes = "CreateByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments")
     @Transactional
@@ -191,7 +191,7 @@ public class IBZDepartmentResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Create')")
     @ApiOperation(value = "createBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "createBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -203,7 +203,7 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission(#ibzdepartment_id,'Get',{'Sql',this.ibzdepartmentMapping,this.permissionDTO})")
+    @PostAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(returnObject.body),'ibzou-IBZDepartment-Get')")
     @ApiOperation(value = "GetByIBZOrganization", tags = {"IBZDepartment" },  notes = "GetByIBZOrganization")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}")
     public ResponseEntity<IBZDepartmentDTO> getByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id) {
@@ -212,7 +212,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
+    @PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdto),'ibzou-IBZDepartment-Save')")
     @ApiOperation(value = "SaveByIBZOrganization", tags = {"IBZDepartment" },  notes = "SaveByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/save")
     public ResponseEntity<Boolean> saveByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZDepartmentDTO ibzdepartmentdto) {
@@ -221,7 +221,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Save')")
     @ApiOperation(value = "SaveBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "SaveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -247,7 +247,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentMapping.toDto(ibzdepartmentService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasPermission(#ibzdepartment_id,'Remove',{'Sql',this.ibzdepartmentMapping,this.permissionDTO})")
+    @PreAuthorize("hasPermission(this.ibzdepartmentService.get(#ibzdepartment_id),'ibzou-IBZDepartment-Remove')")
     @ApiOperation(value = "RemoveByIBZOrganization", tags = {"IBZDepartment" },  notes = "RemoveByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}")
     @Transactional
@@ -255,7 +255,7 @@ public class IBZDepartmentResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdepartmentMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "RemoveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganization(@RequestBody List<String> ids) {
@@ -263,7 +263,7 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission(#ibzdepartment_id,'Update',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
+    @PreAuthorize("hasPermission(this.ibzdepartmentService.get(#ibzdepartment_id),'ibzou-IBZDepartment-Update')")
     @ApiOperation(value = "UpdateByIBZOrganization", tags = {"IBZDepartment" },  notes = "UpdateByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}")
     @Transactional
@@ -276,7 +276,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdepartmentMapping.toDomain(#ibzdepartmentdtos),'ibzou-IBZDepartment-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "UpdateBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDeptMemberResource.java

@@ -58,7 +58,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZDeptMember" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -77,7 +77,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
     @ApiOperation(value = "createBatch", tags = {"IBZDeptMember" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -92,7 +92,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
     @ApiOperation(value = "SaveBatch", tags = {"IBZDeptMember" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -123,7 +123,7 @@ public class IBZDeptMemberResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdeptmemberMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatch", tags = {"IBZDeptMember" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -171,7 +171,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
     @ApiOperation(value = "UpdateBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -195,7 +195,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
     @ApiOperation(value = "createBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -216,7 +216,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
     @ApiOperation(value = "SaveBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -253,7 +253,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdeptmemberMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZEmployee(@RequestBody List<String> ids) {
@@ -303,7 +303,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
     @ApiOperation(value = "UpdateBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -327,7 +327,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
     @ApiOperation(value = "createBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -348,7 +348,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
     @ApiOperation(value = "SaveBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -385,7 +385,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdeptmemberMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZDepartmentIBZEmployee(@RequestBody List<String> ids) {
@@ -435,7 +435,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -459,7 +459,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -480,7 +480,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -517,7 +517,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdeptmemberMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZEmployee(@RequestBody List<String> ids) {
@@ -567,7 +567,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -591,7 +591,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Create')")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -612,7 +612,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzdeptmemberMapping,#ibzdeptmemberdtos})")
+    //@PreAuthorize("hasPermission(this.ibzdeptmemberMapping.toDomain(#ibzdeptmemberdtos),'ibzou-IBZDeptMember-Save')")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -649,7 +649,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzdeptmemberMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZDepartmentIBZEmployee(@RequestBody List<String> ids) {

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZEmployeeResource.java

@@ -54,7 +54,7 @@ public class IBZEmployeeResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatch", tags = {"IBZEmployee" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -85,7 +85,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Create')")
     @ApiOperation(value = "createBatch", tags = {"IBZEmployee" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -111,7 +111,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZEmployee" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -119,14 +119,14 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedto),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "Save", tags = {"IBZEmployee" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/save")
     public ResponseEntity<Boolean> save(@RequestBody IBZEmployeeDTO ibzemployeedto) {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(ibzemployeeMapping.toDomain(ibzemployeedto)));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "SaveBatch", tags = {"IBZEmployee" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -170,7 +170,7 @@ public class IBZEmployeeResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
+    @PreAuthorize("hasPermission(this.ibzemployeeService.get(#ibzemployee_id),'ibzou-IBZEmployee-Remove')")
     @ApiOperation(value = "RemoveByIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveByIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
     @Transactional
@@ -178,7 +178,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZDepartment(@RequestBody List<String> ids) {
@@ -198,7 +198,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeedto);
     }
 
-    //@PreAuthorize("hasPermission('','Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedto),'ibzou-IBZEmployee-Create')")
     @ApiOperation(value = "CreateByIBZDepartment", tags = {"IBZEmployee" },  notes = "CreateByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees")
     @Transactional
@@ -210,7 +210,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Create')")
     @ApiOperation(value = "createBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "createBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatchByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -228,7 +228,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.checkKey(ibzemployeeMapping.toDomain(ibzemployeedto)));
     }
 
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeService.get(#ibzemployee_id),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateByIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateByIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
     @Transactional
@@ -241,7 +241,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -253,7 +253,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedto),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "SaveByIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/save")
     public ResponseEntity<Boolean> saveByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -262,7 +262,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "SaveBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -274,7 +274,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Get',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
+    @PostAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(returnObject.body),'ibzou-IBZEmployee-Get')")
     @ApiOperation(value = "GetByIBZDepartment", tags = {"IBZEmployee" },  notes = "GetByIBZDepartment")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
     public ResponseEntity<IBZEmployeeDTO> getByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id) {
@@ -314,7 +314,7 @@ public class IBZEmployeeResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
+    @PreAuthorize("hasPermission(this.ibzemployeeService.get(#ibzemployee_id),'ibzou-IBZEmployee-Remove')")
     @ApiOperation(value = "RemoveByIBZOrganization", tags = {"IBZEmployee" },  notes = "RemoveByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}")
     @Transactional
@@ -322,7 +322,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganization(@RequestBody List<String> ids) {
@@ -342,7 +342,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeedto);
     }
 
-    //@PreAuthorize("hasPermission('','Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedto),'ibzou-IBZEmployee-Create')")
     @ApiOperation(value = "CreateByIBZOrganization", tags = {"IBZEmployee" },  notes = "CreateByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees")
     @Transactional
@@ -354,7 +354,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Create')")
     @ApiOperation(value = "createBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "createBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -372,7 +372,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.checkKey(ibzemployeeMapping.toDomain(ibzemployeedto)));
     }
 
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeService.get(#ibzemployee_id),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateByIBZOrganization", tags = {"IBZEmployee" },  notes = "UpdateByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}")
     @Transactional
@@ -385,7 +385,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -397,7 +397,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedto),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "SaveByIBZOrganization", tags = {"IBZEmployee" },  notes = "SaveByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/save")
     public ResponseEntity<Boolean> saveByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -406,7 +406,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "SaveBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "SaveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -418,7 +418,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Get',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
+    @PostAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(returnObject.body),'ibzou-IBZEmployee-Get')")
     @ApiOperation(value = "GetByIBZOrganization", tags = {"IBZEmployee" },  notes = "GetByIBZOrganization")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}")
     public ResponseEntity<IBZEmployeeDTO> getByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id) {
@@ -458,7 +458,7 @@ public class IBZEmployeeResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
+    @PreAuthorize("hasPermission(this.ibzemployeeService.get(#ibzemployee_id),'ibzou-IBZEmployee-Remove')")
     @ApiOperation(value = "RemoveByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
     @Transactional
@@ -466,7 +466,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZDepartment(@RequestBody List<String> ids) {
@@ -486,7 +486,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeedto);
     }
 
-    //@PreAuthorize("hasPermission('','Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedto),'ibzou-IBZEmployee-Create')")
     @ApiOperation(value = "CreateByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "CreateByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees")
     @Transactional
@@ -498,7 +498,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Create')")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "createBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -516,7 +516,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.checkKey(ibzemployeeMapping.toDomain(ibzemployeedto)));
     }
 
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeService.get(#ibzemployee_id),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
     @Transactional
@@ -529,7 +529,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Update')")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -541,7 +541,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
+    @PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedto),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "SaveByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/save")
     public ResponseEntity<Boolean> saveByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -550,7 +550,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(domain));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzemployeeMapping,#ibzemployeedtos})")
+    //@PreAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(#ibzemployeedtos),'ibzou-IBZEmployee-Save')")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -562,7 +562,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission(#ibzemployee_id,'Get',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
+    @PostAuthorize("hasPermission(this.ibzemployeeMapping.toDomain(returnObject.body),'ibzou-IBZEmployee-Get')")
     @ApiOperation(value = "GetByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "GetByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
     public ResponseEntity<IBZEmployeeDTO> getByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id) {

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZOrganizationResource.java

@@ -64,7 +64,7 @@ public class IBZOrganizationResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Update',{'Sql',this.ibzorganizationMapping,#ibzorganizationdtos})")
+    //@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos),'ibzou-IBZOrganization-Update')")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZOrganization" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
@@ -83,7 +83,7 @@ public class IBZOrganizationResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasPermission('Create',{'Sql',this.ibzorganizationMapping,#ibzorganizationdtos})")
+    //@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos),'ibzou-IBZOrganization-Create')")
     @ApiOperation(value = "createBatch", tags = {"IBZOrganization" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
@@ -91,14 +91,14 @@ public class IBZOrganizationResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasPermission('','Save',{'Sql',this.ibzorganizationMapping,#ibzorganizationdto})")
+    @PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdto),'ibzou-IBZOrganization-Save')")
     @ApiOperation(value = "Save", tags = {"IBZOrganization" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/save")
     public ResponseEntity<Boolean> save(@RequestBody IBZOrganizationDTO ibzorganizationdto) {
         return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.save(ibzorganizationMapping.toDomain(ibzorganizationdto)));
     }
 
-    //@PreAuthorize("hasPermission('Save',{'Sql',this.ibzorganizationMapping,#ibzorganizationdtos})")
+    //@PreAuthorize("hasPermission(this.ibzorganizationMapping.toDomain(#ibzorganizationdtos),'ibzou-IBZOrganization-Save')")
     @ApiOperation(value = "SaveBatch", tags = {"IBZOrganization" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
@@ -114,7 +114,7 @@ public class IBZOrganizationResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.remove(ibzorganization_id));
     }
 
-    //@PreAuthorize("hasPermission('Remove',{'Sql',this.ibzorganizationMapping,this.permissionDTO,#ids})")
+    //
     @ApiOperation(value = "RemoveBatch", tags = {"IBZOrganization" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {

ibzou-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java

@@ -23,7 +23,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     @Value("${ibiz.enablePermissionValid:false}")
     boolean enablePermissionValid;  //是否开启权限校验
-
+    /**
+     *实体主键标识
+     */
+    private String keyFieldTag="keyfield";
     /**
      * 实体行为鉴权
      * @param authentication
@@ -39,18 +42,18 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             return true;
 
         String strAction=String.valueOf(action);
-        Set<String> entityDataRange = getAuthorities(authentication,strAction);
-        if(entityDataRange.size()==0)
+        Set<String> userAuthorities = getAuthorities(authentication,strAction);
+        if(userAuthorities.size()==0)
             return false;
 
         //拥有全部数据访问权限时，则跳过权限检查
-        if(isAllData(strAction,entityDataRange)){
+        if(isAllData(strAction,userAuthorities)){
             return true;
         }
         if(entity instanceof  ArrayList){
             List<EntityBase> entities= (List<EntityBase>) entity;
             for(EntityBase entityBase: entities){
-                boolean result=actionValid(entityBase,strAction,entityDataRange);
+                boolean result=actionValid(entityBase, strAction ,userAuthorities);
                 if(!result){
                    return false;
                 }
@@ -58,7 +61,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         }
         else{
             EntityBase entityBase= (EntityBase) entity;
-            return actionValid(entityBase,strAction,entityDataRange);
+            return actionValid(entityBase , strAction ,userAuthorities);
         }
         return true;
     }
@@ -77,15 +80,15 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      */
     private Set<String> getAuthorities(Authentication authentication , String action){
         Collection authorities=authentication.getAuthorities();
-        Set<String> entityDataRange = new HashSet();
+        Set<String> userAuthorities = new HashSet();
         Iterator var2 = authorities.iterator();
 
         while(var2.hasNext()) {
             GrantedAuthority authority = (GrantedAuthority)var2.next();
             if(authority.getAuthority().contains(action))
-                entityDataRange.add(authority.getAuthority());
+                userAuthorities.add(authority.getAuthority());
         }
-        return entityDataRange;
+        return userAuthorities;
     }
 
     /**
@@ -106,10 +109,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     /**
      * 实体行为权限校验
      * @param entity
-     * @param entityDataRange
+     * @param userAuthorities
      * @return
      */
-    private boolean actionValid(EntityBase entity, String action, Set<String> entityDataRange){
+    private boolean actionValid(EntityBase entity, String action , Set<String> userAuthorities){
 
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String orgField=permissionField.get("orgfield");
@@ -129,33 +132,42 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         Set<String> userOrg = new HashSet<>();
         Set<String> userOrgDept = new HashSet<>();
 
-        for(String permissionCond:entityDataRange){
-            if(permissionCond.endsWith("curorg")){   //本单位
+        for(String authority:userAuthorities){
+            if(authority.endsWith("curorg")){   //本单位
                 userOrg.add(authenticationUser.getOrgid());
             }
-            else if(permissionCond.endsWith("porg")){//上级单位
+            else if(authority.endsWith("porg")){//上级单位
                 userOrg.addAll(orgParent);
             }
-            else if(permissionCond.endsWith("sorg")){//下级单位
+            else if(authority.endsWith("sorg")){//下级单位
                 userOrg.addAll(orgChild);
             }
-            else if(permissionCond.endsWith("curorgdept")){//本部门
+            else if(authority.endsWith("curorgdept")){//本部门
                 userOrgDept.add(authenticationUser.getMdeptid());
             }
-            else if(permissionCond.endsWith("porgdept")){//上级部门
+            else if(authority.endsWith("porgdept")){//上级部门
                 userOrgDept.addAll(orgDeptParent);
             }
-            else if(permissionCond.endsWith("sorgdept")){//下级部门
+            else if(authority.endsWith("sorgdept")){//下级部门
                 userOrgDept.addAll(orgDeptChild);
             }
         }
 
+        if(action.endsWith("Save")){
+            String keyFieldName=permissionField.get(keyFieldTag);
+            Object srfKey=entity.get(keyFieldName);
+            if(ObjectUtils.isEmpty(srfKey))
+                action="Create";
+            else
+                action="Update";
+        }
+
        if(action.endsWith("Create")){
            if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue))
                return false;
            if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue))
                return false;
-            if(!ObjectUtils.isEmpty(crateManFieldValue) && !crateManFieldValue.equals(authenticationUser.getUserid()))
+           if(!ObjectUtils.isEmpty(crateManFieldValue) && !authenticationUser.getUserid().equals(crateManFieldValue))
                return false;
 
                return true;
@@ -165,7 +177,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
                return true;
            if(!ObjectUtils.isEmpty(orgDeptFieldValue) && userOrgDept.contains(orgDeptFieldValue))
                return true;
-            if(!ObjectUtils.isEmpty(crateManFieldValue) && crateManFieldValue.equals(authenticationUser.getUserid()))
+           if(!ObjectUtils.isEmpty(crateManFieldValue) && authenticationUser.getUserid().equals(crateManFieldValue))
                return true;
 
                return false;