lab_qyk 部署微服务接口

config.xml

@@ -37,6 +37,11 @@
 	  git clone -b master $para2 ibzou/
       export NODE_OPTIONS=--max-old-space-size=4096
       cd ibzou/
+      mvn clean package -Papi
+      cd ibzou-provider/ibzou-provider-api
+      mvn -Papi docker:build
+      mvn -Papi docker:push
+      docker -H $para1 stack deploy --compose-file=src/main/docker/ibzou-provider-api.yaml ibzlab-rt --with-registry-auth      
       </command>
     </hudson.tasks.Shell>
   </builders>

ibzou-core/pom.xml

@@ -150,7 +150,7 @@
                                     <verbose>true</verbose>
                                     <logging>debug</logging>
                                     <contexts>!test</contexts>
-                                    <diffExcludeObjects>Index:.*,table:ibzfile,ibzuser,ibzdataaudit</diffExcludeObjects>
+                                    <diffExcludeObjects>Index:.*,table:ibzfile,ibzuser,ibzdataaudit,IBZFILE,IBZUSER,IBZDATAAUDIT</diffExcludeObjects>
                                 </configuration>
                                 <phase>process-resources</phase>
                                 <goals>

ibzou-core/src/main/resources/liquibase/h2_table.xml

@@ -2,7 +2,7 @@
 <databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:ext="http://www.liquibase.org/xml/ns/dbchangelog-ext" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog-ext http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd">
 
     <!--输出实体[IBZORG]数据结构 -->
-    <changeSet author="a_A_5d9d78509" id="tab-ibzorg-424-1">
+    <changeSet author="a_A_5d9d78509" id="tab-ibzorg-429-1">
         <createTable tableName="IBZORG">
                 <column name="ORGID" remarks="" type="VARCHAR(100)">
                     <constraints primaryKey="true" primaryKeyName="PK_IBZORG_ORGID"/>
@@ -28,7 +28,7 @@
         </createTable>
     </changeSet>
     <!--输出实体[IBZEMP]数据结构 -->
-    <changeSet author="a_A_5d9d78509" id="tab-ibzemp-618-2">
+    <changeSet author="a_A_5d9d78509" id="tab-ibzemp-623-2">
         <createTable tableName="IBZEMP">
                 <column name="USERID" remarks="" type="VARCHAR(100)">
                     <constraints primaryKey="true" primaryKeyName="PK_IBZEMP_USERID"/>
@@ -118,7 +118,7 @@
         </createTable>
     </changeSet>
     <!--输出实体[IBZDEPT]数据结构 -->
-    <changeSet author="a_A_5d9d78509" id="tab-ibzdept-543-4">
+    <changeSet author="a_A_5d9d78509" id="tab-ibzdept-554-4">
         <createTable tableName="IBZDEPT">
                 <column name="DEPTID" remarks="" type="VARCHAR(100)">
                     <constraints primaryKey="true" primaryKeyName="PK_IBZDEPT_DEPTID"/>
@@ -153,14 +153,14 @@
     </changeSet>
 
         <!--输出实体[IBZORG]外键关系 -->
-    <changeSet author="a_A_5d9d78509" id="fk-ibzorg-424-5">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzorg-429-5">
        <addForeignKeyConstraint baseColumnNames="PORGID" baseTableName="IBZORG" constraintName="DER1N_IBZORG_IBZORG_PORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
     </changeSet>
         <!--输出实体[IBZEMP]外键关系 -->
-    <changeSet author="a_A_5d9d78509" id="fk-ibzemp-618-6">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzemp-623-6">
        <addForeignKeyConstraint baseColumnNames="MDEPTID" baseTableName="IBZEMP" constraintName="DER1N_IBZEMP_IBZDEPT_MDEPTID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="DEPTID" referencedTableName="IBZDEPT" validate="true"/>
     </changeSet>
-    <changeSet author="a_A_5d9d78509" id="fk-ibzemp-618-7">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzemp-623-7">
        <addForeignKeyConstraint baseColumnNames="ORGID" baseTableName="IBZEMP" constraintName="DER1N_IBZEMP_IBZORG_ORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
     </changeSet>
         <!--输出实体[IBZDEPTMEMBER]外键关系 -->
@@ -171,10 +171,10 @@
        <addForeignKeyConstraint baseColumnNames="USERID" baseTableName="IBZDEPTMEMBER" constraintName="DER1N_IBZDEPTMEMBER_IBZEMP_USE" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="USERID" referencedTableName="IBZEMP" validate="true"/>
     </changeSet>
         <!--输出实体[IBZDEPT]外键关系 -->
-    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-543-10">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-554-10">
        <addForeignKeyConstraint baseColumnNames="PDEPTID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZDEPT_PDEPTID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="DEPTID" referencedTableName="IBZDEPT" validate="true"/>
     </changeSet>
-    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-543-11">
+    <changeSet author="a_A_5d9d78509" id="fk-ibzdept-554-11">
        <addForeignKeyConstraint baseColumnNames="ORGID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZORG_ORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
     </changeSet>
 

ibzou-core/src/main/resources/permission/systemResource.json

@@ -40,7 +40,7 @@
             {
                "appid":"web",
                "appname":"统一组织单位",
-               "appmenu":[{"menuid":"OUIndexView", "menuname":"OUIndexView", "menuitem":[{ "id":"menuitem1" , "name":"单位管理" },{ "id":"menuitem2" , "name":"部门管理" },{ "id":"menuitem3" , "name":"人员管理" }] }]
+               "appmenu":[{"menuid":"OUIndexView", "menuname":"OUIndexView", "menuitem":[{ "id":"menuitem1" , "name":"单位管理" },{ "id":"menuitem2" , "name":"部门管理" },{ "id":"menuitem3" , "name":"人员管理" },{ "id":"menuitem4" , "name":"组织树" },{ "id":"menuitem5" , "name":"部门树" }] }]
             }
             ]
     }

ibzou-provider/ibzou-provider-api/src/main/docker/Dockerfile

@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
     sleep ${IBZ_SLEEP} && \
     java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzou-provider-api.jar
 
-EXPOSE 8081
+EXPOSE 40001
 
 ADD ibzou-provider-api.jar /ibzou-provider-api.jar

ibzou-provider/ibzou-provider-api/src/main/docker/ibzou-provider-api.yaml

@@ -3,9 +3,21 @@ services:
   ibzou-provider-api:
     image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzou-provider-api:latest
     ports:
-      - "8081:8081"
+      - "40001:40001"
     networks:
       - agent_network
+    environment:
+      - SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
+      - SERVER_PORT=40001
+      - SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
+      - SPRING_REDIS_HOST=172.16.100.243
+      - SPRING_REDIS_PORT=6379
+      - SPRING_REDIS_DATABASE=0
+      - SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
+      - SPRING_DATASOURCE_PASSWORD=@6dEfb3@
+      - SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
+      - SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
+      - SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
     deploy:
       mode: replicated
       replicas: 1

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDepartmentResource.java

@@ -54,9 +54,6 @@ public class IBZDepartmentResource {
 
     public IBZDepartmentDTO permissionDTO=new IBZDepartmentDTO();
 
-
-
-
     @PreAuthorize("hasPermission('','Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
     @ApiOperation(value = "Create", tags = {"IBZDepartment" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments")
@@ -68,6 +65,7 @@ public class IBZDepartmentResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatch", tags = {"IBZDepartment" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -75,9 +73,6 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzdepartment_id,'Get',{'Sql',this.ibzdepartmentMapping,this.permissionDTO})")
     @ApiOperation(value = "Get", tags = {"IBZDepartment" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzdepartments/{ibzdepartment_id}")
@@ -87,16 +82,14 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Save-all')")
     @ApiOperation(value = "Save", tags = {"IBZDepartment" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/save")
     public ResponseEntity<Boolean> save(@RequestBody IBZDepartmentDTO ibzdepartmentdto) {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.save(ibzdepartmentMapping.toDomain(ibzdepartmentdto)));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatch", tags = {"IBZDepartment" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -104,29 +97,20 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CheckKey-all')")
     @ApiOperation(value = "CheckKey", tags = {"IBZDepartment" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/checkkey")
     public ResponseEntity<Boolean> checkKey(@RequestBody IBZDepartmentDTO ibzdepartmentdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.checkKey(ibzdepartmentMapping.toDomain(ibzdepartmentdto)));
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-GetDraft-all')")
     @ApiOperation(value = "GetDraft", tags = {"IBZDepartment" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzdepartments/getdraft")
     public ResponseEntity<IBZDepartmentDTO> getDraft() {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentMapping.toDto(ibzdepartmentService.getDraft(new IBZDepartment())));
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzdepartment_id,'Remove',{'Sql',this.ibzdepartmentMapping,this.permissionDTO})")
     @ApiOperation(value = "Remove", tags = {"IBZDepartment" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}")
@@ -135,6 +119,7 @@ public class IBZDepartmentResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZDepartment" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -142,9 +127,6 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzdepartment_id,'Update',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
     @ApiOperation(value = "Update", tags = {"IBZDepartment" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}")
@@ -157,6 +139,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZDepartment" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -164,7 +147,7 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
 	@ApiOperation(value = "fetchCurDept", tags = {"IBZDepartment" } ,notes = "fetchCurDept")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/fetchcurdept")
 	public ResponseEntity<List<IBZDepartmentDTO>> fetchCurDept(IBZDepartmentSearchContext context) {
@@ -177,7 +160,7 @@ public class IBZDepartmentResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
 	@ApiOperation(value = "searchCurDept", tags = {"IBZDepartment" } ,notes = "searchCurDept")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdepartments/searchcurdept")
 	public ResponseEntity<Page<IBZDepartmentDTO>> searchCurDept(@RequestBody IBZDepartmentSearchContext context) {
@@ -185,8 +168,7 @@ public class IBZDepartmentResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZDepartment" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/fetchdefault")
 	public ResponseEntity<List<IBZDepartmentDTO>> fetchDefault(IBZDepartmentSearchContext context) {
@@ -199,7 +181,7 @@ public class IBZDepartmentResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZDepartment" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdepartments/searchdefault")
 	public ResponseEntity<Page<IBZDepartmentDTO>> searchDefault(@RequestBody IBZDepartmentSearchContext context) {
@@ -207,9 +189,6 @@ public class IBZDepartmentResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
     //@PreAuthorize("hasPermission('','Create',{'Sql',this.ibzdepartmentMapping,#ibzdepartmentdto})")
     @ApiOperation(value = "CreateByIBZOrganization", tags = {"IBZDepartment" },  notes = "CreateByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments")
@@ -222,6 +201,7 @@ public class IBZDepartmentResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "createBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -242,7 +222,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Save-all')")
     @ApiOperation(value = "SaveByIBZOrganization", tags = {"IBZDepartment" },  notes = "SaveByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/save")
     public ResponseEntity<Boolean> saveByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZDepartmentDTO ibzdepartmentdto) {
@@ -251,6 +231,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "SaveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -262,14 +243,14 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZOrganization", tags = {"IBZDepartment" },  notes = "CheckKeyByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZDepartmentDTO ibzdepartmentdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.checkKey(ibzdepartmentMapping.toDomain(ibzdepartmentdto)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZOrganization", tags = {"IBZDepartment" },  notes = "GetDraftByIBZOrganization")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/getdraft")
     public ResponseEntity<IBZDepartmentDTO> getDraftByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id) {
@@ -286,6 +267,7 @@ public class IBZDepartmentResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdepartmentService.remove(ibzdepartment_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "RemoveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganization(@RequestBody List<String> ids) {
@@ -306,6 +288,7 @@ public class IBZDepartmentResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZOrganization", tags = {"IBZDepartment" },  notes = "UpdateBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
@@ -317,7 +300,7 @@ public class IBZDepartmentResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
 	@ApiOperation(value = "fetchCurDeptByIBZOrganization", tags = {"IBZDepartment" } ,notes = "fetchCurDeptByIBZOrganization")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/fetchcurdept")
 	public ResponseEntity<List<IBZDepartmentDTO>> fetchIBZDepartmentCurDeptByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id,IBZDepartmentSearchContext context) {
@@ -331,7 +314,7 @@ public class IBZDepartmentResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-CurDept-all')")
 	@ApiOperation(value = "searchCurDeptByIBZOrganization", tags = {"IBZDepartment" } ,notes = "searchCurDeptByIBZOrganization")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/searchcurdept")
 	public ResponseEntity<Page<IBZDepartmentDTO>> searchIBZDepartmentCurDeptByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZDepartmentSearchContext context) {
@@ -340,8 +323,7 @@ public class IBZDepartmentResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZOrganization", tags = {"IBZDepartment" } ,notes = "fetchDEFAULTByIBZOrganization")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/fetchdefault")
 	public ResponseEntity<List<IBZDepartmentDTO>> fetchIBZDepartmentDefaultByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id,IBZDepartmentSearchContext context) {
@@ -355,7 +337,7 @@ public class IBZDepartmentResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDepartment-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZOrganization", tags = {"IBZDepartment" } ,notes = "searchDEFAULTByIBZOrganization")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/searchdefault")
 	public ResponseEntity<Page<IBZDepartmentDTO>> searchIBZDepartmentDefaultByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZDepartmentSearchContext context) {
@@ -364,8 +346,4 @@ public class IBZDepartmentResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdepartmentMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
 }
-
-

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDeptMemberResource.java

@@ -54,10 +54,7 @@ public class IBZDeptMemberResource {
 
     public IBZDeptMemberDTO permissionDTO=new IBZDeptMemberDTO();
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "Update", tags = {"IBZDeptMember" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -69,6 +66,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZDeptMember" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -76,10 +74,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "Create", tags = {"IBZDeptMember" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers")
     @Transactional
@@ -90,6 +85,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatch", tags = {"IBZDeptMember" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -97,16 +93,14 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "Save", tags = {"IBZDeptMember" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/save")
     public ResponseEntity<Boolean> save(@RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatch", tags = {"IBZDeptMember" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -114,20 +108,14 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
     @ApiOperation(value = "GetDraft", tags = {"IBZDeptMember" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzdeptmembers/getdraft")
     public ResponseEntity<IBZDeptMemberDTO> getDraft() {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberMapping.toDto(ibzdeptmemberService.getDraft(new IBZDeptMember())));
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
     @ApiOperation(value = "Get", tags = {"IBZDeptMember" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzdeptmembers/{ibzdeptmember_id}")
     public ResponseEntity<IBZDeptMemberDTO> get(@PathVariable("ibzdeptmember_id") String ibzdeptmember_id) {
@@ -136,10 +124,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "Remove", tags = {"IBZDeptMember" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -147,6 +132,7 @@ public class IBZDeptMemberResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZDeptMember" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -154,17 +140,14 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
     @ApiOperation(value = "CheckKey", tags = {"IBZDeptMember" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdeptmembers/checkkey")
     public ResponseEntity<Boolean> checkKey(@RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.checkKey(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZDeptMember" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdeptmembers/fetchdefault")
 	public ResponseEntity<List<IBZDeptMemberDTO>> fetchDefault(IBZDeptMemberSearchContext context) {
@@ -177,7 +160,7 @@ public class IBZDeptMemberResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZDeptMember" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdeptmembers/searchdefault")
 	public ResponseEntity<Page<IBZDeptMemberDTO>> searchDefault(@RequestBody IBZDeptMemberSearchContext context) {
@@ -185,10 +168,7 @@ public class IBZDeptMemberResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdeptmemberMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateByIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateByIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -201,6 +181,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -212,7 +193,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "CreateByIBZEmployee", tags = {"IBZDeptMember" },  notes = "CreateByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers")
     @Transactional
@@ -224,6 +205,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -235,7 +217,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveByIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/save")
     public ResponseEntity<Boolean> saveByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
@@ -244,6 +226,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -255,7 +238,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetDraftByIBZEmployee")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/getdraft")
     public ResponseEntity<IBZDeptMemberDTO> getDraftByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id) {
@@ -264,7 +247,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberMapping.toDto(ibzdeptmemberService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
     @ApiOperation(value = "GetByIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetByIBZEmployee")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     public ResponseEntity<IBZDeptMemberDTO> getByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @PathVariable("ibzdeptmember_id") String ibzdeptmember_id) {
@@ -273,7 +256,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveByIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveByIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -281,6 +264,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZEmployee(@RequestBody List<String> ids) {
@@ -288,14 +272,14 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZEmployee", tags = {"IBZDeptMember" },  notes = "CheckKeyByIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/ibzdeptmembers/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.checkKey(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZEmployee", tags = {"IBZDeptMember" } ,notes = "fetchDEFAULTByIBZEmployee")
     @RequestMapping(method= RequestMethod.GET , value="/ibzemployees/{ibzemployee_id}/ibzdeptmembers/fetchdefault")
 	public ResponseEntity<List<IBZDeptMemberDTO>> fetchIBZDeptMemberDefaultByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id,IBZDeptMemberSearchContext context) {
@@ -309,7 +293,7 @@ public class IBZDeptMemberResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZEmployee", tags = {"IBZDeptMember" } ,notes = "searchDEFAULTByIBZEmployee")
     @RequestMapping(method= RequestMethod.POST , value="/ibzemployees/{ibzemployee_id}/ibzdeptmembers/searchdefault")
 	public ResponseEntity<Page<IBZDeptMemberDTO>> searchIBZDeptMemberDefaultByIBZEmployee(@PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberSearchContext context) {
@@ -318,11 +302,7 @@ public class IBZDeptMemberResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdeptmemberMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -335,6 +315,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -346,7 +327,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "CreateByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "CreateByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers")
     @Transactional
@@ -358,6 +339,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -369,7 +351,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/save")
     public ResponseEntity<Boolean> saveByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
@@ -378,6 +360,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -389,7 +372,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetDraftByIBZDepartmentIBZEmployee")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/getdraft")
     public ResponseEntity<IBZDeptMemberDTO> getDraftByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id) {
@@ -398,7 +381,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberMapping.toDto(ibzdeptmemberService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
     @ApiOperation(value = "GetByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     public ResponseEntity<IBZDeptMemberDTO> getByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @PathVariable("ibzdeptmember_id") String ibzdeptmember_id) {
@@ -407,7 +390,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -415,6 +398,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZDepartmentIBZEmployee(@RequestBody List<String> ids) {
@@ -422,14 +406,14 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "CheckKeyByIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.checkKey(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" } ,notes = "fetchDEFAULTByIBZDepartmentIBZEmployee")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/fetchdefault")
 	public ResponseEntity<List<IBZDeptMemberDTO>> fetchIBZDeptMemberDefaultByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id,IBZDeptMemberSearchContext context) {
@@ -443,7 +427,7 @@ public class IBZDeptMemberResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" } ,notes = "searchDEFAULTByIBZDepartmentIBZEmployee")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/searchdefault")
 	public ResponseEntity<Page<IBZDeptMemberDTO>> searchIBZDeptMemberDefaultByIBZDepartmentIBZEmployee(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberSearchContext context) {
@@ -452,11 +436,7 @@ public class IBZDeptMemberResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdeptmemberMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -469,6 +449,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -480,7 +461,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "CreateByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "CreateByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers")
     @Transactional
@@ -492,6 +473,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -503,7 +485,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/save")
     public ResponseEntity<Boolean> saveByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
@@ -512,6 +494,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -523,7 +506,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetDraftByIBZOrganizationIBZEmployee")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/getdraft")
     public ResponseEntity<IBZDeptMemberDTO> getDraftByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id) {
@@ -532,7 +515,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberMapping.toDto(ibzdeptmemberService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
     @ApiOperation(value = "GetByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     public ResponseEntity<IBZDeptMemberDTO> getByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @PathVariable("ibzdeptmember_id") String ibzdeptmember_id) {
@@ -541,7 +524,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -549,6 +532,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZEmployee(@RequestBody List<String> ids) {
@@ -556,14 +540,14 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" },  notes = "CheckKeyByIBZOrganizationIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.checkKey(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" } ,notes = "fetchDEFAULTByIBZOrganizationIBZEmployee")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/fetchdefault")
 	public ResponseEntity<List<IBZDeptMemberDTO>> fetchIBZDeptMemberDefaultByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id,IBZDeptMemberSearchContext context) {
@@ -577,7 +561,7 @@ public class IBZDeptMemberResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZOrganizationIBZEmployee", tags = {"IBZDeptMember" } ,notes = "searchDEFAULTByIBZOrganizationIBZEmployee")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/searchdefault")
 	public ResponseEntity<Page<IBZDeptMemberDTO>> searchIBZDeptMemberDefaultByIBZOrganizationIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberSearchContext context) {
@@ -586,12 +570,7 @@ public class IBZDeptMemberResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdeptmemberMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Update-all')")
     @ApiOperation(value = "UpdateByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -604,6 +583,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "UpdateBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -615,7 +595,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Create-all')")
     @ApiOperation(value = "CreateByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "CreateByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers")
     @Transactional
@@ -627,6 +607,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "createBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -638,7 +619,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Save-all')")
     @ApiOperation(value = "SaveByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/save")
     public ResponseEntity<Boolean> saveByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
@@ -647,6 +628,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "SaveBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody List<IBZDeptMemberDTO> ibzdeptmemberdtos) {
@@ -658,7 +640,7 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetDraftByIBZOrganizationIBZDepartmentIBZEmployee")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/getdraft")
     public ResponseEntity<IBZDeptMemberDTO> getDraftByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id) {
@@ -667,7 +649,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberMapping.toDto(ibzdeptmemberService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Get-all')")
     @ApiOperation(value = "GetByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "GetByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     public ResponseEntity<IBZDeptMemberDTO> getByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @PathVariable("ibzdeptmember_id") String ibzdeptmember_id) {
@@ -676,7 +658,7 @@ public class IBZDeptMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Remove-all')")
     @ApiOperation(value = "RemoveByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/{ibzdeptmember_id}")
     @Transactional
@@ -684,6 +666,7 @@ public class IBZDeptMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.remove(ibzdeptmember_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "RemoveBatchByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZDepartmentIBZEmployee(@RequestBody List<String> ids) {
@@ -691,14 +674,14 @@ public class IBZDeptMemberResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" },  notes = "CheckKeyByIBZOrganizationIBZDepartmentIBZEmployee")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberDTO ibzdeptmemberdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzdeptmemberService.checkKey(ibzdeptmemberMapping.toDomain(ibzdeptmemberdto)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" } ,notes = "fetchDEFAULTByIBZOrganizationIBZDepartmentIBZEmployee")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/fetchdefault")
 	public ResponseEntity<List<IBZDeptMemberDTO>> fetchIBZDeptMemberDefaultByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id,IBZDeptMemberSearchContext context) {
@@ -712,7 +695,7 @@ public class IBZDeptMemberResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZDeptMember-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZOrganizationIBZDepartmentIBZEmployee", tags = {"IBZDeptMember" } ,notes = "searchDEFAULTByIBZOrganizationIBZDepartmentIBZEmployee")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}/ibzdeptmembers/searchdefault")
 	public ResponseEntity<Page<IBZDeptMemberDTO>> searchIBZDeptMemberDefaultByIBZOrganizationIBZDepartmentIBZEmployee(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @PathVariable("ibzemployee_id") String ibzemployee_id, @RequestBody IBZDeptMemberSearchContext context) {
@@ -721,8 +704,4 @@ public class IBZDeptMemberResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzdeptmemberMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
 }
-
-

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZEmployeeResource.java

@@ -54,9 +54,6 @@ public class IBZEmployeeResource {
 
     public IBZEmployeeDTO permissionDTO=new IBZEmployeeDTO();
 
-
-
-
     @PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
     @ApiOperation(value = "Remove", tags = {"IBZEmployee" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/{ibzemployee_id}")
@@ -65,6 +62,7 @@ public class IBZEmployeeResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZEmployee" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -72,10 +70,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
     @ApiOperation(value = "初始化密码", tags = {"IBZEmployee" },  notes = "初始化密码")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/{ibzemployee_id}/initpwd")
     @Transactional
@@ -86,9 +81,6 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeedto);
     }
 
-
-
-
     @PreAuthorize("hasPermission('','Create',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
     @ApiOperation(value = "Create", tags = {"IBZEmployee" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees")
@@ -100,6 +92,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatch", tags = {"IBZEmployee" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -107,19 +100,13 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
     @ApiOperation(value = "CheckKey", tags = {"IBZEmployee" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/checkkey")
     public ResponseEntity<Boolean> checkKey(@RequestBody IBZEmployeeDTO ibzemployeedto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.checkKey(ibzemployeeMapping.toDomain(ibzemployeedto)));
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzemployee_id,'Update',{'Sql',this.ibzemployeeMapping,#ibzemployeedto})")
     @ApiOperation(value = "Update", tags = {"IBZEmployee" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/{ibzemployee_id}")
@@ -132,6 +119,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZEmployee" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -139,16 +127,14 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
     @ApiOperation(value = "Save", tags = {"IBZEmployee" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/save")
     public ResponseEntity<Boolean> save(@RequestBody IBZEmployeeDTO ibzemployeedto) {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(ibzemployeeMapping.toDomain(ibzemployeedto)));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatch", tags = {"IBZEmployee" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -156,9 +142,6 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzemployee_id,'Get',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
     @ApiOperation(value = "Get", tags = {"IBZEmployee" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzemployees/{ibzemployee_id}")
@@ -168,17 +151,14 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
     @ApiOperation(value = "GetDraft", tags = {"IBZEmployee" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzemployees/getdraft")
     public ResponseEntity<IBZEmployeeDTO> getDraft() {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeMapping.toDto(ibzemployeeService.getDraft(new IBZEmployee())));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZEmployee" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzemployees/fetchdefault")
 	public ResponseEntity<List<IBZEmployeeDTO>> fetchDefault(IBZEmployeeSearchContext context) {
@@ -191,7 +171,7 @@ public class IBZEmployeeResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZEmployee" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzemployees/searchdefault")
 	public ResponseEntity<Page<IBZEmployeeDTO>> searchDefault(@RequestBody IBZEmployeeSearchContext context) {
@@ -199,9 +179,6 @@ public class IBZEmployeeResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
     //@PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
     @ApiOperation(value = "RemoveByIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveByIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
@@ -210,6 +187,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZDepartment(@RequestBody List<String> ids) {
@@ -217,7 +195,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
     @ApiOperation(value = "初始化密码ByIBZDepartment", tags = {"IBZEmployee" },  notes = "初始化密码ByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployeeuserid}/initpwd")
     @Transactional
@@ -241,6 +219,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "createBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatchByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -252,7 +231,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZDepartment", tags = {"IBZEmployee" },  notes = "CheckKeyByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -272,6 +251,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -283,7 +263,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
     @ApiOperation(value = "SaveByIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/save")
     public ResponseEntity<Boolean> saveByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -292,6 +272,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveBatchByIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -312,7 +293,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZDepartment", tags = {"IBZEmployee" },  notes = "GetDraftByIBZDepartment")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzdepartments/{ibzdepartment_id}/ibzemployees/getdraft")
     public ResponseEntity<IBZEmployeeDTO> getDraftByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id) {
@@ -321,7 +302,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeMapping.toDto(ibzemployeeService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZDepartment", tags = {"IBZEmployee" } ,notes = "fetchDEFAULTByIBZDepartment")
     @RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/{ibzdepartment_id}/ibzemployees/fetchdefault")
 	public ResponseEntity<List<IBZEmployeeDTO>> fetchIBZEmployeeDefaultByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id,IBZEmployeeSearchContext context) {
@@ -335,7 +316,7 @@ public class IBZEmployeeResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZDepartment", tags = {"IBZEmployee" } ,notes = "searchDEFAULTByIBZDepartment")
     @RequestMapping(method= RequestMethod.POST , value="/ibzdepartments/{ibzdepartment_id}/ibzemployees/searchdefault")
 	public ResponseEntity<Page<IBZEmployeeDTO>> searchIBZEmployeeDefaultByIBZDepartment(@PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeSearchContext context) {
@@ -344,9 +325,6 @@ public class IBZEmployeeResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
     //@PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
     @ApiOperation(value = "RemoveByIBZOrganization", tags = {"IBZEmployee" },  notes = "RemoveByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployee_id}")
@@ -355,6 +333,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganization(@RequestBody List<String> ids) {
@@ -362,7 +341,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
     @ApiOperation(value = "初始化密码ByIBZOrganization", tags = {"IBZEmployee" },  notes = "初始化密码ByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/{ibzemployeeuserid}/initpwd")
     @Transactional
@@ -386,6 +365,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "createBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -397,7 +377,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZOrganization", tags = {"IBZEmployee" },  notes = "CheckKeyByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -417,6 +397,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -428,7 +409,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
     @ApiOperation(value = "SaveByIBZOrganization", tags = {"IBZEmployee" },  notes = "SaveByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/save")
     public ResponseEntity<Boolean> saveByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -437,6 +418,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZOrganization", tags = {"IBZEmployee" },  notes = "SaveBatchByIBZOrganization")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -457,7 +439,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZOrganization", tags = {"IBZEmployee" },  notes = "GetDraftByIBZOrganization")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzemployees/getdraft")
     public ResponseEntity<IBZEmployeeDTO> getDraftByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id) {
@@ -466,7 +448,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeMapping.toDto(ibzemployeeService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZOrganization", tags = {"IBZEmployee" } ,notes = "fetchDEFAULTByIBZOrganization")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/{ibzorganization_id}/ibzemployees/fetchdefault")
 	public ResponseEntity<List<IBZEmployeeDTO>> fetchIBZEmployeeDefaultByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id,IBZEmployeeSearchContext context) {
@@ -480,7 +462,7 @@ public class IBZEmployeeResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZOrganization", tags = {"IBZEmployee" } ,notes = "searchDEFAULTByIBZOrganization")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/{ibzorganization_id}/ibzemployees/searchdefault")
 	public ResponseEntity<Page<IBZEmployeeDTO>> searchIBZEmployeeDefaultByIBZOrganization(@PathVariable("ibzorganization_id") String ibzorganization_id, @RequestBody IBZEmployeeSearchContext context) {
@@ -489,10 +471,6 @@ public class IBZEmployeeResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
-
-
     //@PreAuthorize("hasPermission(#ibzemployee_id,'Remove',{'Sql',this.ibzemployeeMapping,this.permissionDTO})")
     @ApiOperation(value = "RemoveByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployee_id}")
@@ -501,6 +479,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.remove(ibzemployee_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "RemoveBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> removeBatchByIBZOrganizationIBZDepartment(@RequestBody List<String> ids) {
@@ -508,7 +487,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-InitPwd-all')")
     @ApiOperation(value = "初始化密码ByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "初始化密码ByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/{ibzemployeeuserid}/initpwd")
     @Transactional
@@ -532,6 +511,7 @@ public class IBZEmployeeResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "createBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> createBatchByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -543,7 +523,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-CheckKey-all')")
     @ApiOperation(value = "CheckKeyByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "CheckKeyByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/checkkey")
     public ResponseEntity<Boolean> checkKeyByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -563,6 +543,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "UpdateBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/batch")
     public ResponseEntity<Boolean> updateBatchByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -574,7 +555,7 @@ public class IBZEmployeeResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Save-all')")
     @ApiOperation(value = "SaveByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/save")
     public ResponseEntity<Boolean> saveByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeDTO ibzemployeedto) {
@@ -583,6 +564,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeService.save(domain));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatchByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "SaveBatchByIBZOrganizationIBZDepartment")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/savebatch")
     public ResponseEntity<Boolean> saveBatchByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
@@ -603,7 +585,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-GetDraft-all')")
     @ApiOperation(value = "GetDraftByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" },  notes = "GetDraftByIBZOrganizationIBZDepartment")
     @RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/getdraft")
     public ResponseEntity<IBZEmployeeDTO> getDraftByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id) {
@@ -612,7 +594,7 @@ public class IBZEmployeeResource {
         return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeMapping.toDto(ibzemployeeService.getDraft(domain)));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "fetchDEFAULTByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" } ,notes = "fetchDEFAULTByIBZOrganizationIBZDepartment")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/fetchdefault")
 	public ResponseEntity<List<IBZEmployeeDTO>> fetchIBZEmployeeDefaultByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id,IBZEmployeeSearchContext context) {
@@ -626,7 +608,7 @@ public class IBZEmployeeResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZEmployee-Default-all')")
 	@ApiOperation(value = "searchDEFAULTByIBZOrganizationIBZDepartment", tags = {"IBZEmployee" } ,notes = "searchDEFAULTByIBZOrganizationIBZDepartment")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/{ibzorganization_id}/ibzdepartments/{ibzdepartment_id}/ibzemployees/searchdefault")
 	public ResponseEntity<Page<IBZEmployeeDTO>> searchIBZEmployeeDefaultByIBZOrganizationIBZDepartment(@PathVariable("ibzorganization_id") String ibzorganization_id, @PathVariable("ibzdepartment_id") String ibzdepartment_id, @RequestBody IBZEmployeeSearchContext context) {
@@ -635,8 +617,4 @@ public class IBZEmployeeResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzemployeeMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
 }
-
-

ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZOrganizationResource.java

@@ -54,19 +54,13 @@ public class IBZOrganizationResource {
 
     public IBZOrganizationDTO permissionDTO=new IBZOrganizationDTO();
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-CheckKey-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-CheckKey-all')")
     @ApiOperation(value = "CheckKey", tags = {"IBZOrganization" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/checkkey")
     public ResponseEntity<Boolean> checkKey(@RequestBody IBZOrganizationDTO ibzorganizationdto) {
         return  ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.checkKey(ibzorganizationMapping.toDomain(ibzorganizationdto)));
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzorganization_id,'Update',{'Sql',this.ibzorganizationMapping,#ibzorganizationdto})")
     @ApiOperation(value = "Update", tags = {"IBZOrganization" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}")
@@ -79,6 +73,7 @@ public class IBZOrganizationResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Update',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "UpdateBatch", tags = {"IBZOrganization" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
@@ -86,9 +81,6 @@ public class IBZOrganizationResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
     @PreAuthorize("hasPermission('','Create',{'Sql',this.ibzorganizationMapping,#ibzorganizationdto})")
     @ApiOperation(value = "Create", tags = {"IBZOrganization" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations")
@@ -100,6 +92,7 @@ public class IBZOrganizationResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
+    @PreAuthorize("hasPermission('Create',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "createBatch", tags = {"IBZOrganization" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
@@ -107,16 +100,14 @@ public class IBZOrganizationResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Save-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Save-all')")
     @ApiOperation(value = "Save", tags = {"IBZOrganization" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/save")
     public ResponseEntity<Boolean> save(@RequestBody IBZOrganizationDTO ibzorganizationdto) {
         return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.save(ibzorganizationMapping.toDomain(ibzorganizationdto)));
     }
 
+    @PreAuthorize("hasPermission('Save',{'Sql',this.humanMapping,#humandtos})")
     @ApiOperation(value = "SaveBatch", tags = {"IBZOrganization" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/savebatch")
     public ResponseEntity<Boolean> saveBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
@@ -124,9 +115,6 @@ public class IBZOrganizationResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzorganization_id,'Remove',{'Sql',this.ibzorganizationMapping,this.permissionDTO})")
     @ApiOperation(value = "Remove", tags = {"IBZOrganization" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}")
@@ -135,6 +123,7 @@ public class IBZOrganizationResource {
          return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationService.remove(ibzorganization_id));
     }
 
+    @PreAuthorize("hasPermission('Remove',{'Sql',this.humanMapping,this.permissionDTO,#ids})")
     @ApiOperation(value = "RemoveBatch", tags = {"IBZOrganization" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/batch")
     public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -142,9 +131,6 @@ public class IBZOrganizationResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-
-
-
     @PreAuthorize("hasPermission(#ibzorganization_id,'Get',{'Sql',this.ibzorganizationMapping,this.permissionDTO})")
     @ApiOperation(value = "Get", tags = {"IBZOrganization" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}")
@@ -154,17 +140,14 @@ public class IBZOrganizationResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-
-
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-GetDraft-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-GetDraft-all')")
     @ApiOperation(value = "GetDraft", tags = {"IBZOrganization" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/getdraft")
     public ResponseEntity<IBZOrganizationDTO> getDraft() {
         return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationMapping.toDto(ibzorganizationService.getDraft(new IBZOrganization())));
     }
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectSOrg-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectSOrg-all')")
 	@ApiOperation(value = "fetch查询下级单位", tags = {"IBZOrganization" } ,notes = "fetch查询下级单位")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchselectsorg")
 	public ResponseEntity<List<IBZOrganizationDTO>> fetchSelectSOrg(IBZOrganizationSearchContext context) {
@@ -177,7 +160,7 @@ public class IBZOrganizationResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectSOrg-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectSOrg-all')")
 	@ApiOperation(value = "search查询下级单位", tags = {"IBZOrganization" } ,notes = "search查询下级单位")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/searchselectsorg")
 	public ResponseEntity<Page<IBZOrganizationDTO>> searchSelectSOrg(@RequestBody IBZOrganizationSearchContext context) {
@@ -185,8 +168,7 @@ public class IBZOrganizationResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectPOrg-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectPOrg-all')")
 	@ApiOperation(value = "fetch查询上级单位", tags = {"IBZOrganization" } ,notes = "fetch查询上级单位")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchselectporg")
 	public ResponseEntity<List<IBZOrganizationDTO>> fetchSelectPOrg(IBZOrganizationSearchContext context) {
@@ -199,7 +181,7 @@ public class IBZOrganizationResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectPOrg-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-SelectPOrg-all')")
 	@ApiOperation(value = "search查询上级单位", tags = {"IBZOrganization" } ,notes = "search查询上级单位")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/searchselectporg")
 	public ResponseEntity<Page<IBZOrganizationDTO>> searchSelectPOrg(@RequestBody IBZOrganizationSearchContext context) {
@@ -207,8 +189,7 @@ public class IBZOrganizationResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"IBZOrganization" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchdefault")
 	public ResponseEntity<List<IBZOrganizationDTO>> fetchDefault(IBZOrganizationSearchContext context) {
@@ -221,7 +202,7 @@ public class IBZOrganizationResource {
                 .body(list);
 	}
 
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Default-all')")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzou-IBZOrganization-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"IBZOrganization" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.POST , value="/ibzorganizations/searchdefault")
 	public ResponseEntity<Page<IBZOrganizationDTO>> searchDefault(@RequestBody IBZOrganizationSearchContext context) {
@@ -229,8 +210,4 @@ public class IBZOrganizationResource {
 	    return ResponseEntity.status(HttpStatus.OK)
                 .body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
-
-
 }
-
-

ibzou-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java

@@ -10,8 +10,6 @@ import cn.ibizlab.util.domain.DTOBase;
 import cn.ibizlab.util.domain.EntityBase;
 import cn.ibizlab.util.domain.MappingBase;
 import cn.ibizlab.util.enums.DEPredefinedFieldType;
-import cn.ibizlab.util.filter.QueryBuildContext;
-import cn.ibizlab.util.filter.QueryWrapperContext;
 import cn.ibizlab.util.helper.DEFieldCacheMap;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Lazy;
@@ -50,24 +48,83 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     @Lazy
     private MongoTemplate mongoTemplate;
 
-
+    /**
+     * 批处理权限检查[createBatch:updateBatch:removeBatch]
+     * @param authentication
+     * @param DEAction
+     * @param params
+     * @return
+     */
     @Override
-    public boolean hasPermission(Authentication authentication, Object deAction, Object gridParam) {
+    public boolean hasPermission(Authentication authentication, Object DEAction, Object params) {
+
+        //未开启权限校验、超级管理员则不进行权限检查
+        if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1  || !enablePermissionValid)
             return true;
-    }
+        List paramList = (ArrayList) params;
+        String deStorageMode= (String) paramList.get(0);
+        String action=String.valueOf(DEAction);
+        List<String> ids=null;
+        EntityBase entity;
+        List<EntityBase> entityList = null;
+        JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermissionList();
+        if(userPermission==null)
+            return false;
+        MappingBase mappingBase= (MappingBase) paramList.get(1);
+        //参数准备
+        if(action.equalsIgnoreCase("remove")){
+            entity= (EntityBase) mappingBase.toDomain(paramList.get(2));
+            ids= (List<String>) paramList.get(3);
+        }
+        else{
+            List<DTOBase> dtoList = (List<DTOBase>) paramList.get(2);
+            if(dtoList.size()==0)
+                return false;
+            entityList =mappingBase.toDomain(dtoList);
+            entity = (EntityBase) mappingBase.toDomain(dtoList.get(0));
+        }
+        if (entity==null)
+            return false;
+
+        JSONObject permissionList=userPermission.getJSONObject("entities");
+        String entityName = entity.getClass().getSimpleName();
 
+        //拥有全部数据访问权限时，则跳过权限检查
+        if(isAllData(entityName,action,permissionList)){
+            return true;
+        }
+        //检查是否有操作权限[create.update.delete.read]
+        if(!validDEActionHasPermission(entityName,action,permissionList)){
+            return false;
+        }
+        JSONArray dataRangeList=getDataRange(entityName,action,permissionList);
+        if(dataRangeList.size()==0)
+            return false;
+
+        if(action.equalsIgnoreCase("create")){
+            return createBatchActionPermissionValid(entityList,dataRangeList);
+        }
+        else{
+            if(!action.equalsIgnoreCase("remove")){
+                ids=getIds(entity,entityList);
+            }
+            if(ids.size()==0)
+                return false;
+            return otherBatchActionPermissionValidRouter(deStorageMode, entity ,ids, dataRangeList);
+        }
+    }
 
     /**
      * 实体行为权限检查 ：用于检查当前用户是否拥有实体的新建、编辑、删除权限
      *
      * @param authentication
-     * @param srfKey         当前操作数据的主键
+     * @param id         当前操作数据的主键
      * @param action         当前操作行为：如：[READ、UPDATE、DELETE]
      * @param params         相关参数
      * @return true/false true则允许当前行为，false拒绝行为
      */
     @Override
-    public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object params) {
+    public boolean hasPermission(Authentication authentication, Serializable id, String action, Object params) {
 
         //未开启权限校验、超级管理员则不进行权限检查
         if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1  || !enablePermissionValid)
@@ -83,22 +140,118 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             return false;
 
         JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermissionList();
+        if(userPermission==null)
+            return false;
         JSONObject permissionList=userPermission.getJSONObject("entities");
         String entityName = entity.getClass().getSimpleName();
 
         //拥有全部数据访问权限时，则跳过权限检查
-        if(isAllData(permissionList,entityName,action)){
+        if(isAllData(entityName,action,permissionList)){
             return true;
         }
         //检查是否有操作权限[create.update.delete.read]
-        if(!validDEActionHasPermission(permissionList,entityName,action)){
+        if(!validDEActionHasPermission(entityName,action,permissionList)){
             return false;
         }
+        JSONArray dataRangeList=getDataRange(entityName,action,permissionList);
+        if(dataRangeList.size()==0)
+            return false;
+
         if(action.equalsIgnoreCase("create")){
-            return createActionPermissionValid(permissionList,entity, action);
+            return createActionPermissionValid(entity,dataRangeList);
         }
         else{
-            return otherActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
+            return otherActionPermissionValidRouter(deStorageMode, entity, id, dataRangeList);
+        }
+    }
+
+    /**
+     * 批处理新建权限校验
+     * @param entityList
+     * @param dataRangeList
+     * @return
+     */
+    private boolean createBatchActionPermissionValid(List<EntityBase> entityList,JSONArray dataRangeList){
+        for(EntityBase entity : entityList){
+            boolean isCreate = createActionPermissionValid(entity ,dataRangeList);
+            if(!isCreate){
+                return false;
+            }
+        }
+        return true;
+    }
+
+    /**
+     * 批处理行为权限校验[get:update:delete]
+     * @param deStorageMode
+     * @param entity
+     * @param ids
+     * @param dataRangeList
+     * @return
+     */
+    private boolean otherBatchActionPermissionValidRouter(String deStorageMode , EntityBase entity , List<String> ids , JSONArray dataRangeList){
+
+        if(deStorageMode.equalsIgnoreCase("sql")){
+            return sqlBatchPermissionValid(entity ,ids, dataRangeList);
+        }
+        else if(deStorageMode.equalsIgnoreCase("nosql")){
+            return noSqlBatchPermissionValid(entity, ids , dataRangeList);
+        }
+        else if(deStorageMode.equalsIgnoreCase("serviceapi")){
+            return true;
+        }
+        else {
+            throw new RuntimeException(String.format("未能识别实体对应存储模式[%s]",deStorageMode));
+        }
+    }
+
+    /**
+     * SQL批处理权限校验
+     * @param entity
+     * @param ids
+     * @param dataRangeList
+     * @return
+     */
+    private boolean sqlBatchPermissionValid(EntityBase entity , List<String> ids,  JSONArray dataRangeList){
+
+        Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
+        String keyFieldName=permissionField.get(keyFieldTag);
+        ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entity.getClass().getSimpleName(),"ServiceImpl"));//获取实体service对象
+        //通过权限表达式来获取sql
+        String permissionSQL= String.format(" (%s) AND ( %s in (%s) ) ",getPermissionSQL(entity,dataRangeList),keyFieldName,getEntityKeyCond(ids)); //拼接权限条件-编辑
+        //执行sql进行权限检查
+        QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
+        List list=service.list(permissionWrapper);
+        if(list.size() == ids.size()){
+            return true;
+        }else{
+            return false;
+        }
+    }
+
+    /**
+     * NoSQL批处理权限校验
+     * @param entity
+     * @param ids
+     * @param dataRange
+     * @return
+     */
+    private boolean noSqlBatchPermissionValid(EntityBase entity, List<String> ids,  JSONArray dataRange) {
+
+        Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
+        String keyFieldName=permissionField.get(keyFieldTag);
+        //根据权限表达式填充权限条件
+        QueryBuilder permissionCond=getNoSqlPermissionCond(entity,dataRange);
+        //权限条件拼接主键
+        permissionCond.and(keyFieldName).in(ids);
+        //执行权限检查
+        Query query = new BasicQuery(permissionCond.get().toString());
+        List list=mongoTemplate.find(query,entity.getClass());
+        if(list.size()==ids.size()){
+            return true;
+        }
+        else{
+            return false;
         }
     }
 
@@ -109,7 +262,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * @param action
      * @return
      */
-    private boolean isAllData(JSONObject permissionList, String entityName, String action) {
+    private boolean isAllData( String entityName, String action ,JSONObject permissionList) {
 
         if(permissionList==null)
             return false;
@@ -133,7 +286,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
      * @return
      */
-    private boolean validDEActionHasPermission(JSONObject userPermission,String entityName , String action ){
+    private boolean validDEActionHasPermission(String entityName , String action ,JSONObject userPermission){
 
         boolean hasPermission=false;
         if(userPermission==null)
@@ -152,28 +305,14 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     /**
      * 新建行为校验
-     * @param permissionList
      * @param entity
-     * @param action
+     * @param dataRangeList
      * @return
      */
-    private boolean createActionPermissionValid(JSONObject permissionList,EntityBase entity, String action){
-
-        Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
-        String keyField=permissionField.get(keyFieldTag);
-        if(StringUtils.isEmpty(keyField)){
-            throw new RuntimeException("权限校验失败，请检查当前实体中是否已经配置主键属性!");
-        }
-
-        //获取权限表达式[全部数据、本单位、本部门等]
-        JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
-        JSONObject permissionType= entityObj.getJSONObject(DEActionType);
-        JSONArray dataRangeList=permissionType.getJSONArray(action);//行为：read；insert...
-        if(dataRangeList.size()==0)
-            return false;
+    private boolean createActionPermissionValid(EntityBase entity, JSONArray dataRangeList){
 
         boolean isCreate=true;
-
+        Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String orgField=permissionField.get("orgfield");
         String orgDeptField=permissionField.get("orgsecfield");
         String createManField=permissionField.get("createmanfield");
@@ -230,18 +369,17 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * 根据实体存储模式，进行鉴权
      * @param deStorageMode
      * @param entity
-     * @param action
-     * @param srfKey
-     * @param permissionList
+     * @param id
+     * @param dataRangeList
      * @return
      */
-    private boolean otherActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
+    private boolean otherActionPermissionValidRouter(String deStorageMode, EntityBase entity , Object id , JSONArray dataRangeList){
 
         if(deStorageMode.equalsIgnoreCase("sql")){
-            return sqlPermissionValid(entity , action , srfKey, permissionList);
+            return sqlPermissionValid(entity , id, dataRangeList);
         }
         else if(deStorageMode.equalsIgnoreCase("nosql")){
-            return noSqlPermissionValid(entity , action , srfKey, permissionList);
+            return noSqlPermissionValid(entity , id, dataRangeList);
         }
         else if(deStorageMode.equalsIgnoreCase("serviceapi")){
             return true;
@@ -254,32 +392,16 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     /**
      * sql存储模式实体行为鉴权
      * @param entity
-     * @param action
-     * @param srfKey
-     * @param permissionList
+     * @param id
+     * @param dataRangeList
      * @return
      */
-    private boolean sqlPermissionValid(EntityBase entity , String action , Object srfKey, JSONObject permissionList){
-
-        String entityName=entity.getClass().getSimpleName();
-        ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));//获取实体service对象
+    private boolean sqlPermissionValid(EntityBase entity , Object id, JSONArray dataRangeList){
 
+        ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entity.getClass().getSimpleName(),"ServiceImpl"));//获取实体service对象
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
-        String keyField=permissionField.get(keyFieldTag);
-        if(StringUtils.isEmpty(keyField)){
-            throw new RuntimeException("权限校验失败，请检查当前实体中是否已经配置主键属性!");
-        }
-
-        //获取权限表达式[全部数据、本单位、本部门等]
-        JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
-        JSONObject permissionType= entityObj.getJSONObject(DEActionType);
-        JSONArray opprivList=permissionType.getJSONArray(action);//行为：read；insert...
-        if(opprivList.size()==0)
-            return false;
-
         //通过权限表达式来获取sql
-        String tempPermissionSQL=getPermissionSQL(entity,opprivList);
-        String permissionSQL= String.format(" (%s) AND (%s='%s')",tempPermissionSQL,keyField,srfKey); //拼接权限条件-编辑
+        String permissionSQL= String.format(" (%s) AND (%s='%s')",getPermissionSQL(entity,dataRangeList),permissionField.get(keyFieldTag),id); //拼接权限条件-编辑
         //执行sql进行权限检查
         QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
         List list=service.list(permissionWrapper);
@@ -294,32 +416,18 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     /**
      * NoSQL实体行为鉴权
      * @param entity
-     * @param action
-     * @param srfKey
-     * @param permissionList
+     * @param id
+     * @param dataRangeList
      * @return
      */
-    private boolean noSqlPermissionValid(EntityBase entity, String action, Object srfKey, JSONObject permissionList) {
+    private boolean noSqlPermissionValid(EntityBase entity, Object id, JSONArray dataRangeList) {
 
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
-
         String keyField=permissionField.get(keyFieldTag);
-        if(StringUtils.isEmpty(keyField)){
-            throw new RuntimeException("权限校验失败，请检查当前实体中是否已经配置主键属性!");
-        }
-
-        //获取权限表达式[全部数据、本单位、本部门等]
-        JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
-        JSONObject permissionType= entityObj.getJSONObject(DEActionType);
-        JSONArray dataRange=permissionType.getJSONArray(action);//行为：read；insert...
-        if(dataRange.size()==0)
-            return false;
-
         //根据权限表达式填充权限条件
-        QueryBuilder permissionCond=new QueryBuilder();
-        fillNoSqlPermissionCond(dataRange,entity,permissionCond);
+        QueryBuilder permissionCond=getNoSqlPermissionCond(entity,dataRangeList);
         //权限条件拼接主键
-        permissionCond.and(keyField).is(srfKey);
+        permissionCond.and(keyField).is(id);
         //执行权限检查
         Query query = new BasicQuery(permissionCond.get().toString());
         List list=mongoTemplate.find(query,entity.getClass());
@@ -334,12 +442,13 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     /**
      * 为NoSQL存储模式的表格查询填充权限条件
-     * @param oppriList
      * @param entity
-     * @param permissionSQL
+     * @param dataRangeList
+     * @return
      */
-    private void fillNoSqlPermissionCond(JSONArray oppriList, EntityBase entity, QueryBuilder permissionSQL){
+    private QueryBuilder getNoSqlPermissionCond( EntityBase entity ,JSONArray dataRangeList ){
 
+        QueryBuilder permissionSQL=new QueryBuilder();
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String orgField=permissionField.get("orgfield");
         String orgDeptField=permissionField.get("orgsecfield");
@@ -351,8 +460,8 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         Set<String> orgDeptParent = userInfo.get("parentdept");
         Set<String> orgDeptChild = userInfo.get("subdept");
 
-        for(int i=0;i<oppriList.size();i++){
-            String permissionCond=oppriList.getString(i);//权限配置条件
+        for(int i=0;i<dataRangeList.size();i++){
+            String permissionCond=dataRangeList.getString(i);//权限配置条件
             if(permissionCond.equals("curorg")){   //本单位
                 permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get());
             }
@@ -378,6 +487,8 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
                 permissionSQL.or(new QueryBuilder().get());
             }
         }
+
+        return permissionSQL;
     }
 
     /**
@@ -530,4 +641,53 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         return resultCond;
     }
 
+
+    /**
+     * 转换[a,b]格式字符串到 'a','b'格式
+     *
+     * @return
+     */
+    private String getEntityKeyCond(List<String> array) {
+        String[] arr = array.toArray(new String[array.size()]);
+        return "'" + String.join("','", arr) + "'";
+    }
+
+    /**
+     * 获取数据范围
+     * @param entityName
+     * @param action
+     * @param permissionList
+     * @return
+     */
+    private JSONArray getDataRange(String entityName, String action , JSONObject permissionList){
+        //获取权限表达式[全部数据、本单位、本部门等]
+        JSONObject entityObj=permissionList.getJSONObject(entityName);//获取实体
+        JSONObject permissionType= entityObj.getJSONObject(DEActionType);
+        JSONArray  dataRangeList=permissionType.getJSONArray(action);//行为：read；insert...
+        return dataRangeList;
+    }
+
+    /**
+     * 获取实体主键集合
+     * @param entityBase
+     * @param entityList
+     * @return
+     */
+    private List<String> getIds(EntityBase entityBase ,List<EntityBase> entityList) {
+
+        List<String> entityKeyList=new ArrayList<>();
+        Map<String,String> permissionField=getPermissionField(entityBase);//获取组织、部门预置属性
+        String keyFieldName=permissionField.get(keyFieldTag);
+        if(StringUtils.isEmpty(keyFieldName))
+            return entityKeyList;
+
+        for(EntityBase entity: entityList){
+            Object objEntityKey = entity.get(keyFieldName);
+            if(!ObjectUtils.isEmpty(objEntityKey)){
+                entityKeyList.add(String.valueOf(objEntityKey));
+            }
+        }
+        return entityKeyList;
+    }
+
 }
\ No newline at end of file