提交 6fe837f8 编写于 作者: ibizdev's avatar ibizdev

ibizdev提交

上级 a2dc6297
......@@ -6,15 +6,15 @@ export default {
deptname: '部门名称',
orgid: '单位',
parentdeptid: '上级部门',
pdeptname: '上级部门',
shortname: '部门简称',
deptlevel: '部门级别',
showorder: '排序',
bcode: '业务编码',
enable: '逻辑有效',
orgname: '单位',
parentdeptname: '上级部门',
createdate: '创建时间',
updatedate: '最后修改时间',
orgname: '单位',
},
views: {
editview: {
......
......@@ -5,15 +5,15 @@ export default {
deptname: '部门名称',
orgid: '单位',
parentdeptid: '上级部门',
pdeptname: '上级部门',
shortname: '部门简称',
deptlevel: '部门级别',
showorder: '排序',
bcode: '业务编码',
enable: '逻辑有效',
orgname: '单位',
parentdeptname: '上级部门',
createdate: '创建时间',
updatedate: '最后修改时间',
orgname: '单位',
},
views: {
editview: {
......
......@@ -5,10 +5,10 @@ export default {
orgcode: '单位代码',
orgname: '名称',
parentorgid: '上级单位',
porgname: '上级单位',
shortname: '单位简称',
orglevel: '单位级别',
showorder: '排序',
parentorgname: '上级单位',
enable: '逻辑有效',
createdate: '创建时间',
updatedate: '最后修改时间',
......
......@@ -4,10 +4,10 @@ export default {
orgcode: '单位代码',
orgname: '名称',
parentorgid: '上级单位',
porgname: '上级单位',
shortname: '单位简称',
orglevel: '单位级别',
showorder: '排序',
parentorgname: '上级单位',
enable: '逻辑有效',
createdate: '创建时间',
updatedate: '最后修改时间',
......
......@@ -72,7 +72,7 @@ export default class MainModel {
},
{
name: 'pdeptname',
prop: 'pdeptname',
prop: 'parentdeptname',
dataType: 'PICKUPTEXT',
},
{
......
......@@ -30,9 +30,6 @@ export default class PickupViewpickupviewpanelModel {
{
name: 'parentdeptid',
},
{
name: 'pdeptname',
},
{
name: 'shortname',
},
......@@ -49,13 +46,16 @@ export default class PickupViewpickupviewpanelModel {
name: 'enable',
},
{
name: 'createdate',
name: 'orgname',
},
{
name: 'updatedate',
name: 'parentdeptname',
},
{
name: 'orgname',
name: 'createdate',
},
{
name: 'updatedate',
},
]
}
......
......@@ -72,7 +72,7 @@ export default class MainModel {
},
{
name: 'porgname',
prop: 'porgname',
prop: 'parentorgname',
dataType: 'PICKUPTEXT',
},
{
......
......@@ -67,7 +67,7 @@ export default class NewFormModel {
},
{
name: 'porgname',
prop: 'porgname',
prop: 'parentorgname',
dataType: 'PICKUPTEXT',
},
{
......
......@@ -27,9 +27,6 @@ export default class PickupViewpickupviewpanelModel {
{
name: 'parentorgid',
},
{
name: 'porgname',
},
{
name: 'shortname',
},
......@@ -39,6 +36,9 @@ export default class PickupViewpickupviewpanelModel {
{
name: 'showorder',
},
{
name: 'parentorgname',
},
{
name: 'enable',
},
......
......@@ -69,13 +69,6 @@ public class IBZDepartment extends EntityMP implements Serializable {
@JSONField(name = "parentdeptid")
@JsonProperty("parentdeptid")
private String parentdeptid;
/**
* 上级部门
*/
@TableField(exist = false)
@JSONField(name = "pdeptname")
@JsonProperty("pdeptname")
private String pdeptname;
/**
* 部门简称
*/
......@@ -113,6 +106,20 @@ public class IBZDepartment extends EntityMP implements Serializable {
@JSONField(name = "enable")
@JsonProperty("enable")
private Integer enable;
/**
* 单位
*/
@TableField(exist = false)
@JSONField(name = "orgname")
@JsonProperty("orgname")
private String orgname;
/**
* 上级部门
*/
@TableField(exist = false)
@JSONField(name = "parentdeptname")
@JsonProperty("parentdeptname")
private String parentdeptname;
/**
* 创建时间
*/
......@@ -131,14 +138,6 @@ public class IBZDepartment extends EntityMP implements Serializable {
@JSONField(name = "updatedate" , format="yyyy-MM-dd HH:mm:ss")
@JsonProperty("updatedate")
private Timestamp updatedate;
/**
* 单位
*/
@DEField(preType = DEPredefinedFieldType.ORGNAME)
@TableField(value = "orgname")
@JSONField(name = "orgname")
@JsonProperty("orgname")
private String orgname;
/**
*
......
......@@ -62,13 +62,6 @@ public class IBZOrganization extends EntityMP implements Serializable {
@JSONField(name = "parentorgid")
@JsonProperty("parentorgid")
private String parentorgid;
/**
* 上级单位
*/
@TableField(exist = false)
@JSONField(name = "porgname")
@JsonProperty("porgname")
private String porgname;
/**
* 单位简称
*/
......@@ -90,6 +83,13 @@ public class IBZOrganization extends EntityMP implements Serializable {
@JSONField(name = "showorder")
@JsonProperty("showorder")
private Integer showorder;
/**
* 上级单位
*/
@TableField(exist = false)
@JSONField(name = "parentorgname")
@JsonProperty("parentorgname")
private String parentorgname;
/**
* 逻辑有效
*/
......
......@@ -53,20 +53,6 @@ public class IBZDepartmentSearchContext extends QueryWrapperContext<IBZDepartmen
if(!ObjectUtils.isEmpty(this.n_pdeptid_eq)){
this.getSelectCond().eq("pdeptid", n_pdeptid_eq);
}
}
private String n_pdeptname_eq;//[上级部门]
public void setN_pdeptname_eq(String n_pdeptname_eq) {
this.n_pdeptname_eq = n_pdeptname_eq;
if(!ObjectUtils.isEmpty(this.n_pdeptname_eq)){
this.getSelectCond().eq("pdeptname", n_pdeptname_eq);
}
}
private String n_pdeptname_like;//[上级部门]
public void setN_pdeptname_like(String n_pdeptname_like) {
this.n_pdeptname_like = n_pdeptname_like;
if(!ObjectUtils.isEmpty(this.n_pdeptname_like)){
this.getSelectCond().like("pdeptname", n_pdeptname_like);
}
}
private String n_bcode_like;//[业务编码]
public void setN_bcode_like(String n_bcode_like) {
......@@ -89,6 +75,20 @@ public class IBZDepartmentSearchContext extends QueryWrapperContext<IBZDepartmen
this.getSelectCond().like("orgname", n_orgname_like);
}
}
private String n_pdeptname_eq;//[上级部门]
public void setN_pdeptname_eq(String n_pdeptname_eq) {
this.n_pdeptname_eq = n_pdeptname_eq;
if(!ObjectUtils.isEmpty(this.n_pdeptname_eq)){
this.getSelectCond().eq("pdeptname", n_pdeptname_eq);
}
}
private String n_pdeptname_like;//[上级部门]
public void setN_pdeptname_like(String n_pdeptname_like) {
this.n_pdeptname_like = n_pdeptname_like;
if(!ObjectUtils.isEmpty(this.n_pdeptname_like)){
this.getSelectCond().like("pdeptname", n_pdeptname_like);
}
}
/**
* 启用快速搜索
......
......@@ -53,20 +53,6 @@ public class IBZOrganizationSearchContext extends QueryWrapperContext<IBZOrganiz
if(!ObjectUtils.isEmpty(this.n_porgid_eq)){
this.getSelectCond().eq("porgid", n_porgid_eq);
}
}
private String n_porgname_eq;//[上级单位]
public void setN_porgname_eq(String n_porgname_eq) {
this.n_porgname_eq = n_porgname_eq;
if(!ObjectUtils.isEmpty(this.n_porgname_eq)){
this.getSelectCond().eq("porgname", n_porgname_eq);
}
}
private String n_porgname_like;//[上级单位]
public void setN_porgname_like(String n_porgname_like) {
this.n_porgname_like = n_porgname_like;
if(!ObjectUtils.isEmpty(this.n_porgname_like)){
this.getSelectCond().like("porgname", n_porgname_like);
}
}
private String n_shortname_like;//[单位简称]
public void setN_shortname_like(String n_shortname_like) {
......@@ -89,6 +75,20 @@ public class IBZOrganizationSearchContext extends QueryWrapperContext<IBZOrganiz
this.getSelectCond().le("orglevel", n_orglevel_ltandeq);
}
}
private String n_porgname_eq;//[上级单位]
public void setN_porgname_eq(String n_porgname_eq) {
this.n_porgname_eq = n_porgname_eq;
if(!ObjectUtils.isEmpty(this.n_porgname_eq)){
this.getSelectCond().eq("porgname", n_porgname_eq);
}
}
private String n_porgname_like;//[上级单位]
public void setN_porgname_like(String n_porgname_like) {
this.n_porgname_like = n_porgname_like;
if(!ObjectUtils.isEmpty(this.n_porgname_like)){
this.getSelectCond().like("porgname", n_porgname_like);
}
}
/**
* 启用快速搜索
......
......@@ -2,7 +2,7 @@
<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:ext="http://www.liquibase.org/xml/ns/dbchangelog-ext" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog-ext http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd">
<!--输出实体[IBZORG]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-ibzorg-397-1">
<changeSet author="a_A_5d9d78509" id="tab-ibzorg-401-1">
<createTable tableName="IBZORG">
<column name="ORGID" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_IBZORG_ORGID"/>
......@@ -106,7 +106,7 @@
</createTable>
</changeSet>
<!--输出实体[IBZDEPT]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-ibzdept-508-3">
<changeSet author="a_A_5d9d78509" id="tab-ibzdept-512-3">
<createTable tableName="IBZDEPT">
<column name="DEPTID" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_IBZDEPT_DEPTID"/>
......@@ -133,13 +133,11 @@
</column>
<column name="UPDATEDATE" remarks="" type="DATETIME">
</column>
<column name="ORGNAME" remarks="" type="VARCHAR(100)">
</column>
</createTable>
</changeSet>
<!--输出实体[IBZORG]外键关系 -->
<changeSet author="a_A_5d9d78509" id="fk-ibzorg-397-4">
<changeSet author="a_A_5d9d78509" id="fk-ibzorg-401-4">
<addForeignKeyConstraint baseColumnNames="PORGID" baseTableName="IBZORG" constraintName="DER1N_IBZORG_IBZORG_PORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
</changeSet>
<!--输出实体[IBZEMP]外键关系 -->
......@@ -150,10 +148,10 @@
<addForeignKeyConstraint baseColumnNames="ORGID" baseTableName="IBZEMP" constraintName="DER1N_IBZEMP_IBZORG_ORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
</changeSet>
<!--输出实体[IBZDEPT]外键关系 -->
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-508-7">
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-512-7">
<addForeignKeyConstraint baseColumnNames="PDEPTID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZDEPT_PDEPTID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="DEPTID" referencedTableName="IBZDEPT" validate="true"/>
</changeSet>
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-508-8">
<changeSet author="a_A_5d9d78509" id="fk-ibzdept-512-8">
<addForeignKeyConstraint baseColumnNames="ORGID" baseTableName="IBZDEPT" constraintName="DER1N_IBZDEPT_IBZORG_ORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
</changeSet>
......
......@@ -5,7 +5,7 @@
<!--该方法用于重写mybatis中selectById方法,以实现查询逻辑属性-->
<select id="selectById" resultMap="IBZDepartmentResultMap" databaseId="mysql">
<![CDATA[select t1.* from (SELECT t1.`BCODE`, t1.`CREATEDATE`, t1.`DEPTCODE`, t1.`DEPTID`, t1.`DEPTLEVEL`, t1.`DEPTNAME`, t1.`ENABLE`, t1.`ORGID`, t1.`ORGNAME`, t1.`PDEPTID`, t11.`DEPTNAME` AS `PDEPTNAME`, t1.`SHORTNAME`, t1.`SHOWORDER`, t1.`UPDATEDATE` FROM `IBZDEPT` t1 LEFT JOIN IBZDEPT t11 ON t1.PDEPTID = t11.DEPTID ) t1 where deptid=#{id}]]>
<![CDATA[select t1.* from (SELECT t1.`BCODE`, t1.`CREATEDATE`, t1.`DEPTCODE`, t1.`DEPTID`, t1.`DEPTLEVEL`, t1.`DEPTNAME`, t1.`ENABLE`, t1.`ORGID`, t11.`ORGNAME`, t1.`PDEPTID`, t21.`DEPTNAME` AS `PDEPTNAME`, t1.`SHORTNAME`, t1.`SHOWORDER`, t1.`UPDATEDATE` FROM `IBZDEPT` t1 LEFT JOIN IBZORG t11 ON t1.ORGID = t11.ORGID LEFT JOIN IBZDEPT t21 ON t1.PDEPTID = t21.DEPTID ) t1 where deptid=#{id}]]>
</select>
<select id="selectById" resultMap="IBZDepartmentResultMap" databaseId="postgresql">
<![CDATA[select t1.* from (SELECT t1.BCODE, t1.CREATEDATE, t1.DEPTCODE, t1.DEPTID, t1.DEPTLEVEL, t1.DEPTNAME, t1.ENABLE, t1.ORGID, t1.PDEPTID, t1.SHORTNAME, t1.SHOWORDER, t1.UPDATEDATE FROM IBZDEPT t1 ) t1 where deptid=#{id}]]>
......@@ -16,6 +16,7 @@
<id property="deptid" column="deptid" /><!--主键字段映射-->
<result property="orgid" column="orgid" />
<result property="parentdeptid" column="pdeptid" />
<result property="parentdeptname" column="pdeptname" />
<!--通过mybatis自动注入关系属性[主实体],fetchType="lazy"为懒加载配置 -->
......@@ -50,7 +51,7 @@
<!--数据查询[Default]-->
<sql id="Default" databaseId="mysql">
<![CDATA[ SELECT t1.`BCODE`, t1.`CREATEDATE`, t1.`DEPTCODE`, t1.`DEPTID`, t1.`DEPTLEVEL`, t1.`DEPTNAME`, t1.`ENABLE`, t1.`ORGID`, t1.`ORGNAME`, t1.`PDEPTID`, t11.`DEPTNAME` AS `PDEPTNAME`, t1.`SHORTNAME`, t1.`SHOWORDER`, t1.`UPDATEDATE` FROM `IBZDEPT` t1 LEFT JOIN IBZDEPT t11 ON t1.PDEPTID = t11.DEPTID
<![CDATA[ SELECT t1.`BCODE`, t1.`CREATEDATE`, t1.`DEPTCODE`, t1.`DEPTID`, t1.`DEPTLEVEL`, t1.`DEPTNAME`, t1.`ENABLE`, t1.`ORGID`, t11.`ORGNAME`, t1.`PDEPTID`, t21.`DEPTNAME` AS `PDEPTNAME`, t1.`SHORTNAME`, t1.`SHOWORDER`, t1.`UPDATEDATE` FROM `IBZDEPT` t1 LEFT JOIN IBZORG t11 ON t1.ORGID = t11.ORGID LEFT JOIN IBZDEPT t21 ON t1.PDEPTID = t21.DEPTID
WHERE t1.ENABLE = 1
]]>
</sql>
......@@ -64,7 +65,7 @@
<!--数据查询[View]-->
<sql id="View" databaseId="mysql">
<![CDATA[ SELECT t1.`BCODE`, t1.`CREATEDATE`, t1.`DEPTCODE`, t1.`DEPTID`, t1.`DEPTLEVEL`, t1.`DEPTNAME`, t1.`ENABLE`, t1.`ORGID`, t1.`ORGNAME`, t1.`PDEPTID`, t11.`DEPTNAME` AS `PDEPTNAME`, t1.`SHORTNAME`, t1.`SHOWORDER`, t1.`UPDATEDATE` FROM `IBZDEPT` t1 LEFT JOIN IBZDEPT t11 ON t1.PDEPTID = t11.DEPTID
<![CDATA[ SELECT t1.`BCODE`, t1.`CREATEDATE`, t1.`DEPTCODE`, t1.`DEPTID`, t1.`DEPTLEVEL`, t1.`DEPTNAME`, t1.`ENABLE`, t1.`ORGID`, t11.`ORGNAME`, t1.`PDEPTID`, t21.`DEPTNAME` AS `PDEPTNAME`, t1.`SHORTNAME`, t1.`SHOWORDER`, t1.`UPDATEDATE` FROM `IBZDEPT` t1 LEFT JOIN IBZORG t11 ON t1.ORGID = t11.ORGID LEFT JOIN IBZDEPT t21 ON t1.PDEPTID = t21.DEPTID
WHERE t1.ENABLE = 1
]]>
</sql>
......
......@@ -15,6 +15,7 @@
<resultMap id="IBZOrganizationResultMap" type="cn.ibizlab.core.ou.domain.IBZOrganization" autoMapping="true">
<id property="orgid" column="orgid" /><!--主键字段映射-->
<result property="parentorgid" column="porgid" />
<result property="parentorgname" column="porgname" />
<!--通过mybatis自动注入关系属性[主实体],fetchType="lazy"为懒加载配置 -->
......
......@@ -63,14 +63,6 @@ public class IBZDepartmentDTO extends DTOBase implements Serializable {
@JsonProperty("parentdeptid")
private String parentdeptid;
/**
* 属性 [PDEPTNAME]
*
*/
@JSONField(name = "pdeptname")
@JsonProperty("pdeptname")
private String pdeptname;
/**
* 属性 [SHORTNAME]
*
......@@ -111,6 +103,22 @@ public class IBZDepartmentDTO extends DTOBase implements Serializable {
@JsonProperty("enable")
private Integer enable;
/**
* 属性 [ORGNAME]
*
*/
@JSONField(name = "orgname")
@JsonProperty("orgname")
private String orgname;
/**
* 属性 [PDEPTNAME]
*
*/
@JSONField(name = "parentdeptname")
@JsonProperty("parentdeptname")
private String parentdeptname;
/**
* 属性 [CREATEDATE]
*
......@@ -129,14 +137,6 @@ public class IBZDepartmentDTO extends DTOBase implements Serializable {
@JsonProperty("updatedate")
private Timestamp updatedate;
/**
* 属性 [ORGNAME]
*
*/
@JSONField(name = "orgname")
@JsonProperty("orgname")
private String orgname;
/**
* 设置 [DEPTCODE]
......
......@@ -55,14 +55,6 @@ public class IBZOrganizationDTO extends DTOBase implements Serializable {
@JsonProperty("parentorgid")
private String parentorgid;
/**
* 属性 [PORGNAME]
*
*/
@JSONField(name = "porgname")
@JsonProperty("porgname")
private String porgname;
/**
* 属性 [SHORTNAME]
*
......@@ -87,6 +79,14 @@ public class IBZOrganizationDTO extends DTOBase implements Serializable {
@JsonProperty("showorder")
private Integer showorder;
/**
* 属性 [PORGNAME]
*
*/
@JSONField(name = "parentorgname")
@JsonProperty("parentorgname")
private String parentorgname;
/**
* 属性 [ENABLE]
*
......
......@@ -36,14 +36,13 @@ public class PermissionSyncJob implements ApplicationRunner {
private String systemId;
@Override
public void run(ApplicationArguments args) throws Exception {
public void run(ApplicationArguments args) {
if(enablePermissionValid){
try {
InputStream permission= this.getClass().getResourceAsStream("/deprivs/DEPrivs.json"); //获取当前系统所有实体资源能力
String permissionResult = IOUtils.toString(permission,"UTF-8");
JSONArray jsonNodePermission = JSONArray.parseArray(permissionResult);
Map<String,Object> map=new HashMap<String,Object>();
map.put("menu",new JSONArray());
JSONObject jsonNodePermission = JSONObject.parseObject(permissionResult);
Map<String,Object> map=new HashMap<>();
map.put("permission",jsonNodePermission);
client.pushSystemPermissionData(map,systemId);
}
......
......@@ -31,6 +31,14 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
@Value("${ibiz.enablePermissionValid:false}")
boolean enablePermissionValid; //是否开启权限校验
/**
* 实体行为操作标识
*/
private String DEActionType="DEACTION";
/**
* 实体数据集操作标识
*/
private String DataSetTag="DATASET";
/**
* 表格权限检查 :用于检查当前用户是否拥有表格数据的读取、删除权限
......@@ -68,10 +76,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
String entityName = entity.getClass().getSimpleName();
//获取实体行为权限信息
JSONObject permissionList=userPermission.getJSONObject("deActionPermission");
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
//检查是否有操作权限[create.update.delete.read]
if(!validHasPermission(permissionList,entityName,action)){
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限[单行删除]
......@@ -86,23 +94,23 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
else{ //grid fetch
//准备参数
Object searchContext=gridParamList.get(0);
String dataSet=String.valueOf(gridParamList.get(1));
String dataSetName=String.valueOf(gridParamList.get(1));
EntityBase entity = (EntityBase) gridParamList.get(2);
String entityName = entity.getClass().getSimpleName();
//获取数据集权限信息
JSONObject permissionList=userPermission.getJSONObject("deDataSetPermission");
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSet)|| StringUtils.isEmpty(action))
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName)|| StringUtils.isEmpty(action))
return false;
//检查是否有操作权限[create.update.delete.read]
if(!validHasPermission(permissionList,entityName,dataSet,action)){
//检查是否有访问数据集的权限
if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
return false;
}
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSet,permissionField);//获取权限SQL
String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSetName,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
fillPermissionSQL(searchContext,permissionSQL);//将权限SQL添加到searchContext中,过滤出权限内数据
......@@ -134,11 +142,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false;
JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermisionList();
JSONObject permissionList=userPermission.getJSONObject("deActionPermission");
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
String entityName = entity.getClass().getSimpleName();
if(action.equals("CREATE")){
return validHasPermission(permissionList,entityName,action);
return validDEActionHasPermission(permissionList,entityName,action);
}
else{
//拥有全部数据访问权限时,则跳过权限检查
......@@ -146,7 +154,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true;
}
//检查是否有操作权限[create.update.delete.read]
if(!validHasPermission(permissionList,entityName,action)){
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限
......@@ -155,7 +163,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
}
......@@ -193,11 +200,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
private String getPermissionSQLByList(JSONObject gridDataAbility, String entityName, String action, String dataSetName, Map<String,String> permissionField){
JSONObject entity=gridDataAbility.getJSONObject(entityName);//获取实体
JSONObject dataSet=entity.getJSONObject(dataSetName);//获取实体数据集
JSONArray opprivList=dataSet.getJSONArray(action);//行为:read;insert...
if(opprivList.size()==0)
JSONObject permissionType=entity.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return null;
return getPermissionSQL(opprivList,permissionField); //拼接权限条件-查询
return getPermissionSQL(dataRange,permissionField); //拼接权限条件-查询
}
/**
......@@ -215,53 +222,59 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
}
/**
* 校验是否有访问实体行为能力
* @param permissionList 权限列表
* @param entityName 实体名称
* @param action 操作行为
* 实体行为权限校验
* @param userPermission
* @param entityName
* @param action
* userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
* @return
*/
private boolean validHasPermission(JSONObject permissionList, String entityName, String action){
private boolean validDEActionHasPermission(JSONObject userPermission,String entityName , String action ){
boolean hasPermission=false;
if(permissionList==null)
if(userPermission==null)
return false;
if(!permissionList.containsKey(entityName))
if(!userPermission.containsKey(entityName))
return false;
JSONObject entity=permissionList.getJSONObject(entityName);
if(entity.containsKey(action)){
JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
if(!entity.containsKey(DEActionType))
return false;
JSONObject dataRange=entity.getJSONObject(DEActionType);//获取实体行为对应的数据范围
if(dataRange.containsKey(action)){
hasPermission=true;
}
return hasPermission;
return hasPermission;
}
/**
* 校验是否有访问数据集能力
* @param permissionList
* 数据集合权限校验
* @param userPermission
* @param entityName
* @param dataSetName
* @param action
* userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
* @return
*/
private boolean validHasPermission(JSONObject permissionList, String entityName, String dataSetName, String action ){
private boolean validDataSetHasPermission(JSONObject userPermission,String entityName ,String dataSetName){
boolean hasPermission=false;
if(permissionList==null)
if(userPermission==null)
return false;
if(!permissionList.containsKey(entityName))
if(!userPermission.containsKey(entityName))
return false;
JSONObject entity=permissionList.getJSONObject(entityName);
if(!entity.containsKey(dataSetName))
JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
if(!entity.containsKey(DataSetTag))
return false;
JSONObject dataSet=entity.getJSONObject(dataSetName);//获取实体数据集
if(dataSet.containsKey(action)){
JSONObject dataSetList=entity.getJSONObject(DataSetTag);//获取数据集
if(!dataSetList.containsKey(dataSetName))
return false;
JSONArray dataRange=dataSetList.getJSONArray(dataSetName);//获取数据范围
if(dataRange!=null && dataRange.size()>0){
hasPermission=true;
}
return hasPermission;
}
/**
* 获取单条权限数据SQL
* @param formDataAbility
......@@ -274,7 +287,8 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
private String getPermissionSQLById(JSONObject formDataAbility, String entityName, String action, Object srfKey, Map<String,String> permissionField){
JSONObject entity=formDataAbility.getJSONObject(entityName);//获取实体
JSONArray opprivList=entity.getJSONArray(action);//行为:read;insert...
JSONObject permissionType= entity.getJSONObject(DEActionType);
JSONArray opprivList=permissionType.getJSONArray(action);//行为:read;insert...
if(opprivList.size()==0)
return null;
String permissionSQL=getPermissionSQL(opprivList,permissionField);
......@@ -286,7 +300,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return String.format(" (%s) AND (%s='%s')",permissionSQL,keyField,srfKey); //拼接权限条件-编辑
}
/**
* 表单权限检查
* @param service
......@@ -302,7 +315,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return isPermission;
}
/**
* 获取权限SQL
* @param oppriList
......@@ -430,7 +442,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
/**
* 转换[a,b]格式字符串到 'a','b'格式
*
* @return
*/
private String formatStringArr(JSONArray array) {
......@@ -441,7 +452,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
/**
* 格式转换
*
* @param cond
* @param operator
* @return
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册