Skip to content

I
ibzou
提交 7cc1cbb5 编写于 作者: ibizdev's avatar ibizdev
浏览文件
操作

ibizdev提交

上级 a68c1fa4
隐藏空白字符变更
内嵌 并排
正在显示 包含 495 行增加151 行删除
app_web/src/engine/view/wfdyna-exp-grid-view-engine.ts 0 → 100644
浏览文件 @ 7cc1cbb5
import GridViewEngine from './grid-view-engine';
/**
* 视图引擎基础
*
* @export
* @class WFDynaExpGridViewEngine
* @extends {GridViewEngine}
*/
export default class WFDynaExpGridViewEngine extends GridViewEngine {
/**
* Creates an instance of WFDynaExpGridViewEngine.
* @memberof WFDynaExpGridViewEngine
*/
constructor() {
super();
}
/**
* 引擎加载
*
* @param {*} [opts={}]
* @memberof WFDynaExpGridViewEngine
*/
public load(opts: any = {},isnotify:boolean=false): void {
this.view.getWFStepModel().then((res:any) =>{
if(!this.view.isformDruipart){
super.load(opts);
}else{
if(isnotify){
super.load(opts);
}
}
})
}
}
\ No newline at end of file
app_web/src/mock/entity/ibzdepartments/ibzdepartments.ts
浏览文件 @ 7cc1cbb5
......@@ -6,10 +6,55 @@ const mock = MockAdapter.getInstance();
const mockDatas: Array<any> = [
];
//getwflink
mock.onGet(new RegExp(/^\/wfcore\/ibzou-app-web\/ibzdepartments\/[a-zA-Z0-9\-\;]+\/usertasks\/[a-zA-Z0-9\-\;]+\/ways$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzdepartment 方法: getwflink");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
}
return [status,[
{"sequenceFlowId":"dfdsfdsfdsfdsfds","sequenceFlowName":"同意",
"taskId":"aaaaddddccccddddd","processDefinitionKey":"support-workorders-approve-v1",
"processInstanceId":"ddlfldldfldsfds","refViewKey":""},
{"sequenceFlowId":"ddssdfdfdfdfsfdf","sequenceFlowName":"不同意",
"taskId":"aaaaddddccccddddd","processDefinitionKey":"support-workorders-approve-v1",
"processInstanceId":"ddfdsldlfdlldsf","refViewKey":"workorder_ltform_editview"}
]];
});
// getwfstep
mock.onGet(new RegExp(/^\/wfcore\/ibzou-app-web\/ibzdepartments\/process-definitions-nodes$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzdepartment 方法: getwfstep");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
}
return [status, [
{"userTaskId":"sddfddfd-dfdf-fdfd-fdf-dfdfd",
"userTaskName":"待审",
"cnt":0,
"processDefinitionKey":"support-workorders-approve-v1",
"processDefinitionName":"工单审批流程v1"
},
{"userTaskId":"sddfddfd-dfdf-fdfd-fdf-87927",
"userTaskName":"待分配",
"cnt":3,
"processDefinitionKey":"support-workorders-approve-v1",
"processDefinitionName":"工单审批流程v1"}
]];
});
// createBatch
mock.onPost(new RegExp(/^\/ibzdepartments\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzdepartment 方法: createBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......@@ -21,6 +66,7 @@ mock.onPost(new RegExp(/^\/ibzdepartments\/batch$/)).reply((config: any) => {
mock.onPut(new RegExp(/^\/ibzdepartments\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzdepartment 方法: updateBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......@@ -32,6 +78,7 @@ mock.onPut(new RegExp(/^\/ibzdepartments\/batch$/)).reply((config: any) => {
mock.onDelete(new RegExp(/^\/ibzdepartments\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzdepartment 方法: removeBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......
app_web/src/mock/entity/ibzemployees/ibzemployees.ts
浏览文件 @ 7cc1cbb5
......@@ -6,10 +6,55 @@ const mock = MockAdapter.getInstance();
const mockDatas: Array<any> = [
];
//getwflink
mock.onGet(new RegExp(/^\/wfcore\/ibzou-app-web\/ibzemployees\/[a-zA-Z0-9\-\;]+\/usertasks\/[a-zA-Z0-9\-\;]+\/ways$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzemployee 方法: getwflink");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
}
return [status,[
{"sequenceFlowId":"dfdsfdsfdsfdsfds","sequenceFlowName":"同意",
"taskId":"aaaaddddccccddddd","processDefinitionKey":"support-workorders-approve-v1",
"processInstanceId":"ddlfldldfldsfds","refViewKey":""},
{"sequenceFlowId":"ddssdfdfdfdfsfdf","sequenceFlowName":"不同意",
"taskId":"aaaaddddccccddddd","processDefinitionKey":"support-workorders-approve-v1",
"processInstanceId":"ddfdsldlfdlldsf","refViewKey":"workorder_ltform_editview"}
]];
});
// getwfstep
mock.onGet(new RegExp(/^\/wfcore\/ibzou-app-web\/ibzemployees\/process-definitions-nodes$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzemployee 方法: getwfstep");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
}
return [status, [
{"userTaskId":"sddfddfd-dfdf-fdfd-fdf-dfdfd",
"userTaskName":"待审",
"cnt":0,
"processDefinitionKey":"support-workorders-approve-v1",
"processDefinitionName":"工单审批流程v1"
},
{"userTaskId":"sddfddfd-dfdf-fdfd-fdf-87927",
"userTaskName":"待分配",
"cnt":3,
"processDefinitionKey":"support-workorders-approve-v1",
"processDefinitionName":"工单审批流程v1"}
]];
});
// createBatch
mock.onPost(new RegExp(/^\/ibzemployees\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzemployee 方法: createBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......@@ -21,6 +66,7 @@ mock.onPost(new RegExp(/^\/ibzemployees\/batch$/)).reply((config: any) => {
mock.onPut(new RegExp(/^\/ibzemployees\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzemployee 方法: updateBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......@@ -32,6 +78,7 @@ mock.onPut(new RegExp(/^\/ibzemployees\/batch$/)).reply((config: any) => {
mock.onDelete(new RegExp(/^\/ibzemployees\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzemployee 方法: removeBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......
app_web/src/mock/entity/ibzorganizations/ibzorganizations.ts
浏览文件 @ 7cc1cbb5
......@@ -6,10 +6,55 @@ const mock = MockAdapter.getInstance();
const mockDatas: Array<any> = [
];
//getwflink
mock.onGet(new RegExp(/^\/wfcore\/ibzou-app-web\/ibzorganizations\/[a-zA-Z0-9\-\;]+\/usertasks\/[a-zA-Z0-9\-\;]+\/ways$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzorganization 方法: getwflink");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
}
return [status,[
{"sequenceFlowId":"dfdsfdsfdsfdsfds","sequenceFlowName":"同意",
"taskId":"aaaaddddccccddddd","processDefinitionKey":"support-workorders-approve-v1",
"processInstanceId":"ddlfldldfldsfds","refViewKey":""},
{"sequenceFlowId":"ddssdfdfdfdfsfdf","sequenceFlowName":"不同意",
"taskId":"aaaaddddccccddddd","processDefinitionKey":"support-workorders-approve-v1",
"processInstanceId":"ddfdsldlfdlldsf","refViewKey":"workorder_ltform_editview"}
]];
});
// getwfstep
mock.onGet(new RegExp(/^\/wfcore\/ibzou-app-web\/ibzorganizations\/process-definitions-nodes$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzorganization 方法: getwfstep");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
}
return [status, [
{"userTaskId":"sddfddfd-dfdf-fdfd-fdf-dfdfd",
"userTaskName":"待审",
"cnt":0,
"processDefinitionKey":"support-workorders-approve-v1",
"processDefinitionName":"工单审批流程v1"
},
{"userTaskId":"sddfddfd-dfdf-fdfd-fdf-87927",
"userTaskName":"待分配",
"cnt":3,
"processDefinitionKey":"support-workorders-approve-v1",
"processDefinitionName":"工单审批流程v1"}
]];
});
// createBatch
mock.onPost(new RegExp(/^\/ibzorganizations\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzorganization 方法: createBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......@@ -21,6 +66,7 @@ mock.onPost(new RegExp(/^\/ibzorganizations\/batch$/)).reply((config: any) => {
mock.onPut(new RegExp(/^\/ibzorganizations\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzorganization 方法: updateBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......@@ -32,6 +78,7 @@ mock.onPut(new RegExp(/^\/ibzorganizations\/batch$/)).reply((config: any) => {
mock.onDelete(new RegExp(/^\/ibzorganizations\/batch$/)).reply((config: any) => {
console.groupCollapsed("实体:ibzorganization 方法: removeBatch");
console.table({url:config.url, method: config.method, data:config.data});
console.groupEnd();
let status = MockAdapter.mockStatus(config);
if (status !== 200) {
return [status, {}];
......
config.xml
浏览文件 @ 7cc1cbb5
......@@ -38,11 +38,6 @@
git clone -b master $para2 ibzou/
export NODE_OPTIONS=--max-old-space-size=4096
cd ibzou/
mvn clean package -Papi
cd ibzou-provider/ibzou-provider-api
mvn -Papi docker:build
mvn -Papi docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzou-provider-api.yaml dev --with-registry-auth
</command>
</hudson.tasks.Shell>
</builders>
......
ibzou-app/ibzou-app-web/src/main/java/cn/ibizlab/web/config/webSecurityConfig.java
浏览文件 @ 7cc1cbb5
......@@ -41,6 +41,15 @@ public class webSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${ibiz.auth.path:v7/login}")
private String loginPath;
@Value("${ibiz.file.uploadpath:ibizutil/upload}")
private String uploadpath;
@Value("${ibiz.file.downloadpath:ibizutil/download}")
private String downloadpath;
@Value("${ibiz.file.previewpath:ibizutil/preview}")
private String previewpath;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
......@@ -97,6 +106,10 @@ public class webSecurityConfig extends WebSecurityConfigurerAdapter {
).permitAll()
//放行登录请求
.antMatchers( HttpMethod.POST,"/"+loginPath).permitAll()
// 文件操作
.antMatchers("/"+downloadpath+"/**").permitAll()
.antMatchers("/"+uploadpath).permitAll()
.antMatchers("/"+previewpath+"/**").permitAll()
// 所有请求都需要认证
.anyRequest().authenticated()
// 防止iframe 造成跨域
......
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZOrganization.java
浏览文件 @ 7cc1cbb5
......@@ -35,7 +35,7 @@ public class IBZOrganization extends EntityMP implements Serializable {
/**
* 单位标识
*/
@DEField(isKeyField=true)
@DEField(defaultValue = "orgcode" , defaultValueType = DEFieldDefaultValueType.PARAM , isKeyField=true)
@TableId(value= "orgid",type=IdType.UUID)
@JSONField(name = "orgid")
@JsonProperty("orgid")
......
ibzou-core/src/main/resources/liquibase/h2_table.xml
浏览文件 @ 7cc1cbb5
......@@ -2,7 +2,7 @@
<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:ext="http://www.liquibase.org/xml/ns/dbchangelog-ext" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog-ext http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd">
<!--输出实体[IBZORG]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-ibzorg-409-1">
<changeSet author="a_A_5d9d78509" id="tab-ibzorg-410-1">
<createTable tableName="IBZORG">
<column name="ORGID" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_IBZORG_ORGID"/>
......@@ -137,7 +137,7 @@
</changeSet>
<!--输出实体[IBZORG]外键关系 -->
<changeSet author="a_A_5d9d78509" id="fk-ibzorg-409-4">
<changeSet author="a_A_5d9d78509" id="fk-ibzorg-410-4">
<addForeignKeyConstraint baseColumnNames="PORGID" baseTableName="IBZORG" constraintName="DER1N_IBZORG_IBZORG_PORGID" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="ORGID" referencedTableName="IBZORG" validate="true"/>
</changeSet>
<!--输出实体[IBZEMP]外键关系 -->
......
ibzou-provider/ibzou-provider-api/src/main/docker/Dockerfile
浏览文件 @ 7cc1cbb5
......@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzou-provider-api.jar
EXPOSE 40001
EXPOSE 8081
ADD ibzou-provider-api.jar /ibzou-provider-api.jar
ibzou-provider/ibzou-provider-api/src/main/docker/ibzou-provider-api.yaml
浏览文件 @ 7cc1cbb5
......@@ -3,11 +3,9 @@ services:
ibzou-provider-api:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzou-provider-api:latest
ports:
- "40001:40001"
- "8081:8081"
networks:
- agent_network
environment:
SPRING_CLOUD_NACOS_DISCOVERY_IP: 172.16.180.237
deploy:
mode: replicated
replicas: 1
......
ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZDepartmentResource.java
浏览文件 @ 7cc1cbb5
......@@ -55,7 +55,7 @@ public class IBZDepartmentResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Create", tags = {"IBZDepartment" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments")
@Transactional
......@@ -66,7 +66,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......@@ -77,7 +77,7 @@ public class IBZDepartmentResource {
@PreAuthorize("hasPermission(#ibzdepartment_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#ibzdepartment_id,'Get',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Get", tags = {"IBZDepartment" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/ibzdepartments/{ibzdepartment_id}")
public ResponseEntity<IBZDepartmentDTO> get(@PathVariable("ibzdepartment_id") String ibzdepartment_id) {
......@@ -123,7 +123,7 @@ public class IBZDepartmentResource {
@PreAuthorize("hasPermission('Remove',{#ibzdepartment_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#ibzdepartment_id,{this.getEntity(),'Sql'}})")
@ApiOperation(value = "Remove", tags = {"IBZDepartment" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/ibzdepartments/{ibzdepartment_id}")
@Transactional
......@@ -141,7 +141,7 @@ public class IBZDepartmentResource {
@PreAuthorize("hasPermission(#ibzdepartment_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#ibzdepartment_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Update", tags = {"IBZDepartment" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/ibzdepartments/{ibzdepartment_id}")
@Transactional
......@@ -153,7 +153,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#ibzdepartment_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#ibzdepartment_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzdepartments/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZDepartmentDTO> ibzdepartmentdtos) {
......@@ -161,7 +161,7 @@ public class IBZDepartmentResource {
return ResponseEntity.status(HttpStatus.OK).body(true);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
@ApiOperation(value = "fetchDEFAULT", tags = {"IBZDepartment" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/fetchdefault")
public ResponseEntity<List<IBZDepartmentDTO>> fetchDefault(IBZDepartmentSearchContext context) {
......@@ -174,7 +174,7 @@ public class IBZDepartmentResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
@ApiOperation(value = "searchDEFAULT", tags = {"IBZDepartment" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/ibzdepartments/searchdefault")
public ResponseEntity<Page<IBZDepartmentDTO>> searchDefault(IBZDepartmentSearchContext context) {
......
ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZEmployeeResource.java
浏览文件 @ 7cc1cbb5
......@@ -55,7 +55,7 @@ public class IBZEmployeeResource {
@PreAuthorize("hasPermission('Remove',{#ibzemployee_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#ibzemployee_id,{this.getEntity(),'Sql'}})")
@ApiOperation(value = "Remove", tags = {"IBZEmployee" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/ibzemployees/{ibzemployee_id}")
@Transactional
......@@ -86,7 +86,7 @@ public class IBZEmployeeResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Create", tags = {"IBZEmployee" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees")
@Transactional
......@@ -97,7 +97,7 @@ public class IBZEmployeeResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
......@@ -117,7 +117,7 @@ public class IBZEmployeeResource {
@PreAuthorize("hasPermission(#ibzemployee_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#ibzemployee_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Update", tags = {"IBZEmployee" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/ibzemployees/{ibzemployee_id}")
@Transactional
......@@ -129,7 +129,7 @@ public class IBZEmployeeResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#ibzemployee_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#ibzemployee_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzemployees/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZEmployeeDTO> ibzemployeedtos) {
......@@ -156,7 +156,7 @@ public class IBZEmployeeResource {
@PreAuthorize("hasPermission(#ibzemployee_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#ibzemployee_id,'Get',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Get", tags = {"IBZEmployee" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/ibzemployees/{ibzemployee_id}")
public ResponseEntity<IBZEmployeeDTO> get(@PathVariable("ibzemployee_id") String ibzemployee_id) {
......@@ -174,7 +174,7 @@ public class IBZEmployeeResource {
return ResponseEntity.status(HttpStatus.OK).body(ibzemployeeMapping.toDto(ibzemployeeService.getDraft(new IBZEmployee())));
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
@ApiOperation(value = "fetchDEFAULT", tags = {"IBZEmployee" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/ibzemployees/fetchdefault")
public ResponseEntity<List<IBZEmployeeDTO>> fetchDefault(IBZEmployeeSearchContext context) {
......@@ -187,7 +187,7 @@ public class IBZEmployeeResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
@ApiOperation(value = "searchDEFAULT", tags = {"IBZEmployee" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/ibzemployees/searchdefault")
public ResponseEntity<Page<IBZEmployeeDTO>> searchDefault(IBZEmployeeSearchContext context) {
......
ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/rest/IBZOrganizationResource.java
浏览文件 @ 7cc1cbb5
......@@ -64,7 +64,7 @@ public class IBZOrganizationResource {
@PreAuthorize("hasPermission(#ibzorganization_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#ibzorganization_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Update", tags = {"IBZOrganization" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/ibzorganizations/{ibzorganization_id}")
@Transactional
......@@ -76,7 +76,7 @@ public class IBZOrganizationResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#ibzorganization_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#ibzorganization_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
......@@ -87,7 +87,7 @@ public class IBZOrganizationResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Create", tags = {"IBZOrganization" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations")
@Transactional
......@@ -98,7 +98,7 @@ public class IBZOrganizationResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/ibzorganizations/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<IBZOrganizationDTO> ibzorganizationdtos) {
......@@ -125,7 +125,7 @@ public class IBZOrganizationResource {
@PreAuthorize("hasPermission('Remove',{#ibzorganization_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#ibzorganization_id,{this.getEntity(),'Sql'}})")
@ApiOperation(value = "Remove", tags = {"IBZOrganization" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/ibzorganizations/{ibzorganization_id}")
@Transactional
......@@ -143,7 +143,7 @@ public class IBZOrganizationResource {
@PreAuthorize("hasPermission(#ibzorganization_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#ibzorganization_id,'Get',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Get", tags = {"IBZOrganization" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/ibzorganizations/{ibzorganization_id}")
public ResponseEntity<IBZOrganizationDTO> get(@PathVariable("ibzorganization_id") String ibzorganization_id) {
......@@ -161,7 +161,7 @@ public class IBZOrganizationResource {
return ResponseEntity.status(HttpStatus.OK).body(ibzorganizationMapping.toDto(ibzorganizationService.getDraft(new IBZOrganization())));
}
@PreAuthorize("hasPermission('Get',{#context,'SelectSOrg',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'SelectSOrg',this.getEntity(),'Sql'})")
@ApiOperation(value = "fetch查询下级单位", tags = {"IBZOrganization" } ,notes = "fetch查询下级单位")
@RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchselectsorg")
public ResponseEntity<List<IBZOrganizationDTO>> fetchSelectSOrg(IBZOrganizationSearchContext context) {
......@@ -174,7 +174,7 @@ public class IBZOrganizationResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'SelectSOrg',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'SelectSOrg',this.getEntity(),'Sql'})")
@ApiOperation(value = "search查询下级单位", tags = {"IBZOrganization" } ,notes = "search查询下级单位")
@RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/searchselectsorg")
public ResponseEntity<Page<IBZOrganizationDTO>> searchSelectSOrg(IBZOrganizationSearchContext context) {
......@@ -183,7 +183,7 @@ public class IBZOrganizationResource {
.body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
@PreAuthorize("hasPermission('Get',{#context,'SelectPOrg',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'SelectPOrg',this.getEntity(),'Sql'})")
@ApiOperation(value = "fetch查询上级单位", tags = {"IBZOrganization" } ,notes = "fetch查询上级单位")
@RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchselectporg")
public ResponseEntity<List<IBZOrganizationDTO>> fetchSelectPOrg(IBZOrganizationSearchContext context) {
......@@ -196,7 +196,7 @@ public class IBZOrganizationResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'SelectPOrg',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'SelectPOrg',this.getEntity(),'Sql'})")
@ApiOperation(value = "search查询上级单位", tags = {"IBZOrganization" } ,notes = "search查询上级单位")
@RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/searchselectporg")
public ResponseEntity<Page<IBZOrganizationDTO>> searchSelectPOrg(IBZOrganizationSearchContext context) {
......@@ -205,7 +205,7 @@ public class IBZOrganizationResource {
.body(new PageImpl(ibzorganizationMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
@ApiOperation(value = "fetchDEFAULT", tags = {"IBZOrganization" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/fetchdefault")
public ResponseEntity<List<IBZOrganizationDTO>> fetchDefault(IBZOrganizationSearchContext context) {
......@@ -218,7 +218,7 @@ public class IBZOrganizationResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),'Sql'})")
@ApiOperation(value = "searchDEFAULT", tags = {"IBZOrganization" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/ibzorganizations/searchdefault")
public ResponseEntity<Page<IBZOrganizationDTO>> searchDefault(IBZOrganizationSearchContext context) {
......
ibzou-provider/ibzou-provider-api/src/main/resources/application-api-dev.yml
浏览文件 @ 7cc1cbb5
server:
port: 40001
\ No newline at end of file
port: 8081
\ No newline at end of file
ibzou-util/src/main/java/cn/ibizlab/util/domain/FileItem.java
浏览文件 @ 7cc1cbb5
......@@ -14,6 +14,8 @@ public class FileItem
{
private String id;
private String name;
private String fileid;
private String filename;
private long size;
private String ext;
}
ibzou-util/src/main/java/cn/ibizlab/util/rest/FileController.java
浏览文件 @ 7cc1cbb5
......@@ -14,21 +14,20 @@ import java.io.*;
@Slf4j
@RestController
@RequestMapping("/")
public class FileController
{
@Autowired
private FileService fileService;
@PostMapping(value = "${ibiz.uploadpath.path:ibizutil/upload}")
@PostMapping(value = "${ibiz.file.uploadpath:ibizutil/upload}")
public ResponseEntity<FileItem> upload(@RequestParam("file") MultipartFile multipartFile){
return ResponseEntity.ok().body(fileService.saveFile(multipartFile));
}
private final String defaultdownloadpath="ibizutil/download/{id}";
protected String getDefaultdownloadpath(){
return defaultdownloadpath;
}
@GetMapping(value = "${ibiz.file.downloadpath:"+defaultdownloadpath+"}")
@ResponseStatus(HttpStatus.OK)
......
ibzou-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
浏览文件 @ 7cc1cbb5
......@@ -4,17 +4,28 @@ import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.mongodb.BasicDBList;
import com.mongodb.BasicDBObject;
import com.mongodb.QueryBuilder;
import cn.ibizlab.util.annotation.DEField;
import cn.ibizlab.util.domain.EntityBase;
import cn.ibizlab.util.enums.DEPredefinedFieldType;
import cn.ibizlab.util.filter.QueryBuildContext;
import cn.ibizlab.util.filter.QueryWrapperContext;
import cn.ibizlab.util.helper.DEFieldCacheMap;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.PageImpl;
import org.springframework.data.mongodb.core.MongoTemplate;
import org.springframework.data.mongodb.core.query.BasicQuery;
import org.springframework.data.mongodb.core.query.Query;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
import javax.annotation.Resource;
import javax.swing.text.html.parser.Entity;
import java.io.Serializable;
import java.lang.reflect.Field;
import java.util.ArrayList;
......@@ -39,6 +50,13 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
* 实体数据集操作标识
*/
private String DataSetTag="DATASET";
/**
*实体主键标识
*/
private String keyFieldTag="keyfield";
@Resource
private MongoTemplate mongoTemplate;
/**
* 表格权限检查 :用于检查当前用户是否拥有表格数据的读取、删除权限
......@@ -56,6 +74,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true;
String action = "";
String deStorageMode;
if (deAction instanceof String)
action = (String) deAction;
......@@ -69,10 +88,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false;
List gridParamList = (ArrayList) gridParam;
if(action.equalsIgnoreCase("DELETE")){ //grid delete
if(action.equalsIgnoreCase("remove")){
//准备参数
Object srfKey =gridParamList.get(0);
EntityBase entity = (EntityBase) gridParamList.get(1);
deStorageMode= (String) gridParamList.get(2);
String entityName = entity.getClass().getSimpleName();
//获取实体行为权限信息
......@@ -82,61 +102,53 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限[单行删除]
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));//获取实体service对象
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
//检查是否有数据权限
return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
}
else{ //grid fetch
else{
//准备参数
Object searchContext=gridParamList.get(0);
String dataSetName=String.valueOf(gridParamList.get(1));
EntityBase entity = (EntityBase) gridParamList.get(2);
deStorageMode= (String) gridParamList.get(3);
String entityName = entity.getClass().getSimpleName();
//获取数据集权限信息
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName)|| StringUtils.isEmpty(action))
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName))
return false;
//检查是否有访问数据集的权限
if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
return false;
}
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSetName,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
fillPermissionSQL(searchContext,permissionSQL);//将权限SQL添加到searchContext中,过滤出权限内数据
//拼接权限条件
deDataSetFillPermissionSQLRouter(deStorageMode, searchContext, entity , dataSetName , permissionList);
}
return true;
}
/**
* 表单权限检查 :用于检查当前用户是否拥有表单的新建、编辑、删除权限
*
* @param authentication
* @param srfKey 当前操作数据的主键
* @param action 当前操作行为:如:[READ、UPDATE、DELETE]
* @param cur_entity 当前操作的实体对象
* @param formParam 表单参数对象
* @return true/false true则允许当前行为,false拒绝行为
*/
@Override
public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object cur_entity) {
public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object formParam) {
//未开启权限校验、超级管理员则不进行权限检查
if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1 || !enablePermissionValid)
return true;
EntityBase entity = null;
if (cur_entity instanceof EntityBase)
entity = (EntityBase) cur_entity;
List formParamList = (ArrayList) formParam;
EntityBase entity = (EntityBase) formParamList.get(0);
String deStorageMode= (String) formParamList.get(1);
if (StringUtils.isEmpty(entity))
return false;
......@@ -145,7 +157,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
String entityName = entity.getClass().getSimpleName();
if(action.equalsIgnoreCase("CREATE")){
if(action.equalsIgnoreCase("create")){
return validDEActionHasPermission(permissionList,entityName,action);
}
else{
......@@ -158,13 +170,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false;
}
//检查是否有数据权限
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
}
}
......@@ -185,40 +191,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if(entity.containsKey(action) && entity.getJSONArray(action).contains("ALL"))
return true;
return false;
}
/**
* 拼接表格查询条件
* @param gridDataAbility
* @param entityName
* @param action
* @param dataSetName
* @param permissionField
* @return
*/
private String getPermissionSQLByList(JSONObject gridDataAbility, String entityName, String action, String dataSetName, Map<String,String> permissionField){
JSONObject entity=gridDataAbility.getJSONObject(entityName);//获取实体
JSONObject permissionType=entity.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return null;
return getPermissionSQL(dataRange,permissionField); //拼接权限条件-查询
}
/**
* 填充权限SQL
* @param targetDomainObject
* @param permissionCond
*/
private void fillPermissionSQL(Object targetDomainObject, String permissionCond){
if(targetDomainObject instanceof QueryWrapperContext){
QueryWrapperContext queryWrapperContext = (QueryWrapperContext) targetDomainObject;
QueryWrapper queryWrapper = queryWrapperContext.getSelectCond();
queryWrapper.apply(permissionCond);
}
return false;
}
/**
......@@ -246,7 +219,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return hasPermission;
}
/**
* 数据集合权限校验
* @param userPermission
......@@ -276,53 +248,244 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
}
/**
* 获取单条权限数据SQL
* @param formDataAbility
* @param entityName
* 根据实体存储模式,进行鉴权
* @param deStorageMode
* @param entity
* @param action
* @param srfKey
* @param permissionList
* @return
*/
private boolean deActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
if(deStorageMode.equalsIgnoreCase("sql")){
return sqlPermissionValid(entity , action , srfKey, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("nosql")){
return noSqlPermissionValid(entity , action , srfKey, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("serviceapi")){
return true;
}
else {
throw new RuntimeException(String.format("未能识别[%s]实体对应存储模式[%s]",entity.getClass().getSimpleName(),deStorageMode));
}
}
/**
* sql存储模式实体行为鉴权
* @param entity
* @param action
* @param srfKey
* @param permissionField
* @param permissionList
* @return
*/
private String getPermissionSQLById(JSONObject formDataAbility, String entityName, String action, Object srfKey, Map<String,String> permissionField){
private boolean sqlPermissionValid(EntityBase entity , String action , Object srfKey, JSONObject permissionList){
String entityName=entity.getClass().getSimpleName();
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));//获取实体service对象
JSONObject entity=formDataAbility.getJSONObject(entityName);//获取实体
JSONObject permissionType= entity.getJSONObject(DEActionType);
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String keyField=permissionField.get(keyFieldTag);
if(StringUtils.isEmpty(keyField)){
throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!");
}
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
JSONObject permissionType= entityObj.getJSONObject(DEActionType);
JSONArray opprivList=permissionType.getJSONArray(action);//行为:read;insert...
if(opprivList.size()==0)
return null;
String permissionSQL=getPermissionSQL(opprivList,permissionField);
return false;
String keyField=permissionField.get("keyfield");
//通过权限表达式来获取sql
String tempPermissionSQL=getPermissionSQL(entity,opprivList);
String permissionSQL= String.format(" (%s) AND (%s='%s')",tempPermissionSQL,keyField,srfKey); //拼接权限条件-编辑
//执行sql进行权限检查
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
List list=service.list(permissionWrapper);
if(list.size()>0){
return true;
}else{
return false;
}
}
/**
* NoSQL实体行为鉴权
* @param entity
* @param action
* @param srfKey
* @param permissionList
* @return
*/
private boolean noSqlPermissionValid(EntityBase entity, String action, Object srfKey, JSONObject permissionList) {
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String keyField=permissionField.get(keyFieldTag);
if(StringUtils.isEmpty(keyField)){
throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!");
}
return String.format(" (%s) AND (%s='%s')",permissionSQL,keyField,srfKey); //拼接权限条件-编辑
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
JSONObject permissionType= entityObj.getJSONObject(DEActionType);
JSONArray dataRange=permissionType.getJSONArray(action);//行为:read;insert...
if(dataRange.size()==0)
return false;
//根据权限表达式填充权限条件
QueryBuilder permissionCond=new QueryBuilder();
fillNoSqlPermissionCond(dataRange,entity,permissionCond);
//权限条件拼接主键
permissionCond.and(keyField).is(srfKey);
//执行权限检查
Query query = new BasicQuery(permissionCond.get().toString());
List list=mongoTemplate.find(query,entity.getClass());
if(list.size()>0){
return true;
}
else{
return false;
}
}
/**
* 表单权限检查
* @param service
* @param permissionCond
* @return
* 根据实体存储类型,拼接权限条件
* @param deStorageMode
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private boolean testDataAccess(ServiceImpl service, QueryWrapper permissionCond){
private void deDataSetFillPermissionSQLRouter(String deStorageMode , Object searchContext, EntityBase entity ,String dataSetName ,JSONObject permissionList){
//检查是否有数据权限[单行删除]
if(deStorageMode.equalsIgnoreCase("sql")){
sqlPermissionBuilder(searchContext, entity , dataSetName, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("nosql")){
noSqlPermissionBuilder(searchContext, entity , dataSetName, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("serviceapi")){
}
else {
throw new RuntimeException(String.format("未能识别[%s]实体对应存储模式[%s]",entity.getClass().getSimpleName(),deStorageMode));
}
}
/**
* 为NoSQL存储模式的表格查询填充权限条件
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private void noSqlPermissionBuilder(Object searchContext, EntityBase entity, String dataSetName, JSONObject permissionList) {
if(searchContext instanceof QueryBuildContext){
//获取权限表达式[全部数据、本单位、本部门等]
String entityName=entity.getClass().getSimpleName();
JSONObject entityObj=permissionList.getJSONObject(entityName);
JSONObject permissionType=entityObj.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);
if(dataRange.size()==0)
return ;
//根据权限表达式生成查询条件,并将查询条件设置到SearchContext中
fillNoSqlPermissionCond(dataRange,entity,((QueryBuildContext) searchContext).getSelectCond());
}
}
/**
* 为SQL存储模式的表格查询填充权限条件
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private void sqlPermissionBuilder(Object searchContext, EntityBase entity, String dataSetName, JSONObject permissionList){
//获取权限表达式[全部数据、本单位、本部门等]
String entityName=entity.getClass().getSimpleName();
JSONObject entityObj=permissionList.getJSONObject(entityName);//获取实体
JSONObject permissionType=entityObj.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return ;
//根据权限条件获取SQL
String permissionSQL=getPermissionSQL(entity,dataRange);
//将SQL拼接到SearchContext中
if(searchContext instanceof QueryWrapperContext){
QueryWrapperContext queryWrapperContext = (QueryWrapperContext) searchContext;
QueryWrapper queryWrapper = queryWrapperContext.getSelectCond();
queryWrapper.apply(permissionSQL);
}
}
boolean isPermission=false;
List list=service.list(permissionCond);
if(list.size()>0)
isPermission=true;
return isPermission;
/**
* 为NoSQL存储模式的表格查询填充权限条件
* @param oppriList
* @param entity
* @param permissionSQL
*/
private void fillNoSqlPermissionCond(JSONArray oppriList, EntityBase entity, QueryBuilder permissionSQL){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String orgField=permissionField.get("orgfield");
String orgDeptField=permissionField.get("orgsecfield");
String createManField=permissionField.get("createmanfield");
AuthenticationUser authenticationUser = AuthenticationUser.getAuthenticationUser();
JSONObject userInfo = authenticationUser.getOrgInfo();
JSONObject orgObject = userInfo.getJSONObject("org");
JSONArray orgParent = orgObject.getJSONArray("porg");
JSONArray orgChild = orgObject.getJSONArray("sorg");
JSONObject orgDeptObject = userInfo.getJSONObject("orgdept");
JSONArray orgDeptParent = orgDeptObject.getJSONArray("porgdept");
JSONArray orgDeptChild = orgDeptObject.getJSONArray("sorgdept");
for(int i=0;i<oppriList.size();i++){
String permissionCond=oppriList.getString(i);//权限配置条件
if(permissionCond.equals("CURORG")){ //本单位
permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get());
}
else if(permissionCond.equals("PORG")){//上级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgParent)).get());
}
else if(permissionCond.equals("SORG")){//下级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgChild)).get());
}
else if(permissionCond.equals("CREATEMAN")){//建立人
permissionSQL.or(new QueryBuilder().and(createManField).is(AuthenticationUser.getAuthenticationUser().getUserid()).get());
}
else if(permissionCond.equals("CURORGDEPT")){//本部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).is(AuthenticationUser.getAuthenticationUser().getMdeptid()).get());
}
else if(permissionCond.equals("PORGDEPT")){//上级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptParent)).get());
}
else if(permissionCond.equals("SORGDEPT")){//下级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptChild)).get());
}
else if(permissionCond.equals("ALL")){
permissionSQL.or(new QueryBuilder().get());
}
}
}
/**
* 获取权限SQL
* SQL获取权限条件
* @param entity
* @param oppriList
* @param permissionField
* @return
*/
private String getPermissionSQL(JSONArray oppriList, Map<String,String> permissionField){
private String getPermissionSQL(EntityBase entity, JSONArray oppriList){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String nPermissionSQL = "1<>1";
String orgField=permissionField.get("orgfield");
String orgDeptField=permissionField.get("orgsecfield");
......@@ -362,7 +525,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild)));
}
else if(permissionCond.equals("ALL")){//全部数据
permissionSQL.append("(1=1)");
permissionSQL.append("(1=1)");
}
else{
permissionSQL.append(nPermissionSQL);
......
ibzou-util/src/main/java/cn/ibizlab/util/service/SimpleFileService.java
浏览文件 @ 7cc1cbb5
......@@ -3,6 +3,7 @@ package cn.ibizlab.util.service;
import cn.ibizlab.util.domain.FileItem;
import cn.ibizlab.util.errors.InternalServerErrorException;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Service;
......@@ -11,7 +12,6 @@ import org.springframework.web.multipart.MultipartFile;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.util.UUID;
@Primary
@Slf4j
......@@ -21,26 +21,22 @@ public class SimpleFileService implements FileService {
@Value("${ibiz.filePath:/app/file/}")
private String fileRoot;
@Override
public FileItem saveFile(MultipartFile multipartFile) {
FileItem item=null;
// 获取文件名
String fileName = multipartFile.getOriginalFilename();
// 获取文件后缀
String extname="."+getExtensionName(fileName);
// 用uuid作为文件名,防止生成的临时文件重复
String fileid= UUID.randomUUID().toString();
String fileFullPath = this.fileRoot+"ibztuit"+File.separator+fileid+File.separator+fileName;
File file = new File(fileFullPath);
File parent = new File(file.getParent());
if(!parent.exists())
parent.mkdirs();
try {
FileCopyUtils.copy(multipartFile.getInputStream() , Files.newOutputStream(file.toPath()));
item=new FileItem(fileid,fileName, (int)multipartFile.getSize() ,extname);
String fileid= DigestUtils.md5Hex(multipartFile.getInputStream());
String fileFullPath = this.fileRoot+"ibizutil"+File.separator+fileid+File.separator+fileName;
File file = new File(fileFullPath);
File parent = new File(file.getParent());
if(!parent.exists())
parent.mkdirs();
FileCopyUtils.copy(multipartFile.getInputStream(),Files.newOutputStream(file.toPath()));
item=new FileItem(fileid,fileName,fileid,fileName,(int)multipartFile.getSize(),extname);
} catch (IOException e) {
throw new InternalServerErrorException("文件上传失败");
}
......@@ -49,7 +45,7 @@ public class SimpleFileService implements FileService {
@Override
public File getFile(String fileid) {
String dirpath = this.fileRoot+"ibztuit"+File.separator+fileid;
String dirpath = this.fileRoot+"ibizutil"+File.separator+fileid;
File parent = new File(dirpath);
if (parent.exists() && parent.isDirectory() && parent.listFiles().length > 0) {
return parent.listFiles()[0];
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册