提交 02bb2ad9 编写于 作者: ibizdev's avatar ibizdev

laizhilong 发布系统代码

上级 1f443b52
......@@ -44,7 +44,8 @@ export default {
tabpage1: "权限",
druipart2: "用户",
tabpage2: "用户",
tabpage3: "分页面板",
druipart3: "角色权限关系",
tabpage3: "角色权限关系",
tabpanel1: "",
formpage1: "基本信息",
srfupdatedate: "更新时间",
......@@ -55,9 +56,9 @@ export default {
srfuf: "",
srfdeid: "",
srfsourcekey: "",
sys_roleid: "角色表标识",
sys_rolename: "角色表名称",
memo: "备注",
sys_roleid: "角色表标识",
},
uiactions: {
},
......
......@@ -43,7 +43,8 @@ export default {
tabpage1: '权限',
druipart2: '用户',
tabpage2: '用户',
tabpage3: '分页面板',
druipart3: '角色权限关系',
tabpage3: '角色权限关系',
tabpanel1: '',
formpage1: '基本信息',
srfupdatedate: '更新时间',
......@@ -54,9 +55,9 @@ export default {
srfuf: '',
srfdeid: '',
srfsourcekey: '',
sys_roleid: '角色表标识',
sys_rolename: '角色表名称',
memo: '备注',
sys_roleid: '角色表标识',
},
uiactions: {
},
......
......@@ -104,6 +104,7 @@ export const viewstate: any = {
viewdatachange: false,
refviews: [
'61a949e3c23ebdda724888662ded1478',
'b8a97c1797a1b91fbb37f8c2d14b1fb6',
'fb89f9af95f2caf92ccc1249025c9a1b',
],
},
......@@ -156,6 +157,7 @@ export const viewstate: any = {
viewdatachange: false,
refviews: [
'61a949e3c23ebdda724888662ded1478',
'b8a97c1797a1b91fbb37f8c2d14b1fb6',
'fb89f9af95f2caf92ccc1249025c9a1b',
],
},
......
......@@ -22,21 +22,21 @@
<el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
</template>
<template v-if="getColumnState('sys_permissionid')">
<el-table-column show-overflow-tooltip :prop="'sys_permissionid'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionid')" :width="150" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_permissionid'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionid')" :width="150" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.sys_permissionid}}</span>
</template>
</el-table-column>
</template>
<template v-if="getColumnState('sys_permissionname')">
<el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionname')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionname')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.sys_permissionname}}</span>
</template>
</el-table-column>
</template>
<template v-if="getColumnState('pssourcetype')">
<el-table-column show-overflow-tooltip :prop="'pssourcetype'" :label="$t('entities.sys_permission.main_grid.columns.pssourcetype')" :width="150" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'pssourcetype'" :label="$t('entities.sys_permission.main_grid.columns.pssourcetype')" :width="150" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<template >
<codelist :value="row.pssourcetype" tag='CLSourceType' codelistType='STATIC' ></codelist>
......@@ -45,7 +45,7 @@
</el-table-column>
</template>
<template v-if="getColumnState('pssourcename')">
<el-table-column show-overflow-tooltip :prop="'pssourcename'" :label="$t('entities.sys_permission.main_grid.columns.pssourcename')" :width="150" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'pssourcename'" :label="$t('entities.sys_permission.main_grid.columns.pssourcename')" :width="150" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.pssourcename}}</span>
</template>
......
......@@ -22,7 +22,7 @@
<el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
</template>
<template v-if="getColumnState('sys_rolename')">
<el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_rolename')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_rolename')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<app-column-link deKeyField='sys_role' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-roleredirect-view', height: 0,width: 0,title: $t('entities.sys_role.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
......@@ -36,7 +36,7 @@
</el-table-column>
</template>
<template v-if="getColumnState('sys_permissionname')">
<el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_permissionname')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_permissionname')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<app-column-link deKeyField='sys_permission' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-permissionredirect-view', height: 0,width: 0,title: $t('entities.sys_permission.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
......@@ -50,7 +50,7 @@
</el-table-column>
</template>
<template v-if="getColumnState('updatedate')">
<el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role_permission.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role_permission.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<app-format-data format="YYYY-MM-DD hh:mm:ss" :data="row.updatedate"></app-format-data>
</template>
......
......@@ -55,6 +55,11 @@ export default class MainModel {
{
name: 'srfsourcekey',
},
{
name: 'sys_roleid',
prop: 'roleid',
dataType: 'GUID',
},
{
name: 'sys_rolename',
prop: 'rolename',
......@@ -65,11 +70,6 @@ export default class MainModel {
prop: 'memo',
dataType: 'TEXT',
},
{
name: 'sys_roleid',
prop: 'roleid',
dataType: 'GUID',
},
{
name: 'sys_role',
prop: 'roleid',
......
......@@ -22,28 +22,28 @@
<el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
</template>
<template v-if="getColumnState('sys_roleid')">
<el-table-column show-overflow-tooltip :prop="'sys_roleid'" :label="$t('entities.sys_role.main_grid.columns.sys_roleid')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_roleid'" :label="$t('entities.sys_role.main_grid.columns.sys_roleid')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.sys_roleid}}</span>
</template>
</el-table-column>
</template>
<template v-if="getColumnState('sys_rolename')">
<el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role.main_grid.columns.sys_rolename')" :width="350" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role.main_grid.columns.sys_rolename')" :width="350" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.sys_rolename}}</span>
</template>
</el-table-column>
</template>
<template v-if="getColumnState('memo')">
<el-table-column show-overflow-tooltip :prop="'memo'" :label="$t('entities.sys_role.main_grid.columns.memo')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'memo'" :label="$t('entities.sys_role.main_grid.columns.memo')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.memo}}</span>
</template>
</el-table-column>
</template>
<template v-if="getColumnState('updatedate')">
<el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<app-format-data format="YYYY-MM-DD hh:mm:ss" :data="row.updatedate"></app-format-data>
</template>
......
......@@ -22,7 +22,7 @@
<el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
</template>
<template v-if="getColumnState('sys_username')">
<el-table-column show-overflow-tooltip :prop="'sys_username'" :label="$t('entities.sys_user_role.main_grid.columns.sys_username')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_username'" :label="$t('entities.sys_user_role.main_grid.columns.sys_username')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<app-column-link deKeyField='sys_user' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-userredirect-view', height: 0,width: 0,title: $t('entities.sys_user.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
......@@ -36,7 +36,7 @@
</el-table-column>
</template>
<template v-if="getColumnState('sys_rolename')">
<el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_user_role.main_grid.columns.sys_rolename')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_user_role.main_grid.columns.sys_rolename')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<app-column-link deKeyField='sys_role' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-roleredirect-view', height: 0,width: 0,title: $t('entities.sys_role.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
......@@ -50,7 +50,7 @@
</el-table-column>
</template>
<template v-if="getColumnState('updatedate')">
<el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_user_role.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_user_role.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<app-format-data format="YYYY-MM-DD hh:mm:ss" :data="row.updatedate"></app-format-data>
</template>
......
......@@ -22,21 +22,21 @@
<el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
</template>
<template v-if="getColumnState('userid')">
<el-table-column show-overflow-tooltip :prop="'userid'" :label="$t('entities.sys_user.main_grid.columns.userid')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'userid'" :label="$t('entities.sys_user.main_grid.columns.userid')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.userid}}</span>
</template>
</el-table-column>
</template>
<template v-if="getColumnState('username')">
<el-table-column show-overflow-tooltip :prop="'username'" :label="$t('entities.sys_user.main_grid.columns.username')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'username'" :label="$t('entities.sys_user.main_grid.columns.username')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.username}}</span>
</template>
</el-table-column>
</template>
<template v-if="getColumnState('personname')">
<el-table-column show-overflow-tooltip :prop="'personname'" :label="$t('entities.sys_user.main_grid.columns.personname')" :width="250" :align="'left'" :sortable="'custom'">
<el-table-column show-overflow-tooltip :prop="'personname'" :label="$t('entities.sys_user.main_grid.columns.personname')" :width="250" :align="'left'" :sortable="'custom'">
<template v-slot="{row,column}">
<span>{{row.personname}}</span>
</template>
......
......@@ -150,7 +150,7 @@
<verbose>true</verbose>
<logging>debug</logging>
<contexts>!test</contexts>
<diffExcludeObjects>Index:.*,table:IBZFILE,IBZUSER,IBZDATAAUDIT</diffExcludeObjects>
<diffExcludeObjects>Index:.*,table:ibzfile,ibzuser,ibzdataaudit</diffExcludeObjects>
</configuration>
<phase>process-resources</phase>
<goals>
......
......@@ -136,7 +136,7 @@
</createTable>
</changeSet>
<!--输出实体[SYS_ROLE]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-sys_role-63-7">
<changeSet author="a_A_5d9d78509" id="tab-sys_role-68-7">
<createTable tableName="IBZROLE">
<column name="SYS_ROLEID" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_SYS_ROLE_SYS_ROLEID"/>
......
......@@ -50,7 +50,9 @@ public class SYS_PERMISSIONResource {
@Autowired
@Lazy
private SYS_PERMISSIONMapping sys_permissionMapping;
public SYS_PERMISSIONMapping sys_permissionMapping;
public SYS_PERMISSIONDTO permissionDTO=new SYS_PERMISSIONDTO();
......@@ -110,7 +112,6 @@ public class SYS_PERMISSIONResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PERMISSION-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_PERMISSION" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_permissions/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_PERMISSIONDTO> sys_permissiondtos) {
......@@ -131,7 +132,7 @@ public class SYS_PERMISSIONResource {
SYS_PERMISSIONDTO dto = sys_permissionMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PERMISSION-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SYS_PERMISSION" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_permissions/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_PERMISSIONDTO> sys_permissiondtos) {
......@@ -183,12 +184,4 @@ public class SYS_PERMISSIONResource {
}
/**
* 用户权限校验
* @return
*/
public SYS_PERMISSION getEntity(){
return new SYS_PERMISSION();
}
}
......@@ -50,7 +50,9 @@ public class SYS_PSAPPMENUITEMResource {
@Autowired
@Lazy
private SYS_PSAPPMENUITEMMapping sys_psappmenuitemMapping;
public SYS_PSAPPMENUITEMMapping sys_psappmenuitemMapping;
public SYS_PSAPPMENUITEMDTO permissionDTO=new SYS_PSAPPMENUITEMDTO();
......@@ -81,7 +83,7 @@ public class SYS_PSAPPMENUITEMResource {
SYS_PSAPPMENUITEMDTO dto = sys_psappmenuitemMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSAPPMENUITEM-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SYS_PSAPPMENUITEM" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_psappmenuitems/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_PSAPPMENUITEMDTO> sys_psappmenuitemdtos) {
......@@ -104,7 +106,6 @@ public class SYS_PSAPPMENUITEMResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSAPPMENUITEM-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_PSAPPMENUITEM" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_psappmenuitems/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_PSAPPMENUITEMDTO> sys_psappmenuitemdtos) {
......@@ -183,12 +184,4 @@ public class SYS_PSAPPMENUITEMResource {
}
/**
* 用户权限校验
* @return
*/
public SYS_PSAPPMENUITEM getEntity(){
return new SYS_PSAPPMENUITEM();
}
}
......@@ -50,7 +50,9 @@ public class SYS_PSDEOPPRIVResource {
@Autowired
@Lazy
private SYS_PSDEOPPRIVMapping sys_psdeopprivMapping;
public SYS_PSDEOPPRIVMapping sys_psdeopprivMapping;
public SYS_PSDEOPPRIVDTO permissionDTO=new SYS_PSDEOPPRIVDTO();
......@@ -101,7 +103,7 @@ public class SYS_PSDEOPPRIVResource {
SYS_PSDEOPPRIVDTO dto = sys_psdeopprivMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSDEOPPRIV-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SYS_PSDEOPPRIV" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_psdeopprivs/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_PSDEOPPRIVDTO> sys_psdeopprivdtos) {
......@@ -136,7 +138,6 @@ public class SYS_PSDEOPPRIVResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSDEOPPRIV-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_PSDEOPPRIV" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_psdeopprivs/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_PSDEOPPRIVDTO> sys_psdeopprivdtos) {
......@@ -183,12 +184,4 @@ public class SYS_PSDEOPPRIVResource {
}
/**
* 用户权限校验
* @return
*/
public SYS_PSDEOPPRIV getEntity(){
return new SYS_PSDEOPPRIV();
}
}
......@@ -50,7 +50,9 @@ public class SYS_ROLEResource {
@Autowired
@Lazy
private SYS_ROLEMapping sys_roleMapping;
public SYS_ROLEMapping sys_roleMapping;
public SYS_ROLEDTO permissionDTO=new SYS_ROLEDTO();
......@@ -83,7 +85,6 @@ public class SYS_ROLEResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_ROLE" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_roles/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_ROLEDTO> sys_roledtos) {
......@@ -104,7 +105,7 @@ public class SYS_ROLEResource {
SYS_ROLEDTO dto = sys_roleMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SYS_ROLE" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_roles/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_ROLEDTO> sys_roledtos) {
......@@ -183,12 +184,4 @@ public class SYS_ROLEResource {
}
/**
* 用户权限校验
* @return
*/
public SYS_ROLE getEntity(){
return new SYS_ROLE();
}
}
......@@ -50,12 +50,14 @@ public class SYS_ROLE_PERMISSIONResource {
@Autowired
@Lazy
private SYS_ROLE_PERMISSIONMapping sys_role_permissionMapping;
public SYS_ROLE_PERMISSIONMapping sys_role_permissionMapping;
public SYS_ROLE_PERMISSIONDTO permissionDTO=new SYS_ROLE_PERMISSIONDTO();
@PreAuthorize("hasPermission(#sys_role_permission_id,'Get',{this.getEntity(),'Sql'})")
@PreAuthorize("hasPermission(#sys_role_permission_id,'Get',{'Sql',this.sys_role_permissionMapping,this.permissionDTO})")
@ApiOperation(value = "Get", tags = {"SYS_ROLE_PERMISSION" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/sys_role_permissions/{sys_role_permission_id}")
public ResponseEntity<SYS_ROLE_PERMISSIONDTO> get(@PathVariable("sys_role_permission_id") String sys_role_permission_id) {
......@@ -67,7 +69,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize("hasPermission(#sys_role_permission_id,'Remove',{this.getEntity(),'Sql'})")
@PreAuthorize("hasPermission(#sys_role_permission_id,'Remove',{'Sql',this.sys_role_permissionMapping,this.permissionDTO})")
@ApiOperation(value = "Remove", tags = {"SYS_ROLE_PERMISSION" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/sys_role_permissions/{sys_role_permission_id}")
@Transactional
......@@ -94,7 +96,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@PreAuthorize("hasPermission('','Create',{'Sql',this.sys_role_permissionMapping,#sys_role_permissiondto})")
@ApiOperation(value = "Create", tags = {"SYS_ROLE_PERMISSION" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions")
@Transactional
......@@ -104,7 +106,7 @@ public class SYS_ROLE_PERMISSIONResource {
SYS_ROLE_PERMISSIONDTO dto = sys_role_permissionMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "createBatch", tags = {"SYS_ROLE_PERMISSION" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) {
......@@ -140,7 +142,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{this.getEntity(),'Sql'})")
@PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{'Sql',this.sys_role_permissionMapping,#sys_role_permissiondto})")
@ApiOperation(value = "Update", tags = {"SYS_ROLE_PERMISSION" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/{sys_role_permission_id}")
@Transactional
......@@ -152,7 +154,6 @@ public class SYS_ROLE_PERMISSIONResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_ROLE_PERMISSION" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) {
......@@ -497,12 +498,4 @@ public class SYS_ROLE_PERMISSIONResource {
}
/**
* 用户权限校验
* @return
*/
public SYS_ROLE_PERMISSION getEntity(){
return new SYS_ROLE_PERMISSION();
}
}
......@@ -50,7 +50,9 @@ public class SYS_USERResource {
@Autowired
@Lazy
private SYS_USERMapping sys_userMapping;
public SYS_USERMapping sys_userMapping;
public SYS_USERDTO permissionDTO=new SYS_USERDTO();
......@@ -85,7 +87,6 @@ public class SYS_USERResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_USER" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_users/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_USERDTO> sys_userdtos) {
......@@ -152,7 +153,7 @@ public class SYS_USERResource {
SYS_USERDTO dto = sys_userMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SYS_USER" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_users/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_USERDTO> sys_userdtos) {
......@@ -183,12 +184,4 @@ public class SYS_USERResource {
}
/**
* 用户权限校验
* @return
*/
public SYS_USER getEntity(){
return new SYS_USER();
}
}
......@@ -50,7 +50,9 @@ public class SYS_USER_ROLEResource {
@Autowired
@Lazy
private SYS_USER_ROLEMapping sys_user_roleMapping;
public SYS_USER_ROLEMapping sys_user_roleMapping;
public SYS_USER_ROLEDTO permissionDTO=new SYS_USER_ROLEDTO();
......@@ -85,7 +87,6 @@ public class SYS_USER_ROLEResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER_ROLE-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_USER_ROLE" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_user_roles/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_USER_ROLEDTO> sys_user_roledtos) {
......@@ -124,7 +125,7 @@ public class SYS_USER_ROLEResource {
SYS_USER_ROLEDTO dto = sys_user_roleMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER_ROLE-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SYS_USER_ROLE" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_user_roles/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_USER_ROLEDTO> sys_user_roledtos) {
......@@ -431,12 +432,4 @@ public class SYS_USER_ROLEResource {
}
/**
* 用户权限校验
* @return
*/
public SYS_USER_ROLE getEntity(){
return new SYS_USER_ROLE();
}
}
......@@ -6,7 +6,9 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.mongodb.QueryBuilder;
import cn.ibizlab.util.annotation.DEField;
import cn.ibizlab.util.domain.DTOBase;
import cn.ibizlab.util.domain.EntityBase;
import cn.ibizlab.util.domain.MappingBase;
import cn.ibizlab.util.enums.DEPredefinedFieldType;
import cn.ibizlab.util.filter.QueryBuildContext;
import cn.ibizlab.util.filter.QueryWrapperContext;
......@@ -72,8 +74,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true;
List paramList = (ArrayList) params;
EntityBase entity = (EntityBase) paramList.get(0);
String deStorageMode= (String) paramList.get(1);
String deStorageMode= (String) paramList.get(0);
MappingBase mappingBase= (MappingBase) paramList.get(1);
DTOBase dtoBase = (DTOBase) paramList.get(2);
EntityBase entity = (EntityBase) mappingBase.toDomain(dtoBase);
if (StringUtils.isEmpty(entity))
return false;
......@@ -82,20 +86,19 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
JSONObject permissionList=userPermission.getJSONObject("entities");
String entityName = entity.getClass().getSimpleName();
//拥有全部数据访问权限时,则跳过权限检查
if(isAllData(permissionList,entityName,action)){
return true;
}
//检查是否有操作权限[create.update.delete.read]
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
if(action.equalsIgnoreCase("create")){
return validDEActionHasPermission(permissionList,entityName,action);
return createActionPermissionValid(permissionList,entity, action);
}
else{
//拥有全部数据访问权限时,则跳过权限检查
if(isAllData(permissionList,entityName,action)){
return true;
}
//检查是否有操作权限[create.update.delete.read]
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限
return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
return otherActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
}
}
......@@ -113,7 +116,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if(!permissionList.containsKey(entityName))
return false;
JSONObject entity=permissionList.getJSONObject(entityName);
if(entity.containsKey(action) && entity.getJSONArray(action).contains("ALL"))
if(!entity.containsKey(DEActionType))
return false;
JSONObject dataRange=entity.getJSONObject(DEActionType);//获取实体行为对应的数据范围
if(dataRange.containsKey(action) && dataRange.getJSONArray(action).contains("all"))
return true;
return false;
......@@ -144,6 +150,81 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return hasPermission;
}
/**
* 新建行为校验
* @param permissionList
* @param entity
* @param action
* @return
*/
private boolean createActionPermissionValid(JSONObject permissionList,EntityBase entity, String action){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String keyField=permissionField.get(keyFieldTag);
if(StringUtils.isEmpty(keyField)){
throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!");
}
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
JSONObject permissionType= entityObj.getJSONObject(DEActionType);
JSONArray dataRangeList=permissionType.getJSONArray(action);//行为:read;insert...
if(dataRangeList.size()==0)
return false;
boolean isCreate=true;
String orgField=permissionField.get("orgfield");
String orgDeptField=permissionField.get("orgsecfield");
String createManField=permissionField.get("createmanfield");
AuthenticationUser authenticationUser = AuthenticationUser.getAuthenticationUser();
Map<String, Set<String>> userInfo = authenticationUser.getOrgInfo();
Set<String> orgParent = userInfo.get("parentorg");
Set<String> orgChild = userInfo.get("suborg");
Set<String> orgDeptParent = userInfo.get("parentdept");
Set<String> orgDeptChild = userInfo.get("subdept");
Object orgFieldValue=entity.get(orgField);
Object orgDeptFieldValue=entity.get(orgDeptField);
Object crateManFieldValue=entity.get(createManField);
Set<String> userOrg = new HashSet<>();
Set<String> userOrgDept = new HashSet<>();
for(int a=0;a<dataRangeList.size();a++){
String permissionCond=dataRangeList.getString(a);//权限配置条件
if(permissionCond.equals("curorg")){ //本单位
userOrg.add(authenticationUser.getOrgid());
}
else if(permissionCond.equals("porg")){//上级单位
userOrg.addAll(orgParent);
}
else if(permissionCond.equals("sorg")){//下级单位
userOrg.addAll(orgChild);
}
else if(permissionCond.equals("curorgdept")){//本部门
userOrgDept.add(authenticationUser.getMdeptid());
}
else if(permissionCond.equals("porgdept")){//上级部门
userOrgDept.addAll(orgDeptParent);
}
else if(permissionCond.equals("sorgdept")){//下级部门
userOrgDept.addAll(orgDeptChild);
}
}
if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue)){
return false;
}
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue)){
return false;
}
if(!ObjectUtils.isEmpty(crateManFieldValue) && !crateManFieldValue.equals(authenticationUser.getUserid())){
return false;
}
return isCreate;
}
/**
* 根据实体存储模式,进行鉴权
......@@ -154,7 +235,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
* @param permissionList
* @return
*/
private boolean deActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
private boolean otherActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
if(deStorageMode.equalsIgnoreCase("sql")){
return sqlPermissionValid(entity , action , srfKey, permissionList);
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册