Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzuaa
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzuaa
提交
02bb2ad9
提交
02bb2ad9
编写于
5月 21, 2020
作者:
ibizdev
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
laizhilong 发布系统代码
上级
1f443b52
变更
20
显示空白字符变更
内嵌
并排
正在显示
20 个修改的文件
包含
219 行增加
和
157 行删除
+219
-157
sys-role_en_US.ts
app_web/src/locale/lanres/sys-role/sys-role_en_US.ts
+3
-2
sys-role_zh_CN.ts
app_web/src/locale/lanres/sys-role/sys-role_zh_CN.ts
+3
-2
state.ts
app_web/src/store/modules/view-action/state.ts
+2
-0
main-grid-base.vue
...b/src/widgets/sys-permission/main-grid/main-grid-base.vue
+4
-4
main-grid-base.vue
.../widgets/sys-role-permission/main-grid/main-grid-base.vue
+3
-3
main-form-base.vue
app_web/src/widgets/sys-role/main-form/main-form-base.vue
+59
-33
main-form-model.ts
app_web/src/widgets/sys-role/main-form/main-form-model.ts
+5
-5
main-grid-base.vue
app_web/src/widgets/sys-role/main-grid/main-grid-base.vue
+4
-4
main-grid-base.vue
...eb/src/widgets/sys-user-role/main-grid/main-grid-base.vue
+3
-3
main-grid-base.vue
app_web/src/widgets/sys-user/main-grid/main-grid-base.vue
+3
-3
pom.xml
ibzuaa-core/pom.xml
+1
-1
h2_table.xml
ibzuaa-core/src/main/resources/liquibase/h2_table.xml
+1
-1
SYS_PERMISSIONResource.java
...main/java/cn/ibizlab/api/rest/SYS_PERMISSIONResource.java
+4
-11
SYS_PSAPPMENUITEMResource.java
...n/java/cn/ibizlab/api/rest/SYS_PSAPPMENUITEMResource.java
+4
-11
SYS_PSDEOPPRIVResource.java
...main/java/cn/ibizlab/api/rest/SYS_PSDEOPPRIVResource.java
+4
-11
SYS_ROLEResource.java
...i/src/main/java/cn/ibizlab/api/rest/SYS_ROLEResource.java
+4
-11
SYS_ROLE_PERMISSIONResource.java
...java/cn/ibizlab/api/rest/SYS_ROLE_PERMISSIONResource.java
+8
-15
SYS_USERResource.java
...i/src/main/java/cn/ibizlab/api/rest/SYS_USERResource.java
+4
-11
SYS_USER_ROLEResource.java
.../main/java/cn/ibizlab/api/rest/SYS_USER_ROLEResource.java
+4
-11
AuthPermissionEvaluator.java
...ava/cn/ibizlab/util/security/AuthPermissionEvaluator.java
+96
-15
未找到文件。
app_web/src/locale/lanres/sys-role/sys-role_en_US.ts
浏览文件 @
02bb2ad9
...
...
@@ -44,7 +44,8 @@ export default {
tabpage1
:
"权限"
,
druipart2
:
"用户"
,
tabpage2
:
"用户"
,
tabpage3
:
"分页面板"
,
druipart3
:
"角色权限关系"
,
tabpage3
:
"角色权限关系"
,
tabpanel1
:
""
,
formpage1
:
"基本信息"
,
srfupdatedate
:
"更新时间"
,
...
...
@@ -55,9 +56,9 @@ export default {
srfuf
:
""
,
srfdeid
:
""
,
srfsourcekey
:
""
,
sys_roleid
:
"角色表标识"
,
sys_rolename
:
"角色表名称"
,
memo
:
"备注"
,
sys_roleid
:
"角色表标识"
,
},
uiactions
:
{
},
...
...
app_web/src/locale/lanres/sys-role/sys-role_zh_CN.ts
浏览文件 @
02bb2ad9
...
...
@@ -43,7 +43,8 @@ export default {
tabpage1
:
'权限'
,
druipart2
:
'用户'
,
tabpage2
:
'用户'
,
tabpage3
:
'分页面板'
,
druipart3
:
'角色权限关系'
,
tabpage3
:
'角色权限关系'
,
tabpanel1
:
''
,
formpage1
:
'基本信息'
,
srfupdatedate
:
'更新时间'
,
...
...
@@ -54,9 +55,9 @@ export default {
srfuf
:
''
,
srfdeid
:
''
,
srfsourcekey
:
''
,
sys_roleid
:
'角色表标识'
,
sys_rolename
:
'角色表名称'
,
memo
:
'备注'
,
sys_roleid
:
'角色表标识'
,
},
uiactions
:
{
},
...
...
app_web/src/store/modules/view-action/state.ts
浏览文件 @
02bb2ad9
...
...
@@ -104,6 +104,7 @@ export const viewstate: any = {
viewdatachange
:
false
,
refviews
:
[
'61a949e3c23ebdda724888662ded1478'
,
'b8a97c1797a1b91fbb37f8c2d14b1fb6'
,
'fb89f9af95f2caf92ccc1249025c9a1b'
,
],
},
...
...
@@ -156,6 +157,7 @@ export const viewstate: any = {
viewdatachange
:
false
,
refviews
:
[
'61a949e3c23ebdda724888662ded1478'
,
'b8a97c1797a1b91fbb37f8c2d14b1fb6'
,
'fb89f9af95f2caf92ccc1249025c9a1b'
,
],
},
...
...
app_web/src/widgets/sys-permission/main-grid/main-grid-base.vue
浏览文件 @
02bb2ad9
app_web/src/widgets/sys-role-permission/main-grid/main-grid-base.vue
浏览文件 @
02bb2ad9
app_web/src/widgets/sys-role/main-form/main-form-base.vue
浏览文件 @
02bb2ad9
...
...
@@ -3,27 +3,27 @@
<input
style=
"display:none;"
/>
<row
>
<i-col
v-show=
"detailsModel.group1.visible"
:style=
"
{}" :lg="{ span:
24
, offset: 0 }">
<i-col
v-show=
"detailsModel.group1.visible"
:style=
"
{}" :lg="{ span:
12
, offset: 0 }">
<app-form-group
layoutType=
"TABLE_24COL"
titleStyle=
""
class=
''
uiActionGroup=
"detailsModel.group1.uiActionGroup"
@
groupuiactionclick=
"groupUIActionClick($event)"
:caption=
"$t('entities.sys_role.main_form.details.group1')"
:isShowCaption=
"true"
uiStyle=
"DEFAULT"
:titleBarCloseMode=
"0"
:isInfoGroupMode=
"false"
>
<row>
<i-col
v-show=
"detailsModel.sys_rolename.visible"
:style=
"
{}" :lg="{ span: 24, offset: 0 }">
<i-col
v-show=
"detailsModel.sys_roleid.visible"
:style=
"
{}" :lg="{ span: 12, offset: 0 }">
<app-form-item
name=
'sys_roleid'
:itemRules=
"this.rules.sys_roleid"
class=
''
:caption=
"$t('entities.sys_role.main_form.details.sys_roleid')"
uiStyle=
"DEFAULT"
:labelWidth=
"130"
:isShowCaption=
"true"
:error=
"detailsModel.sys_roleid.error"
:isEmptyCaption=
"false"
labelPos=
"LEFT"
>
<app-span
name=
'sys_roleid'
:value=
"data.sys_roleid"
style=
""
></app-span>
</app-form-item>
</i-col>
<i-col
v-show=
"detailsModel.sys_rolename.visible"
:style=
"
{}" :lg="{ span: 12, offset: 0 }">
<app-form-item
name=
'sys_rolename'
:itemRules=
"this.rules.sys_rolename"
class=
''
:caption=
"$t('entities.sys_role.main_form.details.sys_rolename')"
uiStyle=
"DEFAULT"
:labelWidth=
"130"
:isShowCaption=
"true"
:error=
"detailsModel.sys_rolename.error"
:isEmptyCaption=
"false"
labelPos=
"LEFT"
>
<input-box
v-model=
"data.sys_rolename"
@
enter=
"onEnter($event)"
unit=
""
:disabled=
"detailsModel.sys_rolename.disabled"
type=
'text'
style=
""
></input-box>
</app-form-item>
</i-col>
<i-col
v-show=
"detailsModel.memo.visible"
:style=
"
{}" :lg="{ span:
24
, offset: 0 }">
<i-col
v-show=
"detailsModel.memo.visible"
:style=
"
{}" :lg="{ span:
12
, offset: 0 }">
<app-form-item
name=
'memo'
:itemRules=
"this.rules.memo"
class=
''
:caption=
"$t('entities.sys_role.main_form.details.memo')"
uiStyle=
"DEFAULT"
:labelWidth=
"130"
:isShowCaption=
"true"
:error=
"detailsModel.memo.error"
:isEmptyCaption=
"false"
labelPos=
"LEFT"
>
<input-box
v-model=
"data.memo"
@
enter=
"onEnter($event)"
unit=
""
:disabled=
"detailsModel.memo.disabled"
type=
'text'
style=
""
></input-box>
</app-form-item>
</i-col>
<i-col
v-show=
"detailsModel.sys_roleid.visible"
:style=
"
{}" :lg="{ span: 24, offset: 0 }">
<app-form-item
name=
'sys_roleid'
:itemRules=
"this.rules.sys_roleid"
class=
''
:caption=
"$t('entities.sys_role.main_form.details.sys_roleid')"
uiStyle=
"DEFAULT"
:labelWidth=
"130"
:isShowCaption=
"true"
:error=
"detailsModel.sys_roleid.error"
:isEmptyCaption=
"false"
labelPos=
"LEFT"
>
<app-span
name=
'sys_roleid'
:value=
"data.sys_roleid"
style=
""
></app-span>
</app-form-item>
</i-col>
</row>
...
...
@@ -114,6 +114,29 @@
])
}">
<i-col
v-show=
"detailsModel.druipart3.visible"
:style=
"
{}" :lg="{ span: 24, offset: 0 }">
<app-form-druipart
:formState=
"formState"
:isForbidLoad=
"this.data.srfuf === '0'"
paramItem=
'sys_role'
:parentdata=
'
{"srfparentdename":"SYS_ROLE","SRFPARENTTYPE":"CUSTOM"}'
:parameters="[
]"
:context="context"
:viewparams="viewparams"
parameterName='sys_role'
parentName="SYS_ROLE"
refviewtype='DEMPICKUPVIEW'
refreshitems=''
:ignorefieldvaluechange="ignorefieldvaluechange"
viewname='sys-permissionmpickup-view'
:data="JSON.stringify(this.data)"
@drdatasaved="drdatasaved($event)"
style=";overflow: auto;">
</app-form-druipart>
</i-col>
</tab-pane>
...
...
@@ -419,9 +442,9 @@ export default class MainBase extends Vue implements ControlInterface {
srfuf
:
null
,
srfdeid
:
null
,
srfsourcekey
:
null
,
sys_roleid
:
null
,
sys_rolename
:
null
,
memo
:
null
,
sys_roleid
:
null
,
sys_role
:
null
,
};
...
...
@@ -512,6 +535,12 @@ export default class MainBase extends Vue implements ControlInterface {
{
required
:
false
,
type
:
'string'
,
message
:
' 值不能为空'
,
trigger
:
'change'
},
{
required
:
false
,
type
:
'string'
,
message
:
' 值不能为空'
,
trigger
:
'blur'
},
],
sys_roleid
:
[
{
type
:
'string'
,
message
:
'角色表标识 值必须为字符串类型'
,
trigger
:
'change'
},
{
type
:
'string'
,
message
:
'角色表标识 值必须为字符串类型'
,
trigger
:
'blur'
},
{
required
:
false
,
type
:
'string'
,
message
:
'角色表标识 值不能为空'
,
trigger
:
'change'
},
{
required
:
false
,
type
:
'string'
,
message
:
'角色表标识 值不能为空'
,
trigger
:
'blur'
},
],
sys_rolename
:
[
{
type
:
'string'
,
message
:
'角色表名称 值必须为字符串类型'
,
trigger
:
'change'
},
{
type
:
'string'
,
message
:
'角色表名称 值必须为字符串类型'
,
trigger
:
'blur'
},
...
...
@@ -524,12 +553,6 @@ export default class MainBase extends Vue implements ControlInterface {
{
required
:
false
,
type
:
'string'
,
message
:
'备注 值不能为空'
,
trigger
:
'change'
},
{
required
:
false
,
type
:
'string'
,
message
:
'备注 值不能为空'
,
trigger
:
'blur'
},
],
sys_roleid
:
[
{
type
:
'string'
,
message
:
'角色表标识 值必须为字符串类型'
,
trigger
:
'change'
},
{
type
:
'string'
,
message
:
'角色表标识 值必须为字符串类型'
,
trigger
:
'blur'
},
{
required
:
false
,
type
:
'string'
,
message
:
'角色表标识 值不能为空'
,
trigger
:
'change'
},
{
required
:
false
,
type
:
'string'
,
message
:
'角色表标识 值不能为空'
,
trigger
:
'blur'
},
],
}
/**
...
...
@@ -549,7 +572,9 @@ export default class MainBase extends Vue implements ControlInterface {
,
tabpage2
:
new
FormTabPageModel
({
caption
:
'用户'
,
detailType
:
'TABPAGE'
,
name
:
'tabpage2'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
})
,
tabpage3
:
new
FormTabPageModel
({
caption
:
'分页面板'
,
detailType
:
'TABPAGE'
,
name
:
'tabpage3'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
})
druipart3
:
new
FormDRUIPartModel
({
caption
:
'角色权限关系'
,
detailType
:
'DRUIPART'
,
name
:
'druipart3'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
})
,
tabpage3
:
new
FormTabPageModel
({
caption
:
'角色权限关系'
,
detailType
:
'TABPAGE'
,
name
:
'tabpage3'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
})
,
tabpanel1
:
new
FormTabPanelModel
({
caption
:
''
,
detailType
:
'TABPANEL'
,
name
:
'tabpanel1'
,
visible
:
true
,
isShowCaption
:
false
,
form
:
this
,
tabPages
:
[{
name
:
'tabpage1'
,
index
:
0
,
visible
:
true
},
{
name
:
'tabpage2'
,
index
:
1
,
visible
:
true
},
{
name
:
'tabpage3'
,
index
:
2
,
visible
:
true
}]
})
,
...
...
@@ -570,12 +595,12 @@ export default class MainBase extends Vue implements ControlInterface {
srfdeid
:
new
FormItemModel
({
caption
:
''
,
detailType
:
'FORMITEM'
,
name
:
'srfdeid'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
,
disabled
:
false
,
enableCond
:
3
})
,
srfsourcekey
:
new
FormItemModel
({
caption
:
''
,
detailType
:
'FORMITEM'
,
name
:
'srfsourcekey'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
,
disabled
:
false
,
enableCond
:
3
})
,
sys_roleid
:
new
FormItemModel
({
caption
:
'角色表标识'
,
detailType
:
'FORMITEM'
,
name
:
'sys_roleid'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
,
disabled
:
false
,
enableCond
:
3
})
,
sys_rolename
:
new
FormItemModel
({
caption
:
'角色表名称'
,
detailType
:
'FORMITEM'
,
name
:
'sys_rolename'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
,
disabled
:
false
,
enableCond
:
3
})
,
memo
:
new
FormItemModel
({
caption
:
'备注'
,
detailType
:
'FORMITEM'
,
name
:
'memo'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
,
disabled
:
false
,
enableCond
:
3
})
,
sys_roleid
:
new
FormItemModel
({
caption
:
'角色表标识'
,
detailType
:
'FORMITEM'
,
name
:
'sys_roleid'
,
visible
:
true
,
isShowCaption
:
true
,
form
:
this
,
disabled
:
false
,
enableCond
:
3
})
,
};
...
...
@@ -676,39 +701,39 @@ export default class MainBase extends Vue implements ControlInterface {
}
/**
* 监控表单属性 sys_role
name
值
* 监控表单属性 sys_role
id
值
*
* @param {*} newVal
* @param {*} oldVal
* @memberof Main
*/
@
Watch
(
'data.sys_role
name
'
)
onSys_role
name
Change
(
newVal
:
any
,
oldVal
:
any
)
{
this
.
formDataChange
({
name
:
'sys_role
name
'
,
newVal
:
newVal
,
oldVal
:
oldVal
});
@
Watch
(
'data.sys_role
id
'
)
onSys_role
id
Change
(
newVal
:
any
,
oldVal
:
any
)
{
this
.
formDataChange
({
name
:
'sys_role
id
'
,
newVal
:
newVal
,
oldVal
:
oldVal
});
}
/**
* 监控表单属性
memo
值
* 监控表单属性
sys_rolename
值
*
* @param {*} newVal
* @param {*} oldVal
* @memberof Main
*/
@
Watch
(
'data.
memo
'
)
on
Memo
Change
(
newVal
:
any
,
oldVal
:
any
)
{
this
.
formDataChange
({
name
:
'
memo
'
,
newVal
:
newVal
,
oldVal
:
oldVal
});
@
Watch
(
'data.
sys_rolename
'
)
on
Sys_rolename
Change
(
newVal
:
any
,
oldVal
:
any
)
{
this
.
formDataChange
({
name
:
'
sys_rolename
'
,
newVal
:
newVal
,
oldVal
:
oldVal
});
}
/**
* 监控表单属性
sys_roleid
值
* 监控表单属性
memo
值
*
* @param {*} newVal
* @param {*} oldVal
* @memberof Main
*/
@
Watch
(
'data.
sys_roleid
'
)
on
Sys_roleid
Change
(
newVal
:
any
,
oldVal
:
any
)
{
this
.
formDataChange
({
name
:
'
sys_roleid
'
,
newVal
:
newVal
,
oldVal
:
oldVal
});
@
Watch
(
'data.
memo
'
)
on
Memo
Change
(
newVal
:
any
,
oldVal
:
any
)
{
this
.
formDataChange
({
name
:
'
memo
'
,
newVal
:
newVal
,
oldVal
:
oldVal
});
}
...
...
@@ -765,6 +790,7 @@ export default class MainBase extends Vue implements ControlInterface {
}
...
...
@@ -1289,7 +1315,7 @@ export default class MainBase extends Vue implements ControlInterface {
Object
.
assign
(
arg
,
data
);
Object
.
assign
(
arg
,
this
.
context
);
if
(
ifStateNext
)
{
this
.
drcounter
=
2
;
this
.
drcounter
=
3
;
if
(
this
.
drcounter
!==
0
){
this
.
drsaveopt
=
opt
;
this
.
formState
.
next
({
type
:
'beforesave'
,
data
:
arg
});
//先通知关系界面保存
...
...
app_web/src/widgets/sys-role/main-form/main-form-model.ts
浏览文件 @
02bb2ad9
...
...
@@ -55,6 +55,11 @@ export default class MainModel {
{
name
:
'srfsourcekey'
,
},
{
name
:
'sys_roleid'
,
prop
:
'roleid'
,
dataType
:
'GUID'
,
},
{
name
:
'sys_rolename'
,
prop
:
'rolename'
,
...
...
@@ -65,11 +70,6 @@ export default class MainModel {
prop
:
'memo'
,
dataType
:
'TEXT'
,
},
{
name
:
'sys_roleid'
,
prop
:
'roleid'
,
dataType
:
'GUID'
,
},
{
name
:
'sys_role'
,
prop
:
'roleid'
,
...
...
app_web/src/widgets/sys-role/main-grid/main-grid-base.vue
浏览文件 @
02bb2ad9
app_web/src/widgets/sys-user-role/main-grid/main-grid-base.vue
浏览文件 @
02bb2ad9
app_web/src/widgets/sys-user/main-grid/main-grid-base.vue
浏览文件 @
02bb2ad9
ibzuaa-core/pom.xml
浏览文件 @
02bb2ad9
...
...
@@ -150,7 +150,7 @@
<verbose>
true
</verbose>
<logging>
debug
</logging>
<contexts>
!test
</contexts>
<diffExcludeObjects>
Index:.*,table:
IBZFILE,IBZUSER,IBZDATAAUDIT
</diffExcludeObjects>
<diffExcludeObjects>
Index:.*,table:
ibzfile,ibzuser,ibzdataaudit
</diffExcludeObjects>
</configuration>
<phase>
process-resources
</phase>
<goals>
...
...
ibzuaa-core/src/main/resources/liquibase/h2_table.xml
浏览文件 @
02bb2ad9
...
...
@@ -136,7 +136,7 @@
</createTable>
</changeSet>
<!--输出实体[SYS_ROLE]数据结构 -->
<changeSet
author=
"a_A_5d9d78509"
id=
"tab-sys_role-6
3
-7"
>
<changeSet
author=
"a_A_5d9d78509"
id=
"tab-sys_role-6
8
-7"
>
<createTable
tableName=
"IBZROLE"
>
<column
name=
"SYS_ROLEID"
remarks=
""
type=
"VARCHAR(100)"
>
<constraints
primaryKey=
"true"
primaryKeyName=
"PK_SYS_ROLE_SYS_ROLEID"
/>
...
...
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_PERMISSIONResource.java
浏览文件 @
02bb2ad9
...
...
@@ -50,7 +50,9 @@ public class SYS_PERMISSIONResource {
@Autowired
@Lazy
private
SYS_PERMISSIONMapping
sys_permissionMapping
;
public
SYS_PERMISSIONMapping
sys_permissionMapping
;
public
SYS_PERMISSIONDTO
permissionDTO
=
new
SYS_PERMISSIONDTO
();
...
...
@@ -110,7 +112,6 @@ public class SYS_PERMISSIONResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PERMISSION-Update-all')"
)
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SYS_PERMISSION"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_permissions/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SYS_PERMISSIONDTO
>
sys_permissiondtos
)
{
...
...
@@ -131,7 +132,7 @@ public class SYS_PERMISSIONResource {
SYS_PERMISSIONDTO
dto
=
sys_permissionMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PERMISSION-Create-all')"
)
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SYS_PERMISSION"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_permissions/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SYS_PERMISSIONDTO
>
sys_permissiondtos
)
{
...
...
@@ -183,12 +184,4 @@ public class SYS_PERMISSIONResource {
}
/**
* 用户权限校验
* @return
*/
public
SYS_PERMISSION
getEntity
(){
return
new
SYS_PERMISSION
();
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_PSAPPMENUITEMResource.java
浏览文件 @
02bb2ad9
...
...
@@ -50,7 +50,9 @@ public class SYS_PSAPPMENUITEMResource {
@Autowired
@Lazy
private
SYS_PSAPPMENUITEMMapping
sys_psappmenuitemMapping
;
public
SYS_PSAPPMENUITEMMapping
sys_psappmenuitemMapping
;
public
SYS_PSAPPMENUITEMDTO
permissionDTO
=
new
SYS_PSAPPMENUITEMDTO
();
...
...
@@ -81,7 +83,7 @@ public class SYS_PSAPPMENUITEMResource {
SYS_PSAPPMENUITEMDTO
dto
=
sys_psappmenuitemMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSAPPMENUITEM-Create-all')"
)
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SYS_PSAPPMENUITEM"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_psappmenuitems/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SYS_PSAPPMENUITEMDTO
>
sys_psappmenuitemdtos
)
{
...
...
@@ -104,7 +106,6 @@ public class SYS_PSAPPMENUITEMResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSAPPMENUITEM-Update-all')"
)
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SYS_PSAPPMENUITEM"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_psappmenuitems/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SYS_PSAPPMENUITEMDTO
>
sys_psappmenuitemdtos
)
{
...
...
@@ -183,12 +184,4 @@ public class SYS_PSAPPMENUITEMResource {
}
/**
* 用户权限校验
* @return
*/
public
SYS_PSAPPMENUITEM
getEntity
(){
return
new
SYS_PSAPPMENUITEM
();
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_PSDEOPPRIVResource.java
浏览文件 @
02bb2ad9
...
...
@@ -50,7 +50,9 @@ public class SYS_PSDEOPPRIVResource {
@Autowired
@Lazy
private
SYS_PSDEOPPRIVMapping
sys_psdeopprivMapping
;
public
SYS_PSDEOPPRIVMapping
sys_psdeopprivMapping
;
public
SYS_PSDEOPPRIVDTO
permissionDTO
=
new
SYS_PSDEOPPRIVDTO
();
...
...
@@ -101,7 +103,7 @@ public class SYS_PSDEOPPRIVResource {
SYS_PSDEOPPRIVDTO
dto
=
sys_psdeopprivMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSDEOPPRIV-Create-all')"
)
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SYS_PSDEOPPRIV"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_psdeopprivs/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SYS_PSDEOPPRIVDTO
>
sys_psdeopprivdtos
)
{
...
...
@@ -136,7 +138,6 @@ public class SYS_PSDEOPPRIVResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSDEOPPRIV-Update-all')"
)
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SYS_PSDEOPPRIV"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_psdeopprivs/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SYS_PSDEOPPRIVDTO
>
sys_psdeopprivdtos
)
{
...
...
@@ -183,12 +184,4 @@ public class SYS_PSDEOPPRIVResource {
}
/**
* 用户权限校验
* @return
*/
public
SYS_PSDEOPPRIV
getEntity
(){
return
new
SYS_PSDEOPPRIV
();
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_ROLEResource.java
浏览文件 @
02bb2ad9
...
...
@@ -50,7 +50,9 @@ public class SYS_ROLEResource {
@Autowired
@Lazy
private
SYS_ROLEMapping
sys_roleMapping
;
public
SYS_ROLEMapping
sys_roleMapping
;
public
SYS_ROLEDTO
permissionDTO
=
new
SYS_ROLEDTO
();
...
...
@@ -83,7 +85,6 @@ public class SYS_ROLEResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE-Update-all')"
)
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SYS_ROLE"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_roles/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SYS_ROLEDTO
>
sys_roledtos
)
{
...
...
@@ -104,7 +105,7 @@ public class SYS_ROLEResource {
SYS_ROLEDTO
dto
=
sys_roleMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE-Create-all')"
)
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SYS_ROLE"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_roles/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SYS_ROLEDTO
>
sys_roledtos
)
{
...
...
@@ -183,12 +184,4 @@ public class SYS_ROLEResource {
}
/**
* 用户权限校验
* @return
*/
public
SYS_ROLE
getEntity
(){
return
new
SYS_ROLE
();
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_ROLE_PERMISSIONResource.java
浏览文件 @
02bb2ad9
...
...
@@ -50,12 +50,14 @@ public class SYS_ROLE_PERMISSIONResource {
@Autowired
@Lazy
p
rivate
SYS_ROLE_PERMISSIONMapping
sys_role_permissionMapping
;
p
ublic
SYS_ROLE_PERMISSIONMapping
sys_role_permissionMapping
;
public
SYS_ROLE_PERMISSIONDTO
permissionDTO
=
new
SYS_ROLE_PERMISSIONDTO
();
@PreAuthorize
(
"hasPermission(#sys_role_permission_id,'Get',{this.getEntity(),'Sql'})"
)
@PreAuthorize
(
"hasPermission(#sys_role_permission_id,'Get',{'Sql',this.sys_role_permissionMapping,this.permissionDTO})"
)
@ApiOperation
(
value
=
"Get"
,
tags
=
{
"SYS_ROLE_PERMISSION"
},
notes
=
"Get"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sys_role_permissions/{sys_role_permission_id}"
)
public
ResponseEntity
<
SYS_ROLE_PERMISSIONDTO
>
get
(
@PathVariable
(
"sys_role_permission_id"
)
String
sys_role_permission_id
)
{
...
...
@@ -67,7 +69,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize
(
"hasPermission(#sys_role_permission_id,'Remove',{
this.getEntity(),'Sql'
})"
)
@PreAuthorize
(
"hasPermission(#sys_role_permission_id,'Remove',{
'Sql',this.sys_role_permissionMapping,this.permissionDTO
})"
)
@ApiOperation
(
value
=
"Remove"
,
tags
=
{
"SYS_ROLE_PERMISSION"
},
notes
=
"Remove"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sys_role_permissions/{sys_role_permission_id}"
)
@Transactional
...
...
@@ -94,7 +96,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize
(
"hasPermission('','Create',{
this.getEntity(),'Sql'
})"
)
@PreAuthorize
(
"hasPermission('','Create',{
'Sql',this.sys_role_permissionMapping,#sys_role_permissiondto
})"
)
@ApiOperation
(
value
=
"Create"
,
tags
=
{
"SYS_ROLE_PERMISSION"
},
notes
=
"Create"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_role_permissions"
)
@Transactional
...
...
@@ -104,7 +106,7 @@ public class SYS_ROLE_PERMISSIONResource {
SYS_ROLE_PERMISSIONDTO
dto
=
sys_role_permissionMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('','Create',{this.getEntity(),'Sql'})"
)
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SYS_ROLE_PERMISSION"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_role_permissions/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SYS_ROLE_PERMISSIONDTO
>
sys_role_permissiondtos
)
{
...
...
@@ -140,7 +142,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize
(
"hasPermission(#sys_role_permission_id,'Update',{
this.getEntity(),'Sql'
})"
)
@PreAuthorize
(
"hasPermission(#sys_role_permission_id,'Update',{
'Sql',this.sys_role_permissionMapping,#sys_role_permissiondto
})"
)
@ApiOperation
(
value
=
"Update"
,
tags
=
{
"SYS_ROLE_PERMISSION"
},
notes
=
"Update"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_role_permissions/{sys_role_permission_id}"
)
@Transactional
...
...
@@ -152,7 +154,6 @@ public class SYS_ROLE_PERMISSIONResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission(#sys_role_permission_id,'Update',{this.getEntity(),'Sql'})"
)
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SYS_ROLE_PERMISSION"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_role_permissions/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SYS_ROLE_PERMISSIONDTO
>
sys_role_permissiondtos
)
{
...
...
@@ -497,12 +498,4 @@ public class SYS_ROLE_PERMISSIONResource {
}
/**
* 用户权限校验
* @return
*/
public
SYS_ROLE_PERMISSION
getEntity
(){
return
new
SYS_ROLE_PERMISSION
();
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_USERResource.java
浏览文件 @
02bb2ad9
...
...
@@ -50,7 +50,9 @@ public class SYS_USERResource {
@Autowired
@Lazy
private
SYS_USERMapping
sys_userMapping
;
public
SYS_USERMapping
sys_userMapping
;
public
SYS_USERDTO
permissionDTO
=
new
SYS_USERDTO
();
...
...
@@ -85,7 +87,6 @@ public class SYS_USERResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER-Update-all')"
)
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SYS_USER"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_users/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SYS_USERDTO
>
sys_userdtos
)
{
...
...
@@ -152,7 +153,7 @@ public class SYS_USERResource {
SYS_USERDTO
dto
=
sys_userMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER-Create-all')"
)
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SYS_USER"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_users/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SYS_USERDTO
>
sys_userdtos
)
{
...
...
@@ -183,12 +184,4 @@ public class SYS_USERResource {
}
/**
* 用户权限校验
* @return
*/
public
SYS_USER
getEntity
(){
return
new
SYS_USER
();
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_USER_ROLEResource.java
浏览文件 @
02bb2ad9
...
...
@@ -50,7 +50,9 @@ public class SYS_USER_ROLEResource {
@Autowired
@Lazy
private
SYS_USER_ROLEMapping
sys_user_roleMapping
;
public
SYS_USER_ROLEMapping
sys_user_roleMapping
;
public
SYS_USER_ROLEDTO
permissionDTO
=
new
SYS_USER_ROLEDTO
();
...
...
@@ -85,7 +87,6 @@ public class SYS_USER_ROLEResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER_ROLE-Update-all')"
)
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SYS_USER_ROLE"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sys_user_roles/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SYS_USER_ROLEDTO
>
sys_user_roledtos
)
{
...
...
@@ -124,7 +125,7 @@ public class SYS_USER_ROLEResource {
SYS_USER_ROLEDTO
dto
=
sys_user_roleMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER_ROLE-Create-all')"
)
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SYS_USER_ROLE"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sys_user_roles/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SYS_USER_ROLEDTO
>
sys_user_roledtos
)
{
...
...
@@ -431,12 +432,4 @@ public class SYS_USER_ROLEResource {
}
/**
* 用户权限校验
* @return
*/
public
SYS_USER_ROLE
getEntity
(){
return
new
SYS_USER_ROLE
();
}
}
ibzuaa-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
浏览文件 @
02bb2ad9
...
...
@@ -6,7 +6,9 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import
com.baomidou.mybatisplus.extension.service.impl.ServiceImpl
;
import
com.mongodb.QueryBuilder
;
import
cn.ibizlab.util.annotation.DEField
;
import
cn.ibizlab.util.domain.DTOBase
;
import
cn.ibizlab.util.domain.EntityBase
;
import
cn.ibizlab.util.domain.MappingBase
;
import
cn.ibizlab.util.enums.DEPredefinedFieldType
;
import
cn.ibizlab.util.filter.QueryBuildContext
;
import
cn.ibizlab.util.filter.QueryWrapperContext
;
...
...
@@ -72,8 +74,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return
true
;
List
paramList
=
(
ArrayList
)
params
;
EntityBase
entity
=
(
EntityBase
)
paramList
.
get
(
0
);
String
deStorageMode
=
(
String
)
paramList
.
get
(
1
);
String
deStorageMode
=
(
String
)
paramList
.
get
(
0
);
MappingBase
mappingBase
=
(
MappingBase
)
paramList
.
get
(
1
);
DTOBase
dtoBase
=
(
DTOBase
)
paramList
.
get
(
2
);
EntityBase
entity
=
(
EntityBase
)
mappingBase
.
toDomain
(
dtoBase
);
if
(
StringUtils
.
isEmpty
(
entity
))
return
false
;
...
...
@@ -82,10 +86,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
JSONObject
permissionList
=
userPermission
.
getJSONObject
(
"entities"
);
String
entityName
=
entity
.
getClass
().
getSimpleName
();
if
(
action
.
equalsIgnoreCase
(
"create"
)){
return
validDEActionHasPermission
(
permissionList
,
entityName
,
action
);
}
else
{
//拥有全部数据访问权限时,则跳过权限检查
if
(
isAllData
(
permissionList
,
entityName
,
action
)){
return
true
;
...
...
@@ -94,8 +94,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if
(!
validDEActionHasPermission
(
permissionList
,
entityName
,
action
)){
return
false
;
}
//检查是否有数据权限
return
deActionPermissionValidRouter
(
deStorageMode
,
entity
,
action
,
srfKey
,
permissionList
);
if
(
action
.
equalsIgnoreCase
(
"create"
)){
return
createActionPermissionValid
(
permissionList
,
entity
,
action
);
}
else
{
return
otherActionPermissionValidRouter
(
deStorageMode
,
entity
,
action
,
srfKey
,
permissionList
);
}
}
...
...
@@ -113,7 +116,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if
(!
permissionList
.
containsKey
(
entityName
))
return
false
;
JSONObject
entity
=
permissionList
.
getJSONObject
(
entityName
);
if
(
entity
.
containsKey
(
action
)
&&
entity
.
getJSONArray
(
action
).
contains
(
"ALL"
))
if
(!
entity
.
containsKey
(
DEActionType
))
return
false
;
JSONObject
dataRange
=
entity
.
getJSONObject
(
DEActionType
);
//获取实体行为对应的数据范围
if
(
dataRange
.
containsKey
(
action
)
&&
dataRange
.
getJSONArray
(
action
).
contains
(
"all"
))
return
true
;
return
false
;
...
...
@@ -144,6 +150,81 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return
hasPermission
;
}
/**
* 新建行为校验
* @param permissionList
* @param entity
* @param action
* @return
*/
private
boolean
createActionPermissionValid
(
JSONObject
permissionList
,
EntityBase
entity
,
String
action
){
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
String
keyField
=
permissionField
.
get
(
keyFieldTag
);
if
(
StringUtils
.
isEmpty
(
keyField
)){
throw
new
RuntimeException
(
"权限校验失败,请检查当前实体中是否已经配置主键属性!"
);
}
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject
entityObj
=
permissionList
.
getJSONObject
(
entity
.
getClass
().
getSimpleName
());
//获取实体
JSONObject
permissionType
=
entityObj
.
getJSONObject
(
DEActionType
);
JSONArray
dataRangeList
=
permissionType
.
getJSONArray
(
action
);
//行为:read;insert...
if
(
dataRangeList
.
size
()==
0
)
return
false
;
boolean
isCreate
=
true
;
String
orgField
=
permissionField
.
get
(
"orgfield"
);
String
orgDeptField
=
permissionField
.
get
(
"orgsecfield"
);
String
createManField
=
permissionField
.
get
(
"createmanfield"
);
AuthenticationUser
authenticationUser
=
AuthenticationUser
.
getAuthenticationUser
();
Map
<
String
,
Set
<
String
>>
userInfo
=
authenticationUser
.
getOrgInfo
();
Set
<
String
>
orgParent
=
userInfo
.
get
(
"parentorg"
);
Set
<
String
>
orgChild
=
userInfo
.
get
(
"suborg"
);
Set
<
String
>
orgDeptParent
=
userInfo
.
get
(
"parentdept"
);
Set
<
String
>
orgDeptChild
=
userInfo
.
get
(
"subdept"
);
Object
orgFieldValue
=
entity
.
get
(
orgField
);
Object
orgDeptFieldValue
=
entity
.
get
(
orgDeptField
);
Object
crateManFieldValue
=
entity
.
get
(
createManField
);
Set
<
String
>
userOrg
=
new
HashSet
<>();
Set
<
String
>
userOrgDept
=
new
HashSet
<>();
for
(
int
a
=
0
;
a
<
dataRangeList
.
size
();
a
++){
String
permissionCond
=
dataRangeList
.
getString
(
a
);
//权限配置条件
if
(
permissionCond
.
equals
(
"curorg"
)){
//本单位
userOrg
.
add
(
authenticationUser
.
getOrgid
());
}
else
if
(
permissionCond
.
equals
(
"porg"
)){
//上级单位
userOrg
.
addAll
(
orgParent
);
}
else
if
(
permissionCond
.
equals
(
"sorg"
)){
//下级单位
userOrg
.
addAll
(
orgChild
);
}
else
if
(
permissionCond
.
equals
(
"curorgdept"
)){
//本部门
userOrgDept
.
add
(
authenticationUser
.
getMdeptid
());
}
else
if
(
permissionCond
.
equals
(
"porgdept"
)){
//上级部门
userOrgDept
.
addAll
(
orgDeptParent
);
}
else
if
(
permissionCond
.
equals
(
"sorgdept"
)){
//下级部门
userOrgDept
.
addAll
(
orgDeptChild
);
}
}
if
(!
ObjectUtils
.
isEmpty
(
orgFieldValue
)
&&
!
userOrg
.
contains
(
orgFieldValue
)){
return
false
;
}
if
(!
ObjectUtils
.
isEmpty
(
orgDeptFieldValue
)
&&
!
userOrgDept
.
contains
(
orgDeptFieldValue
)){
return
false
;
}
if
(!
ObjectUtils
.
isEmpty
(
crateManFieldValue
)
&&
!
crateManFieldValue
.
equals
(
authenticationUser
.
getUserid
())){
return
false
;
}
return
isCreate
;
}
/**
* 根据实体存储模式,进行鉴权
...
...
@@ -154,7 +235,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
* @param permissionList
* @return
*/
private
boolean
de
ActionPermissionValidRouter
(
String
deStorageMode
,
EntityBase
entity
,
String
action
,
Object
srfKey
,
JSONObject
permissionList
){
private
boolean
other
ActionPermissionValidRouter
(
String
deStorageMode
,
EntityBase
entity
,
String
action
,
Object
srfKey
,
JSONObject
permissionList
){
if
(
deStorageMode
.
equalsIgnoreCase
(
"sql"
)){
return
sqlPermissionValid
(
entity
,
action
,
srfKey
,
permissionList
);
...
...
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录