laizhilong 发布系统代码

app_web/src/locale/lanres/sys-role/sys-role_en_US.ts

@@ -44,7 +44,8 @@ export default {
 			tabpage1: "权限", 
 			druipart2: "用户", 
 			tabpage2: "用户", 
-			tabpage3: "分页面板", 
+			druipart3: "角色权限关系", 
+			tabpage3: "角色权限关系", 
 			tabpanel1: "", 
 			formpage1: "基本信息", 
 			srfupdatedate: "更新时间", 
@@ -55,9 +56,9 @@ export default {
 			srfuf: "", 
 			srfdeid: "", 
 			srfsourcekey: "", 
+			sys_roleid: "角色表标识", 
 			sys_rolename: "角色表名称", 
 			memo: "备注", 
-			sys_roleid: "角色表标识", 
 		},
 		uiactions: {
 		},

app_web/src/locale/lanres/sys-role/sys-role_zh_CN.ts

@@ -43,7 +43,8 @@ export default {
 			tabpage1: '权限', 
 			druipart2: '用户', 
 			tabpage2: '用户', 
-			tabpage3: '分页面板', 
+			druipart3: '角色权限关系', 
+			tabpage3: '角色权限关系', 
 			tabpanel1: '', 
 			formpage1: '基本信息', 
 			srfupdatedate: '更新时间', 
@@ -54,9 +55,9 @@ export default {
 			srfuf: '', 
 			srfdeid: '', 
 			srfsourcekey: '', 
+			sys_roleid: '角色表标识', 
 			sys_rolename: '角色表名称', 
 			memo: '备注', 
-			sys_roleid: '角色表标识', 
 		},
 		uiactions: {
 		},

app_web/src/store/modules/view-action/state.ts

@@ -104,6 +104,7 @@ export const viewstate: any = {
             viewdatachange: false,
             refviews: [
                 '61a949e3c23ebdda724888662ded1478',
+                'b8a97c1797a1b91fbb37f8c2d14b1fb6',
                 'fb89f9af95f2caf92ccc1249025c9a1b',
             ],
         },
@@ -156,6 +157,7 @@ export const viewstate: any = {
             viewdatachange: false,
             refviews: [
                 '61a949e3c23ebdda724888662ded1478',
+                'b8a97c1797a1b91fbb37f8c2d14b1fb6',
                 'fb89f9af95f2caf92ccc1249025c9a1b',
             ],
         },

app_web/src/widgets/sys-permission/main-grid/main-grid-base.vue

@@ -22,21 +22,21 @@
                 <el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
             </template>
             <template v-if="getColumnState('sys_permissionid')">
-                <el-table-column show-overflow-tooltip :prop="'sys_permissionid'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionid')" :width="150" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_permissionid'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionid')" :width="150"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.sys_permissionid}}</span>
                     </template>
                 </el-table-column>
             </template>
             <template v-if="getColumnState('sys_permissionname')">
-                <el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionname')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_permission.main_grid.columns.sys_permissionname')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.sys_permissionname}}</span>
                     </template>
                 </el-table-column>
             </template>
             <template v-if="getColumnState('pssourcetype')">
-                <el-table-column show-overflow-tooltip :prop="'pssourcetype'" :label="$t('entities.sys_permission.main_grid.columns.pssourcetype')" :width="150" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'pssourcetype'" :label="$t('entities.sys_permission.main_grid.columns.pssourcetype')" :width="150"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <template >
             <codelist :value="row.pssourcetype" tag='CLSourceType' codelistType='STATIC' ></codelist>
@@ -45,7 +45,7 @@
                 </el-table-column>
             </template>
             <template v-if="getColumnState('pssourcename')">
-                <el-table-column show-overflow-tooltip :prop="'pssourcename'" :label="$t('entities.sys_permission.main_grid.columns.pssourcename')" :width="150" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'pssourcename'" :label="$t('entities.sys_permission.main_grid.columns.pssourcename')" :width="150"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.pssourcename}}</span>
                     </template>

app_web/src/widgets/sys-role-permission/main-grid/main-grid-base.vue

@@ -22,7 +22,7 @@
                 <el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
             </template>
             <template v-if="getColumnState('sys_rolename')">
-                <el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_rolename')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_rolename')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <app-column-link deKeyField='sys_role' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-roleredirect-view', height: 0,width: 0,title: $t('entities.sys_role.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
             ]
@@ -36,7 +36,7 @@
                 </el-table-column>
             </template>
             <template v-if="getColumnState('sys_permissionname')">
-                <el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_permissionname')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_permissionname'" :label="$t('entities.sys_role_permission.main_grid.columns.sys_permissionname')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <app-column-link deKeyField='sys_permission' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-permissionredirect-view', height: 0,width: 0,title: $t('entities.sys_permission.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
             ]
@@ -50,7 +50,7 @@
                 </el-table-column>
             </template>
             <template v-if="getColumnState('updatedate')">
-                <el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role_permission.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role_permission.main_grid.columns.updatedate')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <app-format-data format="YYYY-MM-DD hh:mm:ss" :data="row.updatedate"></app-format-data>
                     </template>

app_web/src/widgets/sys-role/main-form/main-form-model.ts

@@ -55,6 +55,11 @@ export default class MainModel {
       {
         name: 'srfsourcekey',
       },
+      {
+        name: 'sys_roleid',
+        prop: 'roleid',
+        dataType: 'GUID',
+      },
       {
         name: 'sys_rolename',
         prop: 'rolename',
@@ -65,11 +70,6 @@ export default class MainModel {
         prop: 'memo',
         dataType: 'TEXT',
       },
-      {
-        name: 'sys_roleid',
-        prop: 'roleid',
-        dataType: 'GUID',
-      },
       {
         name: 'sys_role',
         prop: 'roleid',

app_web/src/widgets/sys-role/main-grid/main-grid-base.vue

@@ -22,28 +22,28 @@
                 <el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
             </template>
             <template v-if="getColumnState('sys_roleid')">
-                <el-table-column show-overflow-tooltip :prop="'sys_roleid'" :label="$t('entities.sys_role.main_grid.columns.sys_roleid')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_roleid'" :label="$t('entities.sys_role.main_grid.columns.sys_roleid')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.sys_roleid}}</span>
                     </template>
                 </el-table-column>
             </template>
             <template v-if="getColumnState('sys_rolename')">
-                <el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role.main_grid.columns.sys_rolename')" :width="350" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_role.main_grid.columns.sys_rolename')" :width="350"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.sys_rolename}}</span>
                     </template>
                 </el-table-column>
             </template>
             <template v-if="getColumnState('memo')">
-                <el-table-column show-overflow-tooltip :prop="'memo'" :label="$t('entities.sys_role.main_grid.columns.memo')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'memo'" :label="$t('entities.sys_role.main_grid.columns.memo')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.memo}}</span>
                     </template>
                 </el-table-column>
             </template>
             <template v-if="getColumnState('updatedate')">
-                <el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_role.main_grid.columns.updatedate')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <app-format-data format="YYYY-MM-DD hh:mm:ss" :data="row.updatedate"></app-format-data>
                     </template>

app_web/src/widgets/sys-user-role/main-grid/main-grid-base.vue

@@ -22,7 +22,7 @@
                 <el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
             </template>
             <template v-if="getColumnState('sys_username')">
-                <el-table-column show-overflow-tooltip :prop="'sys_username'" :label="$t('entities.sys_user_role.main_grid.columns.sys_username')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_username'" :label="$t('entities.sys_user_role.main_grid.columns.sys_username')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <app-column-link deKeyField='sys_user' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-userredirect-view', height: 0,width: 0,title: $t('entities.sys_user.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
             ]
@@ -36,7 +36,7 @@
                 </el-table-column>
             </template>
             <template v-if="getColumnState('sys_rolename')">
-                <el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_user_role.main_grid.columns.sys_rolename')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'sys_rolename'" :label="$t('entities.sys_user_role.main_grid.columns.sys_rolename')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <app-column-link deKeyField='sys_role' :context="JSON.parse(JSON.stringify(context))" :viewparams="JSON.parse(JSON.stringify(viewparams))" :data="row" :linkview="{viewname: 'sys-roleredirect-view', height: 0,width: 0,title: $t('entities.sys_role.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
             ]
@@ -50,7 +50,7 @@
                 </el-table-column>
             </template>
             <template v-if="getColumnState('updatedate')">
-                <el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_user_role.main_grid.columns.updatedate')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'updatedate'" :label="$t('entities.sys_user_role.main_grid.columns.updatedate')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <app-format-data format="YYYY-MM-DD hh:mm:ss" :data="row.updatedate"></app-format-data>
                     </template>

app_web/src/widgets/sys-user/main-grid/main-grid-base.vue

@@ -22,21 +22,21 @@
                 <el-table-column align="center" type='selection' :width="checkboxColWidth"></el-table-column>
             </template>
             <template v-if="getColumnState('userid')">
-                <el-table-column show-overflow-tooltip :prop="'userid'" :label="$t('entities.sys_user.main_grid.columns.userid')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'userid'" :label="$t('entities.sys_user.main_grid.columns.userid')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.userid}}</span>
                     </template>
                 </el-table-column>
             </template>
             <template v-if="getColumnState('username')">
-                <el-table-column show-overflow-tooltip :prop="'username'" :label="$t('entities.sys_user.main_grid.columns.username')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'username'" :label="$t('entities.sys_user.main_grid.columns.username')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.username}}</span>
                     </template>
                 </el-table-column>
             </template>
             <template v-if="getColumnState('personname')">
-                <el-table-column show-overflow-tooltip :prop="'personname'" :label="$t('entities.sys_user.main_grid.columns.personname')" :width="250" :align="'left'" :sortable="'custom'">
+                <el-table-column show-overflow-tooltip :prop="'personname'" :label="$t('entities.sys_user.main_grid.columns.personname')" :width="250"  :align="'left'" :sortable="'custom'">
                     <template v-slot="{row,column}">
                         <span>{{row.personname}}</span>
                     </template>

ibzuaa-core/pom.xml

@@ -150,7 +150,7 @@
                                     <verbose>true</verbose>
                                     <logging>debug</logging>
                                     <contexts>!test</contexts>
-                                    <diffExcludeObjects>Index:.*,table:IBZFILE,IBZUSER,IBZDATAAUDIT</diffExcludeObjects>
+                                    <diffExcludeObjects>Index:.*,table:ibzfile,ibzuser,ibzdataaudit</diffExcludeObjects>
                                 </configuration>
                                 <phase>process-resources</phase>
                                 <goals>

ibzuaa-core/src/main/resources/liquibase/h2_table.xml

@@ -136,7 +136,7 @@
         </createTable>
     </changeSet>
     <!--输出实体[SYS_ROLE]数据结构 -->
-    <changeSet author="a_A_5d9d78509" id="tab-sys_role-63-7">
+    <changeSet author="a_A_5d9d78509" id="tab-sys_role-68-7">
         <createTable tableName="IBZROLE">
                 <column name="SYS_ROLEID" remarks="" type="VARCHAR(100)">
                     <constraints primaryKey="true" primaryKeyName="PK_SYS_ROLE_SYS_ROLEID"/>

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_PERMISSIONResource.java

@@ -50,7 +50,9 @@ public class SYS_PERMISSIONResource {
 
     @Autowired
     @Lazy
-    private SYS_PERMISSIONMapping sys_permissionMapping;
+    public SYS_PERMISSIONMapping sys_permissionMapping;
+
+    public SYS_PERMISSIONDTO permissionDTO=new SYS_PERMISSIONDTO();
 
 
 
@@ -110,7 +112,6 @@ public class SYS_PERMISSIONResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PERMISSION-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"SYS_PERMISSION" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_permissions/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_PERMISSIONDTO> sys_permissiondtos) {
@@ -131,7 +132,7 @@ public class SYS_PERMISSIONResource {
         SYS_PERMISSIONDTO dto = sys_permissionMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PERMISSION-Create-all')")
+
     @ApiOperation(value = "createBatch", tags = {"SYS_PERMISSION" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_permissions/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_PERMISSIONDTO> sys_permissiondtos) {
@@ -183,12 +184,4 @@ public class SYS_PERMISSIONResource {
 	}
 
 
-    /**
-     * 用户权限校验
-     * @return
-     */
-	public SYS_PERMISSION getEntity(){
-        return new SYS_PERMISSION();
-    }
-
 }

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_PSAPPMENUITEMResource.java

@@ -50,7 +50,9 @@ public class SYS_PSAPPMENUITEMResource {
 
     @Autowired
     @Lazy
-    private SYS_PSAPPMENUITEMMapping sys_psappmenuitemMapping;
+    public SYS_PSAPPMENUITEMMapping sys_psappmenuitemMapping;
+
+    public SYS_PSAPPMENUITEMDTO permissionDTO=new SYS_PSAPPMENUITEMDTO();
 
 
 
@@ -81,7 +83,7 @@ public class SYS_PSAPPMENUITEMResource {
         SYS_PSAPPMENUITEMDTO dto = sys_psappmenuitemMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSAPPMENUITEM-Create-all')")
+
     @ApiOperation(value = "createBatch", tags = {"SYS_PSAPPMENUITEM" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_psappmenuitems/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_PSAPPMENUITEMDTO> sys_psappmenuitemdtos) {
@@ -104,7 +106,6 @@ public class SYS_PSAPPMENUITEMResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSAPPMENUITEM-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"SYS_PSAPPMENUITEM" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_psappmenuitems/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_PSAPPMENUITEMDTO> sys_psappmenuitemdtos) {
@@ -183,12 +184,4 @@ public class SYS_PSAPPMENUITEMResource {
 	}
 
 
-    /**
-     * 用户权限校验
-     * @return
-     */
-	public SYS_PSAPPMENUITEM getEntity(){
-        return new SYS_PSAPPMENUITEM();
-    }
-
 }

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_PSDEOPPRIVResource.java

@@ -50,7 +50,9 @@ public class SYS_PSDEOPPRIVResource {
 
     @Autowired
     @Lazy
-    private SYS_PSDEOPPRIVMapping sys_psdeopprivMapping;
+    public SYS_PSDEOPPRIVMapping sys_psdeopprivMapping;
+
+    public SYS_PSDEOPPRIVDTO permissionDTO=new SYS_PSDEOPPRIVDTO();
 
 
 
@@ -101,7 +103,7 @@ public class SYS_PSDEOPPRIVResource {
         SYS_PSDEOPPRIVDTO dto = sys_psdeopprivMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSDEOPPRIV-Create-all')")
+
     @ApiOperation(value = "createBatch", tags = {"SYS_PSDEOPPRIV" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_psdeopprivs/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_PSDEOPPRIVDTO> sys_psdeopprivdtos) {
@@ -136,7 +138,6 @@ public class SYS_PSDEOPPRIVResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_PSDEOPPRIV-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"SYS_PSDEOPPRIV" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_psdeopprivs/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_PSDEOPPRIVDTO> sys_psdeopprivdtos) {
@@ -183,12 +184,4 @@ public class SYS_PSDEOPPRIVResource {
 	}
 
 
-    /**
-     * 用户权限校验
-     * @return
-     */
-	public SYS_PSDEOPPRIV getEntity(){
-        return new SYS_PSDEOPPRIV();
-    }
-
 }

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_ROLEResource.java

@@ -50,7 +50,9 @@ public class SYS_ROLEResource {
 
     @Autowired
     @Lazy
-    private SYS_ROLEMapping sys_roleMapping;
+    public SYS_ROLEMapping sys_roleMapping;
+
+    public SYS_ROLEDTO permissionDTO=new SYS_ROLEDTO();
 
 
 
@@ -83,7 +85,6 @@ public class SYS_ROLEResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"SYS_ROLE" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_roles/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_ROLEDTO> sys_roledtos) {
@@ -104,7 +105,7 @@ public class SYS_ROLEResource {
         SYS_ROLEDTO dto = sys_roleMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE-Create-all')")
+
     @ApiOperation(value = "createBatch", tags = {"SYS_ROLE" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_roles/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_ROLEDTO> sys_roledtos) {
@@ -183,12 +184,4 @@ public class SYS_ROLEResource {
 	}
 
 
-    /**
-     * 用户权限校验
-     * @return
-     */
-	public SYS_ROLE getEntity(){
-        return new SYS_ROLE();
-    }
-
 }

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_ROLE_PERMISSIONResource.java

@@ -50,12 +50,14 @@ public class SYS_ROLE_PERMISSIONResource {
 
     @Autowired
     @Lazy
-    private SYS_ROLE_PERMISSIONMapping sys_role_permissionMapping;
+    public SYS_ROLE_PERMISSIONMapping sys_role_permissionMapping;
 
+    public SYS_ROLE_PERMISSIONDTO permissionDTO=new SYS_ROLE_PERMISSIONDTO();
 
 
 
-    @PreAuthorize("hasPermission(#sys_role_permission_id,'Get',{this.getEntity(),'Sql'})")
+
+    @PreAuthorize("hasPermission(#sys_role_permission_id,'Get',{'Sql',this.sys_role_permissionMapping,this.permissionDTO})")
     @ApiOperation(value = "Get", tags = {"SYS_ROLE_PERMISSION" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/sys_role_permissions/{sys_role_permission_id}")
     public ResponseEntity<SYS_ROLE_PERMISSIONDTO> get(@PathVariable("sys_role_permission_id") String sys_role_permission_id) {
@@ -67,7 +69,7 @@ public class SYS_ROLE_PERMISSIONResource {
 
 
 
-    @PreAuthorize("hasPermission(#sys_role_permission_id,'Remove',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasPermission(#sys_role_permission_id,'Remove',{'Sql',this.sys_role_permissionMapping,this.permissionDTO})")
     @ApiOperation(value = "Remove", tags = {"SYS_ROLE_PERMISSION" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/sys_role_permissions/{sys_role_permission_id}")
     @Transactional
@@ -94,7 +96,7 @@ public class SYS_ROLE_PERMISSIONResource {
 
 
 
-    @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasPermission('','Create',{'Sql',this.sys_role_permissionMapping,#sys_role_permissiondto})")
     @ApiOperation(value = "Create", tags = {"SYS_ROLE_PERMISSION" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions")
     @Transactional
@@ -104,7 +106,7 @@ public class SYS_ROLE_PERMISSIONResource {
         SYS_ROLE_PERMISSIONDTO dto = sys_role_permissionMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-    @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
+
     @ApiOperation(value = "createBatch", tags = {"SYS_ROLE_PERMISSION" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) {
@@ -140,7 +142,7 @@ public class SYS_ROLE_PERMISSIONResource {
 
 
 
-    @PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{this.getEntity(),'Sql'})")
+    @PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{'Sql',this.sys_role_permissionMapping,#sys_role_permissiondto})")
     @ApiOperation(value = "Update", tags = {"SYS_ROLE_PERMISSION" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/{sys_role_permission_id}")
     @Transactional
@@ -152,7 +154,6 @@ public class SYS_ROLE_PERMISSIONResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{this.getEntity(),'Sql'})")
     @ApiOperation(value = "UpdateBatch", tags = {"SYS_ROLE_PERMISSION" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) {
@@ -497,12 +498,4 @@ public class SYS_ROLE_PERMISSIONResource {
 	}
 
 
-    /**
-     * 用户权限校验
-     * @return
-     */
-	public SYS_ROLE_PERMISSION getEntity(){
-        return new SYS_ROLE_PERMISSION();
-    }
-
 }

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_USERResource.java

@@ -50,7 +50,9 @@ public class SYS_USERResource {
 
     @Autowired
     @Lazy
-    private SYS_USERMapping sys_userMapping;
+    public SYS_USERMapping sys_userMapping;
+
+    public SYS_USERDTO permissionDTO=new SYS_USERDTO();
 
 
 
@@ -85,7 +87,6 @@ public class SYS_USERResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"SYS_USER" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_users/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_USERDTO> sys_userdtos) {
@@ -152,7 +153,7 @@ public class SYS_USERResource {
         SYS_USERDTO dto = sys_userMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER-Create-all')")
+
     @ApiOperation(value = "createBatch", tags = {"SYS_USER" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_users/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_USERDTO> sys_userdtos) {
@@ -183,12 +184,4 @@ public class SYS_USERResource {
 	}
 
 
-    /**
-     * 用户权限校验
-     * @return
-     */
-	public SYS_USER getEntity(){
-        return new SYS_USER();
-    }
-
 }

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SYS_USER_ROLEResource.java

@@ -50,7 +50,9 @@ public class SYS_USER_ROLEResource {
 
     @Autowired
     @Lazy
-    private SYS_USER_ROLEMapping sys_user_roleMapping;
+    public SYS_USER_ROLEMapping sys_user_roleMapping;
+
+    public SYS_USER_ROLEDTO permissionDTO=new SYS_USER_ROLEDTO();
 
 
 
@@ -85,7 +87,6 @@ public class SYS_USER_ROLEResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER_ROLE-Update-all')")
     @ApiOperation(value = "UpdateBatch", tags = {"SYS_USER_ROLE" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/sys_user_roles/batch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_USER_ROLEDTO> sys_user_roledtos) {
@@ -124,7 +125,7 @@ public class SYS_USER_ROLEResource {
         SYS_USER_ROLEDTO dto = sys_user_roleMapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_USER_ROLE-Create-all')")
+
     @ApiOperation(value = "createBatch", tags = {"SYS_USER_ROLE" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/sys_user_roles/batch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_USER_ROLEDTO> sys_user_roledtos) {
@@ -431,12 +432,4 @@ public class SYS_USER_ROLEResource {
 	}
 
 
-    /**
-     * 用户权限校验
-     * @return
-     */
-	public SYS_USER_ROLE getEntity(){
-        return new SYS_USER_ROLE();
-    }
-
 }

ibzuaa-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java

@@ -6,7 +6,9 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.mongodb.QueryBuilder;
 import cn.ibizlab.util.annotation.DEField;
+import cn.ibizlab.util.domain.DTOBase;
 import cn.ibizlab.util.domain.EntityBase;
+import cn.ibizlab.util.domain.MappingBase;
 import cn.ibizlab.util.enums.DEPredefinedFieldType;
 import cn.ibizlab.util.filter.QueryBuildContext;
 import cn.ibizlab.util.filter.QueryWrapperContext;
@@ -72,8 +74,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             return true;
 
         List paramList = (ArrayList) params;
-        EntityBase  entity = (EntityBase) paramList.get(0);
-        String deStorageMode= (String) paramList.get(1);
+        String deStorageMode= (String) paramList.get(0);
+        MappingBase mappingBase= (MappingBase) paramList.get(1);
+        DTOBase dtoBase = (DTOBase) paramList.get(2);
+        EntityBase entity = (EntityBase) mappingBase.toDomain(dtoBase);
 
         if (StringUtils.isEmpty(entity))
             return false;
@@ -82,20 +86,19 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         JSONObject permissionList=userPermission.getJSONObject("entities");
         String entityName = entity.getClass().getSimpleName();
 
+        //拥有全部数据访问权限时，则跳过权限检查
+        if(isAllData(permissionList,entityName,action)){
+            return true;
+        }
+        //检查是否有操作权限[create.update.delete.read]
+        if(!validDEActionHasPermission(permissionList,entityName,action)){
+            return false;
+        }
         if(action.equalsIgnoreCase("create")){
-            return validDEActionHasPermission(permissionList,entityName,action);
+            return createActionPermissionValid(permissionList,entity, action);
         }
         else{
-            //拥有全部数据访问权限时，则跳过权限检查
-            if(isAllData(permissionList,entityName,action)){
-                return true;
-            }
-            //检查是否有操作权限[create.update.delete.read]
-            if(!validDEActionHasPermission(permissionList,entityName,action)){
-                return false;
-            }
-            //检查是否有数据权限
-            return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
+            return otherActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
         }
     }
 
@@ -113,7 +116,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         if(!permissionList.containsKey(entityName))
             return false;
         JSONObject entity=permissionList.getJSONObject(entityName);
-        if(entity.containsKey(action) && entity.getJSONArray(action).contains("ALL"))
+        if(!entity.containsKey(DEActionType))
+            return false;
+        JSONObject dataRange=entity.getJSONObject(DEActionType);//获取实体行为对应的数据范围
+        if(dataRange.containsKey(action) && dataRange.getJSONArray(action).contains("all"))
             return true;
 
         return false;
@@ -144,6 +150,81 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         return hasPermission;
     }
 
+    /**
+     * 新建行为校验
+     * @param permissionList
+     * @param entity
+     * @param action
+     * @return
+     */
+    private boolean createActionPermissionValid(JSONObject permissionList,EntityBase entity, String action){
+
+        Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
+        String keyField=permissionField.get(keyFieldTag);
+        if(StringUtils.isEmpty(keyField)){
+            throw new RuntimeException("权限校验失败，请检查当前实体中是否已经配置主键属性!");
+        }
+
+        //获取权限表达式[全部数据、本单位、本部门等]
+        JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
+        JSONObject permissionType= entityObj.getJSONObject(DEActionType);
+        JSONArray dataRangeList=permissionType.getJSONArray(action);//行为：read；insert...
+        if(dataRangeList.size()==0)
+            return false;
+
+        boolean isCreate=true;
+
+        String orgField=permissionField.get("orgfield");
+        String orgDeptField=permissionField.get("orgsecfield");
+        String createManField=permissionField.get("createmanfield");
+        AuthenticationUser authenticationUser = AuthenticationUser.getAuthenticationUser();
+        Map<String, Set<String>> userInfo = authenticationUser.getOrgInfo();
+        Set<String> orgParent = userInfo.get("parentorg");
+        Set<String> orgChild = userInfo.get("suborg");
+        Set<String> orgDeptParent = userInfo.get("parentdept");
+        Set<String> orgDeptChild = userInfo.get("subdept");
+
+        Object orgFieldValue=entity.get(orgField);
+        Object orgDeptFieldValue=entity.get(orgDeptField);
+        Object crateManFieldValue=entity.get(createManField);
+
+        Set<String> userOrg = new HashSet<>();
+        Set<String> userOrgDept = new HashSet<>();
+
+        for(int a=0;a<dataRangeList.size();a++){
+            String permissionCond=dataRangeList.getString(a);//权限配置条件
+            if(permissionCond.equals("curorg")){   //本单位
+                userOrg.add(authenticationUser.getOrgid());
+            }
+            else if(permissionCond.equals("porg")){//上级单位
+                userOrg.addAll(orgParent);
+            }
+            else if(permissionCond.equals("sorg")){//下级单位
+                userOrg.addAll(orgChild);
+            }
+            else if(permissionCond.equals("curorgdept")){//本部门
+                userOrgDept.add(authenticationUser.getMdeptid());
+            }
+            else if(permissionCond.equals("porgdept")){//上级部门
+                userOrgDept.addAll(orgDeptParent);
+            }
+            else if(permissionCond.equals("sorgdept")){//下级部门
+                userOrgDept.addAll(orgDeptChild);
+            }
+        }
+
+        if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue)){
+            return false;
+        }
+        if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue)){
+            return false;
+        }
+        if(!ObjectUtils.isEmpty(crateManFieldValue) && !crateManFieldValue.equals(authenticationUser.getUserid())){
+            return false;
+        }
+
+        return isCreate;
+    }
 
     /**
      * 根据实体存储模式，进行鉴权
@@ -154,7 +235,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * @param permissionList
      * @return
      */
-    private boolean deActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
+    private boolean otherActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
 
         if(deStorageMode.equalsIgnoreCase("sql")){
             return sqlPermissionValid(entity , action , srfKey, permissionList);