提交 5274a109 编写于 作者: ibizdev's avatar ibizdev

laizhilong 发布系统代码

上级 be10eac6
...@@ -10,6 +10,8 @@ export default { ...@@ -10,6 +10,8 @@ export default {
createdate: '建立时间', createdate: '建立时间',
updatedate: '更新时间', updatedate: '更新时间',
systemid: '系统标识', systemid: '系统标识',
updateman: '更新人',
createman: '建立人',
}, },
views: { views: {
mpickupview: { mpickupview: {
......
...@@ -9,6 +9,8 @@ export default { ...@@ -9,6 +9,8 @@ export default {
createdate: '建立时间', createdate: '建立时间',
updatedate: '更新时间', updatedate: '更新时间',
systemid: '系统标识', systemid: '系统标识',
updateman: '更新人',
createman: '建立人',
}, },
views: { views: {
mpickupview: { mpickupview: {
......
...@@ -42,6 +42,12 @@ export default class DefaultModel { ...@@ -42,6 +42,12 @@ export default class DefaultModel {
{ {
name: 'systemid', name: 'systemid',
}, },
{
name: 'updateman',
},
{
name: 'createman',
},
] ]
} }
......
...@@ -42,6 +42,12 @@ export default class MPickupViewpickupviewpanelModel { ...@@ -42,6 +42,12 @@ export default class MPickupViewpickupviewpanelModel {
{ {
name: 'systemid', name: 'systemid',
}, },
{
name: 'updateman',
},
{
name: 'createman',
},
] ]
} }
......
...@@ -42,6 +42,12 @@ export default class PickupViewpickupviewpanelModel { ...@@ -42,6 +42,12 @@ export default class PickupViewpickupviewpanelModel {
{ {
name: 'systemid', name: 'systemid',
}, },
{
name: 'updateman',
},
{
name: 'createman',
},
] ]
} }
......
...@@ -108,6 +108,22 @@ public class SYS_ROLE_PERMISSION extends EntityMP implements Serializable { ...@@ -108,6 +108,22 @@ public class SYS_ROLE_PERMISSION extends EntityMP implements Serializable {
@JSONField(name = "systemid") @JSONField(name = "systemid")
@JsonProperty("systemid") @JsonProperty("systemid")
private String systemid; private String systemid;
/**
* 更新人
*/
@DEField(preType = DEPredefinedFieldType.UPDATEMAN)
@TableField(value = "updateman")
@JSONField(name = "updateman")
@JsonProperty("updateman")
private String updateman;
/**
* 建立人
*/
@DEField(preType = DEPredefinedFieldType.CREATEMAN)
@TableField(value = "createman" , fill = FieldFill.INSERT)
@JSONField(name = "createman")
@JsonProperty("createman")
private String createman;
/** /**
* 资源 * 资源
......
...@@ -36,7 +36,7 @@ ...@@ -36,7 +36,7 @@
</createTable> </createTable>
</changeSet> </changeSet>
<!--输出实体[SYS_ROLE_PERMISSION]数据结构 --> <!--输出实体[SYS_ROLE_PERMISSION]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-sys_role_permission-59-2"> <changeSet author="a_A_5d9d78509" id="tab-sys_role_permission-64-2">
<createTable tableName="IBZROLE_PERMISSION"> <createTable tableName="IBZROLE_PERMISSION">
<column name="SYS_ROLE_PERMISSIONID" remarks="" type="VARCHAR(100)"> <column name="SYS_ROLE_PERMISSIONID" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_SYS_ROLE_PERMISSION_SYS_ROL"/> <constraints primaryKey="true" primaryKeyName="PK_SYS_ROLE_PERMISSION_SYS_ROL"/>
...@@ -57,6 +57,10 @@ ...@@ -57,6 +57,10 @@
</column> </column>
<column name="SYSTEMID" remarks="" type="VARCHAR(100)"> <column name="SYSTEMID" remarks="" type="VARCHAR(100)">
</column> </column>
<column name="UPDATEMAN" remarks="" type="VARCHAR(60)">
</column>
<column name="CREATEMAN" remarks="" type="VARCHAR(60)">
</column>
</createTable> </createTable>
</changeSet> </changeSet>
<!--输出实体[SYS_USER]数据结构 --> <!--输出实体[SYS_USER]数据结构 -->
...@@ -188,7 +192,7 @@ ...@@ -188,7 +192,7 @@
<!--输出实体[SYS_PSDEOPPRIV]外键关系 --> <!--输出实体[SYS_PSDEOPPRIV]外键关系 -->
<!--输出实体[SYS_ROLE_PERMISSION]外键关系 --> <!--输出实体[SYS_ROLE_PERMISSION]外键关系 -->
<changeSet author="a_A_5d9d78509" id="fk-sys_role_permission-59-10"> <changeSet author="a_A_5d9d78509" id="fk-sys_role_permission-64-10">
<addForeignKeyConstraint baseColumnNames="SYS_PERMISSIONID" baseTableName="IBZROLE_PERMISSION" constraintName="DER1N_SYS_ROLE_PERMISSION_SYS_" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="SYS_PERMISSIONID" referencedTableName="IBZPERMISSION" validate="true"/> <addForeignKeyConstraint baseColumnNames="SYS_PERMISSIONID" baseTableName="IBZROLE_PERMISSION" constraintName="DER1N_SYS_ROLE_PERMISSION_SYS_" deferrable="false" initiallyDeferred="false" onDelete="RESTRICT" onUpdate="RESTRICT" referencedColumnNames="SYS_PERMISSIONID" referencedTableName="IBZPERMISSION" validate="true"/>
</changeSet> </changeSet>
<!--输出实体[SYS_USER]外键关系 --> <!--输出实体[SYS_USER]外键关系 -->
......
...@@ -4,6 +4,9 @@ ...@@ -4,6 +4,9 @@
<mapper namespace="cn.ibizlab.core.uaa.mapper.SYS_ROLE_PERMISSIONMapper"> <mapper namespace="cn.ibizlab.core.uaa.mapper.SYS_ROLE_PERMISSIONMapper">
<!--该方法用于重写mybatis中selectById方法,以实现查询逻辑属性--> <!--该方法用于重写mybatis中selectById方法,以实现查询逻辑属性-->
<select id="selectById" resultMap="SYS_ROLE_PERMISSIONResultMap" databaseId="mysql">
<![CDATA[select t1.* from (SELECT t1.`CREATEDATE`, t1.`CREATEMAN`, t1.`SYSTEMID`, t1.`SYS_PERMISSIONID`, t1.`SYS_PERMISSIONNAME`, t1.`SYS_ROLEID`, t1.`SYS_ROLENAME`, t1.`SYS_ROLE_PERMISSIONID`, t1.`SYS_ROLE_PERMISSIONNAME`, t1.`UPDATEDATE`, t1.`UPDATEMAN` FROM `IBZROLE_PERMISSION` t1 ) t1 where sys_role_permissionid=#{id}]]>
</select>
<!--通过mybatis将查询结果注入到entity中,通过配置autoMapping="true"由mybatis自动处理映射关系 --> <!--通过mybatis将查询结果注入到entity中,通过配置autoMapping="true"由mybatis自动处理映射关系 -->
<resultMap id="SYS_ROLE_PERMISSIONResultMap" type="cn.ibizlab.core.uaa.domain.SYS_ROLE_PERMISSION" autoMapping="true"> <resultMap id="SYS_ROLE_PERMISSIONResultMap" type="cn.ibizlab.core.uaa.domain.SYS_ROLE_PERMISSION" autoMapping="true">
...@@ -56,16 +59,22 @@ ...@@ -56,16 +59,22 @@
<!--数据查询[Default]--> <!--数据查询[Default]-->
<sql id="Default" databaseId="mysql"> <sql id="Default" databaseId="mysql">
<![CDATA[ SELECT t1.`CREATEDATE`, t1.`SYSTEMID`, t1.`SYS_PERMISSIONID`, t1.`SYS_PERMISSIONNAME`, t1.`SYS_ROLEID`, t1.`SYS_ROLENAME`, t1.`SYS_ROLE_PERMISSIONID`, t1.`SYS_ROLE_PERMISSIONNAME`, t1.`UPDATEDATE` FROM `IBZROLE_PERMISSION` t1 <![CDATA[ SELECT t1.`CREATEDATE`, t1.`CREATEMAN`, t1.`SYSTEMID`, t1.`SYS_PERMISSIONID`, t1.`SYS_PERMISSIONNAME`, t1.`SYS_ROLEID`, t1.`SYS_ROLENAME`, t1.`SYS_ROLE_PERMISSIONID`, t1.`SYS_ROLE_PERMISSIONNAME`, t1.`UPDATEDATE`, t1.`UPDATEMAN` FROM `IBZROLE_PERMISSION` t1
]]> ]]>
</sql> </sql>
<!--数据查询[Permissionenable1]--> <!--数据查询[Permissionenable1]-->
<sql id="Permissionenable1" databaseId="mysql"> <sql id="Permissionenable1" databaseId="mysql">
<![CDATA[ SELECT t1.`CREATEDATE`, t1.`SYSTEMID`, t1.`SYS_PERMISSIONID`, t1.`SYS_PERMISSIONNAME`, t1.`SYS_ROLEID`, t1.`SYS_ROLENAME`, t1.`SYS_ROLE_PERMISSIONID`, t1.`SYS_ROLE_PERMISSIONNAME`, t1.`UPDATEDATE` FROM `IBZROLE_PERMISSION` t1 LEFT JOIN IBZPERMISSION t11 ON t1.SYS_PERMISSIONID = t11.SYS_PERMISSIONID <![CDATA[ SELECT t1.`CREATEDATE`, t1.`SYSTEMID`, t1.`SYS_PERMISSIONID`, t1.`SYS_PERMISSIONNAME`, t1.`SYS_ROLEID`, t1.`SYS_ROLENAME`, t1.`SYS_ROLE_PERMISSIONID`, t1.`SYS_ROLE_PERMISSIONNAME`, t1.`UPDATEDATE` FROM `IBZROLE_PERMISSION` t1 INNER JOIN IBZPERMISSION t11 ON t1.SYS_PERMISSIONID = t11.SYS_PERMISSIONID WHERE t11.ENABLE=1
WHERE ( t11.enable=1 ) WHERE ( t11.enable=1 )
]]> ]]>
</sql> </sql>
<!--数据查询[View]-->
<sql id="View" databaseId="mysql">
<![CDATA[ SELECT t1.`CREATEDATE`, t1.`CREATEMAN`, t1.`SYSTEMID`, t1.`SYS_PERMISSIONID`, t1.`SYS_PERMISSIONNAME`, t1.`SYS_ROLEID`, t1.`SYS_ROLENAME`, t1.`SYS_ROLE_PERMISSIONID`, t1.`SYS_ROLE_PERMISSIONNAME`, t1.`UPDATEDATE`, t1.`UPDATEMAN` FROM `IBZROLE_PERMISSION` t1
]]>
</sql>
</mapper> </mapper>
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
"sysmoudle":{"id":"UAA","name":"uaa"}, "sysmoudle":{"id":"UAA","name":"uaa"},
"dedataset":[{"id":"Default" , "name":"DEFAULT"},{"id":"Permissionenable1" , "name":"permissionenable1"}], "dedataset":[{"id":"Default" , "name":"DEFAULT"},{"id":"Permissionenable1" , "name":"permissionenable1"}],
"deaction":[{"id":"Get" , "name":"Get" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" }], "deaction":[{"id":"Get" , "name":"Get" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" }],
"datascope":[{"id":"all","name":"全部数据"}] "datascope":[{"id":"all","name":"全部数据"}, {"id":"createman","name":"创建人"}]
} }
, { , {
"dename":"SYS_PERMISSION", "dename":"SYS_PERMISSION",
......
...@@ -97,6 +97,22 @@ public class SYS_ROLE_PERMISSIONDTO extends DTOBase implements Serializable { ...@@ -97,6 +97,22 @@ public class SYS_ROLE_PERMISSIONDTO extends DTOBase implements Serializable {
@JsonProperty("systemid") @JsonProperty("systemid")
private String systemid; private String systemid;
/**
* 属性 [UPDATEMAN]
*
*/
@JSONField(name = "updateman")
@JsonProperty("updateman")
private String updateman;
/**
* 属性 [CREATEMAN]
*
*/
@JSONField(name = "createman")
@JsonProperty("createman")
private String createman;
/** /**
* 设置 [SYS_ROLE_PERMISSIONNAME] * 设置 [SYS_ROLE_PERMISSIONNAME]
......
...@@ -55,7 +55,7 @@ public class SYS_ROLE_PERMISSIONResource { ...@@ -55,7 +55,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE_PERMISSION-Get-all')") @PreAuthorize("hasPermission(#sys_role_permission_id,'Get',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Get", tags = {"SYS_ROLE_PERMISSION" }, notes = "Get") @ApiOperation(value = "Get", tags = {"SYS_ROLE_PERMISSION" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/sys_role_permissions/{sys_role_permission_id}") @RequestMapping(method = RequestMethod.GET, value = "/sys_role_permissions/{sys_role_permission_id}")
public ResponseEntity<SYS_ROLE_PERMISSIONDTO> get(@PathVariable("sys_role_permission_id") String sys_role_permission_id) { public ResponseEntity<SYS_ROLE_PERMISSIONDTO> get(@PathVariable("sys_role_permission_id") String sys_role_permission_id) {
...@@ -67,7 +67,7 @@ public class SYS_ROLE_PERMISSIONResource { ...@@ -67,7 +67,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE_PERMISSION-Remove-all')") @PreAuthorize("hasPermission('Remove',{#sys_role_permission_id,{this.getEntity(),'Sql'}})")
@ApiOperation(value = "Remove", tags = {"SYS_ROLE_PERMISSION" }, notes = "Remove") @ApiOperation(value = "Remove", tags = {"SYS_ROLE_PERMISSION" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/sys_role_permissions/{sys_role_permission_id}") @RequestMapping(method = RequestMethod.DELETE, value = "/sys_role_permissions/{sys_role_permission_id}")
@Transactional @Transactional
...@@ -94,7 +94,7 @@ public class SYS_ROLE_PERMISSIONResource { ...@@ -94,7 +94,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE_PERMISSION-Create-all')") @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Create", tags = {"SYS_ROLE_PERMISSION" }, notes = "Create") @ApiOperation(value = "Create", tags = {"SYS_ROLE_PERMISSION" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions") @RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions")
@Transactional @Transactional
...@@ -104,7 +104,7 @@ public class SYS_ROLE_PERMISSIONResource { ...@@ -104,7 +104,7 @@ public class SYS_ROLE_PERMISSIONResource {
SYS_ROLE_PERMISSIONDTO dto = sys_role_permissionMapping.toDto(domain); SYS_ROLE_PERMISSIONDTO dto = sys_role_permissionMapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE_PERMISSION-Create-all')") @PreAuthorize("hasPermission('','Create',{this.getEntity(),'Sql'})")
@ApiOperation(value = "createBatch", tags = {"SYS_ROLE_PERMISSION" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"SYS_ROLE_PERMISSION" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions/batch") @RequestMapping(method = RequestMethod.POST, value = "/sys_role_permissions/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) {
...@@ -140,7 +140,7 @@ public class SYS_ROLE_PERMISSIONResource { ...@@ -140,7 +140,7 @@ public class SYS_ROLE_PERMISSIONResource {
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE_PERMISSION-Update-all')") @PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "Update", tags = {"SYS_ROLE_PERMISSION" }, notes = "Update") @ApiOperation(value = "Update", tags = {"SYS_ROLE_PERMISSION" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/{sys_role_permission_id}") @RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/{sys_role_permission_id}")
@Transactional @Transactional
...@@ -152,7 +152,7 @@ public class SYS_ROLE_PERMISSIONResource { ...@@ -152,7 +152,7 @@ public class SYS_ROLE_PERMISSIONResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SYS_ROLE_PERMISSION-Update-all')") @PreAuthorize("hasPermission(#sys_role_permission_id,'Update',{this.getEntity(),'Sql'})")
@ApiOperation(value = "UpdateBatch", tags = {"SYS_ROLE_PERMISSION" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"SYS_ROLE_PERMISSION" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sys_role_permissions/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<SYS_ROLE_PERMISSIONDTO> sys_role_permissiondtos) {
......
...@@ -39,10 +39,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -39,10 +39,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
* 实体行为操作标识 * 实体行为操作标识
*/ */
private String DEActionType="DEACTION"; private String DEActionType="DEACTION";
/**
* 实体数据集操作标识
*/
private String DataSetTag="DATASET";
/** /**
*实体主键标识 *实体主键标识
*/ */
...@@ -63,61 +59,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -63,61 +59,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
@Override @Override
public boolean hasPermission(Authentication authentication, Object deAction, Object gridParam) { public boolean hasPermission(Authentication authentication, Object deAction, Object gridParam) {
//未开启权限校验、超级管理员则不进行权限检查
if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1 || !enablePermissionValid)
return true;
String action = "";
String deStorageMode;
if (deAction instanceof String)
action = (String) deAction;
if (StringUtils.isEmpty(action))
return false;
//获取当前用户权限列表
JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermissionList();
if(userPermission==null)
return false;
List gridParamList = (ArrayList) gridParam;
if(action.equalsIgnoreCase("remove")){
//准备参数
Object srfKey =gridParamList.get(0);
EntityBase entity = (EntityBase) gridParamList.get(1);
deStorageMode= (String) gridParamList.get(2);
String entityName = entity.getClass().getSimpleName();
//获取实体行为权限信息
JSONObject permissionList=userPermission.getJSONObject("entities");
//检查是否有操作权限[create.update.delete.read]
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限
return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
}
else{
//准备参数
Object searchContext=gridParamList.get(0);
String dataSetName=String.valueOf(gridParamList.get(1));
EntityBase entity = (EntityBase) gridParamList.get(2);
deStorageMode= (String) gridParamList.get(3);
String entityName = entity.getClass().getSimpleName();
//获取数据集权限信息
JSONObject permissionList=userPermission.getJSONObject("entities");
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName))
return false;
//检查是否有访问数据集的权限
if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
return false;
}
}
return true; return true;
} }
...@@ -211,33 +152,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -211,33 +152,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return hasPermission; return hasPermission;
} }
/**
* 数据集合权限校验
* @param userPermission
* @param entityName
* @param dataSetName
* userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
* @return
*/
private boolean validDataSetHasPermission(JSONObject userPermission,String entityName ,String dataSetName){
boolean hasPermission=false;
if(userPermission==null)
return false;
if(!userPermission.containsKey(entityName))
return false;
JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
if(!entity.containsKey(DataSetTag))
return false;
JSONObject dataSetList=entity.getJSONObject(DataSetTag);//获取数据集
if(!dataSetList.containsKey(dataSetName))
return false;
JSONArray dataRange=dataSetList.getJSONArray(dataSetName);//获取数据范围
if(dataRange!=null && dataRange.size()>0){
hasPermission=true;
}
return hasPermission;
}
/** /**
* 根据实体存储模式,进行鉴权 * 根据实体存储模式,进行鉴权
...@@ -366,28 +280,28 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -366,28 +280,28 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
for(int i=0;i<oppriList.size();i++){ for(int i=0;i<oppriList.size();i++){
String permissionCond=oppriList.getString(i);//权限配置条件 String permissionCond=oppriList.getString(i);//权限配置条件
if(permissionCond.equals("CURORG")){ //本单位 if(permissionCond.equals("curorg")){ //本单位
permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get()); permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get());
} }
else if(permissionCond.equals("PORG")){//上级单位 else if(permissionCond.equals("porg")){//上级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgParent)).get()); permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgParent)).get());
} }
else if(permissionCond.equals("SORG")){//下级单位 else if(permissionCond.equals("sorg")){//下级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgChild)).get()); permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgChild)).get());
} }
else if(permissionCond.equals("CREATEMAN")){//建立人 else if(permissionCond.equals("createman")){//建立人
permissionSQL.or(new QueryBuilder().and(createManField).is(AuthenticationUser.getAuthenticationUser().getUserid()).get()); permissionSQL.or(new QueryBuilder().and(createManField).is(AuthenticationUser.getAuthenticationUser().getUserid()).get());
} }
else if(permissionCond.equals("CURORGDEPT")){//本部门 else if(permissionCond.equals("curorgdept")){//本部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).is(AuthenticationUser.getAuthenticationUser().getMdeptid()).get()); permissionSQL.or(new QueryBuilder().and(orgDeptField).is(AuthenticationUser.getAuthenticationUser().getMdeptid()).get());
} }
else if(permissionCond.equals("PORGDEPT")){//上级部门 else if(permissionCond.equals("porgdept")){//上级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptParent)).get()); permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptParent)).get());
} }
else if(permissionCond.equals("SORGDEPT")){//下级部门 else if(permissionCond.equals("sorgdept")){//下级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptChild)).get()); permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptChild)).get());
} }
else if(permissionCond.equals("ALL")){ else if(permissionCond.equals("all")){
permissionSQL.or(new QueryBuilder().get()); permissionSQL.or(new QueryBuilder().get());
} }
} }
...@@ -417,28 +331,28 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -417,28 +331,28 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
for(int i=0;i<oppriList.size();i++){ for(int i=0;i<oppriList.size();i++){
permissionSQL.append("OR"); permissionSQL.append("OR");
String permissionCond=oppriList.getString(i);//权限配置条件 String permissionCond=oppriList.getString(i);//权限配置条件
if(permissionCond.equals("CURORG")){ //本单位 if(permissionCond.equals("curorg")){ //本单位
permissionSQL.append(String.format("(%s='%s')",orgField,AuthenticationUser.getAuthenticationUser().getOrgid())); permissionSQL.append(String.format("(%s='%s')",orgField,AuthenticationUser.getAuthenticationUser().getOrgid()));
} }
else if(permissionCond.equals("PORG")){//上级单位 else if(permissionCond.equals("porg")){//上级单位
permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgParent))); permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgParent)));
} }
else if(permissionCond.equals("SORG")){//下级单位 else if(permissionCond.equals("sorg")){//下级单位
permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgChild))); permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgChild)));
} }
else if(permissionCond.equals("CREATEMAN")){//建立人 else if(permissionCond.equals("createman")){//建立人
permissionSQL.append(String.format("(%s='%s')",createManField,AuthenticationUser.getAuthenticationUser().getUserid())); permissionSQL.append(String.format("(%s='%s')",createManField,AuthenticationUser.getAuthenticationUser().getUserid()));
} }
else if(permissionCond.equals("CURORGDEPT")){//本部门 else if(permissionCond.equals("curorgdept")){//本部门
permissionSQL.append(String.format("(%s='%s')",orgDeptField,AuthenticationUser.getAuthenticationUser().getMdeptid())); permissionSQL.append(String.format("(%s='%s')",orgDeptField,AuthenticationUser.getAuthenticationUser().getMdeptid()));
} }
else if(permissionCond.equals("PORGDEPT")){//上级部门 else if(permissionCond.equals("porgdept")){//上级部门
permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptParent))); permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptParent)));
} }
else if(permissionCond.equals("SORGDEPT")){//下级部门 else if(permissionCond.equals("sorgdept")){//下级部门
permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild))); permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild)));
} }
else if(permissionCond.equals("ALL")){//全部数据 else if(permissionCond.equals("all")){//全部数据
permissionSQL.append("(1=1)"); permissionSQL.append("(1=1)");
} }
else{ else{
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册