Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzuaa
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzuaa
提交
53c4ecb6
提交
53c4ecb6
编写于
5月 26, 2020
作者:
ibizdev
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
zhouweidong@lab.ibiz5.com 部署微服务应用
上级
4c8af2d8
变更
16
隐藏空白字符变更
内嵌
并排
正在显示
16 个修改的文件
包含
231 行增加
和
720 行删除
+231
-720
main-grid-base.vue
...web/src/widgets/sys-auth-log/main-grid/main-grid-base.vue
+40
-48
main-grid-base.vue
...b/src/widgets/sys-permission/main-grid/main-grid-base.vue
+10
-12
main-grid-base.vue
.../widgets/sys-role-permission/main-grid/main-grid-base.vue
+15
-18
main-grid-base.vue
app_web/src/widgets/sys-role/main-grid/main-grid-base.vue
+20
-24
main-grid-base.vue
...eb/src/widgets/sys-user-role/main-grid/main-grid-base.vue
+15
-18
main-grid-base.vue
app_web/src/widgets/sys-user/main-grid/main-grid-base.vue
+15
-18
config.xml
config.xml
+5
-0
Dockerfile
ibzuaa-app/ibzuaa-app-web/src/main/docker/Dockerfile
+1
-1
ibzuaa-app-web.yaml
...aa-app/ibzuaa-app-web/src/main/docker/ibzuaa-app-web.yaml
+15
-1
SysAuthLogResource.java
...src/main/java/cn/ibizlab/api/rest/SysAuthLogResource.java
+9
-10
SysPermissionResource.java
.../main/java/cn/ibizlab/api/rest/SysPermissionResource.java
+9
-10
SysRolePermissionResource.java
...n/java/cn/ibizlab/api/rest/SysRolePermissionResource.java
+17
-22
SysRoleResource.java
...pi/src/main/java/cn/ibizlab/api/rest/SysRoleResource.java
+9
-10
SysUserResource.java
...pi/src/main/java/cn/ibizlab/api/rest/SysUserResource.java
+9
-10
SysUserRoleResource.java
...rc/main/java/cn/ibizlab/api/rest/SysUserRoleResource.java
+17
-22
AuthPermissionEvaluator.java
...ava/cn/ibizlab/util/security/AuthPermissionEvaluator.java
+25
-496
未找到文件。
app_web/src/widgets/sys-auth-log/main-grid/main-grid-base.vue
浏览文件 @
53c4ecb6
...
...
@@ -23,12 +23,11 @@
</
template
>
<
template
v-if=
"getColumnState('username')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'username'"
:label=
"$t('entities.sysauthlog.main_grid.columns.username')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.username'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.username'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
username
}}
</span>
</
template
>
...
...
@@ -36,12 +35,11 @@
</template>
<
template
v-if=
"getColumnState('personname')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'personname'"
:label=
"$t('entities.sysauthlog.main_grid.columns.personname')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.personname'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.personname'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
personname
}}
</span>
</
template
>
...
...
@@ -49,12 +47,11 @@
</template>
<
template
v-if=
"getColumnState('authtime')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'authtime'"
:label=
"$t('entities.sysauthlog.main_grid.columns.authtime')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.authtime'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.authtime'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-format-data
format=
"YYYY-MM-DD hh:mm:ss"
:data=
"row.authtime"
></app-format-data>
</
template
>
...
...
@@ -62,12 +59,11 @@
</template>
<
template
v-if=
"getColumnState('authcode')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'authcode'"
:label=
"$t('entities.sysauthlog.main_grid.columns.authcode')"
:width=
"100"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.authcode'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.authcode'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<template
>
<codelist
:value=
"row.authcode"
tag=
'CLAuthCode'
codelistType=
'STATIC'
></codelist>
...
...
@@ -77,12 +73,11 @@
</template>
<
template
v-if=
"getColumnState('ipaddr')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'ipaddr'"
:label=
"$t('entities.sysauthlog.main_grid.columns.ipaddr')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.ipaddr'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.ipaddr'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
ipaddr
}}
</span>
</
template
>
...
...
@@ -90,12 +85,11 @@
</template>
<
template
v-if=
"getColumnState('macaddr')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'macaddr'"
:label=
"$t('entities.sysauthlog.main_grid.columns.macaddr')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.macaddr'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.macaddr'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
macaddr
}}
</span>
</
template
>
...
...
@@ -103,12 +97,11 @@
</template>
<
template
v-if=
"getColumnState('useragent')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'useragent'"
:label=
"$t('entities.sysauthlog.main_grid.columns.useragent')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.useragent'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.useragent'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
useragent
}}
</span>
</
template
>
...
...
@@ -116,12 +109,11 @@
</template>
<
template
v-if=
"getColumnState('domain')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'domain'"
:label=
"$t('entities.sysauthlog.main_grid.columns.domain')"
:width=
"100"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.domain'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysauthlog.main_grid.columns.domain'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
domain
}}
</span>
</
template
>
...
...
app_web/src/widgets/sys-permission/main-grid/main-grid-base.vue
浏览文件 @
53c4ecb6
...
...
@@ -23,12 +23,11 @@
</
template
>
<
template
v-if=
"getColumnState('sys_permissionid')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_permissionid'"
:label=
"$t('entities.syspermission.main_grid.columns.sys_permissionid')"
:width=
"150"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.syspermission.main_grid.columns.sys_permissionid'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.syspermission.main_grid.columns.sys_permissionid'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
sys_permissionid
}}
</span>
</
template
>
...
...
@@ -36,12 +35,11 @@
</template>
<
template
v-if=
"getColumnState('sys_permissionname')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_permissionname'"
:label=
"$t('entities.syspermission.main_grid.columns.sys_permissionname')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.syspermission.main_grid.columns.sys_permissionname'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.syspermission.main_grid.columns.sys_permissionname'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
sys_permissionname
}}
</span>
</
template
>
...
...
app_web/src/widgets/sys-role-permission/main-grid/main-grid-base.vue
浏览文件 @
53c4ecb6
...
...
@@ -23,12 +23,11 @@
</
template
>
<
template
v-if=
"getColumnState('sys_rolename')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_rolename'"
:label=
"$t('entities.sysrolepermission.main_grid.columns.sys_rolename')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrolepermission.main_grid.columns.sys_rolename'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrolepermission.main_grid.columns.sys_rolename'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-column-link
deKeyField=
'sysrole'
:context=
"JSON.parse(JSON.stringify(context))"
:viewparams=
"JSON.parse(JSON.stringify(viewparams))"
:data=
"row"
:linkview=
"
{viewname: 'sys-roleredirect-view', height: 0,width: 0,title: $t('entities.sysrole.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
...
...
@@ -43,12 +42,11 @@
</template>
<
template
v-if=
"getColumnState('sys_permissionname')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_permissionname'"
:label=
"$t('entities.sysrolepermission.main_grid.columns.sys_permissionname')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrolepermission.main_grid.columns.sys_permissionname'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrolepermission.main_grid.columns.sys_permissionname'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-column-link
deKeyField=
'syspermission'
:context=
"JSON.parse(JSON.stringify(context))"
:viewparams=
"JSON.parse(JSON.stringify(viewparams))"
:data=
"row"
:linkview=
"
{viewname: 'sys-permissionredirect-view', height: 0,width: 0,title: $t('entities.syspermission.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
...
...
@@ -63,12 +61,11 @@
</template>
<
template
v-if=
"getColumnState('updatedate')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'updatedate'"
:label=
"$t('entities.sysrolepermission.main_grid.columns.updatedate')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrolepermission.main_grid.columns.updatedate'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrolepermission.main_grid.columns.updatedate'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-format-data
format=
"YYYY-MM-DD hh:mm:ss"
:data=
"row.updatedate"
></app-format-data>
</
template
>
...
...
app_web/src/widgets/sys-role/main-grid/main-grid-base.vue
浏览文件 @
53c4ecb6
...
...
@@ -23,12 +23,11 @@
</
template
>
<
template
v-if=
"getColumnState('sys_roleid')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_roleid'"
:label=
"$t('entities.sysrole.main_grid.columns.sys_roleid')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.sys_roleid'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.sys_roleid'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
sys_roleid
}}
</span>
</
template
>
...
...
@@ -36,12 +35,11 @@
</template>
<
template
v-if=
"getColumnState('sys_rolename')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_rolename'"
:label=
"$t('entities.sysrole.main_grid.columns.sys_rolename')"
:width=
"350"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.sys_rolename'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.sys_rolename'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
sys_rolename
}}
</span>
</
template
>
...
...
@@ -49,12 +47,11 @@
</template>
<
template
v-if=
"getColumnState('memo')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'memo'"
:label=
"$t('entities.sysrole.main_grid.columns.memo')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.memo'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.memo'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
memo
}}
</span>
</
template
>
...
...
@@ -62,12 +59,11 @@
</template>
<
template
v-if=
"getColumnState('updatedate')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'updatedate'"
:label=
"$t('entities.sysrole.main_grid.columns.updatedate')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.updatedate'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysrole.main_grid.columns.updatedate'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-format-data
format=
"YYYY-MM-DD hh:mm:ss"
:data=
"row.updatedate"
></app-format-data>
</
template
>
...
...
app_web/src/widgets/sys-user-role/main-grid/main-grid-base.vue
浏览文件 @
53c4ecb6
...
...
@@ -23,12 +23,11 @@
</
template
>
<
template
v-if=
"getColumnState('sys_username')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_username'"
:label=
"$t('entities.sysuserrole.main_grid.columns.sys_username')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuserrole.main_grid.columns.sys_username'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuserrole.main_grid.columns.sys_username'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-column-link
deKeyField=
'sysuser'
:context=
"JSON.parse(JSON.stringify(context))"
:viewparams=
"JSON.parse(JSON.stringify(viewparams))"
:data=
"row"
:linkview=
"
{viewname: 'sys-userredirect-view', height: 0,width: 0,title: $t('entities.sysuser.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
...
...
@@ -43,12 +42,11 @@
</template>
<
template
v-if=
"getColumnState('sys_rolename')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'sys_rolename'"
:label=
"$t('entities.sysuserrole.main_grid.columns.sys_rolename')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuserrole.main_grid.columns.sys_rolename'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuserrole.main_grid.columns.sys_rolename'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-column-link
deKeyField=
'sysrole'
:context=
"JSON.parse(JSON.stringify(context))"
:viewparams=
"JSON.parse(JSON.stringify(viewparams))"
:data=
"row"
:linkview=
"
{viewname: 'sys-roleredirect-view', height: 0,width: 0,title: $t('entities.sysrole.views.redirectview.title'),placement: '', isRedirectView: true,deResParameters: [
]
...
...
@@ -63,12 +61,11 @@
</template>
<
template
v-if=
"getColumnState('updatedate')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'updatedate'"
:label=
"$t('entities.sysuserrole.main_grid.columns.updatedate')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuserrole.main_grid.columns.updatedate'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuserrole.main_grid.columns.updatedate'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<app-format-data
format=
"YYYY-MM-DD hh:mm:ss"
:data=
"row.updatedate"
></app-format-data>
</
template
>
...
...
app_web/src/widgets/sys-user/main-grid/main-grid-base.vue
浏览文件 @
53c4ecb6
...
...
@@ -23,12 +23,11 @@
</
template
>
<
template
v-if=
"getColumnState('userid')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'userid'"
:label=
"$t('entities.sysuser.main_grid.columns.userid')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuser.main_grid.columns.userid'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuser.main_grid.columns.userid'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
userid
}}
</span>
</
template
>
...
...
@@ -36,12 +35,11 @@
</template>
<
template
v-if=
"getColumnState('username')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'username'"
:label=
"$t('entities.sysuser.main_grid.columns.username')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuser.main_grid.columns.username'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuser.main_grid.columns.username'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
username
}}
</span>
</
template
>
...
...
@@ -49,12 +47,11 @@
</template>
<
template
v-if=
"getColumnState('personname')"
>
<el-table-column
show-overflow-tooltip
:prop=
"'personname'"
:label=
"$t('entities.sysuser.main_grid.columns.personname')"
:width=
"250"
:align=
"'left'"
:sortable=
"'custom'"
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuser.main_grid.columns.personname'
)
}}
</span>
</
template
>
<template
v-slot:header=
"
{column}">
<span
class=
"column-header "
>
{{
$t
(
'entities.sysuser.main_grid.columns.personname'
)
}}
</span>
</
template
>
<
template
v-slot=
"{row,column}"
>
<span>
{{
row
.
personname
}}
</span>
</
template
>
...
...
config.xml
浏览文件 @
53c4ecb6
...
...
@@ -37,6 +37,11 @@
git clone -b master $para2 ibzuaa/
export NODE_OPTIONS=--max-old-space-size=4096
cd ibzuaa/
mvn clean package -Pweb
cd ibzuaa-app/ibzuaa-app-web
mvn -Pweb docker:build
mvn -Pweb docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzuaa-app-web.yaml ibzlab-rt --with-registry-auth
</command>
</hudson.tasks.Shell>
</builders>
...
...
ibzuaa-app/ibzuaa-app-web/src/main/docker/Dockerfile
浏览文件 @
53c4ecb6
...
...
@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-app-web.jar
EXPOSE
8080
EXPOSE
30002
ADD
ibzuaa-app-web.jar /ibzuaa-app-web.jar
ibzuaa-app/ibzuaa-app-web/src/main/docker/ibzuaa-app-web.yaml
浏览文件 @
53c4ecb6
...
...
@@ -3,9 +3,23 @@ services:
ibzuaa-app-web
:
image
:
registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-app-web:latest
ports
:
-
"
8080:8080
"
-
"
30002:30002
"
networks
:
-
agent_network
environment
:
-
SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
-
SERVER_PORT=30002
-
SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
-
SPRING_REDIS_HOST=172.16.100.243
-
SPRING_REDIS_PORT=6379
-
SPRING_REDIS_DATABASE=0
-
SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
-
SPRING_DATASOURCE_PASSWORD=@6dEfb3@
-
SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
-
SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
-
SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
-
ABC=1
-
DEC=2
deploy
:
mode
:
replicated
replicas
:
1
...
...
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysAuthLogResource.java
浏览文件 @
53c4ecb6
...
...
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
import
org.springframework.util.StringUtils
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.security.access.prepost.PreAuthorize
;
import
org.springframework.security.access.prepost.PostAuthorize
;
import
io.swagger.annotations.Api
;
import
io.swagger.annotations.ApiOperation
;
import
io.swagger.annotations.ApiResponse
;
...
...
@@ -47,7 +48,6 @@ public class SysAuthLogResource {
public
SysAuthLogDTO
permissionDTO
=
new
SysAuthLogDTO
();
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraft"
,
tags
=
{
"SysAuthLog"
},
notes
=
"GetDraft"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysauthlogs/getdraft"
)
public
ResponseEntity
<
SysAuthLogDTO
>
getDraft
()
{
...
...
@@ -59,14 +59,14 @@ public class SysAuthLogResource {
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysauthlogs/{sysauthlog_id}"
)
@Transactional
public
ResponseEntity
<
SysAuthLogDTO
>
update
(
@PathVariable
(
"sysauthlog_id"
)
String
sysauthlog_id
,
@RequestBody
SysAuthLogDTO
sysauthlogdto
)
{
SysAuthLog
domain
=
sysauthlogMapping
.
toDomain
(
sysauthlogdto
);
domain
.
setLogid
(
sysauthlog_id
);
sysauthlogService
.
update
(
domain
);
SysAuthLogDTO
dto
=
sysauthlogMapping
.
toDto
(
domain
);
SysAuthLog
domain
=
sysauthlogMapping
.
toDomain
(
sysauthlogdto
);
domain
.
setLogid
(
sysauthlog_id
);
sysauthlogService
.
update
(
domain
);
SysAuthLogDTO
dto
=
sysauthlogMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})")
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SysAuthLog"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysauthlogs/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SysAuthLogDTO
>
sysauthlogdtos
)
{
...
...
@@ -82,7 +82,7 @@ public class SysAuthLogResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysauthlogService
.
remove
(
sysauthlog_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysauthlogMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysauthlogMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatch"
,
tags
=
{
"SysAuthLog"
},
notes
=
"RemoveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysauthlogs/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatch
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -101,7 +101,7 @@ public class SysAuthLogResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})")
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SysAuthLog"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysauthlogs/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SysAuthLogDTO
>
sysauthlogdtos
)
{
...
...
@@ -109,7 +109,6 @@ public class SysAuthLogResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKey"
,
tags
=
{
"SysAuthLog"
},
notes
=
"CheckKey"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysauthlogs/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKey
(
@RequestBody
SysAuthLogDTO
sysauthlogdto
)
{
...
...
@@ -132,7 +131,7 @@ public class SysAuthLogResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysauthlogService
.
save
(
sysauthlogMapping
.
toDomain
(
sysauthlogdto
)));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})")
@ApiOperation
(
value
=
"SaveBatch"
,
tags
=
{
"SysAuthLog"
},
notes
=
"SaveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysauthlogs/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatch
(
@RequestBody
List
<
SysAuthLogDTO
>
sysauthlogdtos
)
{
...
...
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysPermissionResource.java
浏览文件 @
53c4ecb6
...
...
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
import
org.springframework.util.StringUtils
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.security.access.prepost.PreAuthorize
;
import
org.springframework.security.access.prepost.PostAuthorize
;
import
io.swagger.annotations.Api
;
import
io.swagger.annotations.ApiOperation
;
import
io.swagger.annotations.ApiResponse
;
...
...
@@ -54,7 +55,7 @@ public class SysPermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
syspermissionService
.
save
(
syspermissionMapping
.
toDomain
(
syspermissiondto
)));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.syspermissionMapping,#syspermissiondtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.syspermissionMapping,#syspermissiondtos})")
@ApiOperation
(
value
=
"SaveBatch"
,
tags
=
{
"SysPermission"
},
notes
=
"SaveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/syspermissions/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatch
(
@RequestBody
List
<
SysPermissionDTO
>
syspermissiondtos
)
{
...
...
@@ -62,7 +63,6 @@ public class SysPermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraft"
,
tags
=
{
"SysPermission"
},
notes
=
"GetDraft"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/syspermissions/getdraft"
)
public
ResponseEntity
<
SysPermissionDTO
>
getDraft
()
{
...
...
@@ -77,7 +77,7 @@ public class SysPermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
syspermissionService
.
remove
(
syspermission_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.syspermissionMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.syspermissionMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatch"
,
tags
=
{
"SysPermission"
},
notes
=
"RemoveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/syspermissions/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatch
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -90,14 +90,14 @@ public class SysPermissionResource {
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/syspermissions/{syspermission_id}"
)
@Transactional
public
ResponseEntity
<
SysPermissionDTO
>
update
(
@PathVariable
(
"syspermission_id"
)
String
syspermission_id
,
@RequestBody
SysPermissionDTO
syspermissiondto
)
{
SysPermission
domain
=
syspermissionMapping
.
toDomain
(
syspermissiondto
);
domain
.
setPermissionid
(
syspermission_id
);
syspermissionService
.
update
(
domain
);
SysPermissionDTO
dto
=
syspermissionMapping
.
toDto
(
domain
);
SysPermission
domain
=
syspermissionMapping
.
toDomain
(
syspermissiondto
);
domain
.
setPermissionid
(
syspermission_id
);
syspermissionService
.
update
(
domain
);
SysPermissionDTO
dto
=
syspermissionMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.syspermissionMapping,#syspermissiondtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.syspermissionMapping,#syspermissiondtos})")
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SysPermission"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/syspermissions/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SysPermissionDTO
>
syspermissiondtos
)
{
...
...
@@ -116,7 +116,7 @@ public class SysPermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.syspermissionMapping,#syspermissiondtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.syspermissionMapping,#syspermissiondtos})")
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SysPermission"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/syspermissions/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SysPermissionDTO
>
syspermissiondtos
)
{
...
...
@@ -124,7 +124,6 @@ public class SysPermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKey"
,
tags
=
{
"SysPermission"
},
notes
=
"CheckKey"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/syspermissions/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKey
(
@RequestBody
SysPermissionDTO
syspermissiondto
)
{
...
...
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysRolePermissionResource.java
浏览文件 @
53c4ecb6
...
...
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
import
org.springframework.util.StringUtils
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.security.access.prepost.PreAuthorize
;
import
org.springframework.security.access.prepost.PostAuthorize
;
import
io.swagger.annotations.Api
;
import
io.swagger.annotations.ApiOperation
;
import
io.swagger.annotations.ApiResponse
;
...
...
@@ -64,7 +65,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysrolepermissionService
.
remove
(
sysrolepermission_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatch"
,
tags
=
{
"SysRolePermission"
},
notes
=
"RemoveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatch
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -72,7 +73,6 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraft"
,
tags
=
{
"SysRolePermission"
},
notes
=
"GetDraft"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysrolepermissions/getdraft"
)
public
ResponseEntity
<
SysRolePermissionDTO
>
getDraft
()
{
...
...
@@ -90,7 +90,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SysRolePermission"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -98,7 +98,6 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKey"
,
tags
=
{
"SysRolePermission"
},
notes
=
"CheckKey"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysrolepermissions/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKey
(
@RequestBody
SysRolePermissionDTO
sysrolepermissiondto
)
{
...
...
@@ -112,7 +111,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysrolepermissionService
.
save
(
sysrolepermissionMapping
.
toDomain
(
sysrolepermissiondto
)));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"SaveBatch"
,
tags
=
{
"SysRolePermission"
},
notes
=
"SaveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysrolepermissions/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatch
(
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -125,14 +124,14 @@ public class SysRolePermissionResource {
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysrolepermissions/{sysrolepermission_id}"
)
@Transactional
public
ResponseEntity
<
SysRolePermissionDTO
>
update
(
@PathVariable
(
"sysrolepermission_id"
)
String
sysrolepermission_id
,
@RequestBody
SysRolePermissionDTO
sysrolepermissiondto
)
{
SysRolePermission
domain
=
sysrolepermissionMapping
.
toDomain
(
sysrolepermissiondto
);
domain
.
setRolepermissionid
(
sysrolepermission_id
);
sysrolepermissionService
.
update
(
domain
);
SysRolePermissionDTO
dto
=
sysrolepermissionMapping
.
toDto
(
domain
);
SysRolePermission
domain
=
sysrolepermissionMapping
.
toDomain
(
sysrolepermissiondto
);
domain
.
setRolepermissionid
(
sysrolepermission_id
);
sysrolepermissionService
.
update
(
domain
);
SysRolePermissionDTO
dto
=
sysrolepermissionMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SysRolePermission"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -178,7 +177,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysrolepermissionService
.
remove
(
sysrolepermission_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatchBySysPermission"
,
tags
=
{
"SysRolePermission"
},
notes
=
"RemoveBatchBySysPermission"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/syspermissions/{syspermission_id}/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatchBySysPermission
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -186,7 +185,6 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraftBySysPermission"
,
tags
=
{
"SysRolePermission"
},
notes
=
"GetDraftBySysPermission"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/syspermissions/{syspermission_id}/sysrolepermissions/getdraft"
)
public
ResponseEntity
<
SysRolePermissionDTO
>
getDraftBySysPermission
(
@PathVariable
(
"syspermission_id"
)
String
syspermission_id
)
{
...
...
@@ -207,7 +205,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"createBatchBySysPermission"
,
tags
=
{
"SysRolePermission"
},
notes
=
"createBatchBySysPermission"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/syspermissions/{syspermission_id}/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
createBatchBySysPermission
(
@PathVariable
(
"syspermission_id"
)
String
syspermission_id
,
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -219,7 +217,6 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKeyBySysPermission"
,
tags
=
{
"SysRolePermission"
},
notes
=
"CheckKeyBySysPermission"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/syspermissions/{syspermission_id}/sysrolepermissions/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKeyBySysPermission
(
@PathVariable
(
"syspermission_id"
)
String
syspermission_id
,
@RequestBody
SysRolePermissionDTO
sysrolepermissiondto
)
{
...
...
@@ -235,7 +232,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysrolepermissionService
.
save
(
domain
));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"SaveBatchBySysPermission"
,
tags
=
{
"SysRolePermission"
},
notes
=
"SaveBatchBySysPermission"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/syspermissions/{syspermission_id}/sysrolepermissions/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatchBySysPermission
(
@PathVariable
(
"syspermission_id"
)
String
syspermission_id
,
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -260,7 +257,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"UpdateBatchBySysPermission"
,
tags
=
{
"SysRolePermission"
},
notes
=
"UpdateBatchBySysPermission"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/syspermissions/{syspermission_id}/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatchBySysPermission
(
@PathVariable
(
"syspermission_id"
)
String
syspermission_id
,
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -312,7 +309,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysrolepermissionService
.
remove
(
sysrolepermission_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatchBySysRole"
,
tags
=
{
"SysRolePermission"
},
notes
=
"RemoveBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysroles/{sysrole_id}/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatchBySysRole
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -320,7 +317,6 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraftBySysRole"
,
tags
=
{
"SysRolePermission"
},
notes
=
"GetDraftBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysroles/{sysrole_id}/sysrolepermissions/getdraft"
)
public
ResponseEntity
<
SysRolePermissionDTO
>
getDraftBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
)
{
...
...
@@ -341,7 +337,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"createBatchBySysRole"
,
tags
=
{
"SysRolePermission"
},
notes
=
"createBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/{sysrole_id}/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
createBatchBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -353,7 +349,6 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKeyBySysRole"
,
tags
=
{
"SysRolePermission"
},
notes
=
"CheckKeyBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/{sysrole_id}/sysrolepermissions/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKeyBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
SysRolePermissionDTO
sysrolepermissiondto
)
{
...
...
@@ -369,7 +364,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysrolepermissionService
.
save
(
domain
));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"SaveBatchBySysRole"
,
tags
=
{
"SysRolePermission"
},
notes
=
"SaveBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/{sysrole_id}/sysrolepermissions/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatchBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
@@ -394,7 +389,7 @@ public class SysRolePermissionResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@ApiOperation
(
value
=
"UpdateBatchBySysRole"
,
tags
=
{
"SysRolePermission"
},
notes
=
"UpdateBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysroles/{sysrole_id}/sysrolepermissions/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatchBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
List
<
SysRolePermissionDTO
>
sysrolepermissiondtos
)
{
...
...
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysRoleResource.java
浏览文件 @
53c4ecb6
...
...
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
import
org.springframework.util.StringUtils
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.security.access.prepost.PreAuthorize
;
import
org.springframework.security.access.prepost.PostAuthorize
;
import
io.swagger.annotations.Api
;
import
io.swagger.annotations.ApiOperation
;
import
io.swagger.annotations.ApiResponse
;
...
...
@@ -54,7 +55,7 @@ public class SysRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysroleService
.
save
(
sysroleMapping
.
toDomain
(
sysroledto
)));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysroleMapping,#sysroledtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysroleMapping,#sysroledtos})")
@ApiOperation
(
value
=
"SaveBatch"
,
tags
=
{
"SysRole"
},
notes
=
"SaveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatch
(
@RequestBody
List
<
SysRoleDTO
>
sysroledtos
)
{
...
...
@@ -67,14 +68,14 @@ public class SysRoleResource {
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysroles/{sysrole_id}"
)
@Transactional
public
ResponseEntity
<
SysRoleDTO
>
update
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
SysRoleDTO
sysroledto
)
{
SysRole
domain
=
sysroleMapping
.
toDomain
(
sysroledto
);
domain
.
setRoleid
(
sysrole_id
);
sysroleService
.
update
(
domain
);
SysRoleDTO
dto
=
sysroleMapping
.
toDto
(
domain
);
SysRole
domain
=
sysroleMapping
.
toDomain
(
sysroledto
);
domain
.
setRoleid
(
sysrole_id
);
sysroleService
.
update
(
domain
);
SysRoleDTO
dto
=
sysroleMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysroleMapping,#sysroledtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysroleMapping,#sysroledtos})")
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SysRole"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysroles/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SysRoleDTO
>
sysroledtos
)
{
...
...
@@ -93,7 +94,7 @@ public class SysRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysroleMapping,#sysroledtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysroleMapping,#sysroledtos})")
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SysRole"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SysRoleDTO
>
sysroledtos
)
{
...
...
@@ -118,7 +119,7 @@ public class SysRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysroleService
.
remove
(
sysrole_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysroleMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysroleMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatch"
,
tags
=
{
"SysRole"
},
notes
=
"RemoveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysroles/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatch
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -126,14 +127,12 @@ public class SysRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraft"
,
tags
=
{
"SysRole"
},
notes
=
"GetDraft"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysroles/getdraft"
)
public
ResponseEntity
<
SysRoleDTO
>
getDraft
()
{
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysroleMapping
.
toDto
(
sysroleService
.
getDraft
(
new
SysRole
())));
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKey"
,
tags
=
{
"SysRole"
},
notes
=
"CheckKey"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKey
(
@RequestBody
SysRoleDTO
sysroledto
)
{
...
...
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysUserResource.java
浏览文件 @
53c4ecb6
...
...
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
import
org.springframework.util.StringUtils
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.security.access.prepost.PreAuthorize
;
import
org.springframework.security.access.prepost.PostAuthorize
;
import
io.swagger.annotations.Api
;
import
io.swagger.annotations.ApiOperation
;
import
io.swagger.annotations.ApiResponse
;
...
...
@@ -55,7 +56,7 @@ public class SysUserResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserService
.
remove
(
sysuser_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysuserMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatch"
,
tags
=
{
"SysUser"
},
notes
=
"RemoveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysusers/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatch
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -68,14 +69,14 @@ public class SysUserResource {
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysusers/{sysuser_id}"
)
@Transactional
public
ResponseEntity
<
SysUserDTO
>
update
(
@PathVariable
(
"sysuser_id"
)
String
sysuser_id
,
@RequestBody
SysUserDTO
sysuserdto
)
{
SysUser
domain
=
sysuserMapping
.
toDomain
(
sysuserdto
);
domain
.
setUserid
(
sysuser_id
);
sysuserService
.
update
(
domain
);
SysUserDTO
dto
=
sysuserMapping
.
toDto
(
domain
);
SysUser
domain
=
sysuserMapping
.
toDomain
(
sysuserdto
);
domain
.
setUserid
(
sysuser_id
);
sysuserService
.
update
(
domain
);
SysUserDTO
dto
=
sysuserMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysuserMapping,#sysuserdtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserMapping,#sysuserdtos})")
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SysUser"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysusers/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SysUserDTO
>
sysuserdtos
)
{
...
...
@@ -83,7 +84,6 @@ public class SysUserResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKey"
,
tags
=
{
"SysUser"
},
notes
=
"CheckKey"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysusers/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKey
(
@RequestBody
SysUserDTO
sysuserdto
)
{
...
...
@@ -106,7 +106,7 @@ public class SysUserResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserService
.
save
(
sysuserMapping
.
toDomain
(
sysuserdto
)));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysuserMapping,#sysuserdtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserMapping,#sysuserdtos})")
@ApiOperation
(
value
=
"SaveBatch"
,
tags
=
{
"SysUser"
},
notes
=
"SaveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysusers/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatch
(
@RequestBody
List
<
SysUserDTO
>
sysuserdtos
)
{
...
...
@@ -114,7 +114,6 @@ public class SysUserResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraft"
,
tags
=
{
"SysUser"
},
notes
=
"GetDraft"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysusers/getdraft"
)
public
ResponseEntity
<
SysUserDTO
>
getDraft
()
{
...
...
@@ -132,7 +131,7 @@ public class SysUserResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysuserMapping,#sysuserdtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserMapping,#sysuserdtos})")
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SysUser"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysusers/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SysUserDTO
>
sysuserdtos
)
{
...
...
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysUserRoleResource.java
浏览文件 @
53c4ecb6
...
...
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
import
org.springframework.util.StringUtils
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.security.access.prepost.PreAuthorize
;
import
org.springframework.security.access.prepost.PostAuthorize
;
import
io.swagger.annotations.Api
;
import
io.swagger.annotations.ApiOperation
;
import
io.swagger.annotations.ApiResponse
;
...
...
@@ -47,14 +48,12 @@ public class SysUserRoleResource {
public
SysUserRoleDTO
permissionDTO
=
new
SysUserRoleDTO
();
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKey"
,
tags
=
{
"SysUserRole"
},
notes
=
"CheckKey"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysuserroles/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKey
(
@RequestBody
SysUserRoleDTO
sysuserroledto
)
{
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
checkKey
(
sysuserroleMapping
.
toDomain
(
sysuserroledto
)));
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraft"
,
tags
=
{
"SysUserRole"
},
notes
=
"GetDraft"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysuserroles/getdraft"
)
public
ResponseEntity
<
SysUserRoleDTO
>
getDraft
()
{
...
...
@@ -66,14 +65,14 @@ public class SysUserRoleResource {
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysuserroles/{sysuserrole_id}"
)
@Transactional
public
ResponseEntity
<
SysUserRoleDTO
>
update
(
@PathVariable
(
"sysuserrole_id"
)
String
sysuserrole_id
,
@RequestBody
SysUserRoleDTO
sysuserroledto
)
{
SysUserRole
domain
=
sysuserroleMapping
.
toDomain
(
sysuserroledto
);
domain
.
setUserroleid
(
sysuserrole_id
);
sysuserroleService
.
update
(
domain
);
SysUserRoleDTO
dto
=
sysuserroleMapping
.
toDto
(
domain
);
SysUserRole
domain
=
sysuserroleMapping
.
toDomain
(
sysuserroledto
);
domain
.
setUserroleid
(
sysuserrole_id
);
sysuserroleService
.
update
(
domain
);
SysUserRoleDTO
dto
=
sysuserroleMapping
.
toDto
(
domain
);
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"UpdateBatch"
,
tags
=
{
"SysUserRole"
},
notes
=
"UpdateBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatch
(
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -89,7 +88,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
remove
(
sysuserrole_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatch"
,
tags
=
{
"SysUserRole"
},
notes
=
"RemoveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatch
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -108,7 +107,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"createBatch"
,
tags
=
{
"SysUserRole"
},
notes
=
"createBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
createBatch
(
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -132,7 +131,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
save
(
sysuserroleMapping
.
toDomain
(
sysuserroledto
)));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"SaveBatch"
,
tags
=
{
"SysUserRole"
},
notes
=
"SaveBatch"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysuserroles/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatch
(
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -161,14 +160,12 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
)
.
body
(
new
PageImpl
(
sysuserroleMapping
.
toDto
(
domains
.
getContent
()),
context
.
getPageable
(),
domains
.
getTotalElements
()));
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKeyBySysRole"
,
tags
=
{
"SysUserRole"
},
notes
=
"CheckKeyBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/{sysrole_id}/sysuserroles/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKeyBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
SysUserRoleDTO
sysuserroledto
)
{
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
checkKey
(
sysuserroleMapping
.
toDomain
(
sysuserroledto
)));
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraftBySysRole"
,
tags
=
{
"SysUserRole"
},
notes
=
"GetDraftBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysroles/{sysrole_id}/sysuserroles/getdraft"
)
public
ResponseEntity
<
SysUserRoleDTO
>
getDraftBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
)
{
...
...
@@ -190,7 +187,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"UpdateBatchBySysRole"
,
tags
=
{
"SysUserRole"
},
notes
=
"UpdateBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysroles/{sysrole_id}/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatchBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -210,7 +207,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
remove
(
sysuserrole_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatchBySysRole"
,
tags
=
{
"SysUserRole"
},
notes
=
"RemoveBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysroles/{sysrole_id}/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatchBySysRole
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -230,7 +227,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"createBatchBySysRole"
,
tags
=
{
"SysUserRole"
},
notes
=
"createBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/{sysrole_id}/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
createBatchBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -260,7 +257,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
save
(
domain
));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"SaveBatchBySysRole"
,
tags
=
{
"SysUserRole"
},
notes
=
"SaveBatchBySysRole"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysroles/{sysrole_id}/sysuserroles/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatchBySysRole
(
@PathVariable
(
"sysrole_id"
)
String
sysrole_id
,
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -295,14 +292,12 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
)
.
body
(
new
PageImpl
(
sysuserroleMapping
.
toDto
(
domains
.
getContent
()),
context
.
getPageable
(),
domains
.
getTotalElements
()));
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-CheckKey-all')"
)
@ApiOperation
(
value
=
"CheckKeyBySysUser"
,
tags
=
{
"SysUserRole"
},
notes
=
"CheckKeyBySysUser"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysusers/{sysuser_id}/sysuserroles/checkkey"
)
public
ResponseEntity
<
Boolean
>
checkKeyBySysUser
(
@PathVariable
(
"sysuser_id"
)
String
sysuser_id
,
@RequestBody
SysUserRoleDTO
sysuserroledto
)
{
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
checkKey
(
sysuserroleMapping
.
toDomain
(
sysuserroledto
)));
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-GetDraft-all')"
)
@ApiOperation
(
value
=
"GetDraftBySysUser"
,
tags
=
{
"SysUserRole"
},
notes
=
"GetDraftBySysUser"
)
@RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"/sysusers/{sysuser_id}/sysuserroles/getdraft"
)
public
ResponseEntity
<
SysUserRoleDTO
>
getDraftBySysUser
(
@PathVariable
(
"sysuser_id"
)
String
sysuser_id
)
{
...
...
@@ -324,7 +319,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"UpdateBatchBySysUser"
,
tags
=
{
"SysUserRole"
},
notes
=
"UpdateBatchBySysUser"
)
@RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"/sysusers/{sysuser_id}/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
updateBatchBySysUser
(
@PathVariable
(
"sysuser_id"
)
String
sysuser_id
,
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -344,7 +339,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
remove
(
sysuserrole_id
));
}
@PreAuthorize
(
"hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})"
)
//
@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})")
@ApiOperation
(
value
=
"RemoveBatchBySysUser"
,
tags
=
{
"SysUserRole"
},
notes
=
"RemoveBatchBySysUser"
)
@RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"/sysusers/{sysuser_id}/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
removeBatchBySysUser
(
@RequestBody
List
<
String
>
ids
)
{
...
...
@@ -364,7 +359,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
dto
);
}
@PreAuthorize
(
"hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"createBatchBySysUser"
,
tags
=
{
"SysUserRole"
},
notes
=
"createBatchBySysUser"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysusers/{sysuser_id}/sysuserroles/batch"
)
public
ResponseEntity
<
Boolean
>
createBatchBySysUser
(
@PathVariable
(
"sysuser_id"
)
String
sysuser_id
,
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
@@ -394,7 +389,7 @@ public class SysUserRoleResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
sysuserroleService
.
save
(
domain
));
}
@PreAuthorize
(
"hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})"
)
//
@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@ApiOperation
(
value
=
"SaveBatchBySysUser"
,
tags
=
{
"SysUserRole"
},
notes
=
"SaveBatchBySysUser"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/sysusers/{sysuser_id}/sysuserroles/savebatch"
)
public
ResponseEntity
<
Boolean
>
saveBatchBySysUser
(
@PathVariable
(
"sysuser_id"
)
String
sysuser_id
,
@RequestBody
List
<
SysUserRoleDTO
>
sysuserroledtos
)
{
...
...
ibzuaa-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
浏览文件 @
53c4ecb6
package
cn
.
ibizlab
.
util
.
security
;
import
com.baomidou.mybatisplus.core.conditions.query.QueryWrapper
;
import
com.baomidou.mybatisplus.extension.service.impl.ServiceImpl
;
import
com.mongodb.QueryBuilder
;
import
cn.ibizlab.util.annotation.DEField
;
import
cn.ibizlab.util.domain.DTOBase
;
import
cn.ibizlab.util.domain.EntityBase
;
import
cn.ibizlab.util.domain.MappingBase
;
import
cn.ibizlab.util.enums.DEPredefinedFieldType
;
import
cn.ibizlab.util.helper.DEFieldCacheMap
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.data.mongodb.core.MongoTemplate
;
import
org.springframework.data.mongodb.core.query.BasicQuery
;
import
org.springframework.data.mongodb.core.query.Query
;
import
org.springframework.security.access.PermissionEvaluator
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.GrantedAuthority
;
import
org.springframework.stereotype.Component
;
import
org.springframework.util.ObjectUtils
;
import
org.springframework.util.StringUtils
;
import
javax.annotation.Resource
;
import
java.io.Serializable
;
import
java.lang.reflect.Field
;
import
java.util.*
;
...
...
@@ -34,273 +23,71 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
@Value
(
"${ibiz.enablePermissionValid:false}"
)
boolean
enablePermissionValid
;
//是否开启权限校验
/**
*实体主键标识
*/
private
String
keyFieldTag
=
"keyfield"
;
@Resource
@Lazy
private
MongoTemplate
mongoTemplate
;
/**
*
批处理权限检查[createBatch:updateBatch:removeBatch]
*
实体行为鉴权
* @param authentication
* @param
DEAction
* @param
params
* @param
entity
* @param
action
* @return
*/
@Override
public
boolean
hasPermission
(
Authentication
authentication
,
Object
DEAction
,
Object
params
)
{
public
boolean
hasPermission
(
Authentication
authentication
,
Object
entity
,
Object
action
)
{
//未开启权限校验、超级管理员则不进行权限检查
if
(
AuthenticationUser
.
getAuthenticationUser
().
getSuperuser
()==
1
||
!
enablePermissionValid
)
return
true
;
List
paramList
=
(
ArrayList
)
params
;
String
deStorageMode
=
(
String
)
paramList
.
get
(
0
);
String
action
=
String
.
valueOf
(
DEAction
);
List
<
String
>
ids
=
null
;
EntityBase
entity
;
List
<
EntityBase
>
entityList
=
null
;
MappingBase
mappingBase
=
(
MappingBase
)
paramList
.
get
(
1
);
//参数准备
if
(
action
.
equalsIgnoreCase
(
"remove"
)){
entity
=
(
EntityBase
)
mappingBase
.
toDomain
(
paramList
.
get
(
2
));
ids
=
(
List
<
String
>)
paramList
.
get
(
3
);
}
else
{
List
<
DTOBase
>
dtoList
=
(
List
<
DTOBase
>)
paramList
.
get
(
2
);
if
(
dtoList
.
size
()==
0
)
return
false
;
entityList
=
mappingBase
.
toDomain
(
dtoList
);
entity
=
(
EntityBase
)
mappingBase
.
toDomain
(
dtoList
.
get
(
0
));
}
if
(
entity
==
null
)
return
false
;
Set
<
String
>
entityDataRange
=
getAuthorities
(
authentication
,
entity
.
getClass
().
getSimpleName
(),
action
);
String
strAction
=
String
.
valueOf
(
action
);
Set
<
String
>
entityDataRange
=
getAuthorities
(
authentication
,
strAction
);
if
(
entityDataRange
.
size
()==
0
)
return
false
;
//拥有全部数据访问权限时,则跳过权限检查
if
(
isAllData
(
a
ction
,
entityDataRange
)){
if
(
isAllData
(
strA
ction
,
entityDataRange
)){
return
true
;
}
if
(
action
.
equalsIgnoreCase
(
"create"
)){
return
createBatchActionPermissionValid
(
entityList
,
entityDataRange
);
}
else
if
(
action
.
equalsIgnoreCase
(
"save"
)){
return
saveBatchActionPermissionValid
(
deStorageMode
,
entityList
,
entityDataRange
);
if
(
entity
instanceof
ArrayList
){
List
<
EntityBase
>
entities
=
(
List
<
EntityBase
>)
entity
;
for
(
EntityBase
entityBase:
entities
){
boolean
result
=
actionValid
(
entityBase
,
entityDataRange
);
if
(!
result
){
return
false
;
}
}
}
else
{
if
(!
action
.
equalsIgnoreCase
(
"remove"
)){
ids
=
getIds
(
entity
,
entityList
);
}
if
(
ids
.
size
()==
0
)
return
false
;
return
otherBatchActionPermissionValidRouter
(
deStorageMode
,
entity
,
ids
,
entityDataRange
);
EntityBase
entityBase
=
(
EntityBase
)
entity
;
return
actionValid
(
entityBase
,
entityDataRange
);
}
return
true
;
}
/**
* 实体行为权限检查 :用于检查当前用户是否拥有实体的新建、编辑、删除权限
*
* @param authentication
* @param id 当前操作数据的主键
* @param action 当前操作行为:如:[READ、UPDATE、DELETE]
* @param params 相关参数
* @return true/false true则允许当前行为,false拒绝行为
*/
@Override
public
boolean
hasPermission
(
Authentication
authentication
,
Serializable
id
,
String
action
,
Object
params
)
{
//未开启权限校验、超级管理员则不进行权限检查
if
(
AuthenticationUser
.
getAuthenticationUser
().
getSuperuser
()==
1
||
!
enablePermissionValid
)
return
true
;
List
paramList
=
(
ArrayList
)
params
;
String
deStorageMode
=
(
String
)
paramList
.
get
(
0
);
MappingBase
mappingBase
=
(
MappingBase
)
paramList
.
get
(
1
);
DTOBase
dtoBase
=
(
DTOBase
)
paramList
.
get
(
2
);
EntityBase
entity
=
(
EntityBase
)
mappingBase
.
toDomain
(
dtoBase
);
if
(
StringUtils
.
isEmpty
(
entity
))
return
false
;
Set
<
String
>
entityDataRange
=
getAuthorities
(
authentication
,
entity
.
getClass
().
getSimpleName
(),
action
);
if
(
entityDataRange
.
size
()==
0
)
return
false
;
//拥有全部数据访问权限时,则跳过权限检查
if
(
isAllData
(
action
,
entityDataRange
)){
return
true
;
}
if
(
action
.
equalsIgnoreCase
(
"save"
)){
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
String
keyFieldName
=
permissionField
.
get
(
keyFieldTag
);
Object
srfKey
=
entity
.
get
(
keyFieldName
);
if
(
ObjectUtils
.
isEmpty
(
srfKey
))
action
=
"create"
;
else
action
=
"update"
;
}
if
(
action
.
equalsIgnoreCase
(
"create"
)){
return
createActionPermissionValid
(
entity
,
entityDataRange
);
}
else
{
return
otherActionPermissionValidRouter
(
deStorageMode
,
entity
,
id
,
entityDataRange
);
}
return
true
;
}
/**
* 获取用户权限资源
* @param authentication
* @param entityName
* @param action
* @return
*/
private
Set
<
String
>
getAuthorities
(
Authentication
authentication
,
String
entityName
,
String
action
){
private
Set
<
String
>
getAuthorities
(
Authentication
authentication
,
String
action
){
Collection
authorities
=
authentication
.
getAuthorities
();
Set
<
String
>
entityDataRange
=
new
HashSet
();
Iterator
var2
=
authorities
.
iterator
();
while
(
var2
.
hasNext
())
{
GrantedAuthority
authority
=
(
GrantedAuthority
)
var2
.
next
();
if
(
authority
.
getAuthority
().
contains
(
String
.
format
(
"%s-%s-"
,
entityName
,
action
)
))
if
(
authority
.
getAuthority
().
contains
(
action
))
entityDataRange
.
add
(
authority
.
getAuthority
());
}
return
entityDataRange
;
}
/**
* 批save校验
* @param deStorageMode
* @param entityList
* @param entityDataRange
* @return
*/
private
boolean
saveBatchActionPermissionValid
(
String
deStorageMode
,
List
<
EntityBase
>
entityList
,
Set
<
String
>
entityDataRange
)
{
if
(
entityList
==
null
||
entityList
.
size
()==
0
)
return
false
;
EntityBase
tempEntity
=
entityList
.
get
(
0
);
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
tempEntity
);
String
keyFieldName
=
permissionField
.
get
(
keyFieldTag
);
List
createList
=
new
ArrayList
();
List
<
String
>
updateList
=
new
ArrayList
();
for
(
EntityBase
entity
:
entityList
){
Object
id
=
entity
.
get
(
keyFieldName
);
if
(
ObjectUtils
.
isEmpty
(
id
))
createList
.
add
(
entity
);
else
updateList
.
add
(
String
.
valueOf
(
id
));
}
if
(
updateList
.
size
()>
0
){
boolean
isUpdate
=
otherBatchActionPermissionValidRouter
(
deStorageMode
,
tempEntity
,
updateList
,
entityDataRange
);
if
(!
isUpdate
)
return
false
;
}
if
(
createList
.
size
()>
0
){
boolean
isCreate
=
createBatchActionPermissionValid
(
entityList
,
entityDataRange
);
if
(!
isCreate
)
return
false
;
}
return
true
;
}
/**
* 批处理新建权限校验
* @param entityList
* @param entityDataRange
* @return
*/
private
boolean
createBatchActionPermissionValid
(
List
<
EntityBase
>
entityList
,
Set
<
String
>
entityDataRange
){
for
(
EntityBase
entity
:
entityList
){
boolean
isCreate
=
createActionPermissionValid
(
entity
,
entityDataRange
);
if
(!
isCreate
){
return
false
;
}
}
return
true
;
}
/**
* 批处理行为权限校验[get:update:delete]
* @param deStorageMode
* @param entity
* @param ids
* @param entityDataRange
* @return
*/
private
boolean
otherBatchActionPermissionValidRouter
(
String
deStorageMode
,
EntityBase
entity
,
List
<
String
>
ids
,
Set
<
String
>
entityDataRange
){
if
(
deStorageMode
.
equalsIgnoreCase
(
"sql"
)){
return
sqlBatchPermissionValid
(
entity
,
ids
,
entityDataRange
);
}
else
if
(
deStorageMode
.
equalsIgnoreCase
(
"nosql"
)){
return
noSqlBatchPermissionValid
(
entity
,
ids
,
entityDataRange
);
}
else
if
(
deStorageMode
.
equalsIgnoreCase
(
"serviceapi"
)){
return
true
;
}
else
{
throw
new
RuntimeException
(
String
.
format
(
"未能识别实体对应存储模式[%s]"
,
deStorageMode
));
}
}
/**
* SQL批处理权限校验
* @param entity
* @param ids
* @param entityDataRange
* @return
*/
private
boolean
sqlBatchPermissionValid
(
EntityBase
entity
,
List
<
String
>
ids
,
Set
<
String
>
entityDataRange
){
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
String
keyFieldName
=
permissionField
.
get
(
keyFieldTag
);
ServiceImpl
service
=
SpringContextHolder
.
getBean
(
String
.
format
(
"%s%s"
,
entity
.
getClass
().
getSimpleName
(),
"ServiceImpl"
));
//获取实体service对象
//通过权限表达式来获取sql
String
permissionSQL
=
String
.
format
(
" (%s) AND ( %s in (%s) ) "
,
getPermissionSQL
(
entity
,
entityDataRange
),
keyFieldName
,
getEntityKeyCond
(
ids
));
//拼接权限条件-编辑
//执行sql进行权限检查
QueryWrapper
permissionWrapper
=
getPermissionWrapper
(
permissionSQL
);
//构造权限条件
List
list
=
service
.
list
(
permissionWrapper
);
if
(
list
.
size
()
==
ids
.
size
()){
return
true
;
}
else
{
return
false
;
}
}
/**
* NoSQL批处理权限校验
* @param entity
* @param ids
* @param entityDataRange
* @return
*/
private
boolean
noSqlBatchPermissionValid
(
EntityBase
entity
,
List
<
String
>
ids
,
Set
<
String
>
entityDataRange
)
{
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
String
keyFieldName
=
permissionField
.
get
(
keyFieldTag
);
//根据权限表达式填充权限条件
QueryBuilder
permissionCond
=
getNoSqlPermissionCond
(
entity
,
entityDataRange
);
//权限条件拼接主键
permissionCond
.
and
(
keyFieldName
).
in
(
ids
);
//执行权限检查
Query
query
=
new
BasicQuery
(
permissionCond
.
get
().
toString
());
List
list
=
mongoTemplate
.
find
(
query
,
entity
.
getClass
());
if
(
list
.
size
()==
ids
.
size
()){
return
true
;
}
else
{
return
false
;
}
}
/**
* 是否为全部数据
* @param action
...
...
@@ -317,14 +104,13 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
}
/**
*
新建行为
校验
*
实体行为权限
校验
* @param entity
* @param entityDataRange
* @return
*/
private
boolean
createActionPermiss
ionValid
(
EntityBase
entity
,
Set
<
String
>
entityDataRange
){
private
boolean
act
ionValid
(
EntityBase
entity
,
Set
<
String
>
entityDataRange
){
boolean
isCreate
=
true
;
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
String
orgField
=
permissionField
.
get
(
"orgfield"
);
String
orgDeptField
=
permissionField
.
get
(
"orgsecfield"
);
...
...
@@ -374,203 +160,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return
false
;
}
return
isCreate
;
}
/**
* 根据实体存储模式,进行鉴权
* @param deStorageMode
* @param entity
* @param id
* @param entityDataRange
* @return
*/
private
boolean
otherActionPermissionValidRouter
(
String
deStorageMode
,
EntityBase
entity
,
Object
id
,
Set
<
String
>
entityDataRange
){
if
(
deStorageMode
.
equalsIgnoreCase
(
"sql"
)){
return
sqlPermissionValid
(
entity
,
id
,
entityDataRange
);
}
else
if
(
deStorageMode
.
equalsIgnoreCase
(
"nosql"
)){
return
noSqlPermissionValid
(
entity
,
id
,
entityDataRange
);
}
else
if
(
deStorageMode
.
equalsIgnoreCase
(
"serviceapi"
)){
return
true
;
}
else
{
throw
new
RuntimeException
(
String
.
format
(
"未能识别[%s]实体对应存储模式[%s]"
,
entity
.
getClass
().
getSimpleName
(),
deStorageMode
));
}
}
/**
* sql存储模式实体行为鉴权
* @param entity
* @param id
* @param entityDataRange
* @return
*/
private
boolean
sqlPermissionValid
(
EntityBase
entity
,
Object
id
,
Set
<
String
>
entityDataRange
){
ServiceImpl
service
=
SpringContextHolder
.
getBean
(
String
.
format
(
"%s%s"
,
entity
.
getClass
().
getSimpleName
(),
"ServiceImpl"
));
//获取实体service对象
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
//通过权限表达式来获取sql
String
permissionSQL
=
String
.
format
(
" (%s) AND (%s='%s')"
,
getPermissionSQL
(
entity
,
entityDataRange
),
permissionField
.
get
(
keyFieldTag
),
id
);
//拼接权限条件-编辑
//执行sql进行权限检查
QueryWrapper
permissionWrapper
=
getPermissionWrapper
(
permissionSQL
);
//构造权限条件
List
list
=
service
.
list
(
permissionWrapper
);
if
(
list
.
size
()>
0
){
return
true
;
}
else
{
return
false
;
}
}
/**
* NoSQL实体行为鉴权
* @param entity
* @param id
* @param entityDataRange
* @return
*/
private
boolean
noSqlPermissionValid
(
EntityBase
entity
,
Object
id
,
Set
<
String
>
entityDataRange
)
{
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
String
keyField
=
permissionField
.
get
(
keyFieldTag
);
//根据权限表达式填充权限条件
QueryBuilder
permissionCond
=
getNoSqlPermissionCond
(
entity
,
entityDataRange
);
//权限条件拼接主键
permissionCond
.
and
(
keyField
).
is
(
id
);
//执行权限检查
Query
query
=
new
BasicQuery
(
permissionCond
.
get
().
toString
());
List
list
=
mongoTemplate
.
find
(
query
,
entity
.
getClass
());
if
(
list
.
size
()>
0
){
return
true
;
}
else
{
return
false
;
}
}
/**
* 为NoSQL存储模式的表格查询填充权限条件
* @param entity
* @param entityDataRange
* @return
*/
private
QueryBuilder
getNoSqlPermissionCond
(
EntityBase
entity
,
Set
<
String
>
entityDataRange
){
QueryBuilder
permissionSQL
=
new
QueryBuilder
();
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
String
orgField
=
permissionField
.
get
(
"orgfield"
);
String
orgDeptField
=
permissionField
.
get
(
"orgsecfield"
);
String
createManField
=
permissionField
.
get
(
"createmanfield"
);
AuthenticationUser
authenticationUser
=
AuthenticationUser
.
getAuthenticationUser
();
Map
<
String
,
Set
<
String
>>
userInfo
=
authenticationUser
.
getOrgInfo
();
Set
<
String
>
orgParent
=
userInfo
.
get
(
"parentorg"
);
Set
<
String
>
orgChild
=
userInfo
.
get
(
"suborg"
);
Set
<
String
>
orgDeptParent
=
userInfo
.
get
(
"parentdept"
);
Set
<
String
>
orgDeptChild
=
userInfo
.
get
(
"subdept"
);
for
(
String
permissionCond:
entityDataRange
){
if
(
permissionCond
.
endsWith
(
"curorg"
)){
//本单位
permissionSQL
.
or
(
new
QueryBuilder
().
and
(
orgField
).
is
(
AuthenticationUser
.
getAuthenticationUser
().
getOrgid
()).
get
());
}
else
if
(
permissionCond
.
endsWith
(
"porg"
)){
//上级单位
permissionSQL
.
or
(
new
QueryBuilder
().
and
(
orgField
).
in
(
formatStringArr
(
orgParent
)).
get
());
}
else
if
(
permissionCond
.
endsWith
(
"sorg"
)){
//下级单位
permissionSQL
.
or
(
new
QueryBuilder
().
and
(
orgField
).
in
(
formatStringArr
(
orgChild
)).
get
());
}
else
if
(
permissionCond
.
endsWith
(
"createman"
)){
//建立人
permissionSQL
.
or
(
new
QueryBuilder
().
and
(
createManField
).
is
(
AuthenticationUser
.
getAuthenticationUser
().
getUserid
()).
get
());
}
else
if
(
permissionCond
.
endsWith
(
"curorgdept"
)){
//本部门
permissionSQL
.
or
(
new
QueryBuilder
().
and
(
orgDeptField
).
is
(
AuthenticationUser
.
getAuthenticationUser
().
getMdeptid
()).
get
());
}
else
if
(
permissionCond
.
endsWith
(
"porgdept"
)){
//上级部门
permissionSQL
.
or
(
new
QueryBuilder
().
and
(
orgDeptField
).
in
(
formatStringArr
(
orgDeptParent
)).
get
());
}
else
if
(
permissionCond
.
endsWith
(
"sorgdept"
)){
//下级部门
permissionSQL
.
or
(
new
QueryBuilder
().
and
(
orgDeptField
).
in
(
formatStringArr
(
orgDeptChild
)).
get
());
}
else
if
(
permissionCond
.
endsWith
(
"all"
)){
permissionSQL
.
or
(
new
QueryBuilder
().
get
());
}
}
return
permissionSQL
;
}
/**
* SQL获取权限条件
* @param entity
* @param entityDataRange
* @return
*/
private
String
getPermissionSQL
(
EntityBase
entity
,
Set
<
String
>
entityDataRange
){
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entity
);
//获取组织、部门预置属性
String
nPermissionSQL
=
"1<>1"
;
String
orgField
=
permissionField
.
get
(
"orgfield"
);
String
orgDeptField
=
permissionField
.
get
(
"orgsecfield"
);
String
createManField
=
permissionField
.
get
(
"createmanfield"
);
StringBuffer
permissionSQL
=
new
StringBuffer
();
AuthenticationUser
authenticationUser
=
AuthenticationUser
.
getAuthenticationUser
();
Map
<
String
,
Set
<
String
>>
userInfo
=
authenticationUser
.
getOrgInfo
();
Set
<
String
>
orgParent
=
userInfo
.
get
(
"parentorg"
);
Set
<
String
>
orgChild
=
userInfo
.
get
(
"suborg"
);
Set
<
String
>
orgDeptParent
=
userInfo
.
get
(
"parentdept"
);
Set
<
String
>
orgDeptChild
=
userInfo
.
get
(
"subdept"
);
for
(
String
permissionCond:
entityDataRange
){
permissionSQL
.
append
(
"OR"
);
if
(
permissionCond
.
endsWith
(
"curorg"
)){
//本单位
permissionSQL
.
append
(
String
.
format
(
"(%s='%s')"
,
orgField
,
AuthenticationUser
.
getAuthenticationUser
().
getOrgid
()));
}
else
if
(
permissionCond
.
endsWith
(
"porg"
)){
//上级单位
permissionSQL
.
append
(
String
.
format
(
" %s in(%s) "
,
orgField
,
formatStringArr
(
orgParent
)));
}
else
if
(
permissionCond
.
endsWith
(
"sorg"
)){
//下级单位
permissionSQL
.
append
(
String
.
format
(
" %s in(%s) "
,
orgField
,
formatStringArr
(
orgChild
)));
}
else
if
(
permissionCond
.
endsWith
(
"createman"
)){
//建立人
permissionSQL
.
append
(
String
.
format
(
"(%s='%s')"
,
createManField
,
AuthenticationUser
.
getAuthenticationUser
().
getUserid
()));
}
else
if
(
permissionCond
.
endsWith
(
"curorgdept"
)){
//本部门
permissionSQL
.
append
(
String
.
format
(
"(%s='%s')"
,
orgDeptField
,
AuthenticationUser
.
getAuthenticationUser
().
getMdeptid
()));
}
else
if
(
permissionCond
.
endsWith
(
"porgdept"
)){
//上级部门
permissionSQL
.
append
(
String
.
format
(
" %s in (%s) "
,
orgDeptField
,
formatStringArr
(
orgDeptParent
)));
}
else
if
(
permissionCond
.
endsWith
(
"sorgdept"
)){
//下级部门
permissionSQL
.
append
(
String
.
format
(
" %s in (%s) "
,
orgDeptField
,
formatStringArr
(
orgDeptChild
)));
}
else
if
(
permissionCond
.
endsWith
(
"all"
)){
//全部数据
permissionSQL
.
append
(
"(1=1)"
);
}
else
{
permissionSQL
.
append
(
nPermissionSQL
);
}
}
if
(
StringUtils
.
isEmpty
(
permissionSQL
.
toString
()))
return
""
;
String
resultCond
=
parseResult
(
permissionSQL
,
"OR"
);
return
resultCond
;
}
/**
* 构造 wrapper
* @param whereCond
* @return
*/
private
QueryWrapper
getPermissionWrapper
(
String
whereCond
){
QueryWrapper
permissionWrapper
=
new
QueryWrapper
();
if
(!
StringUtils
.
isEmpty
(
whereCond
)){
permissionWrapper
.
apply
(
whereCond
);
}
return
permissionWrapper
;
return
true
;
}
/**
...
...
@@ -624,65 +214,4 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
}
return
deFieldMap
;
}
/**
* 转换[a,b]格式字符串到 'a','b'格式
* @return
*/
private
String
formatStringArr
(
Set
<
String
>
array
)
{
String
[]
arr
=
array
.
toArray
(
new
String
[
array
.
size
()]);
return
"'"
+
String
.
join
(
"','"
,
arr
)
+
"'"
;
}
/**
* 格式转换
* @param cond
* @param operator
* @return
*/
private
String
parseResult
(
StringBuffer
cond
,
String
operator
)
{
String
resultCond
=
cond
.
toString
();
if
(
resultCond
.
startsWith
(
operator
))
resultCond
=
resultCond
.
replaceFirst
(
operator
,
""
);
if
(
resultCond
.
endsWith
(
operator
))
resultCond
=
resultCond
.
substring
(
0
,
resultCond
.
lastIndexOf
(
operator
));
return
resultCond
;
}
/**
* 转换[a,b]格式字符串到 'a','b'格式
*
* @return
*/
private
String
getEntityKeyCond
(
List
<
String
>
array
)
{
String
[]
arr
=
array
.
toArray
(
new
String
[
array
.
size
()]);
return
"'"
+
String
.
join
(
"','"
,
arr
)
+
"'"
;
}
/**
* 获取实体主键集合
* @param entityBase
* @param entityList
* @return
*/
private
List
<
String
>
getIds
(
EntityBase
entityBase
,
List
<
EntityBase
>
entityList
)
{
List
<
String
>
entityKeyList
=
new
ArrayList
<>();
Map
<
String
,
String
>
permissionField
=
getPermissionField
(
entityBase
);
//获取组织、部门预置属性
String
keyFieldName
=
permissionField
.
get
(
keyFieldTag
);
if
(
StringUtils
.
isEmpty
(
keyFieldName
))
return
entityKeyList
;
for
(
EntityBase
entity:
entityList
){
Object
objEntityKey
=
entity
.
get
(
keyFieldName
);
if
(!
ObjectUtils
.
isEmpty
(
objEntityKey
)){
entityKeyList
.
add
(
String
.
valueOf
(
objEntityKey
));
}
}
return
entityKeyList
;
}
}
\ No newline at end of file
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录