Merge remote-tracking branch 'origin/master'

app_web/package.json

@@ -25,7 +25,7 @@
     "file-saver": "^2.0.2",
     "font-awesome": "^4.7.0",
     "ibiz-gantt-elastic": "^1.0.12",
-    "ibiz-vue-lib": "^0.1.6",
+    "ibiz-vue-lib": "^0.1.7",
     "interactjs": "^1.9.4",
     "moment": "^2.24.0",
     "path-to-regexp": "^6.1.0",

app_web/src/components/ibiz-group-picker/ibiz-group-picker.vue

@@ -159,7 +159,7 @@ export default class IBizGroupPicker extends Vue {
      * @memberof IBizGroupPicker
      */  
     public loadTree() {
-        let orgid = this.viewParam.hasfilter ? this.viewParam.filtervalue : '450000';
+        let orgid = this.viewParam.filtervalue?this.viewParam.filtervalue:"alls";
         let get = Http.getInstance().get(`/ibzorganizations/${orgid}/suborg/ibzdepartments/picker`, true);
         get.then((response: any) => {
             if(response.status === 200) {

app_web/src/components/ibiz-group-select/ibiz-group-select.vue

@@ -166,10 +166,20 @@ export default class IBizGroupSelect extends Vue {
             title: '分组选择'
         };
         const context: any = JSON.parse(JSON.stringify(this.context));
+        let filtervalue:string = "";
+        if(this.filter){
+            if(this.data[this.filter]){
+                filtervalue = this.data[this.filter];
+            }else if(context[this.filter]){
+                filtervalue = context[this.filter];
+            }else{
+                filtervalue = context.srforgid;
+            }
+        }
         const param: any = {};
         Object.assign(param, {
             hasfilter: this.filter ? true : false,
-            filtervalue: this.filter ? this.data[this.filter] : '',
+            filtervalue: filtervalue,
             multiple: this.multiple,
             selects: this.selects
         });

app_web/src/pages/uaa/sys-role-permissioncustom-view/sys-role-permissioncustom-view.vue

@@ -364,9 +364,13 @@
             if(this.formDruipart){
                 this.formDruipart.subscribe((res:any) =>{
                     if(Object.is(res.action,'load')){
-                        // 父数据保存时调用当前视图的点击确定事件
+                        // 父数据保存时调用当前视图的事件
                         if(this.selectData.length>0){
+                            // 选中了数据
                             this.onClickOk();
+                        }else{
+                            // 没选中数据
+                            this.onClear();
                         }
                     }
                 });
@@ -439,6 +443,10 @@
          * @memberof SYS_ROLE_PERMISSIONCustomViewBase
          */
         public beforeDestroy() {
+            // 清空选中数据
+            this.selectData = {};
+            // 清空视图选中数据
+            this.viewSelections = [];
             this.$store.commit('viewaction/removeView', this.viewtag);
         }
 
@@ -473,7 +481,6 @@
             if (this.selectData && this.selectData.length > 0) {
                 // 判断选中的数据和初始数据
                 if (JSON.stringify(this.selectData) == JSON.stringify(this.ininselectData)) {
-                    this.$emit('close', null);
                     return;
                 }
                 this.selectData.forEach((item: any) => {
@@ -498,15 +505,30 @@
                     }
                   }).catch((e) => {
                });
+            }
+            // 清空视图选中数据，避免重复添加
+            this.viewSelections = [];
+        }
 
-
+        /**
+         * 清除
+         */
+        private onClear(){
+            // 未选中数据,即没有赋予任何权限，需要清除当前角色的所有权限
+            if (this.selectData.length==0) {
+                // 保存选中的权限信息
+                let url = '/sysroles/'+this.srfparentkey+'/sysrolepermissions/refreshbatch';
+                this.$http.post(url,[]).then((response: any) => {
+                    if (!(!response || response.status !== 200)) {
                     } else {
-                this.$Notice.error({title: '错误', desc: '未选中数据!'});
+                        this.$Notice.error({title: '错误', desc: response.message});
+                        return;
                     }
+                }).catch((e) => {
+                });
             }
 
-
-
+        }
     }
 </script>
 

ibzuaa-boot/src/main/java/cn/ibizlab/config/DevBootSecurityConfig.java

@@ -102,6 +102,8 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
                        .antMatchers( HttpMethod.POST,"/"+uaaLoginPath).permitAll()
                        .antMatchers( HttpMethod.POST,"/"+uaaLoginPath2).permitAll()
                        .antMatchers("/syspssystems/**/permissiondata").permitAll()
+                       //同步系统权限资源
+                       .antMatchers("/syspssystems/save").permitAll()
                        .antMatchers("/uaa/login").permitAll()
                 .anyRequest().authenticated()
                 // 防止iframe 造成跨域

ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/domain/SysStructure.java

@@ -7,7 +7,6 @@ import cn.ibizlab.core.uaa.extensions.domain.Structure.FuncItem;
 import cn.ibizlab.core.uaa.extensions.domain.Structure.UniResNode;
 import com.alibaba.fastjson.annotation.JSONField;
 import com.fasterxml.jackson.annotation.JsonProperty;
-import liquibase.pro.packaged.S;
 import lombok.Data;
 
 import java.sql.Timestamp;

ibzuaa-core/src/main/resources/permission/systemResource.json

     {
+    "systemid":"ibzuaa",
     "unires":[
     ],
     "entities":[

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/config/apiSecurityConfig.java

@@ -117,6 +117,8 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
                 .antMatchers("/"+uploadpath).permitAll()
                 .antMatchers("/"+previewpath+"/**").permitAll()
                 .antMatchers("/syspssystems/**/permissiondata").permitAll()
+                //同步系统权限资源
+                .antMatchers("/syspssystems/save").permitAll()
                 .antMatchers("/uaa/login").permitAll()
                 // 所有请求都需要认证
                 .anyRequest().authenticated()

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysPSSystemResource.java

@@ -105,7 +105,7 @@ public class SysPSSystemResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPSSystem-Save-all')")
+//    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPSSystem-Save-all')")
     @ApiOperation(value = "Save", tags = {"SysPSSystem" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/syspssystems/save")
     public ResponseEntity<Boolean> save(@RequestBody SysPSSystemDTO syspssystemdto) {

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java

 
 package cn.ibizlab.api.rest.extensions;
 
-import cn.ibizlab.core.uaa.service.ISysPermissionService;
+import cn.ibizlab.core.uaa.extensions.service.UAACoreService;
 import cn.ibizlab.util.client.IBZOUFeignClient;
 import cn.ibizlab.util.security.AuthTokenUtil;
 import cn.ibizlab.util.security.AuthenticationInfo;
 import cn.ibizlab.util.security.AuthenticationUser;
 import cn.ibizlab.util.security.AuthorizationLogin;
 import cn.ibizlab.util.service.AuthenticationUserService;
-import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.ResponseEntity;
-import org.springframework.util.StringUtils;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
 
 /**
  * 客户端登录认证
@@ -36,19 +33,6 @@ public class ClientAuthenticationResource
     @Autowired
     private AuthTokenUtil jwtTokenUtil;
 
-    /**
-     * 实体操作标识
-     */
-    private String OPPriTag="OPPRIV";
-    /**
-     * 统一资源标识
-     */
-    private String UniResTag="UNIRES";
-    /**
-     * 菜单项标识
-     */
-    private String AppMenuTag="APPMENU";
-
     @Autowired
     @Qualifier("IBZUSERService")
     private AuthenticationUserService userDetailsService;
@@ -56,9 +40,6 @@ public class ClientAuthenticationResource
     @Autowired
     private IBZOUFeignClient ouFeignClient;
 
-    @Autowired
-    private ISysPermissionService permissionService;
-
     @PostMapping(value = "v7/login")
     public ResponseEntity<AuthenticationInfo> login(@Validated @RequestBody AuthorizationLogin authorizationLogin){
         userDetailsService.resetByUsername(authorizationLogin.getUsername());
@@ -98,197 +79,25 @@ public class ClientAuthenticationResource
         return ResponseEntity.ok().body(user);
     }
 
+    @Autowired
+    UAACoreService uaaCoreService;
+
+
     /**
      * 设置用户权限
+     * 由于GrantedAuthority缺少无参构造，导致无法序列化，暂时通过PermissionList中转
      * @param user
      * @return
      */
     public void setUserPermission(AuthenticationUser user) {
-
-        JSONObject permissionObj=new JSONObject();
-
-        //数据能力
-        String opprivSQL="SELECT\n" +
-                "\tT2.pssysmoduleid as sysmodule,\n" +
-                "\tT2.psdataentityid as dataentity,\n" +
-                "\tT2.pssourceid as pssourceid,\n" +
-                "\tT2.pssourcetype as pssourcetype,\n" +
-                "\tT2.psdedatarangeid as dedatarange,\n" +
-                "\tT1.sys_permissionid as permissionid,\n"+
-                "\tT1.sys_permissionname\n" +
-                "FROM\n" +
-                "\tibzrole_permission T\n" +
-                "INNER JOIN ibzpermission T1 ON T.SYS_PERMISSIONID = T1.SYS_PERMISSIONID\n" +
-                "INNER JOIN ibzpsdeoppriv T2 on T1.SYS_PERMISSIONID=t2.SYS_PSDEOPPRIVID\n" +
-                "WHERE\n" +
-                "\tT.SYS_ROLEID IN (\n" +
-                "\t SELECT  SYS_ROLEID\n" +
-                "\t FROM\n" +
-                "\t IBZUSER_ROLE t LEFT JOIN IBZUSER  t1 ON t.SYS_USERID=T1.USERID\n" +
-                "\t WHERE\n" +
-                "\t T1.USERID = #{et.param0}\n" +
-                "\t)\n" +
-                "AND T1.PERMISSIONTYPE = #{et.param1} and  t1.enable=1 ";
-
-        //统一资源
-        String uniResSQL="SELECT\n" +
-                "\tt2.SYS_PSSYSUNIRESID,\n" +
-                "\tt2.SYS_PSSYSUNIRESNAME,\n" +
-                "\tT2.UNIRESCODE \n" +
-                "FROM\n" +
-                "\tibzrole_permission T\n" +
-                "INNER JOIN ibzpermission T1 ON T.SYS_PERMISSIONID = T1.SYS_PERMISSIONID\n" +
-                "INNER JOIN IBZPSSYSUNIRES T2 on T1.SYS_PERMISSIONID=t2.SYS_PSSYSUNIRESID\n" +
-                "WHERE\n" +
-                "\tT.SYS_ROLEID IN (\n" +
-                "\t SELECT  SYS_ROLEID\n" +
-                "\t FROM\n" +
-                "\t IBZUSER_ROLE t LEFT JOIN IBZUSER  t1 ON t.SYS_USERID=T1.USERID\n" +
-                "\t WHERE\n" +
-                "\t T1.USERID = #{et.param0}\n" +
-                "\t)\n" +
-                "AND T1.PERMISSIONTYPE = #{et.param1} and  t1.enable=1";
-
-        //应用菜单
-        String appMenuSQL="SELECT\n" +
-                "\tt2.PSAPPMENUITEMID as MENUITEMID,\n" +
-                "\tt2.SYS_PSAPPMENUITEMNAME AS MENUITEMNAME \n" +
-                "FROM\n" +
-                "\tibzrole_permission T\n" +
-                "INNER JOIN ibzpermission T1 ON T.SYS_PERMISSIONID = T1.SYS_PERMISSIONID\n" +
-                "INNER JOIN ibzpsappmenuitem T2 on T1.SYS_PERMISSIONID=t2.SYS_PSAPPMENUITEMID\n" +
-                "WHERE\n" +
-                "\tT.SYS_ROLEID IN (\n" +
-                "\t SELECT  SYS_ROLEID\n" +
-                "\t FROM\n" +
-                "\t IBZUSER_ROLE t LEFT JOIN IBZUSER  t1 ON t.SYS_USERID=T1.USERID\n" +
-                "\t WHERE\n" +
-                "\t T1.USERID = #{et.param0}\n" +
-                "\t)\n" +
-                "AND T1.PERMISSIONTYPE = #{et.param1} and  t1.enable=1";
-
-
-        Map opprivParam=new HashMap();
-        opprivParam.put("param0",user.getUserid());
-        opprivParam.put("param1",OPPriTag);
-
-        Map uniresParam=new HashMap();
-        uniresParam.put("param0",user.getUserid());
-        uniresParam.put("param1",UniResTag);
-
-        Map appMenuParam=new HashMap();
-        appMenuParam.put("param0",user.getUserid());
-        appMenuParam.put("param1",AppMenuTag);
-
-        List<JSONObject> entitiesList= permissionService.select(opprivSQL,opprivParam); //查询用户权限下数据能力
-        List<JSONObject> uniResList= permissionService.select(uniResSQL,uniresParam);   //查询用户权限下的统一资源
-        List<JSONObject> appMenuItemList= permissionService.select(appMenuSQL,appMenuParam); //查询用户权限下的菜单项
-
-        JSONObject entities=getEntitiesList(entitiesList);
-        JSONArray uniRes=getUniRes(uniResList);
-        JSONArray appMenuItem=getAppMenuItem(appMenuItemList);
-
-        permissionObj.put("entities",entities);
-        permissionObj.put("unires",uniRes);
-        permissionObj.put("appmenu",appMenuItem);
-        permissionObj.put("authorities",getAuthoritiesArray(user,entitiesList));
-        user.setPermissionList(permissionObj);
-    }
-
-    /**
-     * 获取用户资源
-     * @return
-     */
-    private JSONArray getAuthoritiesArray(AuthenticationUser user,List<JSONObject> dataRangeArray) {
-
-        JSONArray authoritiesArray =new JSONArray();
-        if(dataRangeArray.size()>0){
-            for(int a=0;a<dataRangeArray.size();a++){
-                JSONObject dataRangeObj=dataRangeArray.get(a);
-                String dataRangeId=dataRangeObj.getString("dedatarange");
-                String permissionId=dataRangeObj.getString("permissionid");
-                if( !StringUtils.isEmpty(dataRangeId) && !StringUtils.isEmpty(permissionId) && dataRangeId.equalsIgnoreCase("all") ){
-                    authoritiesArray.add(permissionId);
-                }
-            }
-        }
+        Collection<GrantedAuthority> userAuthorities=uaaCoreService.getAuthoritiesByUserId(user.getUserid());
+        Set<String> authorities = AuthorityUtils.authorityListToSet(userAuthorities);
         if(user.getSuperuser()==1){
-            authoritiesArray.add("ROLE_SUPERADMIN");
-        }
-
-        return authoritiesArray;
-    }
-
-    /**
-     * 获取应用菜单
-     * @param menuItemList
-     * @return
-     */
-    private JSONArray getAppMenuItem(List<JSONObject> menuItemList) {
-        JSONArray menuItemArr=new JSONArray();
-        for(int a=0;a<menuItemList.size();a++){
-            JSONObject menuItem=menuItemList.get(a);
-            JSONObject newMenuItem=new JSONObject();
-            newMenuItem.put("appid",menuItem.getString("MENUITEMID"));
-            newMenuItem.put("appmenuid",menuItem.getString("MENUITEMNAME"));
-            newMenuItem.put("menuitemid",menuItem.getString("MENUITEMID"));
-            newMenuItem.put("menuitemname",menuItem.getString("MENUITEMNAME"));
-            menuItemArr.add(newMenuItem);
-        }
-        return menuItemArr;
-    }
-
-    /**
-     * 获取统一资源
-     * @param uniResList
-     * @return
-     */
-    private JSONArray getUniRes(List<JSONObject> uniResList) {
-
-        JSONArray uniResArr=new JSONArray();
-        for(int a=0;a<uniResList.size();a++){
-            JSONObject uniRes=uniResList.get(a);
-            JSONObject newUniRes=new JSONObject();
-            newUniRes.put("unirescode",uniRes.getString("UNIRESCODE"));
-            newUniRes.put("uniresname",uniRes.getString("SYS_PSSYSUNIRESNAME"));
-            uniResArr.add(newUniRes);
-        }
-        return uniResArr;
-    }
-
-    /**
-     * 拼接实体行为资源
-     * @param role_permissions
-     * @return
-     */
-    private JSONObject getEntitiesList(List<JSONObject> role_permissions) {
-
-        JSONObject permission_entity= new JSONObject();
-        for (Map rolePermission : role_permissions) {
-            JSONObject obj = JSONObject.parseObject(JSONObject.toJSON(rolePermission).toString());
-            String entityName = obj.getString("dataentity");
-            String dataRangeName = obj.getString("dedatarange");
-            String sourceName = obj.getString("pssourceid");
-            String sourceType=obj.getString("pssourcetype");
-            JSONObject entity = new JSONObject();
-            JSONObject permission = new JSONObject();
-            JSONArray dataRange = new JSONArray();
-
-            if (permission_entity.containsKey(entityName))//实体合并
-                entity = permission_entity.getJSONObject(entityName);
-
-            if (entity.containsKey(sourceType))//数据能力合并
-                permission = entity.getJSONObject(sourceType);
-
-            if(permission.containsKey(sourceName))
-                dataRange=permission.getJSONArray(sourceName);
-
-            dataRange.add(dataRangeName);
-            permission.put(sourceName,dataRange);
-            entity.put(sourceType, permission);
-            permission_entity.put(entityName, entity);
+            authorities.add("ROLE_SUPERADMIN");
         }
-        return permission_entity;
+        JSONObject permission =new JSONObject();
+        permission.put("authorities",authorities);
+        user.setPermissionList(permission);
     }
 
     /**

ibzuaa-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java

@@ -9,8 +9,8 @@ import com.alibaba.fastjson.JSONObject;
 public class IBZUAAFallback implements IBZUAAFeignClient {
 
     @Override
-    public boolean pushSystemPermissionData(String systemid,JSONObject systemPermissionData) {
-        return false;
+    public Boolean syncSysAuthority(JSONObject system) {
+        return null;
     }
 
     @Override

ibzuaa-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java

@@ -10,13 +10,12 @@ import com.alibaba.fastjson.JSONObject;
 public interface IBZUAAFeignClient
 {
 	/**
-	 * 推送系统权限数据到uaa
-	 * @param systemid
-	 * @param systemPermissionData
+	 * 同步系统资源到uaa
+	 * @param system 系统资源信息
 	 * @return
 	 */
-	@PostMapping("/syspssystems/{systemid}/permissiondata")
-	boolean pushSystemPermissionData(@PathVariable("systemid") String systemid,@RequestBody JSONObject systemPermissionData);
+	@PostMapping("/syspssystems/save")
+	Boolean syncSysAuthority(@RequestBody JSONObject system);
 
 	/**
 	 * 用户登录

ibzuaa-util/src/main/java/cn/ibizlab/util/job/PermissionSyncJob.java

@@ -36,10 +36,14 @@ public class PermissionSyncJob implements ApplicationRunner {
             Thread.sleep(10000);
             InputStream permission= this.getClass().getResourceAsStream("/permission/systemResource.json"); //获取当前系统所有实体资源能力
             String permissionResult = IOUtils.toString(permission,"UTF-8");
-            if(client.pushSystemPermissionData(systemId,JSONObject.parseObject(permissionResult))){
+            JSONObject system= new JSONObject();
+            system.put("pssystemid",systemId);
+            system.put("pssystemname",systemId);
+            system.put("sysstructure",JSONObject.parseObject(permissionResult));
+            if(client.syncSysAuthority(system)){
                 log.info("向[UAA]同步系统资源成功");
             }else{
-                log.info(String.format("向[UAA]同步系统资源失败"));
+                log.error("向[UAA]同步系统资源失败");
             }
         }
         catch (Exception ex) {

ibzuaa-util/src/main/java/cn/ibizlab/util/rest/AppController.java

 package cn.ibizlab.util.rest;
 
-import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import cn.ibizlab.util.security.AuthenticationUser;
+import cn.ibizlab.util.service.AuthenticationUserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.util.ObjectUtils;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.beans.factory.annotation.Autowired;
-import cn.ibizlab.util.security.AuthenticationUser;
-import cn.ibizlab.util.service.AuthenticationUserService;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
 
 @RestController
 @RequestMapping(value = "")
@@ -27,13 +30,19 @@ public class AppController {
 	public ResponseEntity<JSONObject> getAppData() {
 
 		JSONObject appData = new JSONObject() ;
-		JSONArray uniRes=new JSONArray();
-    	JSONArray appMenu=new JSONArray();
+		Set<String> appMenu = new HashSet();
+		Set<String> uniRes = new HashSet();
+
 		if(enablePermissionValid){
-			JSONObject userPermission=AuthenticationUser.getAuthenticationUser().getPermissionList();
-			if(!ObjectUtils.isEmpty(userPermission)){
-				uniRes = userPermission.getJSONArray("unires");
-    			appMenu = userPermission.getJSONArray("appmenu");
+			Collection<GrantedAuthority> authorities=AuthenticationUser.getAuthenticationUser().getAuthorities();
+				Iterator it = authorities.iterator();
+				while(it.hasNext()) {
+					GrantedAuthority authority = (GrantedAuthority)it.next();
+					String strAuthority=authority.getAuthority();
+					if(strAuthority.startsWith("UNIRES"))
+						uniRes.add(strAuthority);
+					else if(strAuthority.startsWith("APPMENU"))
+						appMenu.add(strAuthority);
 				}
 		}
 		appData.put("unires",uniRes);

ibzuaa-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java

 package cn.ibizlab.util.security;
 
-import com.alibaba.fastjson.JSONArray;
-import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.mongodb.QueryBuilder;
@@ -18,6 +16,7 @@ import org.springframework.data.mongodb.core.query.BasicQuery;
 import org.springframework.data.mongodb.core.query.Query;
 import org.springframework.security.access.PermissionEvaluator;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
 import org.springframework.util.StringUtils;
@@ -35,10 +34,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     @Value("${ibiz.enablePermissionValid:false}")
     boolean enablePermissionValid;  //是否开启权限校验
-    /**
-     * 实体行为操作标识
-     */
-    private String DEActionType="DEACTION";
     /**
      *实体主键标识
      */
@@ -67,9 +62,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         List<String> ids=null;
         EntityBase entity;
         List<EntityBase> entityList = null;
-        JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermissionList();
-        if(userPermission==null)
-            return false;
         MappingBase mappingBase= (MappingBase) paramList.get(1);
         //参数准备
         if(action.equalsIgnoreCase("remove")){
@@ -86,26 +78,19 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         if (entity==null)
             return false;
 
-        JSONObject permissionList=userPermission.getJSONObject("entities");
-        String entityName = entity.getClass().getSimpleName();
+        Set<String> entityDataRange = getAuthorities(authentication,entity.getClass().getSimpleName(),action);
+        if(entityDataRange.size()==0)
+            return false;
 
         //拥有全部数据访问权限时，则跳过权限检查
-        if(isAllData(entityName,action,permissionList)){
+        if(isAllData(action,entityDataRange)){
             return true;
         }
-        //检查是否有操作权限[create.update.delete.read]
-        if(!validDEActionHasPermission(entityName,action,permissionList)){
-            return false;
-        }
-        JSONArray dataRangeList=getDataRange(entityName,action,permissionList);
-        if(dataRangeList.size()==0)
-            return false;
-
         if(action.equalsIgnoreCase("create")){
-            return createBatchActionPermissionValid(entityList,dataRangeList);
+            return createBatchActionPermissionValid(entityList,entityDataRange);
         }
         else if(action.equalsIgnoreCase("save")){
-            return saveBatchActionPermissionValid(deStorageMode, entityList, dataRangeList);
+            return saveBatchActionPermissionValid(deStorageMode, entityList, entityDataRange);
         }
         else{
             if(!action.equalsIgnoreCase("remove")){
@@ -113,7 +98,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             }
             if(ids.size()==0)
                 return false;
-            return otherBatchActionPermissionValidRouter(deStorageMode, entity ,ids, dataRangeList);
+            return otherBatchActionPermissionValidRouter(deStorageMode, entity ,ids, entityDataRange);
         }
     }
 
@@ -142,23 +127,15 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         if (StringUtils.isEmpty(entity))
             return false;
 
-        JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermissionList();
-        if(userPermission==null)
+        Set<String> entityDataRange = getAuthorities(authentication,entity.getClass().getSimpleName(),action);
+
+        if(entityDataRange.size()==0)
             return false;
-        JSONObject permissionList=userPermission.getJSONObject("entities");
-        String entityName = entity.getClass().getSimpleName();
 
         //拥有全部数据访问权限时，则跳过权限检查
-        if(isAllData(entityName,action,permissionList)){
+        if(isAllData(action,entityDataRange)){
             return true;
         }
-        //检查是否有操作权限[create.update.delete.read]
-        if(!validDEActionHasPermission(entityName,action,permissionList)){
-            return false;
-        }
-        JSONArray dataRangeList=getDataRange(entityName,action,permissionList);
-        if(dataRangeList.size()==0)
-            return false;
 
         if(action.equalsIgnoreCase("save")){
             Map<String,String> permissionField=getPermissionField(entity);
@@ -170,21 +147,41 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
                 action="update";
         }
         if(action.equalsIgnoreCase("create")){
-            return createActionPermissionValid(entity,dataRangeList);
+            return createActionPermissionValid(entity,entityDataRange);
         }
         else{
-            return otherActionPermissionValidRouter(deStorageMode, entity, id, dataRangeList);
+            return otherActionPermissionValidRouter(deStorageMode, entity, id, entityDataRange);
         }
     }
 
+    /**
+     * 获取用户权限资源
+     * @param authentication
+     * @param entityName
+     * @param action
+     * @return
+     */
+    private Set<String> getAuthorities(Authentication authentication,String entityName,String action){
+        Collection authorities=authentication.getAuthorities();
+        Set<String> entityDataRange = new HashSet();
+        Iterator var2 = authorities.iterator();
+
+        while(var2.hasNext()) {
+            GrantedAuthority authority = (GrantedAuthority)var2.next();
+            if(authority.getAuthority().contains(String.format("%s-%s-",entityName,action)))
+                entityDataRange.add(authority.getAuthority());
+        }
+        return entityDataRange;
+    }
+
     /**
      * 批save校验
      * @param deStorageMode
      * @param entityList
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean saveBatchActionPermissionValid(String deStorageMode, List<EntityBase> entityList, JSONArray dataRangeList) {
+    private boolean saveBatchActionPermissionValid(String deStorageMode, List<EntityBase> entityList, Set<String> entityDataRange) {
 
         if(entityList==null || entityList.size()==0)
             return false;
@@ -202,12 +199,12 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
                 updateList.add(String.valueOf(id));
         }
         if(updateList.size()>0){
-            boolean isUpdate = otherBatchActionPermissionValidRouter(deStorageMode, tempEntity ,updateList, dataRangeList);
+            boolean isUpdate = otherBatchActionPermissionValidRouter(deStorageMode, tempEntity ,updateList, entityDataRange);
             if(!isUpdate)
                 return false;
         }
         if(createList.size()>0){
-            boolean isCreate=createBatchActionPermissionValid(entityList,dataRangeList);
+            boolean isCreate=createBatchActionPermissionValid(entityList,entityDataRange);
             if(!isCreate)
                 return false;
         }
@@ -217,12 +214,12 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     /**
      * 批处理新建权限校验
      * @param entityList
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean createBatchActionPermissionValid(List<EntityBase> entityList,JSONArray dataRangeList){
+    private boolean createBatchActionPermissionValid(List<EntityBase> entityList,Set<String> entityDataRange){
         for(EntityBase entity : entityList){
-            boolean isCreate = createActionPermissionValid(entity ,dataRangeList);
+            boolean isCreate = createActionPermissionValid(entity ,entityDataRange);
             if(!isCreate){
                 return false;
             }
@@ -235,16 +232,16 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * @param deStorageMode
      * @param entity
      * @param ids
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean otherBatchActionPermissionValidRouter(String deStorageMode , EntityBase entity , List<String> ids , JSONArray dataRangeList){
+    private boolean otherBatchActionPermissionValidRouter(String deStorageMode , EntityBase entity , List<String> ids , Set<String> entityDataRange){
 
         if(deStorageMode.equalsIgnoreCase("sql")){
-            return sqlBatchPermissionValid(entity ,ids, dataRangeList);
+            return sqlBatchPermissionValid(entity ,ids, entityDataRange);
         }
         else if(deStorageMode.equalsIgnoreCase("nosql")){
-            return noSqlBatchPermissionValid(entity, ids , dataRangeList);
+            return noSqlBatchPermissionValid(entity, ids , entityDataRange);
         }
         else if(deStorageMode.equalsIgnoreCase("serviceapi")){
             return true;
@@ -258,16 +255,16 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * SQL批处理权限校验
      * @param entity
      * @param ids
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean sqlBatchPermissionValid(EntityBase entity , List<String> ids,  JSONArray dataRangeList){
+    private boolean sqlBatchPermissionValid(EntityBase entity , List<String> ids,  Set<String> entityDataRange){
 
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String keyFieldName=permissionField.get(keyFieldTag);
         ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entity.getClass().getSimpleName(),"ServiceImpl"));//获取实体service对象
         //通过权限表达式来获取sql
-        String permissionSQL= String.format(" (%s) AND ( %s in (%s) ) ",getPermissionSQL(entity,dataRangeList),keyFieldName,getEntityKeyCond(ids)); //拼接权限条件-编辑
+        String permissionSQL= String.format(" (%s) AND ( %s in (%s) ) ",getPermissionSQL(entity,entityDataRange),keyFieldName,getEntityKeyCond(ids)); //拼接权限条件-编辑
         //执行sql进行权限检查
         QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
         List list=service.list(permissionWrapper);
@@ -282,15 +279,15 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * NoSQL批处理权限校验
      * @param entity
      * @param ids
-     * @param dataRange
+     * @param entityDataRange
      * @return
      */
-    private boolean noSqlBatchPermissionValid(EntityBase entity, List<String> ids,  JSONArray dataRange) {
+    private boolean noSqlBatchPermissionValid(EntityBase entity, List<String> ids,  Set<String> entityDataRange) {
 
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String keyFieldName=permissionField.get(keyFieldTag);
         //根据权限表达式填充权限条件
-        QueryBuilder permissionCond=getNoSqlPermissionCond(entity,dataRange);
+        QueryBuilder permissionCond=getNoSqlPermissionCond(entity,entityDataRange);
         //权限条件拼接主键
         permissionCond.and(keyFieldName).in(ids);
         //执行权限检查
@@ -306,59 +303,26 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     /**
      * 是否为全部数据
-     * @param permissionList
-     * @param entityName
      * @param action
+     * @param entityDataRange
      * @return
      */
-    private boolean isAllData( String entityName, String action ,JSONObject permissionList) {
-
-        if(permissionList==null)
-            return false;
-        if(!permissionList.containsKey(entityName))
-            return false;
-        JSONObject entity=permissionList.getJSONObject(entityName);
-        if(!entity.containsKey(DEActionType))
-            return false;
-        JSONObject dataRange=entity.getJSONObject(DEActionType);//获取实体行为对应的数据范围
-        if(dataRange.containsKey(action) && dataRange.getJSONArray(action).contains("all"))
+    private boolean isAllData(String action , Set<String> entityDataRange) {
+        for(String dataRange : entityDataRange ){
+            if(dataRange.endsWith(String.format("%s-all",action))){
                 return true;
-
-        return false;
             }
-
-    /**
-     * 实体行为权限校验
-     * @param userPermission
-     * @param entityName
-     * @param action
-     * userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
-     * @return
-     */
-    private boolean validDEActionHasPermission(String entityName , String action ,JSONObject userPermission){
-
-        boolean hasPermission=false;
-        if(userPermission==null)
-            return false;
-        if(!userPermission.containsKey(entityName))
-            return false;
-        JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
-        if(!entity.containsKey(DEActionType))
-            return false;
-        JSONObject dataRange=entity.getJSONObject(DEActionType);//获取实体行为对应的数据范围
-        if(dataRange.containsKey(action)){
-            hasPermission=true;
         }
-        return hasPermission;
+        return false;
     }
 
     /**
      * 新建行为校验
      * @param entity
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean createActionPermissionValid(EntityBase entity, JSONArray dataRangeList){
+    private boolean createActionPermissionValid(EntityBase entity, Set<String> entityDataRange){
 
         boolean isCreate=true;
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
@@ -379,24 +343,23 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         Set<String> userOrg = new HashSet<>();
         Set<String> userOrgDept = new HashSet<>();
 
-        for(int a=0;a<dataRangeList.size();a++){
-            String permissionCond=dataRangeList.getString(a);//权限配置条件
-            if(permissionCond.equals("curorg")){   //本单位
+        for(String permissionCond:entityDataRange){
+            if(permissionCond.endsWith("curorg")){   //本单位
                 userOrg.add(authenticationUser.getOrgid());
             }
-            else if(permissionCond.equals("porg")){//上级单位
+            else if(permissionCond.endsWith("porg")){//上级单位
                 userOrg.addAll(orgParent);
             }
-            else if(permissionCond.equals("sorg")){//下级单位
+            else if(permissionCond.endsWith("sorg")){//下级单位
                 userOrg.addAll(orgChild);
             }
-            else if(permissionCond.equals("curorgdept")){//本部门
+            else if(permissionCond.endsWith("curorgdept")){//本部门
                 userOrgDept.add(authenticationUser.getMdeptid());
             }
-            else if(permissionCond.equals("porgdept")){//上级部门
+            else if(permissionCond.endsWith("porgdept")){//上级部门
                 userOrgDept.addAll(orgDeptParent);
             }
-            else if(permissionCond.equals("sorgdept")){//下级部门
+            else if(permissionCond.endsWith("sorgdept")){//下级部门
                 userOrgDept.addAll(orgDeptChild);
             }
         }
@@ -419,16 +382,16 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * @param deStorageMode
      * @param entity
      * @param id
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean otherActionPermissionValidRouter(String deStorageMode, EntityBase entity , Object id , JSONArray dataRangeList){
+    private boolean otherActionPermissionValidRouter(String deStorageMode, EntityBase entity , Object id , Set<String> entityDataRange){
 
         if(deStorageMode.equalsIgnoreCase("sql")){
-            return sqlPermissionValid(entity , id, dataRangeList);
+            return sqlPermissionValid(entity , id, entityDataRange);
         }
         else if(deStorageMode.equalsIgnoreCase("nosql")){
-            return noSqlPermissionValid(entity , id, dataRangeList);
+            return noSqlPermissionValid(entity , id, entityDataRange);
         }
         else if(deStorageMode.equalsIgnoreCase("serviceapi")){
             return true;
@@ -442,15 +405,15 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * sql存储模式实体行为鉴权
      * @param entity
      * @param id
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean sqlPermissionValid(EntityBase entity , Object id, JSONArray dataRangeList){
+    private boolean sqlPermissionValid(EntityBase entity , Object id, Set<String> entityDataRange){
 
         ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entity.getClass().getSimpleName(),"ServiceImpl"));//获取实体service对象
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         //通过权限表达式来获取sql
-        String permissionSQL= String.format(" (%s) AND (%s='%s')",getPermissionSQL(entity,dataRangeList),permissionField.get(keyFieldTag),id); //拼接权限条件-编辑
+        String permissionSQL= String.format(" (%s) AND (%s='%s')",getPermissionSQL(entity,entityDataRange),permissionField.get(keyFieldTag),id); //拼接权限条件-编辑
         //执行sql进行权限检查
         QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
         List list=service.list(permissionWrapper);
@@ -466,15 +429,15 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * NoSQL实体行为鉴权
      * @param entity
      * @param id
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private boolean noSqlPermissionValid(EntityBase entity, Object id, JSONArray dataRangeList) {
+    private boolean noSqlPermissionValid(EntityBase entity, Object id, Set<String> entityDataRange) {
 
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String keyField=permissionField.get(keyFieldTag);
         //根据权限表达式填充权限条件
-        QueryBuilder permissionCond=getNoSqlPermissionCond(entity,dataRangeList);
+        QueryBuilder permissionCond=getNoSqlPermissionCond(entity,entityDataRange);
         //权限条件拼接主键
         permissionCond.and(keyField).is(id);
         //执行权限检查
@@ -492,10 +455,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     /**
      * 为NoSQL存储模式的表格查询填充权限条件
      * @param entity
-     * @param dataRangeList
+     * @param entityDataRange
      * @return
      */
-    private QueryBuilder getNoSqlPermissionCond( EntityBase entity ,JSONArray dataRangeList ){
+    private QueryBuilder getNoSqlPermissionCond( EntityBase entity ,Set<String> entityDataRange){
 
         QueryBuilder permissionSQL=new QueryBuilder();
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
@@ -509,30 +472,29 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         Set<String> orgDeptParent = userInfo.get("parentdept");
         Set<String> orgDeptChild = userInfo.get("subdept");
 
-        for(int i=0;i<dataRangeList.size();i++){
-            String permissionCond=dataRangeList.getString(i);//权限配置条件
-            if(permissionCond.equals("curorg")){   //本单位
+        for(String permissionCond:entityDataRange){
+            if(permissionCond.endsWith("curorg")){   //本单位
                 permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get());
             }
-            else if(permissionCond.equals("porg")){//上级单位
+            else if(permissionCond.endsWith("porg")){//上级单位
                 permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgParent)).get());
             }
-            else if(permissionCond.equals("sorg")){//下级单位
+            else if(permissionCond.endsWith("sorg")){//下级单位
                 permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgChild)).get());
             }
-            else if(permissionCond.equals("createman")){//建立人
+            else if(permissionCond.endsWith("createman")){//建立人
                 permissionSQL.or(new QueryBuilder().and(createManField).is(AuthenticationUser.getAuthenticationUser().getUserid()).get());
             }
-            else if(permissionCond.equals("curorgdept")){//本部门
+            else if(permissionCond.endsWith("curorgdept")){//本部门
                 permissionSQL.or(new QueryBuilder().and(orgDeptField).is(AuthenticationUser.getAuthenticationUser().getMdeptid()).get());
             }
-            else if(permissionCond.equals("porgdept")){//上级部门
+            else if(permissionCond.endsWith("porgdept")){//上级部门
                 permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptParent)).get());
             }
-            else if(permissionCond.equals("sorgdept")){//下级部门
+            else if(permissionCond.endsWith("sorgdept")){//下级部门
                 permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptChild)).get());
             }
-            else if(permissionCond.equals("all")){
+            else if(permissionCond.endsWith("all")){
                 permissionSQL.or(new QueryBuilder().get());
             }
         }
@@ -543,10 +505,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     /**
      * SQL获取权限条件
      * @param entity
-     * @param oppriList
+     * @param entityDataRange
      * @return
      */
-    private String  getPermissionSQL(EntityBase entity, JSONArray oppriList){
+    private String  getPermissionSQL(EntityBase entity, Set<String> entityDataRange){
 
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String nPermissionSQL = "1<>1";
@@ -561,31 +523,30 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         Set<String> orgDeptParent = userInfo.get("parentdept");
         Set<String> orgDeptChild = userInfo.get("subdept");
 
-        for(int i=0;i<oppriList.size();i++){
+        for(String permissionCond: entityDataRange){
             permissionSQL.append("OR");
-            String permissionCond=oppriList.getString(i);//权限配置条件
-            if(permissionCond.equals("curorg")){   //本单位
+            if(permissionCond.endsWith("curorg")){   //本单位
                 permissionSQL.append(String.format("(%s='%s')",orgField,AuthenticationUser.getAuthenticationUser().getOrgid()));
             }
-            else if(permissionCond.equals("porg")){//上级单位
+            else if(permissionCond.endsWith("porg")){//上级单位
                 permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgParent)));
             }
-            else if(permissionCond.equals("sorg")){//下级单位
+            else if(permissionCond.endsWith("sorg")){//下级单位
                 permissionSQL.append(String.format(" %s in(%s) ", orgField, formatStringArr(orgChild)));
             }
-            else if(permissionCond.equals("createman")){//建立人
+            else if(permissionCond.endsWith("createman")){//建立人
                 permissionSQL.append(String.format("(%s='%s')",createManField,AuthenticationUser.getAuthenticationUser().getUserid()));
             }
-            else if(permissionCond.equals("curorgdept")){//本部门
+            else if(permissionCond.endsWith("curorgdept")){//本部门
                 permissionSQL.append(String.format("(%s='%s')",orgDeptField,AuthenticationUser.getAuthenticationUser().getMdeptid()));
             }
-            else if(permissionCond.equals("porgdept")){//上级部门
+            else if(permissionCond.endsWith("porgdept")){//上级部门
                 permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptParent)));
             }
-            else if(permissionCond.equals("sorgdept")){//下级部门
+            else if(permissionCond.endsWith("sorgdept")){//下级部门
                 permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild)));
             }
-            else if(permissionCond.equals("all")){//全部数据
+            else if(permissionCond.endsWith("all")){//全部数据
                 permissionSQL.append("(1=1)");
             }
             else{
@@ -701,21 +662,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         return "'" + String.join("','", arr) + "'";
     }
 
-    /**
-     * 获取数据范围
-     * @param entityName
-     * @param action
-     * @param permissionList
-     * @return
-     */
-    private JSONArray getDataRange(String entityName, String action , JSONObject permissionList){
-        //获取权限表达式[全部数据、本单位、本部门等]
-        JSONObject entityObj=permissionList.getJSONObject(entityName);//获取实体
-        JSONObject permissionType= entityObj.getJSONObject(DEActionType);
-        JSONArray  dataRangeList=permissionType.getJSONArray(action);//行为：read；insert...
-        return dataRangeList;
-    }
-
     /**
      * 获取实体主键集合
      * @param entityBase

ibzuaa-util/src/main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java

@@ -7,6 +7,7 @@ import cn.ibizlab.util.errors.BadRequestAlertException;
 import cn.ibizlab.util.helper.CachedBeanCopier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Primary;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 import cn.ibizlab.util.mapper.IBZUSERMapper;
@@ -72,6 +73,9 @@ public class IBZUSERServiceImpl extends ServiceImpl<IBZUSERMapper, IBZUSER> impl
 	public  AuthenticationUser createUserDetails(IBZUSER user) {
 		AuthenticationUser userdatail = new AuthenticationUser();
 		CachedBeanCopier.copy(user,userdatail);
+		if(userdatail.getSuperuser()==1){
+			userdatail.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_SUPERADMIN"));
+		}
 		return userdatail;
 	}
 }
\ No newline at end of file