Skip to content

I
ibzuaa
提交 d0432f8f 编写于 作者: ibizdev's avatar ibizdev
浏览文件
操作

ibiz4j 部署微服务接口

上级 53c4ecb6
隐藏空白字符变更
内嵌 并排
正在显示 包含 138 行增加140 行删除
config.xml
浏览文件 @ d0432f8f
......@@ -37,11 +37,11 @@
git clone -b master $para2 ibzuaa/
export NODE_OPTIONS=--max-old-space-size=4096
cd ibzuaa/
mvn clean package -Pweb
cd ibzuaa-app/ibzuaa-app-web
mvn -Pweb docker:build
mvn -Pweb docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzuaa-app-web.yaml ibzlab-rt --with-registry-auth
mvn clean package -Papi
cd ibzuaa-provider/ibzuaa-provider-api
mvn -Papi docker:build
mvn -Papi docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzuaa-provider-api.yaml ibzlab-rt --with-registry-auth
</command>
</hudson.tasks.Shell>
</builders>
......
ibzuaa-app/ibzuaa-app-web/src/main/docker/Dockerfile
浏览文件 @ d0432f8f
......@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-app-web.jar
EXPOSE 30002
EXPOSE 8080
ADD ibzuaa-app-web.jar /ibzuaa-app-web.jar
ibzuaa-app/ibzuaa-app-web/src/main/docker/ibzuaa-app-web.yaml
浏览文件 @ d0432f8f
......@@ -3,23 +3,9 @@ services:
ibzuaa-app-web:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-app-web:latest
ports:
- "30002:30002"
- "8080:8080"
networks:
- agent_network
environment:
- SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
- SERVER_PORT=30002
- SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
- SPRING_REDIS_HOST=172.16.100.243
- SPRING_REDIS_PORT=6379
- SPRING_REDIS_DATABASE=0
- SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
- SPRING_DATASOURCE_PASSWORD=@6dEfb3@
- SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
- SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
- SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
- ABC=1
- DEC=2
deploy:
mode: replicated
replicas: 1
......
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysAppMenuItemService.java
浏览文件 @ d0432f8f
......@@ -52,6 +52,7 @@ public interface ISysAppMenuItemService extends IService<SysAppMenuItem>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysAuthLogService.java
浏览文件 @ d0432f8f
......@@ -52,6 +52,7 @@ public interface ISysAuthLogService extends IService<SysAuthLog>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysOperatorPrivService.java
浏览文件 @ d0432f8f
......@@ -52,6 +52,7 @@ public interface ISysOperatorPrivService extends IService<SysOperatorPriv>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysPSSystemService.java
浏览文件 @ d0432f8f
......@@ -52,6 +52,7 @@ public interface ISysPSSystemService extends IService<SysPSSystem>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysPermissionService.java
浏览文件 @ d0432f8f
......@@ -52,6 +52,7 @@ public interface ISysPermissionService extends IService<SysPermission>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysRolePermissionService.java
浏览文件 @ d0432f8f
......@@ -56,6 +56,7 @@ public interface ISysRolePermissionService extends IService<SysRolePermission>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysRoleService.java
浏览文件 @ d0432f8f
......@@ -56,6 +56,7 @@ public interface ISysRoleService extends IService<SysRole>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysUniResService.java
浏览文件 @ d0432f8f
......@@ -52,6 +52,7 @@ public interface ISysUniResService extends IService<SysUniRes>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysUserRoleService.java
浏览文件 @ d0432f8f
......@@ -56,6 +56,7 @@ public interface ISysUserRoleService extends IService<SysUserRole>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/ISysUserService.java
浏览文件 @ d0432f8f
......@@ -56,6 +56,7 @@ public interface ISysUserService extends IService<SysUser>{
*/
boolean execute(String sql, Map param);
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysAppMenuItemServiceImpl.java
浏览文件 @ d0432f8f
......@@ -179,6 +179,7 @@ public class SysAppMenuItemServiceImpl extends ServiceImpl<SysAppMenuItemMapper,
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysAuthLogServiceImpl.java
浏览文件 @ d0432f8f
......@@ -179,6 +179,7 @@ public class SysAuthLogServiceImpl extends ServiceImpl<SysAuthLogMapper, SysAuth
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysOperatorPrivServiceImpl.java
浏览文件 @ d0432f8f
......@@ -179,6 +179,7 @@ public class SysOperatorPrivServiceImpl extends ServiceImpl<SysOperatorPrivMappe
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysPSSystemServiceImpl.java
浏览文件 @ d0432f8f
......@@ -179,6 +179,7 @@ public class SysPSSystemServiceImpl extends ServiceImpl<SysPSSystemMapper, SysPS
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysPermissionServiceImpl.java
浏览文件 @ d0432f8f
......@@ -182,6 +182,7 @@ public class SysPermissionServiceImpl extends ServiceImpl<SysPermissionMapper, S
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysRolePermissionServiceImpl.java
浏览文件 @ d0432f8f
......@@ -240,6 +240,7 @@ public class SysRolePermissionServiceImpl extends ServiceImpl<SysRolePermissionM
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysRoleServiceImpl.java
浏览文件 @ d0432f8f
......@@ -185,6 +185,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysUniResServiceImpl.java
浏览文件 @ d0432f8f
......@@ -179,6 +179,7 @@ public class SysUniResServiceImpl extends ServiceImpl<SysUniResMapper, SysUniRes
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysUserRoleServiceImpl.java
浏览文件 @ d0432f8f
......@@ -238,6 +238,7 @@ public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUs
return true;
}
}
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/service/impl/SysUserServiceImpl.java
浏览文件 @ d0432f8f
......@@ -182,6 +182,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
return true;
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/docker/Dockerfile
浏览文件 @ d0432f8f
......@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-provider-api.jar
EXPOSE 8081
EXPOSE 40002
ADD ibzuaa-provider-api.jar /ibzuaa-provider-api.jar
ibzuaa-provider/ibzuaa-provider-api/src/main/docker/ibzuaa-provider-api.yaml
浏览文件 @ d0432f8f
......@@ -3,9 +3,21 @@ services:
ibzuaa-provider-api:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-provider-api:latest
ports:
- "8081:8081"
- "40002:40002"
networks:
- agent_network
environment:
- SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
- SERVER_PORT=40002
- SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
- SPRING_REDIS_HOST=172.16.100.243
- SPRING_REDIS_PORT=6379
- SPRING_REDIS_DATABASE=0
- SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
- SPRING_DATASOURCE_PASSWORD=@6dEfb3@
- SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
- SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
- SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
deploy:
mode: replicated
replicas: 1
......
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysAuthLogResource.java
浏览文件 @ d0432f8f
......@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysAuthLogSearchContext;
public class SysAuthLogResource {
@Autowired
private ISysAuthLogService sysauthlogService;
public ISysAuthLogService sysauthlogService;
@Autowired
@Lazy
public SysAuthLogMapping sysauthlogMapping;
public SysAuthLogDTO permissionDTO=new SysAuthLogDTO();
@ApiOperation(value = "GetDraft", tags = {"SysAuthLog" }, notes = "GetDraft")
@RequestMapping(method = RequestMethod.GET, value = "/sysauthlogs/getdraft")
public ResponseEntity<SysAuthLogDTO> getDraft() {
......@@ -66,7 +64,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysAuthLog" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysauthlogs/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) {
......@@ -82,7 +80,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(sysauthlogService.remove(sysauthlog_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysauthlogMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysAuthLog" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysauthlogs/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......@@ -101,7 +99,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysAuthLog" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysauthlogs/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) {
......@@ -131,7 +129,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(sysauthlogService.save(sysauthlogMapping.toDomain(sysauthlogdto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysAuthLog" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysauthlogs/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) {
......@@ -161,3 +159,4 @@ public class SysAuthLogResource {
.body(new PageImpl(sysauthlogMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysPermissionResource.java
浏览文件 @ d0432f8f
......@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysPermissionSearchContext;
public class SysPermissionResource {
@Autowired
private ISysPermissionService syspermissionService;
public ISysPermissionService syspermissionService;
@Autowired
@Lazy
public SysPermissionMapping syspermissionMapping;
public SysPermissionDTO permissionDTO=new SysPermissionDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Save-all')")
@ApiOperation(value = "Save", tags = {"SysPermission" }, notes = "Save")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/save")
......@@ -55,7 +53,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(syspermissionService.save(syspermissionMapping.toDomain(syspermissiondto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.syspermissionMapping,#syspermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysPermission" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) {
......@@ -77,7 +75,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(syspermissionService.remove(syspermission_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.syspermissionMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysPermission" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/syspermissions/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......@@ -97,7 +95,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.syspermissionMapping,#syspermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysPermission" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/syspermissions/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) {
......@@ -116,7 +114,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.syspermissionMapping,#syspermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysPermission" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) {
......@@ -161,3 +159,4 @@ public class SysPermissionResource {
.body(new PageImpl(syspermissionMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysRolePermissionResource.java
浏览文件 @ d0432f8f
......@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysRolePermissionSearchContext;
public class SysRolePermissionResource {
@Autowired
private ISysRolePermissionService sysrolepermissionService;
public ISysRolePermissionService sysrolepermissionService;
@Autowired
@Lazy
public SysRolePermissionMapping sysrolepermissionMapping;
public SysRolePermissionDTO permissionDTO=new SysRolePermissionDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Get-all')")
@ApiOperation(value = "Get", tags = {"SysRolePermission" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/sysrolepermissions/{sysrolepermission_id}")
......@@ -65,7 +63,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysRolePermission" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysrolepermissions/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......@@ -90,7 +88,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysRolePermission" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysrolepermissions/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -111,7 +109,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(sysrolepermissionMapping.toDomain(sysrolepermissiondto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysRolePermission" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysrolepermissions/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -131,7 +129,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysRolePermission" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysrolepermissions/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -177,7 +175,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysPermission", tags = {"SysRolePermission" }, notes = "RemoveBatchBySysPermission")
@RequestMapping(method = RequestMethod.DELETE, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> removeBatchBySysPermission(@RequestBody List<String> ids) {
......@@ -205,7 +203,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Create-all')")
@ApiOperation(value = "createBatchBySysPermission", tags = {"SysRolePermission" }, notes = "createBatchBySysPermission")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> createBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -232,7 +230,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(domain));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Save-all')")
@ApiOperation(value = "SaveBatchBySysPermission", tags = {"SysRolePermission" }, notes = "SaveBatchBySysPermission")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/{syspermission_id}/sysrolepermissions/savebatch")
public ResponseEntity<Boolean> saveBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -257,7 +255,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Update-all')")
@ApiOperation(value = "UpdateBatchBySysPermission", tags = {"SysRolePermission" }, notes = "UpdateBatchBySysPermission")
@RequestMapping(method = RequestMethod.PUT, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> updateBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -309,7 +307,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysRole", tags = {"SysRolePermission" }, notes = "RemoveBatchBySysRole")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> removeBatchBySysRole(@RequestBody List<String> ids) {
......@@ -337,7 +335,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Create-all')")
@ApiOperation(value = "createBatchBySysRole", tags = {"SysRolePermission" }, notes = "createBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> createBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -364,7 +362,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(domain));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Save-all')")
@ApiOperation(value = "SaveBatchBySysRole", tags = {"SysRolePermission" }, notes = "SaveBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysrolepermissions/savebatch")
public ResponseEntity<Boolean> saveBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -389,7 +387,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Update-all')")
@ApiOperation(value = "UpdateBatchBySysRole", tags = {"SysRolePermission" }, notes = "UpdateBatchBySysRole")
@RequestMapping(method = RequestMethod.PUT, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> updateBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
......@@ -425,3 +423,4 @@ public class SysRolePermissionResource {
.body(new PageImpl(sysrolepermissionMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysRoleResource.java
浏览文件 @ d0432f8f
......@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysRoleSearchContext;
public class SysRoleResource {
@Autowired
private ISysRoleService sysroleService;
public ISysRoleService sysroleService;
@Autowired
@Lazy
public SysRoleMapping sysroleMapping;
public SysRoleDTO permissionDTO=new SysRoleDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Save-all')")
@ApiOperation(value = "Save", tags = {"SysRole" }, notes = "Save")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/save")
......@@ -55,7 +53,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysroleService.save(sysroleMapping.toDomain(sysroledto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysroleMapping,#sysroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysRole" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysRoleDTO> sysroledtos) {
......@@ -75,7 +73,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysroleMapping,#sysroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysRole" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysroles/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysRoleDTO> sysroledtos) {
......@@ -94,7 +92,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysroleMapping,#sysroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysRole" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysRoleDTO> sysroledtos) {
......@@ -119,7 +117,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysroleService.remove(sysrole_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysroleMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysRole" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......@@ -161,3 +159,4 @@ public class SysRoleResource {
.body(new PageImpl(sysroleMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysUserResource.java
浏览文件 @ d0432f8f
......@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysUserSearchContext;
public class SysUserResource {
@Autowired
private ISysUserService sysuserService;
public ISysUserService sysuserService;
@Autowired
@Lazy
public SysUserMapping sysuserMapping;
public SysUserDTO permissionDTO=new SysUserDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Remove-all')")
@ApiOperation(value = "Remove", tags = {"SysUser" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/{sysuser_id}")
......@@ -56,7 +54,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserService.remove(sysuser_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysUser" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......@@ -76,7 +74,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserMapping,#sysuserdtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysUser" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysusers/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysUserDTO> sysuserdtos) {
......@@ -106,7 +104,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserService.save(sysuserMapping.toDomain(sysuserdto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserMapping,#sysuserdtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysUser" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysUserDTO> sysuserdtos) {
......@@ -131,7 +129,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserMapping,#sysuserdtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysUser" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysUserDTO> sysuserdtos) {
......@@ -161,3 +159,4 @@ public class SysUserResource {
.body(new PageImpl(sysuserMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
}
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysUserRoleResource.java
浏览文件 @ d0432f8f
......@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysUserRoleSearchContext;
public class SysUserRoleResource {
@Autowired
private ISysUserRoleService sysuserroleService;
public ISysUserRoleService sysuserroleService;
@Autowired
@Lazy
public SysUserRoleMapping sysuserroleMapping;
public SysUserRoleDTO permissionDTO=new SysUserRoleDTO();
@ApiOperation(value = "CheckKey", tags = {"SysUserRole" }, notes = "CheckKey")
@RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/checkkey")
public ResponseEntity<Boolean> checkKey(@RequestBody SysUserRoleDTO sysuserroledto) {
......@@ -72,7 +70,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysUserRole" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysuserroles/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -88,7 +86,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysUserRole" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysuserroles/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
......@@ -107,7 +105,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysUserRole" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -131,7 +129,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(sysuserroleMapping.toDomain(sysuserroledto)));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysUserRole" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -187,7 +185,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Update-all')")
@ApiOperation(value = "UpdateBatchBySysRole", tags = {"SysUserRole" }, notes = "UpdateBatchBySysRole")
@RequestMapping(method = RequestMethod.PUT, value = "/sysroles/{sysrole_id}/sysuserroles/batch")
public ResponseEntity<Boolean> updateBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -207,7 +205,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysRole", tags = {"SysUserRole" }, notes = "RemoveBatchBySysRole")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/{sysrole_id}/sysuserroles/batch")
public ResponseEntity<Boolean> removeBatchBySysRole(@RequestBody List<String> ids) {
......@@ -227,7 +225,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Create-all')")
@ApiOperation(value = "createBatchBySysRole", tags = {"SysUserRole" }, notes = "createBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysuserroles/batch")
public ResponseEntity<Boolean> createBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -257,7 +255,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(domain));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Save-all')")
@ApiOperation(value = "SaveBatchBySysRole", tags = {"SysUserRole" }, notes = "SaveBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysuserroles/savebatch")
public ResponseEntity<Boolean> saveBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -319,7 +317,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Update-all')")
@ApiOperation(value = "UpdateBatchBySysUser", tags = {"SysUserRole" }, notes = "UpdateBatchBySysUser")
@RequestMapping(method = RequestMethod.PUT, value = "/sysusers/{sysuser_id}/sysuserroles/batch")
public ResponseEntity<Boolean> updateBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -339,7 +337,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id));
}
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysUser", tags = {"SysUserRole" }, notes = "RemoveBatchBySysUser")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/{sysuser_id}/sysuserroles/batch")
public ResponseEntity<Boolean> removeBatchBySysUser(@RequestBody List<String> ids) {
......@@ -359,7 +357,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Create-all')")
@ApiOperation(value = "createBatchBySysUser", tags = {"SysUserRole" }, notes = "createBatchBySysUser")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/{sysuser_id}/sysuserroles/batch")
public ResponseEntity<Boolean> createBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -389,7 +387,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(domain));
}
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})")
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Save-all')")
@ApiOperation(value = "SaveBatchBySysUser", tags = {"SysUserRole" }, notes = "SaveBatchBySysUser")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/{sysuser_id}/sysuserroles/savebatch")
public ResponseEntity<Boolean> saveBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
......@@ -425,3 +423,4 @@ public class SysUserRoleResource {
.body(new PageImpl(sysuserroleMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
}
}
ibzuaa-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
浏览文件 @ d0432f8f
......@@ -11,7 +11,6 @@ import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import java.io.Serializable;
import java.lang.reflect.Field;
import java.util.*;
/**
......@@ -23,7 +22,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
@Value("${ibiz.enablePermissionValid:false}")
boolean enablePermissionValid; //是否开启权限校验
/**
* 实体行为鉴权
* @param authentication
......@@ -39,26 +37,26 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true;
String strAction=String.valueOf(action);
Set<String> entityDataRange = getAuthorities(authentication,strAction);
if(entityDataRange.size()==0)
Set<String> userAuthorities = getAuthorities(authentication,strAction);
if(userAuthorities.size()==0)
return false;
//拥有全部数据访问权限时,则跳过权限检查
if(isAllData(strAction,entityDataRange)){
if(isAllData(strAction,userAuthorities)){
return true;
}
if(entity instanceof ArrayList){
List<EntityBase> entities= (List<EntityBase>) entity;
for(EntityBase entityBase: entities){
boolean result=actionValid(entityBase,entityDataRange);
boolean result=actionValid(entityBase, strAction ,userAuthorities);
if(!result){
return false;
return false;
}
}
}
else{
EntityBase entityBase= (EntityBase) entity;
return actionValid(entityBase,entityDataRange);
return actionValid(entityBase , strAction ,userAuthorities);
}
return true;
}
......@@ -77,15 +75,14 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
*/
private Set<String> getAuthorities(Authentication authentication , String action){
Collection authorities=authentication.getAuthorities();
Set<String> entityDataRange = new HashSet();
Iterator var2 = authorities.iterator();
while(var2.hasNext()) {
GrantedAuthority authority = (GrantedAuthority)var2.next();
Set<String> userAuthorities = new HashSet();
Iterator it = authorities.iterator();
while(it.hasNext()) {
GrantedAuthority authority = (GrantedAuthority)it.next();
if(authority.getAuthority().contains(action))
entityDataRange.add(authority.getAuthority());
userAuthorities.add(authority.getAuthority());
}
return entityDataRange;
return userAuthorities;
}
/**
......@@ -106,10 +103,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
/**
* 实体行为权限校验
* @param entity
* @param entityDataRange
* @param userAuthorities
* @return
*/
private boolean actionValid(EntityBase entity, Set<String> entityDataRange){
private boolean actionValid(EntityBase entity, String action , Set<String> userAuthorities){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String orgField=permissionField.get("orgfield");
......@@ -129,38 +126,47 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
Set<String> userOrg = new HashSet<>();
Set<String> userOrgDept = new HashSet<>();
for(String permissionCond:entityDataRange){
if(permissionCond.endsWith("curorg")){ //本单位
for(String authority:userAuthorities){
if(authority.endsWith("curorg")){ //本单位
userOrg.add(authenticationUser.getOrgid());
}
else if(permissionCond.endsWith("porg")){//上级单位
else if(authority.endsWith("porg")){//上级单位
userOrg.addAll(orgParent);
}
else if(permissionCond.endsWith("sorg")){//下级单位
else if(authority.endsWith("sorg")){//下级单位
userOrg.addAll(orgChild);
}
else if(permissionCond.endsWith("curorgdept")){//本部门
else if(authority.endsWith("curorgdept")){//本部门
userOrgDept.add(authenticationUser.getMdeptid());
}
else if(permissionCond.endsWith("porgdept")){//上级部门
else if(authority.endsWith("porgdept")){//上级部门
userOrgDept.addAll(orgDeptParent);
}
else if(permissionCond.endsWith("sorgdept")){//下级部门
else if(authority.endsWith("sorgdept")){//下级部门
userOrgDept.addAll(orgDeptChild);
}
}
if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue)){
return false;
}
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue)){
return false;
if(action.endsWith("Create") || action.endsWith("Save")){
if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue))
return false;
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue))
return false;
if(!ObjectUtils.isEmpty(crateManFieldValue) && !authenticationUser.getUserid().equals(crateManFieldValue))
return false;
return true;
}
if(!ObjectUtils.isEmpty(crateManFieldValue) && !crateManFieldValue.equals(authenticationUser.getUserid())){
else{
if(!ObjectUtils.isEmpty(orgFieldValue) && userOrg.contains(orgFieldValue))
return true;
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && userOrgDept.contains(orgDeptFieldValue))
return true;
if(!ObjectUtils.isEmpty(crateManFieldValue) && authenticationUser.getUserid().equals(crateManFieldValue))
return true;
return false;
}
return true;
}
/**
......@@ -174,44 +180,24 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
String orgField="orgid"; //组织属性
String orgDeptField="orgsecid"; //部门属性
String createManField="createman"; //创建人属性
String keyField="";//主键属性
DEFieldCacheMap.getFieldMap(entityBase.getClass().getName());
Map <Field, DEField> preFields= SearchDEField(entityBase.getClass().getName()); //从缓存中获取当前类预置属性
Map <String, DEField> preFields= DEFieldCacheMap.getDEFields(entityBase.getClass()); //从缓存中获取当前类预置属性
for (Map.Entry<Field,DEField> entry : preFields.entrySet()){
Field preField=entry.getKey();//获取注解字段
for (Map.Entry<String,DEField> entry : preFields.entrySet()){
String fieldName=entry.getKey();//获取注解字段
DEField fieldAnnotation=entry.getValue();//获取注解值
DEPredefinedFieldType prefieldType=fieldAnnotation.preType();
if(prefieldType==prefieldType.ORGID)//用户配置系统预置属性-组织机构标识
orgField=preField.getName();
orgField=fieldName;
if(prefieldType==prefieldType.ORGSECTORID)//用户配置系统预置属性-部门标识
orgDeptField=preField.getName();
if(fieldAnnotation.isKeyField())//用户配置系统预置属性-部门标识
keyField=preField.getName();
orgDeptField=fieldName;
if(prefieldType==prefieldType.CREATEMAN)//用户配置系统预置属性-部门标识
createManField=fieldName;
}
permissionFiled.put("orgfield",orgField);
permissionFiled.put("orgsecfield",orgDeptField);
permissionFiled.put("createmanfield",createManField);
permissionFiled.put("keyfield",keyField);
return permissionFiled;
}
/**
*获取含有@DEField注解的实体属性
* @param className do对象类名
* @return
*/
private Map <Field, DEField> SearchDEField(String className){
List<Field> fields = DEFieldCacheMap.getFields(className);
Map <Field, DEField> deFieldMap =new HashMap<>();
for(Field field:fields){
DEField deField=field.getAnnotation(DEField.class);
if(!ObjectUtils.isEmpty(deField)) {
deFieldMap.put(field,deField);
}
}
return deFieldMap;
}
}
\ No newline at end of file
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册