提交 d0432f8f 编写于 作者: ibizdev's avatar ibizdev

ibiz4j 部署微服务接口

上级 53c4ecb6
...@@ -37,11 +37,11 @@ ...@@ -37,11 +37,11 @@
git clone -b master $para2 ibzuaa/ git clone -b master $para2 ibzuaa/
export NODE_OPTIONS=--max-old-space-size=4096 export NODE_OPTIONS=--max-old-space-size=4096
cd ibzuaa/ cd ibzuaa/
mvn clean package -Pweb mvn clean package -Papi
cd ibzuaa-app/ibzuaa-app-web cd ibzuaa-provider/ibzuaa-provider-api
mvn -Pweb docker:build mvn -Papi docker:build
mvn -Pweb docker:push mvn -Papi docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzuaa-app-web.yaml ibzlab-rt --with-registry-auth docker -H $para1 stack deploy --compose-file=src/main/docker/ibzuaa-provider-api.yaml ibzlab-rt --with-registry-auth
</command> </command>
</hudson.tasks.Shell> </hudson.tasks.Shell>
</builders> </builders>
......
...@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \ ...@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \ sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-app-web.jar java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-app-web.jar
EXPOSE 30002 EXPOSE 8080
ADD ibzuaa-app-web.jar /ibzuaa-app-web.jar ADD ibzuaa-app-web.jar /ibzuaa-app-web.jar
...@@ -3,23 +3,9 @@ services: ...@@ -3,23 +3,9 @@ services:
ibzuaa-app-web: ibzuaa-app-web:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-app-web:latest image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-app-web:latest
ports: ports:
- "30002:30002" - "8080:8080"
networks: networks:
- agent_network - agent_network
environment:
- SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
- SERVER_PORT=30002
- SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
- SPRING_REDIS_HOST=172.16.100.243
- SPRING_REDIS_PORT=6379
- SPRING_REDIS_DATABASE=0
- SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
- SPRING_DATASOURCE_PASSWORD=@6dEfb3@
- SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
- SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
- SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
- ABC=1
- DEC=2
deploy: deploy:
mode: replicated mode: replicated
replicas: 1 replicas: 1
......
...@@ -52,6 +52,7 @@ public interface ISysAppMenuItemService extends IService<SysAppMenuItem>{ ...@@ -52,6 +52,7 @@ public interface ISysAppMenuItemService extends IService<SysAppMenuItem>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -52,6 +52,7 @@ public interface ISysAuthLogService extends IService<SysAuthLog>{ ...@@ -52,6 +52,7 @@ public interface ISysAuthLogService extends IService<SysAuthLog>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -52,6 +52,7 @@ public interface ISysOperatorPrivService extends IService<SysOperatorPriv>{ ...@@ -52,6 +52,7 @@ public interface ISysOperatorPrivService extends IService<SysOperatorPriv>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -52,6 +52,7 @@ public interface ISysPSSystemService extends IService<SysPSSystem>{ ...@@ -52,6 +52,7 @@ public interface ISysPSSystemService extends IService<SysPSSystem>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -52,6 +52,7 @@ public interface ISysPermissionService extends IService<SysPermission>{ ...@@ -52,6 +52,7 @@ public interface ISysPermissionService extends IService<SysPermission>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -56,6 +56,7 @@ public interface ISysRolePermissionService extends IService<SysRolePermission>{ ...@@ -56,6 +56,7 @@ public interface ISysRolePermissionService extends IService<SysRolePermission>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -56,6 +56,7 @@ public interface ISysRoleService extends IService<SysRole>{ ...@@ -56,6 +56,7 @@ public interface ISysRoleService extends IService<SysRole>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -52,6 +52,7 @@ public interface ISysUniResService extends IService<SysUniRes>{ ...@@ -52,6 +52,7 @@ public interface ISysUniResService extends IService<SysUniRes>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -56,6 +56,7 @@ public interface ISysUserRoleService extends IService<SysUserRole>{ ...@@ -56,6 +56,7 @@ public interface ISysUserRoleService extends IService<SysUserRole>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -56,6 +56,7 @@ public interface ISysUserService extends IService<SysUser>{ ...@@ -56,6 +56,7 @@ public interface ISysUserService extends IService<SysUser>{
*/ */
boolean execute(String sql, Map param); boolean execute(String sql, Map param);
} }
...@@ -179,6 +179,7 @@ public class SysAppMenuItemServiceImpl extends ServiceImpl<SysAppMenuItemMapper, ...@@ -179,6 +179,7 @@ public class SysAppMenuItemServiceImpl extends ServiceImpl<SysAppMenuItemMapper,
return true; return true;
} }
} }
...@@ -179,6 +179,7 @@ public class SysAuthLogServiceImpl extends ServiceImpl<SysAuthLogMapper, SysAuth ...@@ -179,6 +179,7 @@ public class SysAuthLogServiceImpl extends ServiceImpl<SysAuthLogMapper, SysAuth
return true; return true;
} }
} }
...@@ -179,6 +179,7 @@ public class SysOperatorPrivServiceImpl extends ServiceImpl<SysOperatorPrivMappe ...@@ -179,6 +179,7 @@ public class SysOperatorPrivServiceImpl extends ServiceImpl<SysOperatorPrivMappe
return true; return true;
} }
} }
...@@ -179,6 +179,7 @@ public class SysPSSystemServiceImpl extends ServiceImpl<SysPSSystemMapper, SysPS ...@@ -179,6 +179,7 @@ public class SysPSSystemServiceImpl extends ServiceImpl<SysPSSystemMapper, SysPS
return true; return true;
} }
} }
...@@ -182,6 +182,7 @@ public class SysPermissionServiceImpl extends ServiceImpl<SysPermissionMapper, S ...@@ -182,6 +182,7 @@ public class SysPermissionServiceImpl extends ServiceImpl<SysPermissionMapper, S
return true; return true;
} }
} }
...@@ -240,6 +240,7 @@ public class SysRolePermissionServiceImpl extends ServiceImpl<SysRolePermissionM ...@@ -240,6 +240,7 @@ public class SysRolePermissionServiceImpl extends ServiceImpl<SysRolePermissionM
return true; return true;
} }
} }
...@@ -185,6 +185,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl ...@@ -185,6 +185,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
return true; return true;
} }
} }
...@@ -179,6 +179,7 @@ public class SysUniResServiceImpl extends ServiceImpl<SysUniResMapper, SysUniRes ...@@ -179,6 +179,7 @@ public class SysUniResServiceImpl extends ServiceImpl<SysUniResMapper, SysUniRes
return true; return true;
} }
} }
...@@ -238,6 +238,7 @@ public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUs ...@@ -238,6 +238,7 @@ public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUs
return true; return true;
} }
} }
...@@ -182,6 +182,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl ...@@ -182,6 +182,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
return true; return true;
} }
} }
...@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \ ...@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \ sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-provider-api.jar java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzuaa-provider-api.jar
EXPOSE 8081 EXPOSE 40002
ADD ibzuaa-provider-api.jar /ibzuaa-provider-api.jar ADD ibzuaa-provider-api.jar /ibzuaa-provider-api.jar
...@@ -3,9 +3,21 @@ services: ...@@ -3,9 +3,21 @@ services:
ibzuaa-provider-api: ibzuaa-provider-api:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-provider-api:latest image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzuaa-provider-api:latest
ports: ports:
- "8081:8081" - "40002:40002"
networks: networks:
- agent_network - agent_network
environment:
- SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
- SERVER_PORT=40002
- SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
- SPRING_REDIS_HOST=172.16.100.243
- SPRING_REDIS_PORT=6379
- SPRING_REDIS_DATABASE=0
- SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
- SPRING_DATASOURCE_PASSWORD=@6dEfb3@
- SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
- SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
- SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
deploy: deploy:
mode: replicated mode: replicated
replicas: 1 replicas: 1
......
...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysAuthLogSearchContext; ...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysAuthLogSearchContext;
public class SysAuthLogResource { public class SysAuthLogResource {
@Autowired @Autowired
private ISysAuthLogService sysauthlogService; public ISysAuthLogService sysauthlogService;
@Autowired @Autowired
@Lazy @Lazy
public SysAuthLogMapping sysauthlogMapping; public SysAuthLogMapping sysauthlogMapping;
public SysAuthLogDTO permissionDTO=new SysAuthLogDTO();
@ApiOperation(value = "GetDraft", tags = {"SysAuthLog" }, notes = "GetDraft") @ApiOperation(value = "GetDraft", tags = {"SysAuthLog" }, notes = "GetDraft")
@RequestMapping(method = RequestMethod.GET, value = "/sysauthlogs/getdraft") @RequestMapping(method = RequestMethod.GET, value = "/sysauthlogs/getdraft")
public ResponseEntity<SysAuthLogDTO> getDraft() { public ResponseEntity<SysAuthLogDTO> getDraft() {
...@@ -66,7 +64,7 @@ public class SysAuthLogResource { ...@@ -66,7 +64,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysAuthLog" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"SysAuthLog" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysauthlogs/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysauthlogs/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) {
...@@ -82,7 +80,7 @@ public class SysAuthLogResource { ...@@ -82,7 +80,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(sysauthlogService.remove(sysauthlog_id)); return ResponseEntity.status(HttpStatus.OK).body(sysauthlogService.remove(sysauthlog_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysauthlogMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysAuthLog" }, notes = "RemoveBatch") @ApiOperation(value = "RemoveBatch", tags = {"SysAuthLog" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysauthlogs/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysauthlogs/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
...@@ -101,7 +99,7 @@ public class SysAuthLogResource { ...@@ -101,7 +99,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysAuthLog" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"SysAuthLog" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysauthlogs/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysauthlogs/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) {
...@@ -131,7 +129,7 @@ public class SysAuthLogResource { ...@@ -131,7 +129,7 @@ public class SysAuthLogResource {
return ResponseEntity.status(HttpStatus.OK).body(sysauthlogService.save(sysauthlogMapping.toDomain(sysauthlogdto))); return ResponseEntity.status(HttpStatus.OK).body(sysauthlogService.save(sysauthlogMapping.toDomain(sysauthlogdto)));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysauthlogMapping,#sysauthlogdtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysAuthLog-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysAuthLog" }, notes = "SaveBatch") @ApiOperation(value = "SaveBatch", tags = {"SysAuthLog" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysauthlogs/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysauthlogs/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) { public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysAuthLogDTO> sysauthlogdtos) {
...@@ -161,3 +159,4 @@ public class SysAuthLogResource { ...@@ -161,3 +159,4 @@ public class SysAuthLogResource {
.body(new PageImpl(sysauthlogMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements())); .body(new PageImpl(sysauthlogMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
} }
} }
...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysPermissionSearchContext; ...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysPermissionSearchContext;
public class SysPermissionResource { public class SysPermissionResource {
@Autowired @Autowired
private ISysPermissionService syspermissionService; public ISysPermissionService syspermissionService;
@Autowired @Autowired
@Lazy @Lazy
public SysPermissionMapping syspermissionMapping; public SysPermissionMapping syspermissionMapping;
public SysPermissionDTO permissionDTO=new SysPermissionDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Save-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Save-all')")
@ApiOperation(value = "Save", tags = {"SysPermission" }, notes = "Save") @ApiOperation(value = "Save", tags = {"SysPermission" }, notes = "Save")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/save") @RequestMapping(method = RequestMethod.POST, value = "/syspermissions/save")
...@@ -55,7 +53,7 @@ public class SysPermissionResource { ...@@ -55,7 +53,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(syspermissionService.save(syspermissionMapping.toDomain(syspermissiondto))); return ResponseEntity.status(HttpStatus.OK).body(syspermissionService.save(syspermissionMapping.toDomain(syspermissiondto)));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.syspermissionMapping,#syspermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysPermission" }, notes = "SaveBatch") @ApiOperation(value = "SaveBatch", tags = {"SysPermission" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/syspermissions/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) { public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) {
...@@ -77,7 +75,7 @@ public class SysPermissionResource { ...@@ -77,7 +75,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(syspermissionService.remove(syspermission_id)); return ResponseEntity.status(HttpStatus.OK).body(syspermissionService.remove(syspermission_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.syspermissionMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysPermission" }, notes = "RemoveBatch") @ApiOperation(value = "RemoveBatch", tags = {"SysPermission" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/syspermissions/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/syspermissions/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
...@@ -97,7 +95,7 @@ public class SysPermissionResource { ...@@ -97,7 +95,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.syspermissionMapping,#syspermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysPermission" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"SysPermission" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/syspermissions/batch") @RequestMapping(method = RequestMethod.PUT, value = "/syspermissions/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) {
...@@ -116,7 +114,7 @@ public class SysPermissionResource { ...@@ -116,7 +114,7 @@ public class SysPermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.syspermissionMapping,#syspermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPermission-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysPermission" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"SysPermission" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/batch") @RequestMapping(method = RequestMethod.POST, value = "/syspermissions/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<SysPermissionDTO> syspermissiondtos) {
...@@ -161,3 +159,4 @@ public class SysPermissionResource { ...@@ -161,3 +159,4 @@ public class SysPermissionResource {
.body(new PageImpl(syspermissionMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements())); .body(new PageImpl(syspermissionMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
} }
} }
...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysRolePermissionSearchContext; ...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysRolePermissionSearchContext;
public class SysRolePermissionResource { public class SysRolePermissionResource {
@Autowired @Autowired
private ISysRolePermissionService sysrolepermissionService; public ISysRolePermissionService sysrolepermissionService;
@Autowired @Autowired
@Lazy @Lazy
public SysRolePermissionMapping sysrolepermissionMapping; public SysRolePermissionMapping sysrolepermissionMapping;
public SysRolePermissionDTO permissionDTO=new SysRolePermissionDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Get-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Get-all')")
@ApiOperation(value = "Get", tags = {"SysRolePermission" }, notes = "Get") @ApiOperation(value = "Get", tags = {"SysRolePermission" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/sysrolepermissions/{sysrolepermission_id}") @RequestMapping(method = RequestMethod.GET, value = "/sysrolepermissions/{sysrolepermission_id}")
...@@ -65,7 +63,7 @@ public class SysRolePermissionResource { ...@@ -65,7 +63,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id)); return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysRolePermission" }, notes = "RemoveBatch") @ApiOperation(value = "RemoveBatch", tags = {"SysRolePermission" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysrolepermissions/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
...@@ -90,7 +88,7 @@ public class SysRolePermissionResource { ...@@ -90,7 +88,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysRolePermission" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"SysRolePermission" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysrolepermissions/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -111,7 +109,7 @@ public class SysRolePermissionResource { ...@@ -111,7 +109,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(sysrolepermissionMapping.toDomain(sysrolepermissiondto))); return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(sysrolepermissionMapping.toDomain(sysrolepermissiondto)));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysRolePermission" }, notes = "SaveBatch") @ApiOperation(value = "SaveBatch", tags = {"SysRolePermission" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysrolepermissions/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysrolepermissions/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -131,7 +129,7 @@ public class SysRolePermissionResource { ...@@ -131,7 +129,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysRolePermission" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"SysRolePermission" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysrolepermissions/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -177,7 +175,7 @@ public class SysRolePermissionResource { ...@@ -177,7 +175,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id)); return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysPermission", tags = {"SysRolePermission" }, notes = "RemoveBatchBySysPermission") @ApiOperation(value = "RemoveBatchBySysPermission", tags = {"SysRolePermission" }, notes = "RemoveBatchBySysPermission")
@RequestMapping(method = RequestMethod.DELETE, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> removeBatchBySysPermission(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatchBySysPermission(@RequestBody List<String> ids) {
...@@ -205,7 +203,7 @@ public class SysRolePermissionResource { ...@@ -205,7 +203,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Create-all')")
@ApiOperation(value = "createBatchBySysPermission", tags = {"SysRolePermission" }, notes = "createBatchBySysPermission") @ApiOperation(value = "createBatchBySysPermission", tags = {"SysRolePermission" }, notes = "createBatchBySysPermission")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.POST, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> createBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> createBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -232,7 +230,7 @@ public class SysRolePermissionResource { ...@@ -232,7 +230,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(domain)); return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(domain));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Save-all')")
@ApiOperation(value = "SaveBatchBySysPermission", tags = {"SysRolePermission" }, notes = "SaveBatchBySysPermission") @ApiOperation(value = "SaveBatchBySysPermission", tags = {"SysRolePermission" }, notes = "SaveBatchBySysPermission")
@RequestMapping(method = RequestMethod.POST, value = "/syspermissions/{syspermission_id}/sysrolepermissions/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/syspermissions/{syspermission_id}/sysrolepermissions/savebatch")
public ResponseEntity<Boolean> saveBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> saveBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -257,7 +255,7 @@ public class SysRolePermissionResource { ...@@ -257,7 +255,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Update-all')")
@ApiOperation(value = "UpdateBatchBySysPermission", tags = {"SysRolePermission" }, notes = "UpdateBatchBySysPermission") @ApiOperation(value = "UpdateBatchBySysPermission", tags = {"SysRolePermission" }, notes = "UpdateBatchBySysPermission")
@RequestMapping(method = RequestMethod.PUT, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.PUT, value = "/syspermissions/{syspermission_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> updateBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> updateBatchBySysPermission(@PathVariable("syspermission_id") String syspermission_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -309,7 +307,7 @@ public class SysRolePermissionResource { ...@@ -309,7 +307,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id)); return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.remove(sysrolepermission_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysrolepermissionMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysRole", tags = {"SysRolePermission" }, notes = "RemoveBatchBySysRole") @ApiOperation(value = "RemoveBatchBySysRole", tags = {"SysRolePermission" }, notes = "RemoveBatchBySysRole")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> removeBatchBySysRole(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatchBySysRole(@RequestBody List<String> ids) {
...@@ -337,7 +335,7 @@ public class SysRolePermissionResource { ...@@ -337,7 +335,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Create-all')")
@ApiOperation(value = "createBatchBySysRole", tags = {"SysRolePermission" }, notes = "createBatchBySysRole") @ApiOperation(value = "createBatchBySysRole", tags = {"SysRolePermission" }, notes = "createBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> createBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> createBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -364,7 +362,7 @@ public class SysRolePermissionResource { ...@@ -364,7 +362,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(domain)); return ResponseEntity.status(HttpStatus.OK).body(sysrolepermissionService.save(domain));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Save-all')")
@ApiOperation(value = "SaveBatchBySysRole", tags = {"SysRolePermission" }, notes = "SaveBatchBySysRole") @ApiOperation(value = "SaveBatchBySysRole", tags = {"SysRolePermission" }, notes = "SaveBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysrolepermissions/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysrolepermissions/savebatch")
public ResponseEntity<Boolean> saveBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> saveBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -389,7 +387,7 @@ public class SysRolePermissionResource { ...@@ -389,7 +387,7 @@ public class SysRolePermissionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysrolepermissionMapping,#sysrolepermissiondtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRolePermission-Update-all')")
@ApiOperation(value = "UpdateBatchBySysRole", tags = {"SysRolePermission" }, notes = "UpdateBatchBySysRole") @ApiOperation(value = "UpdateBatchBySysRole", tags = {"SysRolePermission" }, notes = "UpdateBatchBySysRole")
@RequestMapping(method = RequestMethod.PUT, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysroles/{sysrole_id}/sysrolepermissions/batch")
public ResponseEntity<Boolean> updateBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) { public ResponseEntity<Boolean> updateBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysRolePermissionDTO> sysrolepermissiondtos) {
...@@ -425,3 +423,4 @@ public class SysRolePermissionResource { ...@@ -425,3 +423,4 @@ public class SysRolePermissionResource {
.body(new PageImpl(sysrolepermissionMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements())); .body(new PageImpl(sysrolepermissionMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
} }
} }
...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysRoleSearchContext; ...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysRoleSearchContext;
public class SysRoleResource { public class SysRoleResource {
@Autowired @Autowired
private ISysRoleService sysroleService; public ISysRoleService sysroleService;
@Autowired @Autowired
@Lazy @Lazy
public SysRoleMapping sysroleMapping; public SysRoleMapping sysroleMapping;
public SysRoleDTO permissionDTO=new SysRoleDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Save-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Save-all')")
@ApiOperation(value = "Save", tags = {"SysRole" }, notes = "Save") @ApiOperation(value = "Save", tags = {"SysRole" }, notes = "Save")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/save") @RequestMapping(method = RequestMethod.POST, value = "/sysroles/save")
...@@ -55,7 +53,7 @@ public class SysRoleResource { ...@@ -55,7 +53,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysroleService.save(sysroleMapping.toDomain(sysroledto))); return ResponseEntity.status(HttpStatus.OK).body(sysroleService.save(sysroleMapping.toDomain(sysroledto)));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysroleMapping,#sysroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysRole" }, notes = "SaveBatch") @ApiOperation(value = "SaveBatch", tags = {"SysRole" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysroles/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysRoleDTO> sysroledtos) { public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysRoleDTO> sysroledtos) {
...@@ -75,7 +73,7 @@ public class SysRoleResource { ...@@ -75,7 +73,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysroleMapping,#sysroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysRole" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"SysRole" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysroles/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysroles/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysRoleDTO> sysroledtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysRoleDTO> sysroledtos) {
...@@ -94,7 +92,7 @@ public class SysRoleResource { ...@@ -94,7 +92,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysroleMapping,#sysroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysRole" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"SysRole" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysroles/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysRoleDTO> sysroledtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<SysRoleDTO> sysroledtos) {
...@@ -119,7 +117,7 @@ public class SysRoleResource { ...@@ -119,7 +117,7 @@ public class SysRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysroleService.remove(sysrole_id)); return ResponseEntity.status(HttpStatus.OK).body(sysroleService.remove(sysrole_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysroleMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysRole-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysRole" }, notes = "RemoveBatch") @ApiOperation(value = "RemoveBatch", tags = {"SysRole" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
...@@ -161,3 +159,4 @@ public class SysRoleResource { ...@@ -161,3 +159,4 @@ public class SysRoleResource {
.body(new PageImpl(sysroleMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements())); .body(new PageImpl(sysroleMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
} }
} }
...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysUserSearchContext; ...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysUserSearchContext;
public class SysUserResource { public class SysUserResource {
@Autowired @Autowired
private ISysUserService sysuserService; public ISysUserService sysuserService;
@Autowired @Autowired
@Lazy @Lazy
public SysUserMapping sysuserMapping; public SysUserMapping sysuserMapping;
public SysUserDTO permissionDTO=new SysUserDTO();
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Remove-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Remove-all')")
@ApiOperation(value = "Remove", tags = {"SysUser" }, notes = "Remove") @ApiOperation(value = "Remove", tags = {"SysUser" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/{sysuser_id}") @RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/{sysuser_id}")
...@@ -56,7 +54,7 @@ public class SysUserResource { ...@@ -56,7 +54,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserService.remove(sysuser_id)); return ResponseEntity.status(HttpStatus.OK).body(sysuserService.remove(sysuser_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysUser" }, notes = "RemoveBatch") @ApiOperation(value = "RemoveBatch", tags = {"SysUser" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
...@@ -76,7 +74,7 @@ public class SysUserResource { ...@@ -76,7 +74,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserMapping,#sysuserdtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysUser" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"SysUser" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysusers/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysusers/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysUserDTO> sysuserdtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysUserDTO> sysuserdtos) {
...@@ -106,7 +104,7 @@ public class SysUserResource { ...@@ -106,7 +104,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserService.save(sysuserMapping.toDomain(sysuserdto))); return ResponseEntity.status(HttpStatus.OK).body(sysuserService.save(sysuserMapping.toDomain(sysuserdto)));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserMapping,#sysuserdtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysUser" }, notes = "SaveBatch") @ApiOperation(value = "SaveBatch", tags = {"SysUser" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysusers/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysUserDTO> sysuserdtos) { public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysUserDTO> sysuserdtos) {
...@@ -131,7 +129,7 @@ public class SysUserResource { ...@@ -131,7 +129,7 @@ public class SysUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserMapping,#sysuserdtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUser-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysUser" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"SysUser" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysusers/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysUserDTO> sysuserdtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<SysUserDTO> sysuserdtos) {
...@@ -161,3 +159,4 @@ public class SysUserResource { ...@@ -161,3 +159,4 @@ public class SysUserResource {
.body(new PageImpl(sysuserMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements())); .body(new PageImpl(sysuserMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
} }
} }
...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysUserRoleSearchContext; ...@@ -40,14 +40,12 @@ import cn.ibizlab.core.uaa.filter.SysUserRoleSearchContext;
public class SysUserRoleResource { public class SysUserRoleResource {
@Autowired @Autowired
private ISysUserRoleService sysuserroleService; public ISysUserRoleService sysuserroleService;
@Autowired @Autowired
@Lazy @Lazy
public SysUserRoleMapping sysuserroleMapping; public SysUserRoleMapping sysuserroleMapping;
public SysUserRoleDTO permissionDTO=new SysUserRoleDTO();
@ApiOperation(value = "CheckKey", tags = {"SysUserRole" }, notes = "CheckKey") @ApiOperation(value = "CheckKey", tags = {"SysUserRole" }, notes = "CheckKey")
@RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/checkkey") @RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/checkkey")
public ResponseEntity<Boolean> checkKey(@RequestBody SysUserRoleDTO sysuserroledto) { public ResponseEntity<Boolean> checkKey(@RequestBody SysUserRoleDTO sysuserroledto) {
...@@ -72,7 +70,7 @@ public class SysUserRoleResource { ...@@ -72,7 +70,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Update-all')")
@ApiOperation(value = "UpdateBatch", tags = {"SysUserRole" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"SysUserRole" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "/sysuserroles/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysuserroles/batch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -88,7 +86,7 @@ public class SysUserRoleResource { ...@@ -88,7 +86,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id)); return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Remove-all')")
@ApiOperation(value = "RemoveBatch", tags = {"SysUserRole" }, notes = "RemoveBatch") @ApiOperation(value = "RemoveBatch", tags = {"SysUserRole" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysuserroles/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysuserroles/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
...@@ -107,7 +105,7 @@ public class SysUserRoleResource { ...@@ -107,7 +105,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Create-all')")
@ApiOperation(value = "createBatch", tags = {"SysUserRole" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"SysUserRole" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/batch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -131,7 +129,7 @@ public class SysUserRoleResource { ...@@ -131,7 +129,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(sysuserroleMapping.toDomain(sysuserroledto))); return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(sysuserroleMapping.toDomain(sysuserroledto)));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Save-all')")
@ApiOperation(value = "SaveBatch", tags = {"SysUserRole" }, notes = "SaveBatch") @ApiOperation(value = "SaveBatch", tags = {"SysUserRole" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysuserroles/savebatch")
public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> saveBatch(@RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -187,7 +185,7 @@ public class SysUserRoleResource { ...@@ -187,7 +185,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Update-all')")
@ApiOperation(value = "UpdateBatchBySysRole", tags = {"SysUserRole" }, notes = "UpdateBatchBySysRole") @ApiOperation(value = "UpdateBatchBySysRole", tags = {"SysUserRole" }, notes = "UpdateBatchBySysRole")
@RequestMapping(method = RequestMethod.PUT, value = "/sysroles/{sysrole_id}/sysuserroles/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysroles/{sysrole_id}/sysuserroles/batch")
public ResponseEntity<Boolean> updateBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> updateBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -207,7 +205,7 @@ public class SysUserRoleResource { ...@@ -207,7 +205,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id)); return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysRole", tags = {"SysUserRole" }, notes = "RemoveBatchBySysRole") @ApiOperation(value = "RemoveBatchBySysRole", tags = {"SysUserRole" }, notes = "RemoveBatchBySysRole")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/{sysrole_id}/sysuserroles/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysroles/{sysrole_id}/sysuserroles/batch")
public ResponseEntity<Boolean> removeBatchBySysRole(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatchBySysRole(@RequestBody List<String> ids) {
...@@ -227,7 +225,7 @@ public class SysUserRoleResource { ...@@ -227,7 +225,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Create-all')")
@ApiOperation(value = "createBatchBySysRole", tags = {"SysUserRole" }, notes = "createBatchBySysRole") @ApiOperation(value = "createBatchBySysRole", tags = {"SysUserRole" }, notes = "createBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysuserroles/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysuserroles/batch")
public ResponseEntity<Boolean> createBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> createBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -257,7 +255,7 @@ public class SysUserRoleResource { ...@@ -257,7 +255,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(domain)); return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(domain));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Save-all')")
@ApiOperation(value = "SaveBatchBySysRole", tags = {"SysUserRole" }, notes = "SaveBatchBySysRole") @ApiOperation(value = "SaveBatchBySysRole", tags = {"SysUserRole" }, notes = "SaveBatchBySysRole")
@RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysuserroles/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysroles/{sysrole_id}/sysuserroles/savebatch")
public ResponseEntity<Boolean> saveBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> saveBatchBySysRole(@PathVariable("sysrole_id") String sysrole_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -319,7 +317,7 @@ public class SysUserRoleResource { ...@@ -319,7 +317,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Update',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Update-all')")
@ApiOperation(value = "UpdateBatchBySysUser", tags = {"SysUserRole" }, notes = "UpdateBatchBySysUser") @ApiOperation(value = "UpdateBatchBySysUser", tags = {"SysUserRole" }, notes = "UpdateBatchBySysUser")
@RequestMapping(method = RequestMethod.PUT, value = "/sysusers/{sysuser_id}/sysuserroles/batch") @RequestMapping(method = RequestMethod.PUT, value = "/sysusers/{sysuser_id}/sysuserroles/batch")
public ResponseEntity<Boolean> updateBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> updateBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -339,7 +337,7 @@ public class SysUserRoleResource { ...@@ -339,7 +337,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id)); return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.remove(sysuserrole_id));
} }
//@PreAuthorize("hasPermission('Remove',{'Sql',this.sysuserroleMapping,this.permissionDTO,#ids})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Remove-all')")
@ApiOperation(value = "RemoveBatchBySysUser", tags = {"SysUserRole" }, notes = "RemoveBatchBySysUser") @ApiOperation(value = "RemoveBatchBySysUser", tags = {"SysUserRole" }, notes = "RemoveBatchBySysUser")
@RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/{sysuser_id}/sysuserroles/batch") @RequestMapping(method = RequestMethod.DELETE, value = "/sysusers/{sysuser_id}/sysuserroles/batch")
public ResponseEntity<Boolean> removeBatchBySysUser(@RequestBody List<String> ids) { public ResponseEntity<Boolean> removeBatchBySysUser(@RequestBody List<String> ids) {
...@@ -359,7 +357,7 @@ public class SysUserRoleResource { ...@@ -359,7 +357,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
//@PreAuthorize("hasPermission('Create',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Create-all')")
@ApiOperation(value = "createBatchBySysUser", tags = {"SysUserRole" }, notes = "createBatchBySysUser") @ApiOperation(value = "createBatchBySysUser", tags = {"SysUserRole" }, notes = "createBatchBySysUser")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/{sysuser_id}/sysuserroles/batch") @RequestMapping(method = RequestMethod.POST, value = "/sysusers/{sysuser_id}/sysuserroles/batch")
public ResponseEntity<Boolean> createBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> createBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -389,7 +387,7 @@ public class SysUserRoleResource { ...@@ -389,7 +387,7 @@ public class SysUserRoleResource {
return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(domain)); return ResponseEntity.status(HttpStatus.OK).body(sysuserroleService.save(domain));
} }
//@PreAuthorize("hasPermission('Save',{'Sql',this.sysuserroleMapping,#sysuserroledtos})") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysUserRole-Save-all')")
@ApiOperation(value = "SaveBatchBySysUser", tags = {"SysUserRole" }, notes = "SaveBatchBySysUser") @ApiOperation(value = "SaveBatchBySysUser", tags = {"SysUserRole" }, notes = "SaveBatchBySysUser")
@RequestMapping(method = RequestMethod.POST, value = "/sysusers/{sysuser_id}/sysuserroles/savebatch") @RequestMapping(method = RequestMethod.POST, value = "/sysusers/{sysuser_id}/sysuserroles/savebatch")
public ResponseEntity<Boolean> saveBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) { public ResponseEntity<Boolean> saveBatchBySysUser(@PathVariable("sysuser_id") String sysuser_id, @RequestBody List<SysUserRoleDTO> sysuserroledtos) {
...@@ -425,3 +423,4 @@ public class SysUserRoleResource { ...@@ -425,3 +423,4 @@ public class SysUserRoleResource {
.body(new PageImpl(sysuserroleMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements())); .body(new PageImpl(sysuserroleMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
} }
} }
...@@ -11,7 +11,6 @@ import org.springframework.security.core.GrantedAuthority; ...@@ -11,7 +11,6 @@ import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils; import org.springframework.util.ObjectUtils;
import java.io.Serializable; import java.io.Serializable;
import java.lang.reflect.Field;
import java.util.*; import java.util.*;
/** /**
...@@ -23,7 +22,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -23,7 +22,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
@Value("${ibiz.enablePermissionValid:false}") @Value("${ibiz.enablePermissionValid:false}")
boolean enablePermissionValid; //是否开启权限校验 boolean enablePermissionValid; //是否开启权限校验
/** /**
* 实体行为鉴权 * 实体行为鉴权
* @param authentication * @param authentication
...@@ -39,18 +37,18 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -39,18 +37,18 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true; return true;
String strAction=String.valueOf(action); String strAction=String.valueOf(action);
Set<String> entityDataRange = getAuthorities(authentication,strAction); Set<String> userAuthorities = getAuthorities(authentication,strAction);
if(entityDataRange.size()==0) if(userAuthorities.size()==0)
return false; return false;
//拥有全部数据访问权限时,则跳过权限检查 //拥有全部数据访问权限时,则跳过权限检查
if(isAllData(strAction,entityDataRange)){ if(isAllData(strAction,userAuthorities)){
return true; return true;
} }
if(entity instanceof ArrayList){ if(entity instanceof ArrayList){
List<EntityBase> entities= (List<EntityBase>) entity; List<EntityBase> entities= (List<EntityBase>) entity;
for(EntityBase entityBase: entities){ for(EntityBase entityBase: entities){
boolean result=actionValid(entityBase,entityDataRange); boolean result=actionValid(entityBase, strAction ,userAuthorities);
if(!result){ if(!result){
return false; return false;
} }
...@@ -58,7 +56,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -58,7 +56,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
} }
else{ else{
EntityBase entityBase= (EntityBase) entity; EntityBase entityBase= (EntityBase) entity;
return actionValid(entityBase,entityDataRange); return actionValid(entityBase , strAction ,userAuthorities);
} }
return true; return true;
} }
...@@ -77,15 +75,14 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -77,15 +75,14 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
*/ */
private Set<String> getAuthorities(Authentication authentication , String action){ private Set<String> getAuthorities(Authentication authentication , String action){
Collection authorities=authentication.getAuthorities(); Collection authorities=authentication.getAuthorities();
Set<String> entityDataRange = new HashSet(); Set<String> userAuthorities = new HashSet();
Iterator var2 = authorities.iterator(); Iterator it = authorities.iterator();
while(it.hasNext()) {
while(var2.hasNext()) { GrantedAuthority authority = (GrantedAuthority)it.next();
GrantedAuthority authority = (GrantedAuthority)var2.next();
if(authority.getAuthority().contains(action)) if(authority.getAuthority().contains(action))
entityDataRange.add(authority.getAuthority()); userAuthorities.add(authority.getAuthority());
} }
return entityDataRange; return userAuthorities;
} }
/** /**
...@@ -106,10 +103,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -106,10 +103,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
/** /**
* 实体行为权限校验 * 实体行为权限校验
* @param entity * @param entity
* @param entityDataRange * @param userAuthorities
* @return * @return
*/ */
private boolean actionValid(EntityBase entity, Set<String> entityDataRange){ private boolean actionValid(EntityBase entity, String action , Set<String> userAuthorities){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性 Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String orgField=permissionField.get("orgfield"); String orgField=permissionField.get("orgfield");
...@@ -129,39 +126,48 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -129,39 +126,48 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
Set<String> userOrg = new HashSet<>(); Set<String> userOrg = new HashSet<>();
Set<String> userOrgDept = new HashSet<>(); Set<String> userOrgDept = new HashSet<>();
for(String permissionCond:entityDataRange){ for(String authority:userAuthorities){
if(permissionCond.endsWith("curorg")){ //本单位 if(authority.endsWith("curorg")){ //本单位
userOrg.add(authenticationUser.getOrgid()); userOrg.add(authenticationUser.getOrgid());
} }
else if(permissionCond.endsWith("porg")){//上级单位 else if(authority.endsWith("porg")){//上级单位
userOrg.addAll(orgParent); userOrg.addAll(orgParent);
} }
else if(permissionCond.endsWith("sorg")){//下级单位 else if(authority.endsWith("sorg")){//下级单位
userOrg.addAll(orgChild); userOrg.addAll(orgChild);
} }
else if(permissionCond.endsWith("curorgdept")){//本部门 else if(authority.endsWith("curorgdept")){//本部门
userOrgDept.add(authenticationUser.getMdeptid()); userOrgDept.add(authenticationUser.getMdeptid());
} }
else if(permissionCond.endsWith("porgdept")){//上级部门 else if(authority.endsWith("porgdept")){//上级部门
userOrgDept.addAll(orgDeptParent); userOrgDept.addAll(orgDeptParent);
} }
else if(permissionCond.endsWith("sorgdept")){//下级部门 else if(authority.endsWith("sorgdept")){//下级部门
userOrgDept.addAll(orgDeptChild); userOrgDept.addAll(orgDeptChild);
} }
} }
if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue)){ if(action.endsWith("Create") || action.endsWith("Save")){
if(!ObjectUtils.isEmpty(orgFieldValue) && !userOrg.contains(orgFieldValue))
return false; return false;
} if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue))
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && !userOrgDept.contains(orgDeptFieldValue)){
return false; return false;
} if(!ObjectUtils.isEmpty(crateManFieldValue) && !authenticationUser.getUserid().equals(crateManFieldValue))
if(!ObjectUtils.isEmpty(crateManFieldValue) && !crateManFieldValue.equals(authenticationUser.getUserid())){
return false; return false;
}
return true; return true;
} }
else{
if(!ObjectUtils.isEmpty(orgFieldValue) && userOrg.contains(orgFieldValue))
return true;
if(!ObjectUtils.isEmpty(orgDeptFieldValue) && userOrgDept.contains(orgDeptFieldValue))
return true;
if(!ObjectUtils.isEmpty(crateManFieldValue) && authenticationUser.getUserid().equals(crateManFieldValue))
return true;
return false;
}
}
/** /**
* 获取实体权限字段 orgid/orgsecid * 获取实体权限字段 orgid/orgsecid
...@@ -174,44 +180,24 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -174,44 +180,24 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
String orgField="orgid"; //组织属性 String orgField="orgid"; //组织属性
String orgDeptField="orgsecid"; //部门属性 String orgDeptField="orgsecid"; //部门属性
String createManField="createman"; //创建人属性 String createManField="createman"; //创建人属性
String keyField="";//主键属性
DEFieldCacheMap.getFieldMap(entityBase.getClass().getName()); DEFieldCacheMap.getFieldMap(entityBase.getClass().getName());
Map <Field, DEField> preFields= SearchDEField(entityBase.getClass().getName()); //从缓存中获取当前类预置属性 Map <String, DEField> preFields= DEFieldCacheMap.getDEFields(entityBase.getClass()); //从缓存中获取当前类预置属性
for (Map.Entry<Field,DEField> entry : preFields.entrySet()){ for (Map.Entry<String,DEField> entry : preFields.entrySet()){
Field preField=entry.getKey();//获取注解字段 String fieldName=entry.getKey();//获取注解字段
DEField fieldAnnotation=entry.getValue();//获取注解值 DEField fieldAnnotation=entry.getValue();//获取注解值
DEPredefinedFieldType prefieldType=fieldAnnotation.preType(); DEPredefinedFieldType prefieldType=fieldAnnotation.preType();
if(prefieldType==prefieldType.ORGID)//用户配置系统预置属性-组织机构标识 if(prefieldType==prefieldType.ORGID)//用户配置系统预置属性-组织机构标识
orgField=preField.getName(); orgField=fieldName;
if(prefieldType==prefieldType.ORGSECTORID)//用户配置系统预置属性-部门标识 if(prefieldType==prefieldType.ORGSECTORID)//用户配置系统预置属性-部门标识
orgDeptField=preField.getName(); orgDeptField=fieldName;
if(fieldAnnotation.isKeyField())//用户配置系统预置属性-部门标识 if(prefieldType==prefieldType.CREATEMAN)//用户配置系统预置属性-部门标识
keyField=preField.getName(); createManField=fieldName;
} }
permissionFiled.put("orgfield",orgField); permissionFiled.put("orgfield",orgField);
permissionFiled.put("orgsecfield",orgDeptField); permissionFiled.put("orgsecfield",orgDeptField);
permissionFiled.put("createmanfield",createManField); permissionFiled.put("createmanfield",createManField);
permissionFiled.put("keyfield",keyField);
return permissionFiled; return permissionFiled;
} }
/**
*获取含有@DEField注解的实体属性
* @param className do对象类名
* @return
*/
private Map <Field, DEField> SearchDEField(String className){
List<Field> fields = DEFieldCacheMap.getFields(className);
Map <Field, DEField> deFieldMap =new HashMap<>();
for(Field field:fields){
DEField deField=field.getAnnotation(DEField.class);
if(!ObjectUtils.isEmpty(deField)) {
deFieldMap.put(field,deField);
}
}
return deFieldMap;
}
} }
\ No newline at end of file
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册