Skip to content

I
ibzwf
提交 1eb00bed 编写于 作者: ibizdev's avatar ibizdev
浏览文件
操作

ibizdev提交

上级 7747a234
隐藏空白字符变更
内嵌 并排
正在显示 包含 124 行增加110 行删除
config.xml
浏览文件 @ 1eb00bed
......@@ -38,6 +38,11 @@
git clone -b master $para2 ibzwf/
export NODE_OPTIONS=--max-old-space-size=4096
cd ibzwf/
mvn clean package -Papi
cd ibzwf-provider/ibzwf-provider-api
mvn -Papi docker:build
mvn -Papi docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzwf-provider-api.yaml dev --with-registry-auth
</command>
</hudson.tasks.Shell>
</builders>
......
ibzwf-app/ibzwf-app-web/src/main/resources/application-web-prod.yml
浏览文件 @ 1eb00bed
......@@ -24,5 +24,9 @@ zuul:
path: /wfsystems/**
serviceId: ibzwf-api
stripPrefix: false
wfcore:
path: /wfcore/**
serviceId: ibzwf-api
stripPrefix: false
sensitive-headers:
- Cookie,Set-Cookie,Authorization
ibzwf-boot/src/main/resources/application-dev.yml
浏览文件 @ 1eb00bed
server:
port: 8080
\ No newline at end of file
port: 40003
ibzwf-core/src/main/resources/deprivs/DEPrivs.json
浏览文件 @ 1eb00bed
......@@ -2,45 +2,40 @@
{
"predefineddatarange":[{"id":"ALL","name":"全部数据"},{"id":"CURORG","name":"当前单位"},{"id":"PORG","name":"上级单位"},{"id":"SORG","name":"下级单位"},{"id":"CURORGDEPT","name":"当前部门"},{"id":"PORGDEPT","name":"上级部门"},{"id":"SORGDEPT","name":"下级部门"}],
"entities":[
{
"dename":"WFMember",
"delogicname":"成员",
"sysmoudle":{"id":"WORKFLOW","name":"workflow"},
"dedataset":[{"id":"Default","name":"默认数据集"}],
"deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
"dedataset":[{"id":"Default" , "name":"DEFAULT"}],
"deaction":[{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" }]
}
,
{
, {
"dename":"WFGroup",
"delogicname":"角色/用户组",
"sysmoudle":{"id":"WORKFLOW","name":"workflow"},
"dedataset":[{"id":"Default","name":"默认数据集"}],
"deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
"dedataset":[{"id":"Default" , "name":"DEFAULT"}],
"deaction":[{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" }]
}
,
{
, {
"dename":"WFUser",
"delogicname":"用户",
"sysmoudle":{"id":"WORKFLOW","name":"workflow"},
"dedataset":[{"id":"Default","name":"默认数据集"}],
"deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
"dedataset":[{"id":"Default" , "name":"DEFAULT"}],
"deaction":[{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" }]
}
,
{
, {
"dename":"WFProcessDefinition",
"delogicname":"流程定义",
"sysmoudle":{"id":"WORKFLOW","name":"workflow"},
"dedataset":[{"id":"Default","name":"默认数据集"}],
"deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
"dedataset":[{"id":"Default" , "name":"DEFAULT"}],
"deaction":[{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" }]
}
,
{
, {
"dename":"WFSystem",
"delogicname":"系统",
"sysmoudle":{"id":"WORKFLOW","name":"workflow"},
"dedataset":[{"id":"Default","name":"默认数据集"}],
"deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
"dedataset":[{"id":"Default" , "name":"DEFAULT"}],
"deaction":[{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" }]
}
]
......
ibzwf-provider/ibzwf-provider-api/src/main/docker/Dockerfile
浏览文件 @ 1eb00bed
......@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzwf-provider-api.jar
EXPOSE 8081
EXPOSE 40003
ADD ibzwf-provider-api.jar /ibzwf-provider-api.jar
ibzwf-provider/ibzwf-provider-api/src/main/docker/ibzwf-provider-api.yaml
浏览文件 @ 1eb00bed
......@@ -3,7 +3,7 @@ services:
ibzwf-provider-api:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzwf-provider-api:latest
ports:
- "8081:8081"
- "40003:40003"
networks:
- agent_network
deploy:
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFGroupResource.java
浏览文件 @ 1eb00bed
......@@ -71,7 +71,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission(#wfgroup_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())")
@ApiOperation(value = "Update", tags = {"WFGroup" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfgroups/{wfgroup_id}")
@Transactional
......@@ -83,7 +83,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfgroup_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
......@@ -112,7 +112,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "Create", tags = {"WFGroup" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups")
@Transactional
......@@ -123,7 +123,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
......@@ -134,7 +134,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission('DELETE',{#wfgroup_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfgroup_id,this.getEntity()})")
@ApiOperation(value = "Remove", tags = {"WFGroup" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfgroups/{wfgroup_id}")
@Transactional
......@@ -152,7 +152,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission(#wfgroup_id,'READ',this.getEntity())")
@PreAuthorize("hasPermission(#wfgroup_id,'Get',this.getEntity())")
@ApiOperation(value = "Get", tags = {"WFGroup" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfgroups/{wfgroup_id}")
public ResponseEntity<WFGroupDTO> get(@PathVariable("wfgroup_id") String wfgroup_id) {
......@@ -161,7 +161,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFGroup" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfgroups/fetchdefault")
public ResponseEntity<List<WFGroupDTO>> fetchDefault(WFGroupSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFGroupResource {
.body(list);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFGroup" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfgroups/searchdefault")
public ResponseEntity<Page<WFGroupDTO>> searchDefault(WFGroupSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFMemberResource.java
浏览文件 @ 1eb00bed
......@@ -73,7 +73,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "Create", tags = {"WFMember" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers")
@Transactional
......@@ -84,7 +84,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
......@@ -95,7 +95,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission('DELETE',{#wfmember_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfmember_id,this.getEntity()})")
@ApiOperation(value = "Remove", tags = {"WFMember" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfmembers/{wfmember_id}")
@Transactional
......@@ -129,7 +129,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission(#wfmember_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())")
@ApiOperation(value = "Update", tags = {"WFMember" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfmembers/{wfmember_id}")
@Transactional
......@@ -141,7 +141,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfmember_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
......@@ -152,7 +152,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission(#wfmember_id,'READ',this.getEntity())")
@PreAuthorize("hasPermission(#wfmember_id,'Get',this.getEntity())")
@ApiOperation(value = "Get", tags = {"WFMember" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfmembers/{wfmember_id}")
public ResponseEntity<WFMemberDTO> get(@PathVariable("wfmember_id") String wfmember_id) {
......@@ -161,7 +161,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFMember" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfmembers/fetchdefault")
public ResponseEntity<List<WFMemberDTO>> fetchDefault(WFMemberSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFMemberResource {
.body(list);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFMember" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfmembers/searchdefault")
public ResponseEntity<Page<WFMemberDTO>> searchDefault(WFMemberSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFProcessDefinitionResource.java
浏览文件 @ 1eb00bed
......@@ -71,7 +71,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())")
@ApiOperation(value = "Update", tags = {"WFProcessDefinition" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
@Transactional
......@@ -83,7 +83,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
......@@ -94,7 +94,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'READ',this.getEntity())")
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Get',this.getEntity())")
@ApiOperation(value = "Get", tags = {"WFProcessDefinition" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
public ResponseEntity<WFProcessDefinitionDTO> get(@PathVariable("wfprocessdefinition_id") String wfprocessdefinition_id) {
......@@ -124,7 +124,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "Create", tags = {"WFProcessDefinition" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions")
@Transactional
......@@ -135,7 +135,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
......@@ -146,7 +146,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission('DELETE',{#wfprocessdefinition_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfprocessdefinition_id,this.getEntity()})")
@ApiOperation(value = "Remove", tags = {"WFProcessDefinition" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
@Transactional
......@@ -161,7 +161,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(true);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/fetchdefault")
public ResponseEntity<List<WFProcessDefinitionDTO>> fetchDefault(WFProcessDefinitionSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFProcessDefinitionResource {
.body(list);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/searchdefault")
public ResponseEntity<Page<WFProcessDefinitionDTO>> searchDefault(WFProcessDefinitionSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFSystemResource.java
浏览文件 @ 1eb00bed
......@@ -55,7 +55,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission('DELETE',{#wfsystem_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfsystem_id,this.getEntity()})")
@ApiOperation(value = "Remove", tags = {"WFSystem" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfsystems/{wfsystem_id}")
@Transactional
......@@ -73,7 +73,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission(#wfsystem_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())")
@ApiOperation(value = "Update", tags = {"WFSystem" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfsystems/{wfsystem_id}")
@Transactional
......@@ -85,7 +85,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfsystem_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
......@@ -121,7 +121,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "Create", tags = {"WFSystem" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems")
@Transactional
......@@ -132,7 +132,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
......@@ -152,7 +152,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission(#wfsystem_id,'READ',this.getEntity())")
@PreAuthorize("hasPermission(#wfsystem_id,'Get',this.getEntity())")
@ApiOperation(value = "Get", tags = {"WFSystem" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfsystems/{wfsystem_id}")
public ResponseEntity<WFSystemDTO> get(@PathVariable("wfsystem_id") String wfsystem_id) {
......@@ -161,7 +161,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFSystem" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfsystems/fetchdefault")
public ResponseEntity<List<WFSystemDTO>> fetchDefault(WFSystemSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFSystemResource {
.body(list);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFSystem" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfsystems/searchdefault")
public ResponseEntity<Page<WFSystemDTO>> searchDefault(WFSystemSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFUserResource.java
浏览文件 @ 1eb00bed
......@@ -55,7 +55,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission('DELETE',{#wfuser_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfuser_id,this.getEntity()})")
@ApiOperation(value = "Remove", tags = {"WFUser" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfusers/{wfuser_id}")
@Transactional
......@@ -98,7 +98,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission(#wfuser_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())")
@ApiOperation(value = "Update", tags = {"WFUser" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfusers/{wfuser_id}")
@Transactional
......@@ -110,7 +110,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfuser_id,'UPDATE',this.getEntity())")
@PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
......@@ -121,7 +121,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission(#wfuser_id,'READ',this.getEntity())")
@PreAuthorize("hasPermission(#wfuser_id,'Get',this.getEntity())")
@ApiOperation(value = "Get", tags = {"WFUser" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfusers/{wfuser_id}")
public ResponseEntity<WFUserDTO> get(@PathVariable("wfuser_id") String wfuser_id) {
......@@ -133,7 +133,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "Create", tags = {"WFUser" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers")
@Transactional
......@@ -144,7 +144,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','CREATE',this.getEntity())")
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
......@@ -161,7 +161,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(wfuserService.checkKey(wfuserMapping.toDomain(wfuserdto)));
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFUser" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfusers/fetchdefault")
public ResponseEntity<List<WFUserDTO>> fetchDefault(WFUserSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFUserResource {
.body(list);
}
@PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFUser" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfusers/searchdefault")
public ResponseEntity<Page<WFUserDTO>> searchDefault(WFUserSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/resources/application-api-dev.yml
浏览文件 @ 1eb00bed
server:
port: 8081
\ No newline at end of file
port: 40003
\ No newline at end of file
ibzwf-util/src/main/java/cn/ibizlab/util/job/PermissionSyncJob.java
浏览文件 @ 1eb00bed
......@@ -36,14 +36,13 @@ public class PermissionSyncJob implements ApplicationRunner {
private String systemId;
@Override
public void run(ApplicationArguments args) throws Exception {
public void run(ApplicationArguments args) {
if(enablePermissionValid){
try {
InputStream permission= this.getClass().getResourceAsStream("/deprivs/DEPrivs.json"); //获取当前系统所有实体资源能力
String permissionResult = IOUtils.toString(permission,"UTF-8");
JSONArray jsonNodePermission = JSONArray.parseArray(permissionResult);
Map<String,Object> map=new HashMap<String,Object>();
map.put("menu",new JSONArray());
JSONObject jsonNodePermission = JSONObject.parseObject(permissionResult);
Map<String,Object> map=new HashMap<>();
map.put("permission",jsonNodePermission);
client.pushSystemPermissionData(map,systemId);
}
......
ibzwf-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
浏览文件 @ 1eb00bed
......@@ -31,6 +31,14 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
@Value("${ibiz.enablePermissionValid:false}")
boolean enablePermissionValid; //是否开启权限校验
/**
* 实体行为操作标识
*/
private String DEActionType="DEACTION";
/**
* 实体数据集操作标识
*/
private String DataSetTag="DATASET";
/**
* 表格权限检查 :用于检查当前用户是否拥有表格数据的读取、删除权限
......@@ -68,10 +76,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
String entityName = entity.getClass().getSimpleName();
//获取实体行为权限信息
JSONObject permissionList=userPermission.getJSONObject("deActionPermission");
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
//检查是否有操作权限[create.update.delete.read]
if(!validHasPermission(permissionList,entityName,action)){
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限[单行删除]
......@@ -86,23 +94,23 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
else{ //grid fetch
//准备参数
Object searchContext=gridParamList.get(0);
String dataSet=String.valueOf(gridParamList.get(1));
String dataSetName=String.valueOf(gridParamList.get(1));
EntityBase entity = (EntityBase) gridParamList.get(2);
String entityName = entity.getClass().getSimpleName();
//获取数据集权限信息
JSONObject permissionList=userPermission.getJSONObject("deDataSetPermission");
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSet)|| StringUtils.isEmpty(action))
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName)|| StringUtils.isEmpty(action))
return false;
//检查是否有操作权限[create.update.delete.read]
if(!validHasPermission(permissionList,entityName,dataSet,action)){
//检查是否有访问数据集的权限
if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
return false;
}
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSet,permissionField);//获取权限SQL
String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSetName,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
fillPermissionSQL(searchContext,permissionSQL);//将权限SQL添加到searchContext中,过滤出权限内数据
......@@ -134,11 +142,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false;
JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermisionList();
JSONObject permissionList=userPermission.getJSONObject("deActionPermission");
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
String entityName = entity.getClass().getSimpleName();
if(action.equals("CREATE")){
return validHasPermission(permissionList,entityName,action);
return validDEActionHasPermission(permissionList,entityName,action);
}
else{
//拥有全部数据访问权限时,则跳过权限检查
......@@ -146,7 +154,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true;
}
//检查是否有操作权限[create.update.delete.read]
if(!validHasPermission(permissionList,entityName,action)){
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限
......@@ -155,7 +163,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
}
......@@ -193,11 +200,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
private String getPermissionSQLByList(JSONObject gridDataAbility, String entityName, String action, String dataSetName, Map<String,String> permissionField){
JSONObject entity=gridDataAbility.getJSONObject(entityName);//获取实体
JSONObject dataSet=entity.getJSONObject(dataSetName);//获取实体数据集
JSONArray opprivList=dataSet.getJSONArray(action);//行为:read;insert...
if(opprivList.size()==0)
JSONObject permissionType=entity.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return null;
return getPermissionSQL(opprivList,permissionField); //拼接权限条件-查询
return getPermissionSQL(dataRange,permissionField); //拼接权限条件-查询
}
/**
......@@ -215,53 +222,59 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
}
/**
* 校验是否有访问实体行为能力
* @param permissionList 权限列表
* @param entityName 实体名称
* @param action 操作行为
* 实体行为权限校验
* @param userPermission
* @param entityName
* @param action
* userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
* @return
*/
private boolean validHasPermission(JSONObject permissionList, String entityName, String action){
private boolean validDEActionHasPermission(JSONObject userPermission,String entityName , String action ){
boolean hasPermission=false;
if(permissionList==null)
if(userPermission==null)
return false;
if(!permissionList.containsKey(entityName))
if(!userPermission.containsKey(entityName))
return false;
JSONObject entity=permissionList.getJSONObject(entityName);
if(entity.containsKey(action)){
JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
if(!entity.containsKey(DEActionType))
return false;
JSONObject dataRange=entity.getJSONObject(DEActionType);//获取实体行为对应的数据范围
if(dataRange.containsKey(action)){
hasPermission=true;
}
return hasPermission;
return hasPermission;
}
/**
* 校验是否有访问数据集能力
* @param permissionList
* 数据集合权限校验
* @param userPermission
* @param entityName
* @param dataSetName
* @param action
* userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
* @return
*/
private boolean validHasPermission(JSONObject permissionList, String entityName, String dataSetName, String action ){
private boolean validDataSetHasPermission(JSONObject userPermission,String entityName ,String dataSetName){
boolean hasPermission=false;
if(permissionList==null)
if(userPermission==null)
return false;
if(!permissionList.containsKey(entityName))
if(!userPermission.containsKey(entityName))
return false;
JSONObject entity=permissionList.getJSONObject(entityName);
if(!entity.containsKey(dataSetName))
JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
if(!entity.containsKey(DataSetTag))
return false;
JSONObject dataSet=entity.getJSONObject(dataSetName);//获取实体数据集
if(dataSet.containsKey(action)){
JSONObject dataSetList=entity.getJSONObject(DataSetTag);//获取数据集
if(!dataSetList.containsKey(dataSetName))
return false;
JSONArray dataRange=dataSetList.getJSONArray(dataSetName);//获取数据范围
if(dataRange!=null && dataRange.size()>0){
hasPermission=true;
}
return hasPermission;
}
/**
* 获取单条权限数据SQL
* @param formDataAbility
......@@ -274,7 +287,8 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
private String getPermissionSQLById(JSONObject formDataAbility, String entityName, String action, Object srfKey, Map<String,String> permissionField){
JSONObject entity=formDataAbility.getJSONObject(entityName);//获取实体
JSONArray opprivList=entity.getJSONArray(action);//行为:read;insert...
JSONObject permissionType= entity.getJSONObject(DEActionType);
JSONArray opprivList=permissionType.getJSONArray(action);//行为:read;insert...
if(opprivList.size()==0)
return null;
String permissionSQL=getPermissionSQL(opprivList,permissionField);
......@@ -286,7 +300,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return String.format(" (%s) AND (%s='%s')",permissionSQL,keyField,srfKey); //拼接权限条件-编辑
}
/**
* 表单权限检查
* @param service
......@@ -302,7 +315,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return isPermission;
}
/**
* 获取权限SQL
* @param oppriList
......@@ -430,7 +442,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
/**
* 转换[a,b]格式字符串到 'a','b'格式
*
* @return
*/
private String formatStringArr(JSONArray array) {
......@@ -441,7 +452,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
/**
* 格式转换
*
* @param cond
* @param operator
* @return
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册