ibiz4j 部署微服务接口

90cbaeec · ibizdev · 606c7270 · 90cbaeec · 90cbaeec · 90cbaeec
--- a/ibzwf-app/ibzwf-app-web/src/main/resources/application-web-prod.yml
+++ b/ibzwf-app/ibzwf-app-web/src/main/resources/application-web-prod.yml
@@ -31,5 +31,9 @@ zuul:
      path: /v7/login
      serviceId: ibzuaa-api
      stripPrefix: false
+    oucore:
+      path: /ibzorganizations/**
+      serviceId: ibzou-api
+      stripPrefix: false
  sensitive-headers:
    - Cookie,Set-Cookie,Authorization
--- a/ibzwf-boot/src/main/resources/application-dev.yml
+++ b/ibzwf-boot/src/main/resources/application-dev.yml
@@ -8,5 +8,9 @@ zuul:
        path: /v7/login
        serviceId: ibzuaa-api
        stripPrefix: false
+      oucore:
+        path: /ibzorganizations/**
+        serviceId: ibzou-api
+        stripPrefix: false
  sensitive-headers:
    - Cookie,Set-Cookie,Authorization
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFGroupService.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFGroupService.java
@@ -52,6 +52,7 @@ public interface IWFGroupService extends IService<WFGroup>{
     */
    boolean execute(String sql, Map param);
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFMemberService.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFMemberService.java
@@ -57,6 +57,7 @@ public interface IWFMemberService extends IService<WFMember>{
     */
    boolean execute(String sql, Map param);
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFProcessDefinitionService.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFProcessDefinitionService.java
@@ -52,6 +52,7 @@ public interface IWFProcessDefinitionService extends IService<WFProcessDefinitio
     */
    boolean execute(String sql, Map param);
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFSystemService.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFSystemService.java
@@ -52,6 +52,7 @@ public interface IWFSystemService extends IService<WFSystem>{
     */
    boolean execute(String sql, Map param);
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFUserService.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/IWFUserService.java
@@ -52,6 +52,7 @@ public interface IWFUserService extends IService<WFUser>{
     */
    boolean execute(String sql, Map param);
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFGroupServiceImpl.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFGroupServiceImpl.java
@@ -186,6 +186,7 @@ public class WFGroupServiceImpl extends ServiceImpl<WFGroupMapper, WFGroup> impl
        return true;
    }
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFMemberServiceImpl.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFMemberServiceImpl.java
@@ -267,6 +267,7 @@ public class WFMemberServiceImpl extends ServiceImpl<WFMemberMapper, WFMember> i
        return true;
    }
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFProcessDefinitionServiceImpl.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFProcessDefinitionServiceImpl.java
@@ -179,6 +179,7 @@ public class WFProcessDefinitionServiceImpl extends ServiceImpl<WFProcessDefinit
        return true;
    }
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFSystemServiceImpl.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFSystemServiceImpl.java
@@ -179,6 +179,7 @@ public class WFSystemServiceImpl extends ServiceImpl<WFSystemMapper, WFSystem> i
        return true;
    }
 }
--- a/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFUserServiceImpl.java
+++ b/ibzwf-core/src/main/java/cn/ibizlab/core/workflow/service/impl/WFUserServiceImpl.java
@@ -182,6 +182,7 @@ public class WFUserServiceImpl extends ServiceImpl<WFUserMapper, WFUser> impleme
        return true;
    }
 }
--- a/ibzwf-core/src/main/resources/permission/systemResource.json
+++ b/ibzwf-core/src/main/resources/permission/systemResource.json
    {
+    "systemid":"ibzwf",
    "unires":[
    ],
    "entities":[

--- a/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFGroupResource.java
+++ b/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFGroupResource.java
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
 import org.springframework.util.StringUtils;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.access.prepost.PostAuthorize;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
@@ -39,14 +40,12 @@ import cn.ibizlab.core.workflow.filter.WFGroupSearchContext;
 public class WFGroupResource {
    @Autowired
-    private IWFGroupService wfgroupService;
+    public IWFGroupService wfgroupService;
    @Autowired
    @Lazy
    public WFGroupMapping wfgroupMapping;
-    public WFGroupDTO permissionDTO=new WFGroupDTO();
    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFGroup-Save-all')")
    @ApiOperation(value = "Save", tags = {"WFGroup" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/save")
@@ -54,7 +53,7 @@ public class WFGroupResource {
        return ResponseEntity.status(HttpStatus.OK).body(wfgroupService.save(wfgroupMapping.toDomain(wfgroupdto)));
    }
-    @PreAuthorize("hasPermission('Save',{'Sql',this.wfgroupMapping,#wfgroupdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFGroup-Save-all')")
    @ApiOperation(value = "SaveBatch", tags = {"WFGroup" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/savebatch")
    public ResponseEntity<Boolean> saveBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
@@ -68,13 +67,13 @@ public class WFGroupResource {
    @Transactional
    public ResponseEntity<WFGroupDTO> update(@PathVariable("wfgroup_id") String wfgroup_id, @RequestBody WFGroupDTO wfgroupdto) {
 		WFGroup domain  = wfgroupMapping.toDomain(wfgroupdto);
-        domain.setId(wfgroup_id);
+        domain .setId(wfgroup_id);
-		wfgroupService.update(domain);
+		wfgroupService.update(domain );
-		WFGroupDTO dto = wfgroupMapping.toDto(domain);
+		WFGroupDTO dto = wfgroupMapping.toDto(domain );
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Update',{'Sql',this.wfgroupMapping,#wfgroupdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFGroup-Update-all')")
    @ApiOperation(value = "UpdateBatch", tags = {"WFGroup" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfgroups/batch")
    public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
@@ -82,14 +81,12 @@ public class WFGroupResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFGroup-GetDraft-all')")
    @ApiOperation(value = "GetDraft", tags = {"WFGroup" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfgroups/getdraft")
    public ResponseEntity<WFGroupDTO> getDraft() {
        return ResponseEntity.status(HttpStatus.OK).body(wfgroupMapping.toDto(wfgroupService.getDraft(new WFGroup())));
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFGroup-CheckKey-all')")
    @ApiOperation(value = "CheckKey", tags = {"WFGroup" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/checkkey")
    public ResponseEntity<Boolean> checkKey(@RequestBody WFGroupDTO wfgroupdto) {
@@ -107,7 +104,7 @@ public class WFGroupResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Create',{'Sql',this.wfgroupMapping,#wfgroupdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFGroup-Create-all')")
    @ApiOperation(value = "createBatch", tags = {"WFGroup" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/batch")
    public ResponseEntity<Boolean> createBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
@@ -123,7 +120,7 @@ public class WFGroupResource {
         return ResponseEntity.status(HttpStatus.OK).body(wfgroupService.remove(wfgroup_id));
    }
-    @PreAuthorize("hasPermission('Remove',{'Sql',this.wfgroupMapping,this.permissionDTO,#ids})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFGroup-Remove-all')")
    @ApiOperation(value = "RemoveBatch", tags = {"WFGroup" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfgroups/batch")
    public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -162,3 +159,4 @@ public class WFGroupResource {
                .body(new PageImpl(wfgroupMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
--- a/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFMemberResource.java
+++ b/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFMemberResource.java
--- a/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFProcessDefinitionResource.java
+++ b/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFProcessDefinitionResource.java
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
 import org.springframework.util.StringUtils;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.access.prepost.PostAuthorize;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
@@ -39,14 +40,12 @@ import cn.ibizlab.core.workflow.filter.WFProcessDefinitionSearchContext;
 public class WFProcessDefinitionResource {
    @Autowired
-    private IWFProcessDefinitionService wfprocessdefinitionService;
+    public IWFProcessDefinitionService wfprocessdefinitionService;
    @Autowired
    @Lazy
    public WFProcessDefinitionMapping wfprocessdefinitionMapping;
-    public WFProcessDefinitionDTO permissionDTO=new WFProcessDefinitionDTO();
    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFProcessDefinition-Save-all')")
    @ApiOperation(value = "Save", tags = {"WFProcessDefinition" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/save")
@@ -54,7 +53,7 @@ public class WFProcessDefinitionResource {
        return ResponseEntity.status(HttpStatus.OK).body(wfprocessdefinitionService.save(wfprocessdefinitionMapping.toDomain(wfprocessdefinitiondto)));
    }
-    @PreAuthorize("hasPermission('Save',{'Sql',this.wfprocessdefinitionMapping,#wfprocessdefinitiondtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFProcessDefinition-Save-all')")
    @ApiOperation(value = "SaveBatch", tags = {"WFProcessDefinition" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/savebatch")
    public ResponseEntity<Boolean> saveBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
@@ -68,13 +67,13 @@ public class WFProcessDefinitionResource {
    @Transactional
    public ResponseEntity<WFProcessDefinitionDTO> update(@PathVariable("wfprocessdefinition_id") String wfprocessdefinition_id, @RequestBody WFProcessDefinitionDTO wfprocessdefinitiondto) {
 		WFProcessDefinition domain  = wfprocessdefinitionMapping.toDomain(wfprocessdefinitiondto);
-        domain.setDefinitionkey(wfprocessdefinition_id);
+        domain .setDefinitionkey(wfprocessdefinition_id);
-		wfprocessdefinitionService.update(domain);
+		wfprocessdefinitionService.update(domain );
-		WFProcessDefinitionDTO dto = wfprocessdefinitionMapping.toDto(domain);
+		WFProcessDefinitionDTO dto = wfprocessdefinitionMapping.toDto(domain );
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Update',{'Sql',this.wfprocessdefinitionMapping,#wfprocessdefinitiondtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFProcessDefinition-Update-all')")
    @ApiOperation(value = "UpdateBatch", tags = {"WFProcessDefinition" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfprocessdefinitions/batch")
    public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
@@ -91,14 +90,12 @@ public class WFProcessDefinitionResource {
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFProcessDefinition-CheckKey-all')")
    @ApiOperation(value = "CheckKey", tags = {"WFProcessDefinition" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/checkkey")
    public ResponseEntity<Boolean> checkKey(@RequestBody WFProcessDefinitionDTO wfprocessdefinitiondto) {
        return  ResponseEntity.status(HttpStatus.OK).body(wfprocessdefinitionService.checkKey(wfprocessdefinitionMapping.toDomain(wfprocessdefinitiondto)));
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFProcessDefinition-GetDraft-all')")
    @ApiOperation(value = "GetDraft", tags = {"WFProcessDefinition" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfprocessdefinitions/getdraft")
    public ResponseEntity<WFProcessDefinitionDTO> getDraft() {
@@ -116,7 +113,7 @@ public class WFProcessDefinitionResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Create',{'Sql',this.wfprocessdefinitionMapping,#wfprocessdefinitiondtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFProcessDefinition-Create-all')")
    @ApiOperation(value = "createBatch", tags = {"WFProcessDefinition" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/batch")
    public ResponseEntity<Boolean> createBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
@@ -132,7 +129,7 @@ public class WFProcessDefinitionResource {
         return ResponseEntity.status(HttpStatus.OK).body(wfprocessdefinitionService.remove(wfprocessdefinition_id));
    }
-    @PreAuthorize("hasPermission('Remove',{'Sql',this.wfprocessdefinitionMapping,this.permissionDTO,#ids})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFProcessDefinition-Remove-all')")
    @ApiOperation(value = "RemoveBatch", tags = {"WFProcessDefinition" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfprocessdefinitions/batch")
    public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -162,3 +159,4 @@ public class WFProcessDefinitionResource {
                .body(new PageImpl(wfprocessdefinitionMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
--- a/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFREModelResource.java
+++ b/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFREModelResource.java
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
 import org.springframework.util.StringUtils;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.access.prepost.PostAuthorize;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
@@ -39,27 +40,23 @@ import cn.ibizlab.core.workflow.filter.WFREModelSearchContext;
 public class WFREModelResource {
    @Autowired
-    private IWFREModelService wfremodelService;
+    public IWFREModelService wfremodelService;
    @Autowired
    @Lazy
    public WFREModelMapping wfremodelMapping;
-    public WFREModelDTO permissionDTO=new WFREModelDTO();
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-Update-all')")
    @ApiOperation(value = "Update", tags = {"WFREModel" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfremodels/{wfremodel_id}")
    @Transactional
    public ResponseEntity<WFREModelDTO> update(@PathVariable("wfremodel_id") String wfremodel_id, @RequestBody WFREModelDTO wfremodeldto) {
 		WFREModel domain  = wfremodelMapping.toDomain(wfremodeldto);
-        domain.setId(wfremodel_id);
+        domain .setId(wfremodel_id);
-		wfremodelService.update(domain);
+		wfremodelService.update(domain );
-		WFREModelDTO dto = wfremodelMapping.toDto(domain);
+		WFREModelDTO dto = wfremodelMapping.toDto(domain );
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Update',{'None',this.wfremodelMapping,#wfremodeldtos})")
    @ApiOperation(value = "UpdateBatch", tags = {"WFREModel" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfremodels/batch")
    public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFREModelDTO> wfremodeldtos) {
@@ -67,14 +64,12 @@ public class WFREModelResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-Save-all')")
    @ApiOperation(value = "Save", tags = {"WFREModel" },  notes = "Save")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfremodels/save")
    public ResponseEntity<Boolean> save(@RequestBody WFREModelDTO wfremodeldto) {
        return ResponseEntity.status(HttpStatus.OK).body(wfremodelService.save(wfremodelMapping.toDomain(wfremodeldto)));
    }
-    @PreAuthorize("hasPermission('Save',{'None',this.wfremodelMapping,#wfremodeldtos})")
    @ApiOperation(value = "SaveBatch", tags = {"WFREModel" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfremodels/savebatch")
    public ResponseEntity<Boolean> saveBatch(@RequestBody List<WFREModelDTO> wfremodeldtos) {
@@ -82,7 +77,6 @@ public class WFREModelResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-Get-all')")
    @ApiOperation(value = "Get", tags = {"WFREModel" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfremodels/{wfremodel_id}")
    public ResponseEntity<WFREModelDTO> get(@PathVariable("wfremodel_id") String wfremodel_id) {
@@ -91,7 +85,6 @@ public class WFREModelResource {
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-Create-all')")
    @ApiOperation(value = "Create", tags = {"WFREModel" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfremodels")
    @Transactional
@@ -102,7 +95,6 @@ public class WFREModelResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Create',{'None',this.wfremodelMapping,#wfremodeldtos})")
    @ApiOperation(value = "createBatch", tags = {"WFREModel" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfremodels/batch")
    public ResponseEntity<Boolean> createBatch(@RequestBody List<WFREModelDTO> wfremodeldtos) {
@@ -110,14 +102,12 @@ public class WFREModelResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-CheckKey-all')")
    @ApiOperation(value = "CheckKey", tags = {"WFREModel" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfremodels/checkkey")
    public ResponseEntity<Boolean> checkKey(@RequestBody WFREModelDTO wfremodeldto) {
        return  ResponseEntity.status(HttpStatus.OK).body(wfremodelService.checkKey(wfremodelMapping.toDomain(wfremodeldto)));
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-Remove-all')")
    @ApiOperation(value = "Remove", tags = {"WFREModel" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfremodels/{wfremodel_id}")
    @Transactional
@@ -125,7 +115,6 @@ public class WFREModelResource {
         return ResponseEntity.status(HttpStatus.OK).body(wfremodelService.remove(wfremodel_id));
    }
-    @PreAuthorize("hasPermission('Remove',{'None',this.wfremodelMapping,this.permissionDTO,#ids})")
    @ApiOperation(value = "RemoveBatch", tags = {"WFREModel" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfremodels/batch")
    public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -133,14 +122,12 @@ public class WFREModelResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-GetDraft-all')")
    @ApiOperation(value = "GetDraft", tags = {"WFREModel" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfremodels/getdraft")
    public ResponseEntity<WFREModelDTO> getDraft() {
        return ResponseEntity.status(HttpStatus.OK).body(wfremodelMapping.toDto(wfremodelService.getDraft(new WFREModel())));
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-Default-all')")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"WFREModel" } ,notes = "fetchDEFAULT")
    @RequestMapping(method= RequestMethod.GET , value="/wfremodels/fetchdefault")
 	public ResponseEntity<List<WFREModelDTO>> fetchDefault(WFREModelSearchContext context) {
@@ -153,7 +140,6 @@ public class WFREModelResource {
                .body(list);
 	}
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFREModel-Default-all')")
 	@ApiOperation(value = "searchDEFAULT", tags = {"WFREModel" } ,notes = "searchDEFAULT")
    @RequestMapping(method= RequestMethod.POST , value="/wfremodels/searchdefault")
 	public ResponseEntity<Page<WFREModelDTO>> searchDefault(@RequestBody WFREModelSearchContext context) {
@@ -162,3 +148,4 @@ public class WFREModelResource {
                .body(new PageImpl(wfremodelMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
--- a/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFSystemResource.java
+++ b/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFSystemResource.java
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
 import org.springframework.util.StringUtils;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.access.prepost.PostAuthorize;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
@@ -39,14 +40,12 @@ import cn.ibizlab.core.workflow.filter.WFSystemSearchContext;
 public class WFSystemResource {
    @Autowired
-    private IWFSystemService wfsystemService;
+    public IWFSystemService wfsystemService;
    @Autowired
    @Lazy
    public WFSystemMapping wfsystemMapping;
-    public WFSystemDTO permissionDTO=new WFSystemDTO();
    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFSystem-Remove-all')")
    @ApiOperation(value = "Remove", tags = {"WFSystem" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfsystems/{wfsystem_id}")
@@ -55,7 +54,7 @@ public class WFSystemResource {
         return ResponseEntity.status(HttpStatus.OK).body(wfsystemService.remove(wfsystem_id));
    }
-    @PreAuthorize("hasPermission('Remove',{'Sql',this.wfsystemMapping,this.permissionDTO,#ids})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFSystem-Remove-all')")
    @ApiOperation(value = "RemoveBatch", tags = {"WFSystem" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfsystems/batch")
    public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -69,13 +68,13 @@ public class WFSystemResource {
    @Transactional
    public ResponseEntity<WFSystemDTO> update(@PathVariable("wfsystem_id") String wfsystem_id, @RequestBody WFSystemDTO wfsystemdto) {
 		WFSystem domain  = wfsystemMapping.toDomain(wfsystemdto);
-        domain.setPssystemid(wfsystem_id);
+        domain .setPssystemid(wfsystem_id);
-		wfsystemService.update(domain);
+		wfsystemService.update(domain );
-		WFSystemDTO dto = wfsystemMapping.toDto(domain);
+		WFSystemDTO dto = wfsystemMapping.toDto(domain );
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Update',{'Sql',this.wfsystemMapping,#wfsystemdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFSystem-Update-all')")
    @ApiOperation(value = "UpdateBatch", tags = {"WFSystem" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfsystems/batch")
    public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
@@ -83,7 +82,6 @@ public class WFSystemResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFSystem-GetDraft-all')")
    @ApiOperation(value = "GetDraft", tags = {"WFSystem" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfsystems/getdraft")
    public ResponseEntity<WFSystemDTO> getDraft() {
@@ -97,7 +95,7 @@ public class WFSystemResource {
        return ResponseEntity.status(HttpStatus.OK).body(wfsystemService.save(wfsystemMapping.toDomain(wfsystemdto)));
    }
-    @PreAuthorize("hasPermission('Save',{'Sql',this.wfsystemMapping,#wfsystemdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFSystem-Save-all')")
    @ApiOperation(value = "SaveBatch", tags = {"WFSystem" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/savebatch")
    public ResponseEntity<Boolean> saveBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
@@ -116,7 +114,7 @@ public class WFSystemResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Create',{'Sql',this.wfsystemMapping,#wfsystemdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFSystem-Create-all')")
    @ApiOperation(value = "createBatch", tags = {"WFSystem" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/batch")
    public ResponseEntity<Boolean> createBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
@@ -124,7 +122,6 @@ public class WFSystemResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFSystem-CheckKey-all')")
    @ApiOperation(value = "CheckKey", tags = {"WFSystem" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/checkkey")
    public ResponseEntity<Boolean> checkKey(@RequestBody WFSystemDTO wfsystemdto) {
@@ -162,3 +159,4 @@ public class WFSystemResource {
                .body(new PageImpl(wfsystemMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
--- a/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFUserResource.java
+++ b/ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFUserResource.java
@@ -22,6 +22,7 @@ import org.springframework.data.domain.Pageable;
 import org.springframework.util.StringUtils;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.access.prepost.PostAuthorize;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
@@ -39,14 +40,12 @@ import cn.ibizlab.core.workflow.filter.WFUserSearchContext;
 public class WFUserResource {
    @Autowired
-    private IWFUserService wfuserService;
+    public IWFUserService wfuserService;
    @Autowired
    @Lazy
    public WFUserMapping wfuserMapping;
-    public WFUserDTO permissionDTO=new WFUserDTO();
    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFUser-Remove-all')")
    @ApiOperation(value = "Remove", tags = {"WFUser" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfusers/{wfuser_id}")
@@ -55,7 +54,7 @@ public class WFUserResource {
         return ResponseEntity.status(HttpStatus.OK).body(wfuserService.remove(wfuser_id));
    }
-    @PreAuthorize("hasPermission('Remove',{'Sql',this.wfuserMapping,this.permissionDTO,#ids})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFUser-Remove-all')")
    @ApiOperation(value = "RemoveBatch", tags = {"WFUser" },  notes = "RemoveBatch")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfusers/batch")
    public ResponseEntity<Boolean> removeBatch(@RequestBody List<String> ids) {
@@ -63,7 +62,6 @@ public class WFUserResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFUser-GetDraft-all')")
    @ApiOperation(value = "GetDraft", tags = {"WFUser" },  notes = "GetDraft")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfusers/getdraft")
    public ResponseEntity<WFUserDTO> getDraft() {
@@ -77,7 +75,7 @@ public class WFUserResource {
        return ResponseEntity.status(HttpStatus.OK).body(wfuserService.save(wfuserMapping.toDomain(wfuserdto)));
    }
-    @PreAuthorize("hasPermission('Save',{'Sql',this.wfuserMapping,#wfuserdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFUser-Save-all')")
    @ApiOperation(value = "SaveBatch", tags = {"WFUser" },  notes = "SaveBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfusers/savebatch")
    public ResponseEntity<Boolean> saveBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
@@ -91,13 +89,13 @@ public class WFUserResource {
    @Transactional
    public ResponseEntity<WFUserDTO> update(@PathVariable("wfuser_id") String wfuser_id, @RequestBody WFUserDTO wfuserdto) {
 		WFUser domain  = wfuserMapping.toDomain(wfuserdto);
-        domain.setId(wfuser_id);
+        domain .setId(wfuser_id);
-		wfuserService.update(domain);
+		wfuserService.update(domain );
-		WFUserDTO dto = wfuserMapping.toDto(domain);
+		WFUserDTO dto = wfuserMapping.toDto(domain );
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Update',{'Sql',this.wfuserMapping,#wfuserdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFUser-Update-all')")
    @ApiOperation(value = "UpdateBatch", tags = {"WFUser" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfusers/batch")
    public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
@@ -125,7 +123,7 @@ public class WFUserResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-    @PreAuthorize("hasPermission('Create',{'Sql',this.wfuserMapping,#wfuserdtos})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFUser-Create-all')")
    @ApiOperation(value = "createBatch", tags = {"WFUser" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfusers/batch")
    public ResponseEntity<Boolean> createBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
@@ -133,7 +131,6 @@ public class WFUserResource {
        return  ResponseEntity.status(HttpStatus.OK).body(true);
    }
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzwf-WFUser-CheckKey-all')")
    @ApiOperation(value = "CheckKey", tags = {"WFUser" },  notes = "CheckKey")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfusers/checkkey")
    public ResponseEntity<Boolean> checkKey(@RequestBody WFUserDTO wfuserdto) {
@@ -162,3 +159,4 @@ public class WFUserResource {
                .body(new PageImpl(wfuserMapping.toDto(domains.getContent()), context.getPageable(), domains.getTotalElements()));
 	}
 }
--- a/ibzwf-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
+++ b/ibzwf-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
@@ -9,8 +9,8 @@ import com.alibaba.fastjson.JSONObject;
 public class IBZUAAFallback implements IBZUAAFeignClient {
    @Override
-    public boolean pushSystemPermissionData(String systemid,JSONObject systemPermissionData) {
+    public Boolean syncSysAuthority(JSONObject system) {
-        return false;
+        return null;
    }
    @Override

--- a/ibzwf-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
+++ b/ibzwf-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
@@ -10,13 +10,12 @@ import com.alibaba.fastjson.JSONObject;
 public interface IBZUAAFeignClient
 {
 	/**
-	 * 推送系统权限数据到uaa
+	 * 同步系统资源到uaa
-	 * @param systemid
+	 * @param system 系统资源信息
-	 * @param systemPermissionData
 	 * @return
 	 */
-	@PostMapping("/syspssystems/{systemid}/permissiondata")
+	@PostMapping("/syspssystems/save")
-	boolean pushSystemPermissionData(@PathVariable("systemid") String systemid,@RequestBody JSONObject systemPermissionData);
+	Boolean syncSysAuthority(@RequestBody JSONObject system);
 	/**
 	 * 用户登录

--- a/ibzwf-util/src/main/java/cn/ibizlab/util/job/PermissionSyncJob.java
+++ b/ibzwf-util/src/main/java/cn/ibizlab/util/job/PermissionSyncJob.java
@@ -36,10 +36,14 @@ public class PermissionSyncJob implements ApplicationRunner {
            Thread.sleep(10000);
            InputStream permission= this.getClass().getResourceAsStream("/permission/systemResource.json"); //获取当前系统所有实体资源能力
            String permissionResult = IOUtils.toString(permission,"UTF-8");
-            if(client.pushSystemPermissionData(systemId,JSONObject.parseObject(permissionResult))){
+            JSONObject system= new JSONObject();
+            system.put("pssystemid",systemId);
+            system.put("pssystemname",systemId);
+            system.put("sysstructure",JSONObject.parseObject(permissionResult));
+            if(client.syncSysAuthority(system)){
                log.info("向[UAA]同步系统资源成功");
            }else{
-                log.info(String.format("向[UAA]同步系统资源失败"));
+                log.error("向[UAA]同步系统资源失败");
            }
        }
        catch (Exception ex) {

--- a/ibzwf-util/src/main/java/cn/ibizlab/util/rest/AppController.java
+++ b/ibzwf-util/src/main/java/cn/ibizlab/util/rest/AppController.java
 package cn.ibizlab.util.rest;
-import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import cn.ibizlab.util.security.AuthenticationUser;
+import cn.ibizlab.util.service.AuthenticationUserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.util.ObjectUtils;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
-import org.springframework.beans.factory.annotation.Value;
+import java.util.Collection;
-import org.springframework.beans.factory.annotation.Autowired;
+import java.util.HashSet;
-import cn.ibizlab.util.security.AuthenticationUser;
+import java.util.Iterator;
-import cn.ibizlab.util.service.AuthenticationUserService;
+import java.util.Set;
 @RestController
 @RequestMapping(value = "")
@@ -27,13 +30,19 @@ public class AppController {
 	public ResponseEntity<JSONObject> getAppData() {
 		JSONObject appData = new JSONObject() ;
-		JSONArray uniRes=new JSONArray();
+		Set<String> appMenu = new HashSet();
-    	JSONArray appMenu=new JSONArray();
+		Set<String> uniRes = new HashSet();
 		if(enablePermissionValid){
-			JSONObject userPermission=AuthenticationUser.getAuthenticationUser().getPermissionList();
+			Collection<GrantedAuthority> authorities=AuthenticationUser.getAuthenticationUser().getAuthorities();
-			if(!ObjectUtils.isEmpty(userPermission)){
+				Iterator it = authorities.iterator();
-				uniRes = userPermission.getJSONArray("unires");
+				while(it.hasNext()) {
-    			appMenu = userPermission.getJSONArray("appmenu");
+					GrantedAuthority authority = (GrantedAuthority)it.next();
+					String strAuthority=authority.getAuthority();
+					if(strAuthority.startsWith("UNIRES"))
+						uniRes.add(strAuthority);
+					else if(strAuthority.startsWith("APPMENU"))
+						appMenu.add(strAuthority);
 				}
 		}
 		appData.put("unires",uniRes);

--- a/ibzwf-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
+++ b/ibzwf-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
--- a/ibzwf-util/src/main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java
+++ b/ibzwf-util/src/main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java
@@ -14,6 +14,7 @@ import cn.ibizlab.util.domain.IBZUSER;
 import org.springframework.util.DigestUtils;
 import org.springframework.util.StringUtils;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.security.core.authority.AuthorityUtils;
 /**
 * 实体[IBZUSER] 服务对象接口实现
@@ -72,6 +73,9 @@ public class IBZUSERServiceImpl extends ServiceImpl<IBZUSERMapper, IBZUSER> impl
 	public  AuthenticationUser createUserDetails(IBZUSER user) {
 		AuthenticationUser userdatail = new AuthenticationUser();
 		CachedBeanCopier.copy(user,userdatail);
+    	if(userdatail.getSuperuser()==1){
+    		userdatail.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_SUPERADMIN"));
+    	}
 		return userdatail;
 	}
 }
\ No newline at end of file