Skip to content

I
ibzwf
提交 e5a6519b 编写于 作者: ibizdev's avatar ibizdev
浏览文件
操作

ibizdev提交

上级 6bbe35dc
隐藏空白字符变更
内嵌 并排
正在显示 包含 295 行增加132 行删除
ibzwf-core/src/main/java/cn/ibizlab/core/workflow/domain/WFProcessDefinition.java
浏览文件 @ e5a6519b
......@@ -35,7 +35,7 @@ public class WFProcessDefinition extends EntityMP implements Serializable {
/**
* DefinitionKey
*/
@DEField(isKeyField=true)
@DEField(defaultValue = "deployKey" , defaultValueType = DEFieldDefaultValueType.PARAM , isKeyField=true)
@TableId(value= "definitionkey",type=IdType.UUID)
@JSONField(name = "definitionkey")
@JsonProperty("definitionkey")
......
ibzwf-core/src/main/resources/liquibase/h2_table.xml
浏览文件 @ e5a6519b
......@@ -92,7 +92,7 @@
</createTable>
</changeSet>
<!--输出实体[WF_DEFINITION]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-wf_definition-47-7">
<changeSet author="a_A_5d9d78509" id="tab-wf_definition-48-7">
<createTable tableName="IBZWFDEFINITION">
<column name="DEFINITIONKEY" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_WF_DEFINITION_DEFINITIONKEY"/>
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFGroupResource.java
浏览文件 @ e5a6519b
......@@ -71,7 +71,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfgroup_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFGroup" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfgroups/{wfgroup_id}")
@Transactional
......@@ -83,7 +83,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfgroup_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
......@@ -112,7 +112,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFGroup" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups")
@Transactional
......@@ -123,7 +123,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
......@@ -134,7 +134,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission('Remove',{#wfgroup_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfgroup_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFGroup" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfgroups/{wfgroup_id}")
@Transactional
......@@ -152,7 +152,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission(#wfgroup_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#wfgroup_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFGroup" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfgroups/{wfgroup_id}")
public ResponseEntity<WFGroupDTO> get(@PathVariable("wfgroup_id") String wfgroup_id) {
......@@ -161,7 +161,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFGroup" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfgroups/fetchdefault")
public ResponseEntity<List<WFGroupDTO>> fetchDefault(WFGroupSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFGroupResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFGroup" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfgroups/searchdefault")
public ResponseEntity<Page<WFGroupDTO>> searchDefault(WFGroupSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFMemberResource.java
浏览文件 @ e5a6519b
......@@ -73,7 +73,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFMember" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers")
@Transactional
......@@ -84,7 +84,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
......@@ -95,7 +95,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission('Remove',{#wfmember_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfmember_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFMember" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfmembers/{wfmember_id}")
@Transactional
......@@ -129,7 +129,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfmember_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFMember" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfmembers/{wfmember_id}")
@Transactional
......@@ -141,7 +141,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfmember_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
......@@ -152,7 +152,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission(#wfmember_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#wfmember_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFMember" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfmembers/{wfmember_id}")
public ResponseEntity<WFMemberDTO> get(@PathVariable("wfmember_id") String wfmember_id) {
......@@ -161,7 +161,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFMember" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfmembers/fetchdefault")
public ResponseEntity<List<WFMemberDTO>> fetchDefault(WFMemberSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFMemberResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFMember" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfmembers/searchdefault")
public ResponseEntity<Page<WFMemberDTO>> searchDefault(WFMemberSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFProcessDefinitionResource.java
浏览文件 @ e5a6519b
......@@ -71,7 +71,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFProcessDefinition" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
@Transactional
......@@ -83,7 +83,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
......@@ -94,7 +94,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFProcessDefinition" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
public ResponseEntity<WFProcessDefinitionDTO> get(@PathVariable("wfprocessdefinition_id") String wfprocessdefinition_id) {
......@@ -124,7 +124,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFProcessDefinition" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions")
@Transactional
......@@ -135,7 +135,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
......@@ -146,7 +146,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission('Remove',{#wfprocessdefinition_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfprocessdefinition_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFProcessDefinition" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
@Transactional
......@@ -161,7 +161,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(true);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/fetchdefault")
public ResponseEntity<List<WFProcessDefinitionDTO>> fetchDefault(WFProcessDefinitionSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFProcessDefinitionResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/searchdefault")
public ResponseEntity<Page<WFProcessDefinitionDTO>> searchDefault(WFProcessDefinitionSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFSystemResource.java
浏览文件 @ e5a6519b
......@@ -55,7 +55,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission('Remove',{#wfsystem_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfsystem_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFSystem" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfsystems/{wfsystem_id}")
@Transactional
......@@ -73,7 +73,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfsystem_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFSystem" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfsystems/{wfsystem_id}")
@Transactional
......@@ -85,7 +85,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfsystem_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
......@@ -121,7 +121,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFSystem" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems")
@Transactional
......@@ -132,7 +132,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
......@@ -152,7 +152,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission(#wfsystem_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#wfsystem_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFSystem" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfsystems/{wfsystem_id}")
public ResponseEntity<WFSystemDTO> get(@PathVariable("wfsystem_id") String wfsystem_id) {
......@@ -161,7 +161,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFSystem" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfsystems/fetchdefault")
public ResponseEntity<List<WFSystemDTO>> fetchDefault(WFSystemSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFSystemResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFSystem" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfsystems/searchdefault")
public ResponseEntity<Page<WFSystemDTO>> searchDefault(WFSystemSearchContext context) {
......
ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFUserResource.java
浏览文件 @ e5a6519b
......@@ -55,7 +55,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission('Remove',{#wfuser_id,this.getEntity()})")
@PreAuthorize("hasPermission('Remove',{#wfuser_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFUser" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfusers/{wfuser_id}")
@Transactional
......@@ -98,7 +98,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfuser_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFUser" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfusers/{wfuser_id}")
@Transactional
......@@ -110,7 +110,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())")
@PreAuthorize("hasPermission(#wfuser_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
......@@ -121,7 +121,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission(#wfuser_id,'Get',this.getEntity())")
@PreAuthorize("hasPermission(#wfuser_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFUser" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfusers/{wfuser_id}")
public ResponseEntity<WFUserDTO> get(@PathVariable("wfuser_id") String wfuser_id) {
......@@ -133,7 +133,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFUser" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers")
@Transactional
......@@ -144,7 +144,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
@PreAuthorize("hasPermission('','Create',this.getEntity())")
@PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
......@@ -161,7 +161,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(wfuserService.checkKey(wfuserMapping.toDomain(wfuserdto)));
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFUser" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfusers/fetchdefault")
public ResponseEntity<List<WFUserDTO>> fetchDefault(WFUserSearchContext context) {
......@@ -174,7 +174,7 @@ public class WFUserResource {
.body(list);
}
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFUser" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfusers/searchdefault")
public ResponseEntity<Page<WFUserDTO>> searchDefault(WFUserSearchContext context) {
......
ibzwf-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
浏览文件 @ e5a6519b
......@@ -4,17 +4,28 @@ import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.mongodb.BasicDBList;
import com.mongodb.BasicDBObject;
import com.mongodb.QueryBuilder;
import cn.ibizlab.util.annotation.DEField;
import cn.ibizlab.util.domain.EntityBase;
import cn.ibizlab.util.enums.DEPredefinedFieldType;
import cn.ibizlab.util.filter.QueryBuildContext;
import cn.ibizlab.util.filter.QueryWrapperContext;
import cn.ibizlab.util.helper.DEFieldCacheMap;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.PageImpl;
import org.springframework.data.mongodb.core.MongoTemplate;
import org.springframework.data.mongodb.core.query.BasicQuery;
import org.springframework.data.mongodb.core.query.Query;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
import javax.annotation.Resource;
import javax.swing.text.html.parser.Entity;
import java.io.Serializable;
import java.lang.reflect.Field;
import java.util.ArrayList;
......@@ -39,6 +50,13 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
* 实体数据集操作标识
*/
private String DataSetTag="DATASET";
/**
*实体主键标识
*/
private String keyFieldTag="keyfield";
@Resource
private MongoTemplate mongoTemplate;
/**
* 表格权限检查 :用于检查当前用户是否拥有表格数据的读取、删除权限
......@@ -56,6 +74,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true;
String action = "";
String deStorageMode;
if (deAction instanceof String)
action = (String) deAction;
......@@ -69,10 +88,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false;
List gridParamList = (ArrayList) gridParam;
if(action.equalsIgnoreCase("DELETE")){ //grid delete
if(action.equalsIgnoreCase("remove")){
//准备参数
Object srfKey =gridParamList.get(0);
EntityBase entity = (EntityBase) gridParamList.get(1);
deStorageMode= (String) gridParamList.get(2);
String entityName = entity.getClass().getSimpleName();
//获取实体行为权限信息
......@@ -82,61 +102,53 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if(!validDEActionHasPermission(permissionList,entityName,action)){
return false;
}
//检查是否有数据权限[单行删除]
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));//获取实体service对象
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
//检查是否有数据权限
return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
}
else{ //grid fetch
else{
//准备参数
Object searchContext=gridParamList.get(0);
String dataSetName=String.valueOf(gridParamList.get(1));
EntityBase entity = (EntityBase) gridParamList.get(2);
deStorageMode= (String) gridParamList.get(3);
String entityName = entity.getClass().getSimpleName();
//获取数据集权限信息
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName)|| StringUtils.isEmpty(action))
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName))
return false;
//检查是否有访问数据集的权限
if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
return false;
}
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSetName,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
fillPermissionSQL(searchContext,permissionSQL);//将权限SQL添加到searchContext中,过滤出权限内数据
//拼接权限条件
deDataSetFillPermissionSQLRouter(deStorageMode, searchContext, entity , dataSetName , permissionList);
}
return true;
}
/**
* 表单权限检查 :用于检查当前用户是否拥有表单的新建、编辑、删除权限
*
* @param authentication
* @param srfKey 当前操作数据的主键
* @param action 当前操作行为:如:[READ、UPDATE、DELETE]
* @param cur_entity 当前操作的实体对象
* @param formParam 表单参数对象
* @return true/false true则允许当前行为,false拒绝行为
*/
@Override
public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object cur_entity) {
public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object formParam) {
//未开启权限校验、超级管理员则不进行权限检查
if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1 || !enablePermissionValid)
return true;
EntityBase entity = null;
if (cur_entity instanceof EntityBase)
entity = (EntityBase) cur_entity;
List formParamList = (ArrayList) formParam;
EntityBase entity = (EntityBase) formParamList.get(0);
String deStorageMode= (String) formParamList.get(1);
if (StringUtils.isEmpty(entity))
return false;
......@@ -145,7 +157,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
String entityName = entity.getClass().getSimpleName();
if(action.equalsIgnoreCase("CREATE")){
if(action.equalsIgnoreCase("create")){
return validDEActionHasPermission(permissionList,entityName,action);
}
else{
......@@ -158,13 +170,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false;
}
//检查是否有数据权限
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
}
}
......@@ -185,40 +191,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if(entity.containsKey(action) && entity.getJSONArray(action).contains("ALL"))
return true;
return false;
}
/**
* 拼接表格查询条件
* @param gridDataAbility
* @param entityName
* @param action
* @param dataSetName
* @param permissionField
* @return
*/
private String getPermissionSQLByList(JSONObject gridDataAbility, String entityName, String action, String dataSetName, Map<String,String> permissionField){
JSONObject entity=gridDataAbility.getJSONObject(entityName);//获取实体
JSONObject permissionType=entity.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return null;
return getPermissionSQL(dataRange,permissionField); //拼接权限条件-查询
}
/**
* 填充权限SQL
* @param targetDomainObject
* @param permissionCond
*/
private void fillPermissionSQL(Object targetDomainObject, String permissionCond){
if(targetDomainObject instanceof QueryWrapperContext){
QueryWrapperContext queryWrapperContext = (QueryWrapperContext) targetDomainObject;
QueryWrapper queryWrapper = queryWrapperContext.getSelectCond();
queryWrapper.apply(permissionCond);
}
return false;
}
/**
......@@ -246,7 +219,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return hasPermission;
}
/**
* 数据集合权限校验
* @param userPermission
......@@ -276,53 +248,244 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
}
/**
* 获取单条权限数据SQL
* @param formDataAbility
* @param entityName
* 根据实体存储模式,进行鉴权
* @param deStorageMode
* @param entity
* @param action
* @param srfKey
* @param permissionList
* @return
*/
private boolean deActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
if(deStorageMode.equalsIgnoreCase("sql")){
return sqlPermissionValid(entity , action , srfKey, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("nosql")){
return noSqlPermissionValid(entity , action , srfKey, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("serviceapi")){
return true;
}
else {
throw new RuntimeException(String.format("未能识别[%s]实体对应存储模式[%s]",entity.getClass().getSimpleName(),deStorageMode));
}
}
/**
* sql存储模式实体行为鉴权
* @param entity
* @param action
* @param srfKey
* @param permissionField
* @param permissionList
* @return
*/
private String getPermissionSQLById(JSONObject formDataAbility, String entityName, String action, Object srfKey, Map<String,String> permissionField){
private boolean sqlPermissionValid(EntityBase entity , String action , Object srfKey, JSONObject permissionList){
String entityName=entity.getClass().getSimpleName();
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));//获取实体service对象
JSONObject entity=formDataAbility.getJSONObject(entityName);//获取实体
JSONObject permissionType= entity.getJSONObject(DEActionType);
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String keyField=permissionField.get(keyFieldTag);
if(StringUtils.isEmpty(keyField)){
throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!");
}
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
JSONObject permissionType= entityObj.getJSONObject(DEActionType);
JSONArray opprivList=permissionType.getJSONArray(action);//行为:read;insert...
if(opprivList.size()==0)
return null;
String permissionSQL=getPermissionSQL(opprivList,permissionField);
return false;
String keyField=permissionField.get("keyfield");
//通过权限表达式来获取sql
String tempPermissionSQL=getPermissionSQL(entity,opprivList);
String permissionSQL= String.format(" (%s) AND (%s='%s')",tempPermissionSQL,keyField,srfKey); //拼接权限条件-编辑
//执行sql进行权限检查
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
List list=service.list(permissionWrapper);
if(list.size()>0){
return true;
}else{
return false;
}
}
/**
* NoSQL实体行为鉴权
* @param entity
* @param action
* @param srfKey
* @param permissionList
* @return
*/
private boolean noSqlPermissionValid(EntityBase entity, String action, Object srfKey, JSONObject permissionList) {
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String keyField=permissionField.get(keyFieldTag);
if(StringUtils.isEmpty(keyField)){
throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!");
}
return String.format(" (%s) AND (%s='%s')",permissionSQL,keyField,srfKey); //拼接权限条件-编辑
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
JSONObject permissionType= entityObj.getJSONObject(DEActionType);
JSONArray dataRange=permissionType.getJSONArray(action);//行为:read;insert...
if(dataRange.size()==0)
return false;
//根据权限表达式填充权限条件
QueryBuilder permissionCond=new QueryBuilder();
fillNoSqlPermissionCond(dataRange,entity,permissionCond);
//权限条件拼接主键
permissionCond.and(keyField).is(srfKey);
//执行权限检查
Query query = new BasicQuery(permissionCond.get().toString());
List list=mongoTemplate.find(query,entity.getClass());
if(list.size()>0){
return true;
}
else{
return false;
}
}
/**
* 表单权限检查
* @param service
* @param permissionCond
* @return
* 根据实体存储类型,拼接权限条件
* @param deStorageMode
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private boolean testDataAccess(ServiceImpl service, QueryWrapper permissionCond){
private void deDataSetFillPermissionSQLRouter(String deStorageMode , Object searchContext, EntityBase entity ,String dataSetName ,JSONObject permissionList){
//检查是否有数据权限[单行删除]
if(deStorageMode.equalsIgnoreCase("sql")){
sqlPermissionBuilder(searchContext, entity , dataSetName, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("nosql")){
noSqlPermissionBuilder(searchContext, entity , dataSetName, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("serviceapi")){
}
else {
throw new RuntimeException(String.format("未能识别[%s]实体对应存储模式[%s]",entity.getClass().getSimpleName(),deStorageMode));
}
}
/**
* 为NoSQL存储模式的表格查询填充权限条件
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private void noSqlPermissionBuilder(Object searchContext, EntityBase entity, String dataSetName, JSONObject permissionList) {
if(searchContext instanceof QueryBuildContext){
//获取权限表达式[全部数据、本单位、本部门等]
String entityName=entity.getClass().getSimpleName();
JSONObject entityObj=permissionList.getJSONObject(entityName);
JSONObject permissionType=entityObj.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);
if(dataRange.size()==0)
return ;
//根据权限表达式生成查询条件,并将查询条件设置到SearchContext中
fillNoSqlPermissionCond(dataRange,entity,((QueryBuildContext) searchContext).getSelectCond());
}
}
/**
* 为SQL存储模式的表格查询填充权限条件
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private void sqlPermissionBuilder(Object searchContext, EntityBase entity, String dataSetName, JSONObject permissionList){
//获取权限表达式[全部数据、本单位、本部门等]
String entityName=entity.getClass().getSimpleName();
JSONObject entityObj=permissionList.getJSONObject(entityName);//获取实体
JSONObject permissionType=entityObj.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return ;
//根据权限条件获取SQL
String permissionSQL=getPermissionSQL(entity,dataRange);
//将SQL拼接到SearchContext中
if(searchContext instanceof QueryWrapperContext){
QueryWrapperContext queryWrapperContext = (QueryWrapperContext) searchContext;
QueryWrapper queryWrapper = queryWrapperContext.getSelectCond();
queryWrapper.apply(permissionSQL);
}
}
boolean isPermission=false;
List list=service.list(permissionCond);
if(list.size()>0)
isPermission=true;
return isPermission;
/**
* 为NoSQL存储模式的表格查询填充权限条件
* @param oppriList
* @param entity
* @param permissionSQL
*/
private void fillNoSqlPermissionCond(JSONArray oppriList, EntityBase entity, QueryBuilder permissionSQL){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String orgField=permissionField.get("orgfield");
String orgDeptField=permissionField.get("orgsecfield");
String createManField=permissionField.get("createmanfield");
AuthenticationUser authenticationUser = AuthenticationUser.getAuthenticationUser();
JSONObject userInfo = authenticationUser.getOrgInfo();
JSONObject orgObject = userInfo.getJSONObject("org");
JSONArray orgParent = orgObject.getJSONArray("porg");
JSONArray orgChild = orgObject.getJSONArray("sorg");
JSONObject orgDeptObject = userInfo.getJSONObject("orgdept");
JSONArray orgDeptParent = orgDeptObject.getJSONArray("porgdept");
JSONArray orgDeptChild = orgDeptObject.getJSONArray("sorgdept");
for(int i=0;i<oppriList.size();i++){
String permissionCond=oppriList.getString(i);//权限配置条件
if(permissionCond.equals("CURORG")){ //本单位
permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get());
}
else if(permissionCond.equals("PORG")){//上级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgParent)).get());
}
else if(permissionCond.equals("SORG")){//下级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgChild)).get());
}
else if(permissionCond.equals("CREATEMAN")){//建立人
permissionSQL.or(new QueryBuilder().and(createManField).is(AuthenticationUser.getAuthenticationUser().getUserid()).get());
}
else if(permissionCond.equals("CURORGDEPT")){//本部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).is(AuthenticationUser.getAuthenticationUser().getMdeptid()).get());
}
else if(permissionCond.equals("PORGDEPT")){//上级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptParent)).get());
}
else if(permissionCond.equals("SORGDEPT")){//下级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptChild)).get());
}
else if(permissionCond.equals("ALL")){
permissionSQL.or(new QueryBuilder().get());
}
}
}
/**
* 获取权限SQL
* SQL获取权限条件
* @param entity
* @param oppriList
* @param permissionField
* @return
*/
private String getPermissionSQL(JSONArray oppriList, Map<String,String> permissionField){
private String getPermissionSQL(EntityBase entity, JSONArray oppriList){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String nPermissionSQL = "1<>1";
String orgField=permissionField.get("orgfield");
String orgDeptField=permissionField.get("orgsecfield");
......@@ -362,7 +525,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild)));
}
else if(permissionCond.equals("ALL")){//全部数据
permissionSQL.append("(1=1)");
permissionSQL.append("(1=1)");
}
else{
permissionSQL.append(nPermissionSQL);
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册