提交 e5a6519b 编写于 作者: ibizdev's avatar ibizdev

ibizdev提交

上级 6bbe35dc
...@@ -35,7 +35,7 @@ public class WFProcessDefinition extends EntityMP implements Serializable { ...@@ -35,7 +35,7 @@ public class WFProcessDefinition extends EntityMP implements Serializable {
/** /**
* DefinitionKey * DefinitionKey
*/ */
@DEField(isKeyField=true) @DEField(defaultValue = "deployKey" , defaultValueType = DEFieldDefaultValueType.PARAM , isKeyField=true)
@TableId(value= "definitionkey",type=IdType.UUID) @TableId(value= "definitionkey",type=IdType.UUID)
@JSONField(name = "definitionkey") @JSONField(name = "definitionkey")
@JsonProperty("definitionkey") @JsonProperty("definitionkey")
......
...@@ -92,7 +92,7 @@ ...@@ -92,7 +92,7 @@
</createTable> </createTable>
</changeSet> </changeSet>
<!--输出实体[WF_DEFINITION]数据结构 --> <!--输出实体[WF_DEFINITION]数据结构 -->
<changeSet author="a_A_5d9d78509" id="tab-wf_definition-47-7"> <changeSet author="a_A_5d9d78509" id="tab-wf_definition-48-7">
<createTable tableName="IBZWFDEFINITION"> <createTable tableName="IBZWFDEFINITION">
<column name="DEFINITIONKEY" remarks="" type="VARCHAR(100)"> <column name="DEFINITIONKEY" remarks="" type="VARCHAR(100)">
<constraints primaryKey="true" primaryKeyName="PK_WF_DEFINITION_DEFINITIONKEY"/> <constraints primaryKey="true" primaryKeyName="PK_WF_DEFINITION_DEFINITIONKEY"/>
......
...@@ -71,7 +71,7 @@ public class WFGroupResource { ...@@ -71,7 +71,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfgroup_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFGroup" }, notes = "Update") @ApiOperation(value = "Update", tags = {"WFGroup" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfgroups/{wfgroup_id}") @RequestMapping(method = RequestMethod.PUT, value = "/wfgroups/{wfgroup_id}")
@Transactional @Transactional
...@@ -83,7 +83,7 @@ public class WFGroupResource { ...@@ -83,7 +83,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfgroup_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/updatebatch") @RequestMapping(method = RequestMethod.POST, value = "/wfgroups/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
...@@ -112,7 +112,7 @@ public class WFGroupResource { ...@@ -112,7 +112,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFGroup" }, notes = "Create") @ApiOperation(value = "Create", tags = {"WFGroup" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups") @RequestMapping(method = RequestMethod.POST, value = "/wfgroups")
@Transactional @Transactional
...@@ -123,7 +123,7 @@ public class WFGroupResource { ...@@ -123,7 +123,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/createbatch") @RequestMapping(method = RequestMethod.POST, value = "/wfgroups/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
...@@ -134,7 +134,7 @@ public class WFGroupResource { ...@@ -134,7 +134,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission('Remove',{#wfgroup_id,this.getEntity()})") @PreAuthorize("hasPermission('Remove',{#wfgroup_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFGroup" }, notes = "Remove") @ApiOperation(value = "Remove", tags = {"WFGroup" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfgroups/{wfgroup_id}") @RequestMapping(method = RequestMethod.DELETE, value = "/wfgroups/{wfgroup_id}")
@Transactional @Transactional
...@@ -152,7 +152,7 @@ public class WFGroupResource { ...@@ -152,7 +152,7 @@ public class WFGroupResource {
@PreAuthorize("hasPermission(#wfgroup_id,'Get',this.getEntity())") @PreAuthorize("hasPermission(#wfgroup_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFGroup" }, notes = "Get") @ApiOperation(value = "Get", tags = {"WFGroup" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfgroups/{wfgroup_id}") @RequestMapping(method = RequestMethod.GET, value = "/wfgroups/{wfgroup_id}")
public ResponseEntity<WFGroupDTO> get(@PathVariable("wfgroup_id") String wfgroup_id) { public ResponseEntity<WFGroupDTO> get(@PathVariable("wfgroup_id") String wfgroup_id) {
...@@ -161,7 +161,7 @@ public class WFGroupResource { ...@@ -161,7 +161,7 @@ public class WFGroupResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFGroup" } ,notes = "fetchDEFAULT") @ApiOperation(value = "fetchDEFAULT", tags = {"WFGroup" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfgroups/fetchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfgroups/fetchdefault")
public ResponseEntity<List<WFGroupDTO>> fetchDefault(WFGroupSearchContext context) { public ResponseEntity<List<WFGroupDTO>> fetchDefault(WFGroupSearchContext context) {
...@@ -174,7 +174,7 @@ public class WFGroupResource { ...@@ -174,7 +174,7 @@ public class WFGroupResource {
.body(list); .body(list);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFGroup" } ,notes = "searchDEFAULT") @ApiOperation(value = "searchDEFAULT", tags = {"WFGroup" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfgroups/searchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfgroups/searchdefault")
public ResponseEntity<Page<WFGroupDTO>> searchDefault(WFGroupSearchContext context) { public ResponseEntity<Page<WFGroupDTO>> searchDefault(WFGroupSearchContext context) {
......
...@@ -73,7 +73,7 @@ public class WFMemberResource { ...@@ -73,7 +73,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFMember" }, notes = "Create") @ApiOperation(value = "Create", tags = {"WFMember" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers") @RequestMapping(method = RequestMethod.POST, value = "/wfmembers")
@Transactional @Transactional
...@@ -84,7 +84,7 @@ public class WFMemberResource { ...@@ -84,7 +84,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/createbatch") @RequestMapping(method = RequestMethod.POST, value = "/wfmembers/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
...@@ -95,7 +95,7 @@ public class WFMemberResource { ...@@ -95,7 +95,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission('Remove',{#wfmember_id,this.getEntity()})") @PreAuthorize("hasPermission('Remove',{#wfmember_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFMember" }, notes = "Remove") @ApiOperation(value = "Remove", tags = {"WFMember" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfmembers/{wfmember_id}") @RequestMapping(method = RequestMethod.DELETE, value = "/wfmembers/{wfmember_id}")
@Transactional @Transactional
...@@ -129,7 +129,7 @@ public class WFMemberResource { ...@@ -129,7 +129,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfmember_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFMember" }, notes = "Update") @ApiOperation(value = "Update", tags = {"WFMember" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfmembers/{wfmember_id}") @RequestMapping(method = RequestMethod.PUT, value = "/wfmembers/{wfmember_id}")
@Transactional @Transactional
...@@ -141,7 +141,7 @@ public class WFMemberResource { ...@@ -141,7 +141,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfmember_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/updatebatch") @RequestMapping(method = RequestMethod.POST, value = "/wfmembers/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
...@@ -152,7 +152,7 @@ public class WFMemberResource { ...@@ -152,7 +152,7 @@ public class WFMemberResource {
@PreAuthorize("hasPermission(#wfmember_id,'Get',this.getEntity())") @PreAuthorize("hasPermission(#wfmember_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFMember" }, notes = "Get") @ApiOperation(value = "Get", tags = {"WFMember" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfmembers/{wfmember_id}") @RequestMapping(method = RequestMethod.GET, value = "/wfmembers/{wfmember_id}")
public ResponseEntity<WFMemberDTO> get(@PathVariable("wfmember_id") String wfmember_id) { public ResponseEntity<WFMemberDTO> get(@PathVariable("wfmember_id") String wfmember_id) {
...@@ -161,7 +161,7 @@ public class WFMemberResource { ...@@ -161,7 +161,7 @@ public class WFMemberResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFMember" } ,notes = "fetchDEFAULT") @ApiOperation(value = "fetchDEFAULT", tags = {"WFMember" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfmembers/fetchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfmembers/fetchdefault")
public ResponseEntity<List<WFMemberDTO>> fetchDefault(WFMemberSearchContext context) { public ResponseEntity<List<WFMemberDTO>> fetchDefault(WFMemberSearchContext context) {
...@@ -174,7 +174,7 @@ public class WFMemberResource { ...@@ -174,7 +174,7 @@ public class WFMemberResource {
.body(list); .body(list);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFMember" } ,notes = "searchDEFAULT") @ApiOperation(value = "searchDEFAULT", tags = {"WFMember" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfmembers/searchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfmembers/searchdefault")
public ResponseEntity<Page<WFMemberDTO>> searchDefault(WFMemberSearchContext context) { public ResponseEntity<Page<WFMemberDTO>> searchDefault(WFMemberSearchContext context) {
......
...@@ -71,7 +71,7 @@ public class WFProcessDefinitionResource { ...@@ -71,7 +71,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFProcessDefinition" }, notes = "Update") @ApiOperation(value = "Update", tags = {"WFProcessDefinition" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfprocessdefinitions/{wfprocessdefinition_id}") @RequestMapping(method = RequestMethod.PUT, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
@Transactional @Transactional
...@@ -83,7 +83,7 @@ public class WFProcessDefinitionResource { ...@@ -83,7 +83,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/updatebatch") @RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
...@@ -94,7 +94,7 @@ public class WFProcessDefinitionResource { ...@@ -94,7 +94,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission(#wfprocessdefinition_id,'Get',this.getEntity())") @PreAuthorize("hasPermission(#wfprocessdefinition_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFProcessDefinition" }, notes = "Get") @ApiOperation(value = "Get", tags = {"WFProcessDefinition" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfprocessdefinitions/{wfprocessdefinition_id}") @RequestMapping(method = RequestMethod.GET, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
public ResponseEntity<WFProcessDefinitionDTO> get(@PathVariable("wfprocessdefinition_id") String wfprocessdefinition_id) { public ResponseEntity<WFProcessDefinitionDTO> get(@PathVariable("wfprocessdefinition_id") String wfprocessdefinition_id) {
...@@ -124,7 +124,7 @@ public class WFProcessDefinitionResource { ...@@ -124,7 +124,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFProcessDefinition" }, notes = "Create") @ApiOperation(value = "Create", tags = {"WFProcessDefinition" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions") @RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions")
@Transactional @Transactional
...@@ -135,7 +135,7 @@ public class WFProcessDefinitionResource { ...@@ -135,7 +135,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/createbatch") @RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
...@@ -146,7 +146,7 @@ public class WFProcessDefinitionResource { ...@@ -146,7 +146,7 @@ public class WFProcessDefinitionResource {
@PreAuthorize("hasPermission('Remove',{#wfprocessdefinition_id,this.getEntity()})") @PreAuthorize("hasPermission('Remove',{#wfprocessdefinition_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFProcessDefinition" }, notes = "Remove") @ApiOperation(value = "Remove", tags = {"WFProcessDefinition" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfprocessdefinitions/{wfprocessdefinition_id}") @RequestMapping(method = RequestMethod.DELETE, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
@Transactional @Transactional
...@@ -161,7 +161,7 @@ public class WFProcessDefinitionResource { ...@@ -161,7 +161,7 @@ public class WFProcessDefinitionResource {
return ResponseEntity.status(HttpStatus.OK).body(true); return ResponseEntity.status(HttpStatus.OK).body(true);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "fetchDEFAULT") @ApiOperation(value = "fetchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/fetchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/fetchdefault")
public ResponseEntity<List<WFProcessDefinitionDTO>> fetchDefault(WFProcessDefinitionSearchContext context) { public ResponseEntity<List<WFProcessDefinitionDTO>> fetchDefault(WFProcessDefinitionSearchContext context) {
...@@ -174,7 +174,7 @@ public class WFProcessDefinitionResource { ...@@ -174,7 +174,7 @@ public class WFProcessDefinitionResource {
.body(list); .body(list);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "searchDEFAULT") @ApiOperation(value = "searchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/searchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/searchdefault")
public ResponseEntity<Page<WFProcessDefinitionDTO>> searchDefault(WFProcessDefinitionSearchContext context) { public ResponseEntity<Page<WFProcessDefinitionDTO>> searchDefault(WFProcessDefinitionSearchContext context) {
......
...@@ -55,7 +55,7 @@ public class WFSystemResource { ...@@ -55,7 +55,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission('Remove',{#wfsystem_id,this.getEntity()})") @PreAuthorize("hasPermission('Remove',{#wfsystem_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFSystem" }, notes = "Remove") @ApiOperation(value = "Remove", tags = {"WFSystem" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfsystems/{wfsystem_id}") @RequestMapping(method = RequestMethod.DELETE, value = "/wfsystems/{wfsystem_id}")
@Transactional @Transactional
...@@ -73,7 +73,7 @@ public class WFSystemResource { ...@@ -73,7 +73,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfsystem_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFSystem" }, notes = "Update") @ApiOperation(value = "Update", tags = {"WFSystem" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfsystems/{wfsystem_id}") @RequestMapping(method = RequestMethod.PUT, value = "/wfsystems/{wfsystem_id}")
@Transactional @Transactional
...@@ -85,7 +85,7 @@ public class WFSystemResource { ...@@ -85,7 +85,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfsystem_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/updatebatch") @RequestMapping(method = RequestMethod.POST, value = "/wfsystems/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
...@@ -121,7 +121,7 @@ public class WFSystemResource { ...@@ -121,7 +121,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFSystem" }, notes = "Create") @ApiOperation(value = "Create", tags = {"WFSystem" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems") @RequestMapping(method = RequestMethod.POST, value = "/wfsystems")
@Transactional @Transactional
...@@ -132,7 +132,7 @@ public class WFSystemResource { ...@@ -132,7 +132,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/createbatch") @RequestMapping(method = RequestMethod.POST, value = "/wfsystems/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
...@@ -152,7 +152,7 @@ public class WFSystemResource { ...@@ -152,7 +152,7 @@ public class WFSystemResource {
@PreAuthorize("hasPermission(#wfsystem_id,'Get',this.getEntity())") @PreAuthorize("hasPermission(#wfsystem_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFSystem" }, notes = "Get") @ApiOperation(value = "Get", tags = {"WFSystem" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfsystems/{wfsystem_id}") @RequestMapping(method = RequestMethod.GET, value = "/wfsystems/{wfsystem_id}")
public ResponseEntity<WFSystemDTO> get(@PathVariable("wfsystem_id") String wfsystem_id) { public ResponseEntity<WFSystemDTO> get(@PathVariable("wfsystem_id") String wfsystem_id) {
...@@ -161,7 +161,7 @@ public class WFSystemResource { ...@@ -161,7 +161,7 @@ public class WFSystemResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFSystem" } ,notes = "fetchDEFAULT") @ApiOperation(value = "fetchDEFAULT", tags = {"WFSystem" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfsystems/fetchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfsystems/fetchdefault")
public ResponseEntity<List<WFSystemDTO>> fetchDefault(WFSystemSearchContext context) { public ResponseEntity<List<WFSystemDTO>> fetchDefault(WFSystemSearchContext context) {
...@@ -174,7 +174,7 @@ public class WFSystemResource { ...@@ -174,7 +174,7 @@ public class WFSystemResource {
.body(list); .body(list);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFSystem" } ,notes = "searchDEFAULT") @ApiOperation(value = "searchDEFAULT", tags = {"WFSystem" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfsystems/searchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfsystems/searchdefault")
public ResponseEntity<Page<WFSystemDTO>> searchDefault(WFSystemSearchContext context) { public ResponseEntity<Page<WFSystemDTO>> searchDefault(WFSystemSearchContext context) {
......
...@@ -55,7 +55,7 @@ public class WFUserResource { ...@@ -55,7 +55,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission('Remove',{#wfuser_id,this.getEntity()})") @PreAuthorize("hasPermission('Remove',{#wfuser_id,{this.getEntity(),"Sql"}})")
@ApiOperation(value = "Remove", tags = {"WFUser" }, notes = "Remove") @ApiOperation(value = "Remove", tags = {"WFUser" }, notes = "Remove")
@RequestMapping(method = RequestMethod.DELETE, value = "/wfusers/{wfuser_id}") @RequestMapping(method = RequestMethod.DELETE, value = "/wfusers/{wfuser_id}")
@Transactional @Transactional
...@@ -98,7 +98,7 @@ public class WFUserResource { ...@@ -98,7 +98,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfuser_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Update", tags = {"WFUser" }, notes = "Update") @ApiOperation(value = "Update", tags = {"WFUser" }, notes = "Update")
@RequestMapping(method = RequestMethod.PUT, value = "/wfusers/{wfuser_id}") @RequestMapping(method = RequestMethod.PUT, value = "/wfusers/{wfuser_id}")
@Transactional @Transactional
...@@ -110,7 +110,7 @@ public class WFUserResource { ...@@ -110,7 +110,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())") @PreAuthorize("hasPermission(#wfuser_id,'Update',{this.getEntity(),"Sql"})")
@ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers/updatebatch") @RequestMapping(method = RequestMethod.POST, value = "/wfusers/updatebatch")
public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFUserDTO> wfuserdtos) { public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
...@@ -121,7 +121,7 @@ public class WFUserResource { ...@@ -121,7 +121,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission(#wfuser_id,'Get',this.getEntity())") @PreAuthorize("hasPermission(#wfuser_id,'Get',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Get", tags = {"WFUser" }, notes = "Get") @ApiOperation(value = "Get", tags = {"WFUser" }, notes = "Get")
@RequestMapping(method = RequestMethod.GET, value = "/wfusers/{wfuser_id}") @RequestMapping(method = RequestMethod.GET, value = "/wfusers/{wfuser_id}")
public ResponseEntity<WFUserDTO> get(@PathVariable("wfuser_id") String wfuser_id) { public ResponseEntity<WFUserDTO> get(@PathVariable("wfuser_id") String wfuser_id) {
...@@ -133,7 +133,7 @@ public class WFUserResource { ...@@ -133,7 +133,7 @@ public class WFUserResource {
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "Create", tags = {"WFUser" }, notes = "Create") @ApiOperation(value = "Create", tags = {"WFUser" }, notes = "Create")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers") @RequestMapping(method = RequestMethod.POST, value = "/wfusers")
@Transactional @Transactional
...@@ -144,7 +144,7 @@ public class WFUserResource { ...@@ -144,7 +144,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
@PreAuthorize("hasPermission('','Create',this.getEntity())") @PreAuthorize("hasPermission('','Create',{this.getEntity(),"Sql"})")
@ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"createBatch" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "/wfusers/createbatch") @RequestMapping(method = RequestMethod.POST, value = "/wfusers/createbatch")
public ResponseEntity<Boolean> createBatch(@RequestBody List<WFUserDTO> wfuserdtos) { public ResponseEntity<Boolean> createBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
...@@ -161,7 +161,7 @@ public class WFUserResource { ...@@ -161,7 +161,7 @@ public class WFUserResource {
return ResponseEntity.status(HttpStatus.OK).body(wfuserService.checkKey(wfuserMapping.toDomain(wfuserdto))); return ResponseEntity.status(HttpStatus.OK).body(wfuserService.checkKey(wfuserMapping.toDomain(wfuserdto)));
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "fetchDEFAULT", tags = {"WFUser" } ,notes = "fetchDEFAULT") @ApiOperation(value = "fetchDEFAULT", tags = {"WFUser" } ,notes = "fetchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfusers/fetchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfusers/fetchdefault")
public ResponseEntity<List<WFUserDTO>> fetchDefault(WFUserSearchContext context) { public ResponseEntity<List<WFUserDTO>> fetchDefault(WFUserSearchContext context) {
...@@ -174,7 +174,7 @@ public class WFUserResource { ...@@ -174,7 +174,7 @@ public class WFUserResource {
.body(list); .body(list);
} }
@PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})") @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity(),"Sql"})")
@ApiOperation(value = "searchDEFAULT", tags = {"WFUser" } ,notes = "searchDEFAULT") @ApiOperation(value = "searchDEFAULT", tags = {"WFUser" } ,notes = "searchDEFAULT")
@RequestMapping(method= RequestMethod.GET , value="/wfusers/searchdefault") @RequestMapping(method= RequestMethod.GET , value="/wfusers/searchdefault")
public ResponseEntity<Page<WFUserDTO>> searchDefault(WFUserSearchContext context) { public ResponseEntity<Page<WFUserDTO>> searchDefault(WFUserSearchContext context) {
......
...@@ -4,17 +4,28 @@ import com.alibaba.fastjson.JSONArray; ...@@ -4,17 +4,28 @@ import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.mongodb.BasicDBList;
import com.mongodb.BasicDBObject;
import com.mongodb.QueryBuilder;
import cn.ibizlab.util.annotation.DEField; import cn.ibizlab.util.annotation.DEField;
import cn.ibizlab.util.domain.EntityBase; import cn.ibizlab.util.domain.EntityBase;
import cn.ibizlab.util.enums.DEPredefinedFieldType; import cn.ibizlab.util.enums.DEPredefinedFieldType;
import cn.ibizlab.util.filter.QueryBuildContext;
import cn.ibizlab.util.filter.QueryWrapperContext; import cn.ibizlab.util.filter.QueryWrapperContext;
import cn.ibizlab.util.helper.DEFieldCacheMap; import cn.ibizlab.util.helper.DEFieldCacheMap;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.PageImpl;
import org.springframework.data.mongodb.core.MongoTemplate;
import org.springframework.data.mongodb.core.query.BasicQuery;
import org.springframework.data.mongodb.core.query.Query;
import org.springframework.security.access.PermissionEvaluator; import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils; import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import javax.annotation.Resource;
import javax.swing.text.html.parser.Entity;
import java.io.Serializable; import java.io.Serializable;
import java.lang.reflect.Field; import java.lang.reflect.Field;
import java.util.ArrayList; import java.util.ArrayList;
...@@ -39,6 +50,13 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -39,6 +50,13 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
* 实体数据集操作标识 * 实体数据集操作标识
*/ */
private String DataSetTag="DATASET"; private String DataSetTag="DATASET";
/**
*实体主键标识
*/
private String keyFieldTag="keyfield";
@Resource
private MongoTemplate mongoTemplate;
/** /**
* 表格权限检查 :用于检查当前用户是否拥有表格数据的读取、删除权限 * 表格权限检查 :用于检查当前用户是否拥有表格数据的读取、删除权限
...@@ -56,6 +74,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -56,6 +74,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return true; return true;
String action = ""; String action = "";
String deStorageMode;
if (deAction instanceof String) if (deAction instanceof String)
action = (String) deAction; action = (String) deAction;
...@@ -69,10 +88,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -69,10 +88,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false; return false;
List gridParamList = (ArrayList) gridParam; List gridParamList = (ArrayList) gridParam;
if(action.equalsIgnoreCase("DELETE")){ //grid delete if(action.equalsIgnoreCase("remove")){
//准备参数 //准备参数
Object srfKey =gridParamList.get(0); Object srfKey =gridParamList.get(0);
EntityBase entity = (EntityBase) gridParamList.get(1); EntityBase entity = (EntityBase) gridParamList.get(1);
deStorageMode= (String) gridParamList.get(2);
String entityName = entity.getClass().getSimpleName(); String entityName = entity.getClass().getSimpleName();
//获取实体行为权限信息 //获取实体行为权限信息
...@@ -82,61 +102,53 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -82,61 +102,53 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if(!validDEActionHasPermission(permissionList,entityName,action)){ if(!validDEActionHasPermission(permissionList,entityName,action)){
return false; return false;
} }
//检查是否有数据权限[单行删除] //检查是否有数据权限
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));//获取实体service对象 return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
} }
else{ //grid fetch else{
//准备参数 //准备参数
Object searchContext=gridParamList.get(0); Object searchContext=gridParamList.get(0);
String dataSetName=String.valueOf(gridParamList.get(1)); String dataSetName=String.valueOf(gridParamList.get(1));
EntityBase entity = (EntityBase) gridParamList.get(2); EntityBase entity = (EntityBase) gridParamList.get(2);
deStorageMode= (String) gridParamList.get(3);
String entityName = entity.getClass().getSimpleName(); String entityName = entity.getClass().getSimpleName();
//获取数据集权限信息 //获取数据集权限信息
JSONObject permissionList=userPermission.getJSONObject("userPermissionList"); JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName)|| StringUtils.isEmpty(action)) if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName))
return false; return false;
//检查是否有访问数据集的权限 //检查是否有访问数据集的权限
if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){ if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
return false; return false;
} }
//拼接权限条件
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性 deDataSetFillPermissionSQLRouter(deStorageMode, searchContext, entity , dataSetName , permissionList);
String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSetName,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
fillPermissionSQL(searchContext,permissionSQL);//将权限SQL添加到searchContext中,过滤出权限内数据
} }
return true; return true;
} }
/** /**
* 表单权限检查 :用于检查当前用户是否拥有表单的新建、编辑、删除权限 * 表单权限检查 :用于检查当前用户是否拥有表单的新建、编辑、删除权限
* *
* @param authentication * @param authentication
* @param srfKey 当前操作数据的主键 * @param srfKey 当前操作数据的主键
* @param action 当前操作行为:如:[READ、UPDATE、DELETE] * @param action 当前操作行为:如:[READ、UPDATE、DELETE]
* @param cur_entity 当前操作的实体对象 * @param formParam 表单参数对象
* @return true/false true则允许当前行为,false拒绝行为 * @return true/false true则允许当前行为,false拒绝行为
*/ */
@Override @Override
public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object cur_entity) { public boolean hasPermission(Authentication authentication, Serializable srfKey, String action, Object formParam) {
//未开启权限校验、超级管理员则不进行权限检查 //未开启权限校验、超级管理员则不进行权限检查
if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1 || !enablePermissionValid) if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1 || !enablePermissionValid)
return true; return true;
EntityBase entity = null; List formParamList = (ArrayList) formParam;
if (cur_entity instanceof EntityBase) EntityBase entity = (EntityBase) formParamList.get(0);
entity = (EntityBase) cur_entity; String deStorageMode= (String) formParamList.get(1);
if (StringUtils.isEmpty(entity)) if (StringUtils.isEmpty(entity))
return false; return false;
...@@ -145,7 +157,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -145,7 +157,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
JSONObject permissionList=userPermission.getJSONObject("userPermissionList"); JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
String entityName = entity.getClass().getSimpleName(); String entityName = entity.getClass().getSimpleName();
if(action.equalsIgnoreCase("CREATE")){ if(action.equalsIgnoreCase("create")){
return validDEActionHasPermission(permissionList,entityName,action); return validDEActionHasPermission(permissionList,entityName,action);
} }
else{ else{
...@@ -158,13 +170,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -158,13 +170,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return false; return false;
} }
//检查是否有数据权限 //检查是否有数据权限
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl")); return deActionPermissionValidRouter(deStorageMode, entity , action , srfKey, permissionList);
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
if(StringUtils.isEmpty(permissionSQL))
return false;
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
return testDataAccess(service,permissionWrapper);//执行权限检查
} }
} }
...@@ -185,40 +191,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -185,40 +191,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
if(entity.containsKey(action) && entity.getJSONArray(action).contains("ALL")) if(entity.containsKey(action) && entity.getJSONArray(action).contains("ALL"))
return true; return true;
return false; return false;
}
/**
* 拼接表格查询条件
* @param gridDataAbility
* @param entityName
* @param action
* @param dataSetName
* @param permissionField
* @return
*/
private String getPermissionSQLByList(JSONObject gridDataAbility, String entityName, String action, String dataSetName, Map<String,String> permissionField){
JSONObject entity=gridDataAbility.getJSONObject(entityName);//获取实体
JSONObject permissionType=entity.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return null;
return getPermissionSQL(dataRange,permissionField); //拼接权限条件-查询
}
/**
* 填充权限SQL
* @param targetDomainObject
* @param permissionCond
*/
private void fillPermissionSQL(Object targetDomainObject, String permissionCond){
if(targetDomainObject instanceof QueryWrapperContext){
QueryWrapperContext queryWrapperContext = (QueryWrapperContext) targetDomainObject;
QueryWrapper queryWrapper = queryWrapperContext.getSelectCond();
queryWrapper.apply(permissionCond);
}
} }
/** /**
...@@ -246,7 +219,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -246,7 +219,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
return hasPermission; return hasPermission;
} }
/** /**
* 数据集合权限校验 * 数据集合权限校验
* @param userPermission * @param userPermission
...@@ -276,53 +248,244 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -276,53 +248,244 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
} }
/** /**
* 获取单条权限数据SQL * 根据实体存储模式,进行鉴权
* @param formDataAbility * @param deStorageMode
* @param entityName * @param entity
* @param action
* @param srfKey
* @param permissionList
* @return
*/
private boolean deActionPermissionValidRouter(String deStorageMode, EntityBase entity , String action , Object srfKey , JSONObject permissionList){
if(deStorageMode.equalsIgnoreCase("sql")){
return sqlPermissionValid(entity , action , srfKey, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("nosql")){
return noSqlPermissionValid(entity , action , srfKey, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("serviceapi")){
return true;
}
else {
throw new RuntimeException(String.format("未能识别[%s]实体对应存储模式[%s]",entity.getClass().getSimpleName(),deStorageMode));
}
}
/**
* sql存储模式实体行为鉴权
* @param entity
* @param action * @param action
* @param srfKey * @param srfKey
* @param permissionField * @param permissionList
* @return * @return
*/ */
private String getPermissionSQLById(JSONObject formDataAbility, String entityName, String action, Object srfKey, Map<String,String> permissionField){ private boolean sqlPermissionValid(EntityBase entity , String action , Object srfKey, JSONObject permissionList){
String entityName=entity.getClass().getSimpleName();
ServiceImpl service= SpringContextHolder.getBean(String.format("%s%s",entityName,"ServiceImpl"));//获取实体service对象
JSONObject entity=formDataAbility.getJSONObject(entityName);//获取实体 Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
JSONObject permissionType= entity.getJSONObject(DEActionType); String keyField=permissionField.get(keyFieldTag);
if(StringUtils.isEmpty(keyField)){
throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!");
}
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
JSONObject permissionType= entityObj.getJSONObject(DEActionType);
JSONArray opprivList=permissionType.getJSONArray(action);//行为:read;insert... JSONArray opprivList=permissionType.getJSONArray(action);//行为:read;insert...
if(opprivList.size()==0) if(opprivList.size()==0)
return null; return false;
String permissionSQL=getPermissionSQL(opprivList,permissionField);
String keyField=permissionField.get("keyfield"); //通过权限表达式来获取sql
String tempPermissionSQL=getPermissionSQL(entity,opprivList);
String permissionSQL= String.format(" (%s) AND (%s='%s')",tempPermissionSQL,keyField,srfKey); //拼接权限条件-编辑
//执行sql进行权限检查
QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
List list=service.list(permissionWrapper);
if(list.size()>0){
return true;
}else{
return false;
}
}
/**
* NoSQL实体行为鉴权
* @param entity
* @param action
* @param srfKey
* @param permissionList
* @return
*/
private boolean noSqlPermissionValid(EntityBase entity, String action, Object srfKey, JSONObject permissionList) {
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String keyField=permissionField.get(keyFieldTag);
if(StringUtils.isEmpty(keyField)){ if(StringUtils.isEmpty(keyField)){
throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!"); throw new RuntimeException("权限校验失败,请检查当前实体中是否已经配置主键属性!");
} }
return String.format(" (%s) AND (%s='%s')",permissionSQL,keyField,srfKey); //拼接权限条件-编辑
//获取权限表达式[全部数据、本单位、本部门等]
JSONObject entityObj=permissionList.getJSONObject(entity.getClass().getSimpleName());//获取实体
JSONObject permissionType= entityObj.getJSONObject(DEActionType);
JSONArray dataRange=permissionType.getJSONArray(action);//行为:read;insert...
if(dataRange.size()==0)
return false;
//根据权限表达式填充权限条件
QueryBuilder permissionCond=new QueryBuilder();
fillNoSqlPermissionCond(dataRange,entity,permissionCond);
//权限条件拼接主键
permissionCond.and(keyField).is(srfKey);
//执行权限检查
Query query = new BasicQuery(permissionCond.get().toString());
List list=mongoTemplate.find(query,entity.getClass());
if(list.size()>0){
return true;
}
else{
return false;
}
} }
/** /**
* 表单权限检查 * 根据实体存储类型,拼接权限条件
* @param service * @param deStorageMode
* @param permissionCond * @param searchContext
* @return * @param entity
* @param dataSetName
* @param permissionList
*/ */
private boolean testDataAccess(ServiceImpl service, QueryWrapper permissionCond){ private void deDataSetFillPermissionSQLRouter(String deStorageMode , Object searchContext, EntityBase entity ,String dataSetName ,JSONObject permissionList){
//检查是否有数据权限[单行删除]
if(deStorageMode.equalsIgnoreCase("sql")){
sqlPermissionBuilder(searchContext, entity , dataSetName, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("nosql")){
noSqlPermissionBuilder(searchContext, entity , dataSetName, permissionList);
}
else if(deStorageMode.equalsIgnoreCase("serviceapi")){
}
else {
throw new RuntimeException(String.format("未能识别[%s]实体对应存储模式[%s]",entity.getClass().getSimpleName(),deStorageMode));
}
}
/**
* 为NoSQL存储模式的表格查询填充权限条件
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private void noSqlPermissionBuilder(Object searchContext, EntityBase entity, String dataSetName, JSONObject permissionList) {
if(searchContext instanceof QueryBuildContext){
//获取权限表达式[全部数据、本单位、本部门等]
String entityName=entity.getClass().getSimpleName();
JSONObject entityObj=permissionList.getJSONObject(entityName);
JSONObject permissionType=entityObj.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);
if(dataRange.size()==0)
return ;
//根据权限表达式生成查询条件,并将查询条件设置到SearchContext中
fillNoSqlPermissionCond(dataRange,entity,((QueryBuildContext) searchContext).getSelectCond());
}
}
/**
* 为SQL存储模式的表格查询填充权限条件
* @param searchContext
* @param entity
* @param dataSetName
* @param permissionList
*/
private void sqlPermissionBuilder(Object searchContext, EntityBase entity, String dataSetName, JSONObject permissionList){
//获取权限表达式[全部数据、本单位、本部门等]
String entityName=entity.getClass().getSimpleName();
JSONObject entityObj=permissionList.getJSONObject(entityName);//获取实体
JSONObject permissionType=entityObj.getJSONObject(DataSetTag);
JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
if(dataRange.size()==0)
return ;
//根据权限条件获取SQL
String permissionSQL=getPermissionSQL(entity,dataRange);
//将SQL拼接到SearchContext中
if(searchContext instanceof QueryWrapperContext){
QueryWrapperContext queryWrapperContext = (QueryWrapperContext) searchContext;
QueryWrapper queryWrapper = queryWrapperContext.getSelectCond();
queryWrapper.apply(permissionSQL);
}
}
boolean isPermission=false; /**
List list=service.list(permissionCond); * 为NoSQL存储模式的表格查询填充权限条件
if(list.size()>0) * @param oppriList
isPermission=true; * @param entity
return isPermission; * @param permissionSQL
*/
private void fillNoSqlPermissionCond(JSONArray oppriList, EntityBase entity, QueryBuilder permissionSQL){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String orgField=permissionField.get("orgfield");
String orgDeptField=permissionField.get("orgsecfield");
String createManField=permissionField.get("createmanfield");
AuthenticationUser authenticationUser = AuthenticationUser.getAuthenticationUser();
JSONObject userInfo = authenticationUser.getOrgInfo();
JSONObject orgObject = userInfo.getJSONObject("org");
JSONArray orgParent = orgObject.getJSONArray("porg");
JSONArray orgChild = orgObject.getJSONArray("sorg");
JSONObject orgDeptObject = userInfo.getJSONObject("orgdept");
JSONArray orgDeptParent = orgDeptObject.getJSONArray("porgdept");
JSONArray orgDeptChild = orgDeptObject.getJSONArray("sorgdept");
for(int i=0;i<oppriList.size();i++){
String permissionCond=oppriList.getString(i);//权限配置条件
if(permissionCond.equals("CURORG")){ //本单位
permissionSQL.or(new QueryBuilder().and(orgField).is(AuthenticationUser.getAuthenticationUser().getOrgid()).get());
}
else if(permissionCond.equals("PORG")){//上级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgParent)).get());
}
else if(permissionCond.equals("SORG")){//下级单位
permissionSQL.or(new QueryBuilder().and(orgField).in(formatStringArr(orgChild)).get());
}
else if(permissionCond.equals("CREATEMAN")){//建立人
permissionSQL.or(new QueryBuilder().and(createManField).is(AuthenticationUser.getAuthenticationUser().getUserid()).get());
}
else if(permissionCond.equals("CURORGDEPT")){//本部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).is(AuthenticationUser.getAuthenticationUser().getMdeptid()).get());
}
else if(permissionCond.equals("PORGDEPT")){//上级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptParent)).get());
}
else if(permissionCond.equals("SORGDEPT")){//下级部门
permissionSQL.or(new QueryBuilder().and(orgDeptField).in(formatStringArr(orgDeptChild)).get());
}
else if(permissionCond.equals("ALL")){
permissionSQL.or(new QueryBuilder().get());
}
}
} }
/** /**
* 获取权限SQL * SQL获取权限条件
* @param entity
* @param oppriList * @param oppriList
* @param permissionField
* @return * @return
*/ */
private String getPermissionSQL(JSONArray oppriList, Map<String,String> permissionField){ private String getPermissionSQL(EntityBase entity, JSONArray oppriList){
Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
String nPermissionSQL = "1<>1"; String nPermissionSQL = "1<>1";
String orgField=permissionField.get("orgfield"); String orgField=permissionField.get("orgfield");
String orgDeptField=permissionField.get("orgsecfield"); String orgDeptField=permissionField.get("orgsecfield");
...@@ -362,7 +525,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator { ...@@ -362,7 +525,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild))); permissionSQL.append(String.format(" %s in (%s) ", orgDeptField, formatStringArr(orgDeptChild)));
} }
else if(permissionCond.equals("ALL")){//全部数据 else if(permissionCond.equals("ALL")){//全部数据
permissionSQL.append("(1=1)"); permissionSQL.append("(1=1)");
} }
else{ else{
permissionSQL.append(nPermissionSQL); permissionSQL.append(nPermissionSQL);
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册