嵌套权限处理

308e84e2 · zhouweidong · 51b5bcb8 · 308e84e2
--- a/SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
+++ b/SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
@@ -202,6 +202,7 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'save'>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
    public ResponseEntity<Boolean> save(${etParams}) {
@@ -250,6 +251,7 @@ public class ${itemCodeName}Resource {
    }

               <#elseif deaction.codeName?lower_case == 'checkkey'>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
    public ResponseEntity<Boolean> checkKey(${etParams}) {
@@ -257,6 +259,7 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'getdraft'><#comment>前端支持临时模式，后台不做处理</#comment>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
    public ResponseEntity<${itemCodeName}DTO> ${deactionCodeName?uncap_first}() {
@@ -270,6 +273,7 @@ public class ${itemCodeName}Resource {
               <#elseif deaction.getUserTag()?? && deaction.getActionType()?? && deaction.getUserTag() == 'REGIST' && deaction.getActionType() == 'USERCREATE'>

               <#else>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}/${deactionCodeName?lower_case}")
 <#if de.getStorageMode()==4><#else>    @Transactional</#if>
@@ -283,7 +287,7 @@ public class ${itemCodeName}Resource {
                </#if>
            <#elseif apiMethod.getActionType()=='FETCH'>
                <#assign deds = apiMethod.getPSDEDataSet()>
-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deds.codeName}-all')")
+    <@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
 	@ApiOperation(value = "fetch${deds.getLogicName()}", tags = {"${itemCodeName}" } ,notes = "fetch${deds.getLogicName()}")
    @RequestMapping(method= RequestMethod.${reqMtd} , value="${fullPath}/fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<List<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>(${deCodeName}SearchContext context) {
@@ -306,7 +310,7 @@ public class ${itemCodeName}Resource {
        </#if>
 	}

-    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deds.codeName}-all')")
+    <@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
 	@ApiOperation(value = "search${deds.getLogicName()}", tags = {"${itemCodeName}" } ,notes = "search${deds.getLogicName()}")
    @RequestMapping(method= RequestMethod.POST , value="${fullPath}/search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<Page<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>(@RequestBody ${deCodeName}SearchContext context) {
@@ -529,6 +533,7 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'save'>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
    @ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}${byParams}")
 	@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
    public ResponseEntity<Boolean> ${deactionCodeName?uncap_first}${byParams}(${etParams}) {
@@ -563,6 +568,7 @@ public class ${itemCodeName}Resource {
    }

               <#elseif deaction.codeName?lower_case == 'checkkey'>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
    @ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}${byParams}")
 	@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
    public ResponseEntity<Boolean> ${deactionCodeName?uncap_first}${byParams}(${etParams}) {
@@ -598,7 +604,7 @@ public class ${itemCodeName}Resource {
               </#if>
            <#elseif apiMethod.getActionType()=='FETCH'>
                <#assign deds = apiMethod.getPSDEDataSet()>
-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deds.codeName}-all')")
+    <@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
 	@ApiOperation(value = "fetch${deds.getLogicName()}${byParams}", tags = {"${itemCodeName}" } ,notes = "fetch${deds.getLogicName()}${byParams}")
    @RequestMapping(method= RequestMethod.${reqMtd} , value="${fullPath}/fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<List<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> fetch${itemCodeName}<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>${byParams}(<#if parentParams!="">${parentParams},</#if>${deCodeName}SearchContext context) {
@@ -621,7 +627,7 @@ public class ${itemCodeName}Resource {
        </#if>
 	}

-    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deds.codeName}-all')")
+    <@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
 	@ApiOperation(value = "search${deds.getLogicName()}${byParams}", tags = {"${itemCodeName}" } ,notes = "search${deds.getLogicName()}${byParams}")
    @RequestMapping(method= RequestMethod.POST , value="${fullPath}/search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<Page<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> search${itemCodeName}<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>${byParams}(<#if parentParams!="">${parentParams}, @RequestBody </#if>${deCodeName}SearchContext context) {
@@ -647,4 +653,10 @@ public class ${itemCodeName}Resource {

 }
 </#if>
-</#if>
\ No newline at end of file
+</#if>
+
+
+<#comment>输出实体资源鉴权注解[hasAnyAuthority]</#comment>
+<#macro outputHasAnyAuthorityAnnotation permissionTag>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${permissionTag}')")  test
+</#macro>
\ No newline at end of file