合并分支 'dev' 到 'master'

Dev

查看合并请求 !15

CHANGELOG.md

+# **iBiz4j Spring R7 Template ChangeLog**
+
+## [v2020.07.02]
+- 支持测试行为模式
+- 数据保存时增加版本检查
+- 调整Service扩展目录
+- 补充数据查询上下级权限控制
+- 关闭mybatis-plus分页数量大小限制
\ No newline at end of file

SLN/%PUBPRJ%-core/src/main/java/%SYS_PKGPATH%/core/%MOD_PKGPATH%/service/I%DE%Service.java.ftl

@@ -57,7 +57,6 @@ public interface I${item.codeName}Service extends IService<${item.codeName}>{
     List<${de.codeName}> get${deCodeNameCamel}ByIds(List<String> ids) ;
     List<${de.codeName}> get${deCodeNameCamel}ByEntities(List<${de.codeName}> entities) ;
     </#if>
-
 }
 <#comment>NoSQL存储-MongoDB</#comment>
 <#elseif de.getStorageMode()==2>
@@ -146,6 +145,7 @@ public interface I${item.codeName}Service{
                 <#else>
     ${item.codeName} ${srfmethodname(deaction.getCodeName())}(${item.codeName} et) ;
                 </#if>
+    <@outputTestActionDetail deaction />
             </#if>
         </#list>
     </#if>
@@ -196,4 +196,42 @@ public interface I${item.codeName}Service{
 	</#if>
 </#macro>
 
+<#comment>输出测试行为</#comment>
+<#macro outputTestActionDetail deaction>
+    <#if deaction.getTestActionMode?? && deaction.getTestActionMode()??  &&  (deaction.getTestActionMode() ==1 ||deaction.getTestActionMode() ==3) >
+        <#if (deaction.getActionType()=='USERCUSTOM')>
+    boolean test${srfmethodname(deaction.getCodeName())?cap_first}(${item.getCodeName()} et);
+        <#elseif deaction.getActionType()=='DELOGIC'>
+    boolean test${srfmethodname(deaction.getCodeName())?cap_first}(${item.getCodeName()} et);
+        <#elseif deaction.getCodeName()?lower_case == 'get'>
+    boolean testGet(${srfjavatype(keyfield.stdDataType)} key);
+        <#elseif deaction.getCodeName()?lower_case == "createbatch">
+        <#elseif deaction.getCodeName()?lower_case == "updatebatch">
+        <#elseif deaction.getCodeName()?lower_case == "removebatch">
+        <#elseif deaction.getCodeName()?lower_case == "savebatch">
+        <#elseif deaction.getCodeName()?lower_case == "create">
+    boolean testCreate(${item.getCodeName()} et);
+    boolean testCreateBatch(List<${item.getCodeName()}> list);
+        <#elseif deaction.getCodeName()?lower_case == "update">
+    boolean testUpdate(${item.getCodeName()} et);
+    boolean testUpdateBatch(List<${item.getCodeName()}> list);
+        <#elseif deaction.getCodeName()?lower_case == "save">
+    boolean testSave(${item.getCodeName()} et);
+    boolean testSaveOrUpdate(${item.getCodeName()} et);
+    boolean testSaveBatch(Collection<${item.getCodeName()}> list);
+    boolean testSaveBatch(List<${item.getCodeName()}> list);
+        <#elseif deaction.getCodeName()?lower_case == "remove">
+    boolean testRemove(${srfjavatype(keyfield.stdDataType)} key);
+    boolean testRemoveBatch(Collection<${srfjavatype(keyfield.stdDataType)}> idList);
+        <#elseif deaction.getCodeName()?lower_case == "getdraft">
+    boolean testGetDraft(${item.getCodeName()} et);
+
+        <#elseif deaction.getCodeName()?lower_case == "checkkey">
+    boolean testCheckKey(${item.getCodeName()} et);
+        <#else>
+    boolean test${srfmethodname(deaction.getCodeName())?cap_first}(${item.getCodeName()} et);
+        </#if>
+    </#if>
+</#macro>
+
 </#if>
\ No newline at end of file

SLN/%PUBPRJ%-core/src/main/java/%SYS_PKGPATH%/core/extensions.service/%DE%ServiceEx.java.ftl

@@ -6,54 +6,24 @@ TARGET=PSDATAENTITY
 <#if item.getAllPSDEActions()??>
     <#list item.getAllPSDEActions() as deaction>
         <#if deaction.isEnableBackend() && deaction.getActionType()=='USERCUSTOM'>
-        <#assign hasServiceEx=true>
-        <#break>
+            <#assign hasServiceEx=true>
+            <#break>
+        <#elseif deaction.isEnableBackend() && deaction.getTestActionMode?? && deaction.getTestActionMode()?? && (deaction.getTestActionMode() ==1 || deaction.getTestActionMode() ==3)>
+            <#assign hasServiceEx=true>
+            <#break>
         </#if>
     </#list>
 </#if>
 <#if hasServiceEx && (de.getStorageMode()==1 || de.getStorageMode()==2 ||de.getStorageMode()==4||de.getStorageMode()==0 ) >
 package ${pub.getPKGCodeName()}.core.extensions.service;
 
-import ${pub.getPKGCodeName()}.core.${item.getPSSystemModule().getCodeName()?lower_case}.service.impl.${item.codeName}ServiceImpl;
-import lombok.extern.slf4j.Slf4j;
-import ${pub.getPKGCodeName()}.core.${item.getPSSystemModule().getCodeName()?lower_case}.domain.${item.codeName};
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-import org.springframework.context.annotation.Primary;
-
 /**
- * 实体[${item.getLogicName()}] 自定义服务对象
+ * 扩展目录已变更，请到[${pub.getPKGCodeName()}.core.extensions.service.xxExService]中来进行扩展
+ * 若您之前有在当前目录下扩展过其它的service对象，请将扩展的代码移到新的扩展类中，并注释掉老的扩展类，防止Bean重复
  */
-@Slf4j
-@Primary
-@Service("${item.codeName}ServiceEx")
-public class ${item.codeName}ServiceEx extends ${item.codeName}ServiceImpl {
-
-    <#comment>SQL存储：解决mybatis继承service批操作报错</#comment>
-    <#if de.getStorageMode()==1>
-    @Override
-    protected Class currentModelClass() {
-        return com.baomidou.mybatisplus.core.toolkit.ReflectionKit.getSuperClassGenericType(this.getClass().getSuperclass(), 1);
-    }
-    </#if>
+@Deprecated
+public class ${item.codeName}ServiceEx{
 
-    <#comment>输出实体行为</#comment>
-    <#if item.getAllPSDEActions()??>
-        <#list item.getAllPSDEActions() as deaction>
-            <#if deaction.isEnableBackend() && deaction.getActionType()=='USERCUSTOM'>
-    /**
-     * 自定义行为[${deaction.getCodeName()}]用户扩展
-     * @param et
-     * @return
-     */
-    @Override
-    @Transactional
-    public ${item.getCodeName()} ${srfmethodname(deaction.getCodeName())}(${item.getCodeName()} et) {
-        return super.${srfmethodname(deaction.getCodeName())}(et);
-    }
-            </#if>
-        </#list>
-    </#if>
 }
 </#if>
 

SLN/%PUBPRJ%-core/src/main/java/%SYS_PKGPATH%/core/extensions/service/%DE%ExService.java.ftl

+<#ibiztemplate>
+TARGET=PSDATAENTITY
+</#ibiztemplate>
+<#comment>判断当前实体是否包含自定义行为</#comment>
+<#assign hasServiceEx=false>
+<#if item.getAllPSDEActions()??>
+    <#list item.getAllPSDEActions() as deaction>
+        <#if deaction.isEnableBackend() && deaction.getActionType()=='USERCUSTOM'>
+            <#assign hasServiceEx=true>
+            <#break>
+        <#elseif deaction.isEnableBackend() && deaction.getTestActionMode?? && deaction.getTestActionMode()?? && (deaction.getTestActionMode() ==1 || deaction.getTestActionMode() ==3)>
+            <#assign hasServiceEx=true>
+            <#break>
+        </#if>
+    </#list>
+</#if>
+<#if hasServiceEx && (de.getStorageMode()==1 || de.getStorageMode()==2 ||de.getStorageMode()==4||de.getStorageMode()==0 ) >
+package ${pub.getPKGCodeName()}.core.extensions.service;
+
+import ${pub.getPKGCodeName()}.core.${item.getPSSystemModule().getCodeName()?lower_case}.service.impl.${item.codeName}ServiceImpl;
+import lombok.extern.slf4j.Slf4j;
+import ${pub.getPKGCodeName()}.core.${item.getPSSystemModule().getCodeName()?lower_case}.domain.${item.codeName};
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.context.annotation.Primary;
+import java.util.*;
+
+/**
+ * 实体[${item.getLogicName()}] 自定义服务对象
+ */
+@Slf4j
+@Primary
+@Service("${item.codeName}ExService")
+public class ${item.codeName}ExService extends ${item.codeName}ServiceImpl {
+
+    <#assign keyfield=de.getKeyPSDEField()>
+
+    <#comment>SQL存储：解决mybatis继承service批操作报错</#comment>
+    <#if de.getStorageMode()==1>
+    @Override
+    protected Class currentModelClass() {
+        return com.baomidou.mybatisplus.core.toolkit.ReflectionKit.getSuperClassGenericType(this.getClass().getSuperclass(), 1);
+    }
+    </#if>
+
+    <#comment>输出实体行为</#comment>
+    <#if item.getAllPSDEActions()??>
+        <#list item.getAllPSDEActions() as deaction>
+            <#if deaction.isEnableBackend()>
+                <#if deaction.getActionType()=='USERCUSTOM'>
+    /**
+     * 自定义行为[${deaction.getCodeName()}]用户扩展
+     * @param et
+     * @return
+     */
+    @Override
+    @Transactional
+    public ${item.getCodeName()} ${srfmethodname(deaction.getCodeName())}(${item.getCodeName()} et) {
+        return super.${srfmethodname(deaction.getCodeName())}(et);
+    }
+                </#if>
+                <#comment>输出测试行为</#comment>
+                <@outputTestActionDetail deaction />
+            </#if>
+        </#list>
+    </#if>
+}
+</#if>
+
+<#comment>输出测试行为</#comment>
+<#macro outputTestActionDetail deaction>
+    <#if deaction.isEnableBackend() && deaction.getTestActionMode?? && deaction.getTestActionMode()??>
+        <#if deaction.getTestActionMode() ==1 || deaction.getTestActionMode() ==3>
+            <#if (deaction.getActionType()=='USERCUSTOM')>
+    @Override
+    public boolean test${srfmethodname(deaction.getCodeName())?cap_first}(${item.getCodeName()} et) {
+        return super.test${srfmethodname(deaction.getCodeName())?cap_first}(et);
+    }
+
+            <#elseif deaction.getActionType()=='DELOGIC'>
+    @Override
+    public boolean test${srfmethodname(deaction.getCodeName())?cap_first}(${item.getCodeName()} et) {
+         return super.test${srfmethodname(deaction.getCodeName())?cap_first}(et);
+    }
+
+            <#elseif deaction.getCodeName()?lower_case == 'get'>
+    @Override
+    public boolean testGet(${srfjavatype(keyfield.stdDataType)} key) {
+        return super.testGet(key);
+    }
+
+            <#elseif deaction.getCodeName()?lower_case == "createbatch">
+            <#elseif deaction.getCodeName()?lower_case == "updatebatch">
+            <#elseif deaction.getCodeName()?lower_case == "removebatch">
+            <#elseif deaction.getCodeName()?lower_case == "savebatch">
+            <#elseif deaction.getCodeName()?lower_case == "create">
+    @Override
+    public boolean testCreate(${item.getCodeName()} et) {
+        return super.testCreate(et);
+    }
+
+    @Override
+    public boolean testCreateBatch(List<${item.getCodeName()}> list) {
+        return super.testCreateBatch(list);
+    }
+
+            <#elseif deaction.getCodeName()?lower_case == "update">
+    @Override
+    public boolean testUpdate(${item.getCodeName()} et) {
+         return super.testUpdate(et);
+    }
+
+    @Override
+    public boolean testUpdateBatch(List<${item.getCodeName()}> list) {
+        return super.testUpdateBatch(list);
+    }
+
+            <#elseif deaction.getCodeName()?lower_case == "save">
+    @Override
+    public boolean testSave(${item.getCodeName()} et) {
+        return super.testSave(et);
+    }
+
+    @Override
+    public boolean testSaveOrUpdate(${item.getCodeName()} et) {
+        return super.testSaveOrUpdate(et);
+    }
+
+    @Override
+    public boolean testSaveBatch(Collection<${item.getCodeName()}> list) {
+        return super.testSaveBatch(list);
+    }
+
+    @Override
+    public boolean testSaveBatch(List<${item.getCodeName()}> list) {
+        return super.testSaveBatch(list);
+    }
+
+            <#elseif deaction.getCodeName()?lower_case == "remove">
+    @Override
+    public boolean testRemove(${srfjavatype(keyfield.stdDataType)} key) {
+        return super.testRemove(key);
+    }
+
+    @Override
+    public boolean testRemoveBatch(Collection<${srfjavatype(keyfield.stdDataType)}> idList) {
+        return super.testRemoveBatch(idList);
+    }
+
+            <#elseif deaction.getCodeName()?lower_case == "getdraft">
+    @Override
+    public boolean testGetDraft(${item.getCodeName()} et) {
+        return super.testGetDraft(et);
+    }
+
+            <#elseif deaction.getCodeName()?lower_case == "checkkey">
+    @Override
+    public boolean testCheckKey(${item.getCodeName()} et) {
+        return super.testCheckKey(et);
+    }
+
+            <#else>
+    @Override
+    public boolean test${srfmethodname(deaction.getCodeName())?cap_first}(${item.getCodeName()} et) {
+        return super.test${srfmethodname(deaction.getCodeName())?cap_first}(et);
+    }
+
+            </#if>
+        </#if>
+    </#if>
+</#macro>
+
+

SLN/%PUBPRJ%-core/src/main/java/%SYS_PKGPATH%/core/util/config/MybatisConfiguration.java.ftl

@@ -9,6 +9,7 @@ import ${pub.getPKGCodeName()}.util.helper.UniqueNameGenerator;
 import com.baomidou.mybatisplus.core.injector.ISqlInjector;
 <#--import com.baomidou.mybatisplus.extension.injector.LogicSqlInjector;-->
 import com.baomidou.mybatisplus.extension.plugins.PaginationInterceptor;
+import com.baomidou.mybatisplus.extension.plugins.pagination.optimize.JsqlParserCountOptimize;
 import org.apache.ibatis.mapping.DatabaseIdProvider;
 import org.apache.ibatis.mapping.VendorDatabaseIdProvider;
 import org.springframework.context.annotation.Bean;
@@ -46,7 +47,14 @@ public class MybatisConfiguration {
      */
     @Bean
     public PaginationInterceptor paginationInterceptor() {
-        return new PaginationInterceptor();
+        PaginationInterceptor paginationInterceptor = new PaginationInterceptor();
+        // 设置请求的页面大于最大页后操作， true调回到首页，false 继续请求  默认false
+        // paginationInterceptor.setOverflow(false);
+        // 设置最大单页限制数量，默认 500 条，-1 不受限制
+        paginationInterceptor.setLimit(-1);
+        // 开启 count 的 join 优化,只针对部分 left join
+        paginationInterceptor.setCountSqlParser(new JsqlParserCountOptimize(true));
+        return paginationInterceptor;
     }
 
     <#--/**-->

SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/docker/%PUBPRJ%-provider-%SYSAPI_PKGPATH%.yaml.ftl

@@ -27,9 +27,9 @@ TARGET=PSSYSSERVICEAPI
             <#assign redisHost = depSysApiPlatform.getUserParam("spring.redis.host","")>
         </#if>
         <#if depSysApi.getUserParam("spring.redis.port","")?? && depSysApi.getUserParam("spring.redis.port","")!="">
-            <#assign redisPort = depSysApi.getUserParam("")>
+            <#assign redisPort = depSysApi.getUserParam("spring.redis.port")>
         <#elseif depSysApiPlatform.getUserParam("spring.redis.port","")?? && depSysApiPlatform.getUserParam("spring.redis.port","")!="">
-            <#assign redisPort = depSysApiPlatform.getUserParam("")>
+            <#assign redisPort = depSysApiPlatform.getUserParam("spring.redis.port")>
         </#if>
         <#if depSysApi.getUserParam("spring.redis.database","")?? && depSysApi.getUserParam("spring.redis.database","")!="">
             <#assign redisDataBase = depSysApi.getUserParam("spring.redis.database","")>

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/annotation/VersionCheck.java.ftl

+<#ibiztemplate>
+TARGET=PSSYSTEM
+</#ibiztemplate>
+package ${pub.getPKGCodeName()}.util.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ ElementType.METHOD})
+public @interface VersionCheck
+{
+	String entity();
+	String versionfield();
+}
+

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/aspect/DEFieldDefaultValueAspect.java.ftl

@@ -26,7 +26,7 @@ import java.util.Map;
  * 实体属性默认值切面，只有新建（Create）时才会填充默认值
  */
 @Aspect
-@Order(0)
+@Order(50)
 @Component
 public class DEFieldDefaultValueAspect
 {

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/aspect/VersionCheckAspect.java.ftl

+<#ibiztemplate>
+TARGET=PSSYSTEM
+</#ibiztemplate>
+package ${pub.getPKGCodeName()}.util.aspect;
+
+import lombok.SneakyThrows;
+import ${pub.getPKGCodeName()}.util.annotation.VersionCheck;
+import ${pub.getPKGCodeName()}.util.domain.EntityBase;
+import ${pub.getPKGCodeName()}.util.errors.BadRequestAlertException;
+import ${pub.getPKGCodeName()}.util.helper.RuleUtils;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.core.annotation.Order;
+import org.springframework.expression.EvaluationContext;
+import org.springframework.expression.Expression;
+import org.springframework.expression.ExpressionParser;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
+import org.springframework.expression.spel.support.StandardEvaluationContext;
+import org.springframework.stereotype.Component;
+import org.springframework.util.ObjectUtils;
+import org.springframework.util.StringUtils;
+import java.lang.reflect.Field;
+
+/**
+ * 数据库版本检查
+ */
+@Aspect
+@Order(50)
+@Component
+public class VersionCheckAspect
+{
+    private final ExpressionParser parser = new SpelExpressionParser();
+
+    @SneakyThrows
+    @Before("execution(* ${pub.getPKGCodeName()}.*.rest.*.update(..)) &&  @annotation(versionCheck)")
+    public void BeforeUpdate(JoinPoint point, VersionCheck versionCheck){
+        Object[] args = point.getArgs();
+        Object id=args[0];
+        Object dto=args[1];
+        if(ObjectUtils.isEmpty(id) || ObjectUtils.isEmpty(dto))
+            return;
+        String versionField=versionCheck.versionfield();
+        if(StringUtils.isEmpty(versionField))
+            return;
+        versionCheck(versionCheck,point.getTarget(),dto,id);
+    }
+
+    @SneakyThrows
+    @Before("execution(* ${pub.getPKGCodeName()}.*.rest.*.updateBy*(..)) &&  @annotation(versionCheck)")
+    public void BeforeUpdateBy(JoinPoint point, VersionCheck versionCheck){
+        Object[] args = point.getArgs();
+        Object id=args[1];
+        Object dto=args[2];
+        if(ObjectUtils.isEmpty(id) || ObjectUtils.isEmpty(dto))
+            return;
+        String versionField=versionCheck.versionfield();
+        if(StringUtils.isEmpty(versionField))
+            return;
+        versionCheck(versionCheck,point.getTarget(),dto,id);
+    }
+
+    private void versionCheck(VersionCheck versionCheck,Object resource,Object dto,Object id ){
+        EvaluationContext context = new StandardEvaluationContext();
+        context.setVariable("dto",dto);
+        Expression newExp = parser.parseExpression(String.format("#dto.%s",versionCheck.versionfield()));
+        Object newVersion=newExp.getValue(context);
+        if(ObjectUtils.isEmpty(newVersion))
+            return;
+        //进行版本检查
+        Object oldVersion =getDBVersion(versionCheck,getService(resource,versionCheck.entity()),id);
+        if(!ObjectUtils.isEmpty(oldVersion)){
+            if(RuleUtils.gt(newVersion,oldVersion))
+                throw new BadRequestAlertException("数据已变更，可能后台数据已被修改，请重新加载数据","VersionCheckAspect","versionCheck");
+        }
+    }
+
+    /**
+     * 获取实体服务对象
+     * @param resource
+     * @param entity
+     * @return
+     */
+    @SneakyThrows
+    private Object getService(Object resource,String entity){
+        Object service = null;
+        Field[] fields= resource.getClass().getDeclaredFields();
+        for(Field field : fields){
+            if(field.getModifiers()==1 && field.getName().equalsIgnoreCase(String.format("%sService",entity))){
+                service=field.get(resource);
+                break;
+            }
+        }
+        return service;
+    }
+
+    /**
+     * 获取数据库版本
+     * @param versionCheck
+     * @param service
+     * @param id
+     * @return
+     */
+    @SneakyThrows
+    private Object getDBVersion(VersionCheck versionCheck,Object service,Object id){
+        Object dbVersion=null;
+        String versionField=versionCheck.versionfield();
+        if(!ObjectUtils.isEmpty(service)){
+            EvaluationContext oldContext = new StandardEvaluationContext();
+            oldContext.setVariable("service",service);
+            oldContext.setVariable("id",id);
+            Expression oldExp = parser.parseExpression("#service.get(#id)");
+            EntityBase oldEntity =oldExp.getValue(oldContext, EntityBase.class);
+            return oldEntity.get(versionField);
+        }
+        return dbVersion;
+    }
+}

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/cache/cache/LayeringCache.java.ftl

@@ -97,8 +97,10 @@ public class LayeringCache extends AbstractValueAdaptingCache {
 
     @Override
     public void put(Object key, Object value) {
-        caffeineCache.put(key, value);
-        redisCache.put(key, value);
+        if(value!=null) {
+            caffeineCache.put(key, value);
+            redisCache.put(key, value);
+        }
     }
 
     @Override

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/helper/DEFieldCacheMap.java.ftl

@@ -95,7 +95,7 @@ public class DEFieldCacheMap {
 		if(cacheDEField.containsKey(className))
 			return cacheDEField.get(className);
 		else{
-			DEFieldCacheMap.getFieldMap(clazz);
+			DEFieldCacheMap.getFieldMap(className);
 			return cacheDEField.get(className);
 		}
 	}
@@ -112,7 +112,7 @@ public class DEFieldCacheMap {
 		if(cacheDEKeyField.containsKey(className))
 			return cacheDEKeyField.get(className);
 		else{
-			DEFieldCacheMap.getFieldMap(clazz);
+			DEFieldCacheMap.getFieldMap(className);
 			return cacheDEKeyField.get(className);
 		}
 	}
@@ -130,7 +130,7 @@ public class DEFieldCacheMap {
 		if(cacheList.containsKey(className))
 			return cacheList.get(className);
 		else{
-			DEFieldCacheMap.getFieldMap(clazz);
+			DEFieldCacheMap.getFieldMap(className);
 			return cacheList.get(className);
 		}
 	}
@@ -158,7 +158,7 @@ public class DEFieldCacheMap {
 		if(cacheKey.containsKey(className))
 			return cacheKey.get(className);
 		else{
-			DEFieldCacheMap.getFieldMap(clazz);
+			DEFieldCacheMap.getFieldMap(className);
 			return cacheKey.get(className);
 		}
 	}

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/rest/AppController.java.ftl

@@ -58,6 +58,10 @@ public class AppController {
 		appData.put("unires",uniRes);
     	appData.put("appmenu",appMenu);
 		appData.put("enablepermissionvalid",enablePermissionValid);
+		if(curUser.getSuperuser()==1)
+			appData.put("enablepermissionvalid",false);
+		else
+			appData.put("enablepermissionvalid",enablePermissionValid);
 		return ResponseEntity.status(HttpStatus.OK).body(appData);
 	}
 

SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthPermissionEvaluator.java.ftl

@@ -3,9 +3,12 @@ TARGET=PSSYSTEM
 </#ibiztemplate>
 package ${pub.getPKGCodeName()}.util.security;
 
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import lombok.SneakyThrows;
 import ${pub.getPKGCodeName()}.util.annotation.DEField;
 import ${pub.getPKGCodeName()}.util.domain.EntityBase;
 import ${pub.getPKGCodeName()}.util.enums.DEPredefinedFieldType;
+import ${pub.getPKGCodeName()}.util.filter.QueryWrapperContext;
 import ${pub.getPKGCodeName()}.util.helper.DEFieldCacheMap;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.access.PermissionEvaluator;
@@ -14,7 +17,10 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
 import java.io.Serializable;
+import java.lang.reflect.ParameterizedType;
+import java.lang.reflect.Type;
 import java.util.*;
+import java.util.function.Consumer;
 
 /**
  * spring security 权限管理类
@@ -26,44 +32,144 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     @Value("${r'${ibiz.enablePermissionValid:false}'}")
     boolean enablePermissionValid;  //是否开启权限校验
     /**
-     * 实体行为鉴权
-     * @param authentication
-     * @param entity
-     * @param action
+     * 服务接口鉴权
+     * @param authentication 用户
+     * @param entity 实体
+     * @param action 操作
      * @return
      */
     @Override
+    @SneakyThrows
     public boolean hasPermission(Authentication authentication, Object entity, Object action) {
-
-        //未开启权限校验、超级管理员则不进行权限检查
-        if(AuthenticationUser.getAuthenticationUser().getSuperuser()==1  || !enablePermissionValid)
+        if(!enablePermissionValid)
+            return true;
+        Object principal = authentication.getPrincipal();
+        if(ObjectUtils.isEmpty(principal))
+            return false;
+        AuthenticationUser authenticationUser= (AuthenticationUser) authentication.getPrincipal();
+        if(authenticationUser.getSuperuser()==1)
             return true;
-
         String strAction=String.valueOf(action);
         Set<String> userAuthorities = getAuthorities(authentication,strAction);
         if(userAuthorities.size()==0)
             return false;
-
-        //拥有全部数据访问权限时，则跳过权限检查
         if(isAllData(strAction,userAuthorities)){
             return true;
         }
         if(entity instanceof  ArrayList){
             List<EntityBase> entities= (List<EntityBase>) entity;
             for(EntityBase entityBase: entities){
-                boolean result=actionValid(entityBase, strAction ,userAuthorities);
+                boolean result=actionValid(entityBase, strAction ,userAuthorities,authenticationUser);
                 if(!result){
                     return false;
                 }
             }
         }
+        else if (entity instanceof QueryWrapperContext){
+            QueryWrapperContext queryWrapperContext= (QueryWrapperContext) entity;
+            setPermissionCondToSearchContext(getEntity(queryWrapperContext),queryWrapperContext,userAuthorities,authenticationUser);
+        }
         else{
             EntityBase entityBase= (EntityBase) entity;
-            return actionValid(entityBase , strAction ,userAuthorities);
+            return actionValid(entityBase , strAction ,userAuthorities,authenticationUser);
         }
         return true;
     }
 
+    /**
+     * 获取实体信息
+     * @param qc
+     * @return
+     */
+    @SneakyThrows
+    private EntityBase getEntity(QueryWrapperContext qc){
+        EntityBase entity=null;
+        Type type =qc.getClass().getGenericSuperclass();
+        if(type instanceof ParameterizedType){
+            ParameterizedType parameterizedType= (ParameterizedType) qc.getClass().getGenericSuperclass();
+            Type [] typeArr= parameterizedType.getActualTypeArguments();
+            if(typeArr.length>0){
+                Class<EntityBase> entityClass = (Class) typeArr[0];
+                return entityClass.newInstance();
+            }
+        }
+        return entity;
+    }
+
+    /**
+     * 在searchContext中拼接权限条件
+     * @param entity 实体
+     * @param qc 查询上下文
+     * @param userAuthorities 用户权限
+     * @param authenticationUser 当前用户
+     */
+    @SneakyThrows
+    private void setPermissionCondToSearchContext(EntityBase entity, QueryWrapperContext qc , Set<String> userAuthorities ,AuthenticationUser authenticationUser){
+        if(entity==null)
+            return ;
+        Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
+        String orgField=permissionField.get("orgfield");
+        String orgDeptField=permissionField.get("orgsecfield");
+        String createManField=permissionField.get("createmanfield");
+        Map<String, Set<String>> userInfo = authenticationUser.getOrgInfo();
+        Set<String> orgParent = userInfo.get("parentorg");
+        Set<String> orgChild = userInfo.get("suborg");
+        Set<String> orgDeptParent = userInfo.get("parentdept");
+        Set<String> orgDeptChild = userInfo.get("subdept");
+
+        Set<String> userOrg = new HashSet<>();
+        Set<String> userOrgDept = new HashSet<>();
+        Set<String> userCreateMan = new HashSet<>();
+        for(String authority:userAuthorities){
+            if(authority.endsWith("curorg")){   //本单位
+                userOrg.add(authenticationUser.getOrgid());
+            }
+            else if(authority.endsWith("porg")){//上级单位
+                userOrg.addAll(orgParent);
+            }
+            else if(authority.endsWith("sorg")){//下级单位
+                userOrg.addAll(orgChild);
+            }
+            else if(authority.endsWith("curorgdept")){//本部门
+                userOrgDept.add(authenticationUser.getMdeptid());
+            }
+            else if(authority.endsWith("porgdept")){//上级部门
+                userOrgDept.addAll(orgDeptParent);
+            }
+            else if(authority.endsWith("sorgdept")){//下级部门
+                userOrgDept.addAll(orgDeptChild);
+            }
+            else if (authority.endsWith("createman")){
+                userCreateMan.add(authority);
+            }
+        }
+        if(userOrg.size()==0 && userOrgDept.size()==0 && userCreateMan.size()==0){
+            qc.getSelectCond().apply("1<>1");
+        }
+        else{
+            Consumer<QueryWrapper> consumer = qw -> {
+                if(userOrg.size()>0){
+                    Consumer<QueryWrapper> org = orgQw -> {
+                        orgQw.in(orgField,userOrg);
+                    };
+                    qw.or(org);
+                }
+                if(userOrgDept.size()>0){
+                    Consumer<QueryWrapper> dept = deptQw -> {
+                        deptQw.in(orgDeptField,userOrgDept);
+                    };
+                    qw.or(dept);
+                }
+                if(userCreateMan.size()>0){
+                    Consumer<QueryWrapper> createMan = createManQw -> {
+                        createManQw.eq(createManField,authenticationUser.getUserid());
+                    };
+                    qw.or(createMan);
+                }
+            };
+            qc.getSelectCond().and(consumer);
+        }
+    }
 
     @Override
     public boolean hasPermission(Authentication authentication, Serializable id, String action, Object params) {
@@ -109,13 +215,12 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
      * @param userAuthorities
      * @return
      */
-    private boolean actionValid(EntityBase entity, String action , Set<String> userAuthorities){
+    private boolean actionValid(EntityBase entity, String action , Set<String> userAuthorities ,AuthenticationUser authenticationUser){
 
         Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
         String orgField=permissionField.get("orgfield");
         String orgDeptField=permissionField.get("orgsecfield");
         String createManField=permissionField.get("createmanfield");
-        AuthenticationUser authenticationUser = AuthenticationUser.getAuthenticationUser();
         Map<String, Set<String>> userInfo = authenticationUser.getOrgInfo();
         Set<String> orgParent = userInfo.get("parentorg");
         Set<String> orgChild = userInfo.get("suborg");