嵌套权限处理

51b5bcb8 · zhouweidong · 86b9cd3c · 51b5bcb8
--- a/SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
+++ b/SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
@@ -413,6 +413,11 @@ public class ${itemCodeName}Resource {
                <#assign deactionName = deaction.getName()>
                <#assign deactionCodeName = deaction.getCodeName()>
                <#if deaction.codeName?lower_case == 'create'>
+                    <#if noDEPrefield>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
+                    <#else>
+    //@PreAuthorize("hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}${byParams}")
 	@RequestMapping(method = RequestMethod.POST, value = "${fullPath}")
 <#if de.getStorageMode()==4><#else>    @Transactional</#if>
@@ -436,6 +441,11 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'update'>
+                    <#if noDEPrefield>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
+                    <#else>
+    //@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}${byParams}")
 	@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
 <#if de.getStorageMode()==4><#else>    @Transactional</#if>
@@ -499,6 +509,11 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'remove'>
+                    <#if noDEPrefield>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
+                    <#else>
+    //@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}${byParams}")
 	@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
 <#if de.getStorageMode()==4><#else>    @Transactional</#if>
@@ -534,6 +549,11 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'get'>
+                    <#if noDEPrefield>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
+                    <#else>
+    //@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}${byParams}")
 	@RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
    public ResponseEntity<${itemCodeName}DTO> ${deactionCodeName?uncap_first}${byParams}(${idParams}) {
@@ -578,6 +598,7 @@ public class ${itemCodeName}Resource {
               </#if>
            <#elseif apiMethod.getActionType()=='FETCH'>
                <#assign deds = apiMethod.getPSDEDataSet()>
+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deds.codeName}-all')")
 	@ApiOperation(value = "fetch${deds.getLogicName()}${byParams}", tags = {"${itemCodeName}" } ,notes = "fetch${deds.getLogicName()}${byParams}")
    @RequestMapping(method= RequestMethod.${reqMtd} , value="${fullPath}/fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<List<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> fetch${itemCodeName}<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>${byParams}(<#if parentParams!="">${parentParams},</#if>${deCodeName}SearchContext context) {
@@ -600,6 +621,7 @@ public class ${itemCodeName}Resource {
        </#if>
 	}

+    //@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deds.codeName}-all')")
 	@ApiOperation(value = "search${deds.getLogicName()}${byParams}", tags = {"${itemCodeName}" } ,notes = "search${deds.getLogicName()}${byParams}")
    @RequestMapping(method= RequestMethod.POST , value="${fullPath}/search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<Page<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> search${itemCodeName}<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>${byParams}(<#if parentParams!="">${parentParams}, @RequestBody </#if>${deCodeName}SearchContext context) {