Skip to content

iBiz4j Spring R7
iBiz4j Spring R7
提交 5b286bc3 编写于 作者: zhouweidong's avatar zhouweidong
浏览文件
操作

简化权限校验

上级 fe1290d6
隐藏空白字符变更
内嵌 并排
正在显示 包含 66 行增加77 行删除
SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
浏览文件 @ 5b286bc3
......@@ -141,11 +141,7 @@ public class ${itemCodeName}Resource {
<#assign deactionName = deaction.getName()>
<#assign deactionCodeName = deaction.getCodeName()>
<#if deaction.codeName?lower_case == 'create'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
<@outputHasPermissionAnnotation 'this.${itemCodeNameLC}Mapping.toDomain(#${itemCodeNameLC}dto)' '${sys.codeName}-${de.codeName}-${deaction.codeName}' />
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -156,7 +152,7 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "createBatch", tags = {"${itemCodeName}" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}/batch")
public ResponseEntity<Boolean> createBatch(${etParamsList}) {
......@@ -165,11 +161,7 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'update'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
<@outputHasPermissionAnnotation 'this.${deCodeNameLC}Service.get(#${itemCodeNameLC + keyCNLC})' '${sys.codeName}-${de.codeName}-${deaction.codeName}' />
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -181,7 +173,7 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "UpdateBatch", tags = {"${itemCodeName}" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/batch")
public ResponseEntity<Boolean> updateBatch(${etParamsList}) {
......@@ -190,18 +182,14 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'save'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
//@PreAuthorize("hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
public ResponseEntity<Boolean> save(${etParams}) {
return ResponseEntity.status(HttpStatus.OK).body(${deCodeNameLC}Service.save(${itemCodeNameLC}Mapping.toDomain(${itemCodeNameLC}dto)));
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "SaveBatch", tags = {"${itemCodeName}" }, notes = "SaveBatch")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}/savebatch")
public ResponseEntity<Boolean> saveBatch(${etParamsList}) {
......@@ -210,11 +198,7 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'remove'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
<@outputHasPermissionAnnotation 'this.${deCodeNameLC}Service.get(#${itemCodeNameLC + keyCNLC})' '${sys.codeName}-${de.codeName}-${deaction.codeName}' />
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -222,7 +206,7 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(${deCodeNameLC}Service.remove(${itemCodeNameLC + keyCNLC}));
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "RemoveBatch", tags = {"${itemCodeName}" }, notes = "RemoveBatch")
@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/batch")
public ResponseEntity<Boolean> removeBatch(@RequestBody List<${srfjavatype(de.getKeyPSDEField().getStdDataType())}> ids) {
......@@ -231,11 +215,7 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'get'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PostAuthorize("hasPermission(this.${itemCodeNameLC}Mapping.toDomain(returnObject.body),'${sys.codeName}-${de.codeName}-${deaction.codeName}')")
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
public ResponseEntity<${itemCodeName}DTO> get(${idParams}) {
......@@ -264,7 +244,7 @@ public class ${itemCodeName}Resource {
<#elseif deaction.codeName?lower_case == 'savebatch'>
<#elseif deaction.getUserTag()?? && deaction.getActionType()?? && deaction.getUserTag() == 'REGIST' && deaction.getActionType() == 'USERCREATE'>
<#else>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}/${deactionCodeName?lower_case}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -279,7 +259,7 @@ public class ${itemCodeName}Resource {
</#if>
<#elseif apiMethod.getActionType()=='FETCH'>
<#assign deds = apiMethod.getPSDEDataSet()>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
<@SecurityAnnotation deds/>
@ApiOperation(value = "fetch${deds.getLogicName()}", tags = {"${itemCodeName}" } ,notes = "fetch${deds.getLogicName()}")
@RequestMapping(method= RequestMethod.${reqMtd} , value="${fullPath}/fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
public ResponseEntity<List<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>(${deCodeName}SearchContext context) {
......@@ -302,7 +282,7 @@ public class ${itemCodeName}Resource {
</#if>
}
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
<@SecurityAnnotation deds/>
@ApiOperation(value = "search${deds.getLogicName()}", tags = {"${itemCodeName}" } ,notes = "search${deds.getLogicName()}")
@RequestMapping(method= RequestMethod.POST , value="${fullPath}/search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
public ResponseEntity<Page<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>(@RequestBody ${deCodeName}SearchContext context) {
......@@ -405,11 +385,7 @@ public class ${itemCodeName}Resource {
<#assign deactionName = deaction.getName()>
<#assign deactionCodeName = deaction.getCodeName()>
<#if deaction.codeName?lower_case == 'create'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
//@PreAuthorize("hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -421,7 +397,7 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "createBatch${byParams}", tags = {"${itemCodeName}" }, notes = "createBatch${byParams}")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}/batch")
public ResponseEntity<Boolean> createBatch${byParams}(${etParamsList}) {
......@@ -434,11 +410,7 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'update'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
//@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -490,7 +462,7 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(dto);
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "UpdateBatch${byParams}", tags = {"${itemCodeName}" }, notes = "UpdateBatch${byParams}")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/batch")
public ResponseEntity<Boolean> updateBatch${byParams}(${etParamsList}) {
......@@ -503,11 +475,7 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'remove'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
//@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -515,7 +483,7 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(${deCodeNameLC}Service.remove(${itemCodeNameLC + keyCNLC}));
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "RemoveBatch${byParams}", tags = {"${itemCodeName}" }, notes = "RemoveBatch${byParams}")
@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/batch")
public ResponseEntity<Boolean> removeBatch${byParams}(@RequestBody List<${srfjavatype(de.getKeyPSDEField().getStdDataType())}> ids) {
......@@ -524,11 +492,7 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'save'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
//@PreAuthorize("hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
public ResponseEntity<Boolean> ${deactionCodeName?uncap_first}${byParams}(${etParams}) {
......@@ -537,7 +501,7 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(${deCodeNameLC}Service.save(domain));
}
<@outputBatchPermissionAnnotation deaction.codeName deStorageMode/>
<@SecurityBatchAnnotation deaction/>
@ApiOperation(value = "SaveBatch${byParams}", tags = {"${itemCodeName}" }, notes = "SaveBatch${byParams}")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}/savebatch")
public ResponseEntity<Boolean> saveBatch${byParams}(${etParamsList}) {
......@@ -550,11 +514,7 @@ public class ${itemCodeName}Resource {
}
<#elseif deaction.codeName?lower_case == 'get'>
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
//@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
</#if>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
public ResponseEntity<${itemCodeName}DTO> ${deactionCodeName?uncap_first}${byParams}(${idParams}) {
......@@ -585,7 +545,7 @@ public class ${itemCodeName}Resource {
<#elseif deaction.codeName?lower_case == 'savebatch'>
<#elseif deaction.getUserTag()?? && deaction.getActionType()?? && deaction.getUserTag() == 'REGIST' && deaction.getActionType() == 'USERCREATE'>
<#else>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<@SecurityAnnotation deaction/>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}/${deactionCodeName?lower_case}")
<#if de.getStorageMode()==4><#else> @Transactional</#if>
......@@ -600,7 +560,7 @@ public class ${itemCodeName}Resource {
</#if>
<#elseif apiMethod.getActionType()=='FETCH'>
<#assign deds = apiMethod.getPSDEDataSet()>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
<@SecurityAnnotation deds/>
@ApiOperation(value = "fetch${deds.getLogicName()}${byParams}", tags = {"${itemCodeName}" } ,notes = "fetch${deds.getLogicName()}${byParams}")
@RequestMapping(method= RequestMethod.${reqMtd} , value="${fullPath}/fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
public ResponseEntity<List<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> fetch${itemCodeName}<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>${byParams}(<#if parentParams!="">${parentParams},</#if>${deCodeName}SearchContext context) {
......@@ -623,7 +583,7 @@ public class ${itemCodeName}Resource {
</#if>
}
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deds.codeName}-all'/>
<@SecurityAnnotation deds/>
@ApiOperation(value = "search${deds.getLogicName()}${byParams}", tags = {"${itemCodeName}" } ,notes = "search${deds.getLogicName()}${byParams}")
@RequestMapping(method= RequestMethod.POST , value="${fullPath}/search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
public ResponseEntity<Page<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> search${itemCodeName}<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>${byParams}(<#if parentParams!="">${parentParams}, @RequestBody </#if>${deCodeName}SearchContext context) {
......@@ -648,21 +608,50 @@ public class ${itemCodeName}Resource {
}
</#if>
</#if>
<#comment>输出实体资源鉴权注解[hasAnyAuthority]</#comment>
<#macro outputHasAnyAuthorityAnnotation permissionTag>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${permissionTag}')")
</#macro>
<#comment>输出实体资源鉴权注解[hasAnyAuthority]</#comment>
<#macro outputHasPermissionAnnotation param1 param2>
@PreAuthorize("hasPermission(${param1},'${param2}')")
<#--<#comment>输出实体资源鉴权注解[hasAnyAuthority]</#comment>-->
<#--<#macro outputHasAnyAuthorityAnnotation permissionTag>-->
<#--@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${permissionTag}')")-->
<#--</#macro>-->
<#--<#comment>输出实体资源鉴权注解[hasAnyAuthority]</#comment>-->
<#--<#macro outputHasPermissionAnnotation param1 param2>-->
<#--@PreAuthorize("hasPermission(${param1},'${param2}')")-->
<#--</#macro>-->
<#--<#comment>输出实体批处理权限注解[hasAnyAuthority]</#comment>-->
<#--<#macro outputBatchPermissionAnnotation deAction >-->
<#--<#if deAction=='Remove'>-->
<#--//-->
<#--<#else>-->
<#--//@PreAuthorize("hasPermission(this.${itemCodeNameLC}Mapping.toDomain(#${itemCodeNameLC}dtos),'${sys.codeName}-${de.codeName}-${deAction.codeName}')")-->
<#--</#if>-->
<#--</#macro>-->
<#macro SecurityAnnotation deaction>
<#if noDEPrefield>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
<#else>
<#if deaction.codeName?lower_case=='create' || deaction.codeName?lower_case=='save'>
@PreAuthorize("hasPermission(this.${itemCodeNameLC}Mapping.toDomain(#${itemCodeNameLC}dto),'${sys.codeName}-${de.codeName}-${deaction.codeName}')")
<#elseif deaction.codeName?lower_case=='update' || deaction.codeName?lower_case=='remove'>
@PreAuthorize("hasPermission(this.${deCodeNameLC}Service.get(#${itemCodeNameLC + keyCNLC}),'${sys.codeName}-${de.codeName}-${deaction.codeName}')")
<#elseif deaction.codeName?lower_case=='get'>
@PostAuthorize("hasPermission(this.${itemCodeNameLC}Mapping.toDomain(returnObject.body),'${sys.codeName}-${de.codeName}-${deaction.codeName}')")
<#else>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
</#if>
</#if>
</#macro>
<#comment>输出实体批处理权限注解[hasAnyAuthority]</#comment>
<#macro outputBatchPermissionAnnotation deAction deStorageMode>
<#if deAction=='Remove'>
//@PreAuthorize("hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO,#ids})")
<#macro SecurityBatchAnnotation deaction>
<#if deaction.codeName?lower_case=='Remove'>
//
<#else>
//@PreAuthorize("hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dtos})")
//@PreAuthorize("hasPermission(this.${itemCodeNameLC}Mapping.toDomain(#${itemCodeNameLC}dtos),'${sys.codeName}-${de.codeName}-${deaction.codeName}')")
</#if>
</#macro>
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册