Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
iBiz4j Spring R7
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
iBiz-R7后台标准模板
iBiz4j Spring R7
提交
9e2009a8
提交
9e2009a8
编写于
5月 26, 2020
作者:
zhouweidong
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
简化权限校验
上级
72721eca
变更
2
展开全部
隐藏空白字符变更
内嵌
并排
正在显示
2 个修改的文件
包含
43 行增加
和
508 行删除
+43
-508
%ITEM%Resource.java.ftl
...YS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
+18
-12
AuthPermissionEvaluator.java.ftl
...S_PKGPATH%/util/security/AuthPermissionEvaluator.java.ftl
+25
-496
未找到文件。
SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
浏览文件 @
9e2009a8
...
...
@@ -46,6 +46,7 @@ import org.springframework.data.domain.Pageable;
import
org
.
springframework
.
util
.
StringUtils
;
import
org
.
springframework
.
context
.
annotation
.
Lazy
;
import
org
.
springframework
.
security
.
access
.
prepost
.
PreAuthorize
;
import
org
.
springframework
.
security
.
access
.
prepost
.
PostAuthorize
;
import
io
.
swagger
.
annotations
.
Api
;
import
io
.
swagger
.
annotations
.
ApiOperation
;
import
io
.
swagger
.
annotations
.
ApiResponse
;
...
...
@@ -145,7 +146,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
<@
outputHasPermissionAnnotation
'this.${itemCodeNameLC}Mapping.toDomain(#${itemCodeNameLC}dtos)'
'${sys.codeName}-${de.codeName}-${deaction.codeName}'
/>
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}"
)
@
RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"${fullPath}"
)
...
...
@@ -169,7 +170,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
<@
outputHasPermissionAnnotation
'this.${deCodeNameLC}Service.get(#${itemCodeNameLC + keyCNLC})'
'${sys.codeName}-${de.codeName}-${deaction.codeName}'
/>
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}"
)
@
RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"${fullPath}/{${itemCodeNameLC + keyCNLC}}"
)
...
...
@@ -194,7 +195,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
//
@
PreAuthorize
(
"hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}"
)
@
RequestMapping
(
method
=
RequestMethod
.${
reqMtd
},
value
=
"${fullPath}/${deactionCodeName?lower_case}"
)
...
...
@@ -214,7 +215,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})"
)
<@
outputHasPermissionAnnotation
'this.${deCodeNameLC}Service.get(#${itemCodeNameLC + keyCNLC})'
'${sys.codeName}-${de.codeName}-${deaction.codeName}'
/>
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}"
)
@
RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"${fullPath}/{${itemCodeNameLC + keyCNLC}}"
)
...
...
@@ -235,7 +236,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
P
reAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO}
)"
)
@
P
ostAuthorize
(
"hasPermission(this.${itemCodeNameLC}Mapping.toDomain(returnObject.body),'${sys.codeName}-${de.codeName}-${deaction.codeName}'
)"
)
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}"
)
@
RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"${fullPath}/{${itemCodeNameLC + keyCNLC}}"
)
...
...
@@ -409,7 +410,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
//
@
PreAuthorize
(
"hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}${byParams}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}${byParams}"
)
@
RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"${fullPath}"
)
...
...
@@ -438,7 +439,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
//
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}${byParams}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}${byParams}"
)
@
RequestMapping
(
method
=
RequestMethod
.
PUT
,
value
=
"${fullPath}/{${itemCodeNameLC + keyCNLC}}"
)
...
...
@@ -507,7 +508,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})"
)
//
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})"
)
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}${byParams}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}${byParams}"
)
@
RequestMapping
(
method
=
RequestMethod
.
DELETE
,
value
=
"${fullPath}/{${itemCodeNameLC + keyCNLC}}"
)
...
...
@@ -528,7 +529,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
//
@
PreAuthorize
(
"hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})"
)
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}${byParams}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}${byParams}"
)
@
RequestMapping
(
method
=
RequestMethod
.${
reqMtd
},
value
=
"${fullPath}/${deactionCodeName?lower_case}"
)
...
...
@@ -554,7 +555,7 @@ public class ${itemCodeName}Resource {
<#
if
noDEPrefield
>
<@
outputHasAnyAuthorityAnnotation
'${sys.codeName}-${de.codeName}-${deaction.codeName}-all'
/>
<#
else
>
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})"
)
//
@
PreAuthorize
(
"hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})"
)
</#
if
>
@
ApiOperation
(
value
=
"${deaction.getLogicName()}${byParams}"
,
tags
=
{
"${itemCodeName}"
},
notes
=
"${deaction.getLogicName()}${byParams}"
)
@
RequestMapping
(
method
=
RequestMethod
.
GET
,
value
=
"${fullPath}/{${itemCodeNameLC + keyCNLC}}"
)
...
...
@@ -654,11 +655,16 @@ public class ${itemCodeName}Resource {
@
PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','${permissionTag}')"
)
</#
macro
>
<#
comment
>
输出实体资源鉴权注解
[
hasAnyAuthority
]</#
comment
>
<#
macro
outputHasPermissionAnnotation
param1
param2
>
//@
PreAuthorize
(
"hasPermission(${param1},'${param2}')"
)
</#
macro
>
<#
comment
>
输出实体批处理权限注解
[
hasAnyAuthority
]</#
comment
>
<#
macro
outputBatchPermissionAnnotation
deAction
deStorageMode
>
<#
if
deAction
==
'Remove'
>
@
PreAuthorize
(
"hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO,#ids})"
)
//
@
PreAuthorize
(
"hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO,#ids})"
)
<#
else
>
@
PreAuthorize
(
"hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dtos})"
)
//
@
PreAuthorize
(
"hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dtos})"
)
</#
if
>
</#
macro
>
SLN/%PUBPRJ%-util/src/main/java/%SYS_PKGPATH%/util/security/AuthPermissionEvaluator.java.ftl
浏览文件 @
9e2009a8
此差异已折叠。
点击以展开。
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录