提交 9e2009a8 编写于 作者: zhouweidong's avatar zhouweidong

简化权限校验

上级 72721eca
......@@ -46,6 +46,7 @@ import org.springframework.data.domain.Pageable;
import org.springframework.util.StringUtils;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.access.prepost.PostAuthorize;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
......@@ -145,7 +146,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
<@outputHasPermissionAnnotation 'this.${itemCodeNameLC}Mapping.toDomain(#${itemCodeNameLC}dtos)' '${sys.codeName}-${de.codeName}-${deaction.codeName}' />
</#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}")
......@@ -169,7 +170,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
<@outputHasPermissionAnnotation 'this.${deCodeNameLC}Service.get(#${itemCodeNameLC + keyCNLC})' '${sys.codeName}-${de.codeName}-${deaction.codeName}' />
</#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
......@@ -194,7 +195,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
//@PreAuthorize("hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
......@@ -214,7 +215,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
<@outputHasPermissionAnnotation 'this.${deCodeNameLC}Service.get(#${itemCodeNameLC + keyCNLC})' '${sys.codeName}-${de.codeName}-${deaction.codeName}' />
</#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
......@@ -235,7 +236,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
@PostAuthorize("hasPermission(this.${itemCodeNameLC}Mapping.toDomain(returnObject.body),'${sys.codeName}-${de.codeName}-${deaction.codeName}')")
</#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
......@@ -409,7 +410,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
//@PreAuthorize("hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}")
......@@ -438,7 +439,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
//@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
......@@ -507,7 +508,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
//@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
</#if>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
......@@ -528,7 +529,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
//@PreAuthorize("hasPermission('','Save',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.${reqMtd}, value = "${fullPath}/${deactionCodeName?lower_case}")
......@@ -554,7 +555,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield>
<@outputHasAnyAuthorityAnnotation '${sys.codeName}-${de.codeName}-${deaction.codeName}-all'/>
<#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
//@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO})")
</#if>
@ApiOperation(value = "${deaction.getLogicName()}${byParams}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}${byParams}")
@RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
......@@ -654,11 +655,16 @@ public class ${itemCodeName}Resource {
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${permissionTag}')")
</#macro>
<#comment>输出实体资源鉴权注解[hasAnyAuthority]</#comment>
<#macro outputHasPermissionAnnotation param1 param2>
//@PreAuthorize("hasPermission(${param1},'${param2}')")
</#macro>
<#comment>输出实体批处理权限注解[hasAnyAuthority]</#comment>
<#macro outputBatchPermissionAnnotation deAction deStorageMode>
<#if deAction=='Remove'>
@PreAuthorize("hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO,#ids})")
//@PreAuthorize("hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO,#ids})")
<#else>
@PreAuthorize("hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dtos})")
//@PreAuthorize("hasPermission('${deAction}',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dtos})")
</#if>
</#macro>
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册