权限资源调整

f99f80ac · zhouweidong · 41e1f531 · f99f80ac
--- a/SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
+++ b/SLN/%PUBPRJ%-provider/%PUBPRJ%-provider-%SYSAPI_PKGPATH%/src/main/java/%SYS_PKGPATH%/%SYSAPI_PKGPATH%/rest/%ITEM%Resource.java.ftl
@@ -19,6 +19,10 @@ TARGET=PSDESERVICEAPI
 <#assign keyCNLC = "_id">
 <#assign deStorageMode="None">
 <#if de.getStorageMode()==1><#assign deStorageMode="Sql"><#elseif de.getStorageMode()==2><#assign deStorageMode="NoSQL"><#elseif de.getStorageMode()==4><#assign deStorageMode="ServiceApi"></#if>
+<#assign noDEPrefield=true>
+<#if de.getPSDEFieldByPDT('ORGID',true)?? || de.getPSDEFieldByPDT('ORGSECTORID',true)??  || de.getPSDEFieldByPDT('CREATEMAN',true)?? >
+<#assign noDEPrefield=false>
+</#if>
 package ${pubPkgCodeName}.${itemSysApiCodeNameLC}.rest;

 import java.sql.Timestamp;
@@ -149,7 +153,11 @@ public class ${itemCodeName}Resource {


                <#if deaction.codeName?lower_case == 'create'>
+                    <#if noDEPrefield>
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deaction.codeName}:all')")
+                    <#else>
    @PreAuthorize("hasPermission('','Create',{this.getEntity(),'${deStorageMode}'})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.POST, value = "${fullPath}")
 <#if de.getStorageMode()==4><#else>    @Transactional</#if>
@@ -159,8 +167,11 @@ public class ${itemCodeName}Resource {
        ${itemCodeName}DTO dto = ${itemCodeNameLC}Mapping.toDto(domain);
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
    }
-
+                    <#if noDEPrefield>
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deaction.codeName}:all')")
+                    <#else>
    @PreAuthorize("hasPermission('','Create',{this.getEntity(),'${deStorageMode}'})")
+                    </#if>
    @ApiOperation(value = "createBatch", tags = {"${itemCodeName}" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "${fullPath}/batch")
    public ResponseEntity<Boolean> createBatch(${etParamsList}) {
@@ -169,7 +180,11 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'update'>
+                    <#if noDEPrefield>
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deaction.codeName}:all')")
+                    <#else>
    @PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{this.getEntity(),'${deStorageMode}'})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
 <#if de.getStorageMode()==4><#else>    @Transactional</#if>
@@ -181,7 +196,11 @@ public class ${itemCodeName}Resource {
        return ResponseEntity.status(HttpStatus.OK).body(dto);
    }

+                    <#if noDEPrefield>
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deaction.codeName}:all')")
+                    <#else>
    @PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{this.getEntity(),'${deStorageMode}'})")
+                    </#if>
    @ApiOperation(value = "UpdateBatch", tags = {"${itemCodeName}" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/batch")
    public ResponseEntity<Boolean> updateBatch(${etParamsList}) {
@@ -204,7 +223,11 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'remove'>
+                    <#if noDEPrefield>
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deaction.codeName}:all')")
+                    <#else>
    @PreAuthorize("hasPermission('Remove',{#${itemCodeNameLC + keyCNLC},{this.getEntity(),'${deStorageMode}'}})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
 <#if de.getStorageMode()==4><#else>    @Transactional</#if>
@@ -220,7 +243,11 @@ public class ${itemCodeName}Resource {
    }

                <#elseif deaction.codeName?lower_case == 'get'>
+                    <#if noDEPrefield>
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deaction.codeName}:all')")
+                    <#else>
    @PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{this.getEntity(),'${deStorageMode}'})")
+                    </#if>
    @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" },  notes = "${deaction.getLogicName()}")
 	@RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
    public ResponseEntity<${itemCodeName}DTO> get(${idParams}) {
@@ -263,7 +290,7 @@ public class ${itemCodeName}Resource {
                </#if>
            <#elseif apiMethod.getActionType()=='FETCH'>
                <#assign deds = apiMethod.getPSDEDataSet()>
-    @PreAuthorize("hasPermission('Get',{#context,'${deds.getCodeName()}',this.getEntity(),'${deStorageMode}'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deds.codeName}:all')")
 	@ApiOperation(value = "fetch${deds.getLogicName()}", tags = {"${itemCodeName}" } ,notes = "fetch${deds.getLogicName()}")
    @RequestMapping(method= RequestMethod.${reqMtd} , value="${fullPath}/fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<List<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> fetch<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>(${deCodeName}SearchContext context) {
@@ -286,7 +313,7 @@ public class ${itemCodeName}Resource {
        </#if>
 	}

-    @PreAuthorize("hasPermission('Get',{#context,'${deds.getCodeName()}',this.getEntity(),'${deStorageMode}'})")
+    @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}:${de.codeName}:${deds.codeName}:all')")
 	@ApiOperation(value = "search${deds.getLogicName()}", tags = {"${itemCodeName}" } ,notes = "search${deds.getLogicName()}")
    @RequestMapping(method= RequestMethod.POST , value="${fullPath}/search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()?lower_case}<#else>${deds.getCodeName()?lower_case}</#if>")
 	public ResponseEntity<Page<<#if deds.isEnableGroup()>HashMap<#else>${itemCodeName}DTO</#if>>> search<#if (deds.getName()=='DEFAULT')>${deds.getCodeName()}<#else>${deds.getCodeName()}</#if>(@RequestBody ${deCodeName}SearchContext context) {