提交 fbf40ed2 编写于 作者: zhouweidong's avatar zhouweidong

权限调整

上级 9287dafb
...@@ -88,7 +88,9 @@ public class ${itemCodeName}Resource { ...@@ -88,7 +88,9 @@ public class ${itemCodeName}Resource {
@Autowired @Autowired
@Lazy @Lazy
private ${itemCodeName}Mapping ${itemCodeNameLC}Mapping; public ${itemCodeName}Mapping ${itemCodeNameLC}Mapping;
public ${deCodeName}DTO permissionDTO=new ${deCodeName}DTO();
<#-- 嵌套服务对象 --> <#-- 嵌套服务对象 -->
<#if item.getPSDEServiceAPIRSs()??> <#if item.getPSDEServiceAPIRSs()??>
...@@ -156,7 +158,7 @@ public class ${itemCodeName}Resource { ...@@ -156,7 +158,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield> <#if noDEPrefield>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
<#else> <#else>
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'${deStorageMode}'})") @PreAuthorize("hasPermission('','Create',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if> </#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}") @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}") @RequestMapping(method = RequestMethod.POST, value = "${fullPath}")
...@@ -167,11 +169,7 @@ public class ${itemCodeName}Resource { ...@@ -167,11 +169,7 @@ public class ${itemCodeName}Resource {
${itemCodeName}DTO dto = ${itemCodeNameLC}Mapping.toDto(domain); ${itemCodeName}DTO dto = ${itemCodeNameLC}Mapping.toDto(domain);
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
<#if noDEPrefield>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
<#else>
@PreAuthorize("hasPermission('','Create',{this.getEntity(),'${deStorageMode}'})")
</#if>
@ApiOperation(value = "createBatch", tags = {"${itemCodeName}" }, notes = "createBatch") @ApiOperation(value = "createBatch", tags = {"${itemCodeName}" }, notes = "createBatch")
@RequestMapping(method = RequestMethod.POST, value = "${fullPath}/batch") @RequestMapping(method = RequestMethod.POST, value = "${fullPath}/batch")
public ResponseEntity<Boolean> createBatch(${etParamsList}) { public ResponseEntity<Boolean> createBatch(${etParamsList}) {
...@@ -183,7 +181,7 @@ public class ${itemCodeName}Resource { ...@@ -183,7 +181,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield> <#if noDEPrefield>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
<#else> <#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{this.getEntity(),'${deStorageMode}'})") @PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,#${itemCodeNameLC}dto})")
</#if> </#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}") @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}") @RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
...@@ -196,11 +194,6 @@ public class ${itemCodeName}Resource { ...@@ -196,11 +194,6 @@ public class ${itemCodeName}Resource {
return ResponseEntity.status(HttpStatus.OK).body(dto); return ResponseEntity.status(HttpStatus.OK).body(dto);
} }
<#if noDEPrefield>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
<#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Update',{this.getEntity(),'${deStorageMode}'})")
</#if>
@ApiOperation(value = "UpdateBatch", tags = {"${itemCodeName}" }, notes = "UpdateBatch") @ApiOperation(value = "UpdateBatch", tags = {"${itemCodeName}" }, notes = "UpdateBatch")
@RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/batch") @RequestMapping(method = RequestMethod.PUT, value = "${fullPath}/batch")
public ResponseEntity<Boolean> updateBatch(${etParamsList}) { public ResponseEntity<Boolean> updateBatch(${etParamsList}) {
...@@ -226,7 +219,7 @@ public class ${itemCodeName}Resource { ...@@ -226,7 +219,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield> <#if noDEPrefield>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
<#else> <#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{this.getEntity(),'${deStorageMode}'})") @PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Remove',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO)")
</#if> </#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}") @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}") @RequestMapping(method = RequestMethod.DELETE, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
...@@ -246,7 +239,7 @@ public class ${itemCodeName}Resource { ...@@ -246,7 +239,7 @@ public class ${itemCodeName}Resource {
<#if noDEPrefield> <#if noDEPrefield>
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')") @PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','${sys.codeName}-${de.codeName}-${deaction.codeName}-all')")
<#else> <#else>
@PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{this.getEntity(),'${deStorageMode}'})") @PreAuthorize("hasPermission(#${itemCodeNameLC + keyCNLC},'Get',{'${deStorageMode}',this.${itemCodeNameLC}Mapping,this.permissionDTO)")
</#if> </#if>
@ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}") @ApiOperation(value = "${deaction.getLogicName()}", tags = {"${itemCodeName}" }, notes = "${deaction.getLogicName()}")
@RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}") @RequestMapping(method = RequestMethod.GET, value = "${fullPath}/{${itemCodeNameLC + keyCNLC}}")
...@@ -630,14 +623,6 @@ public class ${itemCodeName}Resource { ...@@ -630,14 +623,6 @@ public class ${itemCodeName}Resource {
</#if> </#if>
<#-- 关系接口 end --> <#-- 关系接口 end -->
/**
* 用户权限校验
* @return
*/
public ${deCodeName} getEntity(){
return new ${deCodeName}();
}
} }
</#if> </#if>
</#if> </#if>
\ No newline at end of file
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册