Strona główna Odkrywaj Pomoc
Zaloguj się
iot
/
hsweb-framework
4
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

优化权限

zhou-hao 5 lat temu
rodzic
4c220f7139
commit
1a1b38bea0
4 zmienionych plików z 79 dodań i 15 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 0 1
      hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/DataAccess.java
  2. 11 0
      hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/FieldDataAccess.java
  3. 16 12
      hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultBasicAuthorizeDefinition.java
  4. 52 2
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/PermissionSynchronization.java

+ 0 - 1
hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/DataAccess.java
Wyświetl plik 

@@ -29,7 +29,6 @@ import java.lang.annotation.*;
 
  *
 
  * @author zhouhao
 
  * @see DataAccessController
 
- * @see Authorize#dataAccess()
 
  * @since 3.0
 
  */
 
 @Target({ElementType.ANNOTATION_TYPE,ElementType.METHOD})

+ 11 - 0
hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/FieldDataAccess.java
Wyświetl plik 

@@ -0,0 +1,11 @@
 
+package org.hswebframework.web.authorization.annotation;
 
+
 
+import java.lang.annotation.*;
 
+
 
+@DataAccessType(id = "DENY_FIELDS", name = "字段权限")
 
+@Retention(RetentionPolicy.RUNTIME)
 
+@Documented
 
+@Target({ElementType.ANNOTATION_TYPE, ElementType.METHOD})
 
+public @interface FieldDataAccess {
 
+
 
+}

+ 16 - 12
hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultBasicAuthorizeDefinition.java
Wyświetl plik 

@@ -58,7 +58,7 @@ public class DefaultBasicAuthorizeDefinition implements AopAuthorizeDefinition {
 
         definition.setTargetClass(targetClass);
 
         definition.setTargetMethod(method);
 
 
-        Set<Annotation> annotations = AnnotatedElementUtils.findAllMergedAnnotations(method, types);
 
+        Set<Annotation> methodAnnotation = AnnotatedElementUtils.findAllMergedAnnotations(method, types);
 
 
         Set<Annotation> classAnnotation = AnnotatedElementUtils.findAllMergedAnnotations(targetClass, types);
 
 
@@ -66,7 +66,7 @@ public class DefaultBasicAuthorizeDefinition implements AopAuthorizeDefinition {
 
                 .stream()
 
                 .collect(Collectors.toMap(Annotation::annotationType, Function.identity()));
 
 
-        Map<Class, Annotation> mapping = annotations
 
+        Map<Class, Annotation> mapping = methodAnnotation
 
                 .stream()
 
                 .collect(Collectors.toMap(Annotation::annotationType, Function.identity()));
 
 
@@ -79,7 +79,7 @@ public class DefaultBasicAuthorizeDefinition implements AopAuthorizeDefinition {
 
             }
 
         }
 
 
-        for (Annotation annotation : annotations) {
 
+        for (Annotation annotation : methodAnnotation) {
 
             if (annotation instanceof Authorize) {
 
                 definition.putAnnotation(((Authorize) annotation));
 
             }
 
@@ -91,7 +91,7 @@ public class DefaultBasicAuthorizeDefinition implements AopAuthorizeDefinition {
 
             }
 
         }
 
 
-        for (Annotation annotation : annotations) {
 
+        for (Annotation annotation : methodAnnotation) {
 
 
             if (annotation instanceof ResourceAction) {
 
                 Optional.ofNullable(mapping.getOrDefault(Resource.class, classAnnotationMap.get(Resource.class)))
 
@@ -107,19 +107,23 @@ public class DefaultBasicAuthorizeDefinition implements AopAuthorizeDefinition {
 
                                     .ifPresent(dat -> definition.putAnnotation(action, dat));
 
                         });
 
             }
 
+            Optional<ResourceActionDefinition> actionDefinition = Optional.ofNullable(mapping.getOrDefault(Resource.class, classAnnotationMap.get(Resource.class)))
 
+                    .map(Resource.class::cast)
 
+                    .flatMap(res -> definition.getResources().getResource(res.id()))
 
+                    .flatMap(res -> Optional.ofNullable(mapping.get(ResourceAction.class))
 
+                            .map(ResourceAction.class::cast)
 
+                            .flatMap(ra -> res.getAction(ra.id())));
 
+
 
+            if (annotation instanceof DataAccessType) {
 
+                actionDefinition.ifPresent(ra -> definition.putAnnotation(ra, (DataAccessType) annotation));
 
+            }
 
+
 
             if (annotation instanceof DataAccess) {
 
-                Optional.ofNullable(mapping.getOrDefault(Resource.class, classAnnotationMap.get(Resource.class)))
 
-                        .map(Resource.class::cast)
 
-                        .flatMap(res -> definition.getResources().getResource(res.id()))
 
-                        .flatMap(res -> Optional.ofNullable(mapping.get(ResourceAction.class))
 
-                                .map(ResourceAction.class::cast)
 
-                                .flatMap(ra -> res.getAction(ra.id())))
 
-                        .ifPresent(ra -> {
 
+                actionDefinition.ifPresent(ra -> {
 
                             definition.putAnnotation(ra, (DataAccess) annotation);
 
                             Optional.ofNullable(mapping.get(DataAccessType.class))
 
                                     .map(DataAccessType.class::cast)
 
                                     .ifPresent(dat -> definition.putAnnotation(ra, dat));
 
-
 
                         });
 
             }

+ 52 - 2
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/PermissionSynchronization.java
Wyświetl plik 

@@ -2,15 +2,28 @@ package org.hswebframework.web.system.authorization.defaults.service;
 
 
 import lombok.extern.slf4j.Slf4j;
 
 import org.hswebframework.ezorm.rdb.mapping.ReactiveRepository;
 
+import org.hswebframework.ezorm.rdb.mapping.annotation.Comment;
 
+import org.hswebframework.utils.ClassUtils;
 
+import org.hswebframework.web.api.crud.entity.Entity;
 
 import org.hswebframework.web.authorization.define.*;
 
+import org.hswebframework.web.crud.web.reactive.ReactiveCrudController;
 
+import org.hswebframework.web.crud.web.reactive.ReactiveQueryController;
 
+import org.hswebframework.web.crud.web.reactive.ReactiveServiceCrudController;
 
+import org.hswebframework.web.crud.web.reactive.ReactiveServiceQueryController;
 
 import org.hswebframework.web.system.authorization.api.entity.ActionEntity;
 
+import org.hswebframework.web.system.authorization.api.entity.OptionalField;
 
 import org.hswebframework.web.system.authorization.api.entity.PermissionEntity;
 
+import org.hswebframework.web.utils.AnnotationUtils;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.boot.CommandLineRunner;
 
 import org.springframework.context.event.EventListener;
 
+import org.springframework.util.CollectionUtils;
 
+import org.springframework.util.ReflectionUtils;
 
 import reactor.core.publisher.Flux;
 
 import reactor.core.publisher.Mono;
 
 
+import javax.persistence.Column;
 
+import java.lang.reflect.Field;
 
 import java.util.*;
 
 import java.util.function.Function;
 
 import java.util.stream.Collectors;
 
@@ -23,9 +36,41 @@ public class PermissionSynchronization implements CommandLineRunner {
 
 
     private MergedAuthorizeDefinition definition = new MergedAuthorizeDefinition();
 
 
+    private Map<String, List<OptionalField>> entityFieldsMapping = new HashMap<>();
 
+
 
     @EventListener
 
     public void handleResourceParseEvent(AuthorizeDefinitionInitializedEvent event) {
 
         definition.merge(event.getAllDefinition());
 
+        for (AuthorizeDefinition authorizeDefinition : event.getAllDefinition()) {
 
+            if (authorizeDefinition.getResources().getResources().isEmpty()) {
 
+                continue;
 
+            }
 
+            String id = authorizeDefinition.getResources().getResources().iterator().next().getId();
 
+            if (entityFieldsMapping.containsKey(id)) {
 
+                return;
 
+            }
 
+            if (authorizeDefinition instanceof AopAuthorizeDefinition) {
 
+                Class target = ((AopAuthorizeDefinition) authorizeDefinition).getTargetClass();
 
+                if (ReactiveQueryController.class.isAssignableFrom(target)
 
+                        || ReactiveServiceQueryController.class.isAssignableFrom(target)) {
 
+                    Class entity = ClassUtils.getGenericType(target);
 
+                    if (Entity.class.isAssignableFrom(entity)) {
 
+                        Set<OptionalField> fields = new HashSet<>();
 
+                        ReflectionUtils.doWithFields(entity, field -> {
 
+                            if (null != field.getAnnotation(Column.class) && !"id".equals(field.getName())) {
 
+                                OptionalField optionalField = new OptionalField();
 
+                                optionalField.setName(field.getName());
 
+                                Optional.ofNullable(field.getAnnotation(Comment.class))
 
+                                        .map(Comment::value)
 
+                                        .ifPresent(optionalField::setDescribe);
 
+                                fields.add(optionalField);
 
+                            }
 
+                        });
 
+                        entityFieldsMapping.put(id, new ArrayList<>(fields));
 
+                    }
 
+                }
 
+            }
 
+        }
 
     }
 
 
     protected PermissionEntity convert(Map<String, PermissionEntity> old, ResourceDefinition definition) {
 
@@ -36,13 +81,18 @@ public class PermissionSynchronization implements CommandLineRunner {
 
                 .build());
 
         entity.setId(definition.getId());
 
 
+
 
+        if (CollectionUtils.isEmpty(entity.getOptionalFields())) {
 
+            entity.setOptionalFields(entityFieldsMapping.get(entity.getId()));
 
+        }
 
+
 
         Map<String, ActionEntity> oldAction = new HashMap<>();
 
         if (entity.getActions() != null) {
 
             entity.getActions().forEach(a -> oldAction.put(a.getAction(), a));
 
         }
 
 
         for (ResourceActionDefinition definitionAction : definition.getActions()) {
 
-            ActionEntity action = oldAction.getOrDefault(definition.getId(),ActionEntity
 
+            ActionEntity action = oldAction.getOrDefault(definitionAction.getId(), ActionEntity
 
                     .builder()
 
                     .action(definitionAction.getId())
 
                     .name(definitionAction.getName())
 
@@ -57,7 +107,7 @@ public class PermissionSynchronization implements CommandLineRunner {
 
 
             types.addAll(definitionAction.getDataAccess().getDataAccessTypes().stream().map(DataAccessTypeDefinition::getId).collect(Collectors.toSet()));
 
             action.setProperties(properties);
 
-            oldAction.put(action.getAction(),action);
 
+            oldAction.put(action.getAction(), action);
 
         }
 
         entity.setActions(new ArrayList<>(oldAction.values()));