优化api

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Authorize.java

@@ -63,8 +63,8 @@ public @interface Authorize {
     /**
      * 验证是否为指定user
      *
-     * @return user id array
-     * @see User#getId()
+     * @return username array
+     * @see User#getUsername()
      */
     String[] user() default {};
 

hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java

@@ -114,7 +114,7 @@ public class SimpleAuthorizeMethodInterceptor extends AuthorizingAnnotationMetho
                 Function<Predicate<String>, Boolean> func = logicalIsOr
                         ? authorizeConfig.user.stream()::anyMatch
                         : authorizeConfig.user.stream()::allMatch;
-                access = func.apply(authorization.getUser().getId()::equals);
+                access = func.apply(authorization.getUser().getUsername()::equals);
             }
             if (!access) {
                 throw new AuthorizationException(authorizeConfig.message);

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/SpringBootExample.java

@@ -126,13 +126,16 @@ public class SpringBootExample implements CommandLineRunner {
 
     @Override
     public void run(String... strings) throws Exception {
+        //只能查询自己创建的数据
         DataAccessEntity accessEntity = new DataAccessEntity();
         accessEntity.setType(DataAccess.Type.OWN_CREATED.name());
         accessEntity.setAction(Permission.ACTION_QUERY);
 
+        //只能修改自己创建的数据
         DataAccessEntity updateAccessEntity = new DataAccessEntity();
         updateAccessEntity.setType(DataAccess.Type.OWN_CREATED.name());
         updateAccessEntity.setAction(Permission.ACTION_UPDATE);
+        //脚本方式自定义控制
 //        updateAccessEntity.setConfig(JSON.toJSONString(new SimpleScriptDataAccess("" +
 //                "println(id);" +
 //                "println(entity);" +

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/TestController.java

@@ -1,7 +1,6 @@
 package org.hswebframework.web.example.simple;
 
 import io.swagger.annotations.ApiOperation;
-import io.swagger.annotations.ApiResponse;
 import org.hswebframework.web.authorization.Authorization;
 import org.hswebframework.web.authorization.AuthorizationHolder;
 import org.hswebframework.web.authorization.Permission;
@@ -60,7 +59,6 @@ public class TestController implements QueryController<UserEntity, String, Query
     @RequiresDataAccess(permission = "test", action = Permission.ACTION_UPDATE)
     @RequiresFieldAccess(permission = "test", action = Permission.ACTION_UPDATE)
     public ResponseMessage<UserModel> testUpdate(@PathVariable String id, @RequestBody UserModel model) {
-
         return ResponseMessage.ok(model);
     }
 

hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/convert/FastJsonHttpMessageConverter.java

@@ -2,6 +2,7 @@ package org.hswebframework.web.starter.convert;
 
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONPObject;
+import com.alibaba.fastjson.parser.ParserConfig;
 import com.alibaba.fastjson.serializer.PropertyPreFilter;
 import com.alibaba.fastjson.serializer.SerializerFeature;
 import com.alibaba.fastjson.serializer.SimplePropertyPreFilter;
@@ -29,6 +30,11 @@ import java.util.Set;
 
 public class FastJsonHttpMessageConverter extends AbstractHttpMessageConverter<Object> {
 
+    static {
+        // TODO: 17-3-16  白名单应可配置
+        ParserConfig.getGlobalInstance().addAccept("org.hswebframework.web.entity.");
+    }
+
     public final static Charset UTF8 = Charset.forName("UTF-8");
 
     private Charset charset = UTF8;

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java

@@ -29,7 +29,7 @@ import org.hswebframework.web.commons.model.Model;
 public interface UserModel extends Model {
     void setName(String name);
 
-    @ApiModelProperty(value = "用户登录名", required = true, readOnly = true)
+    @ApiModelProperty(value = "用户名", required = true, readOnly = true)
     String getUsername();
 
     void setUsername(String username);

hsweb-system/hsweb-system-organizational/hsweb-system-organizational-entity/src/main/java/org/hswebframework/web/entity/organizational/DepartmentEntity.java

@@ -16,7 +16,6 @@
  */
 package org.hswebframework.web.entity.organizational;
 
-import org.hswebframework.web.commons.entity.GenericEntity;
 import org.hswebframework.web.commons.entity.TreeSortSupportEntity;
 
 /**