优化结构

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleFieldFilterDataAccessConfig.java

@@ -2,6 +2,8 @@ package org.hswebframework.web.authorization.simple;
 
 import org.hswebframework.web.authorization.access.FieldFilterDataAccessConfig;
 
+import java.util.Arrays;
+import java.util.HashSet;
 import java.util.Set;
 
 /**
@@ -14,6 +16,13 @@ public class SimpleFieldFilterDataAccessConfig extends AbstractDataAccessConfig
 
     private String type;
 
+    public SimpleFieldFilterDataAccessConfig() {
+    }
+
+    public SimpleFieldFilterDataAccessConfig(String... fields) {
+        this.fields = new HashSet<>(Arrays.asList(fields));
+    }
+
     @Override
     public Set<String> getFields() {
         return fields;

hsweb-examples/hsweb-examples-oauth2/hsweb-examples-oauth2-server/src/main/java/org/hswebframework/web/example/oauth2/OAuth2ServerApplication.java

@@ -18,11 +18,13 @@
 
 package org.hswebframework.web.example.oauth2;
 
+import com.alibaba.fastjson.JSON;
 import org.hsweb.ezorm.rdb.executor.AbstractJdbcSqlExecutor;
 import org.hsweb.ezorm.rdb.executor.SqlExecutor;
 import org.hswebframework.web.authorization.Permission;
 import org.hswebframework.web.authorization.access.DataAccessConfig;
 import org.hswebframework.web.authorization.oauth2.server.entity.OAuth2ClientEntity;
+import org.hswebframework.web.authorization.simple.SimpleFieldFilterDataAccessConfig;
 import org.hswebframework.web.commons.entity.factory.EntityFactory;
 import org.hswebframework.web.dao.datasource.DataSourceHolder;
 import org.hswebframework.web.dao.datasource.DatabaseType;
@@ -96,6 +98,12 @@ public class OAuth2ServerApplication implements CommandLineRunner {
         DataAccessEntity updateAccessEntity = new DataAccessEntity();
         updateAccessEntity.setType(DataAccessConfig.DefaultType.OWN_CREATED);
         updateAccessEntity.setAction(Permission.ACTION_UPDATE);
+
+        DataAccessEntity denyFields = new DataAccessEntity();
+        denyFields.setType(DataAccessConfig.DefaultType.ALLOW_FIELDS);
+        denyFields.setAction(Permission.ACTION_UPDATE);
+        denyFields.setConfig(JSON.toJSONString(new SimpleFieldFilterDataAccessConfig("password")));
+
         //脚本方式自定义控制
 //        updateAccessEntity.setConfig(JSON.toJSONString(new SimpleScriptDataAccess("" +
 //                "println(id);" +

hsweb-system/hsweb-system-organizational/hsweb-system-organizational-service/hsweb-system-organizational-service-simple/src/main/java/org/hswebframework/web/service/organizational/simple/SimplePersonService.java

@@ -16,7 +16,6 @@
  */
 package org.hswebframework.web.service.organizational.simple;
 
-import com.alibaba.fastjson.JSON;
 import org.hswebframework.web.commons.entity.TreeSupportEntity;
 import org.hswebframework.web.dao.dynamic.QueryByEntityDao;
 import org.hswebframework.web.dao.organizational.*;