优化权限设置

hsweb-examples/hsweb-examples-oauth2/hsweb-examples-oauth2-server/src/main/java/org/hswebframework/web/example/oauth2/OAuth2ServerApplication.java

@@ -31,7 +31,6 @@ import org.hswebframework.web.dao.datasource.DataSourceHolder;
 import org.hswebframework.web.dao.datasource.DatabaseType;
 import org.hswebframework.web.dao.oauth2.OAuth2ClientDao;
 import org.hswebframework.web.entity.authorization.*;
-import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity;
 import org.hswebframework.web.entity.authorization.bind.BindRoleUserEntity;
 import org.hswebframework.web.service.authorization.AuthorizationSettingService;
 import org.hswebframework.web.service.authorization.PermissionService;
@@ -122,18 +121,11 @@ public class OAuth2ServerApplication implements CommandLineRunner {
         permission.setId("test");
         permission.setStatus((byte) 1);
         permission.setActions(ActionEntity.create(Permission.ACTION_QUERY, Permission.ACTION_UPDATE));
-        permission.setDataAccess(Arrays.asList(accessEntity, updateAccessEntity));
         permissionService.insert(permission);
 
-        BindPermissionRoleEntity<PermissionRoleEntity> roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
-        SimplePermissionRoleEntity permissionRoleEntity = new SimplePermissionRoleEntity();
-        permissionRoleEntity.setRoleId("admin");
-        permissionRoleEntity.setPermissionId("test");
-        permissionRoleEntity.setActions(Arrays.asList(Permission.ACTION_QUERY, Permission.ACTION_UPDATE));
-        permissionRoleEntity.setDataAccesses(permission.getDataAccess());
+        RoleEntity roleEntity = entityFactory.newInstance(RoleEntity.class);
         roleEntity.setId("admin");
         roleEntity.setName("test");
-        roleEntity.setPermissions(Arrays.asList(permissionRoleEntity));
         roleService.insert(roleEntity);
 
           /*            权限设置        */

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/SpringBootExample.java

@@ -29,7 +29,6 @@ import org.hswebframework.web.commons.entity.factory.EntityFactory;
 import org.hswebframework.web.dao.datasource.DataSourceHolder;
 import org.hswebframework.web.dao.datasource.DatabaseType;
 import org.hswebframework.web.entity.authorization.*;
-import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity;
 import org.hswebframework.web.entity.authorization.bind.BindRoleUserEntity;
 import org.hswebframework.web.entity.organizational.*;
 import org.hswebframework.web.loggin.aop.EnableAccessLogger;
@@ -90,8 +89,7 @@ import java.util.stream.Stream;
 @EnableAspectJAutoProxy
 @EnableAccessLogger
 public class SpringBootExample
-//        implements CommandLineRunner
-{
+        implements CommandLineRunner {
 
     @Bean
     public AccessLoggerListener accessLoggerListener() {
@@ -174,7 +172,7 @@ public class SpringBootExample
         SpringApplication.run(SpringBootExample.class);
     }
 
-//    @Override
+    //    @Override
     public void run(String... strings) throws Exception {
         //只能查询自己创建的数据
         DataAccessEntity accessEntity = new DataAccessEntity();
@@ -212,18 +210,13 @@ public class SpringBootExample
         permission.setId("test");
         permission.setStatus(DataStatus.STATUS_ENABLED);
         permission.setActions(ActionEntity.create(Permission.ACTION_QUERY, Permission.ACTION_UPDATE));
-//        permission.setDataAccess(Arrays.asList(accessEntity, updateAccessEntity, denyUpdateFields, denyUpdateFields, onlyDepartmentData));
+        permission.setSupportDataAccessTypes(Arrays.asList("*"));
         permissionService.insert(permission);
 
-
         //角色
-        BindPermissionRoleEntity<PermissionRoleEntity> roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
-        SimplePermissionRoleEntity permissionRoleEntity = new SimplePermissionRoleEntity();
-        permissionRoleEntity.setRoleId("admin");
-        permissionRoleEntity.setPermissionId("test");
+        RoleEntity roleEntity = entityFactory.newInstance(RoleEntity.class);
         roleEntity.setId("admin");
         roleEntity.setName("test");
-        roleEntity.setPermissions(Arrays.asList(permissionRoleEntity));
         roleService.insert(roleEntity);
 
         /*            权限设置        */

hsweb-examples/hsweb-examples-simple/src/main/resources/application.yml

@@ -1,10 +1,9 @@
-
 spring:
     aop:
         auto: true
         proxy-target-class: true
     datasource:
-       url : jdbc:h2:file:./data
+       url : jdbc:h2:mem:example
        username : sa
        password :
        type: com.alibaba.druid.pool.DruidDataSource

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java

@@ -309,7 +309,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
             }
             if (isEmpty(entity.getSupportDataAccessTypes())) {
                 detail.setDataAccesses(Collections.emptyList());
-            } else if (isNotEmpty(detail.getDataAccesses())) {
+            } else if (isNotEmpty(detail.getDataAccesses()) && !entity.getSupportDataAccessTypes().contains("*")) {
                 //重构为权限支持的数据权限控制方式,防止越权设置权限
                 detail.setDataAccesses(detail
                         .getDataAccesses()