增加简单的组织结构权限演示

hsweb-examples/hsweb-examples-simple/pom.xml

@@ -92,29 +92,29 @@
             <version>${project.version}</version>
         </dependency>
 
+        <!--权限管理-->
         <dependency>
             <groupId>org.hswebframework.web</groupId>
             <artifactId>hsweb-system-authorization-starter</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <!--使用shiro实现权限控制-->
         <dependency>
             <groupId>org.hswebframework.web</groupId>
-            <artifactId>hsweb-system-config-starter</artifactId>
+            <artifactId>hsweb-authorization-shiro</artifactId>
             <version>${project.version}</version>
         </dependency>
+
+        <!--组织架构-->
         <dependency>
             <groupId>org.hswebframework.web</groupId>
-            <artifactId>hsweb-system-menu-starter</artifactId>
+            <artifactId>hsweb-system-organizational-starter</artifactId>
             <version>${project.version}</version>
         </dependency>
-        <!--<dependency>-->
-            <!--<groupId>org.hswebframework.web</groupId>-->
-            <!--<artifactId>hsweb-authorization-shiro</artifactId>-->
-            <!--<version>${project.version}</version>-->
-        <!--</dependency>-->
+
         <dependency>
             <groupId>org.hswebframework.web</groupId>
-            <artifactId>hsweb-system-oauth2-server-starter</artifactId>
+            <artifactId>hsweb-system-menu-starter</artifactId>
             <version>${project.version}</version>
         </dependency>
 

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/SpringBootExample.java

@@ -23,20 +23,29 @@ import org.hsweb.ezorm.rdb.executor.SqlExecutor;
 import org.hswebframework.web.authorization.Authentication;
 import org.hswebframework.web.authorization.Permission;
 import org.hswebframework.web.authorization.access.DataAccessConfig;
-import org.hswebframework.web.authorization.oauth2.server.entity.OAuth2ClientEntity;
 import org.hswebframework.web.authorization.simple.SimpleFieldFilterDataAccessConfig;
+import org.hswebframework.web.authorization.simple.SimpleFiledScopeDataAccessConfig;
 import org.hswebframework.web.commons.entity.factory.EntityFactory;
 import org.hswebframework.web.dao.datasource.DataSourceHolder;
 import org.hswebframework.web.dao.datasource.DatabaseType;
-import org.hswebframework.web.dao.oauth2.OAuth2ClientDao;
 import org.hswebframework.web.entity.authorization.*;
 import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity;
 import org.hswebframework.web.entity.authorization.bind.BindRoleUserEntity;
+import org.hswebframework.web.entity.organizational.DepartmentEntity;
+import org.hswebframework.web.entity.organizational.OrganizationalEntity;
+import org.hswebframework.web.entity.organizational.PersonEntity;
+import org.hswebframework.web.entity.organizational.PositionEntity;
 import org.hswebframework.web.loggin.aop.EnableAccessLogger;
 import org.hswebframework.web.logging.AccessLoggerListener;
+import org.hswebframework.web.organizational.authorization.access.DataAccessType;
+import org.hswebframework.web.organizational.authorization.simple.SimpleScopeDataAccessConfig;
 import org.hswebframework.web.service.authorization.PermissionService;
 import org.hswebframework.web.service.authorization.RoleService;
 import org.hswebframework.web.service.authorization.UserService;
+import org.hswebframework.web.service.organizational.DepartmentService;
+import org.hswebframework.web.service.organizational.OrganizationalService;
+import org.hswebframework.web.service.organizational.PersonService;
+import org.hswebframework.web.service.organizational.PositionService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;
@@ -79,7 +88,7 @@ public class SpringBootExample implements CommandLineRunner {
 
     @Bean
     public AccessLoggerListener accessLoggerListener() {
-        return loggerInfo -> System.out.println("有请求啦:" + JSON.toJSONString(loggerInfo.getAction()));
+        return loggerInfo -> System.out.println("有请求啦:" + loggerInfo.getAction());
     }
 
     @Bean
@@ -131,8 +140,16 @@ public class SpringBootExample implements CommandLineRunner {
     PermissionService permissionService;
     @Autowired
     EntityFactory     entityFactory;
+
+    @Autowired
+    OrganizationalService organizationalService;
+    @Autowired
+    DepartmentService     departmentService;
+    @Autowired
+    PositionService       positionService;
     @Autowired
-    OAuth2ClientDao   oAuth2ClientDao;
+    PersonService         personService;
+
 
     public static void main(String[] args) {
         SpringApplication.run(SpringBootExample.class);
@@ -162,13 +179,18 @@ public class SpringBootExample implements CommandLineRunner {
         denyUpdateFields.setAction(Permission.ACTION_UPDATE);
         denyUpdateFields.setConfig(JSON.toJSONString(new SimpleFieldFilterDataAccessConfig("password")));
 
+        DataAccessEntity onlyDepartmentData = new DataAccessEntity();
+        onlyDepartmentData.setType(DataAccessType.DEPARTMENT_SCOPE);
+        onlyDepartmentData.setAction(Permission.ACTION_QUERY);
+        onlyDepartmentData.setConfig(JSON.toJSONString(new SimpleScopeDataAccessConfig(DataAccessType.SCOPE_TYPE_CHILDREN, DataAccessType.DEPARTMENT_SCOPE)));
+
 
         PermissionEntity permission = entityFactory.newInstance(PermissionEntity.class);
         permission.setName("测试");
         permission.setId("test");
         permission.setStatus((byte) 1);
         permission.setActions(ActionEntity.create(Permission.ACTION_QUERY, Permission.ACTION_UPDATE));
-        permission.setDataAccess(Arrays.asList(accessEntity, updateAccessEntity, denyUpdateFields,denyUpdateFields));
+        permission.setDataAccess(Arrays.asList(accessEntity, updateAccessEntity, denyUpdateFields, denyUpdateFields, onlyDepartmentData));
         permissionService.insert(permission);
 
         BindPermissionRoleEntity<PermissionRoleEntity> roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
@@ -192,17 +214,39 @@ public class SpringBootExample implements CommandLineRunner {
         userEntity.setRoles(Arrays.asList("admin"));
         userService.insert(userEntity);
 
-        OAuth2ClientEntity clientEntity = entityFactory.newInstance(OAuth2ClientEntity.class);
-
-        clientEntity.setId("test");
-        clientEntity.setSecret("test");
-        clientEntity.setOwnerId("admin");
-        clientEntity.setName("测试");
-        clientEntity.setType("test");
-        clientEntity.setCreatorId("admin");
-        clientEntity.setRedirectUri("http://localhost");
-        clientEntity.setCreateTime(System.currentTimeMillis());
-        clientEntity.setSupportGrantTypes(Collections.singleton("*"));
-        oAuth2ClientDao.insert(clientEntity);
+
+        OrganizationalEntity org = entityFactory.newInstance(OrganizationalEntity.class);
+
+        org.setName("测试机构");
+        org.setEnabled(true);
+        org.setId("test");
+        org.setParentId("-1");
+
+        organizationalService.insert(org);
+
+        DepartmentEntity department = entityFactory.newInstance(DepartmentEntity.class);
+        department.setEnabled(true);
+        department.setOrgId("test");
+        department.setId("test");
+        department.setName("职务");
+        department.setParentId("-1");
+
+        departmentService.insert(department);
+
+        PositionEntity position = entityFactory.newInstance(PositionEntity.class);
+        position.setName("职务");
+        position.setId("test");
+        position.setDepartmentId("test");
+        position.setParentId("-1");
+        positionService.insert(position);
+
+        PersonEntity personEntity = entityFactory.newInstance(PersonEntity.class);
+        personEntity.setName("测试人员");
+        personEntity.setPositionIds(Collections.singleton(position.getId()));
+        personEntity.setUserId(userEntity.getId());
+
+        personService.insert(personEntity);
+
+
     }
 }

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/TestController.java

@@ -15,6 +15,7 @@ import org.hswebframework.web.entity.authorization.SimpleUserEntity;
 import org.hswebframework.web.entity.authorization.UserEntity;
 import org.hswebframework.web.logging.AccessLogger;
 import org.hswebframework.web.model.authorization.UserModel;
+import org.hswebframework.web.organizational.authorization.PersonnelAuthorization;
 import org.hswebframework.web.service.QueryByEntityService;
 import org.hswebframework.web.service.QueryService;
 import org.springframework.web.bind.annotation.*;
@@ -39,7 +40,6 @@ public class TestController implements QueryController<UserEntity, String, Query
     }
 
     @GetMapping("/test2")
-//    @RequiresRoles("admin")
     public ResponseMessage test2(Authentication authentication) {
         return ResponseMessage.ok(authentication);
     }
@@ -50,11 +50,6 @@ public class TestController implements QueryController<UserEntity, String, Query
     @ApiOperation("测试查询")
     public ResponseMessage<QueryParamEntity> testQuery(QueryParamEntity entity) {
 
-        /*
-        @RequiresFieldAccess 字段级别权限控制
-        entity.getExcludes() 自动填充不能访问的字段
-        */
-
         /*
         @RequiresDataAccess 数据级别权限控制
         entity.terms 被嵌入查询条件
@@ -68,6 +63,11 @@ public class TestController implements QueryController<UserEntity, String, Query
         return ResponseMessage.ok(model);
     }
 
+    @PutMapping("/test/testPersonnel")
+    public ResponseMessage<PersonnelAuthorization> testPersonnel() {
+        return ResponseMessage.ok(PersonnelAuthorization.current().get());
+    }
+
     @Override
     public TestService getService() {
         return new TestService();