mirror of
https://github.com/getrebuild/rebuild.git
synced 2024-09-20 07:25:54 +08:00
关联操作过滤无权限实体
This commit is contained in:
parent
fbee726293
commit
035df48aa2
2
pom.xml
2
pom.xml
|
@ -10,7 +10,7 @@
|
|||
</parent>
|
||||
<groupId>com.rebuild</groupId>
|
||||
<artifactId>rebuild</artifactId>
|
||||
<version>2.0.0</version>
|
||||
<version>2.1.0-dev</version>
|
||||
<name>rebuild</name>
|
||||
<description>RB V2 use SpringBoot</description>
|
||||
<!-- UNCOMMENT USE TOMCAT -->
|
||||
|
|
|
@ -65,7 +65,7 @@ public class Application implements ApplicationListener<ApplicationStartedEvent>
|
|||
/**
|
||||
* Rebuild Version
|
||||
*/
|
||||
public static final String VER = "2.0.0";
|
||||
public static final String VER = "2.1.0-dev";
|
||||
/**
|
||||
* Rebuild Build
|
||||
*/
|
||||
|
|
|
@ -7,6 +7,7 @@ See LICENSE and COMMERCIAL in the project root for license information.
|
|||
|
||||
package com.rebuild.core.metadata;
|
||||
|
||||
import cn.devezhao.bizz.privileges.impl.BizzPermission;
|
||||
import cn.devezhao.persist4j.Entity;
|
||||
import cn.devezhao.persist4j.Field;
|
||||
import cn.devezhao.persist4j.dialect.FieldType;
|
||||
|
@ -17,7 +18,10 @@ import com.rebuild.core.metadata.impl.DisplayType;
|
|||
import com.rebuild.core.metadata.impl.EasyMeta;
|
||||
|
||||
import java.text.Collator;
|
||||
import java.util.*;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Comparator;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
|
||||
/**
|
||||
* 元数据辅助类,注意此类返回的数据会过滤和排序
|
||||
|
@ -39,7 +43,7 @@ public class MetadataSorter {
|
|||
}
|
||||
|
||||
/**
|
||||
* 用户权限内可用实体
|
||||
* 用户权限内*可读*实体
|
||||
*
|
||||
* @param user
|
||||
* @param usesBizz 是否包括内建 BIZZ 实体
|
||||
|
@ -57,7 +61,7 @@ public class MetadataSorter {
|
|||
|
||||
if (user == null || !MetadataHelper.hasPrivilegesField(e)) {
|
||||
entities.add(e);
|
||||
} else if (Application.getPrivilegesManager().allowRead(user, e.getEntityCode())) {
|
||||
} else if (Application.getPrivilegesManager().allow(user, e.getEntityCode(), BizzPermission.READ)) {
|
||||
entities.add(e);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,6 +7,7 @@ See LICENSE and COMMERCIAL in the project root for license information.
|
|||
|
||||
package com.rebuild.core.privileges;
|
||||
|
||||
import cn.devezhao.bizz.BizzException;
|
||||
import cn.devezhao.bizz.privileges.DepthEntry;
|
||||
import cn.devezhao.bizz.privileges.Permission;
|
||||
import cn.devezhao.bizz.privileges.Privileges;
|
||||
|
@ -471,4 +472,30 @@ public class PrivilegesManager {
|
|||
}
|
||||
return new RoleBaseQueryFilter(theUser, action);
|
||||
}
|
||||
|
||||
// --
|
||||
|
||||
// 权限动作集合
|
||||
private static final Permission[] RB_PERMISSIONS = new Permission[] {
|
||||
BizzPermission.CREATE,
|
||||
BizzPermission.DELETE,
|
||||
BizzPermission.UPDATE,
|
||||
BizzPermission.READ,
|
||||
BizzPermission.ASSIGN,
|
||||
BizzPermission.SHARE,
|
||||
EntityService.UNSHARE
|
||||
};
|
||||
|
||||
/**
|
||||
* @param name
|
||||
* @return
|
||||
*/
|
||||
public static Permission parse(String name) {
|
||||
for (Permission p : RB_PERMISSIONS) {
|
||||
if (p.getName().equalsIgnoreCase(name)) {
|
||||
return p;
|
||||
}
|
||||
}
|
||||
throw new BizzException("Unknown Permission : " + name);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,16 +7,19 @@ See LICENSE and COMMERCIAL in the project root for license information.
|
|||
|
||||
package com.rebuild.web.commons;
|
||||
|
||||
import cn.devezhao.bizz.privileges.Permission;
|
||||
import cn.devezhao.persist4j.Entity;
|
||||
import cn.devezhao.persist4j.Field;
|
||||
import cn.devezhao.persist4j.dialect.FieldType;
|
||||
import cn.devezhao.persist4j.engine.ID;
|
||||
import cn.devezhao.persist4j.metadata.BaseMeta;
|
||||
import com.rebuild.core.Application;
|
||||
import com.rebuild.core.metadata.EntityHelper;
|
||||
import com.rebuild.core.metadata.MetadataHelper;
|
||||
import com.rebuild.core.metadata.MetadataSorter;
|
||||
import com.rebuild.core.metadata.impl.DisplayType;
|
||||
import com.rebuild.core.metadata.impl.EasyMeta;
|
||||
import com.rebuild.core.privileges.PrivilegesManager;
|
||||
import com.rebuild.core.support.state.StateHelper;
|
||||
import com.rebuild.web.BaseController;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
|
@ -116,11 +119,18 @@ public class MetadataGetting extends BaseController {
|
|||
// 哪些实体引用了指定实体
|
||||
@GetMapping("references")
|
||||
public List<String[]> references(HttpServletRequest request) {
|
||||
String entity = getParameterNotNull(request, "entity");
|
||||
Entity entityMeta = MetadataHelper.getEntity(entity);
|
||||
final ID user = getRequestUser(request);
|
||||
|
||||
Entity entity = MetadataHelper.getEntity(getParameterNotNull(request, "entity"));
|
||||
|
||||
String permission = getParameter(request, "permission");
|
||||
Permission checkPermission = null;
|
||||
if (permission != null) {
|
||||
checkPermission = PrivilegesManager.parse(permission);
|
||||
}
|
||||
|
||||
Set<Entity> references = new HashSet<>();
|
||||
for (Field field : entityMeta.getReferenceToFields()) {
|
||||
for (Field field : entity.getReferenceToFields()) {
|
||||
Entity own = field.getOwnEntity();
|
||||
if (!(own.getMainEntity() != null || field.getType() == FieldType.ANY_REFERENCE)) {
|
||||
references.add(own);
|
||||
|
@ -129,8 +139,11 @@ public class MetadataGetting extends BaseController {
|
|||
|
||||
List<String[]> data = new ArrayList<>();
|
||||
for (Entity e : references) {
|
||||
EasyMeta easy = new EasyMeta(e);
|
||||
data.add(new String[] { easy.getName(), easy.getLabel() });
|
||||
if (checkPermission == null
|
||||
|| Application.getPrivilegesManager().allow(user, e.getEntityCode(), checkPermission)) {
|
||||
EasyMeta easy = new EasyMeta(e);
|
||||
data.add(new String[] { easy.getName(), easy.getLabel() });
|
||||
}
|
||||
}
|
||||
return data;
|
||||
}
|
||||
|
|
|
@ -11,30 +11,30 @@ class DlgAssign extends RbModalHandler {
|
|||
constructor(props) {
|
||||
super(props)
|
||||
this.onView = !!window.RbViewPage
|
||||
this.specs = ['assign', 'Assign']
|
||||
this._Props = ['assign', 'Assign', 'A']
|
||||
}
|
||||
|
||||
render() {
|
||||
return (
|
||||
<RbModal title={$L(this.specs[1])} ref={(c) => (this._dlg = c)}>
|
||||
<RbModal title={$L(this._Props[1])} ref={(c) => (this._dlg = c)}>
|
||||
<div className="form">
|
||||
{this.onView === true ? null : (
|
||||
<div className="form-group row pb-0">
|
||||
<label className="col-sm-3 col-form-label text-sm-right">{$L('SomeWhichRecords,' + this.specs[1])}</label>
|
||||
<label className="col-sm-3 col-form-label text-sm-right">{$L('SomeWhichRecords,' + this._Props[1])}</label>
|
||||
<div className="col-sm-7">
|
||||
<div className="form-control-plaintext">{`${$L('DatasSelected')} (${$L('XItem').replace('%d', this.state.ids.length)})`}</div>
|
||||
</div>
|
||||
</div>
|
||||
)}
|
||||
<div className="form-group row">
|
||||
<label className="col-sm-3 col-form-label text-sm-right">{$L('SomeToWho,' + this.specs[1])}</label>
|
||||
<label className="col-sm-3 col-form-label text-sm-right">{$L('SomeToWho,' + this._Props[1])}</label>
|
||||
<div className="col-sm-7">{this._useUserSelector()}</div>
|
||||
</div>
|
||||
{this.state.cascadesShow !== true ? (
|
||||
<div className="form-group row">
|
||||
<div className="col-sm-7 offset-sm-3">
|
||||
<a href="#" onClick={this._showCascade}>
|
||||
{$L('SameSomeRelatedRecords,' + this.specs[1])}
|
||||
{$L('SameSomeRelatedRecords,' + this._Props[1])}
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -71,14 +71,17 @@ class DlgAssign extends RbModalHandler {
|
|||
|
||||
_showCascade = () => {
|
||||
event && event.preventDefault()
|
||||
$.get(`/commons/metadata/references?entity=${this.props.entity}`, (res) => {
|
||||
$.get(`/commons/metadata/references?entity=${this.props.entity}&permission=${this._Props[2]}`, (res) => {
|
||||
this.setState({ cascadesShow: true, cascadesEntity: res.data }, () => {
|
||||
const defaultSelected = []
|
||||
res.data.forEach((item) => defaultSelected.push(item[0]))
|
||||
|
||||
$(this._cascades)
|
||||
.select2({
|
||||
multiple: true,
|
||||
placeholder: $L('SelectCasEntity'),
|
||||
})
|
||||
.val(null)
|
||||
.val(defaultSelected)
|
||||
.trigger('change')
|
||||
})
|
||||
})
|
||||
|
@ -91,21 +94,21 @@ class DlgAssign extends RbModalHandler {
|
|||
post() {
|
||||
let users = this._UserSelector.val()
|
||||
if (!users || users.length === 0) {
|
||||
RbHighbar.create($L('PlsSelectSomeToWho,' + this.specs[1]))
|
||||
RbHighbar.create($L('PlsSelectSomeToWho,' + this._Props[1]))
|
||||
return
|
||||
}
|
||||
if ($.type(users) === 'array') users = users.join(',')
|
||||
const cass = this.state.cascadesShow === true ? $(this._cascades).val().join(',') : ''
|
||||
|
||||
const $btns = $(this._btns).find('.btn').button('loading')
|
||||
$.post(`/app/entity/record-${this.specs[0]}?id=${this.state.ids.join(',')}&cascades=${cass}&to=${users}`, (res) => {
|
||||
$.post(`/app/entity/record-${this._Props[0]}?id=${this.state.ids.join(',')}&cascades=${cass}&to=${users}`, (res) => {
|
||||
if (res.error_code === 0) {
|
||||
this.setState({ cascadesShow: false })
|
||||
this._UserSelector.clearSelection()
|
||||
$(this._cascades).val(null).trigger('change')
|
||||
|
||||
this.hide()
|
||||
RbHighbar.success($L('SomeSuccess,' + this.specs[1]))
|
||||
RbHighbar.success($L('SomeSuccess,' + this._Props[1]))
|
||||
|
||||
setTimeout(() => {
|
||||
if (window.RbListPage) RbListPage._RbList.reload()
|
||||
|
@ -136,7 +139,7 @@ class DlgAssign extends RbModalHandler {
|
|||
class DlgShare extends DlgAssign {
|
||||
constructor(props) {
|
||||
super(props)
|
||||
this.specs = ['share', 'Share']
|
||||
this._Props = ['share', 'Share', 'S']
|
||||
}
|
||||
|
||||
_useUserSelector() {
|
||||
|
|
|
@ -1726,7 +1726,7 @@ class DeleteConfirm extends RbAlert {
|
|||
enableCascade() {
|
||||
this.setState({ enableCascade: !this.state.enableCascade })
|
||||
if (!this.state.cascadesEntity) {
|
||||
$.get('/commons/metadata/references?entity=' + this.props.entity, (res) => {
|
||||
$.get(`/commons/metadata/references?entity=${this.props.entity}&permission=D`, (res) => {
|
||||
this.setState({ cascadesEntity: res.data }, () => {
|
||||
this.__select2 = $(this._cascades)
|
||||
.select2({
|
||||
|
|
|
@ -76,7 +76,7 @@ class ContentAutoAssign extends ActionContentSpec {
|
|||
}
|
||||
|
||||
const cascades = content.cascades ? content.cascades.split(',') : []
|
||||
$.get('/commons/metadata/references?entity=' + this.props.sourceEntity, (res) => {
|
||||
$.get(`/commons/metadata/references?entity=${this.props.sourceEntity}`, (res) => {
|
||||
this.setState({ cascadesEntity: res.data }, () => {
|
||||
this.__select2 = $(this._cascades)
|
||||
.select2({
|
||||
|
|
Loading…
Reference in a new issue