mirror of
https://github.com/getrebuild/rebuild.git
synced 2024-09-20 15:35:55 +08:00
priv
This commit is contained in:
parent
7808b83b47
commit
9f7d7e1510
|
@ -62,7 +62,7 @@ public class RoleService extends GeneralEntityService {
|
|||
* @param roleId
|
||||
* @param definition
|
||||
*/
|
||||
public void bulkUpdatePrivileges(ID roleId, JSONObject definition) {
|
||||
public void txUpdatePrivileges(ID roleId, JSONObject definition) {
|
||||
Object[][] array = Application.createQuery(
|
||||
"select privilegesId,definition,entity,zeroKey from RolePrivileges where roleId = ?")
|
||||
.setParameter(1, roleId)
|
||||
|
|
|
@ -18,7 +18,6 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
|
||||
package com.rebuild.server.bizz.privileges;
|
||||
|
||||
import java.text.MessageFormat;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
|
@ -104,17 +103,18 @@ public class EntityQueryFilter implements Filter, QueryFilter {
|
|||
return ALLOWED.evaluate(null);
|
||||
}
|
||||
|
||||
String fvFormat = "{0} = '{1}'";
|
||||
String fvFormat = "%s = '%s'";
|
||||
|
||||
if (de == BizzDepthEntry.PRIVATE) {
|
||||
return appendViaShare(entity, MessageFormat.format(fvFormat, EntityHelper.owningUser, user.getIdentity()));
|
||||
return appendShareFilter(entity,
|
||||
String.format(fvFormat, EntityHelper.owningUser, user.getIdentity()));
|
||||
}
|
||||
|
||||
Department dept = user.getOwningDept();
|
||||
String deptSql = MessageFormat.format(fvFormat, EntityHelper.owningDept, dept.getIdentity());
|
||||
String deptSql = String.format(fvFormat, EntityHelper.owningDept, dept.getIdentity());
|
||||
|
||||
if (de == BizzDepthEntry.LOCAL) {
|
||||
return appendViaShare(entity, deptSql);
|
||||
return appendShareFilter(entity, deptSql);
|
||||
}
|
||||
|
||||
if (de == BizzDepthEntry.DEEPDOWN) {
|
||||
|
@ -122,22 +122,30 @@ public class EntityQueryFilter implements Filter, QueryFilter {
|
|||
sqls.add(deptSql);
|
||||
|
||||
for (BusinessUnit child : dept.getAllChildren()) {
|
||||
sqls.add(MessageFormat.format(fvFormat, EntityHelper.owningDept, child.getIdentity()));
|
||||
sqls.add(String.format(fvFormat, EntityHelper.owningDept, child.getIdentity()));
|
||||
}
|
||||
return appendViaShare(entity, "(" + StringUtils.join(sqls, " or ") + ")");
|
||||
return appendShareFilter(entity, "(" + StringUtils.join(sqls, " or ") + ")");
|
||||
}
|
||||
|
||||
return DENIED.evaluate(null);
|
||||
}
|
||||
|
||||
/**
|
||||
* TODO 通过共享添加的权限
|
||||
* TODO 共享权限
|
||||
*
|
||||
* @param entity
|
||||
* @param filter
|
||||
* @param filtered
|
||||
* @return
|
||||
*/
|
||||
protected String appendViaShare(Entity entity, String filter) {
|
||||
return filter;
|
||||
protected String appendShareFilter(Entity entity, String filtered) {
|
||||
// TODO exists 不能用
|
||||
// String shareFilter = "exists (select rights from ShareAccess where entity = %d and shareTo = '%s' and recordId = ^%s)";
|
||||
// shareFilter = String.format(shareFilter,
|
||||
// entity.getEntityCode(), user.getIdentity().toString(), entity.getPrimaryField().getName());
|
||||
|
||||
String shareFilter = "%s in (select recordId from ShareAccess where entity = %d and shareTo = '%s')";
|
||||
shareFilter = String.format(shareFilter,
|
||||
entity.getPrimaryField().getName(), entity.getEntityCode(), user.getIdentity());
|
||||
return "(" + filtered + " or " + shareFilter + ")";
|
||||
}
|
||||
}
|
||||
|
|
|
@ -120,7 +120,7 @@ public class RolePrivilegesControll extends BaseControll {
|
|||
public void privilegesUpdate(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
JSON post = ServletUtils.getRequestJson(request);
|
||||
ID role = getIdParameterNotNull(request, "role");
|
||||
Application.getBean(RoleService.class).bulkUpdatePrivileges(role, (JSONObject) post);
|
||||
Application.getBean(RoleService.class).txUpdatePrivileges(role, (JSONObject) post);
|
||||
writeSuccess(response);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -54,12 +54,12 @@ import cn.devezhao.persist4j.engine.ID;
|
|||
@Controller
|
||||
@RequestMapping("/admin/")
|
||||
public class MetaEntityControll extends BaseControll {
|
||||
|
||||
|
||||
@RequestMapping("entities")
|
||||
public ModelAndView pageList(HttpServletRequest request) throws IOException {
|
||||
return createModelAndView("/admin/entity/entity-grid.jsp");
|
||||
}
|
||||
|
||||
|
||||
@RequestMapping("entity/{entity}/base")
|
||||
public ModelAndView pageEntityBase(@PathVariable String entity, HttpServletRequest request) throws IOException {
|
||||
ModelAndView mv = createModelAndView("/admin/entity/entity-edit.jsp");
|
||||
|
@ -84,13 +84,15 @@ public class MetaEntityControll extends BaseControll {
|
|||
}
|
||||
writeSuccess(response, ret);
|
||||
}
|
||||
|
||||
|
||||
@RequestMapping("entity/entity-new")
|
||||
public void entityNew(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
ID user = getRequestUser(request);
|
||||
String label = getParameterNotNull(request, "label");
|
||||
String comments = getParameter(request, "comments");
|
||||
|
||||
JSONObject reqJson = (JSONObject) ServletUtils.getRequestJson(request);
|
||||
|
||||
String label = reqJson.getString("label");
|
||||
String comments = reqJson.getString("comments");
|
||||
|
||||
String entityName = null;
|
||||
try {
|
||||
entityName = new Entity2Schema(user).create(label, comments);
|
||||
|
@ -100,18 +102,18 @@ public class MetaEntityControll extends BaseControll {
|
|||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@RequestMapping("entity/entity-update")
|
||||
public void entityUpdate(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
ID user = getRequestUser(request);
|
||||
JSON formJson = ServletUtils.getRequestJson(request);
|
||||
Record record = EntityHelper.parse((JSONObject) formJson, user);
|
||||
Application.getCommonService().update(record);
|
||||
|
||||
|
||||
Application.getMetadataFactory().refresh(false);
|
||||
writeSuccess(response);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param mv
|
||||
* @param entity
|
||||
|
|
|
@ -129,11 +129,13 @@ public class MetaFieldControll extends BaseControll {
|
|||
@RequestMapping("field-new")
|
||||
public void fieldNew(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
ID user = getRequestUser(request);
|
||||
String entityName = getParameterNotNull(request, "entity");
|
||||
String label = getParameterNotNull(request, "label");
|
||||
String type = getParameterNotNull(request, "type");
|
||||
String comments = getParameter(request, "comments");
|
||||
String refEntity = getParameter(request, "refEntity");
|
||||
JSONObject reqJson = (JSONObject) ServletUtils.getRequestJson(request);
|
||||
|
||||
String entityName = reqJson.getString("entity");
|
||||
String label = reqJson.getString("label");
|
||||
String type = reqJson.getString("type");
|
||||
String comments = reqJson.getString("comments");
|
||||
String refEntity = reqJson.getString("refEntity");
|
||||
|
||||
Entity entity = MetadataHelper.getEntity(entityName);
|
||||
DisplayType dt = DisplayType.valueOf(type);
|
||||
|
|
|
@ -37,9 +37,11 @@ $(document).ready(function(){
|
|||
if (!entityLabel){
|
||||
rb.notice('请输入实体名称'); return;
|
||||
}
|
||||
let _data = { label:entityLabel, comments:comments }
|
||||
_data = JSON.stringify(_data)
|
||||
|
||||
btn.button('loading');
|
||||
$.post(rb.baseUrl + '/admin/entity/entity-new', { label:entityLabel, comments:comments }, function(res){
|
||||
$.post(rb.baseUrl + '/admin/entity/entity-new', _data, function(res){
|
||||
if (res.error_code == 0) parent.location.href = rb.baseUrl + '/admin/entity/' +res.data + '/base';
|
||||
else rb.notice(res.error_msg, 'danger')
|
||||
});
|
||||
|
|
|
@ -73,6 +73,8 @@ $(document).ready(function(){
|
|||
}
|
||||
|
||||
let _data = { entity:entity, label:fieldLabel, type:type, comments:comments, refEntity:refEntity };
|
||||
_data = JSON.stringify(_data)
|
||||
|
||||
btn.button('loading');
|
||||
$.post(rb.baseUrl + '/admin/entity/field-new', _data, function(res){
|
||||
btn.button('reset')
|
||||
|
|
|
@ -19,7 +19,7 @@ class TheBothDialog extends React.Component {
|
|||
<div className="form-group row">
|
||||
<label className="col-sm-3 col-form-label text-sm-right">{this.opType + '哪些记录'}</label>
|
||||
<div className="col-sm-7">
|
||||
<div className="form-control-plaintext" id="records">{'选中的记录 (' + this.state.ids.split(',').length + '条)'}</div>
|
||||
<div className="form-control-plaintext" id="records">{'选中的记录 (' + this.state.ids.length + '条)'}</div>
|
||||
</div>
|
||||
</div>
|
||||
<div className="form-group row">
|
||||
|
@ -133,12 +133,12 @@ class TheBothDialog extends React.Component {
|
|||
|
||||
var rb = rb || {}
|
||||
|
||||
// props = { entity, id }
|
||||
// props = { entity, ids }
|
||||
rb.AssignDialog = function(props){
|
||||
props = { ...props, type: 'assign' }
|
||||
return renderRbcomp(<TheBothDialog { ...props} />)
|
||||
}
|
||||
// props = { entity, id }
|
||||
// props = { entity, ids }
|
||||
rb.ShareDialog = function(props){
|
||||
props = { ...props, type: 'share' }
|
||||
return renderRbcomp(<TheBothDialog { ...props} />)
|
||||
|
|
Loading…
Reference in a new issue