mirror of
https://github.com/getrebuild/rebuild.git
synced 2024-09-21 15:56:53 +08:00
Example U/D/R and default-val for ZeroPrivileges
This commit is contained in:
parent
13384ab751
commit
eebbd41b2d
|
@ -340,15 +340,20 @@ alter table `login_log`
|
|||
|
||||
-- User
|
||||
INSERT INTO `user` (`USER_ID`, `LOGIN_NAME`, `PASSWORD`, `FULL_NAME`, `DEPT_ID`, `ROLE_ID`, `IS_DISABLED`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
|
||||
VALUES
|
||||
VALUES
|
||||
('001-0000000000000000', 'system', 'system', '系统用户', '002-0000000000000001', '003-0000000000000001', 'T', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'XTYH'),
|
||||
('001-0000000000000001', 'admin', '8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918', '超级管理员', '002-0000000000000001', '003-0000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'CJGLY');
|
||||
('001-0000000000000001', 'admin', '8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918', '超级管理员', '002-0000000000000001', '003-0000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'CJGLY'),
|
||||
('001-9000000000000001', 'rebuild', 'cf44886e54f424ce136dc38e4d9ef5b4b556d06060705262d6fcce02b4322539', 'RB示例用户', '002-9000000000000001', '003-9000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLYH');
|
||||
-- Department
|
||||
INSERT INTO `department` (`DEPT_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
|
||||
VALUES ('002-0000000000000001', '总部', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'ZB');
|
||||
VALUES
|
||||
('002-0000000000000001', '总部', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'ZB'),
|
||||
('002-9000000000000001', 'RB示例部门', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLBM');
|
||||
-- Role
|
||||
INSERT INTO `role` (`ROLE_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
|
||||
VALUES ('003-0000000000000001', '管理员', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'GLY');
|
||||
VALUES
|
||||
('003-0000000000000001', '管理员', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'GLY'),
|
||||
('003-9000000000000001', 'RB示例角色', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLJS');
|
||||
|
||||
-- Layouts
|
||||
INSERT INTO `layout_config` (`CONFIG_ID`, `BELONG_ENTITY`, `CONFIG`, `APPLY_TYPE`, `SHARE_TO`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`)
|
||||
|
|
2
pom.xml
2
pom.xml
|
@ -6,7 +6,7 @@
|
|||
<groupId>com.rebuild</groupId>
|
||||
<artifactId>rebuild</artifactId>
|
||||
<packaging>war</packaging>
|
||||
<version>1.1.0</version>
|
||||
<version>1.2.0-dev</version>
|
||||
<name>rebuild</name>
|
||||
<description>Building your business-systems free!</description>
|
||||
<url>https://getrebuild.com/</url>
|
||||
|
|
|
@ -453,12 +453,12 @@ public class SecurityManager {
|
|||
* 扩展权限
|
||||
*
|
||||
* @param user
|
||||
* @param zeroKey
|
||||
* @param entry
|
||||
* @return
|
||||
* @see ZeroPrivileges
|
||||
* @see ZeroPermission
|
||||
*/
|
||||
public boolean allowedZero(ID user, String zeroKey) {
|
||||
public boolean allowed(ID user, ZeroEntry entry) {
|
||||
if (UserService.ADMIN_USER.equals(user)) {
|
||||
return true;
|
||||
}
|
||||
|
@ -471,7 +471,9 @@ public class SecurityManager {
|
|||
return true;
|
||||
}
|
||||
|
||||
return role.hasPrivileges(zeroKey)
|
||||
&& role.getPrivileges(zeroKey).allowed(ZeroPermission.ZERO);
|
||||
if (role.hasPrivileges(entry.name())) {
|
||||
return role.getPrivileges(entry.name()).allowed(ZeroPermission.ZERO);
|
||||
}
|
||||
return entry.getDefaultVal();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,62 @@
|
|||
/*
|
||||
rebuild - Building your system freely.
|
||||
Copyright (C) 2019 devezhao <zhaofang123@gmail.com>
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package com.rebuild.server.service.bizz.privileges;
|
||||
|
||||
/**
|
||||
* 扩权限项
|
||||
*
|
||||
* @author devezhao zhaofang123@gmail.com
|
||||
* @since 2019/04/13
|
||||
*/
|
||||
public enum ZeroEntry {
|
||||
|
||||
/**
|
||||
* 登录
|
||||
*/
|
||||
AllowLogin(true),
|
||||
/**
|
||||
* 批量修改
|
||||
*/
|
||||
AllowBatchUpdate(false),
|
||||
/**
|
||||
* 数据导入
|
||||
*/
|
||||
AllowDataImport(false),
|
||||
/**
|
||||
* 数据导出
|
||||
*/
|
||||
AllowDataOutput(false),
|
||||
|
||||
;
|
||||
|
||||
private boolean defaultVal;
|
||||
|
||||
private ZeroEntry(boolean defaultVal) {
|
||||
this.defaultVal = defaultVal;
|
||||
}
|
||||
|
||||
/**
|
||||
* 默认值
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public boolean getDefaultVal() {
|
||||
return defaultVal;
|
||||
}
|
||||
}
|
|
@ -32,28 +32,16 @@ import cn.devezhao.bizz.security.EntityPrivileges;
|
|||
* @author devezhao
|
||||
* @since 10/11/2018
|
||||
* @see EntityPrivileges
|
||||
* @see ZeroEntry
|
||||
*/
|
||||
public class ZeroPrivileges implements Privileges {
|
||||
private static final long serialVersionUID = 7185091441777921842L;
|
||||
|
||||
// ZERO 权限
|
||||
|
||||
// 登录
|
||||
public static final String AllowLogin = "AllowLogin";
|
||||
// 批量修改
|
||||
public static final String AllowBatchUpdate = "AllowBatchUpdate";
|
||||
// 数据导入
|
||||
public static final String AllowDataImport = "AllowDataImport";
|
||||
// 数据导出
|
||||
public static final String AllowDataOutput = "AllowDataOutput";
|
||||
|
||||
// ----
|
||||
|
||||
private final String zreoKey;
|
||||
private final String definition;
|
||||
|
||||
/**
|
||||
* @param zreoKey
|
||||
* @param zreoKey {@link ZeroEntry}
|
||||
* @param definition
|
||||
*/
|
||||
public ZeroPrivileges(String zreoKey, String definition) {
|
||||
|
|
|
@ -36,7 +36,7 @@ import com.rebuild.server.metadata.EntityHelper;
|
|||
import com.rebuild.server.service.DataSpecificationException;
|
||||
import com.rebuild.server.service.bizz.UserService;
|
||||
import com.rebuild.server.service.bizz.privileges.User;
|
||||
import com.rebuild.server.service.bizz.privileges.ZeroPrivileges;
|
||||
import com.rebuild.server.service.bizz.privileges.ZeroEntry;
|
||||
import com.rebuild.utils.AES;
|
||||
import com.rebuild.web.BasePageControll;
|
||||
import com.wf.captcha.utils.CaptchaUtil;
|
||||
|
@ -133,7 +133,7 @@ public class LoginControll extends BasePageControll {
|
|||
writeFailure(response, "用户未激活");
|
||||
return;
|
||||
}
|
||||
if (!Application.getSecurityManager().allowedZero(loginUser.getId(), ZeroPrivileges.AllowLogin)) {
|
||||
if (!Application.getSecurityManager().allowed(loginUser.getId(), ZeroEntry.AllowLogin)) {
|
||||
writeFailure(response, "用户无登录权限");
|
||||
return;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,14 @@
|
|||
-- Database upgrade scripts for rebuild 1.x
|
||||
-- Each upgraded starts with `-- #VERSION`
|
||||
|
||||
-- #3 Example User and Role (v1.2)
|
||||
INSERT INTO `user` (`USER_ID`, `LOGIN_NAME`, `PASSWORD`, `FULL_NAME`, `DEPT_ID`, `ROLE_ID`, `IS_DISABLED`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
|
||||
VALUES ('001-9000000000000001', 'rebuild', 'cf44886e54f424ce136dc38e4d9ef5b4b556d06060705262d6fcce02b4322539', 'RB示例用户', '002-9000000000000001', '003-9000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLYH');
|
||||
INSERT INTO `department` (`DEPT_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
|
||||
VALUES ('002-9000000000000001', 'RB示例部门', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLBM');
|
||||
INSERT INTO `role` (`ROLE_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
|
||||
VALUES ('003-9000000000000001', 'RB示例角色', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLJS');
|
||||
|
||||
-- #2 for Classification field (v1.1)
|
||||
-- ************ Entity [Classification] DDL ************
|
||||
create table if not exists `classification` (
|
||||
|
|
|
@ -42,6 +42,5 @@ public class MiscTest {
|
|||
|
||||
System.out.println(System.getenv());
|
||||
System.out.println(System.getProperties());
|
||||
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue