diff --git a/hsweb-system/README.md b/hsweb-system/README.md
index 32e0bdd99..7bec362e8 100644
--- a/hsweb-system/README.md
+++ b/hsweb-system/README.md
@@ -18,7 +18,7 @@
|[hsweb-system-file](hsweb-system-file)|文件管理| 0%|
|[hsweb-system-history](hsweb-system-history)|历史记录管理| 0%|
|[hsweb-system-monitor](hsweb-system-monitor)|系统监控| 0%|
-|[hsweb-system-organizational](hsweb-system-organizational)|组织架构| 0%|
+|[hsweb-system-organizational](hsweb-system-organizational)|组织架构| 50%|
|[hsweb-system-schedule](hsweb-system-schedule)|任务调度| 0%|
|[hsweb-system-script](hsweb-system-script)|动态脚本| 0%|
|[hsweb-system-template](hsweb-system-template)|模板管理| 0%|
diff --git a/hsweb-system/hsweb-system-authorization/README.md b/hsweb-system/hsweb-system-authorization/README.md
index b532400fe..8e230bd95 100644
--- a/hsweb-system/hsweb-system-authorization/README.md
+++ b/hsweb-system/hsweb-system-authorization/README.md
@@ -1,3 +1,7 @@
## 权限功能模块
提供用户,角色,权限管理
+
+## 授权
+[AuthorizationController](hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java)
+仅进行基础授权,通过触发`AuthorizationListener`,进行自定义控制逻辑.详细方式见:[hsweb-authorization-api](../../hsweb-authorization/hsweb-authorization-api)
\ No newline at end of file
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml
index 16fa2bc2f..7b7db36ae 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml
@@ -50,5 +50,10 @@
hsweb-commons-controller
${project.version}
+
+ org.hswebframework.web
+ hsweb-system-authorization-model
+ ${project.version}
+
\ No newline at end of file
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java
index cd9a7c1e5..5832feb22 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java
@@ -17,31 +17,24 @@
package org.hswebframework.web.controller.authorization;
-import org.apache.commons.codec.binary.Base64;
-import org.hswebframework.expands.security.Encrypt;
-import org.hswebframework.expands.security.rsa.RSAEncrypt;
-import org.hswebframework.expands.security.rsa.RSAPrivateEncrypt;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiParam;
import org.hswebframework.web.BusinessException;
import org.hswebframework.web.NotFoundException;
import org.hswebframework.web.authorization.Authorization;
-import org.hswebframework.web.authorization.listener.UserAuthorizationConfigRegister;
-import org.hswebframework.web.authorization.listener.UserAuthorizationListener;
+import org.hswebframework.web.authorization.annotation.Authorize;
+import org.hswebframework.web.authorization.listener.AuthorizationListenerDispatcher;
+import org.hswebframework.web.authorization.listener.event.*;
import org.hswebframework.web.controller.message.ResponseMessage;
import org.hswebframework.web.entity.authorization.UserEntity;
import org.hswebframework.web.logging.AccessLogger;
-import org.hswebframework.web.service.AbstractService;
import org.hswebframework.web.service.authorization.UserService;
-import org.hswebframework.web.service.authorization.VerifyCode;
-import org.hswebframework.web.service.authorization.VerifyCodeGenerator;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.*;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import java.io.IOException;
-import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+import java.util.function.Function;
import static org.hswebframework.web.controller.message.ResponseMessage.ok;
@@ -53,140 +46,113 @@ import static org.hswebframework.web.controller.message.ResponseMessage.ok;
@RestController
@RequestMapping("${hsweb.web.mappings.authorize:authorize}")
@AccessLogger("授权")
+@Api(tags = "authorize-simple", description = "提供基本的授权功能")
public class AuthorizationController {
- private static final String RSA_PRIVATE_KEY_NAME = "RSA_PRIVATE_KEY";
- private static final String VERIFY_CODE_NAME = "VERIFY_CODE";
- private static final String NEED_VERIFY_CODE_NAME = "NEED_VERIFY_CODE";
-
- @Autowired(required = false)
- private VerifyCodeGenerator verifyCodeGenerator;
+// private static final String RSA_PRIVATE_KEY_NAME = "RSA_PRIVATE_KEY";
+// private static final String VERIFY_CODE_NAME = "VERIFY_CODE";
@Autowired
private UserService userService;
- @Autowired(required = false)
- private List userAuthorizationListeners;
+ @Autowired
+ private AuthorizationListenerDispatcher authorizationListenerDispatcher;
- @Value("${hsweb.web.authorize.rsa:false}")
- private boolean useRsa = false;
+// @GetMapping(value = "/public-key")
+// @AccessLogger("获取公钥")
+// @ApiOperation("获取rsa公钥,当开启了用户名密码加密的时候使用此接口获取用于加密的公钥")
+// public ResponseMessage getAuthorizeToken(@ApiParam(hidden = true) HttpSession session) {
+// RSAEncrypt rsaEncrypt = Encrypt.rsa();
+// String publicKey = rsaEncrypt.publicEncrypt().getKey();
+// String privateKey = rsaEncrypt.privateEncrypt().getKey();
+// session.setAttribute(RSA_PRIVATE_KEY_NAME, privateKey);
+// return ok(publicKey);
+// }
- private UserAuthorizationListenerAdapter listenerAdapter = new UserAuthorizationListenerAdapter();
-
- @GetMapping(value = "/public-key")
- @AccessLogger("获取公钥")
- public ResponseMessage getAuthorizeToken(HttpSession session) {
- RSAEncrypt rsaEncrypt = Encrypt.rsa();
- String publicKey = rsaEncrypt.publicEncrypt().getKey();
- String privateKey = rsaEncrypt.privateEncrypt().getKey();
- session.setAttribute(RSA_PRIVATE_KEY_NAME, privateKey);
- return ok(publicKey);
- }
-
- @GetMapping(value = "/verify-code")
- @AccessLogger("获取验证码")
- public void getVerifyCode(HttpServletResponse response, HttpSession session) throws IOException {
- if (verifyCodeGenerator == null) throw new NotFoundException("{verify_code_not_found}");
- response.setContentType(MediaType.APPLICATION_OCTET_STREAM_VALUE);
- response.setHeader("Content-disposition", "attachment;filename=verify-code.png");
- VerifyCode verifyCode = verifyCodeGenerator.generate();
- session.setAttribute(RSA_PRIVATE_KEY_NAME, verifyCode.getCode());
- verifyCode.write(response.getOutputStream());
- }
-
- @RequestMapping("/login-out")
+ @GetMapping("/login-out")
@AccessLogger("退出登录")
- public ResponseMessage loginOut(Authorization authorization) {
- listenerAdapter.onLoginOut(authorization);
+ @Authorize
+ @ApiOperation("退出当前登录")
+ public ResponseMessage exit(@ApiParam(hidden = true) Authorization authorization) {
+ authorizationListenerDispatcher.doEvent(new AuthorizationExitEvent(authorization));
return ok();
}
@PostMapping(value = "/login")
@AccessLogger("授权")
- public ResponseMessage authorize(@RequestParam String username,
- @RequestParam String password,
- String verifyCode,
- @RequestParam(defaultValue = "false") boolean remember,
- HttpSession session) {
+ @ApiOperation("用户名密码登录")
+ public ResponseMessage authorize(@RequestParam @ApiParam("用户名") String username,
+ @RequestParam @ApiParam("密码") String password,
+ @ApiParam(hidden = true) HttpServletRequest request) {
+
+ AuthorizationFailedEvent.Reason reason = AuthorizationFailedEvent.Reason.OTHER;
+ Function parameterGetter = request::getParameter;
try {
- if (useRsa) {
- String privateKey = (String) session.getAttribute(RSA_PRIVATE_KEY_NAME);
- if (privateKey == null) throw new BusinessException("{private_key_is_null}");
- // 解密用户名密码
- try {
- RSAEncrypt rsaEncrypt = Encrypt.rsa();
- RSAPrivateEncrypt rsaPrivateEncrypt = rsaEncrypt.privateEncrypt(privateKey);
- byte[] username_data = Base64.decodeBase64(username);
- byte[] password_data = Base64.decodeBase64(password);
- username = new String(rsaPrivateEncrypt.decrypt(username_data));
- password = new String(rsaPrivateEncrypt.decrypt(password_data));
- } catch (Exception e) {
- throw new BusinessException("{decrypt_param_error}", e, 400);
- }
- }
- UserAuthorizationConfigRegister configHolder = (useVerify) -> session.setAttribute(NEED_VERIFY_CODE_NAME, useVerify);
- listenerAdapter.onConfig(username, configHolder);
- Object useVerifyCode = session.getAttribute(NEED_VERIFY_CODE_NAME);
- // 尝试使用验证码验证
- if (useVerifyCode instanceof Boolean && (Boolean) useVerifyCode) {
- String realVerifyCode = (String) session.getAttribute(VERIFY_CODE_NAME);
- if (realVerifyCode == null || !realVerifyCode.equalsIgnoreCase(verifyCode)) {
- throw new BusinessException("{verify_code_error}");
- }
- }
- listenerAdapter.onAuthorizeBefore(username);
+ AuthorizationDecodeEvent decodeEvent = new AuthorizationDecodeEvent(username, password, parameterGetter);
+ authorizationListenerDispatcher.doEvent(decodeEvent);
+ username = decodeEvent.getUsername();
+ password = decodeEvent.getPassword();
+
+ AuthorizationBeforeEvent beforeEvent = new AuthorizationBeforeEvent(username, password, parameterGetter);
+ authorizationListenerDispatcher.doEvent(beforeEvent);
+
+// if (useRsa) {
+// String privateKey = (String) session.getAttribute(RSA_PRIVATE_KEY_NAME);
+// if (privateKey == null) throw new BusinessException("{private_key_is_null}");
+// // 解密用户名密码
+// try {
+// RSAEncrypt rsaEncrypt = Encrypt.rsa();
+// RSAPrivateEncrypt rsaPrivateEncrypt = rsaEncrypt.privateEncrypt(privateKey);
+// byte[] username_data = Base64.decodeBase64(username);
+// byte[] password_data = Base64.decodeBase64(password);
+// username = new String(rsaPrivateEncrypt.decrypt(username_data));
+// password = new String(rsaPrivateEncrypt.decrypt(password_data));
+// } catch (Exception e) {
+// throw new BusinessException("{decrypt_param_error}", e, 400);
+// }
+// }
+
+// UserAuthorizationConfigRegister configHolder = (useVerify) -> session.setAttribute(NEED_VERIFY_CODE_NAME, useVerify);
+// listenerAdapter.onConfig(username, configHolder);
+// Object useVerifyCode = session.getAttribute(NEED_VERIFY_CODE_NAME);
+// // 尝试使用验证码验证
+// if (Boolean.TRUE.equals(useVerifyCode)) {
+// String realVerifyCode = (String) session.getAttribute(VERIFY_CODE_NAME);
+// if (realVerifyCode == null || !realVerifyCode.equalsIgnoreCase(verifyCode)) {
+// throw new BusinessException("{verify_code_error}");
+// }
+// }
+// listenerAdapter.onAuthorizeBefore(username);
UserEntity entity = userService.selectByUsername(username);
- AbstractService.assertNotNull(entity, "{user_not_exists}");
- if (!entity.isEnabled()) {
+ if (entity == null) {
+ reason = AuthorizationFailedEvent.Reason.USER_NOT_EXISTS;
+ throw new NotFoundException("{user_not_exists}");
+ }
+ if (Boolean.FALSE.equals(entity.isEnabled())) {
+ reason = AuthorizationFailedEvent.Reason.USER_DISABLED;
throw new BusinessException("{user_is_disabled}", 400);
}
password = userService.encodePassword(password, entity.getSalt());
if (!entity.getPassword().equals(password)) {
- listenerAdapter.onAuthorizeFail(username);
+ reason = AuthorizationFailedEvent.Reason.PASSWORD_ERROR;
throw new BusinessException("{password_error}", 400);
}
// TODO: 17-1-13 获取IP
userService.updateLoginInfo(entity.getId(), "", System.currentTimeMillis());
// 验证通过
Authorization authorization = userService.initUserAuthorization(entity.getId());
- listenerAdapter.onAuthorizeSuccess(remember, authorization);
- return ok(authorization.getPermissions());
+ AuthorizationSuccessEvent event = new AuthorizationSuccessEvent(authorization, parameterGetter);
+ authorizationListenerDispatcher.doEvent(event);
+ return ok(entity.getId());
+ } catch (Exception e) {
+ AuthorizationFailedEvent failedEvent = new AuthorizationFailedEvent(username, password, parameterGetter, reason);
+ failedEvent.setException(e);
+ authorizationListenerDispatcher.doEvent(failedEvent);
+ throw e;
} finally {
//无论如何都清空验证码和私钥
- session.removeAttribute(VERIFY_CODE_NAME);
- session.removeAttribute(RSA_PRIVATE_KEY_NAME);
- }
- }
-
- class UserAuthorizationListenerAdapter implements UserAuthorizationListener {
- @Override
- public void onConfig(String username, UserAuthorizationConfigRegister configHolder) {
- if (userAuthorizationListeners != null)
- userAuthorizationListeners.forEach(listener -> listener.onConfig(username, configHolder));
- }
-
- @Override
- public void onAuthorizeBefore(String username) {
- if (userAuthorizationListeners != null)
- userAuthorizationListeners.forEach(listener -> listener.onAuthorizeBefore(username));
- }
-
- @Override
- public void onAuthorizeFail(String username) {
- if (userAuthorizationListeners != null)
- userAuthorizationListeners.forEach(listener -> listener.onAuthorizeFail(username));
- }
-
- @Override
- public void onLoginOut(Authorization authorization) {
- if (userAuthorizationListeners != null)
- userAuthorizationListeners.forEach(listener -> listener.onLoginOut(authorization));
- }
-
- @Override
- public void onAuthorizeSuccess(boolean isRemembered, Authorization authorization) {
- if (userAuthorizationListeners != null)
- userAuthorizationListeners.forEach(listener -> listener.onAuthorizeSuccess(isRemembered, authorization));
+// session.removeAttribute(VERIFY_CODE_NAME);
+// session.removeAttribute(RSA_PRIVATE_KEY_NAME);
}
}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java
index d394e6ef3..6e6b6084d 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java
@@ -18,19 +18,26 @@
package org.hswebframework.web.controller.authorization;
+import io.swagger.annotations.*;
+import org.apache.commons.collections.CollectionUtils;
import org.hswebframework.web.authorization.Permission;
import org.hswebframework.web.authorization.annotation.Authorize;
+import org.hswebframework.web.commons.entity.factory.EntityFactory;
import org.hswebframework.web.commons.entity.param.QueryParamEntity;
import org.hswebframework.web.controller.QueryController;
import org.hswebframework.web.controller.message.ResponseMessage;
-import org.hswebframework.web.entity.authorization.PermissionRoleEntity;
-import org.hswebframework.web.entity.authorization.RoleEntity;
+import org.hswebframework.web.entity.authorization.*;
import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity;
import org.hswebframework.web.logging.AccessLogger;
+import org.hswebframework.web.model.authorization.*;
import org.hswebframework.web.service.authorization.RoleService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import static org.hswebframework.web.controller.QueryController.*;
import static org.hswebframework.web.controller.message.ResponseMessage.ok;
/**
@@ -42,35 +49,143 @@ import static org.hswebframework.web.controller.message.ResponseMessage.ok;
@RequestMapping("${hsweb.web.mappings.role:role}")
@AccessLogger("{role_manager}")
@Authorize(permission = "role")
+@Api(tags = "role-manager", description = "角色管理")
public class RoleController implements QueryController {
@Autowired
private RoleService roleService;
+ @Autowired
+ private EntityFactory entityFactory;
+
@Override
public RoleService getService() {
return roleService;
}
+ @SuppressWarnings("unchecked")
+ public BindPermissionRoleEntity modelToEntity(RoleModel roleModel) {
+ BindPermissionRoleEntity roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
+ roleEntity.setId(roleModel.getId());
+ roleEntity.setName(roleModel.getName());
+ roleEntity.setDescribe(roleModel.getDescribe());
+ List permissionRoleEntities =
+ roleModel.getPermissions().stream()
+ .map(model -> {
+ PermissionRoleEntity entity = entityFactory.newInstance(PermissionRoleEntity.class);
+ entity.setActions(model.getActions());
+ entity.setPermissionId(model.getPermissionId());
+ entity.setRoleId(roleModel.getId());
+ //copy field accesses
+ entity.setFieldAccesses(model.getFieldAccesses().stream().map(accessModel -> {
+ FieldAccessEntity accessEntity = new FieldAccessEntity();
+ accessEntity.setField(accessEntity.getField());
+ accessEntity.setDescribe(accessEntity.getDescribe());
+ accessEntity.setActions(accessModel.getActions().stream().map(actionModel -> {
+ ActionEntity actionEntity = new ActionEntity();
+ actionEntity.setAction(actionModel.getAction());
+ actionEntity.setDescribe(actionModel.getDescribe());
+ actionEntity.setDefaultCheck(actionModel.isDefaultCheck());
+ return actionEntity;
+ }).collect(Collectors.toList()));
+ return accessEntity;
+ }).collect(Collectors.toList()));
+ //copy data accesses
+ entity.setDataAccesses(model.getDataAccesses().stream().map(accessModel -> {
+ DataAccessEntity dataAccessEntity = new DataAccessEntity();
+ dataAccessEntity.setConfig(accessModel.getConfig());
+ dataAccessEntity.setType(accessModel.getType());
+ dataAccessEntity.setDescribe(accessModel.getDescribe());
+ dataAccessEntity.setAction(accessModel.getAction());
+ return dataAccessEntity;
+ }).collect(Collectors.toList()));
+ return entity;
+ }).collect(Collectors.toList());
+ roleEntity.setPermissions(permissionRoleEntities);
+ return roleEntity;
+ }
+
+ protected RoleModel entityToModel(RoleEntity roleEntity) {
+ RoleModel roleModel = entityFactory.newInstance(RoleModel.class);
+ roleModel.setId(roleEntity.getId());
+ roleModel.setDescribe(roleEntity.getDescribe());
+ roleModel.setName(roleEntity.getName());
+ if (roleEntity instanceof BindPermissionRoleEntity) {
+ BindPermissionRoleEntity permissionRoleEntity = (BindPermissionRoleEntity) roleEntity;
+ List roleEntities = permissionRoleEntity.getPermissions();
+ if (CollectionUtils.isNotEmpty(roleEntities)) {
+ List roleModels = roleEntities.stream().map(entity -> {
+ PermissionRoleModel model = entityFactory.newInstance(PermissionRoleModel.class);
+ model.setActions(entity.getActions());
+ model.setPermissionId(entity.getPermissionId());
+ //copy field accesses
+ model.setFieldAccesses(entity.getFieldAccesses().stream().map(accessEntity -> {
+ FieldAccessModel accessModel = new FieldAccessModel();
+ accessModel.setField(accessModel.getField());
+ accessModel.setDescribe(accessModel.getDescribe());
+ accessModel.setActions(accessModel.getActions().stream().map(actionEntity -> {
+ ActionModel actionModel = new ActionModel();
+ actionModel.setAction(actionEntity.getAction());
+ actionModel.setDescribe(actionEntity.getDescribe());
+ actionModel.setDefaultCheck(actionEntity.isDefaultCheck());
+ return actionModel;
+ }).collect(Collectors.toList()));
+ return accessModel;
+ }).collect(Collectors.toList()));
+ //copy data accesses
+ model.setDataAccesses(model.getDataAccesses().stream().map(accessesEntity -> {
+ DataAccessModel dataAccessModel = new DataAccessModel();
+ dataAccessModel.setConfig(accessesEntity.getConfig());
+ dataAccessModel.setType(accessesEntity.getType());
+ dataAccessModel.setDescribe(accessesEntity.getDescribe());
+ dataAccessModel.setAction(accessesEntity.getAction());
+ return dataAccessModel;
+ }).collect(Collectors.toList()));
+ return model;
+ }).collect(Collectors.toList());
+ roleModel.setPermissions(roleModels);
+ }
+ }
+
+ return roleModel;
+ }
+
+ @Authorize(action = Permission.ACTION_GET)
+ @GetMapping(path = "/{id:.+}/detail")
+ @AccessLogger("{get_by_id}")
+ @ApiOperation("根据主键查询完整数据")
+ @ApiResponses({
+ @ApiResponse(code = 200, message = "查询成功"),
+ @ApiResponse(code = 401, message = "未授权"),
+ @ApiResponse(code = 403, message = "无权限"),
+ @ApiResponse(code = 404, message = "数据不存在")
+ })
+ public ResponseMessage getDetailByPrimaryKey(@PathVariable String id) {
+ return ok(entityToModel(assertNotNull(getService().selectByPk(id))));
+ }
+
@PostMapping
@Authorize(action = Permission.ACTION_ADD)
@AccessLogger("{add}")
- public ResponseMessage addRole(@RequestBody BindPermissionRoleEntity permissionRoleEntity) {
- return ok(roleService.insert(permissionRoleEntity));
+ @ApiOperation("添加角色")
+ public ResponseMessage addRole(@RequestBody RoleModel roleModel) {
+ return ok(roleService.insert(modelToEntity(roleModel)));
}
- @PutMapping("/{id}")
+ @PutMapping("/{id:.+}")
@Authorize(action = Permission.ACTION_UPDATE)
@AccessLogger("{update}")
- public ResponseMessage updateRole(@PathVariable String id, @RequestBody BindPermissionRoleEntity permissionRoleEntity) {
- permissionRoleEntity.setId(id);
- roleService.updateByPrimaryKey(permissionRoleEntity);
+ @ApiModelProperty("修改角色")
+ public ResponseMessage updateRole(@PathVariable String id, @RequestBody RoleModel roleModel) {
+ roleModel.setId(id);
+ roleService.updateByPrimaryKey(modelToEntity(roleModel));
return ok();
}
- @PutMapping("/disable/{id}")
+ @PutMapping("/disable/{id:.+}")
@Authorize(action = Permission.ACTION_DISABLE)
@AccessLogger("{disable}")
+ @ApiModelProperty("禁用角色")
public ResponseMessage disable(@PathVariable String id) {
roleService.disable(id);
return ok();
@@ -79,6 +194,7 @@ public class RoleController implements QueryController, CreateController {
+@Api(tags = "user-manager", description = "用户基本信息管理")
+public class UserController implements
+ QueryController,
+ CreateController {
private UserService userService;
- @Autowired
- public void setUserService(UserService userService) {
- this.userService = userService;
- }
-
- @Override
- public ResponseMessage list(QueryParamEntity param) {
- return QueryController.super.list(param)
- .exclude(UserEntity.class, "password", "salt");
- }
-
@Override
@SuppressWarnings("unchecked")
public UserService getService() {
return userService;
}
+ @Autowired
+ public void setUserService(UserService userService) {
+ this.userService = userService;
+ }
+
+ @Override
+ public UserEntity modelToEntity(UserModel model, UserEntity entity) {
+ entity.setName(model.getName());
+ entity.setPassword(model.getPassword());
+ entity.setUsername(model.getUsername());
+ return entity;
+ }
+
+ @Override
+ public ResponseMessage> list(QueryParamEntity param) {
+ return QueryController.super.list(param)
+ .exclude(UserEntity.class, "password", "salt");
+ }
+
+ @Override
+ public ResponseMessage getByPrimaryKey(@PathVariable String id) {
+ return QueryController.super.getByPrimaryKey(id)
+ .exclude(UserEntity.class, "password", "salt");
+ }
+
@Authorize(action = "update")
- @PutMapping(path = "/{id}")
+ @PutMapping(path = "/{id:.+}")
@AccessLogger("{update_by_primary_key}")
- public ResponseMessage updateByPrimaryKey(@PathVariable String id, @RequestBody UserEntity data) {
- data.setId(id);
- getService().update(data);
+ @ApiOperation("根据ID修改用户信息")
+ public ResponseMessage updateByPrimaryKey(@PathVariable String id,
+ @RequestBody UserModel userModel) {
+ getService().update(id, modelToEntity(userModel, getService().createEntity()));
return ok();
}
@Authorize(merge = false)
@PutMapping(path = "/password")
@AccessLogger("{update_password_login_user}")
- public ResponseMessage updateLoginUserPassword(Authorization authorization,
- @RequestParam String password,
+ @ApiOperation("修改当前用户的密码")
+ public ResponseMessage updateLoginUserPassword(@RequestParam String password,
@RequestParam String oldPassword) {
+ Authorization authorization = AuthorizationHolder.get();
+ Assert.notNull(authorization);
getService().updatePassword(authorization.getUser().getId(), oldPassword, password);
return ok();
}
- @Authorize(action = "update")
- @PutMapping(path = "/password/{id}")
+ @Authorize(action = Permission.ACTION_UPDATE)
+ @PutMapping(path = "/password/{id:.+}")
@AccessLogger("{update_password_by_id}")
- public ResponseMessage updateByPasswordPrimaryKey(@PathVariable String id,
+ @ApiOperation("修改指定用户的密码")
+ public ResponseMessage updateByPasswordPrimaryKey(@PathVariable String id,
@RequestParam String password,
@RequestParam String oldPassword) {
getService().updatePassword(id, oldPassword, password);
@@ -93,14 +122,17 @@ public class UserController implements QueryController enable(@PathVariable String id) {
return ok(getService().enable(id));
}
@Authorize(action = "disable")
@PutMapping(path = "/{id}/disable")
@AccessLogger("{disable_user}")
- public ResponseMessage disable(@PathVariable String id) {
+ @ApiOperation("禁用用户")
+ public ResponseMessage disable(@PathVariable String id) {
return ok(getService().disable(id));
}
+
}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java
index e217f91fd..16116a63c 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java
@@ -111,16 +111,6 @@ public class SimpleUserEntity extends SimpleGenericEntity implements Use
@Override
public SimpleUserEntity clone() {
- SimpleUserEntity target = ((SimpleUserEntity) super.clone());
-// target.setId(getId());
-// target.setName(getName());
-// target.setUsername(getUsername());
-// target.setPassword(getPassword());
-// target.setCreateTime(getCreateTime());
-// target.setCreatorId(getCreatorId());
-// target.setEnabled(isEnabled());
-// target.setLastLoginTime(getLastLoginTime());
-// target.setLastLoginIp(getLastLoginIp());
- return target;
+ return ((SimpleUserEntity) super.clone());
}
}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java
index 79e0d0c03..0c4349bb4 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java
@@ -38,10 +38,10 @@ public interface UserEntity extends GenericEntity, RecordCreationEntity
void setPassword(String password);
- void setSalt(String salt);
-
String getPassword();
+ void setSalt(String salt);
+
String getSalt();
Long getLastLoginTime();
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/pom.xml b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/pom.xml
new file mode 100644
index 000000000..bf0679fea
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/pom.xml
@@ -0,0 +1,43 @@
+
+
+
+
+
+ hsweb-system-authorization
+ org.hswebframework.web
+ 3.0-SNAPSHOT
+
+ 4.0.0
+
+ hsweb-system-authorization-model
+
+
+
+ org.hswebframework.web
+ hsweb-commons-model
+ ${project.version}
+
+
+ org.hibernate
+ hibernate-validator
+
+
+
\ No newline at end of file
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/ActionModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/ActionModel.java
new file mode 100644
index 000000000..b89880e03
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/ActionModel.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import org.hswebframework.web.commons.model.Model;
+
+@ApiModel(description = "操作事件")
+public class ActionModel implements Model {
+
+ @ApiModelProperty(value = "事件标识", required = true, allowableValues = "query,get,update,delete,add,....", example = "query")
+ private String action;
+
+ @ApiModelProperty("描述")
+ private String describe;
+
+ @ApiModelProperty("是否默认选中")
+ private boolean defaultCheck;
+
+ public ActionModel() {
+ }
+
+ public ActionModel(String action) {
+ this.action = action;
+ }
+
+ public String getAction() {
+ return action;
+ }
+
+ public void setAction(String action) {
+ this.action = action;
+ }
+
+ public String getDescribe() {
+ return describe;
+ }
+
+ public void setDescribe(String describe) {
+ this.describe = describe;
+ }
+
+ public boolean isDefaultCheck() {
+ return defaultCheck;
+ }
+
+ public void setDefaultCheck(boolean defaultCheck) {
+ this.defaultCheck = defaultCheck;
+ }
+
+
+}
\ No newline at end of file
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/DataAccessModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/DataAccessModel.java
new file mode 100644
index 000000000..c8e4c1f58
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/DataAccessModel.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+@ApiModel(value = "DataAccessModel",description = "数据级权限控制配置")
+public class DataAccessModel {
+ private String action;
+
+ private String describe;
+
+ private String type;
+
+ private String config;
+
+ @ApiModelProperty(value = "触发控制的事件", example = "query", required = true)
+ public String getAction() {
+ return this.action;
+ }
+
+ public void setAction(String action) {
+ this.action = action;
+ }
+
+ @ApiModelProperty("说明")
+ public String getDescribe() {
+ return this.describe;
+ }
+
+ public void setDescribe(String describe) {
+ this.describe = describe;
+ }
+
+ @ApiModelProperty(value = "控制的类型", allowableValues = "OWN_CREATED,SCRIPT,CUSTOM", required = true, example = "OWN_CREATED")
+ public String getType() {
+ return this.type;
+ }
+
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ @ApiModelProperty(value = "控制配置." +
+ "当控制类型为OWN_CREATED时:可留空." +
+ "当控制类型为SCRIPT时:值为json string,格式:{\"language\":\"groovy\",\"script\":\"return true;\"}." +
+ "当控制类型为CUSTOM时,值为一个实现了DataAccessController接口的类")
+ public String getConfig() {
+ return this.config;
+ }
+
+ public void setConfig(String config) {
+ this.config = config;
+ }
+
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java
new file mode 100644
index 000000000..efde63fed
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+import io.swagger.annotations.*;
+import org.hswebframework.web.commons.model.Model;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+@ApiModel(value = "FieldAccessModel", description = "字段级权限控制配置")
+public class FieldAccessModel implements Model {
+ private String field;
+
+ private String describe;
+
+ private List actions;
+
+ @ApiModelProperty(value = "要控制的字段名", required = true, example = "createTime")
+ public String getField() {
+ return field;
+ }
+
+ public void setField(String field) {
+ this.field = field;
+ }
+
+ @ApiModelProperty("字段说明")
+ public String getDescribe() {
+ return describe;
+ }
+
+ public void setDescribe(String describe) {
+ this.describe = describe;
+ }
+
+ @ApiModelProperty(value = "触发控制的事件,表示此字段不能进行{action}操作.",
+// example = "[{\"action\":\"query\"}]",
+ required = true, dataType = "ActionModel")
+ public List getActions() {
+ if (actions == null) actions = Collections.emptyList();
+ return actions;
+ }
+
+ public void setActions(List actions) {
+ this.actions = actions;
+ }
+
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java
new file mode 100644
index 000000000..684fa00fa
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import org.hswebframework.web.commons.model.Model;
+
+import java.util.List;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+@ApiModel(value = "PermissionRoleModel", description = "权限配置")
+public interface PermissionRoleModel extends Model {
+//
+// @ApiModelProperty(value = "角色ID", required = true, example = "admin")
+// String getRoleId();
+//
+// void setRoleId(String roleId);
+
+ @ApiModelProperty(value = "权限ID", required = true, example = "user")
+ String getPermissionId();
+
+ void setPermissionId(String permissionId);
+
+ @ApiModelProperty(value = "可操作事件"
+// , example = "[\"query\",\"add\"]"
+ )
+ List getActions();
+
+ void setActions(List actions);
+
+ @ApiModelProperty(value = "数据级权限控制配置", dataType = "DataAccessModel")
+ List getDataAccesses();
+
+ @ApiModelProperty(value = "字段级权限控制配置", dataType = "FieldAccessModel")
+ List getFieldAccesses();
+
+ void setDataAccesses(List dataAccesses);
+
+ void setFieldAccesses(List fieldAccesses);
+
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/RoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/RoleModel.java
new file mode 100644
index 000000000..e0b7cbc64
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/RoleModel.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import org.hswebframework.web.commons.model.Model;
+
+import java.util.List;
+
+/**
+ * @author zhouhao
+ */
+@ApiModel(value = "RoleModel", description = "角色模型")
+public interface RoleModel extends Model {
+
+ @ApiModelProperty(value = "角色ID", readOnly = true, required = true, example = "admin")
+ String getId();
+
+ void setId(String id);
+
+ @ApiModelProperty(value = "角色名", required = true)
+ String getName();
+
+ void setName(String name);
+
+ @ApiModelProperty("说明")
+ String getDescribe();
+
+ void setDescribe(String describe);
+
+ @ApiModelProperty(value = "权限配置", dataType = "PermissionRoleModel")
+ List getPermissions();
+
+ void setPermissions(List permissions);
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimplePermissionRoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimplePermissionRoleModel.java
new file mode 100644
index 000000000..353f16a88
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimplePermissionRoleModel.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimplePermissionRoleModel implements PermissionRoleModel {
+// private String roleId;
+
+ private String permissionId;
+
+ private List actions;
+
+ private List dataAccesses;
+
+ private List fieldAccesses;
+//
+// @Override
+// public String getRoleId() {
+// return roleId;
+// }
+//
+// @Override
+// public void setRoleId(String roleId) {
+// this.roleId = roleId;
+// }
+
+ @Override
+ public String getPermissionId() {
+ return permissionId;
+ }
+
+ @Override
+ public void setPermissionId(String permissionId) {
+ this.permissionId = permissionId;
+ }
+
+ @Override
+ public List getActions() {
+ if (this.actions == null) return Collections.emptyList();
+ return actions;
+ }
+
+ @Override
+ public void setActions(List actions) {
+ this.actions = actions;
+ }
+
+ @Override
+ public List getDataAccesses() {
+ if (this.dataAccesses == null) return Collections.emptyList();
+ return this.dataAccesses;
+ }
+
+ @Override
+ public List getFieldAccesses() {
+ if (this.fieldAccesses == null) return Collections.emptyList();
+ return this.fieldAccesses;
+ }
+
+ @Override
+ public void setDataAccesses(List dataAccesses) {
+ this.dataAccesses = dataAccesses;
+ }
+
+ @Override
+ public void setFieldAccesses(List fieldAccesses) {
+ this.fieldAccesses = fieldAccesses;
+ }
+
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java
new file mode 100644
index 000000000..eab7662aa
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java
@@ -0,0 +1,73 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleRoleModel implements RoleModel {
+ private String id;
+
+ private String name;
+
+ private String describe;
+
+ private List permissions;
+
+ @Override
+ public String getId() {
+ return id;
+ }
+
+ @Override
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getDescribe() {
+ return describe;
+ }
+
+ public void setDescribe(String describe) {
+ this.describe = describe;
+ }
+
+ @Override
+ public List getPermissions() {
+ return new ArrayList<>(permissions);
+ }
+
+ public void setPermissions(List permissions) {
+ this.permissions = ((List) permissions);
+ }
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleUserModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleUserModel.java
new file mode 100644
index 000000000..43fd3db38
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleUserModel.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+
+import org.hibernate.validator.constraints.NotBlank;
+
+/**
+ * @author zhouhao
+ */
+public class SimpleUserModel implements UserModel {
+
+ @NotBlank
+ private String name;
+
+ @NotBlank
+ private String username;
+
+ @NotBlank
+ private String password;
+
+ @Override
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ @Override
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ @Override
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java
new file mode 100644
index 000000000..58534c05d
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.model.authorization;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import org.hswebframework.web.commons.model.Model;
+
+/**
+ * @author zhouhao
+ */
+@ApiModel(value = "UserModel", description = "用户信息")
+public interface UserModel extends Model {
+ void setName(String name);
+
+ @ApiModelProperty(value = "用户登录名", required = true, readOnly = true)
+ String getUsername();
+
+ void setUsername(String username);
+
+ @ApiModelProperty(value = "用户姓名", required = true)
+ String getName();
+
+ void setPassword(String password);
+
+ @ApiModelProperty(value = "密码", required = true)
+ String getPassword();
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java
index c168577da..de4d1abc1 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java
@@ -23,7 +23,7 @@ public interface UserService extends
boolean disable(String userId);
- void update(UserEntity userBean);
+ void update(String userId,UserEntity userBean);
UserEntity selectByUsername(String username);
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCode.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCode.java
deleted file mode 100644
index 1ec71051b..000000000
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCode.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright 2016 http://www.hswebframework.org
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package org.hswebframework.web.service.authorization;
-
-import java.io.OutputStream;
-
-/**
- * TODO 完成注释
- *
- * @author zhouhao
- */
-public interface VerifyCode {
- String getCode();
-
- void write(OutputStream outputStream);
-}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCodeGenerator.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCodeGenerator.java
deleted file mode 100644
index 8c5fd1b6d..000000000
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCodeGenerator.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright 2016 http://www.hswebframework.org
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package org.hswebframework.web.service.authorization;
-
-/**
- * TODO 完成注释
- *
- * @author zhouhao
- */
-public interface VerifyCodeGenerator {
-
- VerifyCode generate(int figures);
-
- default VerifyCode generate() {
- return generate(4);
- }
-}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java
index 310cecc1b..72424cd2b 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java
@@ -25,7 +25,6 @@ import org.hswebframework.web.service.authorization.DataAccessFactory;
import java.io.Serializable;
import java.util.*;
-import java.util.function.Supplier;
import java.util.stream.Collectors;
/**
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java
index 627db0ece..79b0ba500 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java
@@ -23,6 +23,7 @@ import org.hswebframework.web.dao.authorization.RoleDao;
import org.hswebframework.web.entity.authorization.PermissionRoleEntity;
import org.hswebframework.web.entity.authorization.RoleEntity;
import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity;
+import org.hswebframework.web.entity.authorization.bind.BindRoleUserEntity;
import org.hswebframework.web.service.AbstractService;
import org.hswebframework.web.service.DefaultDSLQueryService;
import org.hswebframework.web.service.DefaultDSLUpdateService;
@@ -96,8 +97,13 @@ public class SimpleRoleService extends AbstractService
}
@Override
+ @SuppressWarnings("unchecked")
public RoleEntity selectByPk(String roleId) {
- return createQuery().where(RoleEntity.id, roleId).single();
+ RoleEntity entity = createQuery().where(RoleEntity.id, roleId).single();
+ if (entity == null) return null;
+ BindPermissionRoleEntity bindPermissionRoleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
+ bindPermissionRoleEntity.setPermissions(permissionRoleDao.selectByRoleId(roleId));
+ return entity;
}
@Override
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java
index e3ab24a18..7e5f61717 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java
@@ -130,11 +130,12 @@ public class SimpleUserService extends AbstractService
}
@Override
- public void update(UserEntity userEntity) {
+ public void update(String userId, UserEntity userEntity) {
+ userEntity.setId(userId);
//判断用户是否存在
boolean userExists = createQuery().where()
.is("username", userEntity.getUsername())
- .and().not(GenericEntity.id, userEntity.getId())
+ .and().not(GenericEntity.id, userId)
.total() > 0;
tryValidateProperty(!userExists, GenericEntity.id, "{username_exists}");
List updateProperties = Arrays.asList("name");
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfigration.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfigration.java
new file mode 100644
index 000000000..7506020f1
--- /dev/null
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfigration.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.authorization.starter;
+
+import org.hswebframework.web.authorization.listener.AuthorizationListener;
+import org.hswebframework.web.authorization.listener.AuthorizationListenerDispatcher;
+import org.hswebframework.web.authorization.listener.event.AuthorizationEvent;
+import org.hswebframwork.utils.ClassUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.List;
+
+/**
+ * @author zhouhao
+ */
+@Configuration
+public class AuthorizationAutoConfigration {
+
+ @Autowired(required = false)
+ private List listeners;
+
+ @Bean
+ @SuppressWarnings("unchecked")
+ public AuthorizationListenerDispatcher authorizationListenerDispatcher() {
+ AuthorizationListenerDispatcher dispatcher = new AuthorizationListenerDispatcher();
+ if (listeners != null) {
+ listeners.forEach(listener -> dispatcher.addListener((Class) ClassUtils.getGenericType(listener.getClass()), listener));
+ }
+ return dispatcher;
+ }
+}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java
index 058108627..9f4c8cf5f 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java
@@ -56,17 +56,17 @@ public class LoginTests extends SimpleWebApplicationTests {
userEntity.setCreateTimeNow();
userService.insert(userEntity);
- //获取publicKey
- String publicKey = testGet("/authorize/public-key").exec().resultAsJson().getString("data");
- Assert.notNull(publicKey);
- RSAPublicEncrypt publicEncrypt = Encrypt.rsa().publicEncrypt(publicKey);
- String username = Base64.encodeBase64String(publicEncrypt.encrypt("test".getBytes()));
- String password = Base64.encodeBase64String(publicEncrypt.encrypt("password_1234".getBytes()));
+// //获取publicKey
+// String publicKey = testGet("/authorize/public-key").exec().resultAsJson().getString("result");
+// Assert.notNull(publicKey);
+// RSAPublicEncrypt publicEncrypt = Encrypt.rsa().publicEncrypt(publicKey);
+// String username = Base64.encodeBase64String(publicEncrypt.encrypt("test".getBytes()));
+// String password = Base64.encodeBase64String(publicEncrypt.encrypt("password_1234".getBytes()));
JSONObject json = testPost("/authorize/login").setUp((builder) -> {
- builder.param("username", username);
- builder.param("password", password);
+ builder.param("username", userEntity.getUsername());
+ builder.param("password","password_1234");
}).exec().resultAsJson();
- System.out.println(json);
+ org.junit.Assert.assertEquals(json.get("result"), userEntity.getId());
}
}
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java
index 15c40a0b4..2d795ad49 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java
@@ -112,7 +112,7 @@ public class UserTests extends SimpleWebApplicationTests {
UserEntity newUserEntity = userEntity.clone();
newUserEntity.setUsername("test2");
- String antherId = userService.insert(newUserEntity);
+ String anotherId = userService.insert(newUserEntity);
Assert.assertNotNull(id);
Assert.assertEquals(userEntity.getPassword().length(), 32);
@@ -141,16 +141,16 @@ public class UserTests extends SimpleWebApplicationTests {
entityInDb = userService.selectByUsername(userEntity.getUsername());
Assert.assertEquals(entityInDb.getPassword(), userService.encodePassword("password_2345", entityInDb.getSalt()));
- entityInDb.setId(antherId);
+ entityInDb.setId(anotherId);
entityInDb.setName("新名字");
try {
- userService.update(entityInDb);
+ userService.update(anotherId,entityInDb);
Assert.assertTrue(false);
} catch (ValidationException e) {
Assert.assertEquals(e.getResults().getResults().get(0).getMessage(), "{username_exists}");
}
entityInDb.setId(id);
- userService.update(entityInDb);
+ userService.update(id,entityInDb);
entityInDb = userService.selectByUsername(userEntity.getUsername());
Assert.assertEquals("新名字", entityInDb.getName());
diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml
index 68b5698ae..51b167135 100644
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml
@@ -10,7 +10,4 @@ spring:
hsweb:
app:
name: 权限管理测试
- version: 3.0.0
- web:
- authorize:
- rsa: true
\ No newline at end of file
+ version: 3.0.0
\ No newline at end of file
diff --git a/hsweb-system/hsweb-system-authorization/pom.xml b/hsweb-system/hsweb-system-authorization/pom.xml
index 5abe61583..6cb41a1c9 100644
--- a/hsweb-system/hsweb-system-authorization/pom.xml
+++ b/hsweb-system/hsweb-system-authorization/pom.xml
@@ -17,6 +17,7 @@
hsweb-system-authorization-service
hsweb-system-authorization-starter
hsweb-system-authorization-controller
+ hsweb-system-authorization-model
diff --git a/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java b/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java
index 0f4c96860..75373713c 100644
--- a/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java
+++ b/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java
@@ -18,6 +18,7 @@
package org.hswebframework.web.controller.config;
+import io.swagger.annotations.Api;
import org.hswebframework.web.authorization.annotation.Authorize;
import org.hswebframework.web.commons.entity.param.QueryParamEntity;
import org.hswebframework.web.controller.GenericEntityController;
@@ -40,7 +41,8 @@ import org.springframework.web.bind.annotation.RestController;
@RequestMapping("${hsweb.web.mappings.config:config}")
@Authorize(permission = "config")
@AccessLogger("配置管理")
-public class ConfigController implements GenericEntityController {
+@Api(description = "配置管理,用于系统配置信息维护")
+public class ConfigController implements GenericEntityController {
private ConfigService configService;
@@ -54,8 +56,4 @@ public class ConfigController implements GenericEntityController {
+public class DepartmentController implements GenericEntityController {
private DepartmentService departmentService;
diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java
index 736b8ae20..299e68622 100644
--- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java
+++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java
@@ -20,6 +20,7 @@ package org.hswebframework.web.controller.organizational;
import org.hswebframework.web.authorization.annotation.Authorize;
import org.hswebframework.web.commons.entity.param.QueryParamEntity;
import org.hswebframework.web.controller.GenericEntityController;
+import org.hswebframework.web.entity.organizational.DepartmentEntity;
import org.hswebframework.web.entity.organizational.OrganizationalEntity;
import org.hswebframework.web.logging.AccessLogger;
import org.hswebframework.web.service.organizational.OrganizationalService;
@@ -36,7 +37,7 @@ import org.springframework.web.bind.annotation.RestController;
@RequestMapping("${hsweb.web.mappings.organizational:organizational}")
@Authorize(permission = "organizational")
@AccessLogger("组织管理")
-public class OrganizationalController implements GenericEntityController {
+public class OrganizationalController implements GenericEntityController {
private OrganizationalService organizationalService;
diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java
index 16e9494d0..6898f328a 100644
--- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java
+++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java
@@ -20,6 +20,7 @@ package org.hswebframework.web.controller.organizational;
import org.hswebframework.web.authorization.annotation.Authorize;
import org.hswebframework.web.commons.entity.param.QueryParamEntity;
import org.hswebframework.web.controller.GenericEntityController;
+import org.hswebframework.web.entity.organizational.DepartmentEntity;
import org.hswebframework.web.entity.organizational.PersonEntity;
import org.hswebframework.web.logging.AccessLogger;
import org.hswebframework.web.service.organizational.PersonService;
@@ -36,7 +37,7 @@ import org.springframework.web.bind.annotation.RestController;
@RequestMapping("${hsweb.web.mappings.person:person}")
@Authorize(permission = "person")
@AccessLogger("人员")
-public class PersonController implements GenericEntityController {
+public class PersonController implements GenericEntityController {
private PersonService personService;
diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java
index c7ef40b88..2bdc12d90 100644
--- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java
+++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java
@@ -24,6 +24,7 @@ import org.hswebframework.web.commons.entity.param.QueryParamEntity;
import org.hswebframework.web.controller.GenericEntityController;
import org.hswebframework.web.controller.QueryController;
import org.hswebframework.web.controller.message.ResponseMessage;
+import org.hswebframework.web.entity.organizational.DepartmentEntity;
import org.hswebframework.web.entity.organizational.PositionEntity;
import org.hswebframework.web.logging.AccessLogger;
import org.hswebframework.web.service.organizational.PositionService;
@@ -40,7 +41,7 @@ import org.springframework.web.bind.annotation.RestController;
@RequestMapping("${hsweb.web.mappings.position:position}")
@Authorize(permission = "position")
@AccessLogger("职位管理")
-public class PositionController implements GenericEntityController {
+public class PositionController implements GenericEntityController {
private PositionService positionService;
diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java
index b7093b5ee..894cc76be 100644
--- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java
+++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java
@@ -51,18 +51,18 @@ public class DepartmentTests extends SimpleWebApplicationTests {
String requestBody = JSON.toJSONString(entity);
JSONObject result = testPost("/department").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson();
Assert.assertEquals(200, result.get("status"));
- String id = result.getString("data");
+ String id = result.getString("result");
Assert.assertNotNull(id);
entity.setId(id);
// test get data
result = testGet("/department/" + id).exec().resultAsJson();
- entity = result.getObject("data", entityFactory.getInstanceType(DepartmentEntity.class));
+ entity = result.getObject("result", entityFactory.getInstanceType(DepartmentEntity.class));
Assert.assertEquals(200, result.get("status"));
- Assert.assertNotNull(result.getJSONObject("data"));
+ Assert.assertNotNull(result.getJSONObject("result"));
Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity),
- fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(DepartmentEntity.class))));
+ fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(DepartmentEntity.class))));
//todo 修改测试属性
DepartmentEntity newEntity = entityFactory.newInstance(DepartmentEntity.class);
newEntity.setName("test");
@@ -75,7 +75,7 @@ public class DepartmentTests extends SimpleWebApplicationTests {
Assert.assertEquals(200, result.get("status"));
result = testGet("/department/" + id).exec().resultAsJson();
- result = result.getJSONObject("data");
+ result = result.getJSONObject("result");
Assert.assertNotNull(result);
result = testDelete("/department/" + id).exec().resultAsJson();
diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java
index e981a008d..dfc7bdc30 100644
--- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java
+++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java
@@ -50,18 +50,18 @@ public class OrganizationalTests extends SimpleWebApplicationTests {
String requestBody = JSON.toJSONString(entity);
JSONObject result = testPost("/department").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson();
Assert.assertEquals(200, result.get("status"));
- String id = result.getString("data");
+ String id = result.getString("result");
Assert.assertNotNull(id);
entity.setId(id);
// test get data
result = testGet("/department/" + id).exec().resultAsJson();
- entity = result.getObject("data", entityFactory.getInstanceType(OrganizationalEntity.class));
+ entity = result.getObject("result", entityFactory.getInstanceType(OrganizationalEntity.class));
Assert.assertEquals(200, result.get("status"));
- Assert.assertNotNull(result.getJSONObject("data"));
+ Assert.assertNotNull(result.getJSONObject("result"));
Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity),
- fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(OrganizationalEntity.class))));
+ fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(OrganizationalEntity.class))));
//todo 修改测试属性
OrganizationalEntity newEntity = entityFactory.newInstance(OrganizationalEntity.class);
newEntity.setName("test");
@@ -74,7 +74,7 @@ public class OrganizationalTests extends SimpleWebApplicationTests {
Assert.assertEquals(200, result.get("status"));
result = testGet("/department/" + id).exec().resultAsJson();
- result = result.getJSONObject("data");
+ result = result.getJSONObject("result");
Assert.assertNotNull(result);
result = testDelete("/department/" + id).exec().resultAsJson();
diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java
index efe1f78fa..294f5d474 100644
--- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java
+++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java
@@ -50,18 +50,18 @@ public class PersonTests extends SimpleWebApplicationTests {
String requestBody = JSON.toJSONString(entity);
JSONObject result = testPost("/person").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson();
Assert.assertEquals(200, result.get("status"));
- String id = result.getString("data");
+ String id = result.getString("result");
Assert.assertNotNull(id);
entity.setId(id);
// test get data
result = testGet("/person/" + id).exec().resultAsJson();
- entity = result.getObject("data", entityFactory.getInstanceType(PersonEntity.class));
+ entity = result.getObject("result", entityFactory.getInstanceType(PersonEntity.class));
Assert.assertEquals(200, result.get("status"));
- Assert.assertNotNull(result.getJSONObject("data"));
+ Assert.assertNotNull(result.getJSONObject("result"));
Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity),
- fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(PersonEntity.class))));
+ fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(PersonEntity.class))));
//todo 修改测试属性
PersonEntity newEntity = entityFactory.newInstance(PersonEntity.class);
newEntity.setName("test2");
@@ -74,7 +74,7 @@ public class PersonTests extends SimpleWebApplicationTests {
Assert.assertEquals(200, result.get("status"));
result = testGet("/person/" + id).exec().resultAsJson();
- result = result.getJSONObject("data");
+ result = result.getJSONObject("result");
Assert.assertNotNull(result);
result = testDelete("/person/" + id).exec().resultAsJson();
diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java
index f31f645ae..900636ca7 100644
--- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java
+++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java
@@ -48,18 +48,18 @@ public class PositionTests extends SimpleWebApplicationTests {
String requestBody = JSON.toJSONString(entity);
JSONObject result = testPost("/position").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson();
Assert.assertEquals(200, result.get("status"));
- String id = result.getString("data");
+ String id = result.getString("result");
Assert.assertNotNull(id);
entity.setId(id);
// test get data
result = testGet("/position/" + id).exec().resultAsJson();
- entity = result.getObject("data", entityFactory.getInstanceType(PositionEntity.class));
+ entity = result.getObject("result", entityFactory.getInstanceType(PositionEntity.class));
Assert.assertEquals(200, result.get("status"));
- Assert.assertNotNull(result.getJSONObject("data"));
+ Assert.assertNotNull(result.getJSONObject("result"));
Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity),
- fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(PositionEntity.class))));
+ fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(PositionEntity.class))));
//todo 修改测试属性
PositionEntity newEntity = entityFactory.newInstance(PositionEntity.class);
newEntity.setName("test");
@@ -72,7 +72,7 @@ public class PositionTests extends SimpleWebApplicationTests {
Assert.assertEquals(200, result.get("status"));
result = testGet("/position/" + id).exec().resultAsJson();
- result = result.getJSONObject("data");
+ result = result.getJSONObject("result");
Assert.assertNotNull(result);
result = testDelete("/position/" + id).exec().resultAsJson();