From 269367c655b60792a358e0f51f3d527631e8dbde Mon Sep 17 00:00:00 2001 From: zhouhao Date: Sat, 4 Mar 2017 14:15:45 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E6=9D=83=E9=99=90=E6=8E=A7?= =?UTF-8?q?=E5=88=B6=E6=96=B9=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hsweb-system/README.md | 2 +- .../hsweb-system-authorization/README.md | 4 + .../pom.xml | 5 + .../AuthorizationController.java | 208 ++++++++---------- .../authorization/RoleController.java | 134 ++++++++++- .../authorization/UserController.java | 78 +++++-- .../authorization/SimpleUserEntity.java | 12 +- .../web/entity/authorization/UserEntity.java | 4 +- .../hsweb-system-authorization-model/pom.xml | 43 ++++ .../web/model/authorization/ActionModel.java | 69 ++++++ .../model/authorization/DataAccessModel.java | 78 +++++++ .../model/authorization/FieldAccessModel.java | 70 ++++++ .../authorization/PermissionRoleModel.java | 62 ++++++ .../web/model/authorization/RoleModel.java | 52 +++++ .../SimplePermissionRoleModel.java | 93 ++++++++ .../model/authorization/SimpleRoleModel.java | 73 ++++++ .../model/authorization/SimpleUserModel.java | 65 ++++++ .../web/model/authorization/UserModel.java | 44 ++++ .../service/authorization/UserService.java | 2 +- .../web/service/authorization/VerifyCode.java | 31 --- .../authorization/VerifyCodeGenerator.java | 32 --- .../simple/SimpleAuthorization.java | 1 - .../simple/SimpleRoleService.java | 8 +- .../simple/SimpleUserService.java | 5 +- .../AuthorizationAutoConfigration.java | 50 +++++ .../web/starter/authorization/LoginTests.java | 18 +- .../web/starter/authorization/UserTests.java | 8 +- .../src/test/resources/application.yml | 5 +- .../hsweb-system-authorization/pom.xml | 1 + .../controller/config/ConfigController.java | 8 +- .../web/starter/config/ConfigTests.java | 6 +- .../hsweb-system-organizational/README.md | 3 +- .../organizational/DepartmentController.java | 2 +- .../OrganizationalController.java | 3 +- .../organizational/PersonController.java | 3 +- .../organizational/PositionController.java | 3 +- .../organizational/DepartmentTests.java | 10 +- .../organizational/OrganizationalTests.java | 10 +- .../starter/organizational/PersonTests.java | 10 +- .../starter/organizational/PositionTests.java | 10 +- 40 files changed, 1040 insertions(+), 285 deletions(-) create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/pom.xml create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/ActionModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/DataAccessModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/RoleModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimplePermissionRoleModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleUserModel.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java delete mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCode.java delete mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCodeGenerator.java create mode 100644 hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfigration.java diff --git a/hsweb-system/README.md b/hsweb-system/README.md index 32e0bdd99..7bec362e8 100644 --- a/hsweb-system/README.md +++ b/hsweb-system/README.md @@ -18,7 +18,7 @@ |[hsweb-system-file](hsweb-system-file)|文件管理| 0%| |[hsweb-system-history](hsweb-system-history)|历史记录管理| 0%| |[hsweb-system-monitor](hsweb-system-monitor)|系统监控| 0%| -|[hsweb-system-organizational](hsweb-system-organizational)|组织架构| 0%| +|[hsweb-system-organizational](hsweb-system-organizational)|组织架构| 50%| |[hsweb-system-schedule](hsweb-system-schedule)|任务调度| 0%| |[hsweb-system-script](hsweb-system-script)|动态脚本| 0%| |[hsweb-system-template](hsweb-system-template)|模板管理| 0%| diff --git a/hsweb-system/hsweb-system-authorization/README.md b/hsweb-system/hsweb-system-authorization/README.md index b532400fe..8e230bd95 100644 --- a/hsweb-system/hsweb-system-authorization/README.md +++ b/hsweb-system/hsweb-system-authorization/README.md @@ -1,3 +1,7 @@ ## 权限功能模块 提供用户,角色,权限管理 + +## 授权 +[AuthorizationController](hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java) +仅进行基础授权,通过触发`AuthorizationListener`,进行自定义控制逻辑.详细方式见:[hsweb-authorization-api](../../hsweb-authorization/hsweb-authorization-api) \ No newline at end of file diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml index 16fa2bc2f..7b7db36ae 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/pom.xml @@ -50,5 +50,10 @@ hsweb-commons-controller ${project.version} + + org.hswebframework.web + hsweb-system-authorization-model + ${project.version} + \ No newline at end of file diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java index cd9a7c1e5..5832feb22 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java @@ -17,31 +17,24 @@ package org.hswebframework.web.controller.authorization; -import org.apache.commons.codec.binary.Base64; -import org.hswebframework.expands.security.Encrypt; -import org.hswebframework.expands.security.rsa.RSAEncrypt; -import org.hswebframework.expands.security.rsa.RSAPrivateEncrypt; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; import org.hswebframework.web.BusinessException; import org.hswebframework.web.NotFoundException; import org.hswebframework.web.authorization.Authorization; -import org.hswebframework.web.authorization.listener.UserAuthorizationConfigRegister; -import org.hswebframework.web.authorization.listener.UserAuthorizationListener; +import org.hswebframework.web.authorization.annotation.Authorize; +import org.hswebframework.web.authorization.listener.AuthorizationListenerDispatcher; +import org.hswebframework.web.authorization.listener.event.*; import org.hswebframework.web.controller.message.ResponseMessage; import org.hswebframework.web.entity.authorization.UserEntity; import org.hswebframework.web.logging.AccessLogger; -import org.hswebframework.web.service.AbstractService; import org.hswebframework.web.service.authorization.UserService; -import org.hswebframework.web.service.authorization.VerifyCode; -import org.hswebframework.web.service.authorization.VerifyCodeGenerator; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.http.MediaType; import org.springframework.web.bind.annotation.*; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.IOException; -import java.util.List; +import javax.servlet.http.HttpServletRequest; +import java.util.function.Function; import static org.hswebframework.web.controller.message.ResponseMessage.ok; @@ -53,140 +46,113 @@ import static org.hswebframework.web.controller.message.ResponseMessage.ok; @RestController @RequestMapping("${hsweb.web.mappings.authorize:authorize}") @AccessLogger("授权") +@Api(tags = "authorize-simple", description = "提供基本的授权功能") public class AuthorizationController { - private static final String RSA_PRIVATE_KEY_NAME = "RSA_PRIVATE_KEY"; - private static final String VERIFY_CODE_NAME = "VERIFY_CODE"; - private static final String NEED_VERIFY_CODE_NAME = "NEED_VERIFY_CODE"; - - @Autowired(required = false) - private VerifyCodeGenerator verifyCodeGenerator; +// private static final String RSA_PRIVATE_KEY_NAME = "RSA_PRIVATE_KEY"; +// private static final String VERIFY_CODE_NAME = "VERIFY_CODE"; @Autowired private UserService userService; - @Autowired(required = false) - private List userAuthorizationListeners; + @Autowired + private AuthorizationListenerDispatcher authorizationListenerDispatcher; - @Value("${hsweb.web.authorize.rsa:false}") - private boolean useRsa = false; +// @GetMapping(value = "/public-key") +// @AccessLogger("获取公钥") +// @ApiOperation("获取rsa公钥,当开启了用户名密码加密的时候使用此接口获取用于加密的公钥") +// public ResponseMessage getAuthorizeToken(@ApiParam(hidden = true) HttpSession session) { +// RSAEncrypt rsaEncrypt = Encrypt.rsa(); +// String publicKey = rsaEncrypt.publicEncrypt().getKey(); +// String privateKey = rsaEncrypt.privateEncrypt().getKey(); +// session.setAttribute(RSA_PRIVATE_KEY_NAME, privateKey); +// return ok(publicKey); +// } - private UserAuthorizationListenerAdapter listenerAdapter = new UserAuthorizationListenerAdapter(); - - @GetMapping(value = "/public-key") - @AccessLogger("获取公钥") - public ResponseMessage getAuthorizeToken(HttpSession session) { - RSAEncrypt rsaEncrypt = Encrypt.rsa(); - String publicKey = rsaEncrypt.publicEncrypt().getKey(); - String privateKey = rsaEncrypt.privateEncrypt().getKey(); - session.setAttribute(RSA_PRIVATE_KEY_NAME, privateKey); - return ok(publicKey); - } - - @GetMapping(value = "/verify-code") - @AccessLogger("获取验证码") - public void getVerifyCode(HttpServletResponse response, HttpSession session) throws IOException { - if (verifyCodeGenerator == null) throw new NotFoundException("{verify_code_not_found}"); - response.setContentType(MediaType.APPLICATION_OCTET_STREAM_VALUE); - response.setHeader("Content-disposition", "attachment;filename=verify-code.png"); - VerifyCode verifyCode = verifyCodeGenerator.generate(); - session.setAttribute(RSA_PRIVATE_KEY_NAME, verifyCode.getCode()); - verifyCode.write(response.getOutputStream()); - } - - @RequestMapping("/login-out") + @GetMapping("/login-out") @AccessLogger("退出登录") - public ResponseMessage loginOut(Authorization authorization) { - listenerAdapter.onLoginOut(authorization); + @Authorize + @ApiOperation("退出当前登录") + public ResponseMessage exit(@ApiParam(hidden = true) Authorization authorization) { + authorizationListenerDispatcher.doEvent(new AuthorizationExitEvent(authorization)); return ok(); } @PostMapping(value = "/login") @AccessLogger("授权") - public ResponseMessage authorize(@RequestParam String username, - @RequestParam String password, - String verifyCode, - @RequestParam(defaultValue = "false") boolean remember, - HttpSession session) { + @ApiOperation("用户名密码登录") + public ResponseMessage authorize(@RequestParam @ApiParam("用户名") String username, + @RequestParam @ApiParam("密码") String password, + @ApiParam(hidden = true) HttpServletRequest request) { + + AuthorizationFailedEvent.Reason reason = AuthorizationFailedEvent.Reason.OTHER; + Function parameterGetter = request::getParameter; try { - if (useRsa) { - String privateKey = (String) session.getAttribute(RSA_PRIVATE_KEY_NAME); - if (privateKey == null) throw new BusinessException("{private_key_is_null}"); - // 解密用户名密码 - try { - RSAEncrypt rsaEncrypt = Encrypt.rsa(); - RSAPrivateEncrypt rsaPrivateEncrypt = rsaEncrypt.privateEncrypt(privateKey); - byte[] username_data = Base64.decodeBase64(username); - byte[] password_data = Base64.decodeBase64(password); - username = new String(rsaPrivateEncrypt.decrypt(username_data)); - password = new String(rsaPrivateEncrypt.decrypt(password_data)); - } catch (Exception e) { - throw new BusinessException("{decrypt_param_error}", e, 400); - } - } - UserAuthorizationConfigRegister configHolder = (useVerify) -> session.setAttribute(NEED_VERIFY_CODE_NAME, useVerify); - listenerAdapter.onConfig(username, configHolder); - Object useVerifyCode = session.getAttribute(NEED_VERIFY_CODE_NAME); - // 尝试使用验证码验证 - if (useVerifyCode instanceof Boolean && (Boolean) useVerifyCode) { - String realVerifyCode = (String) session.getAttribute(VERIFY_CODE_NAME); - if (realVerifyCode == null || !realVerifyCode.equalsIgnoreCase(verifyCode)) { - throw new BusinessException("{verify_code_error}"); - } - } - listenerAdapter.onAuthorizeBefore(username); + AuthorizationDecodeEvent decodeEvent = new AuthorizationDecodeEvent(username, password, parameterGetter); + authorizationListenerDispatcher.doEvent(decodeEvent); + username = decodeEvent.getUsername(); + password = decodeEvent.getPassword(); + + AuthorizationBeforeEvent beforeEvent = new AuthorizationBeforeEvent(username, password, parameterGetter); + authorizationListenerDispatcher.doEvent(beforeEvent); + +// if (useRsa) { +// String privateKey = (String) session.getAttribute(RSA_PRIVATE_KEY_NAME); +// if (privateKey == null) throw new BusinessException("{private_key_is_null}"); +// // 解密用户名密码 +// try { +// RSAEncrypt rsaEncrypt = Encrypt.rsa(); +// RSAPrivateEncrypt rsaPrivateEncrypt = rsaEncrypt.privateEncrypt(privateKey); +// byte[] username_data = Base64.decodeBase64(username); +// byte[] password_data = Base64.decodeBase64(password); +// username = new String(rsaPrivateEncrypt.decrypt(username_data)); +// password = new String(rsaPrivateEncrypt.decrypt(password_data)); +// } catch (Exception e) { +// throw new BusinessException("{decrypt_param_error}", e, 400); +// } +// } + +// UserAuthorizationConfigRegister configHolder = (useVerify) -> session.setAttribute(NEED_VERIFY_CODE_NAME, useVerify); +// listenerAdapter.onConfig(username, configHolder); +// Object useVerifyCode = session.getAttribute(NEED_VERIFY_CODE_NAME); +// // 尝试使用验证码验证 +// if (Boolean.TRUE.equals(useVerifyCode)) { +// String realVerifyCode = (String) session.getAttribute(VERIFY_CODE_NAME); +// if (realVerifyCode == null || !realVerifyCode.equalsIgnoreCase(verifyCode)) { +// throw new BusinessException("{verify_code_error}"); +// } +// } +// listenerAdapter.onAuthorizeBefore(username); UserEntity entity = userService.selectByUsername(username); - AbstractService.assertNotNull(entity, "{user_not_exists}"); - if (!entity.isEnabled()) { + if (entity == null) { + reason = AuthorizationFailedEvent.Reason.USER_NOT_EXISTS; + throw new NotFoundException("{user_not_exists}"); + } + if (Boolean.FALSE.equals(entity.isEnabled())) { + reason = AuthorizationFailedEvent.Reason.USER_DISABLED; throw new BusinessException("{user_is_disabled}", 400); } password = userService.encodePassword(password, entity.getSalt()); if (!entity.getPassword().equals(password)) { - listenerAdapter.onAuthorizeFail(username); + reason = AuthorizationFailedEvent.Reason.PASSWORD_ERROR; throw new BusinessException("{password_error}", 400); } // TODO: 17-1-13 获取IP userService.updateLoginInfo(entity.getId(), "", System.currentTimeMillis()); // 验证通过 Authorization authorization = userService.initUserAuthorization(entity.getId()); - listenerAdapter.onAuthorizeSuccess(remember, authorization); - return ok(authorization.getPermissions()); + AuthorizationSuccessEvent event = new AuthorizationSuccessEvent(authorization, parameterGetter); + authorizationListenerDispatcher.doEvent(event); + return ok(entity.getId()); + } catch (Exception e) { + AuthorizationFailedEvent failedEvent = new AuthorizationFailedEvent(username, password, parameterGetter, reason); + failedEvent.setException(e); + authorizationListenerDispatcher.doEvent(failedEvent); + throw e; } finally { //无论如何都清空验证码和私钥 - session.removeAttribute(VERIFY_CODE_NAME); - session.removeAttribute(RSA_PRIVATE_KEY_NAME); - } - } - - class UserAuthorizationListenerAdapter implements UserAuthorizationListener { - @Override - public void onConfig(String username, UserAuthorizationConfigRegister configHolder) { - if (userAuthorizationListeners != null) - userAuthorizationListeners.forEach(listener -> listener.onConfig(username, configHolder)); - } - - @Override - public void onAuthorizeBefore(String username) { - if (userAuthorizationListeners != null) - userAuthorizationListeners.forEach(listener -> listener.onAuthorizeBefore(username)); - } - - @Override - public void onAuthorizeFail(String username) { - if (userAuthorizationListeners != null) - userAuthorizationListeners.forEach(listener -> listener.onAuthorizeFail(username)); - } - - @Override - public void onLoginOut(Authorization authorization) { - if (userAuthorizationListeners != null) - userAuthorizationListeners.forEach(listener -> listener.onLoginOut(authorization)); - } - - @Override - public void onAuthorizeSuccess(boolean isRemembered, Authorization authorization) { - if (userAuthorizationListeners != null) - userAuthorizationListeners.forEach(listener -> listener.onAuthorizeSuccess(isRemembered, authorization)); +// session.removeAttribute(VERIFY_CODE_NAME); +// session.removeAttribute(RSA_PRIVATE_KEY_NAME); } } diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java index d394e6ef3..6e6b6084d 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java @@ -18,19 +18,26 @@ package org.hswebframework.web.controller.authorization; +import io.swagger.annotations.*; +import org.apache.commons.collections.CollectionUtils; import org.hswebframework.web.authorization.Permission; import org.hswebframework.web.authorization.annotation.Authorize; +import org.hswebframework.web.commons.entity.factory.EntityFactory; import org.hswebframework.web.commons.entity.param.QueryParamEntity; import org.hswebframework.web.controller.QueryController; import org.hswebframework.web.controller.message.ResponseMessage; -import org.hswebframework.web.entity.authorization.PermissionRoleEntity; -import org.hswebframework.web.entity.authorization.RoleEntity; +import org.hswebframework.web.entity.authorization.*; import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity; import org.hswebframework.web.logging.AccessLogger; +import org.hswebframework.web.model.authorization.*; import org.hswebframework.web.service.authorization.RoleService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; +import java.util.List; +import java.util.stream.Collectors; + +import static org.hswebframework.web.controller.QueryController.*; import static org.hswebframework.web.controller.message.ResponseMessage.ok; /** @@ -42,35 +49,143 @@ import static org.hswebframework.web.controller.message.ResponseMessage.ok; @RequestMapping("${hsweb.web.mappings.role:role}") @AccessLogger("{role_manager}") @Authorize(permission = "role") +@Api(tags = "role-manager", description = "角色管理") public class RoleController implements QueryController { @Autowired private RoleService roleService; + @Autowired + private EntityFactory entityFactory; + @Override public RoleService getService() { return roleService; } + @SuppressWarnings("unchecked") + public BindPermissionRoleEntity modelToEntity(RoleModel roleModel) { + BindPermissionRoleEntity roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class); + roleEntity.setId(roleModel.getId()); + roleEntity.setName(roleModel.getName()); + roleEntity.setDescribe(roleModel.getDescribe()); + List permissionRoleEntities = + roleModel.getPermissions().stream() + .map(model -> { + PermissionRoleEntity entity = entityFactory.newInstance(PermissionRoleEntity.class); + entity.setActions(model.getActions()); + entity.setPermissionId(model.getPermissionId()); + entity.setRoleId(roleModel.getId()); + //copy field accesses + entity.setFieldAccesses(model.getFieldAccesses().stream().map(accessModel -> { + FieldAccessEntity accessEntity = new FieldAccessEntity(); + accessEntity.setField(accessEntity.getField()); + accessEntity.setDescribe(accessEntity.getDescribe()); + accessEntity.setActions(accessModel.getActions().stream().map(actionModel -> { + ActionEntity actionEntity = new ActionEntity(); + actionEntity.setAction(actionModel.getAction()); + actionEntity.setDescribe(actionModel.getDescribe()); + actionEntity.setDefaultCheck(actionModel.isDefaultCheck()); + return actionEntity; + }).collect(Collectors.toList())); + return accessEntity; + }).collect(Collectors.toList())); + //copy data accesses + entity.setDataAccesses(model.getDataAccesses().stream().map(accessModel -> { + DataAccessEntity dataAccessEntity = new DataAccessEntity(); + dataAccessEntity.setConfig(accessModel.getConfig()); + dataAccessEntity.setType(accessModel.getType()); + dataAccessEntity.setDescribe(accessModel.getDescribe()); + dataAccessEntity.setAction(accessModel.getAction()); + return dataAccessEntity; + }).collect(Collectors.toList())); + return entity; + }).collect(Collectors.toList()); + roleEntity.setPermissions(permissionRoleEntities); + return roleEntity; + } + + protected RoleModel entityToModel(RoleEntity roleEntity) { + RoleModel roleModel = entityFactory.newInstance(RoleModel.class); + roleModel.setId(roleEntity.getId()); + roleModel.setDescribe(roleEntity.getDescribe()); + roleModel.setName(roleEntity.getName()); + if (roleEntity instanceof BindPermissionRoleEntity) { + BindPermissionRoleEntity permissionRoleEntity = (BindPermissionRoleEntity) roleEntity; + List roleEntities = permissionRoleEntity.getPermissions(); + if (CollectionUtils.isNotEmpty(roleEntities)) { + List roleModels = roleEntities.stream().map(entity -> { + PermissionRoleModel model = entityFactory.newInstance(PermissionRoleModel.class); + model.setActions(entity.getActions()); + model.setPermissionId(entity.getPermissionId()); + //copy field accesses + model.setFieldAccesses(entity.getFieldAccesses().stream().map(accessEntity -> { + FieldAccessModel accessModel = new FieldAccessModel(); + accessModel.setField(accessModel.getField()); + accessModel.setDescribe(accessModel.getDescribe()); + accessModel.setActions(accessModel.getActions().stream().map(actionEntity -> { + ActionModel actionModel = new ActionModel(); + actionModel.setAction(actionEntity.getAction()); + actionModel.setDescribe(actionEntity.getDescribe()); + actionModel.setDefaultCheck(actionEntity.isDefaultCheck()); + return actionModel; + }).collect(Collectors.toList())); + return accessModel; + }).collect(Collectors.toList())); + //copy data accesses + model.setDataAccesses(model.getDataAccesses().stream().map(accessesEntity -> { + DataAccessModel dataAccessModel = new DataAccessModel(); + dataAccessModel.setConfig(accessesEntity.getConfig()); + dataAccessModel.setType(accessesEntity.getType()); + dataAccessModel.setDescribe(accessesEntity.getDescribe()); + dataAccessModel.setAction(accessesEntity.getAction()); + return dataAccessModel; + }).collect(Collectors.toList())); + return model; + }).collect(Collectors.toList()); + roleModel.setPermissions(roleModels); + } + } + + return roleModel; + } + + @Authorize(action = Permission.ACTION_GET) + @GetMapping(path = "/{id:.+}/detail") + @AccessLogger("{get_by_id}") + @ApiOperation("根据主键查询完整数据") + @ApiResponses({ + @ApiResponse(code = 200, message = "查询成功"), + @ApiResponse(code = 401, message = "未授权"), + @ApiResponse(code = 403, message = "无权限"), + @ApiResponse(code = 404, message = "数据不存在") + }) + public ResponseMessage getDetailByPrimaryKey(@PathVariable String id) { + return ok(entityToModel(assertNotNull(getService().selectByPk(id)))); + } + @PostMapping @Authorize(action = Permission.ACTION_ADD) @AccessLogger("{add}") - public ResponseMessage addRole(@RequestBody BindPermissionRoleEntity permissionRoleEntity) { - return ok(roleService.insert(permissionRoleEntity)); + @ApiOperation("添加角色") + public ResponseMessage addRole(@RequestBody RoleModel roleModel) { + return ok(roleService.insert(modelToEntity(roleModel))); } - @PutMapping("/{id}") + @PutMapping("/{id:.+}") @Authorize(action = Permission.ACTION_UPDATE) @AccessLogger("{update}") - public ResponseMessage updateRole(@PathVariable String id, @RequestBody BindPermissionRoleEntity permissionRoleEntity) { - permissionRoleEntity.setId(id); - roleService.updateByPrimaryKey(permissionRoleEntity); + @ApiModelProperty("修改角色") + public ResponseMessage updateRole(@PathVariable String id, @RequestBody RoleModel roleModel) { + roleModel.setId(id); + roleService.updateByPrimaryKey(modelToEntity(roleModel)); return ok(); } - @PutMapping("/disable/{id}") + @PutMapping("/disable/{id:.+}") @Authorize(action = Permission.ACTION_DISABLE) @AccessLogger("{disable}") + @ApiModelProperty("禁用角色") public ResponseMessage disable(@PathVariable String id) { roleService.disable(id); return ok(); @@ -79,6 +194,7 @@ public class RoleController implements QueryController, CreateController { +@Api(tags = "user-manager", description = "用户基本信息管理") +public class UserController implements + QueryController, + CreateController { private UserService userService; - @Autowired - public void setUserService(UserService userService) { - this.userService = userService; - } - - @Override - public ResponseMessage list(QueryParamEntity param) { - return QueryController.super.list(param) - .exclude(UserEntity.class, "password", "salt"); - } - @Override @SuppressWarnings("unchecked") public UserService getService() { return userService; } + @Autowired + public void setUserService(UserService userService) { + this.userService = userService; + } + + @Override + public UserEntity modelToEntity(UserModel model, UserEntity entity) { + entity.setName(model.getName()); + entity.setPassword(model.getPassword()); + entity.setUsername(model.getUsername()); + return entity; + } + + @Override + public ResponseMessage> list(QueryParamEntity param) { + return QueryController.super.list(param) + .exclude(UserEntity.class, "password", "salt"); + } + + @Override + public ResponseMessage getByPrimaryKey(@PathVariable String id) { + return QueryController.super.getByPrimaryKey(id) + .exclude(UserEntity.class, "password", "salt"); + } + @Authorize(action = "update") - @PutMapping(path = "/{id}") + @PutMapping(path = "/{id:.+}") @AccessLogger("{update_by_primary_key}") - public ResponseMessage updateByPrimaryKey(@PathVariable String id, @RequestBody UserEntity data) { - data.setId(id); - getService().update(data); + @ApiOperation("根据ID修改用户信息") + public ResponseMessage updateByPrimaryKey(@PathVariable String id, + @RequestBody UserModel userModel) { + getService().update(id, modelToEntity(userModel, getService().createEntity())); return ok(); } @Authorize(merge = false) @PutMapping(path = "/password") @AccessLogger("{update_password_login_user}") - public ResponseMessage updateLoginUserPassword(Authorization authorization, - @RequestParam String password, + @ApiOperation("修改当前用户的密码") + public ResponseMessage updateLoginUserPassword(@RequestParam String password, @RequestParam String oldPassword) { + Authorization authorization = AuthorizationHolder.get(); + Assert.notNull(authorization); getService().updatePassword(authorization.getUser().getId(), oldPassword, password); return ok(); } - @Authorize(action = "update") - @PutMapping(path = "/password/{id}") + @Authorize(action = Permission.ACTION_UPDATE) + @PutMapping(path = "/password/{id:.+}") @AccessLogger("{update_password_by_id}") - public ResponseMessage updateByPasswordPrimaryKey(@PathVariable String id, + @ApiOperation("修改指定用户的密码") + public ResponseMessage updateByPasswordPrimaryKey(@PathVariable String id, @RequestParam String password, @RequestParam String oldPassword) { getService().updatePassword(id, oldPassword, password); @@ -93,14 +122,17 @@ public class UserController implements QueryController enable(@PathVariable String id) { return ok(getService().enable(id)); } @Authorize(action = "disable") @PutMapping(path = "/{id}/disable") @AccessLogger("{disable_user}") - public ResponseMessage disable(@PathVariable String id) { + @ApiOperation("禁用用户") + public ResponseMessage disable(@PathVariable String id) { return ok(getService().disable(id)); } + } diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java index e217f91fd..16116a63c 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleUserEntity.java @@ -111,16 +111,6 @@ public class SimpleUserEntity extends SimpleGenericEntity implements Use @Override public SimpleUserEntity clone() { - SimpleUserEntity target = ((SimpleUserEntity) super.clone()); -// target.setId(getId()); -// target.setName(getName()); -// target.setUsername(getUsername()); -// target.setPassword(getPassword()); -// target.setCreateTime(getCreateTime()); -// target.setCreatorId(getCreatorId()); -// target.setEnabled(isEnabled()); -// target.setLastLoginTime(getLastLoginTime()); -// target.setLastLoginIp(getLastLoginIp()); - return target; + return ((SimpleUserEntity) super.clone()); } } diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java index 79e0d0c03..0c4349bb4 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/UserEntity.java @@ -38,10 +38,10 @@ public interface UserEntity extends GenericEntity, RecordCreationEntity void setPassword(String password); - void setSalt(String salt); - String getPassword(); + void setSalt(String salt); + String getSalt(); Long getLastLoginTime(); diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/pom.xml b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/pom.xml new file mode 100644 index 000000000..bf0679fea --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/pom.xml @@ -0,0 +1,43 @@ + + + + + + hsweb-system-authorization + org.hswebframework.web + 3.0-SNAPSHOT + + 4.0.0 + + hsweb-system-authorization-model + + + + org.hswebframework.web + hsweb-commons-model + ${project.version} + + + org.hibernate + hibernate-validator + + + \ No newline at end of file diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/ActionModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/ActionModel.java new file mode 100644 index 000000000..b89880e03 --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/ActionModel.java @@ -0,0 +1,69 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import org.hswebframework.web.commons.model.Model; + +@ApiModel(description = "操作事件") +public class ActionModel implements Model { + + @ApiModelProperty(value = "事件标识", required = true, allowableValues = "query,get,update,delete,add,....", example = "query") + private String action; + + @ApiModelProperty("描述") + private String describe; + + @ApiModelProperty("是否默认选中") + private boolean defaultCheck; + + public ActionModel() { + } + + public ActionModel(String action) { + this.action = action; + } + + public String getAction() { + return action; + } + + public void setAction(String action) { + this.action = action; + } + + public String getDescribe() { + return describe; + } + + public void setDescribe(String describe) { + this.describe = describe; + } + + public boolean isDefaultCheck() { + return defaultCheck; + } + + public void setDefaultCheck(boolean defaultCheck) { + this.defaultCheck = defaultCheck; + } + + +} \ No newline at end of file diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/DataAccessModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/DataAccessModel.java new file mode 100644 index 000000000..c8e4c1f58 --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/DataAccessModel.java @@ -0,0 +1,78 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; + +/** + * TODO 完成注释 + * + * @author zhouhao + */ +@ApiModel(value = "DataAccessModel",description = "数据级权限控制配置") +public class DataAccessModel { + private String action; + + private String describe; + + private String type; + + private String config; + + @ApiModelProperty(value = "触发控制的事件", example = "query", required = true) + public String getAction() { + return this.action; + } + + public void setAction(String action) { + this.action = action; + } + + @ApiModelProperty("说明") + public String getDescribe() { + return this.describe; + } + + public void setDescribe(String describe) { + this.describe = describe; + } + + @ApiModelProperty(value = "控制的类型", allowableValues = "OWN_CREATED,SCRIPT,CUSTOM", required = true, example = "OWN_CREATED") + public String getType() { + return this.type; + } + + public void setType(String type) { + this.type = type; + } + + @ApiModelProperty(value = "控制配置." + + "当控制类型为OWN_CREATED时:可留空." + + "当控制类型为SCRIPT时:值为json string,格式:{\"language\":\"groovy\",\"script\":\"return true;\"}." + + "当控制类型为CUSTOM时,值为一个实现了DataAccessController接口的类") + public String getConfig() { + return this.config; + } + + public void setConfig(String config) { + this.config = config; + } + +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java new file mode 100644 index 000000000..efde63fed --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java @@ -0,0 +1,70 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + +import io.swagger.annotations.*; +import org.hswebframework.web.commons.model.Model; + +import java.util.Collections; +import java.util.List; + +/** + * TODO 完成注释 + * + * @author zhouhao + */ +@ApiModel(value = "FieldAccessModel", description = "字段级权限控制配置") +public class FieldAccessModel implements Model { + private String field; + + private String describe; + + private List actions; + + @ApiModelProperty(value = "要控制的字段名", required = true, example = "createTime") + public String getField() { + return field; + } + + public void setField(String field) { + this.field = field; + } + + @ApiModelProperty("字段说明") + public String getDescribe() { + return describe; + } + + public void setDescribe(String describe) { + this.describe = describe; + } + + @ApiModelProperty(value = "触发控制的事件,表示此字段不能进行{action}操作.", +// example = "[{\"action\":\"query\"}]", + required = true, dataType = "ActionModel") + public List getActions() { + if (actions == null) actions = Collections.emptyList(); + return actions; + } + + public void setActions(List actions) { + this.actions = actions; + } + +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java new file mode 100644 index 000000000..684fa00fa --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java @@ -0,0 +1,62 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import org.hswebframework.web.commons.model.Model; + +import java.util.List; + +/** + * TODO 完成注释 + * + * @author zhouhao + */ +@ApiModel(value = "PermissionRoleModel", description = "权限配置") +public interface PermissionRoleModel extends Model { +// +// @ApiModelProperty(value = "角色ID", required = true, example = "admin") +// String getRoleId(); +// +// void setRoleId(String roleId); + + @ApiModelProperty(value = "权限ID", required = true, example = "user") + String getPermissionId(); + + void setPermissionId(String permissionId); + + @ApiModelProperty(value = "可操作事件" +// , example = "[\"query\",\"add\"]" + ) + List getActions(); + + void setActions(List actions); + + @ApiModelProperty(value = "数据级权限控制配置", dataType = "DataAccessModel") + List getDataAccesses(); + + @ApiModelProperty(value = "字段级权限控制配置", dataType = "FieldAccessModel") + List getFieldAccesses(); + + void setDataAccesses(List dataAccesses); + + void setFieldAccesses(List fieldAccesses); + +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/RoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/RoleModel.java new file mode 100644 index 000000000..e0b7cbc64 --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/RoleModel.java @@ -0,0 +1,52 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import org.hswebframework.web.commons.model.Model; + +import java.util.List; + +/** + * @author zhouhao + */ +@ApiModel(value = "RoleModel", description = "角色模型") +public interface RoleModel extends Model { + + @ApiModelProperty(value = "角色ID", readOnly = true, required = true, example = "admin") + String getId(); + + void setId(String id); + + @ApiModelProperty(value = "角色名", required = true) + String getName(); + + void setName(String name); + + @ApiModelProperty("说明") + String getDescribe(); + + void setDescribe(String describe); + + @ApiModelProperty(value = "权限配置", dataType = "PermissionRoleModel") + List getPermissions(); + + void setPermissions(List permissions); +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimplePermissionRoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimplePermissionRoleModel.java new file mode 100644 index 000000000..353f16a88 --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimplePermissionRoleModel.java @@ -0,0 +1,93 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + +import java.util.Collections; +import java.util.List; + +/** + * TODO 完成注释 + * + * @author zhouhao + */ +public class SimplePermissionRoleModel implements PermissionRoleModel { +// private String roleId; + + private String permissionId; + + private List actions; + + private List dataAccesses; + + private List fieldAccesses; +// +// @Override +// public String getRoleId() { +// return roleId; +// } +// +// @Override +// public void setRoleId(String roleId) { +// this.roleId = roleId; +// } + + @Override + public String getPermissionId() { + return permissionId; + } + + @Override + public void setPermissionId(String permissionId) { + this.permissionId = permissionId; + } + + @Override + public List getActions() { + if (this.actions == null) return Collections.emptyList(); + return actions; + } + + @Override + public void setActions(List actions) { + this.actions = actions; + } + + @Override + public List getDataAccesses() { + if (this.dataAccesses == null) return Collections.emptyList(); + return this.dataAccesses; + } + + @Override + public List getFieldAccesses() { + if (this.fieldAccesses == null) return Collections.emptyList(); + return this.fieldAccesses; + } + + @Override + public void setDataAccesses(List dataAccesses) { + this.dataAccesses = dataAccesses; + } + + @Override + public void setFieldAccesses(List fieldAccesses) { + this.fieldAccesses = fieldAccesses; + } + +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java new file mode 100644 index 000000000..eab7662aa --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java @@ -0,0 +1,73 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + + +import java.util.ArrayList; +import java.util.List; + +/** + * TODO 完成注释 + * + * @author zhouhao + */ +public class SimpleRoleModel implements RoleModel { + private String id; + + private String name; + + private String describe; + + private List permissions; + + @Override + public String getId() { + return id; + } + + @Override + public void setId(String id) { + this.id = id; + } + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public String getDescribe() { + return describe; + } + + public void setDescribe(String describe) { + this.describe = describe; + } + + @Override + public List getPermissions() { + return new ArrayList<>(permissions); + } + + public void setPermissions(List permissions) { + this.permissions = ((List) permissions); + } +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleUserModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleUserModel.java new file mode 100644 index 000000000..43fd3db38 --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleUserModel.java @@ -0,0 +1,65 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + + +import org.hibernate.validator.constraints.NotBlank; + +/** + * @author zhouhao + */ +public class SimpleUserModel implements UserModel { + + @NotBlank + private String name; + + @NotBlank + private String username; + + @NotBlank + private String password; + + @Override + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + @Override + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + @Override + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java new file mode 100644 index 000000000..58534c05d --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/UserModel.java @@ -0,0 +1,44 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.model.authorization; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import org.hswebframework.web.commons.model.Model; + +/** + * @author zhouhao + */ +@ApiModel(value = "UserModel", description = "用户信息") +public interface UserModel extends Model { + void setName(String name); + + @ApiModelProperty(value = "用户登录名", required = true, readOnly = true) + String getUsername(); + + void setUsername(String username); + + @ApiModelProperty(value = "用户姓名", required = true) + String getName(); + + void setPassword(String password); + + @ApiModelProperty(value = "密码", required = true) + String getPassword(); +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java index c168577da..de4d1abc1 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/UserService.java @@ -23,7 +23,7 @@ public interface UserService extends boolean disable(String userId); - void update(UserEntity userBean); + void update(String userId,UserEntity userBean); UserEntity selectByUsername(String username); diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCode.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCode.java deleted file mode 100644 index 1ec71051b..000000000 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCode.java +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright 2016 http://www.hswebframework.org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -package org.hswebframework.web.service.authorization; - -import java.io.OutputStream; - -/** - * TODO 完成注释 - * - * @author zhouhao - */ -public interface VerifyCode { - String getCode(); - - void write(OutputStream outputStream); -} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCodeGenerator.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCodeGenerator.java deleted file mode 100644 index 8c5fd1b6d..000000000 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/VerifyCodeGenerator.java +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright 2016 http://www.hswebframework.org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -package org.hswebframework.web.service.authorization; - -/** - * TODO 完成注释 - * - * @author zhouhao - */ -public interface VerifyCodeGenerator { - - VerifyCode generate(int figures); - - default VerifyCode generate() { - return generate(4); - } -} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java index 310cecc1b..72424cd2b 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorization.java @@ -25,7 +25,6 @@ import org.hswebframework.web.service.authorization.DataAccessFactory; import java.io.Serializable; import java.util.*; -import java.util.function.Supplier; import java.util.stream.Collectors; /** diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java index 627db0ece..79b0ba500 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java @@ -23,6 +23,7 @@ import org.hswebframework.web.dao.authorization.RoleDao; import org.hswebframework.web.entity.authorization.PermissionRoleEntity; import org.hswebframework.web.entity.authorization.RoleEntity; import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity; +import org.hswebframework.web.entity.authorization.bind.BindRoleUserEntity; import org.hswebframework.web.service.AbstractService; import org.hswebframework.web.service.DefaultDSLQueryService; import org.hswebframework.web.service.DefaultDSLUpdateService; @@ -96,8 +97,13 @@ public class SimpleRoleService extends AbstractService } @Override + @SuppressWarnings("unchecked") public RoleEntity selectByPk(String roleId) { - return createQuery().where(RoleEntity.id, roleId).single(); + RoleEntity entity = createQuery().where(RoleEntity.id, roleId).single(); + if (entity == null) return null; + BindPermissionRoleEntity bindPermissionRoleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class); + bindPermissionRoleEntity.setPermissions(permissionRoleDao.selectByRoleId(roleId)); + return entity; } @Override diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java index e3ab24a18..7e5f61717 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java @@ -130,11 +130,12 @@ public class SimpleUserService extends AbstractService } @Override - public void update(UserEntity userEntity) { + public void update(String userId, UserEntity userEntity) { + userEntity.setId(userId); //判断用户是否存在 boolean userExists = createQuery().where() .is("username", userEntity.getUsername()) - .and().not(GenericEntity.id, userEntity.getId()) + .and().not(GenericEntity.id, userId) .total() > 0; tryValidateProperty(!userExists, GenericEntity.id, "{username_exists}"); List updateProperties = Arrays.asList("name"); diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfigration.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfigration.java new file mode 100644 index 000000000..7506020f1 --- /dev/null +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfigration.java @@ -0,0 +1,50 @@ +/* + * Copyright 2016 http://www.hswebframework.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +package org.hswebframework.web.authorization.starter; + +import org.hswebframework.web.authorization.listener.AuthorizationListener; +import org.hswebframework.web.authorization.listener.AuthorizationListenerDispatcher; +import org.hswebframework.web.authorization.listener.event.AuthorizationEvent; +import org.hswebframwork.utils.ClassUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.util.List; + +/** + * @author zhouhao + */ +@Configuration +public class AuthorizationAutoConfigration { + + @Autowired(required = false) + private List listeners; + + @Bean + @SuppressWarnings("unchecked") + public AuthorizationListenerDispatcher authorizationListenerDispatcher() { + AuthorizationListenerDispatcher dispatcher = new AuthorizationListenerDispatcher(); + if (listeners != null) { + listeners.forEach(listener -> dispatcher.addListener((Class) ClassUtils.getGenericType(listener.getClass()), listener)); + } + return dispatcher; + } +} diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java index 058108627..9f4c8cf5f 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/LoginTests.java @@ -56,17 +56,17 @@ public class LoginTests extends SimpleWebApplicationTests { userEntity.setCreateTimeNow(); userService.insert(userEntity); - //获取publicKey - String publicKey = testGet("/authorize/public-key").exec().resultAsJson().getString("data"); - Assert.notNull(publicKey); - RSAPublicEncrypt publicEncrypt = Encrypt.rsa().publicEncrypt(publicKey); - String username = Base64.encodeBase64String(publicEncrypt.encrypt("test".getBytes())); - String password = Base64.encodeBase64String(publicEncrypt.encrypt("password_1234".getBytes())); +// //获取publicKey +// String publicKey = testGet("/authorize/public-key").exec().resultAsJson().getString("result"); +// Assert.notNull(publicKey); +// RSAPublicEncrypt publicEncrypt = Encrypt.rsa().publicEncrypt(publicKey); +// String username = Base64.encodeBase64String(publicEncrypt.encrypt("test".getBytes())); +// String password = Base64.encodeBase64String(publicEncrypt.encrypt("password_1234".getBytes())); JSONObject json = testPost("/authorize/login").setUp((builder) -> { - builder.param("username", username); - builder.param("password", password); + builder.param("username", userEntity.getUsername()); + builder.param("password","password_1234"); }).exec().resultAsJson(); - System.out.println(json); + org.junit.Assert.assertEquals(json.get("result"), userEntity.getId()); } } diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java index 15c40a0b4..2d795ad49 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/java/org/hswebframework/web/starter/authorization/UserTests.java @@ -112,7 +112,7 @@ public class UserTests extends SimpleWebApplicationTests { UserEntity newUserEntity = userEntity.clone(); newUserEntity.setUsername("test2"); - String antherId = userService.insert(newUserEntity); + String anotherId = userService.insert(newUserEntity); Assert.assertNotNull(id); Assert.assertEquals(userEntity.getPassword().length(), 32); @@ -141,16 +141,16 @@ public class UserTests extends SimpleWebApplicationTests { entityInDb = userService.selectByUsername(userEntity.getUsername()); Assert.assertEquals(entityInDb.getPassword(), userService.encodePassword("password_2345", entityInDb.getSalt())); - entityInDb.setId(antherId); + entityInDb.setId(anotherId); entityInDb.setName("新名字"); try { - userService.update(entityInDb); + userService.update(anotherId,entityInDb); Assert.assertTrue(false); } catch (ValidationException e) { Assert.assertEquals(e.getResults().getResults().get(0).getMessage(), "{username_exists}"); } entityInDb.setId(id); - userService.update(entityInDb); + userService.update(id,entityInDb); entityInDb = userService.selectByUsername(userEntity.getUsername()); Assert.assertEquals("新名字", entityInDb.getName()); diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml index 68b5698ae..51b167135 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/test/resources/application.yml @@ -10,7 +10,4 @@ spring: hsweb: app: name: 权限管理测试 - version: 3.0.0 - web: - authorize: - rsa: true \ No newline at end of file + version: 3.0.0 \ No newline at end of file diff --git a/hsweb-system/hsweb-system-authorization/pom.xml b/hsweb-system/hsweb-system-authorization/pom.xml index 5abe61583..6cb41a1c9 100644 --- a/hsweb-system/hsweb-system-authorization/pom.xml +++ b/hsweb-system/hsweb-system-authorization/pom.xml @@ -17,6 +17,7 @@ hsweb-system-authorization-service hsweb-system-authorization-starter hsweb-system-authorization-controller + hsweb-system-authorization-model diff --git a/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java b/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java index 0f4c96860..75373713c 100644 --- a/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java +++ b/hsweb-system/hsweb-system-config/hsweb-system-config-controller/src/main/java/org/hswebframework/web/controller/config/ConfigController.java @@ -18,6 +18,7 @@ package org.hswebframework.web.controller.config; +import io.swagger.annotations.Api; import org.hswebframework.web.authorization.annotation.Authorize; import org.hswebframework.web.commons.entity.param.QueryParamEntity; import org.hswebframework.web.controller.GenericEntityController; @@ -40,7 +41,8 @@ import org.springframework.web.bind.annotation.RestController; @RequestMapping("${hsweb.web.mappings.config:config}") @Authorize(permission = "config") @AccessLogger("配置管理") -public class ConfigController implements GenericEntityController { +@Api(description = "配置管理,用于系统配置信息维护") +public class ConfigController implements GenericEntityController { private ConfigService configService; @@ -54,8 +56,4 @@ public class ConfigController implements GenericEntityController { +public class DepartmentController implements GenericEntityController { private DepartmentService departmentService; diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java index 736b8ae20..299e68622 100644 --- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java +++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/OrganizationalController.java @@ -20,6 +20,7 @@ package org.hswebframework.web.controller.organizational; import org.hswebframework.web.authorization.annotation.Authorize; import org.hswebframework.web.commons.entity.param.QueryParamEntity; import org.hswebframework.web.controller.GenericEntityController; +import org.hswebframework.web.entity.organizational.DepartmentEntity; import org.hswebframework.web.entity.organizational.OrganizationalEntity; import org.hswebframework.web.logging.AccessLogger; import org.hswebframework.web.service.organizational.OrganizationalService; @@ -36,7 +37,7 @@ import org.springframework.web.bind.annotation.RestController; @RequestMapping("${hsweb.web.mappings.organizational:organizational}") @Authorize(permission = "organizational") @AccessLogger("组织管理") -public class OrganizationalController implements GenericEntityController { +public class OrganizationalController implements GenericEntityController { private OrganizationalService organizationalService; diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java index 16e9494d0..6898f328a 100644 --- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java +++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PersonController.java @@ -20,6 +20,7 @@ package org.hswebframework.web.controller.organizational; import org.hswebframework.web.authorization.annotation.Authorize; import org.hswebframework.web.commons.entity.param.QueryParamEntity; import org.hswebframework.web.controller.GenericEntityController; +import org.hswebframework.web.entity.organizational.DepartmentEntity; import org.hswebframework.web.entity.organizational.PersonEntity; import org.hswebframework.web.logging.AccessLogger; import org.hswebframework.web.service.organizational.PersonService; @@ -36,7 +37,7 @@ import org.springframework.web.bind.annotation.RestController; @RequestMapping("${hsweb.web.mappings.person:person}") @Authorize(permission = "person") @AccessLogger("人员") -public class PersonController implements GenericEntityController { +public class PersonController implements GenericEntityController { private PersonService personService; diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java index c7ef40b88..2bdc12d90 100644 --- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java +++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-controller/src/main/java/org/hswebframework/web/controller/organizational/PositionController.java @@ -24,6 +24,7 @@ import org.hswebframework.web.commons.entity.param.QueryParamEntity; import org.hswebframework.web.controller.GenericEntityController; import org.hswebframework.web.controller.QueryController; import org.hswebframework.web.controller.message.ResponseMessage; +import org.hswebframework.web.entity.organizational.DepartmentEntity; import org.hswebframework.web.entity.organizational.PositionEntity; import org.hswebframework.web.logging.AccessLogger; import org.hswebframework.web.service.organizational.PositionService; @@ -40,7 +41,7 @@ import org.springframework.web.bind.annotation.RestController; @RequestMapping("${hsweb.web.mappings.position:position}") @Authorize(permission = "position") @AccessLogger("职位管理") -public class PositionController implements GenericEntityController { +public class PositionController implements GenericEntityController { private PositionService positionService; diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java index b7093b5ee..894cc76be 100644 --- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java +++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/DepartmentTests.java @@ -51,18 +51,18 @@ public class DepartmentTests extends SimpleWebApplicationTests { String requestBody = JSON.toJSONString(entity); JSONObject result = testPost("/department").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson(); Assert.assertEquals(200, result.get("status")); - String id = result.getString("data"); + String id = result.getString("result"); Assert.assertNotNull(id); entity.setId(id); // test get data result = testGet("/department/" + id).exec().resultAsJson(); - entity = result.getObject("data", entityFactory.getInstanceType(DepartmentEntity.class)); + entity = result.getObject("result", entityFactory.getInstanceType(DepartmentEntity.class)); Assert.assertEquals(200, result.get("status")); - Assert.assertNotNull(result.getJSONObject("data")); + Assert.assertNotNull(result.getJSONObject("result")); Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity), - fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(DepartmentEntity.class)))); + fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(DepartmentEntity.class)))); //todo 修改测试属性 DepartmentEntity newEntity = entityFactory.newInstance(DepartmentEntity.class); newEntity.setName("test"); @@ -75,7 +75,7 @@ public class DepartmentTests extends SimpleWebApplicationTests { Assert.assertEquals(200, result.get("status")); result = testGet("/department/" + id).exec().resultAsJson(); - result = result.getJSONObject("data"); + result = result.getJSONObject("result"); Assert.assertNotNull(result); result = testDelete("/department/" + id).exec().resultAsJson(); diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java index e981a008d..dfc7bdc30 100644 --- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java +++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/OrganizationalTests.java @@ -50,18 +50,18 @@ public class OrganizationalTests extends SimpleWebApplicationTests { String requestBody = JSON.toJSONString(entity); JSONObject result = testPost("/department").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson(); Assert.assertEquals(200, result.get("status")); - String id = result.getString("data"); + String id = result.getString("result"); Assert.assertNotNull(id); entity.setId(id); // test get data result = testGet("/department/" + id).exec().resultAsJson(); - entity = result.getObject("data", entityFactory.getInstanceType(OrganizationalEntity.class)); + entity = result.getObject("result", entityFactory.getInstanceType(OrganizationalEntity.class)); Assert.assertEquals(200, result.get("status")); - Assert.assertNotNull(result.getJSONObject("data")); + Assert.assertNotNull(result.getJSONObject("result")); Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity), - fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(OrganizationalEntity.class)))); + fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(OrganizationalEntity.class)))); //todo 修改测试属性 OrganizationalEntity newEntity = entityFactory.newInstance(OrganizationalEntity.class); newEntity.setName("test"); @@ -74,7 +74,7 @@ public class OrganizationalTests extends SimpleWebApplicationTests { Assert.assertEquals(200, result.get("status")); result = testGet("/department/" + id).exec().resultAsJson(); - result = result.getJSONObject("data"); + result = result.getJSONObject("result"); Assert.assertNotNull(result); result = testDelete("/department/" + id).exec().resultAsJson(); diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java index efe1f78fa..294f5d474 100644 --- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java +++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PersonTests.java @@ -50,18 +50,18 @@ public class PersonTests extends SimpleWebApplicationTests { String requestBody = JSON.toJSONString(entity); JSONObject result = testPost("/person").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson(); Assert.assertEquals(200, result.get("status")); - String id = result.getString("data"); + String id = result.getString("result"); Assert.assertNotNull(id); entity.setId(id); // test get data result = testGet("/person/" + id).exec().resultAsJson(); - entity = result.getObject("data", entityFactory.getInstanceType(PersonEntity.class)); + entity = result.getObject("result", entityFactory.getInstanceType(PersonEntity.class)); Assert.assertEquals(200, result.get("status")); - Assert.assertNotNull(result.getJSONObject("data")); + Assert.assertNotNull(result.getJSONObject("result")); Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity), - fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(PersonEntity.class)))); + fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(PersonEntity.class)))); //todo 修改测试属性 PersonEntity newEntity = entityFactory.newInstance(PersonEntity.class); newEntity.setName("test2"); @@ -74,7 +74,7 @@ public class PersonTests extends SimpleWebApplicationTests { Assert.assertEquals(200, result.get("status")); result = testGet("/person/" + id).exec().resultAsJson(); - result = result.getJSONObject("data"); + result = result.getJSONObject("result"); Assert.assertNotNull(result); result = testDelete("/person/" + id).exec().resultAsJson(); diff --git a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java index f31f645ae..900636ca7 100644 --- a/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java +++ b/hsweb-system/hsweb-system-organizational/hsweb-system-organizational-starter/src/test/java/org/hswebframework/web/starter/organizational/PositionTests.java @@ -48,18 +48,18 @@ public class PositionTests extends SimpleWebApplicationTests { String requestBody = JSON.toJSONString(entity); JSONObject result = testPost("/position").setUp(setup -> setup.contentType(MediaType.APPLICATION_JSON).content(requestBody)).exec().resultAsJson(); Assert.assertEquals(200, result.get("status")); - String id = result.getString("data"); + String id = result.getString("result"); Assert.assertNotNull(id); entity.setId(id); // test get data result = testGet("/position/" + id).exec().resultAsJson(); - entity = result.getObject("data", entityFactory.getInstanceType(PositionEntity.class)); + entity = result.getObject("result", entityFactory.getInstanceType(PositionEntity.class)); Assert.assertEquals(200, result.get("status")); - Assert.assertNotNull(result.getJSONObject("data")); + Assert.assertNotNull(result.getJSONObject("result")); Assert.assertEquals(fastJsonHttpMessageConverter.converter(entity), - fastJsonHttpMessageConverter.converter(result.getObject("data", entityFactory.getInstanceType(PositionEntity.class)))); + fastJsonHttpMessageConverter.converter(result.getObject("result", entityFactory.getInstanceType(PositionEntity.class)))); //todo 修改测试属性 PositionEntity newEntity = entityFactory.newInstance(PositionEntity.class); newEntity.setName("test"); @@ -72,7 +72,7 @@ public class PositionTests extends SimpleWebApplicationTests { Assert.assertEquals(200, result.get("status")); result = testGet("/position/" + id).exec().resultAsJson(); - result = result.getJSONObject("data"); + result = result.getJSONObject("result"); Assert.assertNotNull(result); result = testDelete("/position/" + id).exec().resultAsJson();