优化权限API

hsweb-authorization/hsweb-authorization-api/pom.xml

@@ -16,6 +16,15 @@
             <artifactId>hsweb-boost-aop</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter</artifactId>
+            <optional>true</optional>
+        </dependency>
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>servlet-api</artifactId>

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java

@@ -91,5 +91,5 @@ public interface Permission extends Serializable {
      * @return 用户对此权限持有的数据权限信息, 用于数据级别的控制
      * @see DataAccessConfig
      */
-    Set<DataAccessConfig> getDataAccessConfigs();
+    Set<DataAccessConfig> getDataAccesses();
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/access/FieldAccessConfig.java

@@ -28,7 +28,7 @@ public interface FieldAccessConfig extends Serializable {
     }
 
     enum Type {
-        //目前之支持 deny
+        //目前仅支持 deny
         DENY
     }
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/builder/AuthenticationBuilder.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization.builder;
+
+import org.hswebframework.web.authorization.Authentication;
+import org.hswebframework.web.authorization.Permission;
+import org.hswebframework.web.authorization.Role;
+import org.hswebframework.web.authorization.User;
+
+import java.io.Serializable;
+import java.util.List;
+import java.util.Map;
+
+public interface AuthenticationBuilder extends Serializable {
+
+    AuthenticationBuilder user(User user);
+
+    AuthenticationBuilder user(String user);
+
+    AuthenticationBuilder user(Map<String, String> user);
+
+
+    AuthenticationBuilder role(List<Role> role);
+
+    AuthenticationBuilder role(String role);
+
+
+    AuthenticationBuilder permission(List<Permission> permission);
+
+    AuthenticationBuilder permission(String permission);
+
+    AuthenticationBuilder attributes(String attributes);
+
+    AuthenticationBuilder attributes(Map<String, Serializable> permission);
+
+    AuthenticationBuilder json(String json);
+
+    Authentication build();
+
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/builder/AuthenticationBuilderFactory.java

@@ -0,0 +1,10 @@
+package org.hswebframework.web.authorization.builder;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface AuthenticationBuilderFactory {
+    AuthenticationBuilder create();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/builder/DataAccessConfigBuilder.java

@@ -0,0 +1,13 @@
+package org.hswebframework.web.authorization.builder;
+
+import org.hswebframework.web.authorization.access.DataAccessConfig;
+
+/**
+ *
+ * @author zhouhao
+ */
+public interface DataAccessConfigBuilder {
+    DataAccessConfigBuilder fromJson(String json);
+
+    DataAccessConfig build();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/builder/DataAccessConfigBuilderFactory.java

@@ -0,0 +1,10 @@
+package org.hswebframework.web.authorization.builder;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface DataAccessConfigBuilderFactory {
+    DataAccessConfigBuilder create();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/builder/FieldAccessConfigBuilder.java

@@ -0,0 +1,14 @@
+package org.hswebframework.web.authorization.builder;
+
+import org.hswebframework.web.authorization.access.FieldAccessConfig;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface FieldAccessConfigBuilder {
+    FieldAccessConfigBuilder fromJson(String json);
+
+    FieldAccessConfig build();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/builder/FieldAccessConfigBuilderFactory.java

@@ -0,0 +1,10 @@
+package org.hswebframework.web.authorization.builder;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface FieldAccessConfigBuilderFactory {
+    FieldAccessConfigBuilder create();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/AbstractDataAccess.java

@@ -1,4 +1,4 @@
-package org.hswebframework.web.service.authorization.simple.access;
+package org.hswebframework.web.authorization.simple;
 
 import org.hswebframework.web.authorization.access.DataAccessConfig;
 

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/AuthorizationAutoConfiguration.java

@@ -0,0 +1,50 @@
+package org.hswebframework.web.authorization.simple;
+
+import org.hswebframework.web.authorization.builder.AuthenticationBuilderFactory;
+import org.hswebframework.web.authorization.builder.DataAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.builder.FieldAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.simple.builder.DataAccessConfigBuilderConvert;
+import org.hswebframework.web.authorization.simple.builder.SimpleAuthenticationBuilderFactory;
+import org.hswebframework.web.authorization.simple.builder.SimpleDataAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.simple.builder.SimpleFieldAccessConfigBuilderFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.List;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+@Configuration
+public class AuthorizationAutoConfiguration {
+
+    @Autowired(required = false)
+    private List<DataAccessConfigBuilderConvert> dataAccessConfigBuilderConverts;
+
+    @Bean
+    @ConditionalOnMissingBean(FieldAccessConfigBuilderFactory.class)
+    public FieldAccessConfigBuilderFactory fieldAccessConfigBuilderFactory() {
+        return new SimpleFieldAccessConfigBuilderFactory();
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(DataAccessConfigBuilderFactory.class)
+    public DataAccessConfigBuilderFactory dataAccessConfigBuilderFactory() {
+        SimpleDataAccessConfigBuilderFactory factory = new SimpleDataAccessConfigBuilderFactory();
+        if (null != dataAccessConfigBuilderConverts) {
+            dataAccessConfigBuilderConverts.forEach(factory::addConvert);
+        }
+        return factory;
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(AuthenticationBuilderFactory.class)
+    public AuthenticationBuilderFactory authenticationBuilderFactory(DataAccessConfigBuilderFactory dataAccessConfigBuilderFactory
+            , FieldAccessConfigBuilderFactory fieldAccessConfigBuilderFactory) {
+        return new SimpleAuthenticationBuilderFactory(fieldAccessConfigBuilderFactory, dataAccessConfigBuilderFactory);
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleAuthentication.java

@@ -0,0 +1,88 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization.simple;
+
+import org.hswebframework.web.authorization.*;
+
+import java.io.Serializable;
+import java.util.*;
+
+public class SimpleAuthentication implements Authentication {
+
+    private User user;
+
+    private List<Role> roles;
+
+    private List<Permission> permissions;
+
+    private Map<String, Serializable> attributes = new HashMap<>();
+
+    @Override
+    public User getUser() {
+        return user;
+    }
+
+    public void setUser(User user) {
+        this.user = user;
+    }
+
+    public void setRoles(List<Role> roles) {
+        this.roles = roles;
+    }
+
+    public void setPermissions(List<Permission> permissions) {
+        this.permissions = permissions;
+    }
+
+    @Override
+    public List<Role> getRoles() {
+        return new ArrayList<>(roles);
+    }
+
+    @Override
+    public List<Permission> getPermissions() {
+        return new ArrayList<>(permissions);
+    }
+
+    @Override
+    @SuppressWarnings("unchecked")
+    public <T extends Serializable> Optional<T> getAttribute(String name) {
+        return Optional.ofNullable((T) attributes.get(name));
+    }
+
+    @Override
+    public void setAttribute(String name, Serializable object) {
+        attributes.put(name, object);
+    }
+
+    @Override
+    public void setAttributes(Map<String, Serializable> attributes) {
+        this.attributes.putAll(attributes);
+    }
+
+    @Override
+    @SuppressWarnings("unchecked")
+    public <T extends Serializable> T removeAttributes(String name) {
+        return (T) attributes.remove(name);
+    }
+
+    @Override
+    public Map<String, Serializable> getAttributes() {
+        return attributes;
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleCustomDataAccess.java

@@ -1,4 +1,4 @@
-package org.hswebframework.web.service.authorization.simple.access;
+package org.hswebframework.web.authorization.simple;
 
 import org.hswebframework.web.authorization.access.CustomDataAccess;
 import org.hswebframework.web.authorization.access.DataAccessController;

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleFieldAccess.java

@@ -0,0 +1,37 @@
+package org.hswebframework.web.authorization.simple;
+
+import org.hswebframework.web.authorization.access.FieldAccessConfig;
+
+import java.util.HashSet;
+import java.util.Set;
+
+public class SimpleFieldAccess implements FieldAccessConfig {
+    private String      field;
+    private Set<String> actions;
+
+    public SimpleFieldAccess() {
+    }
+
+    public SimpleFieldAccess(String field, Set<String> actions) {
+        this.field = field;
+        this.actions = actions;
+    }
+
+    @Override
+    public String getField() {
+        return field;
+    }
+
+    @Override
+    public Set<String> getActions() {
+        return new HashSet<>(actions);
+    }
+
+    public void setField(String field) {
+        this.field = field;
+    }
+
+    public void setActions(Set<String> actions) {
+        this.actions = actions;
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleOwnCreatedDataAccess.java

@@ -1,4 +1,4 @@
-package org.hswebframework.web.service.authorization.simple.access;
+package org.hswebframework.web.authorization.simple;
 
 import org.hswebframework.web.authorization.access.OwnCreatedDataAccessConfig;
 
@@ -8,4 +8,11 @@ import org.hswebframework.web.authorization.access.OwnCreatedDataAccessConfig;
  * @author zhouhao
  */
 public class SimpleOwnCreatedDataAccess extends AbstractDataAccess implements OwnCreatedDataAccessConfig {
+
+    public SimpleOwnCreatedDataAccess() {
+    }
+
+    public SimpleOwnCreatedDataAccess(String action) {
+        setAction(action);
+    }
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimplePermission.java

@@ -0,0 +1,67 @@
+package org.hswebframework.web.authorization.simple;
+
+import org.hswebframework.web.authorization.Permission;
+import org.hswebframework.web.authorization.access.DataAccessConfig;
+import org.hswebframework.web.authorization.access.FieldAccessConfig;
+
+import java.util.Set;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimplePermission implements Permission {
+
+    private String id;
+
+    private Set<String> actions;
+
+    private Set<FieldAccessConfig> fieldAccesses;
+
+    private Set<DataAccessConfig> dataAccesses;
+
+    public SimplePermission() {
+    }
+
+    public SimplePermission(String id, Set<String> actions) {
+        this.id = id;
+        this.actions = actions;
+    }
+
+    @Override
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    @Override
+    public Set<String> getActions() {
+        return actions;
+    }
+
+    public void setActions(Set<String> actions) {
+        this.actions = actions;
+    }
+
+    @Override
+    public Set<FieldAccessConfig> getFieldAccesses() {
+        return fieldAccesses;
+    }
+
+    public void setFieldAccesses(Set<FieldAccessConfig> fieldAccesses) {
+        this.fieldAccesses = fieldAccesses;
+    }
+
+    @Override
+    public Set<DataAccessConfig> getDataAccesses() {
+        return dataAccesses;
+    }
+
+    public void setDataAccesses(Set<DataAccessConfig> dataAccesses) {
+        this.dataAccesses = dataAccesses;
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleRole.java

@@ -0,0 +1,40 @@
+package org.hswebframework.web.authorization.simple;
+
+import org.hswebframework.web.authorization.Role;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleRole implements Role {
+    private String id;
+
+    private String name;
+
+    public SimpleRole() {
+    }
+
+    public SimpleRole(String id, String name) {
+        this.id = id;
+        this.name = name;
+    }
+
+    @Override
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    @Override
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleScriptDataAccess.java

@@ -1,4 +1,4 @@
-package org.hswebframework.web.service.authorization.simple.access;
+package org.hswebframework.web.authorization.simple;
 
 import org.hswebframework.web.authorization.access.ScriptDataAccessConfig;
 

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleUser.java

@@ -0,0 +1,50 @@
+package org.hswebframework.web.authorization.simple;
+
+import org.hswebframework.web.authorization.User;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleUser implements User {
+    private String id;
+    private String username;
+    private String name;
+
+    public SimpleUser() {
+    }
+
+    public SimpleUser(String id, String username, String name) {
+        this.id = id;
+        this.username = username;
+        this.name = name;
+    }
+
+    @Override
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    @Override
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    @Override
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/DataAccessConfigBuilderConvert.java

@@ -0,0 +1,13 @@
+package org.hswebframework.web.authorization.simple.builder;
+
+import org.hswebframework.web.authorization.access.DataAccessConfig;
+
+/**
+ * @author zhouhao
+ */
+public interface DataAccessConfigBuilderConvert {
+
+    boolean isSupport(String type, String action, String config);
+
+    DataAccessConfig convert(String type, String action, String config);
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleAuthenticationBuilder.java

@@ -0,0 +1,131 @@
+package org.hswebframework.web.authorization.simple.builder;
+
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
+import org.hswebframework.web.authorization.Authentication;
+import org.hswebframework.web.authorization.Permission;
+import org.hswebframework.web.authorization.Role;
+import org.hswebframework.web.authorization.User;
+import org.hswebframework.web.authorization.builder.AuthenticationBuilder;
+import org.hswebframework.web.authorization.builder.DataAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.builder.FieldAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.simple.SimpleAuthentication;
+import org.hswebframework.web.authorization.simple.SimplePermission;
+import org.hswebframework.web.authorization.simple.SimpleRole;
+import org.hswebframework.web.authorization.simple.SimpleUser;
+
+import java.io.Serializable;
+import java.util.*;
+import java.util.stream.Collectors;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleAuthenticationBuilder implements AuthenticationBuilder {
+    private SimpleAuthentication authentication = new SimpleAuthentication();
+
+    private FieldAccessConfigBuilderFactory fieldBuilderFactory;
+    private DataAccessConfigBuilderFactory  dataBuilderFactory;
+
+    public SimpleAuthenticationBuilder(FieldAccessConfigBuilderFactory fieldBuilderFactory, DataAccessConfigBuilderFactory dataBuilderFactory) {
+        this.fieldBuilderFactory = fieldBuilderFactory;
+        this.dataBuilderFactory = dataBuilderFactory;
+    }
+
+    public void setFieldBuilderFactory(FieldAccessConfigBuilderFactory fieldBuilderFactory) {
+        this.fieldBuilderFactory = fieldBuilderFactory;
+    }
+
+    public void setDataBuilderFactory(DataAccessConfigBuilderFactory dataBuilderFactory) {
+        this.dataBuilderFactory = dataBuilderFactory;
+    }
+
+    @Override
+    public AuthenticationBuilder user(User user) {
+        Objects.requireNonNull(user);
+        authentication.setUser(user);
+        return this;
+    }
+
+    @Override
+    public AuthenticationBuilder user(String user) {
+        return user(JSON.parseObject(user, SimpleUser.class));
+    }
+
+    @Override
+    public AuthenticationBuilder user(Map<String, String> user) {
+        Objects.requireNonNull(user.get("id"));
+        user(new SimpleUser(user.get("id"), user.get("username"), user.get("name")));
+        return this;
+    }
+
+    @Override
+    public AuthenticationBuilder role(List<Role> role) {
+        authentication.setRoles(role);
+        return this;
+    }
+
+    @Override
+    @SuppressWarnings("unchecked")
+    public AuthenticationBuilder role(String role) {
+        return role((List) JSON.parseArray(role, SimpleRole.class));
+    }
+
+    @Override
+    public AuthenticationBuilder permission(List<Permission> permission) {
+        authentication.setPermissions(permission);
+        return this;
+    }
+
+    @Override
+    public AuthenticationBuilder permission(String permissionJson) {
+        JSONArray jsonArray = JSON.parseArray(permissionJson);
+        List<Permission> permissions = new ArrayList<>();
+        for (int i = 0; i < jsonArray.size(); i++) {
+            JSONObject jsonObject = jsonArray.getJSONObject(0);
+            SimplePermission permission = new SimplePermission();
+            permission.setId(jsonObject.getString("id"));
+            permission.setActions(new HashSet<>(jsonObject.getJSONArray("actions").toJavaList(String.class)));
+            permission.setFieldAccesses(jsonObject.getJSONArray("fieldAccesses").stream().map(JSONObject.class::cast)
+                    .map(fieldJson -> fieldBuilderFactory.create().fromJson(fieldJson.toJSONString()).build())
+                    .collect(Collectors.toSet()));
+
+            permission.setDataAccesses(jsonObject.getJSONArray("dataAccesses").stream().map(JSONObject.class::cast)
+                    .map(dataJson -> dataBuilderFactory.create().fromJson(dataJson.toJSONString()).build())
+                    .collect(Collectors.toSet()));
+            permissions.add(permission);
+        }
+
+        authentication.setPermissions(permissions);
+        return this;
+    }
+
+    @Override
+    public AuthenticationBuilder attributes(String attributes) {
+        authentication.setAttributes(JSON.<Map<String, Serializable>>parseObject(attributes, Map.class));
+        return this;
+    }
+
+    @Override
+    public AuthenticationBuilder attributes(Map<String, Serializable> permission) {
+        authentication.setAttributes(permission);
+        return this;
+    }
+
+    @Override
+    public AuthenticationBuilder json(String json) {
+        JSONObject jsonObject = JSON.parseObject(json);
+        user(jsonObject.getObject("user", SimpleUser.class));
+        role(jsonObject.getJSONArray("roles").toJSONString());
+        permission(jsonObject.getJSONArray("permissions").toJSONString());
+        return this;
+    }
+
+    @Override
+    public Authentication build() {
+        return authentication;
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleAuthenticationBuilderFactory.java

@@ -0,0 +1,27 @@
+package org.hswebframework.web.authorization.simple.builder;
+
+import org.hswebframework.web.authorization.builder.AuthenticationBuilder;
+import org.hswebframework.web.authorization.builder.AuthenticationBuilderFactory;
+import org.hswebframework.web.authorization.builder.DataAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.builder.FieldAccessConfigBuilderFactory;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleAuthenticationBuilderFactory implements AuthenticationBuilderFactory {
+    private FieldAccessConfigBuilderFactory fieldBuilderFactory;
+
+    private DataAccessConfigBuilderFactory dataBuilderFactory;
+
+    public SimpleAuthenticationBuilderFactory(FieldAccessConfigBuilderFactory fieldBuilderFactory, DataAccessConfigBuilderFactory dataBuilderFactory) {
+        this.fieldBuilderFactory = fieldBuilderFactory;
+        this.dataBuilderFactory = dataBuilderFactory;
+    }
+
+    @Override
+    public AuthenticationBuilder create() {
+        return new SimpleAuthenticationBuilder(fieldBuilderFactory, dataBuilderFactory);
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleDataAccessConfigBuilder.java

@@ -0,0 +1,50 @@
+package org.hswebframework.web.authorization.simple.builder;
+
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import org.hswebframework.web.authorization.access.DataAccessConfig;
+import org.hswebframework.web.authorization.builder.DataAccessConfigBuilder;
+import org.hswebframework.web.authorization.simple.SimpleCustomDataAccess;
+import org.hswebframework.web.authorization.simple.SimpleOwnCreatedDataAccess;
+
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * @author zhouhao
+ */
+public class SimpleDataAccessConfigBuilder implements DataAccessConfigBuilder {
+    private String json;
+
+    private List<DataAccessConfigBuilderConvert> converts;
+
+    public SimpleDataAccessConfigBuilder(List<DataAccessConfigBuilderConvert> converts) {
+        Objects.requireNonNull(converts);
+        this.converts = converts;
+    }
+
+    @Override
+    public DataAccessConfigBuilder fromJson(String json) {
+        this.json = json;
+        return this;
+    }
+
+    @Override
+    public DataAccessConfig build() {
+        Objects.requireNonNull(json);
+        JSONObject jsonObject = JSON.parseObject(json);
+
+        String type = jsonObject.getString("type");
+        String action = jsonObject.getString("action");
+        String config = jsonObject.getString("config");
+
+        Objects.requireNonNull(type);
+        Objects.requireNonNull(action);
+
+
+        return converts.stream().filter(convert -> convert.isSupport(type, action, config))
+                .findAny().map(convert -> convert.convert(type, action, config))
+                .orElse(null);
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleDataAccessConfigBuilderFactory.java

@@ -0,0 +1,73 @@
+package org.hswebframework.web.authorization.simple.builder;
+
+import com.alibaba.fastjson.JSON;
+import org.hswebframework.web.authorization.access.DataAccessConfig;
+import org.hswebframework.web.authorization.builder.DataAccessConfigBuilder;
+import org.hswebframework.web.authorization.builder.DataAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.simple.SimpleCustomDataAccess;
+import org.hswebframework.web.authorization.simple.SimpleOwnCreatedDataAccess;
+
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleDataAccessConfigBuilderFactory implements DataAccessConfigBuilderFactory {
+    private List<DataAccessConfigBuilderConvert> converts = new LinkedList<>();
+
+    public SimpleDataAccessConfigBuilderFactory addConvert(DataAccessConfigBuilderConvert configBuilderConvert) {
+        Objects.requireNonNull(configBuilderConvert);
+        converts.add(configBuilderConvert);
+        return this;
+    }
+
+    public SimpleDataAccessConfigBuilderFactory() {
+        converts.add(new DataAccessConfigBuilderConvert() {
+            @Override
+            public boolean isSupport(String type, String action, String config) {
+                return DataAccessConfig.DefaultType.OWN_CREATED.equals(type);
+            }
+
+            @Override
+            public DataAccessConfig convert(String type, String action, String config) {
+                return new SimpleOwnCreatedDataAccess(action);
+            }
+        });
+
+        converts.add(new DataAccessConfigBuilderConvert() {
+            @Override
+            public boolean isSupport(String type, String action, String config) {
+                return DataAccessConfig.DefaultType.SCRIPT.equals(type);
+            }
+
+            @Override
+            public DataAccessConfig convert(String type, String action, String config) {
+                SimpleOwnCreatedDataAccess access = JSON.parseObject(config, SimpleOwnCreatedDataAccess.class);
+                access.setAction(config);
+                return access;
+            }
+        });
+        converts.add(new DataAccessConfigBuilderConvert() {
+            @Override
+            public boolean isSupport(String type, String action, String config) {
+                return DataAccessConfig.DefaultType.CUSTOM.equals(type);
+            }
+
+            @Override
+            public DataAccessConfig convert(String type, String action, String config) {
+                SimpleCustomDataAccess access = new SimpleCustomDataAccess(config);
+                access.setAction(action);
+                return access;
+            }
+        });
+    }
+
+    @Override
+    public DataAccessConfigBuilder create() {
+        return new SimpleDataAccessConfigBuilder(converts);
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleFieldAccessConfigBuilder.java

@@ -0,0 +1,30 @@
+package org.hswebframework.web.authorization.simple.builder;
+
+import com.alibaba.fastjson.JSON;
+import org.hswebframework.web.authorization.access.FieldAccessConfig;
+import org.hswebframework.web.authorization.builder.FieldAccessConfigBuilder;
+import org.hswebframework.web.authorization.simple.SimpleFieldAccess;
+
+import java.util.Objects;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleFieldAccessConfigBuilder implements FieldAccessConfigBuilder {
+
+    private String json;
+
+    @Override
+    public FieldAccessConfigBuilder fromJson(String json) {
+        this.json = json;
+        return this;
+    }
+
+    @Override
+    public FieldAccessConfig build() {
+        Objects.requireNonNull(json);
+        return JSON.parseObject(json, SimpleFieldAccess.class);
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleFieldAccessConfigBuilderFactory.java

@@ -0,0 +1,16 @@
+package org.hswebframework.web.authorization.simple.builder;
+
+import org.hswebframework.web.authorization.builder.FieldAccessConfigBuilder;
+import org.hswebframework.web.authorization.builder.FieldAccessConfigBuilderFactory;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class SimpleFieldAccessConfigBuilderFactory implements FieldAccessConfigBuilderFactory {
+    @Override
+    public FieldAccessConfigBuilder create() {
+        return new SimpleFieldAccessConfigBuilder();
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/resources/META-INF/spring.factories

@@ -0,0 +1,3 @@
+# Auto Configure
+org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
+org.hswebframework.web.authorization.simple.AuthorizationAutoConfiguration