数据授权更新后，删除对应权限缓存

2021-08-17 17:09:59 +08:00 · 2021-08-17 17:09:59 +08:00 · 76a82ff006
parent a7fa87cf97
commit 76a82ff006
10 changed files with 192 additions and 178 deletions
--- a/datagear-management/src/main/java/org/datagear/management/service/DataPermissionEntityService.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/DataPermissionEntityService.java
@ -146,16 +146,6 @@ public interface DataPermissionEntityService<ID, T extends DataPermissionEntity<
 	 */
 	T getById(User user, ID id) throws PermissionDeniedException;

-	/**
-	 * 授权根据ID获取。
-	 * 
-	 * @param user
-	 * @param id
-	 * @return
-	 * @throws PermissionDeniedException
-	 */
-	T getByStringId(User user, String id) throws PermissionDeniedException;
-
 	/**
 	 * 授权根据ID获取，并用于编辑操作。
 	 * 
@ -197,4 +187,24 @@ public interface DataPermissionEntityService<ID, T extends DataPermissionEntity<
 	 * @return
 	 */
 	PagingData<T> pagingQuery(User user, PagingQuery pagingQuery, String dataFilter);
+
+	/**
+	 * 授权根据ID获取。
+	 * 
+	 * @param user
+	 * @param id
+	 * @return
+	 * @throws PermissionDeniedException
+	 */
+	T getByStringId(User user, String id) throws PermissionDeniedException;
+
+	/**
+	 * 指定ID的实体权限更新事件通知。
+	 * <p>
+	 * 此方法通常用于清除、或者重新加载权限缓存。
+	 * </p>
+	 * 
+	 * @param ids
+	 */
+	void permissionUpdated(String... ids);
 }
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/AbstractMybatisDataPermissionEntityService.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/AbstractMybatisDataPermissionEntityService.java
@ -22,6 +22,7 @@ import org.datagear.management.domain.DataIdPermission;
 import org.datagear.management.domain.DataPermissionEntity;
 import org.datagear.management.domain.User;
 import org.datagear.management.service.AnalysisProjectAwareEntityService;
+import org.datagear.management.service.AuthorizationService;
 import org.datagear.management.service.DataPermissionEntityService;
 import org.datagear.management.service.PermissionDeniedException;
 import org.datagear.management.util.dialect.MbSqlDialect;
@ -41,6 +42,8 @@ import org.springframework.cache.Cache.ValueWrapper;
 public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends DataPermissionEntity<ID>>
 		extends AbstractMybatisEntityService<ID, T> implements DataPermissionEntityService<ID, T>
 {
+	private AuthorizationService authorizationService;
+
 	private ServiceCache permissionCache;

 	public AbstractMybatisDataPermissionEntityService()
@ -48,14 +51,18 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends D
 		super();
 	}

-	public AbstractMybatisDataPermissionEntityService(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect)
+	public AbstractMybatisDataPermissionEntityService(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect,
+			AuthorizationService authorizationService)
 	{
 		super(sqlSessionFactory, dialect);
+		this.authorizationService = authorizationService;
 	}

-	public AbstractMybatisDataPermissionEntityService(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect)
+	public AbstractMybatisDataPermissionEntityService(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect,
+			AuthorizationService authorizationService)
 	{
 		super(sqlSessionTemplate, dialect);
+		this.authorizationService = authorizationService;
 	}

 	public ServiceCache getPermissionCache()
@ -221,6 +228,13 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends D
 		return pagingQuery(pagingQuery, params);
 	}

+	@Override
+	public void permissionUpdated(String... ids)
+	{
+		for (String id : ids)
+			this.permissionCache.evictImmediately(toPermissionCacheKeyOfStr(id));
+	}
+
 	protected void setDataFilterParam(Map<String, Object> params, String dataFilter)
 	{
 		if (!StringUtil.isEmpty(dataFilter))
@ -240,6 +254,17 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends D
 		return pagingQuery(pagingQuery, params);
 	}

+	@Override
+	protected boolean deleteById(ID id, Map<String, Object> params)
+	{
+		boolean deleted = super.deleteById(id, params);
+
+		if (deleted)
+			this.authorizationService.deleteByResource(getResourceType(), id.toString());
+
+		return deleted;
+	}
+
 	/**
 	 * 获取权限列表。
 	 * <p>
@ -399,9 +424,24 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends D
 	 * @return
 	 */
 	protected Object toPermissionCacheKey(ID id)
+	{
+		String idStr = (id == null ? null : id.toString());
+		return toPermissionCacheKeyOfStr(idStr);
+	}
+
+	/**
+	 * 获取指定实体ID的权限缓存关键字。
+	 * <p>
+	 * 调用此方法前应确保{@linkplain #isPermissionCacheEnabled()}为{@code true}。
+	 * </p>
+	 * 
+	 * @param id
+	 * @return
+	 */
+	protected Object toPermissionCacheKeyOfStr(String id)
 	{
 		if (this.permissionCache.isShared())
-			return new GlobalEntityCacheKey<ID>(getSqlNamespace() + "Permission", id);
+			return new GlobalEntityCacheKey<String>(getSqlNamespace() + "Permission", id);
 		else
 			return id;
 	}
@ -413,11 +453,21 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends D

 	/**
 	 * 添加数据权限SQL参数。
+	 * <p>
+	 * 子类可以重写此方法重新设置数据权限SQL参数。
+	 * </p>
+	 * <p>
+	 * 此方法默认实现是：调用{@linkplain #addDataPermissionParameters(Map, User, String, boolean)}，
+	 * 其中，{@code resourceType}为{@linkplain #getResourceType()}、{@code resourceHasCreator}为{@code true}。
+	 * </p>
 	 * 
 	 * @param params
 	 * @param user
 	 */
-	protected abstract void addDataPermissionParameters(Map<String, Object> params, User user);
+	protected void addDataPermissionParameters(Map<String, Object> params, User user)
+	{
+		addDataPermissionParameters(params, user, getResourceType(), true);
+	}

 	/**
 	 * 添加数据权限SQL参数。
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/AnalysisProjectServiceImpl.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/AnalysisProjectServiceImpl.java
@ -13,6 +13,7 @@ import org.apache.ibatis.session.SqlSessionFactory;
 import org.datagear.management.domain.AnalysisProject;
 import org.datagear.management.domain.User;
 import org.datagear.management.service.AnalysisProjectService;
+import org.datagear.management.service.AuthorizationService;
 import org.datagear.management.service.PermissionDeniedException;
 import org.datagear.management.util.dialect.MbSqlDialect;
 import org.mybatis.spring.SqlSessionTemplate;
@ -33,14 +34,16 @@ public class AnalysisProjectServiceImpl extends AbstractMybatisDataPermissionEnt
 		super();
 	}

-	public AnalysisProjectServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect)
+	public AnalysisProjectServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect,
+			AuthorizationService authorizationService)
 	{
-		super(sqlSessionFactory, dialect);
+		super(sqlSessionFactory, dialect, authorizationService);
 	}

-	public AnalysisProjectServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect)
+	public AnalysisProjectServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect,
+			AuthorizationService authorizationService)
 	{
-		super(sqlSessionTemplate, dialect);
+		super(sqlSessionTemplate, dialect, authorizationService);
 	}

 	@Override
@ -79,12 +82,6 @@ public class AnalysisProjectServiceImpl extends AbstractMybatisDataPermissionEnt
 			throw new IllegalArgumentException();
 	}

-	@Override
-	protected void addDataPermissionParameters(Map<String, Object> params, User user)
-	{
-		addDataPermissionParameters(params, user, getResourceType(), true);
-	}
-
 	@Override
 	protected String getSqlNamespace()
 	{
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/AuthorizationServiceImpl.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/AuthorizationServiceImpl.java
@ -62,25 +62,35 @@ public class AuthorizationServiceImpl extends AbstractMybatisEntityService<Strin
 		this.resourceServices = resourceServices;
 	}

+	@Override
+	public boolean add(Authorization entity)
+	{
+		boolean re = super.add(entity);
+
+		if (re)
+			permissionUpdated(entity.getResourceType(), entity.getResource());
+
+		return re;
+	}
+
+	@Override
+	public boolean deleteById(String id)
+	{
+		Authorization authorization = getById(id);
+
+		if (authorization != null)
+			permissionUpdated(authorization.getResourceType(), authorization.getResource());
+
+		return super.deleteById(id);
+	}
+
 	@Override
 	public boolean isAllowAuthorization(User user, String resourceType, String resourceId)
 	{
 		if (isEmpty(resourceId) || isEmpty(resourceType))
 			throw new IllegalArgumentException();

-		DataPermissionEntityService<?, ?> resourceService = null;
-
-		if (this.resourceServices != null)
-		{
-			for (DataPermissionEntityService<?, ?> rs : this.resourceServices)
-			{
-				if (resourceType.equals(rs.getResourceType()))
-				{
-					resourceService = rs;
-					break;
-				}
-			}
-		}
+		DataPermissionEntityService<?, ?> resourceService = getResourceService(resourceType);

 		if (resourceService == null)
 			return false;
@ -101,7 +111,12 @@ public class AuthorizationServiceImpl extends AbstractMybatisEntityService<Strin
 		params.put("resource", resource);
 		params.put("ids", ids);

-		return updateMybatis("deleteByIdsForResource", params);
+		int count = updateMybatis("deleteByIdsForResource", params);
+
+		if (count > 0)
+			permissionUpdated(resourceType, resource);
+
+		return count;
 	}

 	@Override
@ -111,7 +126,12 @@ public class AuthorizationServiceImpl extends AbstractMybatisEntityService<Strin
 		params.put("resourceType", resourceType);
 		params.put("resources", resources);

-		return updateMybatis("deleteByResource", params);
+		int count = updateMybatis("deleteByResource", params);
+
+		if (count > 0)
+			permissionUpdated(resourceType, resources);
+
+		return count;
 	}

 	@Override
@ -143,6 +163,39 @@ public class AuthorizationServiceImpl extends AbstractMybatisEntityService<Strin
 		return context;
 	}

+	protected void permissionUpdated(String resourceType, String... resources)
+	{
+		DataPermissionEntityService<?, ?> resourceService = getResourceService(resourceType);
+
+		if (resourceService != null)
+			resourceService.permissionUpdated(resources);
+	}
+
+	/**
+	 * 获取指定类型的资源服务。
+	 * 
+	 * @param resourceType
+	 * @return 可能为{@code null}
+	 */
+	protected DataPermissionEntityService<?, ?> getResourceService(String resourceType)
+	{
+		DataPermissionEntityService<?, ?> resourceService = null;
+
+		if (this.resourceServices != null)
+		{
+			for (DataPermissionEntityService<?, ?> rs : this.resourceServices)
+			{
+				if (resourceType.equals(rs.getResourceType()))
+				{
+					resourceService = rs;
+					break;
+				}
+			}
+		}
+
+		return resourceService;
+	}
+
 	@Override
 	protected String getSqlNamespace()
 	{
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/DataSetEntityServiceImpl.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/DataSetEntityServiceImpl.java
@ -57,8 +57,6 @@ public class DataSetEntityServiceImpl extends AbstractMybatisDataPermissionEntit

 	private SchemaService schemaService;

-	private AuthorizationService authorizationService;
-
 	/** 数据集文件存储根目录 */
 	private File dataSetRootDirectory;

@ -70,25 +68,25 @@ public class DataSetEntityServiceImpl extends AbstractMybatisDataPermissionEntit
 	}

 	public DataSetEntityServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect,
-			ConnectionSource connectionSource, SchemaService schemaService, AuthorizationService authorizationService,
+			AuthorizationService authorizationService,
+			ConnectionSource connectionSource, SchemaService schemaService,
 			File dataSetRootDirectory, HttpClient httpClient)
 	{
-		super(sqlSessionFactory, dialect);
+		super(sqlSessionFactory, dialect, authorizationService);
 		this.connectionSource = connectionSource;
 		this.schemaService = schemaService;
-		this.authorizationService = authorizationService;
 		setDataSetRootDirectory(dataSetRootDirectory);
 		this.httpClient = httpClient;
 	}

 	public DataSetEntityServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect,
-			ConnectionSource connectionSource, SchemaService schemaService, AuthorizationService authorizationService,
+			AuthorizationService authorizationService,
+			ConnectionSource connectionSource, SchemaService schemaService,
 			File dataSetRootDirectory, HttpClient httpClient)
 	{
-		super(sqlSessionTemplate, dialect);
+		super(sqlSessionTemplate, dialect, authorizationService);
 		this.connectionSource = connectionSource;
 		this.schemaService = schemaService;
-		this.authorizationService = authorizationService;
 		setDataSetRootDirectory(dataSetRootDirectory);
 		this.httpClient = httpClient;
 	}
@ -113,16 +111,6 @@ public class DataSetEntityServiceImpl extends AbstractMybatisDataPermissionEntit
 		this.schemaService = schemaService;
 	}

-	public AuthorizationService getAuthorizationService()
-	{
-		return authorizationService;
-	}
-
-	public void setAuthorizationService(AuthorizationService authorizationService)
-	{
-		this.authorizationService = authorizationService;
-	}
-
 	public File getDataSetRootDirectory()
 	{
 		return dataSetRootDirectory;
@ -413,19 +401,6 @@ public class DataSetEntityServiceImpl extends AbstractMybatisDataPermissionEntit
 		return entity;
 	}

-	@Override
-	protected boolean deleteById(String id, Map<String, Object> params)
-	{
-		boolean deleted = super.deleteById(id, params);
-
-		if (deleted)
-		{
-			this.authorizationService.deleteByResource(SqlDataSetEntity.AUTHORIZATION_RESOURCE_TYPE, id);
-		}
-
-		return deleted;
-	}
-
 	protected void inflateParamsAndProperties(DataSetEntity dataSetEntity)
 	{
 		if (dataSetEntity == null)
@ -528,9 +503,9 @@ public class DataSetEntityServiceImpl extends AbstractMybatisDataPermissionEntit
 	@Override
 	protected void addDataPermissionParameters(Map<String, Object> params, User user)
 	{
+		super.addDataPermissionParameters(params, user);
 		params.put(AnalysisProjectAwareEntity.DATA_PERMISSION_PARAM_RESOURCE_TYPE_ANALYSIS_PROJECT,
 				AnalysisProject.AUTHORIZATION_RESOURCE_TYPE);
-		addDataPermissionParameters(params, user, getResourceType(), true);
 	}

 	@Override
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/DataSetResDirectoryServiceImpl.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/DataSetResDirectoryServiceImpl.java
@ -12,6 +12,7 @@ import java.util.Map;
 import org.apache.ibatis.session.SqlSessionFactory;
 import org.datagear.management.domain.DataSetResDirectory;
 import org.datagear.management.domain.User;
+import org.datagear.management.service.AuthorizationService;
 import org.datagear.management.service.DataSetResDirectoryService;
 import org.datagear.management.service.PermissionDeniedException;
 import org.datagear.management.util.dialect.MbSqlDialect;
@ -33,14 +34,16 @@ public class DataSetResDirectoryServiceImpl extends
 		super();
 	}

-	public DataSetResDirectoryServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect)
+	public DataSetResDirectoryServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect,
+			AuthorizationService authorizationService)
 	{
-		super(sqlSessionFactory, dialect);
+		super(sqlSessionFactory, dialect, authorizationService);
 	}

-	public DataSetResDirectoryServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect)
+	public DataSetResDirectoryServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect,
+			AuthorizationService authorizationService)
 	{
-		super(sqlSessionTemplate, dialect);
+		super(sqlSessionTemplate, dialect, authorizationService);
 	}

 	@Override
@ -79,12 +82,6 @@ public class DataSetResDirectoryServiceImpl extends
 			throw new IllegalArgumentException();
 	}

-	@Override
-	protected void addDataPermissionParameters(Map<String, Object> params, User user)
-	{
-		addDataPermissionParameters(params, user, getResourceType(), true);
-	}
-
 	@Override
 	protected String getSqlNamespace()
 	{
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/HtmlChartWidgetEntityServiceImpl.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/HtmlChartWidgetEntityServiceImpl.java
@ -60,31 +60,27 @@ public class HtmlChartWidgetEntityServiceImpl

 	private DataSetEntityService dataSetEntityService;

-	private AuthorizationService authorizationService;
-
 	public HtmlChartWidgetEntityServiceImpl()
 	{
 		super();
 	}

 	public HtmlChartWidgetEntityServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect,
-			ChartPluginManager chartPluginManager, DataSetEntityService dataSetEntityService,
-			AuthorizationService authorizationService)
+			AuthorizationService authorizationService,
+			ChartPluginManager chartPluginManager, DataSetEntityService dataSetEntityService)
 	{
-		super(sqlSessionFactory, dialect);
+		super(sqlSessionFactory, dialect, authorizationService);
 		this.chartPluginManager = chartPluginManager;
 		this.dataSetEntityService = dataSetEntityService;
-		this.authorizationService = authorizationService;
 	}

 	public HtmlChartWidgetEntityServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect,
-			ChartPluginManager chartPluginManager, DataSetEntityService dataSetEntityService,
-			AuthorizationService authorizationService)
+			AuthorizationService authorizationService,
+			ChartPluginManager chartPluginManager, DataSetEntityService dataSetEntityService)
 	{
-		super(sqlSessionTemplate, dialect);
+		super(sqlSessionTemplate, dialect, authorizationService);
 		this.chartPluginManager = chartPluginManager;
 		this.dataSetEntityService = dataSetEntityService;
-		this.authorizationService = authorizationService;
 	}

 	public ChartPluginManager getChartPluginManager()
@ -107,16 +103,6 @@ public class HtmlChartWidgetEntityServiceImpl
 		this.dataSetEntityService = dataSetEntityService;
 	}

-	public AuthorizationService getAuthorizationService()
-	{
-		return authorizationService;
-	}
-
-	public void setAuthorizationService(AuthorizationService authorizationService)
-	{
-		this.authorizationService = authorizationService;
-	}
-
 	@Override
 	public ChartWidget getChartWidget(String id) throws Throwable
 	{
@ -212,17 +198,6 @@ public class HtmlChartWidgetEntityServiceImpl
 		return success;
 	}

-	@Override
-	protected boolean deleteById(String id, Map<String, Object> params)
-	{
-		boolean deleted = super.deleteById(id, params);
-
-		if (deleted)
-			this.authorizationService.deleteByResource(HtmlChartWidgetEntity.AUTHORIZATION_RESOURCE_TYPE, id);
-
-		return deleted;
-	}
-
 	@Override
 	protected HtmlChartWidgetEntity getByIdFromDB(String id, Map<String, Object> params)
 	{
@ -264,9 +239,9 @@ public class HtmlChartWidgetEntityServiceImpl
 	@Override
 	protected void addDataPermissionParameters(Map<String, Object> params, User user)
 	{
+		super.addDataPermissionParameters(params, user);
 		params.put(AnalysisProjectAwareEntity.DATA_PERMISSION_PARAM_RESOURCE_TYPE_ANALYSIS_PROJECT,
 				AnalysisProject.AUTHORIZATION_RESOURCE_TYPE);
-		addDataPermissionParameters(params, user, getResourceType(), true);
 	}

 	@Override
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/HtmlTplDashboardWidgetEntityServiceImpl.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/HtmlTplDashboardWidgetEntityServiceImpl.java
@ -37,27 +37,25 @@ public class HtmlTplDashboardWidgetEntityServiceImpl

 	private HtmlTplDashboardWidgetRenderer htmlTplDashboardWidgetRenderer;

-	private AuthorizationService authorizationService;
-
 	public HtmlTplDashboardWidgetEntityServiceImpl()
 	{
 		super();
 	}

 	public HtmlTplDashboardWidgetEntityServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect,
-			HtmlTplDashboardWidgetRenderer htmlTplDashboardWidgetRenderer, AuthorizationService authorizationService)
+			AuthorizationService authorizationService,
+			HtmlTplDashboardWidgetRenderer htmlTplDashboardWidgetRenderer)
 	{
-		super(sqlSessionFactory, dialect);
+		super(sqlSessionFactory, dialect, authorizationService);
 		this.htmlTplDashboardWidgetRenderer = htmlTplDashboardWidgetRenderer;
-		this.authorizationService = authorizationService;
 	}

 	public HtmlTplDashboardWidgetEntityServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect,
-			HtmlTplDashboardWidgetRenderer htmlTplDashboardWidgetRenderer, AuthorizationService authorizationService)
+			AuthorizationService authorizationService,
+			HtmlTplDashboardWidgetRenderer htmlTplDashboardWidgetRenderer)
 	{
-		super(sqlSessionTemplate, dialect);
+		super(sqlSessionTemplate, dialect, authorizationService);
 		this.htmlTplDashboardWidgetRenderer = htmlTplDashboardWidgetRenderer;
-		this.authorizationService = authorizationService;
 	}

 	@Override
@ -71,16 +69,6 @@ public class HtmlTplDashboardWidgetEntityServiceImpl
 		this.htmlTplDashboardWidgetRenderer = htmlTplDashboardWidgetRenderer;
 	}

-	public AuthorizationService getAuthorizationService()
-	{
-		return authorizationService;
-	}
-
-	public void setAuthorizationService(AuthorizationService authorizationService)
-	{
-		this.authorizationService = authorizationService;
-	}
-
 	@Override
 	public HtmlTplDashboardWidgetEntity getHtmlTplDashboardWidget(User user, String id)
 	{
@ -127,10 +115,7 @@ public class HtmlTplDashboardWidgetEntityServiceImpl
 		boolean deleted = super.deleteById(id, params);

 		if (deleted)
-		{
-			this.authorizationService.deleteByResource(HtmlTplDashboardWidgetEntity.AUTHORIZATION_RESOURCE_TYPE, id);
 			this.htmlTplDashboardWidgetRenderer.getTemplateDashboardWidgetResManager().delete(id);
-		}

 		return deleted;
 	}
@ -145,9 +130,9 @@ public class HtmlTplDashboardWidgetEntityServiceImpl
 	@Override
 	protected void addDataPermissionParameters(Map<String, Object> params, User user)
 	{
+		super.addDataPermissionParameters(params, user);
 		params.put(AnalysisProjectAwareEntity.DATA_PERMISSION_PARAM_RESOURCE_TYPE_ANALYSIS_PROJECT,
 				AnalysisProject.AUTHORIZATION_RESOURCE_TYPE);
-		addDataPermissionParameters(params, user, getResourceType(), true);
 	}

 	@Override
--- a/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaServiceImpl.java
+++ b/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaServiceImpl.java
@ -33,27 +33,25 @@ public class SchemaServiceImpl extends AbstractMybatisDataPermissionEntityServic

 	private DriverEntityManager driverEntityManager;

-	private AuthorizationService authorizationService;
-
 	public SchemaServiceImpl()
 	{
 		super();
 	}

 	public SchemaServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect,
-			DriverEntityManager driverEntityManager, AuthorizationService authorizationService)
+			AuthorizationService authorizationService,
+			DriverEntityManager driverEntityManager)
 	{
-		super(sqlSessionFactory, dialect);
+		super(sqlSessionFactory, dialect, authorizationService);
 		this.driverEntityManager = driverEntityManager;
-		this.authorizationService = authorizationService;
 	}

 	public SchemaServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect,
-			DriverEntityManager driverEntityManager, AuthorizationService authorizationService)
+			AuthorizationService authorizationService,
+			DriverEntityManager driverEntityManager)
 	{
-		super(sqlSessionTemplate, dialect);
+		super(sqlSessionTemplate, dialect, authorizationService);
 		this.driverEntityManager = driverEntityManager;
-		this.authorizationService = authorizationService;
 	}

 	public DriverEntityManager getDriverEntityManager()
@ -66,16 +64,6 @@ public class SchemaServiceImpl extends AbstractMybatisDataPermissionEntityServic
 		this.driverEntityManager = driverEntityManager;
 	}

-	public AuthorizationService getAuthorizationService()
-	{
-		return authorizationService;
-	}
-
-	public void setAuthorizationService(AuthorizationService authorizationService)
-	{
-		this.authorizationService = authorizationService;
-	}
-
 	@Override
 	public String getResourceType()
 	{
@ -104,17 +92,6 @@ public class SchemaServiceImpl extends AbstractMybatisDataPermissionEntityServic
 		return super.getById(user, id);
 	}

-	@Override
-	protected boolean deleteById(String id, Map<String, Object> params)
-	{
-		boolean deleted = super.deleteById(id, params);
-
-		if (deleted)
-			this.authorizationService.deleteByResource(Schema.AUTHORIZATION_RESOURCE_TYPE, id);
-
-		return deleted;
-	}
-
 	@Override
 	public int updateCreateUserId(String oldUserId, String newUserId)
 	{
@ -176,12 +153,6 @@ public class SchemaServiceImpl extends AbstractMybatisDataPermissionEntityServic
 		// throw new SaveSchemaUrlPermissionDeniedException();
 	}

-	@Override
-	protected void addDataPermissionParameters(Map<String, Object> params, User user)
-	{
-		addDataPermissionParameters(params, user, getResourceType(), true);
-	}
-
 	@Override
 	protected String getSqlNamespace()
 	{
--- a/datagear-web/src/main/java/org/datagear/web/config/CoreConfig.java
+++ b/datagear-web/src/main/java/org/datagear/web/config/CoreConfig.java
@ -470,7 +470,7 @@ public class CoreConfig implements ApplicationListener<ContextRefreshedEvent>
 	public SchemaService schemaService()
 	{
 		SchemaServiceImpl bean = new SchemaServiceImpl(this.sqlSessionFactory(), this.mbSqlDialect(),
-				this.driverEntityManager(), this.authorizationService());
+				this.authorizationService(), this.driverEntityManager());

 		return bean;
 	}
@ -503,7 +503,7 @@ public class CoreConfig implements ApplicationListener<ContextRefreshedEvent>
 	public DataSetEntityService dataSetEntityService()
 	{
 		DataSetEntityServiceImpl bean = new DataSetEntityServiceImpl(this.sqlSessionFactory(), this.mbSqlDialect(),
-				this.connectionSource(), this.schemaService(), this.authorizationService(), this.dataSetRootDirectory(),
+				this.authorizationService(), this.connectionSource(), this.schemaService(), this.dataSetRootDirectory(),
 				this.httpClient());

 		return bean;
@ -544,8 +544,8 @@ public class CoreConfig implements ApplicationListener<ContextRefreshedEvent>
 	public HtmlChartWidgetEntityService htmlChartWidgetEntityService()
 	{
 		HtmlChartWidgetEntityServiceImpl bean = new HtmlChartWidgetEntityServiceImpl(this.sqlSessionFactory(),
-				this.mbSqlDialect(), this.directoryHtmlChartPluginManager(), this.dataSetEntityService(),
-				this.authorizationService());
+				this.mbSqlDialect(), this.authorizationService(), this.directoryHtmlChartPluginManager(),
+				this.dataSetEntityService());

 		return bean;
 	}
@ -652,8 +652,8 @@ public class CoreConfig implements ApplicationListener<ContextRefreshedEvent>
 	public HtmlTplDashboardWidgetEntityService htmlTplDashboardWidgetEntityService()
 	{
 		HtmlTplDashboardWidgetEntityServiceImpl bean = new HtmlTplDashboardWidgetEntityServiceImpl(
-				this.sqlSessionFactory(), this.mbSqlDialect(), this.htmlTplDashboardWidgetRenderer(),
-				this.authorizationService());
+				this.sqlSessionFactory(), this.mbSqlDialect(), this.authorizationService(),
+				this.htmlTplDashboardWidgetRenderer());

 		return bean;
 	}
@ -661,7 +661,8 @@ public class CoreConfig implements ApplicationListener<ContextRefreshedEvent>
 	@Bean
 	public AnalysisProjectService analysisProjectService()
 	{
-		AnalysisProjectService bean = new AnalysisProjectServiceImpl(this.sqlSessionFactory(), this.mbSqlDialect());
+		AnalysisProjectService bean = new AnalysisProjectServiceImpl(this.sqlSessionFactory(), this.mbSqlDialect(),
+				this.authorizationService());
 		return bean;
 	}

@ -669,7 +670,7 @@ public class CoreConfig implements ApplicationListener<ContextRefreshedEvent>
 	public DataSetResDirectoryService dataSetResDirectoryService()
 	{
 		DataSetResDirectoryService bean = new DataSetResDirectoryServiceImpl(this.sqlSessionFactory(),
-				this.mbSqlDialect());
+				this.mbSqlDialect(), this.authorizationService());
 		return bean;
 	}