forked from p85126437/datagear
完善授权管理功能
This commit is contained in:
datagear
parent
4307d30bcf
commit
f3ca381ed1
|
|
@ -23,6 +23,11 @@ public class Authorization extends AbstractStringIdEntity
|
|||
/** 授权资源类型:授权 */
|
||||
public static final String RESOURCE_TYPE_AUTHORIZATION = "AUTHORIZATION";
|
||||
|
||||
/**
|
||||
* 模式匹配资源类型的后缀,例如:"DATA_SOURCE_PATTERN",表示数据源资源模式匹配授权
|
||||
*/
|
||||
public static final String PATTERN_RESOURCE_TYPE_SUFFIX = "_PATTERN";
|
||||
|
||||
/** 授权主体类型:全部用户 */
|
||||
public static final String PRINCIPAL_TYPE_ALl = "ALL";
|
||||
|
||||
|
|
@ -43,21 +48,24 @@ public class Authorization extends AbstractStringIdEntity
|
|||
|
||||
/*------------------------------------------------------*/
|
||||
/*
|
||||
* 注意:权限值范围必须在[0, 100)之间,因为commonDataPermissionSqls.xml会对权限值取模100。
|
||||
* 注意:权限值范围必须在[0, 99]之间,因为commonDataPermissionSqls.xml会对权限值取模100。
|
||||
* 这里的权限值都留有间隔,便于各模块扩展自定义权限值。
|
||||
*/
|
||||
|
||||
/** 权限:无 */
|
||||
public static final int PERMISSION_NONE = 0;
|
||||
/** 权限起始值:无 */
|
||||
public static final int PERMISSION_NONE_START = 0;
|
||||
|
||||
/** 权限:读取 */
|
||||
public static final int PERMISSION_READ = 20;
|
||||
/** 权限起始值:只读 */
|
||||
public static final int PERMISSION_READ_START = 20;
|
||||
|
||||
/** 权限:编辑 */
|
||||
public static final int PERMISSION_EDIT = 40;
|
||||
/** 权起始值限:编辑 */
|
||||
public static final int PERMISSION_EDIT_START = 40;
|
||||
|
||||
/** 权限:删除 */
|
||||
public static final int PERMISSION_DELETE = 60;
|
||||
/** 权限起始值:删除 */
|
||||
public static final int PERMISSION_DELETE_START = 60;
|
||||
|
||||
/** 最大权限值 */
|
||||
public static final int PERMISSION_MAX = 99;
|
||||
|
||||
/*------------------------------------------------------*/
|
||||
|
||||
|
|
@ -221,35 +229,79 @@ public class Authorization extends AbstractStringIdEntity
|
|||
}
|
||||
|
||||
/**
|
||||
* 是否为可读取权限。
|
||||
* 是否无权限。
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public static boolean isNone(int permission)
|
||||
{
|
||||
return (permission >= PERMISSION_NONE_START && permission < PERMISSION_READ_START);
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否是只读权限。
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public static boolean isRead(int permission)
|
||||
{
|
||||
return (permission >= PERMISSION_READ_START && permission < PERMISSION_EDIT_START);
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否是可编辑权限。
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public static boolean isEdit(int permission)
|
||||
{
|
||||
return (permission >= PERMISSION_EDIT_START && permission < PERMISSION_DELETE_START);
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否是可删除权限。
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public static boolean isDelete(int permission)
|
||||
{
|
||||
return (permission >= PERMISSION_DELETE_START);
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否可读、或者可编辑、或者可删除。
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public static boolean canRead(int permission)
|
||||
{
|
||||
return (PERMISSION_READ <= permission);
|
||||
return (permission >= PERMISSION_READ_START);
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否为可编辑权限。
|
||||
* 是否可编辑、或者可删除。
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public static boolean canEdit(int permission)
|
||||
{
|
||||
return (PERMISSION_EDIT <= permission);
|
||||
return (permission >= PERMISSION_EDIT_START);
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否为可删除权限。
|
||||
* 是否可删除。
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public static boolean canDelete(int permission)
|
||||
{
|
||||
return (PERMISSION_DELETE <= permission);
|
||||
return (permission >= PERMISSION_DELETE_START);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,14 +20,22 @@ public class Schema extends AbstractStringIdEntity
|
|||
{
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
/*------------------------------------------------------*/
|
||||
/*
|
||||
* 从业务角度看,对数据源的授权不应是对其记录本身,而是它包含表中的数据。
|
||||
* 所以,这里扩展了Authorization.PERMISSION_READ_START权限,授予下面这些权限,都是对数据源记录本身的读权限。
|
||||
*/
|
||||
|
||||
/** 数据源内的表数据权限:读取 */
|
||||
public static final int PERMISSION_TABLE_DATA_READ = Authorization.PERMISSION_READ + 1;
|
||||
public static final int PERMISSION_TABLE_DATA_READ = Authorization.PERMISSION_READ_START + 3;
|
||||
|
||||
/** 数据源内的表数据权限:编辑 */
|
||||
public static final int PERMISSION_TABLE_DATA_EDIT = Authorization.PERMISSION_READ + 2;
|
||||
public static final int PERMISSION_TABLE_DATA_EDIT = Authorization.PERMISSION_READ_START + 6;
|
||||
|
||||
/** 数据源内的表数据权限:删除 */
|
||||
public static final int PERMISSION_TABLE_DATA_DELETE = Authorization.PERMISSION_READ + 3;
|
||||
public static final int PERMISSION_TABLE_DATA_DELETE = Authorization.PERMISSION_READ_START + 9;
|
||||
|
||||
/*------------------------------------------------------*/
|
||||
|
||||
/** 标题 */
|
||||
private String title;
|
||||
|
|
@ -47,9 +55,6 @@ public class Schema extends AbstractStringIdEntity
|
|||
/** 此模式的创建时间 */
|
||||
private Date createTime;
|
||||
|
||||
/** 是否共享的 */
|
||||
private boolean shared = false;
|
||||
|
||||
/** 数据库驱动程序路径名 */
|
||||
private DriverEntity driverEntity;
|
||||
|
||||
|
|
@ -142,16 +147,6 @@ public class Schema extends AbstractStringIdEntity
|
|||
this.createTime = createTime;
|
||||
}
|
||||
|
||||
public boolean isShared()
|
||||
{
|
||||
return shared;
|
||||
}
|
||||
|
||||
public void setShared(boolean shared)
|
||||
{
|
||||
this.shared = shared;
|
||||
}
|
||||
|
||||
public boolean hasDriverEntity()
|
||||
{
|
||||
if (this.driverEntity == null)
|
||||
|
|
@ -200,7 +195,6 @@ public class Schema extends AbstractStringIdEntity
|
|||
public String toString()
|
||||
{
|
||||
return getClass().getSimpleName() + " [title=" + title + ", url=" + url + ", user=" + user + ", createUser="
|
||||
+ createUser + ", createTime=" + createTime + ", shared=" + shared + ", driverEntity=" + driverEntity
|
||||
+ "]";
|
||||
+ createUser + ", createTime=" + createTime + ", driverEntity=" + driverEntity + "]";
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends E
|
|||
List<ID> ids = new ArrayList<ID>(1);
|
||||
ids.add(id);
|
||||
|
||||
List<Integer> permissions = getPermissions(user, ids, Authorization.PERMISSION_NONE);
|
||||
List<Integer> permissions = getPermissions(user, ids, Authorization.PERMISSION_NONE_START);
|
||||
|
||||
return permissions.get(0);
|
||||
}
|
||||
|
|
@ -61,7 +61,7 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends E
|
|||
{
|
||||
List<ID> idList = Arrays.asList(ids);
|
||||
|
||||
List<Integer> permissions = getPermissions(user, idList, Authorization.PERMISSION_NONE);
|
||||
List<Integer> permissions = getPermissions(user, idList, Authorization.PERMISSION_NONE_START);
|
||||
|
||||
int[] re = new int[permissions.size()];
|
||||
|
||||
|
|
@ -229,7 +229,7 @@ public abstract class AbstractMybatisDataPermissionEntityService<ID, T extends E
|
|||
params.put(DATA_PERMISSION_PARAM_RESOURCE_TYPE, resourceType);
|
||||
params.put(DATA_PERMISSION_PARAM_RESOURCE_SUPPORT_PATTERN, resourceSupportPattern);
|
||||
params.put(DATA_PERMISSION_PARAM_RESOURCE_HAS_CREATOR, resourceHasCreator);
|
||||
params.put(DATA_PERMISSION_PARAM_MIN_READ_PERMISSION, Authorization.PERMISSION_READ);
|
||||
params.put(DATA_PERMISSION_PARAM_MAX_PERMISSION, Authorization.PERMISSION_DELETE);
|
||||
params.put(DATA_PERMISSION_PARAM_MIN_READ_PERMISSION, Authorization.PERMISSION_READ_START);
|
||||
params.put(DATA_PERMISSION_PARAM_MAX_PERMISSION, Authorization.PERMISSION_MAX);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -142,7 +142,8 @@
|
|||
) AS ${_iq_}resourceName${_iq_},
|
||||
(
|
||||
CASE A.AUTH_PRINCIPAL_TYPE
|
||||
WHEN 'ALL' THEN 'ALL'
|
||||
WHEN 'ALL' THEN 'all'
|
||||
WHEN 'ANONYMOUS' THEN 'anonymous'
|
||||
WHEN 'ROLE' THEN C.ROLE_NAME
|
||||
WHEN 'USER' THEN
|
||||
(
|
||||
|
|
|
|||
|
|
@ -7,12 +7,12 @@
|
|||
INSERT INTO DATAGEAR_SCHEMA
|
||||
(
|
||||
SCHEMA_ID, SCHEMA_TITLE, SCHEMA_URL, SCHEMA_USER, SCHEMA_PASSWORD,
|
||||
SCHEMA_CREATE_USER_ID, SCHEMA_CREATE_TIME, SCHEMA_SHARED, DRIVER_ENTITY_ID
|
||||
SCHEMA_CREATE_USER_ID, SCHEMA_CREATE_TIME, DRIVER_ENTITY_ID
|
||||
)
|
||||
VALUES
|
||||
(
|
||||
#{entity.id}, #{entity.title}, #{entity.url}, #{entity.user}, #{entity.password},
|
||||
#{entity.createUser.id}, #{entity.createTime}, #{entity.shared}, #{entity.driverEntity.id, jdbcType=VARCHAR}
|
||||
#{entity.createUser.id}, #{entity.createTime}, #{entity.driverEntity.id, jdbcType=VARCHAR}
|
||||
)
|
||||
</insert>
|
||||
|
||||
|
|
@ -22,7 +22,6 @@
|
|||
SCHEMA_URL = #{entity.url},
|
||||
SCHEMA_USER = #{entity.user},
|
||||
SCHEMA_PASSWORD = #{entity.password},
|
||||
SCHEMA_SHARED = #{entity.shared},
|
||||
DRIVER_ENTITY_ID = #{entity.driverEntity.id, jdbcType=VARCHAR}
|
||||
WHERE
|
||||
SCHEMA_ID = #{entity.id}
|
||||
|
|
@ -122,7 +121,6 @@
|
|||
A.SCHEMA_USER AS ${_iq_}user${_iq_},
|
||||
A.SCHEMA_PASSWORD AS ${_iq_}password${_iq_},
|
||||
A.SCHEMA_CREATE_TIME AS ${_iq_}createTime${_iq_},
|
||||
A.SCHEMA_SHARED AS ${_iq_}shared${_iq_},
|
||||
A.DRIVER_ENTITY_ID AS ${_iq_}driverEntity.id${_iq_},
|
||||
A.SCHEMA_CREATE_USER_ID AS ${_iq_}createUser.id${_iq_},
|
||||
B.USER_NAME AS ${_iq_}createUser.name${_iq_},
|
||||
|
|
|
|||
|
|
@ -60,9 +60,6 @@ public class AuthorizationController extends AbstractController
|
|||
@RequestMapping("/add")
|
||||
public String add(HttpServletRequest request, org.springframework.ui.Model model)
|
||||
{
|
||||
Authorization authorization = new Authorization();
|
||||
|
||||
model.addAttribute("authorization", authorization);
|
||||
model.addAttribute(KEY_TITLE_MESSAGE_KEY, "authorization.addAuthorization");
|
||||
model.addAttribute(KEY_FORM_ACTION, "saveAdd");
|
||||
|
||||
|
|
|
|||
|
|
@ -94,7 +94,6 @@ public class SchemaController extends AbstractSchemaModelConnController
|
|||
schema.setTitle(sourceSchema.getTitle());
|
||||
schema.setUrl(sourceSchema.getUrl());
|
||||
schema.setUser(sourceSchema.getUser());
|
||||
schema.setShared(sourceSchema.isShared());
|
||||
schema.setDriverEntity(sourceSchema.getDriverEntity());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,6 +11,10 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import org.datagear.web.util.WebUtils;
|
||||
import org.springframework.web.servlet.view.freemarker.FreeMarkerView;
|
||||
|
||||
import freemarker.ext.beans.BeansWrapper;
|
||||
import freemarker.ext.beans.BeansWrapperBuilder;
|
||||
import freemarker.template.Configuration;
|
||||
|
||||
/**
|
||||
* 自定义{@linkplain FreeMarkerView},实现一些本系统需要的特性。
|
||||
*
|
||||
|
|
@ -31,6 +35,12 @@ public class CustomFreeMarkerView extends FreeMarkerView
|
|||
/** 变量:父页面ID关键字 */
|
||||
public static final String VAR_PARENT_PAGE_ID = WebUtils.KEY_PARENT_PAGE_ID;
|
||||
|
||||
/** 变量:访问Java静态变量关键字 */
|
||||
public static final String VAR_STATICS = "statics";
|
||||
|
||||
private static final BeansWrapper BEANS_WRAPPER = new BeansWrapperBuilder(
|
||||
Configuration.DEFAULT_INCOMPATIBLE_IMPROVEMENTS).build();
|
||||
|
||||
public CustomFreeMarkerView()
|
||||
{
|
||||
super();
|
||||
|
|
@ -46,5 +56,6 @@ public class CustomFreeMarkerView extends FreeMarkerView
|
|||
|
||||
model.put(VAR_PAGE_ID, WebUtils.generatePageId());
|
||||
model.put(VAR_PARENT_PAGE_ID, WebUtils.getParentPageId(request));
|
||||
model.put(VAR_STATICS, BEANS_WRAPPER.getStaticModels());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -293,7 +293,6 @@ schema.url=\u6570\u636E\u5E93URL
|
|||
schema.user=\u6570\u636E\u5E93\u7528\u6237
|
||||
schema.password=\u6570\u636E\u5E93\u5BC6\u7801
|
||||
schema.driverEntity=\u6570\u636E\u5E93\u9A71\u52A8\u7A0B\u5E8F
|
||||
schema.shared=\u662F\u5426\u516C\u5F00
|
||||
schema.urlHelp=\u6570\u636E\u5E93\u7684JDBC\u8FDE\u63A5URL\uFF0C\u70B9\u51FB\u53EF\u6253\u5F00\u8BBE\u7F6E\u5E2E\u52A9\u9875\u9762
|
||||
schema.schemaBuildUrl=\u8BBE\u7F6E\u6570\u636E\u5E93URL
|
||||
schema.url.dbType=\u6570\u636E\u5E93\u7C7B\u578B
|
||||
|
|
@ -541,7 +540,14 @@ authorization.principalType=\u6388\u6743\u4E3B\u4F53\u7C7B\u578B
|
|||
authorization.permission=\u6743\u9650
|
||||
authorization.permission.NONE=\u65E0
|
||||
authorization.permission.READ=\u53EA\u8BFB
|
||||
authorization.permission.EDIT=\u53EF\u5199
|
||||
authorization.permission.DELETE=\u5220\u9664
|
||||
authorization.permission.EDIT=\u53EF\u7F16\u8F91
|
||||
authorization.permission.DELETE=\u53EF\u5220\u9664
|
||||
authorization.enabled=\u662F\u5426\u542F\u7528
|
||||
authorization.createUser=\u521B\u5EFA\u7528\u6237
|
||||
authorization.createUser=\u8BBE\u7F6E\u7528\u6237
|
||||
authorization.resourceType.DATA_SOURCE=\u6307\u5B9A\u6570\u636E\u6E90
|
||||
authorization.resourceType.DATA_SOURCE_PATTERN=\u6570\u636E\u6E90URL\u901A\u914D
|
||||
authorization.resourceType.DATA_SOURCE_PATTERN.desc=\u5728[\u6388\u6743\u8D44\u6E90]\u8F93\u5165\u6846\u4E2D\u586B\u5199\u6570\u636E\u6E90URL\u901A\u914D\u7B26\uFF0C\u9488\u5BF9\u6240\u6709\u5339\u914D\u7684\u6570\u636E\u6E90\u6388\u6743\uFF0C\u4F8B\u5982\uFF1A*192.168.1.1*
|
||||
authorization.principalType.ROLE=\u6307\u5B9A\u7528\u6237\u7EC4
|
||||
authorization.principalType.USER=\u6307\u5B9A\u7528\u6237
|
||||
authorization.principalType.ANONYMOUS=\u5168\u90E8\u533F\u540D\u7528\u6237
|
||||
authorization.principalType.ALL=\u5168\u90E8\u7528\u6237
|
||||
|
|
@ -8,6 +8,12 @@ readonly 是否只读操作,允许为null
|
|||
<#assign formAction=(formAction!'#')>
|
||||
<#assign readonly=(readonly!false)>
|
||||
<#assign isAdd=(formAction == 'saveAdd')>
|
||||
<#assign Authorization=statics['org.datagear.management.domain.Authorization']>
|
||||
<#assign Schema=statics['org.datagear.management.domain.Schema']>
|
||||
<#assign resourceType=((authorization.resourceType)!Authorization.RESOURCE_TYPE_DATA_SOURCE)>
|
||||
<#assign principalType=((authorization.principalType)!Authorization.PRINCIPAL_TYPE_ROLE)>
|
||||
<#assign permission=((authorization.permission)!Schema.PERMISSION_TABLE_DATA_READ)>
|
||||
<#assign enabled=(((authorization.enabled)!true)?string('true', 'false'))>
|
||||
<html>
|
||||
<head>
|
||||
<#include "../include/html_head.ftl">
|
||||
|
|
@ -19,6 +25,19 @@ readonly 是否只读操作,允许为null
|
|||
<div class="form-head"></div>
|
||||
<div class="form-content">
|
||||
<input type="hidden" name="id" value="${(authorization.id)!''?html}" />
|
||||
<div class="form-item">
|
||||
<div class="form-item-label">
|
||||
<label><@spring.message code='authorization.resourceType' /></label>
|
||||
</div>
|
||||
<div class="form-item-value">
|
||||
<div class="resourceType-radios">
|
||||
<label for="${pageId}-resourceType_0"><@spring.message code='authorization.resourceType.DATA_SOURCE' /></label>
|
||||
<input type="radio" id="${pageId}-resourceType_0" name="resourceType" value="${Authorization.RESOURCE_TYPE_DATA_SOURCE}" />
|
||||
<label for="${pageId}-resourceType_1" title="<@spring.message code='authorization.resourceType.DATA_SOURCE_PATTERN.desc' />"><@spring.message code='authorization.resourceType.DATA_SOURCE_PATTERN' /></label>
|
||||
<input type="radio" id="${pageId}-resourceType_1" name="resourceType" value="${Authorization.RESOURCE_TYPE_DATA_SOURCE + Authorization.PATTERN_RESOURCE_TYPE_SUFFIX}" />
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-item">
|
||||
<div class="form-item-label">
|
||||
<label><@spring.message code='authorization.resource' /></label>
|
||||
|
|
@ -29,10 +48,19 @@ readonly 是否只读操作,允许为null
|
|||
</div>
|
||||
<div class="form-item">
|
||||
<div class="form-item-label">
|
||||
<label><@spring.message code='authorization.resourceType' /></label>
|
||||
<label><@spring.message code='authorization.principalType' /></label>
|
||||
</div>
|
||||
<div class="form-item-value">
|
||||
<input type="text" name="resourceType" value="${(authorization.resourceType)!''?html}" class="ui-widget ui-widget-content" />
|
||||
<div class="principalType-radios">
|
||||
<label for="${pageId}-principalType_0"><@spring.message code='authorization.principalType.USER' /></label>
|
||||
<input type="radio" id="${pageId}-principalType_0" name="principalType" value="${Authorization.PRINCIPAL_TYPE_USER}" />
|
||||
<label for="${pageId}-principalType_1"><@spring.message code='authorization.principalType.ROLE' /></label>
|
||||
<input type="radio" id="${pageId}-principalType_1" name="principalType" value="${Authorization.PRINCIPAL_TYPE_ROLE}" />
|
||||
<label for="${pageId}-principalType_2"><@spring.message code='authorization.principalType.ANONYMOUS' /></label>
|
||||
<input type="radio" id="${pageId}-principalType_2" name="principalType" value="${Authorization.PRINCIPAL_TYPE_ANONYMOUS}" />
|
||||
<label for="${pageId}-principalType_3"><@spring.message code='authorization.principalType.ALL' /></label>
|
||||
<input type="radio" id="${pageId}-principalType_3" name="principalType" value="${Authorization.PRINCIPAL_TYPE_ALl}" />
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-item">
|
||||
|
|
@ -43,20 +71,21 @@ readonly 是否只读操作,允许为null
|
|||
<input type="text" name="principal" value="${(authorization.principal)!''?html}" class="ui-widget ui-widget-content" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-item">
|
||||
<div class="form-item-label">
|
||||
<label><@spring.message code='authorization.principalType' /></label>
|
||||
</div>
|
||||
<div class="form-item-value">
|
||||
<input type="text" name="principalType" value="${(authorization.principalType)!''?html}" class="ui-widget ui-widget-content" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-item">
|
||||
<div class="form-item-label">
|
||||
<label><@spring.message code='authorization.permission' /></label>
|
||||
</div>
|
||||
<div class="form-item-value">
|
||||
<input type="text" name="permission" value="${(authorization.permission)!''?html}" class="ui-widget ui-widget-content" />
|
||||
<div class="permission-radios">
|
||||
<label for="${pageId}-permission_0"><@spring.message code='authorization.permission.READ' /></label>
|
||||
<input type="radio" id="${pageId}-permission_0" name="permission" value="${Schema.PERMISSION_TABLE_DATA_READ}" />
|
||||
<label for="${pageId}-permission_1"><@spring.message code='authorization.permission.EDIT' /></label>
|
||||
<input type="radio" id="${pageId}-permission_1" name="permission" value="${Schema.PERMISSION_TABLE_DATA_EDIT}" />
|
||||
<label for="${pageId}-permission_2"><@spring.message code='authorization.permission.DELETE' /></label>
|
||||
<input type="radio" id="${pageId}-permission_2" name="permission" value="${Schema.PERMISSION_TABLE_DATA_DELETE}" />
|
||||
<label for="${pageId}-permission_3"><@spring.message code='authorization.permission.NONE' /></label>
|
||||
<input type="radio" id="${pageId}-permission_3" name="permission" value="${Authorization.PERMISSION_NONE_START}" />
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-item">
|
||||
|
|
@ -64,11 +93,11 @@ readonly 是否只读操作,允许为null
|
|||
<label><@spring.message code='authorization.enabled' /></label>
|
||||
</div>
|
||||
<div class="form-item-value">
|
||||
<div class="authorizationEnabled-radios">
|
||||
<label for="${pageId}-authorizationEnabledYes"><@spring.message code='yes' /></label>
|
||||
<input type="radio" id="${pageId}-authorizationEnabledYes" name="enabled" value="1" <#if (authorization.enabled)!false>checked="checked"</#if> />
|
||||
<label for="${pageId}-authorizationEnabledNo"><@spring.message code='no' /></label>
|
||||
<input type="radio" id="${pageId}-authorizationEnabledNo" name="enabled" value="0" <#if !((authorization.enabled)!false)>checked="checked"</#if> />
|
||||
<div class="enabled-radios">
|
||||
<label for="${pageId}-enabled_0"><@spring.message code='yes' /></label>
|
||||
<input type="radio" id="${pageId}-enabled_0" name="enabled" value="true" />
|
||||
<label for="${pageId}-enabled_1"><@spring.message code='no' /></label>
|
||||
<input type="radio" id="${pageId}-enabled_1" name="enabled" value="false" />
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -88,8 +117,22 @@ readonly 是否只读操作,允许为null
|
|||
(function(po)
|
||||
{
|
||||
$.initButtons(po.element());
|
||||
|
||||
po.element("input[name='resourceType'][value='${resourceType}']").attr("checked", "checked");
|
||||
po.element("input[name='resourceType']").checkboxradio({icon:false});
|
||||
po.element(".resourceType-radios").controlgroup();
|
||||
|
||||
po.element("input[name='principalType'][value='${principalType}']").attr("checked", "checked");
|
||||
po.element("input[name='principalType']").checkboxradio({icon:false});
|
||||
po.element(".principalType-radios").controlgroup();
|
||||
|
||||
po.element("input[name='permission'][value='${permission}']").attr("checked", "checked");
|
||||
po.element("input[name='permission']").checkboxradio({icon:false});
|
||||
po.element(".permission-radios").controlgroup();
|
||||
|
||||
po.element("input[name='enabled'][value='${enabled}']").attr("checked", "checked");
|
||||
po.element("input[name='enabled']").checkboxradio({icon:false});
|
||||
po.element(".authorizationEnabled-radios").controlgroup();
|
||||
po.element(".enabled-radios").controlgroup();
|
||||
|
||||
po.url = function(action)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -44,6 +44,8 @@ String authorizationSourceType 固定授权源类型,允许为null
|
|||
<#include "../include/page_js_obj.ftl">
|
||||
<#include "../include/page_obj_searchform_js.ftl">
|
||||
<#include "../include/page_obj_grid.ftl">
|
||||
<#include "../include/page_obj_data_permission.ftl">
|
||||
<#include "../include/page_obj_data_permission__ds_table.ftl">
|
||||
<script type="text/javascript">
|
||||
(function(po)
|
||||
{
|
||||
|
|
@ -135,7 +137,7 @@ String authorizationSourceType 固定授权源类型,允许为null
|
|||
var columnPermission = $.buildDataTablesColumnSimpleOption("<@spring.message code='authorization.permission' />", "permission");
|
||||
columnPermission.render = function(data, type, row, meta)
|
||||
{
|
||||
return data;
|
||||
return po.toTableDataPermissionLabel(data);
|
||||
};
|
||||
|
||||
var tableColumns = [
|
||||
|
|
|
|||
|
|
@ -0,0 +1,57 @@
|
|||
<#--
|
||||
数据权限JS片段。
|
||||
|
||||
依赖:
|
||||
page_js_obj.jsp
|
||||
-->
|
||||
<#assign __podpAuthorization=statics['org.datagear.management.domain.Authorization']>
|
||||
<script type="text/javascript">
|
||||
(function(po)
|
||||
{
|
||||
po.canRead = function(dataOrPermission)
|
||||
{
|
||||
if(dataOrPermission == null)
|
||||
return false;
|
||||
|
||||
if(dataOrPermission.dataPermission != undefined)
|
||||
dataOrPermission = dataOrPermission.dataPermission;
|
||||
|
||||
return ${__podpAuthorization.PERMISSION_READ_START} <= dataOrPermission;
|
||||
};
|
||||
|
||||
po.canEdit = function(dataOrPermission)
|
||||
{
|
||||
if(dataOrPermission == null)
|
||||
return false;
|
||||
|
||||
if(dataOrPermission.dataPermission != undefined)
|
||||
dataOrPermission = dataOrPermission.dataPermission;
|
||||
|
||||
return ${__podpAuthorization.PERMISSION_EDIT_START} <= dataOrPermission;
|
||||
};
|
||||
|
||||
po.canDelete = function(dataOrPermission)
|
||||
{
|
||||
if(dataOrPermission == null)
|
||||
return false;
|
||||
|
||||
if(dataOrPermission.dataPermission != undefined)
|
||||
dataOrPermission = dataOrPermission.dataPermission;
|
||||
|
||||
return ${__podpAuthorization.PERMISSION_DELETE_START} <= dataOrPermission;
|
||||
};
|
||||
|
||||
po.toPermissionLabel = function(dataOrPermission)
|
||||
{
|
||||
if(po.canDelete(dataOrPermission))
|
||||
return "<@spring.message code='authorization.permission.DELETE' />";
|
||||
else if(po.canEdit(dataOrPermission))
|
||||
return "<@spring.message code='authorization.permission.EDIT' />";
|
||||
else if(po.canRead(dataOrPermission))
|
||||
return "<@spring.message code='authorization.permission.READ' />";
|
||||
else
|
||||
return "<@spring.message code='authorization.permission.NONE' />";
|
||||
};
|
||||
})
|
||||
(${pageId});
|
||||
</script>
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
<#--
|
||||
数据源表权限JS片段。
|
||||
|
||||
依赖:
|
||||
page_js_obj.jsp
|
||||
-->
|
||||
<#assign __podpSchema=statics['org.datagear.management.domain.Schema']>
|
||||
<script type="text/javascript">
|
||||
(function(po)
|
||||
{
|
||||
po.canReadTableData = function(schemaOrPermission)
|
||||
{
|
||||
if(schemaOrPermission == null)
|
||||
return false;
|
||||
|
||||
if(schemaOrPermission.dataPermission != undefined)
|
||||
schemaOrPermission = schemaOrPermission.dataPermission;
|
||||
|
||||
return ${__podpSchema.PERMISSION_TABLE_DATA_READ} <= schemaOrPermission;
|
||||
};
|
||||
|
||||
po.canEditTableData = function(schemaOrPermission)
|
||||
{
|
||||
if(schemaOrPermission == null)
|
||||
return false;
|
||||
|
||||
if(schemaOrPermission.dataPermission != undefined)
|
||||
schemaOrPermission = schemaOrPermission.dataPermission;
|
||||
|
||||
return ${__podpSchema.PERMISSION_TABLE_DATA_EDIT} <= schemaOrPermission;
|
||||
};
|
||||
|
||||
po.canDeleteTableData = function(schemaOrPermission)
|
||||
{
|
||||
if(schemaOrPermission == null)
|
||||
return false;
|
||||
|
||||
if(schemaOrPermission.dataPermission != undefined)
|
||||
schemaOrPermission = schemaOrPermission.dataPermission;
|
||||
|
||||
return ${__podpSchema.PERMISSION_TABLE_DATA_DELETE} <= schemaOrPermission;
|
||||
};
|
||||
|
||||
po.toTableDataPermissionLabel = function(schemaOrPermission)
|
||||
{
|
||||
if(po.canDeleteTableData(schemaOrPermission))
|
||||
return "<@spring.message code='authorization.permission.DELETE' />";
|
||||
else if(po.canEditTableData(schemaOrPermission))
|
||||
return "<@spring.message code='authorization.permission.EDIT' />";
|
||||
else if(po.canReadTableData(schemaOrPermission))
|
||||
return "<@spring.message code='authorization.permission.READ' />";
|
||||
else
|
||||
return "<@spring.message code='authorization.permission.NONE' />";
|
||||
};
|
||||
})
|
||||
(${pageId});
|
||||
</script>
|
||||
|
|
@ -6,6 +6,7 @@
|
|||
<title><@spring.message code='app.name' /></title>
|
||||
<#include "include/page_js_obj.ftl" >
|
||||
<#include "include/page_obj_tabs.ftl" >
|
||||
<#include "include/page_obj_data_permission.ftl" >
|
||||
<script type="text/javascript">
|
||||
(function(po)
|
||||
{
|
||||
|
|
@ -491,30 +492,22 @@
|
|||
menuItemEnables["schema-operation-view"] = false;
|
||||
}
|
||||
|
||||
var diableEditAndDelete = false;
|
||||
|
||||
//管理员、创建用户才能编辑和删除数据库
|
||||
for(var i=0; i<selNodes.length; i++)
|
||||
{
|
||||
if(!po.isSchemaNode(selNodes[i]))
|
||||
{
|
||||
diableEditAndDelete = true;
|
||||
menuItemEnables["schema-operation-edit"] = false;
|
||||
menuItemEnables["schema-operation-delete"] = false;
|
||||
break;
|
||||
}
|
||||
|
||||
var schema = selNodes[i].original;
|
||||
|
||||
if(!po.isAdmin && schema.createUser != undefined && schema.createUser.id != po.userId)
|
||||
{
|
||||
diableEditAndDelete = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if(diableEditAndDelete)
|
||||
{
|
||||
menuItemEnables["schema-operation-edit"] = false;
|
||||
menuItemEnables["schema-operation-delete"] = false;
|
||||
if(!po.canEdit(schema))
|
||||
menuItemEnables["schema-operation-edit"] = false;
|
||||
|
||||
if(!po.canDelete(schema))
|
||||
menuItemEnables["schema-operation-delete"] = false;
|
||||
}
|
||||
|
||||
//如果有选中,且全都是数据库或者全都是表,则启用刷新按钮
|
||||
|
|
|
|||
|
|
@ -55,19 +55,6 @@ readonly 是否只读操作,允许为null
|
|||
</div>
|
||||
</div>
|
||||
</#if>
|
||||
<div class="form-item">
|
||||
<div class="form-item-label">
|
||||
<label><@spring.message code='schema.shared' /></label>
|
||||
</div>
|
||||
<div class="form-item-value">
|
||||
<div class="schema-shared-radios">
|
||||
<label for="${pageId}-schemaSharedYes"><@spring.message code='yes' /></label>
|
||||
<input type="radio" id="${pageId}-schemaSharedYes" name="shared" value="1" <#if (schema.shared)!false>checked="checked"</#if> />
|
||||
<label for="${pageId}-schemaSharedNo"><@spring.message code='no' /></label>
|
||||
<input type="radio" id="${pageId}-schemaSharedNo" name="shared" value="0" <#if !((schema.shared)!false)>checked="checked"</#if> />
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<#if !readonly>
|
||||
<div class="form-item">
|
||||
<div class="form-item-label">
|
||||
|
|
@ -202,9 +189,6 @@ readonly 是否只读操作,允许为null
|
|||
});
|
||||
</#if>
|
||||
|
||||
po.element("input[name='shared']").checkboxradio({icon:false});
|
||||
po.element(".schema-shared-radios").controlgroup();
|
||||
|
||||
$.initButtons(po.element());
|
||||
|
||||
if(po.isDriverEntityEmpty)
|
||||
|
|
|
|||
Loading…
Reference in New Issue