@RequestMapping("/operations/{resourceId}")
public void getOperations(
HttpServletResponse response, @PathVariable("resourceId") Long resourceId) {
List<String> list =
PermissionHelper.getInstance()
.getOperationsByResource(
resourceId, RecordPermission.class.getName(), RecordResource.class);
print("Operation", EasyUtils.list2Str(list));
}
public Object invoke(MethodInvocation invocation) throws Throwable {
Method targetMethod = invocation.getMethod(); /* 获取目标方法 */
Object[] args = invocation.getArguments(); /* 获取目标方法的参数 */
Object returnVal = invocation.proceed(); /* 调用目标方法的返回值 */
PermissionTag tag = targetMethod.getAnnotation(PermissionTag.class); // 取得注释对象
if (tag != null) {
IPermissionFilter filter = (IPermissionFilter) BeanUtil.newInstance(tag.filter());
log.debug("对方法:" + targetMethod + " 进行权限检查(或过滤)开始。");
filter.doFilter(args, returnVal, tag, PermissionHelper.getInstance());
log.debug("对方法:" + targetMethod + " 权限检查(或过滤)结束。");
}
return returnVal;
}
public void applicationRegisterByXML(Document doc, String applicationType) {
List<ResourceType> resourceTypeList = new ArrayList<ResourceType>();
List<ResourceTypeRoot> resourceTypeRootList = new ArrayList<ResourceTypeRoot>();
List<Operation> operationList = new ArrayList<Operation>();
// 解析应用
Application application = new Application();
Element appNode = (Element) doc.selectSingleNode("/application");
BeanUtil.setDataToBean(application, XMLDocUtil.dataNode2Map(appNode));
String applicationId = application.getApplicationId();
// 解析资源类型
List<Element> nodeList = XMLDocUtil.selectNodes(appNode, "resourceType");
for (Element resourceTypeNode : nodeList) {
ResourceType resourceType = new ResourceType();
BeanUtil.setDataToBean(resourceType, XMLDocUtil.dataNode2Map(resourceTypeNode));
resourceType.setApplicationId(applicationId);
resourceTypeList.add(resourceType);
// 解析资源操作选项
List<Element> operationNodeList = XMLDocUtil.selectNodes(resourceTypeNode, "operation");
for (Element operationNode : operationNodeList) {
Operation operation = new Operation();
BeanUtil.setDataToBean(operation, XMLDocUtil.dataNode2Map(operationNode));
operation.setApplicationId(applicationId);
operation.setResourceTypeId(resourceType.getResourceTypeId());
operationList.add(operation);
}
}
// 解析资源类型根节点
nodeList = XMLDocUtil.selectNodes(appNode, "resourceTypeRoot");
for (Element resourceTypeRootNode : nodeList) {
ResourceTypeRoot resourceTypeRootId = new ResourceTypeRoot();
BeanUtil.setDataToBean(resourceTypeRootId, XMLDocUtil.dataNode2Map(resourceTypeRootNode));
resourceTypeRootList.add(resourceTypeRootId);
}
if (!EasyUtils.isNullOrEmpty(applicationType)) {
application.setApplicationType(applicationType);
}
/** *************************** 仅仅把外部资源注册进来,不进行补全操作 ****************************** */
// 根据应用删除上次因导入失败产生的脏数据
applicationDao.clearDirtyData(applicationId);
for (IEntity resourceTypeRoot : resourceTypeRootList) {
resourceTypeDao.createObject(resourceTypeRoot); // 初始化资源类型根节点
}
for (ResourceType resourceType : resourceTypeList) {
String resourceTypeId = resourceType.getResourceTypeId();
ResourceTypeRoot resourceTypeRoot =
resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId);
if (resourceTypeRoot != null) {
resourceType.setRootId(resourceTypeRoot.getRootId());
}
resourceTypeDao.create(resourceType); // 初始化资源类型
}
for (Operation operation : operationList) {
resourceTypeDao.createObject(operation); // 初始化权限选项
}
/** *************************** 对外部已经注册的资源进行补全操作 *********************************** */
if (!initial) {
permissionService = PermissionHelper.getPermissionService(applicationId, permissionService);
}
// 初始化资源类型
for (ResourceType resourceType : resourceTypeList) {
/* 保存资源类型,同时还要为该类型资源建立一个根节点,以资源类型名字作为根节点名字 */
String resourceTypeId = resourceType.getResourceTypeId();
String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId);
String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId);
String initPermission = Config.getAttribute("initPermission");
if (Config.TRUE.equalsIgnoreCase(initPermission)) {
permissionService.clearPermissionData(unSuppliedTable);
permissionService.clearPermissionData(suppliedTable);
}
}
// 初始化权限选项
for (Operation operation : operationList) {
/* 让管理员角色拥有新添加的权限选项,即:让管理员拥有对资源 根节点 有permissionState=2的权限 */
String resourceTypeId = operation.getResourceTypeId();
ResourceTypeRoot resourceTypeRoot =
resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId);
if (resourceTypeRoot != null) {
String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId);
String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId);
String resourceTable = resourceTypeDao.getResourceTable(applicationId, resourceTypeId);
permissionService.saveRoleResourceOperation(
UMConstants.ADMIN_ROLE_ID,
resourceTypeRoot.getRootId(),
operation.getOperationId(),
UMConstants.PERMIT_SUB_TREE,
unSuppliedTable,
suppliedTable,
resourceTable);
}
}
// 初始化平台应用系统,应用系统作为一类资源,需要做补全操作的,所以最后保存
application.setSeqNo(applicationDao.getNextSeqNo(new Long(UMConstants.PLATFORM_SYSTEM_APP)));
applicationDao.create(application);
}
