public void testRoleModule() {
// 新建一个用户组
Group mainGroup = new Group();
mainGroup.setParentId(UMConstants.MAIN_GROUP_ID);
mainGroup.setName("财务部");
mainGroup.setGroupType(Group.MAIN_GROUP_TYPE);
mainGroup.setApplicationId(Config.getAttribute(Config.APPLICATION_CODE));
groupService.createNewGroup(mainGroup, "", "");
log.debug(mainGroup);
// 新建一个用户组子组
Group childGroup = new Group();
childGroup.setParentId(mainGroup.getId());
childGroup.setName("财务一部");
childGroup.setGroupType(mainGroup.getGroupType());
childGroup.setApplicationId(mainGroup.getApplicationId());
groupService.createNewGroup(childGroup, "", "");
log.debug(childGroup);
// 管理员直接在主组下新增用户
User mainUser = new User();
mainUser.setApplicationId(mainGroup.getApplicationId());
mainUser.setLoginName("JonKing");
mainUser.setUserName("JK");
mainUser.setPassword("123456");
mainUser.setGroupId(mainGroup.getId());
userService.createOrUpdateUserInfo(mainGroup.getId(), mainUser, "" + mainGroup.getId(), "");
log.debug(mainUser);
// 新建角色组
action.getRole().setIsGroup(1);
action.getRole().setName("角色组一");
action.getRole().setParentId(UMConstants.ROLE_ROOT_ID);
action.saveRoleGroupInfo();
Long roleGroupId = action.getRole().getId();
// 新建角色
resetAction();
action.getRole().setIsGroup(0);
action.getRole().setName("办公室助理");
action.getRole().setParentId(roleGroupId);
action.getRole().setStartDate(new Date());
Calendar calendar = new GregorianCalendar();
calendar.add(UMConstants.ROLE_LIFE_TYPE, UMConstants.ROLE_LIFE_TIME);
action.getRole().setEndDate(calendar.getTime());
action.setRole2UserIds(UMConstants.ADMIN_USER_ID + "," + mainUser.getId());
action.setRole2GroupIds("" + mainGroup.getId());
action.saveRole();
Long roleId = action.getRole().getId();
// 读取修改角色组的模板
action.setRoleId(roleGroupId);
action.getRoleGroupInfo();
// 读取新增或修改角色的模板
action.setIsNew(1);
action.setParentRoleId(UMConstants.ROLE_ROOT_ID);
action.getRoleInfoAndRelation();
action.setIsNew(null);
action.setRoleId(roleId);
action.getRoleInfoAndRelation();
// 读取角色树形结构
action.getAllRole2Tree();
action.getCanAddedGroup2Tree();
// 停用角色组
action.setRoleId(roleGroupId);
action.setRoleState(UMConstants.TRUE);
action.disable();
// 启用角色
action.setRoleId(roleId);
action.setRoleState(UMConstants.FALSE);
action.disable();
// 再新建一个角色
resetAction();
action.getRole().setIsGroup(0);
action.getRole().setName("部门经理");
action.getRole().setParentId(roleGroupId);
action.getRole().setStartDate(new Date());
action.getRole().setEndDate(calendar.getTime());
action.setRole2UserIds(UMConstants.ADMIN_USER_ID + "," + mainUser.getId());
action.setRole2GroupIds("" + mainGroup.getId());
action.saveRole();
Long secondRoleId = action.getRole().getId();
action.getAllRole2Tree();
// 对组进行排序
action.setRoleId(roleId);
action.setTargetId(secondRoleId);
action.setDirection(1);
action.sort();
action.getAllRole2Tree();
// 对角色进行移动
action.setTargetId(UMConstants.ROLE_ROOT_ID);
action.move();
action.getOperation();
action.setGroupId(mainGroup.getId());
action.getUserByGroupId();
action.initSetPermission();
action.setIsRole2Resource("1");
action.getApplications();
action.setIsRole2Resource("0");
action.getApplications();
action.setApplicationId("tss");
action.getResourceTypes();
// 授权测试 PermissionRank
// LOWER_PERMISSION = "1"; 普通授权
// AUTHORISE_PERMISSION = "2"; 可授权授权
// PASSON_AUTHORISE_PERMISSION = "3"; 可传递授权
// SUB_AUTHORISE_PERMISSION = "4"; 权限转授
log.debug("====================== 开始测试授权 ============================");
// 一、 多个资源授权给单个角色
action.setIsRole2Resource("1");
action.setResourceType(UMConstants.MAINGROUP_RESOURCE_TYPE_ID);
action.setRoleId(roleId);
action.setPermissionRank("2");
action.getPermissionMatrix();
// 授权内容, 当多个资源对一个角色授权时: resource1|2224, resource2|4022
// 竖线后面为各个权限选项的打勾情况【0: 没打勾, 1: 仅此节点,虚勾 2: 此节点及所有子节点,实勾 3:禁用未选中 4:禁用已选中】
action.setSetPermission(mainGroup.getId() + "|222222222222");
action.savePermission();
action.getPermissionMatrix();
TestUtil.printEntity(super.permissionHelper, "MainGroupPermissions");
TestUtil.printEntity(super.permissionHelper, "MainGroupPermissionsFull");
// 二、单个资源授权给多个角色
action.setIsRole2Resource(null);
action.setRoleId(mainGroup.getId()); // 当资源对角色进行授权时, 表示resourceId
action.setPermissionRank("2");
action.getPermissionMatrix();
// 授权内容, 当单个资源对多个角色授权时: roleId1|2224, roleId2|4022
// 竖线后面为各个权限选项的打勾情况【0: 没打勾, 1: 仅此节点,虚勾 2: 此节点及所有子节点,实勾 3:禁用未选中 4:禁用已选中】
action.setSetPermission(secondRoleId + "|222222222222");
action.savePermission();
action.getPermissionMatrix();
TestUtil.printEntity(super.permissionHelper, "MainGroupPermissions");
TestUtil.printEntity(super.permissionHelper, "MainGroupPermissionsFull");
login(mainUser.getId(), mainUser.getLoginName()); // 更好登录用户,看其权限
action.getPermissionMatrix();
TestUtil.printEntity(super.permissionHelper, "RoleUserMapping");
printVisibleMainGroups();
login(UMConstants.ADMIN_USER_ID, UMConstants.ADMIN_USER_NAME); // 换回Admin登录
// 删除角色组
action.setRoleId(roleGroupId);
action.delete();
action.getAllRole2Tree();
}
public void applicationRegisterByXML(Document doc, String applicationType) {
List<ResourceType> resourceTypeList = new ArrayList<ResourceType>();
List<ResourceTypeRoot> resourceTypeRootList = new ArrayList<ResourceTypeRoot>();
List<Operation> operationList = new ArrayList<Operation>();
// 解析应用
Application application = new Application();
Element appNode = (Element) doc.selectSingleNode("/application");
BeanUtil.setDataToBean(application, XMLDocUtil.dataNode2Map(appNode));
String applicationId = application.getApplicationId();
// 解析资源类型
List<Element> nodeList = XMLDocUtil.selectNodes(appNode, "resourceType");
for (Element resourceTypeNode : nodeList) {
ResourceType resourceType = new ResourceType();
BeanUtil.setDataToBean(resourceType, XMLDocUtil.dataNode2Map(resourceTypeNode));
resourceType.setApplicationId(applicationId);
resourceTypeList.add(resourceType);
// 解析资源操作选项
List<Element> operationNodeList = XMLDocUtil.selectNodes(resourceTypeNode, "operation");
for (Element operationNode : operationNodeList) {
Operation operation = new Operation();
BeanUtil.setDataToBean(operation, XMLDocUtil.dataNode2Map(operationNode));
operation.setApplicationId(applicationId);
operation.setResourceTypeId(resourceType.getResourceTypeId());
operationList.add(operation);
}
}
// 解析资源类型根节点
nodeList = XMLDocUtil.selectNodes(appNode, "resourceTypeRoot");
for (Element resourceTypeRootNode : nodeList) {
ResourceTypeRoot resourceTypeRootId = new ResourceTypeRoot();
BeanUtil.setDataToBean(resourceTypeRootId, XMLDocUtil.dataNode2Map(resourceTypeRootNode));
resourceTypeRootList.add(resourceTypeRootId);
}
if (!EasyUtils.isNullOrEmpty(applicationType)) {
application.setApplicationType(applicationType);
}
/** *************************** 仅仅把外部资源注册进来,不进行补全操作 ****************************** */
// 根据应用删除上次因导入失败产生的脏数据
applicationDao.clearDirtyData(applicationId);
for (IEntity resourceTypeRoot : resourceTypeRootList) {
resourceTypeDao.createObject(resourceTypeRoot); // 初始化资源类型根节点
}
for (ResourceType resourceType : resourceTypeList) {
String resourceTypeId = resourceType.getResourceTypeId();
ResourceTypeRoot resourceTypeRoot =
resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId);
if (resourceTypeRoot != null) {
resourceType.setRootId(resourceTypeRoot.getRootId());
}
resourceTypeDao.create(resourceType); // 初始化资源类型
}
for (Operation operation : operationList) {
resourceTypeDao.createObject(operation); // 初始化权限选项
}
/** *************************** 对外部已经注册的资源进行补全操作 *********************************** */
if (!initial) {
permissionService = PermissionHelper.getPermissionService(applicationId, permissionService);
}
// 初始化资源类型
for (ResourceType resourceType : resourceTypeList) {
/* 保存资源类型,同时还要为该类型资源建立一个根节点,以资源类型名字作为根节点名字 */
String resourceTypeId = resourceType.getResourceTypeId();
String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId);
String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId);
String initPermission = Config.getAttribute("initPermission");
if (Config.TRUE.equalsIgnoreCase(initPermission)) {
permissionService.clearPermissionData(unSuppliedTable);
permissionService.clearPermissionData(suppliedTable);
}
}
// 初始化权限选项
for (Operation operation : operationList) {
/* 让管理员角色拥有新添加的权限选项,即:让管理员拥有对资源 根节点 有permissionState=2的权限 */
String resourceTypeId = operation.getResourceTypeId();
ResourceTypeRoot resourceTypeRoot =
resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId);
if (resourceTypeRoot != null) {
String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId);
String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId);
String resourceTable = resourceTypeDao.getResourceTable(applicationId, resourceTypeId);
permissionService.saveRoleResourceOperation(
UMConstants.ADMIN_ROLE_ID,
resourceTypeRoot.getRootId(),
operation.getOperationId(),
UMConstants.PERMIT_SUB_TREE,
unSuppliedTable,
suppliedTable,
resourceTable);
}
}
// 初始化平台应用系统,应用系统作为一类资源,需要做补全操作的,所以最后保存
application.setSeqNo(applicationDao.getNextSeqNo(new Long(UMConstants.PLATFORM_SYSTEM_APP)));
applicationDao.create(application);
}
