コード例 #1
0
 /** 只有管理员 或 创建者本人,才能执行删除、停用、修改等操作 */
 private void checkPermission(Long paramId) {
   Param param = getParam(paramId);
   Long currentUser = Environment.getUserId();
   if (currentUser == null) {
     currentUser = AnonymousOperator.anonymous.getId();
   }
   if (!currentUser.equals(param.getCreatorId()) && !currentUser.equals(-1L)) {
     throw new BusinessException("您不能执行当前操作,请联系系统管理员!");
   }
 }
コード例 #2
0
  /**
   * 获取当前用户对点击资源节点(以及父节点)的操作权限
   *
   * @param resourceId
   * @param permissionTable
   * @param resourceClass
   * @return
   */
  @SuppressWarnings("unchecked")
  public List<String> getOperationsByResource(
      Long resourceId, String permissionTable, Class<?> resourceClass) {

    List<String> operations = new ArrayList<String>();

    String hql =
        "select distinct p.id.operationId from "
            + permissionTable
            + " p, RoleUserMapping ru "
            + " where p.id.resourceId = ? and p.id.roleId = ru.id.roleId and ru.id.userId = ? ";
    List<String> operationsOnResource =
        (List<String>) getEntities(hql, resourceId, Environment.getUserId());
    operations.addAll(operationsOnResource); // 用户对指定节点的操作权限

    ILevelTreeNode resource = (ILevelTreeNode) getEntity(resourceClass, resourceId);
    List<?> parentOperations = getEntities(hql, resource.getParentId(), Environment.getUserId());
    for (Object oprationId : parentOperations) {
      operations.add("p_" + oprationId); // 指定节点的父节点的操作权限,加"p_"
    }

    return operations;
  }
コード例 #3
0
 public List<Long> getResourceIdsByOperation(
     String appId, String resourceTypeId, String operationId) {
   return getResourceIdsByOperation(appId, resourceTypeId, operationId, Environment.getUserId());
 }
コード例 #4
0
 public List<Long> getResourceIdsByOperation(String permissionTable, String operationId) {
   return getResourceIdsByOperation(permissionTable, operationId, Environment.getUserId());
 }