コード例 #1
0
  public void testRoleModule() {
    // 新建一个用户组
    Group mainGroup = new Group();
    mainGroup.setParentId(UMConstants.MAIN_GROUP_ID);
    mainGroup.setName("财务部");
    mainGroup.setGroupType(Group.MAIN_GROUP_TYPE);
    mainGroup.setApplicationId(Config.getAttribute(Config.APPLICATION_CODE));
    groupService.createNewGroup(mainGroup, "", "");
    log.debug(mainGroup);

    // 新建一个用户组子组
    Group childGroup = new Group();
    childGroup.setParentId(mainGroup.getId());
    childGroup.setName("财务一部");
    childGroup.setGroupType(mainGroup.getGroupType());
    childGroup.setApplicationId(mainGroup.getApplicationId());
    groupService.createNewGroup(childGroup, "", "");
    log.debug(childGroup);

    // 管理员直接在主组下新增用户
    User mainUser = new User();
    mainUser.setApplicationId(mainGroup.getApplicationId());
    mainUser.setLoginName("JonKing");
    mainUser.setUserName("JK");
    mainUser.setPassword("123456");
    mainUser.setGroupId(mainGroup.getId());
    userService.createOrUpdateUserInfo(mainGroup.getId(), mainUser, "" + mainGroup.getId(), "");
    log.debug(mainUser);

    // 新建角色组
    action.getRole().setIsGroup(1);
    action.getRole().setName("角色组一");
    action.getRole().setParentId(UMConstants.ROLE_ROOT_ID);
    action.saveRoleGroupInfo();
    Long roleGroupId = action.getRole().getId();

    // 新建角色
    resetAction();
    action.getRole().setIsGroup(0);
    action.getRole().setName("办公室助理");
    action.getRole().setParentId(roleGroupId);
    action.getRole().setStartDate(new Date());
    Calendar calendar = new GregorianCalendar();
    calendar.add(UMConstants.ROLE_LIFE_TYPE, UMConstants.ROLE_LIFE_TIME);
    action.getRole().setEndDate(calendar.getTime());
    action.setRole2UserIds(UMConstants.ADMIN_USER_ID + "," + mainUser.getId());
    action.setRole2GroupIds("" + mainGroup.getId());
    action.saveRole();
    Long roleId = action.getRole().getId();

    // 读取修改角色组的模板
    action.setRoleId(roleGroupId);
    action.getRoleGroupInfo();

    // 读取新增或修改角色的模板
    action.setIsNew(1);
    action.setParentRoleId(UMConstants.ROLE_ROOT_ID);
    action.getRoleInfoAndRelation();

    action.setIsNew(null);
    action.setRoleId(roleId);
    action.getRoleInfoAndRelation();

    // 读取角色树形结构
    action.getAllRole2Tree();
    action.getCanAddedGroup2Tree();

    // 停用角色组
    action.setRoleId(roleGroupId);
    action.setRoleState(UMConstants.TRUE);
    action.disable();

    // 启用角色
    action.setRoleId(roleId);
    action.setRoleState(UMConstants.FALSE);
    action.disable();

    // 再新建一个角色
    resetAction();
    action.getRole().setIsGroup(0);
    action.getRole().setName("部门经理");
    action.getRole().setParentId(roleGroupId);
    action.getRole().setStartDate(new Date());
    action.getRole().setEndDate(calendar.getTime());
    action.setRole2UserIds(UMConstants.ADMIN_USER_ID + "," + mainUser.getId());
    action.setRole2GroupIds("" + mainGroup.getId());
    action.saveRole();
    Long secondRoleId = action.getRole().getId();
    action.getAllRole2Tree();

    // 对组进行排序
    action.setRoleId(roleId);
    action.setTargetId(secondRoleId);
    action.setDirection(1);
    action.sort();
    action.getAllRole2Tree();

    // 对角色进行移动
    action.setTargetId(UMConstants.ROLE_ROOT_ID);
    action.move();

    action.getOperation();

    action.setGroupId(mainGroup.getId());
    action.getUserByGroupId();

    action.initSetPermission();
    action.setIsRole2Resource("1");
    action.getApplications();
    action.setIsRole2Resource("0");
    action.getApplications();
    action.setApplicationId("tss");
    action.getResourceTypes();

    // 授权测试 PermissionRank
    //      LOWER_PERMISSION            = "1";  普通授权
    //      AUTHORISE_PERMISSION        = "2";  可授权授权
    //      PASSON_AUTHORISE_PERMISSION = "3";  可传递授权
    //      SUB_AUTHORISE_PERMISSION    = "4";  权限转授
    log.debug("====================== 开始测试授权 ============================");

    // 一、 多个资源授权给单个角色
    action.setIsRole2Resource("1");
    action.setResourceType(UMConstants.MAINGROUP_RESOURCE_TYPE_ID);
    action.setRoleId(roleId);
    action.setPermissionRank("2");
    action.getPermissionMatrix();

    // 授权内容, 当多个资源对一个角色授权时:  resource1|2224, resource2|4022
    // 竖线后面为各个权限选项的打勾情况【0: 没打勾, 1: 仅此节点,虚勾 2: 此节点及所有子节点,实勾 3:禁用未选中 4:禁用已选中】
    action.setSetPermission(mainGroup.getId() + "|222222222222");
    action.savePermission();
    action.getPermissionMatrix();

    TestUtil.printEntity(super.permissionHelper, "MainGroupPermissions");
    TestUtil.printEntity(super.permissionHelper, "MainGroupPermissionsFull");

    // 二、单个资源授权给多个角色
    action.setIsRole2Resource(null);
    action.setRoleId(mainGroup.getId()); // 当资源对角色进行授权时, 表示resourceId
    action.setPermissionRank("2");
    action.getPermissionMatrix();

    // 授权内容, 当单个资源对多个角色授权时:  roleId1|2224, roleId2|4022
    // 竖线后面为各个权限选项的打勾情况【0: 没打勾, 1: 仅此节点,虚勾 2: 此节点及所有子节点,实勾 3:禁用未选中 4:禁用已选中】
    action.setSetPermission(secondRoleId + "|222222222222");
    action.savePermission();
    action.getPermissionMatrix();

    TestUtil.printEntity(super.permissionHelper, "MainGroupPermissions");
    TestUtil.printEntity(super.permissionHelper, "MainGroupPermissionsFull");

    login(mainUser.getId(), mainUser.getLoginName()); // 更好登录用户,看其权限
    action.getPermissionMatrix();
    TestUtil.printEntity(super.permissionHelper, "RoleUserMapping");
    printVisibleMainGroups();

    login(UMConstants.ADMIN_USER_ID, UMConstants.ADMIN_USER_NAME); // 换回Admin登录

    // 删除角色组
    action.setRoleId(roleGroupId);
    action.delete();
    action.getAllRole2Tree();
  }
コード例 #2
0
  public void applicationRegisterByXML(Document doc, String applicationType) {

    List<ResourceType> resourceTypeList = new ArrayList<ResourceType>();
    List<ResourceTypeRoot> resourceTypeRootList = new ArrayList<ResourceTypeRoot>();
    List<Operation> operationList = new ArrayList<Operation>();

    // 解析应用
    Application application = new Application();
    Element appNode = (Element) doc.selectSingleNode("/application");
    BeanUtil.setDataToBean(application, XMLDocUtil.dataNode2Map(appNode));

    String applicationId = application.getApplicationId();

    // 解析资源类型
    List<Element> nodeList = XMLDocUtil.selectNodes(appNode, "resourceType");
    for (Element resourceTypeNode : nodeList) {
      ResourceType resourceType = new ResourceType();
      BeanUtil.setDataToBean(resourceType, XMLDocUtil.dataNode2Map(resourceTypeNode));
      resourceType.setApplicationId(applicationId);
      resourceTypeList.add(resourceType);

      // 解析资源操作选项
      List<Element> operationNodeList = XMLDocUtil.selectNodes(resourceTypeNode, "operation");
      for (Element operationNode : operationNodeList) {
        Operation operation = new Operation();
        BeanUtil.setDataToBean(operation, XMLDocUtil.dataNode2Map(operationNode));
        operation.setApplicationId(applicationId);
        operation.setResourceTypeId(resourceType.getResourceTypeId());
        operationList.add(operation);
      }
    }

    // 解析资源类型根节点
    nodeList = XMLDocUtil.selectNodes(appNode, "resourceTypeRoot");
    for (Element resourceTypeRootNode : nodeList) {
      ResourceTypeRoot resourceTypeRootId = new ResourceTypeRoot();
      BeanUtil.setDataToBean(resourceTypeRootId, XMLDocUtil.dataNode2Map(resourceTypeRootNode));
      resourceTypeRootList.add(resourceTypeRootId);
    }

    if (!EasyUtils.isNullOrEmpty(applicationType)) {
      application.setApplicationType(applicationType);
    }

    /** *************************** 仅仅把外部资源注册进来,不进行补全操作 ****************************** */

    // 根据应用删除上次因导入失败产生的脏数据
    applicationDao.clearDirtyData(applicationId);

    for (IEntity resourceTypeRoot : resourceTypeRootList) {
      resourceTypeDao.createObject(resourceTypeRoot); // 初始化资源类型根节点
    }

    for (ResourceType resourceType : resourceTypeList) {
      String resourceTypeId = resourceType.getResourceTypeId();
      ResourceTypeRoot resourceTypeRoot =
          resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId);
      if (resourceTypeRoot != null) {
        resourceType.setRootId(resourceTypeRoot.getRootId());
      }
      resourceTypeDao.create(resourceType); // 初始化资源类型
    }

    for (Operation operation : operationList) {
      resourceTypeDao.createObject(operation); // 初始化权限选项
    }

    /** *************************** 对外部已经注册的资源进行补全操作 *********************************** */
    if (!initial) {
      permissionService = PermissionHelper.getPermissionService(applicationId, permissionService);
    }

    // 初始化资源类型
    for (ResourceType resourceType : resourceTypeList) {
      /* 保存资源类型,同时还要为该类型资源建立一个根节点,以资源类型名字作为根节点名字 */
      String resourceTypeId = resourceType.getResourceTypeId();

      String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId);
      String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId);

      String initPermission = Config.getAttribute("initPermission");
      if (Config.TRUE.equalsIgnoreCase(initPermission)) {
        permissionService.clearPermissionData(unSuppliedTable);
        permissionService.clearPermissionData(suppliedTable);
      }
    }

    // 初始化权限选项
    for (Operation operation : operationList) {
      /* 让管理员角色拥有新添加的权限选项,即:让管理员拥有对资源 根节点 有permissionState=2的权限 */
      String resourceTypeId = operation.getResourceTypeId();
      ResourceTypeRoot resourceTypeRoot =
          resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId);
      if (resourceTypeRoot != null) {
        String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId);
        String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId);
        String resourceTable = resourceTypeDao.getResourceTable(applicationId, resourceTypeId);
        permissionService.saveRoleResourceOperation(
            UMConstants.ADMIN_ROLE_ID,
            resourceTypeRoot.getRootId(),
            operation.getOperationId(),
            UMConstants.PERMIT_SUB_TREE,
            unSuppliedTable,
            suppliedTable,
            resourceTable);
      }
    }

    // 初始化平台应用系统,应用系统作为一类资源,需要做补全操作的,所以最后保存
    application.setSeqNo(applicationDao.getNextSeqNo(new Long(UMConstants.PLATFORM_SYSTEM_APP)));
    applicationDao.create(application);
  }