public void testRoleModule() { // 新建一个用户组 Group mainGroup = new Group(); mainGroup.setParentId(UMConstants.MAIN_GROUP_ID); mainGroup.setName("财务部"); mainGroup.setGroupType(Group.MAIN_GROUP_TYPE); mainGroup.setApplicationId(Config.getAttribute(Config.APPLICATION_CODE)); groupService.createNewGroup(mainGroup, "", ""); log.debug(mainGroup); // 新建一个用户组子组 Group childGroup = new Group(); childGroup.setParentId(mainGroup.getId()); childGroup.setName("财务一部"); childGroup.setGroupType(mainGroup.getGroupType()); childGroup.setApplicationId(mainGroup.getApplicationId()); groupService.createNewGroup(childGroup, "", ""); log.debug(childGroup); // 管理员直接在主组下新增用户 User mainUser = new User(); mainUser.setApplicationId(mainGroup.getApplicationId()); mainUser.setLoginName("JonKing"); mainUser.setUserName("JK"); mainUser.setPassword("123456"); mainUser.setGroupId(mainGroup.getId()); userService.createOrUpdateUserInfo(mainGroup.getId(), mainUser, "" + mainGroup.getId(), ""); log.debug(mainUser); // 新建角色组 action.getRole().setIsGroup(1); action.getRole().setName("角色组一"); action.getRole().setParentId(UMConstants.ROLE_ROOT_ID); action.saveRoleGroupInfo(); Long roleGroupId = action.getRole().getId(); // 新建角色 resetAction(); action.getRole().setIsGroup(0); action.getRole().setName("办公室助理"); action.getRole().setParentId(roleGroupId); action.getRole().setStartDate(new Date()); Calendar calendar = new GregorianCalendar(); calendar.add(UMConstants.ROLE_LIFE_TYPE, UMConstants.ROLE_LIFE_TIME); action.getRole().setEndDate(calendar.getTime()); action.setRole2UserIds(UMConstants.ADMIN_USER_ID + "," + mainUser.getId()); action.setRole2GroupIds("" + mainGroup.getId()); action.saveRole(); Long roleId = action.getRole().getId(); // 读取修改角色组的模板 action.setRoleId(roleGroupId); action.getRoleGroupInfo(); // 读取新增或修改角色的模板 action.setIsNew(1); action.setParentRoleId(UMConstants.ROLE_ROOT_ID); action.getRoleInfoAndRelation(); action.setIsNew(null); action.setRoleId(roleId); action.getRoleInfoAndRelation(); // 读取角色树形结构 action.getAllRole2Tree(); action.getCanAddedGroup2Tree(); // 停用角色组 action.setRoleId(roleGroupId); action.setRoleState(UMConstants.TRUE); action.disable(); // 启用角色 action.setRoleId(roleId); action.setRoleState(UMConstants.FALSE); action.disable(); // 再新建一个角色 resetAction(); action.getRole().setIsGroup(0); action.getRole().setName("部门经理"); action.getRole().setParentId(roleGroupId); action.getRole().setStartDate(new Date()); action.getRole().setEndDate(calendar.getTime()); action.setRole2UserIds(UMConstants.ADMIN_USER_ID + "," + mainUser.getId()); action.setRole2GroupIds("" + mainGroup.getId()); action.saveRole(); Long secondRoleId = action.getRole().getId(); action.getAllRole2Tree(); // 对组进行排序 action.setRoleId(roleId); action.setTargetId(secondRoleId); action.setDirection(1); action.sort(); action.getAllRole2Tree(); // 对角色进行移动 action.setTargetId(UMConstants.ROLE_ROOT_ID); action.move(); action.getOperation(); action.setGroupId(mainGroup.getId()); action.getUserByGroupId(); action.initSetPermission(); action.setIsRole2Resource("1"); action.getApplications(); action.setIsRole2Resource("0"); action.getApplications(); action.setApplicationId("tss"); action.getResourceTypes(); // 授权测试 PermissionRank // LOWER_PERMISSION = "1"; 普通授权 // AUTHORISE_PERMISSION = "2"; 可授权授权 // PASSON_AUTHORISE_PERMISSION = "3"; 可传递授权 // SUB_AUTHORISE_PERMISSION = "4"; 权限转授 log.debug("====================== 开始测试授权 ============================"); // 一、 多个资源授权给单个角色 action.setIsRole2Resource("1"); action.setResourceType(UMConstants.MAINGROUP_RESOURCE_TYPE_ID); action.setRoleId(roleId); action.setPermissionRank("2"); action.getPermissionMatrix(); // 授权内容, 当多个资源对一个角色授权时: resource1|2224, resource2|4022 // 竖线后面为各个权限选项的打勾情况【0: 没打勾, 1: 仅此节点,虚勾 2: 此节点及所有子节点,实勾 3:禁用未选中 4:禁用已选中】 action.setSetPermission(mainGroup.getId() + "|222222222222"); action.savePermission(); action.getPermissionMatrix(); TestUtil.printEntity(super.permissionHelper, "MainGroupPermissions"); TestUtil.printEntity(super.permissionHelper, "MainGroupPermissionsFull"); // 二、单个资源授权给多个角色 action.setIsRole2Resource(null); action.setRoleId(mainGroup.getId()); // 当资源对角色进行授权时, 表示resourceId action.setPermissionRank("2"); action.getPermissionMatrix(); // 授权内容, 当单个资源对多个角色授权时: roleId1|2224, roleId2|4022 // 竖线后面为各个权限选项的打勾情况【0: 没打勾, 1: 仅此节点,虚勾 2: 此节点及所有子节点,实勾 3:禁用未选中 4:禁用已选中】 action.setSetPermission(secondRoleId + "|222222222222"); action.savePermission(); action.getPermissionMatrix(); TestUtil.printEntity(super.permissionHelper, "MainGroupPermissions"); TestUtil.printEntity(super.permissionHelper, "MainGroupPermissionsFull"); login(mainUser.getId(), mainUser.getLoginName()); // 更好登录用户,看其权限 action.getPermissionMatrix(); TestUtil.printEntity(super.permissionHelper, "RoleUserMapping"); printVisibleMainGroups(); login(UMConstants.ADMIN_USER_ID, UMConstants.ADMIN_USER_NAME); // 换回Admin登录 // 删除角色组 action.setRoleId(roleGroupId); action.delete(); action.getAllRole2Tree(); }
public void applicationRegisterByXML(Document doc, String applicationType) { List<ResourceType> resourceTypeList = new ArrayList<ResourceType>(); List<ResourceTypeRoot> resourceTypeRootList = new ArrayList<ResourceTypeRoot>(); List<Operation> operationList = new ArrayList<Operation>(); // 解析应用 Application application = new Application(); Element appNode = (Element) doc.selectSingleNode("/application"); BeanUtil.setDataToBean(application, XMLDocUtil.dataNode2Map(appNode)); String applicationId = application.getApplicationId(); // 解析资源类型 List<Element> nodeList = XMLDocUtil.selectNodes(appNode, "resourceType"); for (Element resourceTypeNode : nodeList) { ResourceType resourceType = new ResourceType(); BeanUtil.setDataToBean(resourceType, XMLDocUtil.dataNode2Map(resourceTypeNode)); resourceType.setApplicationId(applicationId); resourceTypeList.add(resourceType); // 解析资源操作选项 List<Element> operationNodeList = XMLDocUtil.selectNodes(resourceTypeNode, "operation"); for (Element operationNode : operationNodeList) { Operation operation = new Operation(); BeanUtil.setDataToBean(operation, XMLDocUtil.dataNode2Map(operationNode)); operation.setApplicationId(applicationId); operation.setResourceTypeId(resourceType.getResourceTypeId()); operationList.add(operation); } } // 解析资源类型根节点 nodeList = XMLDocUtil.selectNodes(appNode, "resourceTypeRoot"); for (Element resourceTypeRootNode : nodeList) { ResourceTypeRoot resourceTypeRootId = new ResourceTypeRoot(); BeanUtil.setDataToBean(resourceTypeRootId, XMLDocUtil.dataNode2Map(resourceTypeRootNode)); resourceTypeRootList.add(resourceTypeRootId); } if (!EasyUtils.isNullOrEmpty(applicationType)) { application.setApplicationType(applicationType); } /** *************************** 仅仅把外部资源注册进来,不进行补全操作 ****************************** */ // 根据应用删除上次因导入失败产生的脏数据 applicationDao.clearDirtyData(applicationId); for (IEntity resourceTypeRoot : resourceTypeRootList) { resourceTypeDao.createObject(resourceTypeRoot); // 初始化资源类型根节点 } for (ResourceType resourceType : resourceTypeList) { String resourceTypeId = resourceType.getResourceTypeId(); ResourceTypeRoot resourceTypeRoot = resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId); if (resourceTypeRoot != null) { resourceType.setRootId(resourceTypeRoot.getRootId()); } resourceTypeDao.create(resourceType); // 初始化资源类型 } for (Operation operation : operationList) { resourceTypeDao.createObject(operation); // 初始化权限选项 } /** *************************** 对外部已经注册的资源进行补全操作 *********************************** */ if (!initial) { permissionService = PermissionHelper.getPermissionService(applicationId, permissionService); } // 初始化资源类型 for (ResourceType resourceType : resourceTypeList) { /* 保存资源类型,同时还要为该类型资源建立一个根节点,以资源类型名字作为根节点名字 */ String resourceTypeId = resourceType.getResourceTypeId(); String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId); String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId); String initPermission = Config.getAttribute("initPermission"); if (Config.TRUE.equalsIgnoreCase(initPermission)) { permissionService.clearPermissionData(unSuppliedTable); permissionService.clearPermissionData(suppliedTable); } } // 初始化权限选项 for (Operation operation : operationList) { /* 让管理员角色拥有新添加的权限选项,即:让管理员拥有对资源 根节点 有permissionState=2的权限 */ String resourceTypeId = operation.getResourceTypeId(); ResourceTypeRoot resourceTypeRoot = resourceTypeDao.getResourceTypeRoot(applicationId, resourceTypeId); if (resourceTypeRoot != null) { String unSuppliedTable = resourceTypeDao.getUnSuppliedTable(applicationId, resourceTypeId); String suppliedTable = resourceTypeDao.getSuppliedTable(applicationId, resourceTypeId); String resourceTable = resourceTypeDao.getResourceTable(applicationId, resourceTypeId); permissionService.saveRoleResourceOperation( UMConstants.ADMIN_ROLE_ID, resourceTypeRoot.getRootId(), operation.getOperationId(), UMConstants.PERMIT_SUB_TREE, unSuppliedTable, suppliedTable, resourceTable); } } // 初始化平台应用系统,应用系统作为一类资源,需要做补全操作的,所以最后保存 application.setSeqNo(applicationDao.getNextSeqNo(new Long(UMConstants.PLATFORM_SYSTEM_APP))); applicationDao.create(application); }