/**
* 根据已有授权信息,新增一条授权信息。 新增前会先判断授权信息是否已经存在。
*
* @param exsitPermission 节点的未补齐授权信息 或 父(祖)节点授权信息
* @param resource 节点资源
* @param permissionTable
* <p>TODO 保存权限前要在当前授权级别的上一级去查找有没有已经授过的,如果授过的,则删掉。 保存当前授权级别(一个资源对同一个权限选项只能有一种授权级别)
*/
public void createPermission(
AbstractPermission exsitPermission, IResource resource, String permissionTable) {
String operationId = exsitPermission.getOperationId();
Long roleId = exsitPermission.getRoleId();
Integer permissionState = exsitPermission.getPermissionState();
Integer isGrant = exsitPermission.getIsGrant();
Integer isPass = exsitPermission.getIsPass();
// 先判断授权信息是否已经存在
Class<?> permissionTableClass = BeanUtil.createClassByName(permissionTable);
String hql =
"from "
+ permissionTableClass.getName()
+ " t where t.resourceId = ? and t.operationId = ?"
+ " and t.roleId = ? and t.permissionState = ? and t.isGrant = ? and t.isPass = ?";
Long resourceId = resource.getId();
List<?> list =
getEntities(
hql, new Object[] {resourceId, operationId, roleId, permissionState, isGrant, isPass});
if (list.size() == 0) {
AbstractPermission newPermission =
(AbstractPermission) BeanUtil.newInstance(permissionTableClass);
newPermission.setOperationId(operationId);
newPermission.setRoleId(roleId);
newPermission.setPermissionState(permissionState);
newPermission.setIsGrant(isGrant);
newPermission.setIsPass(isPass);
newPermission.setResourceId(resourceId);
newPermission.setResourceName(resource.getName());
createObjectWithoutFlush(newPermission);
}
}
/**
* 获取用户对一个应用中的一种资源类型中的一个资源拥有的权限选项ID集合
*
* @param resourceTypeId
* @param resourceId
* @param userId
* @return
*/
public List<?> getOperationsByResource(String resourceTypeId, Long resourceId) {
String applicationId = PermissionHelper.getApplicationID();
String permissionTable = resourceTypeDao.getPermissionTable(applicationId, resourceTypeId);
String resourceTable = resourceTypeDao.getResourceTable(applicationId, resourceTypeId);
Class<?> resourceClass = BeanUtil.createClassByName(resourceTable);
return getOperationsByResource(resourceId, permissionTable, resourceClass);
}
/**
* 获取用户对一个资源在当前授权级别能够看到的子节点的个数
*
* @param resourceId
* @param permissionRank
* @param permissionTable
* @param resourceTable
* @return
*/
public int getVisibleChildrenNumByPermissionRank(
Long resourceId, String permissionRank, String permissionTable, String resourceTable) {
String hql =
"select distinct r.id from "
+ resourceTable
+ " r, "
+ permissionTable
+ " p, Temp t "
+ " where t.id = p.roleId and p.resourceId = r.id and r.decode like ? ";
hql += genRankCondition4SelectPermission(permissionRank);
IResource resource =
(IResource) getEntity(BeanUtil.createClassByName(resourceTable), resourceId);
return getEntities(hql, resource.getDecode() + "%").size();
}
/**
* 获取资源的父节点Id
*
* @param appId
* @param resourceTypeId
* @param resourceId
* @return
*/
public Long getParentResourceId(String appId, String resourceTypeId, Long resourceId) {
String resourceTable = resourceTypeDao.getResourceTable(appId, resourceTypeId);
IResource resource =
(IResource) getEntity(BeanUtil.createClassByName(resourceTable), resourceId);
return resource.getParentId();
}