Skip to content

D
dataease
提交 0445176e authored 作者: fit2cloud-chenyw's avatar fit2cloud-chenyw
浏览文件
操作

refactor: 增加数据源、部分数据集api权限

上级 64fce599
隐藏空白字符变更
内嵌 并排
正在显示 包含 98 行增加6 行删除
backend/src/main/java/io/dataease/base/mapper/ext/ExtAuthMapper.xml
浏览文件 @ 0445176e
......@@ -40,7 +40,7 @@
sys_auth a
LEFT JOIN sys_auth_detail d on d.auth_id = a.id
WHERE
auth_source_type = 'datasource'
auth_source_type = 'link'
AND auth_target_type = 'user'
AND auth_target = #{userId}
AND d.privilege_value = 1
......@@ -80,7 +80,7 @@
sys_auth a
LEFT JOIN sys_auth_detail d on d.auth_id = a.id
WHERE
auth_source_type = 'datasource'
auth_source_type = 'link'
AND auth_target_type = 'role'
AND auth_target = #{roleId}
AND d.privilege_value = 1
......@@ -119,7 +119,7 @@
sys_auth a
LEFT JOIN sys_auth_detail d on d.auth_id = a.id
WHERE
auth_source_type = 'datasource'
auth_source_type = 'link'
AND auth_target_type = 'dept'
AND auth_target = #{deptId}
AND d.privilege_value = 1
......
backend/src/main/java/io/dataease/commons/utils/AuthUtils.java
浏览文件 @ 0445176e
......@@ -4,6 +4,7 @@ import io.dataease.auth.api.dto.CurrentRoleDto;
import io.dataease.auth.api.dto.CurrentUserDto;
import io.dataease.auth.entity.AuthItem;
import io.dataease.auth.service.ExtAuthService;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.commons.model.AuthURD;
import org.apache.commons.lang3.StringUtils;
......@@ -56,7 +57,7 @@ public class AuthUtils {
Long deptId = user.getDeptId();
List<CurrentRoleDto> roles = user.getRoles();
Set<AuthItem> result = new HashSet<>();
if (StringUtils.equals("link", type)) {
if (StringUtils.equals(DePermissionType.DATASOURCE.name().toLowerCase(), type)) {
Set<AuthItem> userSet = extAuthService.dataSourceIdByUser(userId).stream().collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.dataSourceIdByRole(role.getId())).flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> deptSet = extAuthService.dataSourceIdByDept(deptId).stream().collect(Collectors.toSet());
......@@ -69,7 +70,7 @@ public class AuthUtils {
return result;
}
else if (StringUtils.equals("dataset", type)) {
else if (StringUtils.equals(DePermissionType.DATASET.name().toLowerCase(), type)) {
Set<AuthItem> userSet = extAuthService.dataSetIdByUser(userId).stream().collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.dataSetIdByRole(role.getId())).flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> deptSet = extAuthService.dataSetIdByDept(deptId).stream().collect(Collectors.toSet());
......@@ -81,7 +82,7 @@ public class AuthUtils {
});
return result;
}
else if (StringUtils.equals("panel", type)) {
else if (StringUtils.equals(DePermissionType.PANEL.name().toLowerCase(), type)) {
Set<AuthItem> userSet = extAuthService.panelIdByUser(userId).stream().collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.panelIdByRole(role.getId())).flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> deptSet = extAuthService.panelIdByDept(deptId).stream().collect(Collectors.toSet());
......
backend/src/main/java/io/dataease/controller/dataset/DataSetGroupController.java
浏览文件 @ 0445176e
package io.dataease.controller.dataset;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissions;
import io.dataease.base.domain.DatasetGroup;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.controller.request.dataset.DataSetGroupRequest;
import io.dataease.dto.dataset.DataSetGroupDTO;
import io.dataease.service.dataset.DataSetGroupService;
import io.dataease.service.dataset.ExtractDataService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;
......@@ -28,12 +34,18 @@ public class DataSetGroupController {
@Resource
private ExtractDataService extractDataService;
@RequiresPermissions("data:read")
@DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, value = "id"),
@DePermission(type = DePermissionType.DATASET, value = "pid", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
}, logical = Logical.AND)
@ApiOperation("保存")
@PostMapping("/save")
public DataSetGroupDTO save(@RequestBody DatasetGroup datasetGroup) {
return dataSetGroupService.save(datasetGroup);
}
@RequiresPermissions("data:read")
@ApiOperation("查询树")
@PostMapping("/tree")
public List<DataSetGroupDTO> tree(@RequestBody DataSetGroupRequest datasetGroup) {
......@@ -46,6 +58,8 @@ public class DataSetGroupController {
return dataSetGroupService.treeNode(datasetGroup);
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
@ApiOperation("删除")
@PostMapping("/delete/{id}")
public void tree(@PathVariable String id) throws Exception {
......
backend/src/main/java/io/dataease/controller/dataset/DataSetTableController.java
浏览文件 @ 0445176e
package io.dataease.controller.dataset;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissions;
import io.dataease.base.domain.DatasetTable;
import io.dataease.base.domain.DatasetTableField;
import io.dataease.base.domain.DatasetTableIncrementalConfig;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.controller.request.dataset.DataSetTableRequest;
import io.dataease.controller.response.DataSetDetail;
import io.dataease.dto.datasource.TableFiled;
......@@ -11,6 +15,8 @@ import io.dataease.dto.dataset.DataSetTableDTO;
import io.dataease.dto.dataset.ExcelFileData;
import io.dataease.service.dataset.DataSetTableService;
import io.swagger.annotations.*;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
......@@ -30,12 +36,24 @@ public class DataSetTableController {
@Resource
private DataSetTableService dataSetTableService;
@RequiresPermissions("data:read")
@DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, value = "id"),
@DePermission(type = DePermissionType.DATASET, value = "sceneId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASOURCE, value = "dataSourceId", level = ResourceAuthLevel.DATASET_LEVEL_USE)
}, logical = Logical.AND)
@ApiOperation("批量保存")
@PostMapping("batchAdd")
public void batchAdd(@RequestBody List<DataSetTableRequest> datasetTable) throws Exception {
dataSetTableService.batchInsert(datasetTable);
}
@RequiresPermissions("data:read")
@DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, value = "id", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASET, value = "sceneId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASOURCE, value = "dataSourceId", level = ResourceAuthLevel.DATASET_LEVEL_USE)
}, logical = Logical.AND)
@ApiOperation("更新")
@PostMapping("update")
public void save(@RequestBody DataSetTableRequest datasetTable) throws Exception {
......@@ -46,12 +64,19 @@ public class DataSetTableController {
}
}
@RequiresPermissions("data:read")
@DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, value = "id", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASET, value = "sceneId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASOURCE, value = "dataSourceId", level = ResourceAuthLevel.DATASET_LEVEL_USE)
}, logical = Logical.AND)
@ApiOperation("修改")
@PostMapping("alter")
public void alter(@RequestBody DataSetTableRequest request) throws Exception {
dataSetTableService.alter(request);
}
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
@ApiOperation("删除")
@PostMapping("delete/{id}")
public void delete(@ApiParam(name = "id", value = "数据集ID", required = true) @PathVariable String id) throws Exception {
......@@ -70,6 +95,7 @@ public class DataSetTableController {
return dataSetTableService.listAndGroup(dataSetTableRequest);
}
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE)
@ApiOperation("详息")
@PostMapping("get/{id}")
public DatasetTable get(@ApiParam(name = "id", value = "数据集ID", required = true) @PathVariable String id) {
......
backend/src/main/java/io/dataease/controller/datasource/DatasourceController.java
浏览文件 @ 0445176e
......@@ -3,7 +3,11 @@ package io.dataease.controller.datasource;
import com.github.pagehelper.Page;
import com.github.pagehelper.PageHelper;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissions;
import io.dataease.base.domain.Datasource;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.commons.utils.AuthUtils;
import io.dataease.commons.utils.PageUtils;
import io.dataease.commons.utils.Pager;
......@@ -15,6 +19,8 @@ import io.dataease.service.datasource.DatasourceService;
import io.dataease.dto.DatasourceDTO;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;
......@@ -31,18 +37,24 @@ public class DatasourceController {
@Resource
private DatasourceService datasourceService;
@RequiresPermissions("datasource:add")
@DePermission(type = DePermissionType.DATASOURCE, value = "id")
@ApiOperation("新增数据源")
@PostMapping("/add")
public Datasource addDatasource(@RequestBody Datasource datasource) throws Exception{
return datasourceService.addDatasource(datasource);
}
@RequiresPermissions("datasource:read")
@DePermission(type = DePermissionType.DATASOURCE, value = "id")
@ApiOperation("验证数据源")
@PostMapping("/validate")
public ResultHolder validate(@RequestBody Datasource datasource) throws Exception {
return datasourceService.validate(datasource);
}
@RequiresPermissions("datasource:read")
@DePermission(type = DePermissionType.DATASOURCE)
@ApiOperation("验证数据源")
@GetMapping("/validate/{datasourceId}")
public ResultHolder validate(@PathVariable String datasourceId) {
......@@ -64,6 +76,7 @@ public class DatasourceController {
return getDatasourceList().stream().filter(datasourceDTO -> datasourceDTO.getType().equalsIgnoreCase(type)).collect(Collectors.toList());
}
@RequiresPermissions("datasource:read")
@ApiIgnore
@PostMapping("/list/{goPage}/{pageSize}")
public Pager<List<DatasourceDTO>> getDatasourceList(@RequestBody BaseGridRequest request, @PathVariable int goPage, @PathVariable int pageSize) throws Exception {
......@@ -71,12 +84,15 @@ public class DatasourceController {
return PageUtils.setPageInfo(page, datasourceService.gridQuery(request));
}
@DePermission(type = DePermissionType.DATASOURCE, level = ResourceAuthLevel.LINK_LEVEL_MANAGE)
@ApiOperation("删除数据源")
@PostMapping("/delete/{datasourceID}")
public void deleteDatasource(@PathVariable(value = "datasourceID") String datasourceID) throws Exception {
datasourceService.deleteDatasource(datasourceID);
}
@RequiresPermissions("datasource:add")
@DePermission(type = DePermissionType.DATASOURCE, value = "id", level = ResourceAuthLevel.LINK_LEVEL_MANAGE)
@ApiOperation("更新数据源")
@PostMapping("/update")
public void updateDatasource(@RequestBody Datasource Datasource) {
......
backend/src/main/java/io/dataease/controller/sys/SystemParameterController.java
浏览文件 @ 0445176e
......@@ -11,6 +11,7 @@ import io.dataease.service.FileService;
import io.dataease.service.system.EmailService;
import io.dataease.service.system.SystemParameterService;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
......@@ -39,11 +40,13 @@ public class SystemParameterController {
private EmailService emailService;
@RequiresPermissions("sysparam:read")
@GetMapping("/mail/info")
public MailInfo mailInfo() {
return emailService.mailInfo();
}
@RequiresPermissions("sysparam:read")
@GetMapping("/basic/info")
public BasicInfo basicInfo() {
return systemParameterService.basicInfo();
......@@ -55,11 +58,13 @@ public class SystemParameterController {
return StringUtils.isNotBlank(basicInfo.getFrontTimeOut()) ? Integer.parseInt(basicInfo.getFrontTimeOut()) : 10;
}
@RequiresPermissions("sysparam:read")
@PostMapping("/edit/email")
public void editMail(@RequestBody List<SystemParameter> systemParameter) {
emailService.editMail(systemParameter);
}
@RequiresPermissions("sysparam:read")
@PostMapping("/edit/basic")
public void editBasic(@RequestBody List<SystemParameter> systemParameter) {
systemParameterService.editBasic(systemParameter);
......@@ -76,6 +81,7 @@ public class SystemParameterController {
}
@RequiresPermissions("sysparam:read")
@GetMapping("/base/info")
public List<SystemParameterDTO> getBaseInfo() {
return systemParameterService.getSystemParameterInfo(ParamConstants.Classify.BASE.getValue());
......
backend/src/main/java/io/dataease/plugins/server/ThemeServer.java
浏览文件 @ 0445176e
......@@ -3,6 +3,7 @@ package io.dataease.plugins.server;
import java.util.List;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
......@@ -36,6 +37,7 @@ public class ThemeServer {
return themeXpackService.queryItems(themeId);
}
@RequiresPermissions("sysparam:read")
@PostMapping("/save")
public void save(@RequestPart("request") ThemeRequest request,
@RequestPart(value = "file", required = false) MultipartFile bodyFile) {
......@@ -55,6 +57,7 @@ public class ThemeServer {
}
@RequiresPermissions("sysparam:read")
@PostMapping("/delete/{themeId}")
public void delete(@PathVariable("themeId") int themeId) {
ThemeXpackService themeXpackService = SpringContextUtil.getBean(ThemeXpackService.class);
......
backend/src/main/java/io/dataease/plugins/server/XAuthServer.java
浏览文件 @ 0445176e
......@@ -14,6 +14,7 @@ import io.dataease.plugins.xpack.auth.dto.response.XpackSysAuthDetailDTO;
import io.dataease.plugins.xpack.auth.dto.response.XpackVAuthModelDTO;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import io.dataease.plugins.xpack.auth.service.AuthXpackService;
......@@ -25,6 +26,7 @@ public class XAuthServer {
private static final Set<String> cacheTypes = new HashSet<>();
@RequiresPermissions("auth:read")
@PostMapping("/authModels")
@I18n
public List<XpackVAuthModelDTO> authModels(@RequestBody XpackBaseTreeRequest request) {
......@@ -33,12 +35,14 @@ public class XAuthServer {
return sysAuthService.searchAuthModelTree(request, user.getUserId(), user.getIsAdmin());
}
@RequiresPermissions("auth:read")
@PostMapping("/authDetails")
public Map<String, List<XpackSysAuthDetailDTO>> authDetails(@RequestBody XpackSysAuthRequest request) {
AuthXpackService sysAuthService = SpringContextUtil.getBean(AuthXpackService.class);
return sysAuthService.searchAuthDetails(request);
}
@RequiresPermissions("auth:read")
@GetMapping("/authDetailsModel/{authType}/{direction}")
@I18n
public List<XpackSysAuthDetail> authDetailsModel(@PathVariable String authType, @PathVariable String direction) {
......@@ -54,6 +58,7 @@ public class XAuthServer {
return authDetails;
}
@RequiresPermissions("auth:read")
@PostMapping("/authChange")
public void authChange(@RequestBody XpackSysAuthRequest request) {
AuthXpackService sysAuthService = SpringContextUtil.getBean(AuthXpackService.class);
......
backend/src/main/java/io/dataease/plugins/server/XDeptServer.java
浏览文件 @ 0445176e
......@@ -14,6 +14,7 @@ import io.dataease.plugins.xpack.dept.dto.response.XpackSysDept;
import io.dataease.plugins.xpack.dept.service.DeptXpackService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;
......@@ -66,6 +67,7 @@ public class XDeptServer {
return nodes;
}
@RequiresPermissions("dept:add")
@ApiOperation("创建")
@PostMapping("/create")
public int create(@RequestBody XpackCreateDept dept){
......@@ -73,6 +75,7 @@ public class XDeptServer {
return deptService.add(dept);
}
@RequiresPermissions("dept:del")
@ApiOperation("删除")
@PostMapping("/delete")
public void delete(@RequestBody List<XpackDeleteDept> requests){
......@@ -83,6 +86,7 @@ public class XDeptServer {
deptService.batchDelete(requests);
}
@RequiresPermissions("dept:edit")
@ApiOperation("更新")
@PostMapping("/update")
public int update(@RequestBody XpackCreateDept dept){
......@@ -91,6 +95,7 @@ public class XDeptServer {
}
@RequiresPermissions("dept:del")
@ApiIgnore
@ApiOperation("删除")
@PostMapping("/nodesByDeptId/{deptId}")
......
backend/src/main/java/io/dataease/plugins/server/XDisplayServer.java
浏览文件 @ 0445176e
......@@ -4,6 +4,7 @@ package io.dataease.plugins.server;
import io.dataease.plugins.config.SpringContextUtil;
import io.dataease.plugins.xpack.display.dto.response.SysSettingDto;
import io.dataease.plugins.xpack.display.service.DisplayXpackService;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import java.util.List;
......@@ -22,6 +23,7 @@ public class XDisplayServer {
return disPlayXpackService.systemSettings();
}
@RequiresPermissions("sysparam:read")
@PostMapping(value="/save", consumes = {"multipart/form-data"})
public void saveUIInfo(@RequestPart("request") Map<String,List<SysSettingDto>> systemParameterMap, @RequestPart(value = "files", required = false) List<MultipartFile> bodyFiles) throws Exception {
DisplayXpackService disPlayXpackService = SpringContextUtil.getBean(DisplayXpackService.class);
......
backend/src/main/java/io/dataease/plugins/server/XEmailTaskServer.java
浏览文件 @ 0445176e
......@@ -20,6 +20,7 @@ import io.dataease.service.ScheduleService;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
......@@ -39,6 +40,7 @@ public class XEmailTaskServer {
@Resource
private PriorityThreadPoolExecutor priorityExecutor;
@RequiresPermissions("task-email:read")
@PostMapping("/queryTasks/{goPage}/{pageSize}")
public Pager<List<XpackTaskGridDTO>> queryTask(@PathVariable int goPage, @PathVariable int pageSize,
@RequestBody XpackGridRequest request) {
......@@ -71,6 +73,7 @@ public class XEmailTaskServer {
return listPager;
}
@RequiresPermissions("task-email:add")
@PostMapping("/save")
public void save(@RequestBody XpackEmailCreate param) throws Exception {
XpackEmailTaskRequest request = param.fillContent();
......@@ -81,6 +84,7 @@ public class XEmailTaskServer {
scheduleService.addSchedule(globalTask);
}
@RequiresPermissions("task-email:read")
@PostMapping("/queryForm/{taskId}")
public XpackEmailCreate queryForm(@PathVariable Long taskId) {
EmailXpackService emailXpackService = SpringContextUtil.getBean(EmailXpackService.class);
......@@ -141,6 +145,7 @@ public class XEmailTaskServer {
}
@RequiresPermissions("task-email:del")
@PostMapping("/delete/{taskId}")
public void delete(@PathVariable Long taskId) {
EmailXpackService emailXpackService = SpringContextUtil.getBean(EmailXpackService.class);
......
backend/src/main/java/io/dataease/plugins/server/XLdapServer.java
浏览文件 @ 0445176e
......@@ -6,6 +6,7 @@ import io.dataease.plugins.config.SpringContextUtil;
import io.dataease.plugins.xpack.display.dto.response.SysSettingDto;
import io.dataease.plugins.xpack.ldap.dto.response.LdapInfo;
import io.dataease.plugins.xpack.ldap.service.LdapXpackService;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import java.util.List;
......@@ -21,6 +22,7 @@ public class XLdapServer {
return ldapXpackService.info();
}
@RequiresPermissions("sysparam:read")
@PostMapping("/save")
public void save(@RequestBody List<SysSettingDto> settings) {
LdapXpackService ldapXpackService = SpringContextUtil.getBean(LdapXpackService.class);
......
backend/src/main/java/io/dataease/plugins/server/XOidcServer.java
浏览文件 @ 0445176e
......@@ -5,6 +5,7 @@ import io.dataease.plugins.config.SpringContextUtil;
import io.dataease.plugins.xpack.display.dto.response.SysSettingDto;
import io.dataease.plugins.xpack.oidc.service.OidcXpackService;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.List;
......@@ -21,6 +22,7 @@ public class XOidcServer {
return oidcXpackService.oidcSettings();
}
@RequiresPermissions("sysparam:read")
@PostMapping("/save")
public void save(@RequestBody List<SysSettingDto> settings) {
OidcXpackService oidcXpackService = SpringContextUtil.getBean(OidcXpackService.class);
......
backend/src/main/java/io/dataease/plugins/server/XRoleServer.java
浏览文件 @ 0445176e
......@@ -13,6 +13,7 @@ import io.dataease.plugins.xpack.role.dto.response.XpackRoleItemDto;
import io.dataease.plugins.xpack.role.service.RoleXpackService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;
......@@ -26,6 +27,7 @@ public class XRoleServer {
@Autowired
private ExtAuthService extAuthService;
@RequiresPermissions("role:add")
@ApiOperation("新增角色")
@PostMapping("/create")
public void create(@RequestBody XpackRoleDto role){
......@@ -34,6 +36,7 @@ public class XRoleServer {
}
@RequiresPermissions("role:del")
@ApiOperation("删除角色")
@PostMapping("/delete/{roleId}")
public void delete(@PathVariable("roleId") Long roleId){
......@@ -43,6 +46,7 @@ public class XRoleServer {
}
@RequiresPermissions("role:edit")
@ApiOperation("更新角色")
@PostMapping("/update")
public void update(@RequestBody XpackRoleDto role){
......@@ -50,6 +54,7 @@ public class XRoleServer {
roleXpackService.update(role);
}
@RequiresPermissions("role:read")
@ApiOperation("分页查询")
@PostMapping("/roleGrid/{goPage}/{pageSize}")
public Pager<List<XpackRoleDto>> roleGrid(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody XpackGridRequest request) {
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论