Commit 5873f8dd authored by o2null's avatar o2null
Browse files

Merge branch 'hotfix/内容管理设计权限修改' into 'wrdp'

hotfix/内容管理设计权限修改  合并到master

See merge request o2oa/o2oa!6351

(cherry picked from commit 3e3035a9)

2c56fcef 内容管理员设计权限修改
524b7c77 内容管理设计权限修改2
parent 3e7b2231
No related merge requests found
Showing with 124 additions and 168 deletions
+124 -168
......@@ -310,21 +310,6 @@ public class Business {
return false;
}
/**
* TODO (uncomplete)判断用户是否有权限进行:[文件或者附件管理]的操作
*
* @param person
* @return
* @throws Exception
*/
public boolean fileInfoEditAvailable( EffectivePerson person) throws Exception {
if ( isManager( person)) {
return true;
}
// 其他情况暂时全部不允许操作
return false;
}
/**
* TODO (uncomplete)判断用户是否有权限进行:[表单模板管理]操作
*
......@@ -337,7 +322,7 @@ public class Business {
return true;
}
// 其他情况暂时全部不允许操作
return false;
return true;
}
/**
......@@ -352,7 +337,7 @@ public class Business {
return true;
}
// 其他情况暂时全部不允许操作
return false;
return true;
}
public boolean editable( EffectivePerson effectivePerson, AppInfo appInfo ) throws Exception {
......
......@@ -2,11 +2,13 @@ package com.x.cms.assemble.control.jaxrs.appinfo;
import com.x.base.core.project.annotation.AuditLog;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.jaxrs.WoId;
import com.x.base.core.project.logger.Logger;
import com.x.base.core.project.logger.LoggerFactory;
import com.x.cms.assemble.control.Business;
import com.x.cms.assemble.control.service.CmsBatchOperationPersistService;
import com.x.cms.assemble.control.service.CmsBatchOperationProcessService;
import com.x.cms.assemble.control.service.LogService;
......@@ -16,6 +18,10 @@ import org.apache.commons.lang3.StringUtils;
import javax.servlet.http.HttpServletRequest;
/**
* 删除栏目信息
* @author sword
*/
public class ActionDelete extends BaseAction {
private static Logger logger = LoggerFactory.getLogger( ActionDelete.class );
......@@ -23,46 +29,31 @@ public class ActionDelete extends BaseAction {
@AuditLog(operation = "删除栏目信息")
protected ActionResult<Wo> execute( HttpServletRequest request, EffectivePerson effectivePerson, String id ) throws Exception {
ActionResult<Wo> result = new ActionResult<>();
AppInfo appInfo = null;
Boolean check = true;
if( StringUtils.isEmpty( id ) ){
check = false;
Exception exception = new ExceptionAppInfoIdEmpty();
result.error( exception );
Business business = new Business(null);
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
if( check ){
try {
appInfo = appInfoServiceAdv.get( id );
if( appInfo == null ){
check = false;
Exception exception = new ExceptionAppInfoNotExists( id );
result.error( exception );
}
} catch (Exception e) {
check = false;
Exception exception = new ExceptionAppInfoProcess( e, "根据指定ID查询应用栏目信息对象时发生异常。ID:" + id );
result.error( exception );
logger.error( e, effectivePerson, request, null);
}
AppInfo appInfo = appInfoServiceAdv.get( id );
if( appInfo == null ){
throw new ExceptionAppInfoNotExists( id );
}
if( check ){
Long count = 0L;
try {
count = appInfoServiceAdv.countCategoryByAppId( id, "全部" );
if ( count > 0 ){
check = false;
Exception exception = new ExceptionAppInfoCanNotDelete( count);
result.error( exception );
}
} catch ( Exception e ) {
Long count = 0L;
try {
count = appInfoServiceAdv.countCategoryByAppId( id, "全部" );
if ( count > 0 ){
check = false;
Exception exception = new ExceptionAppInfoProcess( e, "系统在根据应用栏目ID查询应用下分类个数时发生异常。ID:" + id );
Exception exception = new ExceptionAppInfoCanNotDelete( count);
result.error( exception );
logger.error( e, effectivePerson, request, null);
}
} catch ( Exception e ) {
check = false;
Exception exception = new ExceptionAppInfoProcess( e, "系统在根据应用栏目ID查询应用下分类个数时发生异常。ID:" + id );
result.error( exception );
logger.error( e, effectivePerson, request, null);
}
if( check ){
try {
......
......@@ -6,12 +6,15 @@ import com.x.base.core.project.annotation.FieldDescribe;
import com.x.base.core.project.bean.WrapCopier;
import com.x.base.core.project.bean.WrapCopierFactory;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.config.Token;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.jaxrs.WoId;
import com.x.base.core.project.logger.Logger;
import com.x.base.core.project.logger.LoggerFactory;
import com.x.base.core.project.tools.ListTools;
import com.x.cms.assemble.control.Business;
import com.x.cms.assemble.control.service.CmsBatchOperationPersistService;
import com.x.cms.assemble.control.service.CmsBatchOperationProcessService;
import com.x.cms.assemble.control.service.LogService;
......@@ -26,7 +29,6 @@ public class ActionSave extends BaseAction {
private static Logger logger = LoggerFactory.getLogger(ActionSave.class);
@AuditLog(operation = "保存栏目信息")
protected ActionResult<Wo> execute(HttpServletRequest request, EffectivePerson effectivePerson, JsonElement jsonElement ) throws Exception {
ActionResult<Wo> result = new ActionResult<>();
AppInfo old_appInfo = null;
......@@ -35,49 +37,40 @@ public class ActionSave extends BaseAction {
String identityName = null;
String unitName = null;
String topUnitName = null;
Wi wi = null;
Boolean check = true;
try {
wi = this.convertToWrapIn( jsonElement, Wi.class );
identityName = wi.getIdentity();
} catch (Exception e) {
check = false;
Exception exception = new ExceptionAppInfoProcess(e, "系统在将JSON信息转换为对象时发生异常。JSON:" + jsonElement.toString());
result.error(exception);
logger.error(e, effectivePerson, request, null);
Business business = new Business(null);
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
if (check) {
if ( StringUtils.isEmpty( wi.getAppName() ) ) {
check = false;
Exception exception = new ExceptionAppInfoNameEmpty();
result.error(exception);
}
Wi wi = this.convertToWrapIn( jsonElement, Wi.class );
identityName = wi.getIdentity();
if ( StringUtils.isEmpty( wi.getAppName() ) ) {
throw new ExceptionAppInfoNameEmpty();
}
if (check) {//栏目不允许重名
try {
ids = appInfoServiceAdv.listByAppName( wi.getAppName());
if ( ListTools.isNotEmpty( ids ) ) {
for( String _id : ids ) {
if( !_id.equalsIgnoreCase( wi.getId() )) {
check = false;
Exception exception = new ExceptionAppInfoNameAlreadyExists( wi.getAppName());
result.error(exception);
}
try {
ids = appInfoServiceAdv.listByAppName( wi.getAppName());
if ( ListTools.isNotEmpty( ids ) ) {
for( String _id : ids ) {
if( !_id.equalsIgnoreCase( wi.getId() )) {
check = false;
Exception exception = new ExceptionAppInfoNameAlreadyExists( wi.getAppName());
result.error(exception);
}
}
} catch (Exception e) {
check = false;
Exception exception = new ExceptionAppInfoProcess(e, "系统根据应用栏目名称查询应用栏目信息对象时发生异常。AppName:" + wi.getAppName());
result.error(exception);
logger.error(e, effectivePerson, request, null);
}
} catch (Exception e) {
check = false;
Exception exception = new ExceptionAppInfoProcess(e, "系统根据应用栏目名称查询应用栏目信息对象时发生异常。AppName:" + wi.getAppName());
result.error(exception);
logger.error(e, effectivePerson, request, null);
}
if (check) {
if ( !"xadmin".equalsIgnoreCase( effectivePerson.getDistinguishedName()) ) {
if ( !Token.defaultInitialManager.equalsIgnoreCase( effectivePerson.getDistinguishedName()) ) {
try {
identityName = userManagerService.getPersonIdentity( effectivePerson.getDistinguishedName(), identityName );
} catch (Exception e) {
......@@ -87,13 +80,13 @@ public class ActionSave extends BaseAction {
logger.error(e, effectivePerson, request, null);
}
}else {
identityName = "xadmin";
unitName = "xadmin";
topUnitName = "xadmin";
identityName = Token.defaultInitialManager;
unitName = Token.defaultInitialManager;
topUnitName = Token.defaultInitialManager;
}
}
if (check && !"xadmin".equals(identityName)) {
if (check && !Token.defaultInitialManager.equals(identityName)) {
try {
unitName = userManagerService.getUnitNameByIdentity( identityName );
} catch (Exception e) {
......@@ -103,7 +96,7 @@ public class ActionSave extends BaseAction {
logger.error(e, effectivePerson, request, null);
}
}
if (check && !"xadmin".equals(identityName)) {
if (check && !Token.defaultInitialManager.equals(identityName)) {
try {
topUnitName = userManagerService.getTopUnitNameByIdentity( identityName );
} catch (Exception e) {
......@@ -112,7 +105,7 @@ public class ActionSave extends BaseAction {
result.error(exception);
logger.error(e, effectivePerson, request, null);
}
}
}
if (check) {
if( StringUtils.isEmpty( wi.getDocumentType() ) ) {
wi.setDocumentType( "信息" );
......@@ -122,7 +115,7 @@ public class ActionSave extends BaseAction {
}
}
}
if (check) {//栏目不允许重名
if( StringUtils.isEmpty( wi.getId() )) {
wi.setId( AppInfo.createId() );
......@@ -136,7 +129,7 @@ public class ActionSave extends BaseAction {
logger.error(e, effectivePerson, request, null);
}
}
if (check) {
wi.setCreatorIdentity(identityName);
wi.setCreatorPerson(effectivePerson.getDistinguishedName());
......@@ -146,32 +139,32 @@ public class ActionSave extends BaseAction {
if( StringUtils.equals( "信息", wi.getDocumentType() ) && wi.getSendNotify() == null ) {
wi.setSendNotify( true );
}
try {
appInfo = appInfoServiceAdv.save( wi, wi.getConfig(), effectivePerson );
Wo wo = new Wo();
wo.setId( appInfo.getId() );
result.setData( wo );
if( old_appInfo != null ) {
if( !old_appInfo.getAppName().equalsIgnoreCase( appInfo.getAppName() ) ||
if( !old_appInfo.getAppName().equalsIgnoreCase( appInfo.getAppName() ) ||
!old_appInfo.getAppAlias().equalsIgnoreCase( appInfo.getAppAlias() ) ) {
//修改了栏目名称或者别名,增加删除栏目批量操作(对分类和文档)的信息
new CmsBatchOperationPersistService().addOperation(
CmsBatchOperationProcessService.OPT_OBJ_APPINFO,
new CmsBatchOperationPersistService().addOperation(
CmsBatchOperationProcessService.OPT_OBJ_APPINFO,
CmsBatchOperationProcessService.OPT_TYPE_UPDATENAME, appInfo.getId(), old_appInfo.getAppName(), "更新栏目名称:ID=" + appInfo.getId() );
}
if( permissionQueryService.hasDiffrentViewPermissionInAppInfo( old_appInfo, appInfo )) {
//修改了栏目名称或者别名,增加删除栏目批量操作(对分类和文档)的信息
new CmsBatchOperationPersistService().addOperation(
CmsBatchOperationProcessService.OPT_OBJ_APPINFO,
new CmsBatchOperationPersistService().addOperation(
CmsBatchOperationProcessService.OPT_OBJ_APPINFO,
CmsBatchOperationProcessService.OPT_TYPE_PERMISSION, appInfo.getId(), appInfo.getAppName(), "变更栏目可见权限:ID=" + appInfo.getId() );
}
new LogService().log(null, effectivePerson.getDistinguishedName(), appInfo.getAppName(), appInfo.getId(), "", "", "", "APPINFO", "更新");
}else {
new LogService().log(null, effectivePerson.getDistinguishedName(), appInfo.getAppName(), appInfo.getId(), "", "", "", "APPINFO", "新增");
}
// 更新缓存
CacheManager.notify(AppInfo.class);
CacheManager.notify(AppDict.class);
......@@ -190,9 +183,9 @@ public class ActionSave extends BaseAction {
}
public static class Wi extends AppInfo {
private static final long serialVersionUID = -6314932919066148113L;
@FieldDescribe("指定用于操作的身份,可选参数")
private String identity = null;
......@@ -213,5 +206,5 @@ public class ActionSave extends BaseAction {
public static class Wo extends WoId {
}
}
\ No newline at end of file
}
......@@ -38,9 +38,7 @@ public class ActionDelete extends BaseAction {
throw new Exception("document{id:" + fileInfo.getDocumentId() + "} 文档信息不存在,无法继续删除.");
}
// 如果信息存在,再判断用户是否有操作的权限,如果没权限不允许继续操作
if (!business.fileInfoEditAvailable( effectivePerson)) {
throw new Exception( "fileInfo{name:" + effectivePerson.getDistinguishedName() + "} ,用户没有内容管理应用信息操作的权限!");
}
// 删除文件,并且删除记录及文档的关联信息
StorageMapping mapping = ThisApplication.context().storageMappings().get(FileInfo.class, fileInfo.getStorage());
......
......@@ -39,10 +39,6 @@ public class ActionListAll extends BaseAction {
} else {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
//如判断用户是否有查看所有文件或者附件的权限,如果没权限不允许继续操作
if (!business.fileInfoEditAvailable( effectivePerson )) {
throw new Exception("person{name:" + effectivePerson.getDistinguishedName() + "} 用户没有查询全部文件或者附件的权限!");
}
//如果有权限,继续操作
FileInfoFactory fileInfoFactory = business.getFileInfoFactory();
List<String> ids = fileInfoFactory.listAll();//获取所有文件或者附件列表
......
......@@ -5,6 +5,7 @@ import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.entity.annotation.CheckRemoveType;
import com.x.base.core.project.annotation.AuditLog;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.http.WrapOutId;
......@@ -26,6 +27,9 @@ public class ActionDelete extends BaseAction {
WrapOutId wrap = null;
try ( EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business( emc );
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
// 先判断需要操作的应用信息是否存在,根据ID进行一次查询,如果不存在不允许继续操作
Form form = business.getFormFactory().get( id );
List<String> viewIds = business.getViewFactory().listByFormId(id);
......@@ -34,12 +38,12 @@ public class ActionDelete extends BaseAction {
List<String> viewCategoryIds = null;
List<ViewCategory> viewCategorys = null;
View view = null;
emc.beginTransaction( Form.class );
emc.beginTransaction( View.class );
emc.beginTransaction( ViewFieldConfig.class );
emc.beginTransaction( ViewCategory.class );
if( viewIds != null && !viewIds.isEmpty() ){
for( String viewId : viewIds ){
view = business.getViewFactory().get( viewId );
......@@ -70,14 +74,14 @@ public class ActionDelete extends BaseAction {
emc.remove( form, CheckRemoveType.all );
emc.commit();
logService.log( emc, effectivePerson.getDistinguishedName(), form.getName(), form.getAppId(), "", "", form.getId(), "FORM", "删除");
}
}
wrap = new WrapOutId( form.getId() );
CacheManager.notify( Form.class );
CacheManager.notify( View.class );
CacheManager.notify( ViewFieldConfig.class );
CacheManager.notify( ViewCategory.class );
result.setData(wrap);
} catch (Throwable th) {
th.printStackTrace();
......@@ -85,8 +89,8 @@ public class ActionDelete extends BaseAction {
}
return result;
}
public static class Wo extends WoId {
}
}
\ No newline at end of file
}
......@@ -47,7 +47,7 @@ public class ActionSave extends BaseAction {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
if (!business.formEditAvailable( effectivePerson)) {
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
Form form = emc.find(wi.getId(), Form.class);
......
......@@ -3,6 +3,8 @@ package com.x.cms.assemble.control.jaxrs.templateform;
import java.util.Arrays;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.cms.assemble.control.Business;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.JsonElement;
......@@ -23,6 +25,10 @@ class ActionCreate extends BaseAction {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
ActionResult<Wo> result = new ActionResult<>();
Business business = new Business(emc);
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
if (!StringTools.isSimply(wi.getCategory())) {
throw new ExceptionInvalidCategory(wi.getCategory());
}
......
......@@ -4,6 +4,7 @@ import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.entity.annotation.CheckRemoveType;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.jaxrs.WoId;
......@@ -16,9 +17,8 @@ class ActionDelete extends BaseAction {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
/** 检查管理员和CMS管理员删除的权限 */
if (effectivePerson.isNotManager() && (!business.organization().person().hasRole(effectivePerson,
OrganizationDefinition.CMSManager))) {
throw new ExceptionInsufficientPermission(effectivePerson.getDistinguishedName());
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
ActionResult<Wo> result = new ActionResult<>();
TemplateForm template = emc.find(id, TemplateForm.class);
......
......@@ -8,6 +8,7 @@ import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.entity.annotation.CheckRemoveType;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.jaxrs.WoId;
......@@ -17,7 +18,7 @@ import com.x.cms.core.entity.element.ViewCategory;
import com.x.cms.core.entity.element.ViewFieldConfig;
public class ActionDelete extends BaseAction {
protected ActionResult<Wo> execute( HttpServletRequest request, EffectivePerson effectivePerson, String id ) throws Exception {
ActionResult<Wo> result = new ActionResult<>();
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
......@@ -30,16 +31,16 @@ public class ActionDelete extends BaseAction {
//查询视图关联的所有分类关联配置
List<String> viewCategoryIds = business.getViewCategoryFactory().listByViewId(id);
List<ViewCategory> viewCategorys = emc.list( ViewCategory.class, viewCategoryIds );
//如果信息存在,再判断用户是否有操作的权限,如果没权限不允许继续操作
if (!business.viewEditAvailable( effectivePerson )) {
throw new Exception("view{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理应用信息操作的权限!");
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
//进行数据库持久化操作
emc.beginTransaction( View.class );
emc.beginTransaction( ViewFieldConfig.class );
emc.beginTransaction( ViewCategory.class );
//删除所有的viewFieldConfig
if( fieldConfigs != null && fieldConfigs.size() > 0 ){
for( ViewFieldConfig viewFieldConfig : fieldConfigs ){
......@@ -55,11 +56,11 @@ public class ActionDelete extends BaseAction {
emc.remove( view, CheckRemoveType.all );
}
emc.commit();
if( view != null ){
logService.log( emc, effectivePerson.getDistinguishedName(), view.getName(), view.getAppId(), "", "", view.getId(), "VIEW", "删除" );
}
Wo wo = new Wo();
wo.setId( view.getId() );
result.setData( wo );
......@@ -73,8 +74,8 @@ public class ActionDelete extends BaseAction {
}
return result;
}
public static class Wo extends WoId {
}
}
\ No newline at end of file
}
......@@ -5,7 +5,11 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.cms.assemble.control.Business;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.JsonElement;
......@@ -30,6 +34,12 @@ public class ActionSave extends BaseAction {
protected ActionResult<Wo> execute(HttpServletRequest request, EffectivePerson effectivePerson,
JsonElement jsonElement) throws Exception {
ActionResult<Wo> result = new ActionResult<>();
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
if (!business.isManager( effectivePerson)) {
throw new ExceptionAccessDenied(effectivePerson);
}
}
Wi wi = null;
View view = null;
Boolean check = true;
......
......@@ -6,6 +6,7 @@ import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.entity.annotation.CheckRemoveType;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.jaxrs.WoId;
......@@ -14,28 +15,23 @@ import com.x.cms.core.entity.element.View;
import com.x.cms.core.entity.element.ViewCategory;
public class ActionDelete extends BaseAction {
protected ActionResult<Wo> execute( HttpServletRequest request, EffectivePerson effectivePerson, String id ) throws Exception {
ActionResult<Wo> result = new ActionResult<>();
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
//先判断需要操作的应用信息是否存在,根据ID进行一次查询,如果不存在不允许继续操作
ViewCategory viewCategory = business.getViewCategoryFactory().get(id);
if (null == viewCategory) {
throw new Exception("view{id:" + id + "} 应用信息不存在.");
}
//如果信息存在,再判断用户是否有操作的权限,如果没权限不允许继续操作
if (!business.viewEditAvailable( effectivePerson )) {
throw new Exception("view{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理应用信息操作的权限!");
}
//进行数据库持久化操作
emc.beginTransaction( ViewCategory.class );
emc.remove( viewCategory, CheckRemoveType.all );
emc.commit();
Wo wo = new Wo();
wo.setId( viewCategory.getId() );
result.setData(wo);
......@@ -48,8 +44,8 @@ public class ActionDelete extends BaseAction {
}
return result;
}
public static class Wo extends WoId {
}
}
\ No newline at end of file
}
......@@ -6,6 +6,7 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.JsonElement;
......@@ -55,10 +56,6 @@ public class ActionSave extends BaseAction {
if(check ){
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
//看看用户是否有权限进行应用信息新增操作
if (!business.viewEditAvailable( effectivePerson )) {
throw new Exception("person{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理视图分类关联信息信息操作的权限!");
}
viewCategory = business.getViewCategoryFactory().getByViewAndCategory( wrapIn.getViewId(), wrapIn.getCategoryId() );
if( viewCategory == null ){
viewCategory = Wi.copier.copy( wrapIn );
......
......@@ -8,6 +8,7 @@ import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.entity.annotation.CheckRemoveType;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.jaxrs.WoId;
......@@ -34,11 +35,6 @@ public class ActionDelete extends BaseAction {
if (null == viewFieldConfig) {
logger.warn("viewFieldConfig{id:" + id + "} 应用信息不存在.");
}
// 如果信息存在,再判断用户是否有操作的权限,如果没权限不允许继续操作
if (!business.viewEditAvailable(effectivePerson)) {
throw new Exception(
"viewFieldConfig{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理应用信息操作的权限!");
}
// 查询视图信息
View view = business.getViewFactory().get(viewFieldConfig.getViewId());
if (view == null) {
......@@ -86,4 +82,4 @@ public class ActionDelete extends BaseAction {
}
}
\ No newline at end of file
}
......@@ -6,6 +6,7 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import com.x.base.core.project.cache.CacheManager;
import com.x.base.core.project.exception.ExceptionAccessDenied;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.JsonElement;
......@@ -57,24 +58,6 @@ public class ActionSave extends BaseAction {
}
}
if( check ){
//先看看视图信息是否存在,如果不存在
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
//看看用户是否有权限进行应用信息新增操作
if (!business.viewEditAvailable( effectivePerson )) {
check = false;
Exception exception = new ExceptionNoPermission( effectivePerson.getDistinguishedName() );
result.error( exception );
}
} catch (Exception e) {
check = false;
Exception exception = new ExceptionViewQueryByIdEmpty( e, wi.getViewId() );
result.error( exception );
logger.error( e, effectivePerson, request, null);
}
}
if( check ){
//先看看视图信息是否存在,如果不存在
try ( EntityManagerContainer emc = EntityManagerContainerFactory.instance().create() ) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment