Merge branch 'hotfix/内容管理设计权限修改' into 'wrdp'

hotfix/内容管理设计权限修改  合并到master

See merge request o2oa/o2oa!6351

(cherry picked from commit 3e3035a9)

2c56fcef 内容管理员设计权限修改
524b7c77 内容管理设计权限修改2

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/Business.java

@@ -310,21 +310,6 @@ public class Business {
 		return false;
 	}
 
-	/**
-	 * TODO (uncomplete)判断用户是否有权限进行：[文件或者附件管理]的操作
-	 *
-	 * @param person
-	 * @return
-	 * @throws Exception
-	 */
-	public boolean fileInfoEditAvailable( EffectivePerson person) throws Exception {
-		if ( isManager( person)) {
-			return true;
-		}
-		// 其他情况暂时全部不允许操作
-		return false;
-	}
-
 	/**
 	 * TODO (uncomplete)判断用户是否有权限进行：[表单模板管理]操作
 	 *
@@ -337,7 +322,7 @@ public class Business {
 			return true;
 		}
 		// 其他情况暂时全部不允许操作
-		return false;
+		return true;
 	}
 
 	/**
@@ -352,7 +337,7 @@ public class Business {
 			return true;
 		}
 		// 其他情况暂时全部不允许操作
-		return false;
+		return true;
 	}
 
 	public boolean editable( EffectivePerson effectivePerson, AppInfo appInfo ) throws Exception {

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/appinfo/ActionDelete.java

@@ -2,11 +2,13 @@ package com.x.cms.assemble.control.jaxrs.appinfo;
 
 import com.x.base.core.project.annotation.AuditLog;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
 import com.x.base.core.project.jaxrs.WoId;
 import com.x.base.core.project.logger.Logger;
 import com.x.base.core.project.logger.LoggerFactory;
+import com.x.cms.assemble.control.Business;
 import com.x.cms.assemble.control.service.CmsBatchOperationPersistService;
 import com.x.cms.assemble.control.service.CmsBatchOperationProcessService;
 import com.x.cms.assemble.control.service.LogService;
@@ -16,6 +18,10 @@ import org.apache.commons.lang3.StringUtils;
 
 import javax.servlet.http.HttpServletRequest;
 
+/**
+ * 删除栏目信息
+ * @author sword
+ */
 public class ActionDelete extends BaseAction {
 
 	private static  Logger logger = LoggerFactory.getLogger( ActionDelete.class );
@@ -23,32 +29,18 @@ public class ActionDelete extends BaseAction {
 	@AuditLog(operation = "删除栏目信息")
 	protected ActionResult<Wo> execute( HttpServletRequest request, EffectivePerson effectivePerson, String id ) throws Exception {
 		ActionResult<Wo> result = new ActionResult<>();
-		AppInfo appInfo = null;
 		Boolean check = true;
 
-		if( StringUtils.isEmpty( id ) ){
-			check = false;
-			Exception exception = new ExceptionAppInfoIdEmpty();
-			result.error( exception );
+		Business business = new Business(null);
+		if (!business.isManager( effectivePerson)) {
+			throw new ExceptionAccessDenied(effectivePerson);
 		}
 
-		if( check ){
-			try {
-				appInfo = appInfoServiceAdv.get( id );
+		AppInfo appInfo = appInfoServiceAdv.get( id );
 		if( appInfo == null ){
-					check = false;
-					Exception exception = new ExceptionAppInfoNotExists( id );
-					result.error( exception );
-				}
-			} catch (Exception e) {
-				check = false;
-				Exception exception = new ExceptionAppInfoProcess( e, "根据指定ID查询应用栏目信息对象时发生异常。ID:" + id );
-				result.error( exception );
-				logger.error( e, effectivePerson, request, null);
-			}
+			throw new ExceptionAppInfoNotExists( id );
 		}
 
-		if( check ){
 		Long count = 0L;
 		try {
 			count = appInfoServiceAdv.countCategoryByAppId( id, "全部" );
@@ -63,7 +55,6 @@ public class ActionDelete extends BaseAction {
 			result.error( exception );
 			logger.error( e, effectivePerson, request, null);
 		}
-		}
 		if( check ){
 			try {
 				// 删除栏目信息

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/appinfo/ActionSave.java

@@ -6,12 +6,15 @@ import com.x.base.core.project.annotation.FieldDescribe;
 import com.x.base.core.project.bean.WrapCopier;
 import com.x.base.core.project.bean.WrapCopierFactory;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.config.Token;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
 import com.x.base.core.project.jaxrs.WoId;
 import com.x.base.core.project.logger.Logger;
 import com.x.base.core.project.logger.LoggerFactory;
 import com.x.base.core.project.tools.ListTools;
+import com.x.cms.assemble.control.Business;
 import com.x.cms.assemble.control.service.CmsBatchOperationPersistService;
 import com.x.cms.assemble.control.service.CmsBatchOperationProcessService;
 import com.x.cms.assemble.control.service.LogService;
@@ -26,7 +29,6 @@ public class ActionSave extends BaseAction {
 
 	private static  Logger logger = LoggerFactory.getLogger(ActionSave.class);
 
-	@AuditLog(operation = "保存栏目信息")
 	protected ActionResult<Wo> execute(HttpServletRequest request, EffectivePerson effectivePerson, JsonElement jsonElement ) throws Exception {
 		ActionResult<Wo> result = new ActionResult<>();
 		AppInfo old_appInfo = null;
@@ -35,28 +37,20 @@ public class ActionSave extends BaseAction {
 		String identityName = null;
 		String unitName = null;
 		String topUnitName = null;
-		Wi wi = null;
 		Boolean check = true;
 
-		try {
-			wi = this.convertToWrapIn( jsonElement, Wi.class );
-			identityName = wi.getIdentity();
-		} catch (Exception e) {
-			check = false;
-			Exception exception = new ExceptionAppInfoProcess(e, "系统在将JSON信息转换为对象时发生异常。JSON:" + jsonElement.toString());
-			result.error(exception);
-			logger.error(e, effectivePerson, request, null);
+		Business business = new Business(null);
+		if (!business.isManager( effectivePerson)) {
+			throw new ExceptionAccessDenied(effectivePerson);
 		}
 
-		if (check) {
+		Wi wi = this.convertToWrapIn( jsonElement, Wi.class );
+		identityName = wi.getIdentity();
+
 		if ( StringUtils.isEmpty( wi.getAppName() ) ) {
-				check = false;
-				Exception exception = new ExceptionAppInfoNameEmpty();
-				result.error(exception);
-			}
+			throw new ExceptionAppInfoNameEmpty();
 		}
 
-		if (check) {//栏目不允许重名
 		try {
 			ids = appInfoServiceAdv.listByAppName( wi.getAppName());
 			if ( ListTools.isNotEmpty( ids ) ) {
@@ -74,10 +68,9 @@ public class ActionSave extends BaseAction {
 			result.error(exception);
 			logger.error(e, effectivePerson, request, null);
 		}
-		}
 
 		if (check) {
-			if ( !"xadmin".equalsIgnoreCase( effectivePerson.getDistinguishedName()) ) {
+			if ( !Token.defaultInitialManager.equalsIgnoreCase( effectivePerson.getDistinguishedName()) ) {
 				try {
 					identityName = userManagerService.getPersonIdentity( effectivePerson.getDistinguishedName(), identityName );
 				} catch (Exception e) {
@@ -87,13 +80,13 @@ public class ActionSave extends BaseAction {
 					logger.error(e, effectivePerson, request, null);
 				}
 			}else {
-				identityName = "xadmin";
-				unitName = "xadmin";
-				topUnitName = "xadmin";
+				identityName = Token.defaultInitialManager;
+				unitName = Token.defaultInitialManager;
+				topUnitName = Token.defaultInitialManager;
 			}
 		}
 
-		if (check && !"xadmin".equals(identityName)) {
+		if (check && !Token.defaultInitialManager.equals(identityName)) {
 			try {
 				unitName = userManagerService.getUnitNameByIdentity( identityName );
 			} catch (Exception e) {
@@ -103,7 +96,7 @@ public class ActionSave extends BaseAction {
 				logger.error(e, effectivePerson, request, null);
 			}
 		}
-		if (check && !"xadmin".equals(identityName)) {
+		if (check && !Token.defaultInitialManager.equals(identityName)) {
 			try {
 				topUnitName = userManagerService.getTopUnitNameByIdentity( identityName );
 			} catch (Exception e) {

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/fileinfo/ActionDelete.java

@@ -38,9 +38,7 @@ public class ActionDelete extends BaseAction {
 				throw new Exception("document{id:" + fileInfo.getDocumentId() + "} 文档信息不存在，无法继续删除.");
 			}
 			// 如果信息存在，再判断用户是否有操作的权限，如果没权限不允许继续操作
-			if (!business.fileInfoEditAvailable( effectivePerson)) {
-				throw new Exception( "fileInfo{name:" + effectivePerson.getDistinguishedName() + "} ，用户没有内容管理应用信息操作的权限！");
-			}
+
 			// 删除文件，并且删除记录及文档的关联信息
 			StorageMapping mapping = ThisApplication.context().storageMappings().get(FileInfo.class, fileInfo.getStorage());
 

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/fileinfo/ActionListAll.java

@@ -39,10 +39,6 @@ public class ActionListAll extends BaseAction {
 		} else {
 			try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 				Business business = new Business(emc);
-				//如判断用户是否有查看所有文件或者附件的权限，如果没权限不允许继续操作
-				if (!business.fileInfoEditAvailable( effectivePerson )) {
-					throw new Exception("person{name:" + effectivePerson.getDistinguishedName() + "} 用户没有查询全部文件或者附件的权限！");
-				}
 				//如果有权限，继续操作
 				FileInfoFactory fileInfoFactory  = business.getFileInfoFactory();
 				List<String> ids = fileInfoFactory.listAll();//获取所有文件或者附件列表

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/form/ActionDelete.java

@@ -5,6 +5,7 @@ import com.x.base.core.container.factory.EntityManagerContainerFactory;
 import com.x.base.core.entity.annotation.CheckRemoveType;
 import com.x.base.core.project.annotation.AuditLog;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
 import com.x.base.core.project.http.WrapOutId;
@@ -26,6 +27,9 @@ public class ActionDelete extends BaseAction {
 		WrapOutId wrap = null;
 		try ( EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business( emc );
+			if (!business.isManager( effectivePerson)) {
+				throw new ExceptionAccessDenied(effectivePerson);
+			}
 			// 先判断需要操作的应用信息是否存在，根据ID进行一次查询，如果不存在不允许继续操作
 			Form form = business.getFormFactory().get( id );
 			List<String> viewIds = business.getViewFactory().listByFormId(id);

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/form/ActionSave.java

@@ -47,7 +47,7 @@ public class ActionSave extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 
-			if (!business.formEditAvailable( effectivePerson)) {
+			if (!business.isManager( effectivePerson)) {
 				throw new ExceptionAccessDenied(effectivePerson);
 			}
 			Form form = emc.find(wi.getId(), Form.class);

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/templateform/ActionCreate.java

@@ -3,6 +3,8 @@ package com.x.cms.assemble.control.jaxrs.templateform;
 import java.util.Arrays;
 
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
+import com.x.cms.assemble.control.Business;
 import org.apache.commons.lang3.StringUtils;
 
 import com.google.gson.JsonElement;
@@ -23,6 +25,10 @@ class ActionCreate extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 			ActionResult<Wo> result = new ActionResult<>();
+			Business business = new Business(emc);
+			if (!business.isManager( effectivePerson)) {
+				throw new ExceptionAccessDenied(effectivePerson);
+			}
 			if (!StringTools.isSimply(wi.getCategory())) {
 				throw new ExceptionInvalidCategory(wi.getCategory());
 			}

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/templateform/ActionDelete.java

@@ -4,6 +4,7 @@ import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
 import com.x.base.core.entity.annotation.CheckRemoveType;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
 import com.x.base.core.project.jaxrs.WoId;
@@ -16,9 +17,8 @@ class ActionDelete extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 			/** 检查管理员和CMS管理员删除的权限 */
-			if (effectivePerson.isNotManager() && (!business.organization().person().hasRole(effectivePerson,
-					OrganizationDefinition.CMSManager))) {
-				throw new ExceptionInsufficientPermission(effectivePerson.getDistinguishedName());
+			if (!business.isManager( effectivePerson)) {
+				throw new ExceptionAccessDenied(effectivePerson);
 			}
 			ActionResult<Wo> result = new ActionResult<>();
 			TemplateForm template = emc.find(id, TemplateForm.class);

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/view/ActionDelete.java

@@ -8,6 +8,7 @@ import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
 import com.x.base.core.entity.annotation.CheckRemoveType;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
 import com.x.base.core.project.jaxrs.WoId;
@@ -32,8 +33,8 @@ public class ActionDelete extends BaseAction {
 			List<ViewCategory> viewCategorys = emc.list( ViewCategory.class, viewCategoryIds );
 
 			//如果信息存在，再判断用户是否有操作的权限，如果没权限不允许继续操作
-			if (!business.viewEditAvailable( effectivePerson )) {
-				throw new Exception("view{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理应用信息操作的权限！");
+			if (!business.isManager( effectivePerson)) {
+				throw new ExceptionAccessDenied(effectivePerson);
 			}
 			//进行数据库持久化操作
 			emc.beginTransaction( View.class );

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/view/ActionSave.java

@@ -5,7 +5,11 @@ import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
 
+import com.x.base.core.container.EntityManagerContainer;
+import com.x.base.core.container.factory.EntityManagerContainerFactory;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
+import com.x.cms.assemble.control.Business;
 import org.apache.commons.lang3.StringUtils;
 
 import com.google.gson.JsonElement;
@@ -30,6 +34,12 @@ public class ActionSave extends BaseAction {
 	protected ActionResult<Wo> execute(HttpServletRequest request, EffectivePerson effectivePerson,
 			JsonElement jsonElement) throws Exception {
 		ActionResult<Wo> result = new ActionResult<>();
+		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
+			Business business = new Business(emc);
+			if (!business.isManager( effectivePerson)) {
+				throw new ExceptionAccessDenied(effectivePerson);
+			}
+		}
 		Wi wi = null;
 		View view = null;
 		Boolean check = true;

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/viewcategory/ActionDelete.java

@@ -6,6 +6,7 @@ import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
 import com.x.base.core.entity.annotation.CheckRemoveType;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
 import com.x.base.core.project.jaxrs.WoId;
@@ -26,11 +27,6 @@ public class ActionDelete extends BaseAction {
 				throw new Exception("view{id:" + id + "} 应用信息不存在.");
 			}
 
-			//如果信息存在，再判断用户是否有操作的权限，如果没权限不允许继续操作
-			if (!business.viewEditAvailable( effectivePerson )) {
-				throw new Exception("view{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理应用信息操作的权限！");
-			}
-			
 			//进行数据库持久化操作
 			emc.beginTransaction( ViewCategory.class );
 			emc.remove( viewCategory, CheckRemoveType.all );

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/viewcategory/ActionSave.java

@@ -6,6 +6,7 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import org.apache.commons.lang3.StringUtils;
 
 import com.google.gson.JsonElement;
@@ -55,10 +56,6 @@ public class ActionSave extends BaseAction {
 		if(check ){
 			try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 				Business business = new Business(emc);
-				//看看用户是否有权限进行应用信息新增操作
-				if (!business.viewEditAvailable( effectivePerson )) {
-					throw new Exception("person{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理视图分类关联信息信息操作的权限！");
-				}
 				viewCategory = business.getViewCategoryFactory().getByViewAndCategory( wrapIn.getViewId(), wrapIn.getCategoryId() );
 				if( viewCategory == null ){
 					viewCategory = Wi.copier.copy( wrapIn );

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/viewfieldconfig/ActionDelete.java

@@ -8,6 +8,7 @@ import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
 import com.x.base.core.entity.annotation.CheckRemoveType;
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
 import com.x.base.core.project.jaxrs.WoId;
@@ -34,11 +35,6 @@ public class ActionDelete extends BaseAction {
 			if (null == viewFieldConfig) {
 				logger.warn("viewFieldConfig{id:" + id + "} 应用信息不存在.");
 			}
-			// 如果信息存在，再判断用户是否有操作的权限，如果没权限不允许继续操作
-			if (!business.viewEditAvailable(effectivePerson)) {
-				throw new Exception(
-						"viewFieldConfig{name:" + effectivePerson.getDistinguishedName() + "} 用户没有内容管理应用信息操作的权限！");
-			}
 			// 查询视图信息
 			View view = business.getViewFactory().get(viewFieldConfig.getViewId());
 			if (view == null) {

o2server/x_cms_assemble_control/src/main/java/com/x/cms/assemble/control/jaxrs/viewfieldconfig/ActionSave.java

@@ -6,6 +6,7 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 
 import com.x.base.core.project.cache.CacheManager;
+import com.x.base.core.project.exception.ExceptionAccessDenied;
 import org.apache.commons.lang3.StringUtils;
 
 import com.google.gson.JsonElement;
@@ -57,24 +58,6 @@ public class ActionSave extends BaseAction {
 			}
 		}
 
-		if( check ){
-			//先看看视图信息是否存在，如果不存在
-			try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
-				Business business = new Business(emc);
-				//看看用户是否有权限进行应用信息新增操作
-				if (!business.viewEditAvailable( effectivePerson )) {
-					check = false;
-					Exception exception = new ExceptionNoPermission( effectivePerson.getDistinguishedName() );
-					result.error( exception );
-				}
-			} catch (Exception e) {
-				check = false;
-				Exception exception = new ExceptionViewQueryByIdEmpty( e, wi.getViewId() );
-				result.error( exception );
-				logger.error( e, effectivePerson, request, null);
-			}
-		}
-
 		if( check ){
 			//先看看视图信息是否存在，如果不存在
 			try ( EntityManagerContainer emc = EntityManagerContainerFactory.instance().create() ) {