jeecg3.6.2按钮权限问题,高版本的可能也有此问题
本帖最后由 yan888nn 于 2016-11-3 09:22 编辑出错文件地址在/src/org/jeecgframework/tag/core/easyui/DataGridTag.java中第1268行开始到1327行结束,这两个方法存在问题;一个是getNoAuthOperButton();一个是installOperationCode(DataGridUrl dataGridUrl,String operationCode,List optList);
修改方法如下:
原来的方法为:
public String getNoAuthOperButton(){
StringBuffer sb = new StringBuffer();
if(ResourceUtil.getSessionUserName().getUserName().equals("admin")|| !Globals.BUTTON_AUTHORITY_CHECK){
}else{
Set<String> operationCodes = (Set<String>) super.pageContext.getRequest().getAttribute(Globals.OPERATIONCODES);
if (null!=operationCodes) {
for (String MyoperationCode : operationCodes) {
if (oConvertUtils.isEmpty(MyoperationCode))
break;
systemService = ApplicationContextUtil.getContext().getBean(
SystemService.class);
TSOperation operation = systemService.getEntity(TSOperation.class, MyoperationCode);
if (operation.getOperationcode().startsWith(".") || operation.getOperationcode().startsWith("#")){
if (operation.getOperationType().intValue()==Globals.OPERATION_TYPE_HIDE){
//out.append("$(\""+name+"\").find(\"#"+operation.getOperationcode().replaceAll(" ", "")+"\").hide();");
sb.append("$(\""+operation.getOperationcode().replaceAll(" ", "")+"\").hide();");
}else {
//out.append("$(\""+name+"\").find(\"#"+operation.getOperationcode().replaceAll(" ", "")+"\").find(\":input\").attr(\"disabled\",\"disabled\");");
sb.append("$(\""+operation.getOperationcode().replaceAll(" ", "")+"\").attr(\"disabled\",\"disabled\");");
sb.append("$(\""+operation.getOperationcode().replaceAll(" ", "")+"\").find(\":input\").attr(\"disabled\",\"disabled\");");
}
}
}
}
}
//org.jeecgframework.core.util.LogUtil.info("----getNoAuthOperButton-------"+sb.toString());
return sb.toString();
}
/**
* 描述:组装菜单按钮操作权限
* dateGridUrl:url
* operationCode:操作码
* optList: 操作列表
* @version 1.0
*/
private void installOperationCode(DataGridUrl dataGridUrl,String operationCode,List optList){
if(ResourceUtil.getSessionUserName().getUserName().equals("admin")|| !Globals.BUTTON_AUTHORITY_CHECK){
optList.add(dataGridUrl);
}else if(!oConvertUtils.isEmpty(operationCode)){
Set<String> operationCodes = (Set<String>) super.pageContext.getRequest().getAttribute(Globals.OPERATIONCODES);
if (null!=operationCodes) {
List<String> operationCodesStr = new ArrayList<String>();
for (String MyoperationCode : operationCodes) {
if (oConvertUtils.isEmpty(MyoperationCode))
break;
systemService = ApplicationContextUtil.getContext().getBean(
SystemService.class);
TSOperation operation = systemService.getEntity(TSOperation.class, MyoperationCode);
operationCodesStr.add(operation.getOperationcode());
}
if (!operationCodesStr.contains(operationCode)){
optList.add(dataGridUrl);
}
}
}else {
optList.add(dataGridUrl);
}
}
修改后的方法为:
/**
* wxf重写获取没有权限的按钮方法
* @return
*/
public String getNoAuthOperButton(){
StringBuffer sb = new StringBuffer();
if(ResourceUtil.getSessionUserName().getUserName().equals("admin")|| !Globals.BUTTON_AUTHORITY_CHECK){
}else{
List<TSOperation> operationCodes = (List<TSOperation>) super.pageContext.getRequest().getAttribute(Globals.NOAUTO_OPERATIONCODES);
if (null!=operationCodes) {
for (TSOperation tsOperation : operationCodes) {
if (oConvertUtils.isEmpty(tsOperation.getOperationcode()))
break;
systemService = ApplicationContextUtil.getContext().getBean(SystemService.class);
if (tsOperation.getOperationcode().startsWith(".") || tsOperation.getOperationcode().startsWith("#")){
if (tsOperation.getOperationType().intValue()==Globals.OPERATION_TYPE_HIDE){
sb.append("$(\""+tsOperation.getOperationcode().replaceAll(" ", "")+"\").hide();");
}else {
sb.append("$(\""+tsOperation.getOperationcode().replaceAll(" ", "")+"\").attr(\"disabled\",\"disabled\");");
sb.append("$(\""+tsOperation.getOperationcode().replaceAll(" ", "")+"\").find(\":input\").attr(\"disabled\",\"disabled\");");
}
}
}
}
}
//org.jeecgframework.core.util.LogUtil.info("----getNoAuthOperButton-------"+sb.toString());
return sb.toString();
}
/**
* 描述:组装菜单按钮操作权限
* dateGridUrl:url
* operationCode:操作码
* optList: 操作列表
* wxf修改
* @version 1.0
*/
private void installOperationCode(DataGridUrl dataGridUrl,String operationCode,List optList){
if(ResourceUtil.getSessionUserName().getUserName().equals("admin")|| !Globals.BUTTON_AUTHORITY_CHECK){
optList.add(dataGridUrl);
}else if(!oConvertUtils.isEmpty(operationCode)){
Set<String> operationCodes = (Set<String>) super.pageContext.getRequest().getAttribute(Globals.OPERATIONCODES);
if (null!=operationCodes) {
List<String> operationCodesStr = new ArrayList<String>();
for (String MyoperationCode : operationCodes) {
if (oConvertUtils.isEmpty(MyoperationCode))
break;
systemService = ApplicationContextUtil.getContext().getBean(
SystemService.class);
TSOperation operation = systemService.getEntity(TSOperation.class, MyoperationCode);
operationCodesStr.add(operation.getOperationcode());
}
// if (!operationCodesStr.contains(operationCode)){
// optList.add(dataGridUrl);
// }
if (operationCodesStr.contains(operationCode)){
optList.add(dataGridUrl);
}
}
}else {
optList.add(dataGridUrl);
}
}
大家记得在List页面的按钮上加operationCode啊,还有菜单权限按钮配置的地方也要加操作码(带#),例如operationCode="#add",记得加#,因为源码中判断是不是有#号了,之前的好像没有,不过暂时就这样处理吧
ok了:lol;
请细看文档规则,系统设计应该米问题 admin 发表于 2016-11-3 10:08 static/image/common/back.gif
请细看文档规则,系统设计应该米问题
1.这个确实是这样的,我用的是3.6.2版本的,非maven版本(注:maven版本的也试过);
2.我改成这样就没问题了;
3.我大约从jeecg3.4开始用,以前版本的按钮权限没有问题,而且我也比对了这个地方的代码;
4.而且这两个方法中的一个的名字是getNoAuthOperButton(),意思应该是获取没有权限的按钮,然后将其隐藏,但是方法体中这个代码很明显不对--Globals.OPERATIONCODES;应该是这个--Globals.NOAUTO_OPERATIONCODES;
5.第二个方法中也有问题,判断的时候应该是 if (operationCodesStr.contains(operationCode)){
optList.add(dataGridUrl);
} 数据规则权限控制里面的系统环境变量上哪里查询? yd123ww 发表于 2016-11-6 18:32 static/image/common/back.gif
数据规则权限控制里面的系统环境变量上哪里查询?
数据规则没用过,都是换页面,因为我做的角色也不是很多
页:
[1]