Merge branch 'auth'

# Conflicts:
#	boman-api/boman-api-system/src/main/java/com/boman/system/api/domain/SysMenu.java
#	boman-api/boman-domain/src/main/java/com.boman.domain/RoleEnum.java
#	boman-common/boman-common-core/src/main/java/com/boman/common/core/utils/array/ArrayUtils.java
#	boman-modules/boman-system/src/main/java/com/boman/system/controller/SysMenuController.java
#	boman-modules/boman-system/src/main/java/com/boman/system/controller/SysRoleMenuController.java
#	boman-modules/boman-system/src/main/java/com/boman/system/service/ISysMenuService.java
#	boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysMenuServiceImpl.java
#	boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysRoleMenuServiceImpl.java
#	boman-web-core/src/main/java/com/boman/web/core/service/TableServiceCmdService.java

boman-api/boman-api-system/src/main/java/com/boman/system/api/RemoteDeptService.java

@@ -25,7 +25,7 @@ public interface RemoteDeptService {
     SysDept getById(@PathVariable("id") Long id);
 
     /**
-     * 功能描述: 拿到部门下所有的部门
+     * 功能描述: 拿到部门下所有的部门, 包含传过来的deptId
      *
      * @param deptId deptId
      * @return com.boman.common.core.web.domain.AjaxResult

boman-api/boman-api-system/src/main/java/com/boman/system/api/RemoteRoleDataService.java

@@ -3,6 +3,8 @@ package com.boman.system.api;
 import com.boman.common.core.constant.ServiceNameConstants;
 import com.boman.domain.SysRoleData;
 import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
@@ -16,12 +18,22 @@ import java.util.List;
 public interface RemoteRoleDataService {
 
     /**
-     * 功能描述: 根据userId查找此人的所有菜单
+     * 功能描述: 根据userId查找此人的所有roleData
      *
      * @param idList idList
      * @return java.util.List<com.boman.system.api.domain.SysMenu>
      */
     @PostMapping(value = "/roleData/listByRoleIdList")
     List<SysRoleData> listByRoleIdList(@RequestBody List<Long> idList);
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    @GetMapping(value = "/roleData/list/roleIds/{roleIds}/tableName/{tableName}")
+    List<SysRoleData> listByRoleIdListTableName(@PathVariable("roleIds") String roleIds, @PathVariable("tableName") String tableName);
 }
 

boman-api/boman-api-system/src/main/java/com/boman/system/api/model/LoginUser.java

@@ -1,6 +1,7 @@
 package com.boman.system.api.model;
 
 import java.io.Serializable;
+import java.util.List;
 import java.util.Set;
 
 import com.alibaba.fastjson.JSONObject;
@@ -65,6 +66,16 @@ public class LoginUser implements Serializable
      */
     private JSONObject userEnv;
 
+    /**
+     * 当前人所在部门以及下属部门所有人的userId
+     */
+    private List<Long> subDeptUserIds;
+
+    /**
+     * 当前人所在部门所有人的userId, 不包含子部门
+     */
+    private List<Long> deptUserIds;
+
     public String getToken()
     {
         return token;
@@ -162,4 +173,20 @@ public class LoginUser implements Serializable
     public void setUserEnv(JSONObject userEnv) {
         this.userEnv = userEnv;
     }
+
+    public List<Long> getSubDeptUserIds() {
+        return subDeptUserIds;
+    }
+
+    public void setSubDeptUserIds(List<Long> subDeptUserIds) {
+        this.subDeptUserIds = subDeptUserIds;
+    }
+
+    public List<Long> getDeptUserIds() {
+        return deptUserIds;
+    }
+
+    public void setDeptUserIds(List<Long> deptUserIds) {
+        this.deptUserIds = deptUserIds;
+    }
 }

boman-api/boman-domain/src/main/java/com.boman.domain/GenTable.java

@@ -10,9 +10,23 @@ import java.util.List;
 public class GenTable extends BaseEntity
 {
     private static final long serialVersionUID = 1L;
-
-    /** 查询 */
+    /** {@link com.boman.web.core.utils.AuthUtils#funcType(java.lang.String)}*/
+    /** add */
+    public static final String A = "A";
+    /** modify */
+    public static final String M = "M";
+    /** delete */
+    public static final String D = "D";
+    /** query */
     public static final String Q = "Q";
+    /** submit */
+    public static final String S = "S";
+    /** unsubmit */
+    public static final String U = "U";
+    /** export */
+    public static final String E = "E";
+    /** import */
+    public static final String I = "I";
 
     /** 编号 */
     private Long id;

boman-api/boman-domain/src/main/java/com.boman.domain/RoleEnum.java

@@ -1,8 +1,5 @@
 package com.boman.domain;
 
-import java.util.*;
-import java.util.stream.Collectors;
-
 /**
  * @author tjf
  * @Date: 2021/04/22/15:16
@@ -97,6 +94,45 @@ public enum RoleEnum {
         return result;
     }
 
+    /**
+     * 功能描述: 拿到所有的名称 eg: 新增、修改.....
+     *
+     * @param
+     * @return java.util.List<java.lang.String>
+     */
+    public static List<String> names(){
+        RoleEnum[] values = RoleEnum.values();
+        return Arrays.stream(values).map(RoleEnum::getName).collect(Collectors.toList());
+    }
+
+    /**
+     * 功能描述: 拿到所有的roles, 顺序很重要
+     * eg: A、M.....
+     *
+     * @return java.util.List<java.lang.String>
+     */
+    public static List<String> roles(){
+        RoleEnum[] values = RoleEnum.values();
+        return Arrays.stream(values).map(RoleEnum::getRole).collect(Collectors.toList());
+    }
+
+    /**
+     * 功能描述: 拿到所有的roles eg: A、M.....
+     *
+     * @return java.util.List<java.lang.String>
+     */
+    public static List<Map<String, String>> all() {
+        RoleEnum[] values = RoleEnum.values();
+        List<Map<String, String>> result = new ArrayList<>(values.length);
+        for (RoleEnum value : values) {
+            Map<String, String> map = new HashMap<>(2);
+            map.put("name", value.name);
+            map.put("role", value.role);
+            result.add(map);
+        }
+        return result;
+    }
+
    /**
     * 功能描述: 拿到所有的roles eg: A、M.....
     *

boman-api/boman-domain/src/main/java/com.boman.domain/SysRoleData.java

@@ -18,7 +18,7 @@ public class SysRoleData extends BaseEntity
     public static final String ALL_DATA = "1";
     public static final String DIY_DATA = "2";
     public static final String SELF_DEPT_DATA = "3";
-    public static final String ALL_DEPT_DATA = "4";
+    public static final String SUB_DEPT_DATA = "4";
     public static final String MYSELF_DATA = "5";
 
     /** 角色权限id */

boman-api/boman-domain/src/main/java/com.boman.domain/exception/NoSuchFunctionException.java

@@ -0,0 +1,15 @@
+package com.boman.domain.exception;
+
+/**
+ * @author shiqian
+ * @date 2021年04月21日 15:44
+ **/
+public class NoSuchFunctionException extends RuntimeException{
+
+    public NoSuchFunctionException(){}
+
+    public NoSuchFunctionException(String errorMsg){
+        super(errorMsg);
+    }
+
+}

boman-api/boman-domain/src/main/java/com.boman.domain/exception/UnSuchFunctionException.java

@@ -1,15 +0,0 @@
-package com.boman.domain.exception;
-
-/**
- * @author shiqian
- * @date 2021年04月21日 15:44
- **/
-public class UnSuchFunctionException extends RuntimeException{
-
-    public UnSuchFunctionException(){}
-
-    public UnSuchFunctionException(String errorMsg){
-        super(errorMsg);
-    }
-
-}

boman-common/boman-common-core/src/main/java/com/boman/common/core/utils/array/ArrayUtils.java

@@ -23,6 +23,22 @@ public class ArrayUtils extends org.apache.commons.lang3.ArrayUtils {
         return Arrays.asList(arr).contains(targetValue);
     }
 
+    /**
+     * 按照逗号切割，转成list, 给id用的，因为id都是long
+     *
+     * @param ids ids
+     * @return 是否包含
+     */
+    public static List<Long> split(String ids) {
+        String[] split = ids.split(",");
+        List<Long> result = new ArrayList<>(split.length);
+        for (String idStr : split) {
+            result.add(Long.parseLong(idStr));
+        }
+
+        return result;
+    }
+
     /**
      * 数组是否为空
      *

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysDeptController.java

@@ -69,7 +69,7 @@ public class SysDeptController extends BaseController
     }
 
     /**
-     * 功能描述: 根据deptId查找部门下的所有部门
+     * 功能描述: 拿到部门下所有的部门, 包含传过来的deptId
      *
      * @param deptId deptId
      * @return com.boman.common.core.web.domain.AjaxResult

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysMenuController.java

@@ -112,6 +112,12 @@ public class SysMenuController extends BaseController
     }
 
 
+    /**
+     * 功能描述: 根据菜单id，找到此菜单以及子菜单下所有的叶子节点
+     *
+     * @param menuId menuId
+     * @return com.boman.common.core.web.domain.AjaxResult
+     */
     /**
      * 功能描述: 根据菜单id，找到此菜单以及子菜单下所有的叶子节点
      *

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysRoleDataController.java

@@ -80,6 +80,18 @@ public class SysRoleDataController extends BaseController
         return sysRoleDataService.listByRoleIdList(idList);
     }
 
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    @GetMapping(value = "/list/roleIds/{roleIds}/tableName/{tableName}")
+    public List<SysRoleData> listByRoleIdListTableName(@PathVariable("roleIds") String roleIds, @PathVariable("tableName") String tableName) {
+        return sysRoleDataService.listByRoleIdListTableName(roleIds, tableName);
+    }
+
     /**
      * 新增角色权限数据
      */

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysUserController.java

@@ -5,6 +5,11 @@ import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
 import javax.servlet.http.HttpServletResponse;
+
+import com.boman.common.core.utils.obj.ObjectUtils;
+import com.boman.system.api.domain.SysDept;
+import com.boman.system.service.*;
+import com.google.common.collect.Lists;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -30,10 +35,6 @@ import com.boman.common.security.annotation.PreAuthorize;
 import com.boman.system.api.domain.SysRole;
 import com.boman.system.api.domain.SysUser;
 import com.boman.system.api.model.LoginUser;
-import com.boman.system.service.ISysPermissionService;
-import com.boman.system.service.ISysPostService;
-import com.boman.system.service.ISysRoleService;
-import com.boman.system.service.ISysUserService;
 
 /**
  * 用户信息
@@ -56,6 +57,9 @@ public class SysUserController extends BaseController
     @Autowired
     private ISysPermissionService permissionService;
 
+    @Autowired
+    private ISysDeptService deptService;
+
     /**
      * 获取用户列表
      */
@@ -108,17 +112,41 @@ public class SysUserController extends BaseController
         {
             return R.fail("用户名或密码错误");
         }
+        LoginUser sysUserVo = new LoginUser();
+
         // 角色集合
         Set<String> roles = permissionService.getRolePermission(sysUser.getId());
         // 权限集合
         Set<String> permissions = permissionService.getMenuPermission(sysUser.getId());
-        LoginUser sysUserVo = new LoginUser();
+
+        // 当前人所在部门和下级部门的deptIdList
+        List<SysDept> sysDepts = deptService.listChildrenDepts(sysUser.getDeptId());
+        if (ObjectUtils.isNotEmpty(sysDepts)) {
+            // 所有部门
+            List<Long> childrenDeptIds = ObjectUtils.map(sysDepts, SysDept::getId);
+            List<SysUser> users = userService.listByDeptId(childrenDeptIds);
+            sysUserVo.setDeptUserIds(getUserIds(users));
+
+            // 去除本部门后的所有子部门
+            List<Long> child = ObjectUtils.filter(childrenDeptIds, deptId -> !deptId.equals(sysUser.getDeptId()));
+            List<SysUser> childUsers = userService.listByDeptId(child);
+            sysUserVo.setSubDeptUserIds(getUserIds(childUsers));
+        }
+
         sysUserVo.setSysUser(sysUser);
         sysUserVo.setRoles(roles);
         sysUserVo.setPermissions(permissions);
         return R.ok(sysUserVo);
     }
 
+    private List<Long> getUserIds(List<SysUser> users) {
+        List<Long> userIdList = Lists.newArrayListWithCapacity(0);
+        if (ObjectUtils.isNotEmpty(users)) {
+            userIdList = ObjectUtils.map(users, SysUser::getId);
+        }
+        return userIdList;
+    }
+
     /**
      * 获取用户信息
      * 

boman-modules/boman-system/src/main/java/com/boman/system/mapper/SysRoleDataMapper.java

@@ -67,4 +67,13 @@ public interface SysRoleDataMapper
      * @return 结果
      */
     public int deleteSysRoleDataByIds(Long[] ids);
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIdList  roleIdList
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    List<SysRoleData> listByRoleIdListTableName(@Param("roleIdList") List<Long> roleIdList, @Param("tableName") String tableName);
 }

boman-modules/boman-system/src/main/java/com/boman/system/service/ISysMenuService.java

@@ -183,4 +183,6 @@ public interface ISysMenuService
      * @return java.lang.String
      */
     List<SysMenu>  listTreeByRoleId(Long roleId);
+    Map<String, Object> listMenus(Long menuId);
+
 }

boman-modules/boman-system/src/main/java/com/boman/system/service/ISysRoleDataService.java

@@ -66,4 +66,13 @@ public interface ISysRoleDataService
      * @return 结果
      */
     public int deleteSysRoleDataById(Long id);
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    List<SysRoleData> listByRoleIdListTableName(String roleIds, String tableName);
 }

boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysDeptServiceImpl.java

@@ -306,7 +306,7 @@ public class SysDeptServiceImpl implements ISysDeptService
      */
     private boolean hasChild(List<SysDept> list, SysDept t)
     {
-        return getChildList(list, t).size() > 0 ? true : false;
+        return getChildList(list, t).size() > 0;
     }
 
     /**
@@ -320,7 +320,11 @@ public class SysDeptServiceImpl implements ISysDeptService
         List<SysDept> allDepts = selectDeptList(new SysDept());
         SysDept sysDept = ObjectUtils.filterOne(allDepts, dept -> deptId.equals(dept.getId()));
         List<SysDept> returnData = Lists.newArrayListWithCapacity(16);
-        return recursionChildrenDepts(allDepts, sysDept, returnData);
+        List<SysDept> sysDepts = recursionChildrenDepts(allDepts, sysDept, returnData);
+        SysDept selfDept = new SysDept();
+        selfDept.setId(deptId);
+        sysDepts.add(selfDept);
+        return sysDepts;
     }
 
     private List<SysDept> recursionChildrenDepts(List<SysDept> allDepts, SysDept sysDept, List<SysDept> returnData) {

boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysMenuServiceImpl.java

@@ -1,5 +1,19 @@
 package com.boman.system.service.impl;
 
+import java.util.*;
+import java.util.stream.Collectors;
+
+import com.boman.common.core.web.domain.AjaxResult;
+import com.boman.common.redis.RedisKey;
+import com.boman.common.redis.service.RedisService;
+import com.boman.domain.GenTable;
+import com.boman.domain.RoleEnum;
+import com.boman.domain.constant.GlobalBtn;
+import com.boman.system.api.domain.SysMenu;
+import com.google.common.collect.Lists;
+import com.google.common.collect.Maps;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
 import com.boman.common.core.constant.UserConstants;
 import com.boman.common.core.utils.SecurityUtils;
 import com.boman.common.core.utils.StringUtils;
@@ -35,6 +49,9 @@ import java.util.stream.Collectors;
 
 import static com.boman.common.core.utils.obj.ObjectUtils.*;
 
+import static com.boman.common.core.utils.obj.ObjectUtils.*;
+import static com.boman.domain.constant.FormDataConstant.COLON;
+
 /**
  * 菜单 业务层处理
  *

boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysRoleDataServiceImpl.java

@@ -4,6 +4,7 @@ import java.util.List;
 
 import com.boman.common.core.utils.DateUtils;
 import com.boman.common.core.utils.SecurityUtils;
+import com.boman.common.core.utils.array.ArrayUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import com.boman.system.mapper.SysRoleDataMapper;
@@ -108,4 +109,17 @@ public class SysRoleDataServiceImpl implements ISysRoleDataService
     {
         return sysRoleDataMapper.deleteSysRoleDataById(id);
     }
+
+    /**
+     * 功能描述: 根据roleIds和tableName查找
+     *
+     * @param roleIds   逗号相隔的roleIdS
+     * @param tableName tableName
+     * @return java.util.List<com.boman.domain.SysRoleData>
+     */
+    @Override
+    public List<SysRoleData> listByRoleIdListTableName(String roleIds, String tableName) {
+        List<Long> roleIdList = ArrayUtils.split(roleIds);
+        return sysRoleDataMapper.listByRoleIdListTableName(roleIdList, tableName);
+    }
 }

boman-modules/boman-system/src/main/java/com/boman/system/service/impl/SysRoleMenuServiceImpl.java

@@ -3,6 +3,7 @@ package com.boman.system.service.impl;
 import com.boman.domain.constant.TableNameConst;
 import com.boman.domain.dto.RoleMenuDto;
 import com.boman.system.api.domain.SysMenu;
+import com.boman.domain.constant.TableNameConst;
 import com.boman.system.domain.SysRoleMenu;
 import com.boman.system.mapper.SysRoleMenuMapper;
 import com.boman.system.service.ISysMenuService;

boman-modules/boman-system/src/main/resources/mapper/system/SysRoleDataMapper.xml

@@ -63,6 +63,15 @@
         order by role_sort asc
     </select>
 
+    <select id="listByRoleIdListTableName" resultMap="SysRoleDataResult">
+        <include refid="selectSysRoleDataVo"/>
+        where is_del = 'N' and table_name = #{tableName} and role_id in
+        <foreach collection="roleIdList" open="(" close=")" separator="," item="id">
+            #{id}
+        </foreach>
+        order by role_sort asc
+    </select>
+
     <insert id="insertSysRoleData" parameterType="com.boman.domain.SysRoleData">
         insert into sys_role_data
         <trim prefix="(" suffix=")" suffixOverrides=",">

boman-web-core/src/main/java/com/boman/web/core/domain/RowResult.java

@@ -7,6 +7,9 @@ package com.boman.web.core.domain;
  **/
 public class RowResult {
 
+    public static final Integer FAIL = -1;
+    public static final Integer OK = 0;
+
     private Integer code;
     private String message;
     private Object data;
@@ -22,6 +25,14 @@ public class RowResult {
         return create(0, message);
     }
 
+    public static RowResult ok() {
+        return create(0, "成功");
+    }
+
+    public static RowResult fail() {
+        return create(-1, "失败");
+    }
+
     public static RowResult ok(String message, Object data) {
         return create(0, message, data);
     }

boman-web-core/src/main/java/com/boman/web/core/domain/TableContext.java

@@ -6,63 +6,105 @@ import com.boman.common.redis.RedisKey;
 import com.boman.common.redis.service.RedisService;
 import com.boman.domain.GenTable;
 import com.boman.domain.GenTableColumn;
+import com.boman.system.api.RemoteMenuService;
+import com.boman.system.api.RemoteRoleDataService;
+import com.boman.system.api.domain.SysUser;
+import com.boman.system.api.model.LoginUser;
+import com.boman.web.core.service.TableServiceCmdService;
+import com.boman.web.core.service.common.ICommonService;
+import com.boman.web.core.service.select.IBaseSelectService;
 import com.boman.web.core.utils.IdUtils;
+import org.springframework.stereotype.Component;
 
+import javax.annotation.Resource;
 import java.util.List;
 import java.util.Map;
 
 import static com.boman.common.core.utils.obj.ObjectUtils.ltZero;
 import static com.boman.common.core.utils.obj.ObjectUtils.requireNonNull;
 import static com.boman.domain.constant.MaskConstant.*;
+import static com.boman.web.core.utils.AuthUtils.*;
 import static com.boman.web.core.utils.ColumnUtils.withoutHr;
 
 /**
  * @author shiqian
  * @date 2021年04月13日 11:07
  **/
+@Component
 public class TableContext {
 
+    @Resource
+    private TableServiceCmdService cmdService;
+    @Resource
+    private RemoteMenuService remoteMenuService;
+    @Resource
+    private RemoteRoleDataService remoteRoleDataService;
+    @Resource
+    private ICommonService commonService;
+    @Resource
+    private IBaseSelectService selectService;
+
     private Long id;
     private String pkName;
     private GenTable table;
     private ActionType actionType;
     private String tableName;
+    private String functionName;
     private JSONObject fixedData;
     private JSONObject commitData;
     private List<GenTableColumn> columns;
 
-    public static TableContext createContext(FormDataDto dto) {
-        TableContext context = new TableContext();
-        context.setId(dto.getObjId());
-        String tableName = requireNonNull(dto.getTable(), "tableName is empty");
-        context.setTableName(tableName);
+    public TableContext createContext(FormDataDto dto) {
+        this.actionType = ltZero(dto.getObjId()) ? ActionType.INSERT : ActionType.UPDATE;
+        this.id = dto.getObjId();
 
         RedisService redisService = SpringUtils.getBean(RedisService.class);
+        String tableName = requireNonNull(dto.getTable(), "tableName is empty");
+        this.tableName = tableName;
+
         GenTable table = redisService.getCacheObject(RedisKey.TABLE_INFO + tableName);
-        context.setTable(requireNonNull(table, "redis中没有此表，表名: " + tableName));
+        this.table = requireNonNull(table, "redis中没有此表，表名: " + tableName);
+        this.functionName = table.getFunctionName();
+
+        JSONObject fixedData = requireNonNull(dto.getFixedData(), "fixedData is empty");
+        this.fixedData = fixedData;
 
         List<GenTableColumn> columns = table.getColumns();
-        context.setColumns(columns);
+        this.columns = columns;
+        this.pkName = IdUtils.getPkName(columns);
 
-        String pkName = IdUtils.getPkName(columns);
-        context.setPkName(pkName);
+        // 检查权限
+        checkAuthObjectSave(this);
 
-        JSONObject fixedData = requireNonNull(dto.getFixedData(), "fixedData is empty");
-        context.setFixedData(fixedData);
+        this.commitData = packCommitData(this, columns, fixedData);
+        return this;
 
-        JSONObject commitData = new JSONObject();
-        packCommitData(dto.getObjId(), context, columns, fixedData, commitData);
-        context.setCommitData(commitData);
+    }
 
-        return context;
+    private void checkAuthObjectSave(TableContext context) {
+        GenTable genTable = context.getTable();
+        String tableName = genTable.getTableName();
+        String functionName = genTable.getFunctionName();
 
+        // 当前登陆人对应的menu，看看是否包含保存功能
+        LoginUser loginUser = getLoginUser();
+        if (SysUser.isAdmin(loginUser.getUserid())) {
+            return;
+        }
+
+        if (ActionType.INSERT.equals(context.getActionType())) {
+            containsFunction(genTable.getMenuRole(), GenTable.A, "模块:[" + functionName + "], 没有新增功能");
+            checkPermsAuth(tableName, GenTable.A);
+        } else {
+            containsFunction(genTable.getMenuRole(), GenTable.M, "模块:[" + functionName + "], 没有修改功能");
+            checkPermsAuth(tableName, GenTable.M);
+            checkRoleDataAuth(tableName, context.getPkName(), context.getId());
+        }
     }
 
 
-    private static void packCommitData(Long objId, TableContext context, List<GenTableColumn> columns
-            , JSONObject fixedData, JSONObject commitData) {
-        boolean isInsert = ltZero(objId);
-        context.setActionType(isInsert ? ActionType.INSERT : ActionType.UPDATE);
+    private static JSONObject packCommitData(TableContext context, List<GenTableColumn> columns, JSONObject fixedData) {
+        JSONObject commitData = new JSONObject();
         // 过滤掉hr字段
         columns = withoutHr(columns);
         for (GenTableColumn column : columns) {
@@ -75,7 +117,7 @@ public class TableContext {
             for (Map.Entry<String, Object> entry : fixedData.entrySet()) {
                 if (column.getColumnName().equalsIgnoreCase(entry.getKey())) {
                     // 新增
-                    if (isInsert) {
+                    if (ActionType.INSERT.equals(context.getActionType())) {
                         // 新增可修改, 并且新增可见，把新增的字段单独拿出来
                         if (INSERT_CAN_EDIT.equals(insertCanEdit) && INSERT_VISIBLE.equals(insertVisible)) {
                             commitData.put(entry.getKey(), entry.getValue());
@@ -93,8 +135,9 @@ public class TableContext {
                 }
             }
         }
-    }
 
+        return commitData;
+    }
 
     /**                 get and set                               **/
 
@@ -161,4 +204,12 @@ public class TableContext {
     public void setActionType(ActionType actionType) {
         this.actionType = actionType;
     }
+
+    public String getFunctionName() {
+        return functionName;
+    }
+
+    public void setFunctionName(String functionName) {
+        this.functionName = functionName;
+    }
 }

boman-web-core/src/main/java/com/boman/web/core/mapper/StandardlyMapper.java

@@ -2,6 +2,7 @@ package com.boman.web.core.mapper;
 
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import com.boman.web.core.utils.ColumnUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.ibatis.annotations.*;
 import org.apache.ibatis.annotations.Param;
@@ -168,6 +169,7 @@ public interface StandardlyMapper {
      * @param tableName     tableName
      * @param condition     属性名和属性值
      * @param packCondition 属性名和属性值 条件
+     * @param limitOne      true sql加上limit 1,   false 则不加
      * @return java.util.List<com.alibaba.fastjson.JSONObject>
      */
     @SelectProvider(type = SqlProvider.class, method = "getByMap")
@@ -176,6 +178,7 @@ public interface StandardlyMapper {
             , @Param("packCondition") JSONObject packCondition
             , @Param("limitOne") boolean limitOne);
 
+    @SuppressWarnings("unchecked")
     public static class SqlProvider {
         static final String[] READONLY_COLUMNS = new String[]{"OWNERID", "OWNERNAME", "OWNERENAME", "CREATIONDATE", "ID"};
 
@@ -644,50 +647,38 @@ public interface StandardlyMapper {
          * @param queryType  like > < =
          * @param columnType varchar char textarea timestamp
          * @param key        key
-         * @param value      value
+         * @param valueObj   valueObj
          * @return java.lang.String
          */
-        private String covert(String queryType, String columnType, String key, String value) {
+        private String covert(String queryType, String columnType, String key, Object valueObj) {
             // false 不需要转义
-            boolean needEscape = columnType.contains(VARCHAR) || columnType.contains(CHAR)
-                    || columnType.contains(DATETIME) || columnType.contains(TIMESTAMP);
+            boolean needEscape = columnType.contains(VARCHAR) || columnType.contains(CHAR)|| columnType.contains(DATETIME) || columnType.contains(TIMESTAMP);
+            Object value;
             switch (queryType) {
                 case EQ:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " = " + value;
                 case LIKE:
-                    return " like " + "concat('%', #{condition." + key + "}, '%')";
+                    return " like concat('%', #{condition." + key + "}, '%')";
                 case NE:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " != " + value;
                 case GT:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &gt; " + value;
                 case GTE:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &gt;= " + value;
                 case LT:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &lt; " + value;
                 case LTE:
-                    value = needEscape ? escapeStr(value) : value;
+                    value = needEscape ? escapeStr((String) valueObj) : valueObj;
                     return " &lt;= " + value;
                 default:
-                    String[] split = value.split(",");
-                    String front = split[0].replace("[", "");
-                    String back =  split[1].replace("]", "");
-                    String max, min;
-                    if (front.compareTo(back) > 0) {
-                        max = back;
-                        min = front;
-                    } else {
-                        max = front;
-                        min = back;
-                    }
-
-                    max = needEscape ? escapeStr(max) : max;
-                    min = needEscape ? escapeStr(min) : min;
-                    return " between " + min + " and " + max;
+                    // in
+                    List<Object> list = ((List<Object>) valueObj);
+                    return  " in (" + ColumnUtils.joinList(list) + ")";
             }
         }
     }

boman-web-core/src/main/java/com/boman/web/core/service/TableServiceCmdService.java

@@ -15,6 +15,8 @@ import com.boman.common.redis.service.RedisService;
 import com.boman.domain.GenTable;
 import com.boman.domain.GenTableColumn;
 import com.boman.domain.SysDictData;
+import com.boman.domain.GenTable;
+import com.boman.domain.GenTableColumn;
 import com.boman.domain.constant.*;
 import com.boman.gen.api.RemoteGenTableColumnService;
 import com.boman.gen.api.RemoteGenTableService;
@@ -22,6 +24,14 @@ import com.boman.web.core.domain.ActionType;
 import com.boman.web.core.domain.FormDataDto;
 import com.boman.web.core.domain.RowResult;
 import com.boman.web.core.domain.TableContext;
+import com.boman.system.api.RemoteDeptService;
+import com.boman.system.api.RemoteDictDataService;
+import com.boman.system.api.RemoteRoleDataService;
+import com.boman.system.api.RemoteUserService;
+import com.boman.web.core.domain.ActionType;
+import com.boman.web.core.domain.FormDataDto;
+import com.boman.web.core.domain.RowResult;
+import com.boman.web.core.domain.TableContext;
 import com.boman.web.core.service.delete.IBaseDeleteService;
 import com.boman.web.core.service.save.IBaseSaveService;
 import com.boman.web.core.service.select.IBaseSelectService;
@@ -50,6 +60,7 @@ import static com.boman.common.core.constant.GenConstants.HTML_FILE_UPLOAD;
 import static com.boman.common.core.constant.GenConstants.HTML_IMAGE_UPLOAD;
 import static com.boman.common.core.utils.obj.ObjectUtils.*;
 import static com.boman.domain.constant.FormDataConstant.*;
+import static com.boman.web.core.utils.AuthUtils.*;
 import static com.boman.web.core.utils.ColumnUtils.*;
 import static com.boman.web.core.utils.HandlerFormDataUtils.*;
 import static com.boman.web.core.utils.JSONObjectUtils.containsKeyIgnoreCase;
@@ -77,6 +88,8 @@ public class TableServiceCmdService {
     @Resource
     private RestTemplate restTemplate;
     @Resource
+    private TableContext tableContext;
+    @Resource
     private RemoteGenTableService remoteGenTableService;
     @Resource
     private RemoteGenTableColumnService remoteGenTableColumnService;
@@ -86,7 +99,8 @@ public class TableServiceCmdService {
     public final AjaxResult objectSave(FormDataDto dto) {
         AjaxResult result = AjaxResult.success();
 
-        TableContext context = TableContext.createContext(dto);
+        // 权限校验在此方法中
+        TableContext context = tableContext.createContext(dto);
         // 拿到pkName和maxId
         String pkName = context.getPkName();
         JSONObject commitData = context.getCommitData();
@@ -124,7 +138,7 @@ public class TableServiceCmdService {
 
     private void handlerInputType(JSONObject commitData, List<GenTableColumn> columns) {
         for (Map.Entry<String, Object> entry : commitData.entrySet()) {
-            Object value = entry.getValue();
+            Object value =entry.getValue();
             for (GenTableColumn column : columns) {
                 if (entry.getKey().equals(column.getColumnName())
                         && ArrayUtils.arraysContains(GenConstants.COLUMNTYPE_NUMBER, getDbType(column.getColumnType()))) {
@@ -159,25 +173,34 @@ public class TableServiceCmdService {
      */
     public AjaxResult objectDelete(FormDataDto dto) {
         requireNonNull(dto.getTable(), "tableName = [" + dto.getTable() + "] 此表不存在");
-        Long[] idArr = CollectionUtils.listToArray(dto.getIdList());
-        requireNonNull(idArr);
-        // 拿到pkName
+
         GenTable genTable = getTableFromRedisByTableName(RedisKey.TABLE_INFO, dto.getTable());
         String pkName = IdUtils.getPkName(genTable.getColumns());
 
+        Long[] idArr = CollectionUtils.listToArray(dto.getIdList());
+        requireNonNull(idArr, "删除时，所传idList为空");
+
+        RowResult rowResult;
         List<RowResult> result = Lists.newArrayListWithCapacity(idArr.length);
         for (Long id : idArr) {
-            RowResult rowResult = deleteService.deleteById(dto.getTable(), pkName, id);
+            // 校验权限
+            if (BooleanUtils.isTrue(checkAuthObjectDelete(genTable, id, pkName))) {
+                rowResult = deleteService.deleteById(dto.getTable(), pkName, id);
+                if (rowResult.isOk()) {
+                    LOGGER.info("删除成功, tableName: {}, id: {}, 操作人: {}", tableContext.getTableName(), id, getLoginUser().getUsername());
+                    continue;
+                }
+                LOGGER.info("删除失败, tableName: {}, id: {}, 操作人: {}", tableContext.getTableName(), id, getLoginUser().getUsername());
+            } else {
+                rowResult = RowResult.create(RowResult.FAIL, "无操作权限");
+            }
+
             result.add(rowResult);
-            LOGGER.info(rowResult.getMessage() + ", id: {}", id);
         }
 
-        // RowResult rowResult = deleteService.objectDelete(idArr, dto.getTable(), requireNonNull(pkName, "主键名称为空"));
-
         return AjaxResult.success(result);
     }
 
-
     /**
      * 功能描述: 通用删除接口 (真的删除)
      *
@@ -196,10 +219,22 @@ public class TableServiceCmdService {
         List<RowResult> result = Lists.newArrayListWithCapacity(idArr.length);
         JSONObject jsonObject = new JSONObject();
         jsonObject.put(dto.getLogicDelName(), dto.getLogicDelValue());
+
+        RowResult rowResult;
         for (Long id : idArr) {
-            RowResult rowResult = deleteService.objectLogicDelete(new Long[]{id}, dto.getTable(), pkName, jsonObject);
+            // 校验权限
+            if (BooleanUtils.isTrue(checkAuthObjectDelete(genTable, id, pkName))) {
+                rowResult = deleteService.objectLogicDelete(new Long[]{id}, dto.getTable(), pkName, jsonObject);
+                if (rowResult.isOk()) {
+                    LOGGER.info("逻辑删除成功, tableName: {}, id: {}, 操作人: {}", tableContext.getTableName(), id, getLoginUser().getUsername());
+                    continue;
+                }
+                LOGGER.info("逻辑删除失败, tableName: {}, id: {}, 操作人: {}", tableContext.getTableName(), id, getLoginUser().getUsername());
+            } else {
+                rowResult = RowResult.create(RowResult.FAIL, "无操作权限");
+            }
+
             result.add(rowResult);
-            LOGGER.info(rowResult.getMessage() + ", id: {}", id);
         }
 
         return AjaxResult.success(result);
@@ -220,10 +255,12 @@ public class TableServiceCmdService {
 
         // 查询条件
         JSONObject condition = ifNullSetEmpty(fixedData.getJSONObject(CONDITION));
+        // 权限
+        checkAuthQueryList(genTable, condition);
         // 检查列
         checkColumn(condition, columns);
         // 封装好以后的查询条件
-        JSONObject packCondition = ifNullSetEmpty(packColCondition(columns, condition));
+        JSONObject packCondition = ifNullSetEmpty(selectService.packColCondition(columns, condition));
         JSONArray showData = fixedData.getJSONArray(SHOW_DATA);
         // 检查列
         checkColumn(showData, genTable.getColumns());
@@ -243,10 +280,6 @@ public class TableServiceCmdService {
 
         List<JSONObject> result = selectService.selectByCondition(tableName, condition, packCondition, showData, dto);
         result = filter(result, ObjectUtils::isNotEmpty);
-
-        // 查询时为null的列不显示的处理
-        handleNullColumnValue(result, showData);
-
         // 处理blob
         handleBlob(result, genTable.getIsContainsBlob());
         // 处理日期、外键、字典值
@@ -279,45 +312,29 @@ public class TableServiceCmdService {
             return getByTableName(tableName, columns, isUi);
         }
 
-        List<GenTableColumn> updateVisibleColumns = filterData(columns, 2, MaskConstant.UPDATE_VISIBLE::equals);
-        List<String> showData = map(updateVisibleColumns, GenTableColumn::getColumnName);
+        // 默认查所有字段，不支持自定义
         String pkName = IdUtils.getPkName(genTable.getColumns());
-
-        List<JSONObject> jsonList = selectService.selectByIdList(tableName, pkName, Lists.newArrayList(id), showData);
-        requireNonNull(jsonList, "id 为[" + id + "]的数据不存在, 模块为[" + genTable.getFunctionName() + "]");
-        // 查询时为null的列不显示的处理
-        handleNullColumnValue(jsonList, showData);
-        JSONObject json = jsonList.get(0);
-
+        JSONObject json = selectService.selectById(tableName, pkName, id);
+        requireNonNull(json, "id 为[" + id + "]的数据不存在, 表名为[" + tableName + "]");
         // 处理blob
-        handleBlob(jsonList, genTable.getIsContainsBlob());
-        List<GenTableColumn> parentColumns = filterHrAndSort(columns);
+        handleBlob(Collections.singletonList(json), genTable.getIsContainsBlob());
 
-        //接收可能存在的cssClass
-        String cssClass = null;
+        List<GenTableColumn> parentColumns = filterHrAndSort(columns);
         // 处理成hr的形式
         for (GenTableColumn hrColumn : parentColumns) {
             List<GenTableColumn> children = Lists.newArrayListWithCapacity(16);
-            for (GenTableColumn column : updateVisibleColumns) {
+            for (GenTableColumn column : columns) {
                 if (hrColumn.getId().equals(column.getHrParentId())) {
                     String columnName = column.getColumnName();
                     String columnType = column.getColumnType();
                     String htmlType = column.getHtmlType();
                     String dictType = column.getDictType();
                     if (containsKeyIgnoreCase(json, columnName)) {
-                        column.setColumnValue(json.get(columnName));
                         // sysDict
                         if (isNotEmpty(dictType)) {
-                            String value = json.getString(columnName);
-                            List<SysDictData> sysDictData = column.getSysDictData();
-                            if (sysDictData != null && sysDictData.size() > 0) {
-                                for (SysDictData sysDictDatum : sysDictData) {
-                                    if (sysDictDatum.getDictValue().equals(value)) {
-                                        cssClass = sysDictDatum.getCssClass();
-                                        break;
-                                    }
-                                }
-                            }
+                            // 既要sysDictData还得要columnValue
+                            column.setSysDictData(listSysDictDataByType(dictType));
+                            column.setColumnValue(json.get(columnName));
                         }
                         // dateTime
                         if (NEED_CONVERT_DATE_LIST.contains(columnType)) {
@@ -331,7 +348,8 @@ public class TableServiceCmdService {
                         if (HTML_IMAGE_UPLOAD.equalsIgnoreCase(htmlType) || HTML_FILE_UPLOAD.equalsIgnoreCase(htmlType)) {
                             column.setAnnex(getAnnex(json.getString(columnName)));
                         }
-                        //column.setReadonly(SubmitConstant.STATUS.equals(columnName));
+
+                        column.setReadonly(SubmitConstant.STATUS.equals(columnName));
                     }
 
                     children.add(column);
@@ -340,12 +358,6 @@ public class TableServiceCmdService {
             hrColumn.setHrChildren(children);
         }
 
-        //给基本属性和日志信息添加上cssClass
-        if (StringUtils.isNotBlank(cssClass)){
-            for (GenTableColumn parentColumn : parentColumns) {
-                parentColumn.setCssClass(cssClass);
-            }
-        }
         JSONObject result = new JSONObject();
         result.put(SHOW_DATA, parentColumns);
         result.put(BUTTON_LIST, getButton(tableName));

boman-web-core/src/main/java/com/boman/web/core/service/common/CommonServiceImpl.java

@@ -4,6 +4,7 @@ import com.alibaba.fastjson.JSONObject;
 import com.boman.common.redis.RedisKey;
 import com.boman.common.redis.service.RedisService;
 import com.boman.domain.GenTable;
+import com.boman.web.core.domain.FormDataDto;
 import com.boman.web.core.service.TableServiceCmdService;
 import com.boman.web.core.service.select.IBaseSelectService;
 import com.boman.web.core.utils.IdUtils;
@@ -63,4 +64,20 @@ public class CommonServiceImpl implements ICommonService {
     public Integer getMaxId(String tableName, String pkName) {
         return IdUtils.getMaxId(tableName, pkName);
     }
+
+    /**
+     * 功能描述: 根据条件count
+     *
+     * @param dto dto
+     * @return java.lang.Long
+     */
+    @Override
+    public int count(FormDataDto dto) {
+        JSONObject condition = dto.getFixedData();
+        String tableName = dto.getTable();
+        requireNonNull(tableName, "tableName is empty");
+        GenTable genTable = cmdService.getTableFromRedisByTableName(RedisKey.TABLE_INFO, tableName);
+        JSONObject packCondition = selectService.packColCondition(genTable.getColumns(), condition);
+        return selectService.countByCondition(tableName, condition, packCondition);
+    }
 }

boman-web-core/src/main/java/com/boman/web/core/service/common/ICommonService.java

@@ -1,7 +1,7 @@
 package com.boman.web.core.service.common;
 
 import com.alibaba.fastjson.JSONObject;
-import io.swagger.models.auth.In;
+import com.boman.web.core.domain.FormDataDto;
 
 import java.util.List;
 
@@ -31,4 +31,12 @@ public interface ICommonService {
     List<JSONObject> getByMap(String tableName, JSONObject condition);
 
     Integer getMaxId(String tableName, String pkName);
+
+    /**
+     * 功能描述: 根据条件count
+     *
+     * @param dto dto
+     * @return java.lang.Long
+     */
+    int count(FormDataDto dto);
 }

boman-web-core/src/main/java/com/boman/web/core/service/delete/BaseDeleteServiceImpl.java

@@ -1,6 +1,7 @@
 package com.boman.web.core.service.delete;
 
 import com.alibaba.fastjson.JSONObject;
+import com.boman.common.core.utils.obj.ObjectUtils;
 import com.boman.web.core.domain.RowResult;
 import com.boman.web.core.mapper.StandardlyMapper;
 import org.slf4j.Logger;
@@ -45,7 +46,7 @@ public class BaseDeleteServiceImpl implements IBaseDeleteService {
     @Override
     public RowResult deleteById(String tableName, String pkName, Long id) {
         int delete = mapper.deleteById(tableName, pkName, id);
-        return RowResult.ok("共删除了 " + delete + " 条记录");
+        return delete > 0 ? RowResult.ok() : RowResult.fail();
     }
 
     /**
@@ -60,7 +61,7 @@ public class BaseDeleteServiceImpl implements IBaseDeleteService {
     @Override
     public RowResult objectLogicDelete(Long[] idArr, String tableName, String pkName, JSONObject model) {
         int delete = mapper.updateById(tableName, model, pkName, idArr);
-        return RowResult.ok("共删除了 " + delete + " 条记录");
+        return delete > 0 ? RowResult.ok() : RowResult.fail();
     }
 
 

boman-web-core/src/main/java/com/boman/web/core/service/select/BaseSelectServiceImpl.java

@@ -2,18 +2,22 @@ package com.boman.web.core.service.select;
 
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import com.boman.common.core.utils.obj.ObjectUtils;
 import com.boman.common.redis.RedisKey;
 import com.boman.domain.GenTable;
+import com.boman.domain.GenTableColumn;
 import com.boman.web.core.domain.FormDataDto;
 import com.boman.web.core.mapper.StandardlyMapper;
 import com.boman.web.core.service.TableServiceCmdService;
 import com.boman.web.core.utils.ColumnUtils;
+import com.google.common.collect.Lists;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import java.util.List;
+import java.util.Map;
 
 import static com.boman.common.core.utils.obj.ObjectUtils.isEmpty;
 import static com.boman.common.core.utils.obj.ObjectUtils.requireNonNull;
@@ -139,4 +143,34 @@ public class BaseSelectServiceImpl implements IBaseSelectService {
 
         return mapper.selectByIdList(tableName, pkName, idList, showData);
     }
+
+    /**
+     * 功能描述: 封装成查询条件 key: 列名，  value：查询条件_查询类别
+     * eg: [{"config_name": ["系统配置", "EQ", "varchar(100)"]}]
+     *
+     * @param columns columns
+     * @return com.alibaba.fastjson.JSONObject
+     */
+    @Override
+    public JSONObject packColCondition(List<GenTableColumn> columns, JSONObject condition) {
+        if (isEmpty(condition)) {
+            return condition;
+        }
+
+        JSONObject result = new JSONObject(columns.size());
+        for (Map.Entry<String, Object> entry : condition.entrySet()) {
+            String key = entry.getKey();
+            Object value = entry.getValue();
+            for (GenTableColumn column : columns) {
+                // long string collection 暂时只作此三种类型判断
+                if (column.getColumnName().equalsIgnoreCase(key) && ObjectUtils.isNotEmpty(value)) {
+                    // columnType 作为判断需不需要转义的一个标准，防止索引失效
+                    result.put(key, Lists.newArrayList(value, column.getQueryType(), column.getColumnType()));
+                    break;
+                }
+            }
+        }
+
+        return result;
+    }
 }

boman-web-core/src/main/java/com/boman/web/core/service/select/IBaseSelectService.java

@@ -2,6 +2,7 @@ package com.boman.web.core.service.select;
 
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import com.boman.domain.GenTableColumn;
 import com.boman.web.core.domain.FormDataDto;
 
 import java.util.List;
@@ -72,4 +73,7 @@ public interface IBaseSelectService {
      * @return com.alibaba.fastjson.JSONObject
      */
     List<JSONObject> selectByIdList(String tableName, String pkName, List<Long> idList, List<String> showData);
+
+
+    JSONObject packColCondition(List<GenTableColumn> columns, JSONObject condition);
 }

boman-web-core/src/main/java/com/boman/web/core/utils/AuthUtils.java

@@ -0,0 +1,301 @@
+package com.boman.web.core.utils;
+
+import com.alibaba.fastjson.JSONObject;
+import com.boman.common.core.constant.CacheConstants;
+import com.boman.common.core.utils.SecurityUtils;
+import com.boman.common.core.utils.SpringUtils;
+import com.boman.common.redis.service.RedisService;
+import com.boman.domain.GenTable;
+import com.boman.domain.SysRoleData;
+import com.boman.domain.constant.FormDataConstant;
+import com.boman.domain.exception.NoSuchFunctionException;
+import com.boman.system.api.RemoteMenuService;
+import com.boman.system.api.RemoteRoleDataService;
+import com.boman.system.api.domain.SysMenu;
+import com.boman.system.api.domain.SysRole;
+import com.boman.system.api.domain.SysUser;
+import com.boman.system.api.model.LoginUser;
+import com.boman.web.core.domain.FormDataDto;
+import com.boman.web.core.service.common.ICommonService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.List;
+
+import static com.boman.common.core.utils.obj.ObjectUtils.*;
+import static com.boman.web.core.utils.ColumnUtils.joinList;
+
+/**
+ * @author shiqian
+ * @date 2021年04月27日 10:48
+ **/
+public class AuthUtils {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(AuthUtils.class);
+
+    public static boolean checkAuthObjectDelete(GenTable genTable, Long id, String pkName) {
+        String functionName = genTable.getFunctionName();
+        if (!containsFunctionBool(genTable.getMenuRole(), GenTable.D, functionName)) {
+            return false;
+        }
+
+        String tableName = genTable.getTableName();
+        LoginUser loginUser = getLoginUser();
+        if (SysUser.isAdmin(loginUser.getUserid())) {
+            return true;
+        }
+
+        if (!checkPermsAuthBool(tableName, GenTable.D)) {
+            return false;
+        }
+
+        return checkRoleDataAuthBool(tableName, pkName, id);
+    }
+
+    public static void checkAuthQueryList(GenTable genTable, JSONObject condition) {
+        containsFunction(genTable.getMenuRole(), GenTable.Q, "此模块:[" + genTable.getTableName() + "], 没有查询功能");
+
+        LoginUser loginUser = getLoginUser();
+        if (SysUser.isAdmin(loginUser.getUserid())) {
+            return;
+        }
+
+        List<Long> roleIdList = map(loginUser.getSysUser().getRoles(), SysRole::getId);
+        RemoteRoleDataService remoteRoleDataService = SpringUtils.getBean(RemoteRoleDataService.class);
+        List<SysRoleData> roleDataList = remoteRoleDataService.listByRoleIdList(roleIdList);
+        if (isEmpty(roleDataList)) {
+            return;
+        }
+        // 此张表所对应的roleData
+        SysRoleData roleData = filterOne(roleDataList, sysRoleData -> genTable.getTableName().equals(sysRoleData.getTableName()));
+        packAuthCondition(roleData.getDataScope(), condition, loginUser);
+    }
+
+    /**
+     * 功能描述: 某一张表是否有AMD....功能
+     *
+     * @param menuRole  AMDQSUE
+     * @param funcType  AMDQSUE中的其中一个
+     * @param errMsg    错误提示语
+     */
+    public static void containsFunction(String menuRole, String funcType, String errMsg) {
+        if (!menuRole.contains(funcType)) {
+            throw new NoSuchFunctionException(errMsg);
+        }
+    }
+    /**
+     * 功能描述: 某一张表是否有AMD....功能
+     *
+     * @param menuRole  AMDQSUE
+     * @param funcType  AMDQSUE中的其中一个
+     */
+    public static boolean containsFunctionBool(String menuRole, String funcType, String functionName) {
+        if (!menuRole.contains(funcType)) {
+            LOGGER.error("非法操作，操作人: {}，模块: {}, 此模块无 {} 功能", getLoginUser().getUsername(), functionName, funcType(funcType));
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * 功能描述: 拿到当前登陆人
+     */
+    public static LoginUser getLoginUser() {
+        RedisService redisService = SpringUtils.getBean(RedisService.class);
+        return redisService.getCacheObject(CacheConstants.LOGIN_TOKEN_KEY + SecurityUtils.getToken());
+    }
+
+    /**
+     * 功能描述: 封装表的perms   eg: sys_user:A sys_user:M sys_user:D
+     *
+     * @param tableName tableName
+     * @param btnType   AMDQSUE
+     * @return java.lang.String
+     */
+    public static String packPermsKey(String tableName, String btnType) {
+        return tableName + ":" + btnType.toUpperCase();
+    }
+
+    /**
+     * 功能描述: 当前登陆人对应的角色idList
+     *
+     * @return java.lang.Long
+     */
+    public static List<Long> getLoginUserRoleIdList() {
+        List<SysRole> roles = getLoginUser().getSysUser().getRoles();
+        return map(roles, SysRole::getId);
+    }
+
+
+    /**
+     * 功能描述: 当前登陆人对应的角色idList
+     *
+     * @return java.lang.Long
+     */
+    public static List<String> getLoginUserPermsList() {
+        RemoteMenuService remoteMenuService = SpringUtils.getBean(RemoteMenuService.class);
+        List<SysMenu> menus = remoteMenuService.listMenusByUserId(getLoginUser().getUserid());
+        return map(menus, SysMenu::getPerms);
+    }
+
+    /**
+     * 功能描述: loginUser对应的Perms，权限认定
+     *
+     * @param tableName tableName
+     * @param funcType    AMDQSUEI {@link GenTable}
+     */
+    public static void checkPermsAuth(String tableName, String funcType) {
+        List<String> permsList = getLoginUserPermsList();
+        String perms = packPermsKey(tableName, funcType);
+        if (!permsList.contains(perms)) {
+            LOGGER.error("非法操作，操作人: {}，tableName: {}， 操作类型: {}", getLoginUser().getUsername(), tableName, funcType(funcType));
+            throw new NoSuchFunctionException("不好意思，您无权限操作");
+        }
+    }
+
+    /**
+     * 功能描述: loginUser对应的Perms，权限认定
+     *
+     * @param tableName tableName
+     * @param funcType    AMDQSUEI {@link GenTable}
+     */
+    public static boolean checkPermsAuthBool(String tableName, String funcType) {
+        List<String> permsList = getLoginUserPermsList();
+        String perms = packPermsKey(tableName, funcType);
+        if (!permsList.contains(perms)) {
+            LOGGER.error("非法操作，操作人: {}，tableName: {}， 操作类型: 此人未配置 {} 权限", getLoginUser().getUsername(), tableName, funcType(GenTable.D));
+           return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * 功能描述: loginUser对应的roleData，权限认定
+     *
+     * @param tableName tableName
+     * @param pkName    pkName
+     * @param id        id
+     */
+    public static void checkRoleDataAuth(String tableName, String pkName, Long id) {
+        List<Long> roleIdList = getLoginUserRoleIdList();
+        RemoteRoleDataService remoteRoleDataService = SpringUtils.getBean(RemoteRoleDataService.class);
+        List<SysRoleData> roleDataList = remoteRoleDataService.listByRoleIdListTableName(joinList(roleIdList), tableName);
+        if (isEmpty(roleDataList)) {
+            //没有配，证明有此表的全部权限
+            return;
+        }
+        String dataScope = roleDataList.get(0).getDataScope();
+        // 不可以修改
+        if (!countByCreteBy(dataScope, pkName, id, tableName)) {
+            LOGGER.error("非法操作，操作人: {}，tableName: {}, id: {}", getLoginUser().getUsername(), tableName, id);
+            throw new NoSuchFunctionException("不好意思，您无权限操作");
+        }
+    }
+
+    /**
+     * 功能描述: loginUser对应的roleData，权限认定
+     *
+     * @param tableName tableName
+     * @param pkName    pkName
+     * @param id        id
+     */
+    public static boolean checkRoleDataAuthBool(String tableName, String pkName, Long id) {
+        List<Long> roleIdList = getLoginUserRoleIdList();
+        RemoteRoleDataService remoteRoleDataService = SpringUtils.getBean(RemoteRoleDataService.class);
+        List<SysRoleData> roleDataList = remoteRoleDataService.listByRoleIdListTableName(joinList(roleIdList), tableName);
+        if (isEmpty(roleDataList)) {
+            //没有配，证明有此表的全部权限
+            return true;
+        }
+
+        String dataScope = roleDataList.get(0).getDataScope();
+        // 可以修改
+        if (countByCreteBy(dataScope, pkName, id, tableName)) {
+            return true;
+        }
+
+        LOGGER.error("非法操作，操作人: {}，tableName: {}, id: {}", getLoginUser().getUsername(), tableName, id);
+        return false;
+    }
+
+    /**
+     * 功能描述: 根据crete_by到数据库 count, 如果 >0 可以修改
+     *
+     * @param dataScope dataScope
+     * @param pkName    pkName
+     * @param id        id
+     * @param tableName tableName
+     * @return boolean
+     */
+    public static boolean countByCreteBy(String dataScope, String pkName, Long id, String tableName) {
+        ICommonService commonService = SpringUtils.getBean(ICommonService.class);
+
+        JSONObject condition = new JSONObject();
+        condition.put(pkName, id);
+        // 封装crete_by
+        packAuthCondition(dataScope, condition, getLoginUser());
+
+        FormDataDto dto = new FormDataDto();
+        dto.setTable(tableName);
+        dto.setFixedData(condition);
+
+        int count = commonService.count(dto);
+        // count > 0 证明此人可以看到这条记录，自然可以修改
+        return count > 0;
+    }
+
+    /**
+     * 功能描述: 封装create_by in () 到 condition中
+     *
+     * @param dataScope obj_test:A obj_test:M.....
+     * @param condition condition
+     * @param loginUser 当前登陆人所存的deptUserIds和subDeptUserIds
+     */
+    public static void packAuthCondition(String dataScope, JSONObject condition, LoginUser loginUser) {
+        requireNonNull(dataScope, "dataScope is empty");
+
+        switch (dataScope) {
+            case SysRoleData.ALL_DATA:
+                break;
+            case SysRoleData.DIY_DATA:
+                break;
+            case SysRoleData.SELF_DEPT_DATA:
+                // 本部门人员
+                condition.put(FormDataConstant.CREATE_BY, loginUser.getDeptUserIds());
+                break;
+            case SysRoleData.SUB_DEPT_DATA:
+                // 本部门以及子部门
+                condition.put(FormDataConstant.CREATE_BY, loginUser.getSubDeptUserIds());
+                break;
+            default:
+                break;
+        }
+    }
+
+    public static String funcType(String funcType) {
+        switch (funcType) {
+            case GenTable.A:
+                return "新增";
+            case GenTable.M:
+                return "修改";
+            case GenTable.D:
+                return "删除";
+            case GenTable.Q:
+                return "查询";
+            case GenTable.S:
+                return "提交";
+            case GenTable.U:
+                return "反提交";
+            case GenTable.E:
+                return "导出";
+            case GenTable.I:
+                return "导入";
+            default:
+                return "未知";
+        }
+    }
+
+
+}

boman-web-core/src/main/java/com/boman/web/core/utils/ColumnUtils.java

@@ -16,6 +16,7 @@ import org.apache.commons.lang3.BooleanUtils;
 
 import java.nio.charset.StandardCharsets;
 import java.sql.Timestamp;
+import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.List;
 import java.util.Map;
@@ -307,4 +308,16 @@ public class ColumnUtils {
         }
     }
 
+    /**
+     * 连接字符串数组集合
+     * eg: System.out.println(joinList(Lists.newArrayList(1, 3, 2, 5))); 输出 1, 3, 2, 5
+     *
+     * @param iterable 集合
+     * @return 连接结果
+     */
+    public static <T> String joinList(Iterable<T> iterable) {
+        Joiner joiner = Joiner.on(", ").skipNulls();
+        return joiner.join(iterable);
+    }
+
 }