SecPermissionService (Bropen Framework 4.8.1 API)

bropen.framework.core.SecPermissionService

权限服务
注：可以通过 console 打开鉴权的 trace 日志，如：
DebugUtils.setLogLevel(ctx.secPermissionService.class, "TRACE")

Field Summary

Fields
Modifiers	Name	Description
`static String`	`CACHE_NAME`
`static Integer`	`aliasOverridingOrder`

Properties Summary

Properties
Type	Name and description
`ErrorService`	`errorService`
`SecRoleService`	`secRoleService`
`SecUserService`	`secUserService`
`grails.plugin.springsecurity.SpringSecurityService`	`springSecurityService`

Methods Summary

Methods
Type	Name and description
`void`	`bootStrapInit()` 初始化
`void`	`clearCache(Long userId = null, String sessionId = null)` 清理鉴权结果缓存
`String`	`executeHqlScript(String hqlScript, Map perm, User user, Map others)` 执行 hql 接口，并返回 hql
`Set<Long>`	`filterGrantedPermIds(Collection<Long> permIds, Object userIdent)` @return 授权成功的权限ID集
`Map`	`findPermission(Integer type, String code, Map options)`
`Permission`	`get(String code, Domain domain, DomainApplication application)` 根据代码和所属应用或域，获得生效的权限对象
`Permission`	`get(String code)` 根据代码获得不属于任何应用和域的权限对象
`Permission`	`get(String code, Domain domain)` 根据代码和所属域，获得权限对象
`Permission`	`get(String code, DomainApplication application)` 根据代码和所属应用，获得权限对象
`Permission`	`getAny(String code)` 根据代码获得任意一个权限对象
`Permission`	`getCurrent(String code)` 根据代码获得当前生效的权限对象
`static String`	`getPermissionQueryHql(Boolean selectRoleOnly, Boolean fromPermissionGroup, Boolean withMultiPermission)`
`Granted`	`isActionGranted(String controllerName, String actionName, Map params, Object userIdent = null, Object bean = null)` 对控制器操作资源进行鉴权
`Granted`	`isGranted(String code, Object userIdent = null, Object bean = null, Map options = null)` 对权限进行鉴权
`Granted`	`isGranted(Map perm, Object userIdent = null, Object bean = null, Map options = null)` 对权限进行鉴权
`Granted`	`isGranted(Permission perm, Object userIdent = null, Object bean = null)` 对权限进行鉴权
`Granted`	`isUrlGranted(String url, Object userIdent = null)` 通过 Requestmap 对 url 鉴权

Inherited Methods Summary

Inherited Methods
Methods inherited from class	Name
`class Object`	`Object#wait(long, int), Object#wait(long), Object#wait(), Object#equals(Object), Object#toString(), Object#hashCode(), Object#getClass(), Object#notify(), Object#notifyAll()`

- Field Detail
  - public static final String CACHE_NAME
  - public static Integer aliasOverridingOrder
- Property Detail
  - ErrorService errorService
  - SecRoleService secRoleService
  - SecUserService secUserService
  - grails.plugin.springsecurity.SpringSecurityService springSecurityService
- Method Detail
  - void bootStrapInit()
    
    初始化
  - void clearCache(Long userId = null, String sessionId = null)
    
    清理鉴权结果缓存
    Parameters:
    userId - 删除对应员工的缓存；如果为 null 且 sessionId 也为空，则清空缓存
    sessionId - 删除对应 session 的缓存；如果为 null 且 userId 也为空，则清空缓存
  - @bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal String executeHqlScript(String hqlScript, Map perm, User user, Map others)
    
    执行 hql 接口，并返回 hql
    See Also:
    Permission.condition
  - @bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal Set<Long> filterGrantedPermIds(Collection<Long> permIds, Object userIdent)
    
    Returns:
    授权成功的权限ID集
  - @bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal Map findPermission(Integer type, String code, Map options)
  - Permission get(String code, Domain domain, DomainApplication application)
    
    根据代码和所属应用或域，获得生效的权限对象
    
    Parameters:
    code - 权限代码，支持通配符 *
  - Permission get(String code)
    
    根据代码获得不属于任何应用和域的权限对象
    
    Parameters:
    code - 权限代码，支持通配符 *
  - Permission get(String code, Domain domain)
    
    根据代码和所属域，获得权限对象
    
    Parameters:
    code - 权限代码，支持通配符 *
  - Permission get(String code, DomainApplication application)
    
    根据代码和所属应用，获得权限对象
    
    Parameters:
    code - 权限代码，支持通配符 *
  - Permission getAny(String code)
    
    根据代码获得任意一个权限对象
    
    Parameters:
    code - 权限代码，支持通配符 *
  - Permission getCurrent(String code)
    
    根据代码获得当前生效的权限对象
    
    Parameters:
    code - 权限代码，支持通配符 *
  - @bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal static String getPermissionQueryHql(Boolean selectRoleOnly, Boolean fromPermissionGroup, Boolean withMultiPermission)
  - Granted isActionGranted(String controllerName, String actionName, Map params, Object userIdent = null, Object bean = null)
    
    对控制器操作资源进行鉴权
    Returns:
    如果返回布尔类型的值，则表示鉴权成功或失败；如果返回字符串，则表示鉴权失败的提示消息
  - Granted isGranted(String code, Object userIdent = null, Object bean = null, Map options = null)
    
    对权限进行鉴权
    
    Returns:
    鉴权结果
    Parameters:
    code - 权限、权限组编码，或 URL 映射（Requestmap）的完整 URL（否则请使用 isUrlGranted 方法）
    userIdent - 需要鉴权的用户；可以是Employee（员工对象）/EmployeeIdentity（员工身份对象）/User（用户对象）/username（用户名）/userId（用户ID，Long类型）/null（当前用户）。
    options.applicationId - 角色所属应用或应用ID
    options.application
    options.domainId - 角色所属域或域ID
    options.domain
    options.xxx - 其他会传递给权限 condition 的参数，如关联文档的 referenceClass、referenceId、referenceBizId 等。
  - Granted isGranted(Map perm, Object userIdent = null, Object bean = null, Map options = null)
    
    对权限进行鉴权
    
    Returns:
    鉴权结果
    Parameters:
    perm - 包含权限 id、code、allGranted、impersonateGranted、(Map) condition 的 Map 对象
    userIdent
  - Granted isGranted(Permission perm, Object userIdent = null, Object bean = null)
    
    对权限进行鉴权
    
    Returns:
    Parameters:
    perm - 权限对象
    userIdent
  - Granted isUrlGranted(String url, Object userIdent = null)
    
    通过 Requestmap 对 url 鉴权
    
    Returns:
    鉴权结果
    Parameters:
    url - 满足 URL 映射的地址
    userIdent

| Detail:
Field
Property
Constructor
Method

BROPEN Documentation, 2020-04-21 11:00

[Groovy] Class SecPermissionService

Field Summary

Properties Summary

Methods Summary

Inherited Methods Summary

Field Detail

public static final String CACHE_NAME

public static Integer aliasOverridingOrder

Property Detail

ErrorService errorService

SecRoleService secRoleService

SecUserService secUserService

grails.plugin.springsecurity.SpringSecurityService springSecurityService

Method Detail

void bootStrapInit()

void clearCache(Long userId = null, String sessionId = null)

@bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal String executeHqlScript(String hqlScript, Map perm, User user, Map others)

@bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal Set<Long> filterGrantedPermIds(Collection<Long> permIds, Object userIdent)

@bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal Map findPermission(Integer type, String code, Map options)

Permission get(String code, Domain domain, DomainApplication application)

Permission get(String code)

Permission get(String code, Domain domain)

Permission get(String code, DomainApplication application)

Permission getAny(String code)

Permission getCurrent(String code)

@bropen.toolkit.annotation.Internal@bropen.toolkit.annotation.Internal static String getPermissionQueryHql(Boolean selectRoleOnly, Boolean fromPermissionGroup, Boolean withMultiPermission)

Granted isActionGranted(String controllerName, String actionName, Map params, Object userIdent = null, Object bean = null)

Granted isGranted(String code, Object userIdent = null, Object bean = null, Map options = null)

Granted isGranted(Map perm, Object userIdent = null, Object bean = null, Map options = null)

Granted isGranted(Permission perm, Object userIdent = null, Object bean = null)

Granted isUrlGranted(String url, Object userIdent = null)