Merge branch 'fix/后台管理接口权限下放到ProcessPlatformManager' into 'develop'

Merge of fix/[流程平台]后台管理接口权限下放 to develop

See merge request o2oa/o2oa!677

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/attachment/ActionManageUpload.java

@@ -18,6 +18,8 @@ import com.x.processplatform.assemble.surface.ThisApplication;
 import com.x.processplatform.assemble.surface.WorkControl;
 import com.x.processplatform.core.entity.content.Attachment;
 import com.x.processplatform.core.entity.content.Work;
+import com.x.processplatform.core.entity.element.Application;
+import com.x.processplatform.core.entity.element.Process;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.tika.Tika;
 import org.glassfish.jersey.media.multipart.FormDataContentDisposition;
@@ -37,8 +39,11 @@ class ActionManageUpload extends BaseAction {
 			if (null == work) {
 				throw new ExceptionEntityNotExist(workId, Work.class);
 			}
-			if (!effectivePerson.isManager()) {
-				throw new ExceptionAccessDenied(effectivePerson, work);
+			Process process = business.process().pick(work.getProcess());
+			Application application = business.application().pick(work.getApplication());
+			// 需要对这个应用的管理权限
+			if (!business.canManageApplicationOrProcess(effectivePerson, application, process)) {
+				throw new ExceptionAccessDenied(effectivePerson);
 			}
 			if (StringUtils.isEmpty(fileName)) {
 				fileName = this.fileName(disposition);

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/read/ActionManageListFilterPaging.java

@@ -31,7 +31,7 @@ class ActionManageListFilterPaging extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 			ActionResult<List<Wo>> result = new ActionResult<>();
-			if (effectivePerson.isManager()) {
+			if (business.canManageApplication(effectivePerson, null)) {
 				Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 				if (wi == null) {
 					wi = new Wi();

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/readcompleted/ActionManageListFilterPaging.java

@@ -33,7 +33,7 @@ class ActionManageListFilterPaging extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 			ActionResult<List<Wo>> result = new ActionResult<>();
-			if (effectivePerson.isManager()) {
+			if (business.canManageApplication(effectivePerson, null)) {
 				Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 				if (wi == null) {
 					wi = new Wi();

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/review/ActionManageDelete.java

@@ -1,5 +1,7 @@
 package com.x.processplatform.assemble.surface.jaxrs.review;
 
+import com.x.base.core.project.exception.ExceptionAccessDenied;
+import com.x.processplatform.core.entity.element.Process;
 import org.apache.commons.lang3.StringUtils;
 
 import com.x.base.core.container.EntityManagerContainer;
@@ -33,8 +35,11 @@ class ActionManageDelete extends BaseAction {
 			if (!StringUtils.equals(review.getApplication(), application.getId())) {
 				throw new ExceptionNotMatchApplication(id, applicationFlag);
 			}
+			Process process = business.process().pick(review.getProcess());
 			// 需要对这个应用的管理权限
-			business.application().allowControl(effectivePerson, application);
+			if (!business.canManageApplicationOrProcess(effectivePerson, application, process)) {
+				throw new ExceptionAccessDenied(effectivePerson);
+			}
 		}
 		ThisApplication.context().applications().deleteQuery(x_processplatform_service_processing.class,
 				Applications.joinQueryUri("review", review.getId()), review.getJob());

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/review/V2Base.java

@@ -439,7 +439,8 @@ abstract class V2Base extends StandardJaxrsAction {
 		CriteriaQuery<Tuple> cq = cb.createQuery(Tuple.class);
 		Root<Review> root = cq.from(Review.class);
 		Predicate p = cb.conjunction();
-		if(effectivePerson.isManager() && ListTools.isNotEmpty(personList)){
+		if(business.canManageApplication(effectivePerson, null)
+				&& ListTools.isNotEmpty(personList)){
 			List<String> person_ids = business.organization().person().list(personList);
 			p = cb.and(p, root.get(Review_.person).in(person_ids));
 		}else{

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/task/ActionManageDelete.java

@@ -15,6 +15,7 @@ import com.x.processplatform.assemble.surface.Business;
 import com.x.processplatform.assemble.surface.ThisApplication;
 import com.x.processplatform.core.entity.content.Task;
 import com.x.processplatform.core.entity.element.Application;
+import com.x.processplatform.core.entity.element.Process;
 
 class ActionManageDelete extends BaseAction {
 
@@ -30,14 +31,15 @@ class ActionManageDelete extends BaseAction {
 			if (null == application) {
 				throw new ExceptionEntityNotExist(task.getApplication(), Application.class);
 			}
+			Process process = business.process().pick(task.getProcess());
 			// if (!StringUtils.equals(task.getApplication(),
 			// application.getId())) {
 			// throw new ApplicationNotMatchException(application.getId(),
 			// task.getApplication());
 			// }
-			/** 需要对这个应用的管理权限 */
-			if (!business.application().allowControl(effectivePerson, application)) {
-				throw new ExceptionAccessDenied(effectivePerson, application);
+			// 需要对这个应用的管理权限
+			if (!business.canManageApplicationOrProcess(effectivePerson, application, process)) {
+				throw new ExceptionAccessDenied(effectivePerson);
 			}
 			ThisApplication.context().applications().deleteQuery(x_processplatform_service_processing.class,
 					"task/" + URLEncoder.encode(task.getId(), DefaultCharset.name));

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/task/ActionManageListFilterPaging.java

@@ -33,7 +33,7 @@ class ActionManageListFilterPaging extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 			ActionResult<List<Wo>> result = new ActionResult<>();
-			if (effectivePerson.isManager()) {
+			if (business.canManageApplication(effectivePerson, null)) {
 				Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 				if (wi == null) {
 					wi = new Wi();

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/task/ActionManagePress.java

@@ -14,6 +14,7 @@ import com.x.processplatform.assemble.surface.Business;
 import com.x.processplatform.assemble.surface.ThisApplication;
 import com.x.processplatform.core.entity.content.Task;
 import com.x.processplatform.core.entity.element.Application;
+import com.x.processplatform.core.entity.element.Process;
 
 import java.net.URLEncoder;
 
@@ -31,9 +32,10 @@ class ActionManagePress extends BaseAction {
 			if (null == application) {
 				throw new ExceptionEntityNotExist(task.getApplication(), Application.class);
 			}
-			/** 需要对这个应用的管理权限 */
-			if (!business.application().allowControl(effectivePerson, application)) {
-				throw new ExceptionAccessDenied(effectivePerson, application);
+			Process process = business.process().pick(task.getProcess());
+			// 需要对这个应用的管理权限
+			if (!business.canManageApplicationOrProcess(effectivePerson, application, process)) {
+				throw new ExceptionAccessDenied(effectivePerson);
 			}
 			ThisApplication.context().applications().getQuery(x_processplatform_service_processing.class,
 					Applications.joinQueryUri("task", task.getId(), "press"));

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/task/ActionManageProcessing.java

@@ -1,5 +1,6 @@
 package com.x.processplatform.assemble.surface.jaxrs.task;
 
+import com.x.processplatform.core.entity.element.Process;
 import org.apache.commons.lang3.StringUtils;
 
 import com.google.gson.JsonElement;
@@ -33,10 +34,10 @@ class ActionManageProcessing extends BaseAction {
 			if (null == application) {
 				throw new ExceptionEntityNotExist(task.getApplication(), Application.class);
 			}
+			Process process = business.process().pick(task.getProcess());
 			// 需要对这个应用的管理权限
-			emc.beginTransaction(Task.class);
-			if (!business.application().allowControl(effectivePerson, application)) {
-				throw new ExceptionAccessDenied(effectivePerson, task);
+			if (!business.canManageApplicationOrProcess(effectivePerson, application, process)) {
+				throw new ExceptionAccessDenied(effectivePerson);
 			}
 			/* 如果有输入新的路由决策覆盖原有决策 */
 			if (StringUtils.isNotEmpty(wi.getRouteName())) {

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/taskcompleted/ActionManageListFilterPaging.java

@@ -32,7 +32,7 @@ class ActionManageListFilterPaging extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 			ActionResult<List<Wo>> result = new ActionResult<>();
-			if (effectivePerson.isManager()) {
+			if (business.canManageApplication(effectivePerson, null)) {
 				Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 				if (wi == null) {
 					wi = new Wi();

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/work/ActionManageListFilterPaging.java

@@ -34,7 +34,7 @@ class ActionManageListFilterPaging extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 			ActionResult<List<Wo>> result = new ActionResult<>();
-			if (effectivePerson.isManager()) {
+			if (business.canManageApplication(effectivePerson, null)) {
 				Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 				if (wi == null) {
 					wi = new Wi();

o2server/x_processplatform_assemble_surface/src/main/java/com/x/processplatform/assemble/surface/jaxrs/workcompleted/ActionManageListFilterPaging.java

@@ -32,7 +32,7 @@ class ActionManageListFilterPaging extends BaseAction {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			Business business = new Business(emc);
 			ActionResult<List<Wo>> result = new ActionResult<>();
-			if (effectivePerson.isManager()) {
+			if (business.canManageApplication(effectivePerson, null)) {
 				Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
 				if (wi == null) {
 					wi = new Wi();