github
/
jeecg
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

jeecg 入门难度降低,去掉YUI压缩机制

pull/5/merge
zhangdaihao 2017-09-26 11:05:38 +08:00
parent f5d116f279
commit e2d75ac982
2 changed files with 36 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
pom.xml
View File

@ -958,21 +958,6 @@
</organization>
<build>
<plugins>
<!-- 多war开发Maven支持-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.6</version>
<configuration>
<warSourceExcludes>%regex[^plug-in.+(?:(?&lt;!(?:-|\.)min)\.js)]
,%regex[^plug-in/accordion.+(?:(?&lt;!(?:-|\.)min)\.css)]
,%regex[^plug-in/bootstrap.+(?:(?&lt;!(?:-|\.)min)\.css)]
,%regex[^plug-in/easyui/themes/black.+(?:(?&lt;!(?:-|\.)min)\.css)]
,%regex[^plug-in/easyui/themes/default.+(?:(?&lt;!(?:-|\.)min)\.css)]
,%regex[^plug-in/Validform.+(?:(?&lt;!(?:-|\.)min)\.css)]
</warSourceExcludes>
</configuration>
</plugin>
<!-- tomcat插件 -->
<plugin>
@ -1029,52 +1014,7 @@
</systemProperties>
</configuration>
</plugin>
<plugin>
<!-- YUI Compressor Maven压缩插件 -->
<groupId>net.alchim31.maven</groupId>
<artifactId>yuicompressor-maven-plugin</artifactId>
<version>1.3.0</version>
<executions>
<execution>
<phase>process-resources</phase>
<goals>
<goal>compress</goal>
</goals>
</execution>
</executions>
<configuration>
<!-- 读取js,css文件采用UTF-8编码 -->
<encoding>UTF-8</encoding>
<!-- 不显示js可能的错误 -->
<jswarn>false</jswarn>
<!-- 若存在已压缩的文件,会先对比源文件是否有改动 有改动便压缩,无改动就不压缩 -->
<force>false</force>
<!-- 在指定的列号后插入新行 -->
<linebreakpos>-1</linebreakpos>
<!-- 压缩之前先执行聚合文件操作 -->
<preProcessAggregates>true</preProcessAggregates>
<!-- 压缩后保存文件后缀 无后缀 -->
<nosuffix>true</nosuffix>
<!-- 源目录,即需压缩的根目录 -->
<sourceDirectory>src/main/webapp/plug-in</sourceDirectory>
<!-- 压缩js和css文件 -->
<includes>
<include>plug-in/**/*.js</include>
<include>plug-in/accordion/css/*.css</include>
<include>plug-in/bootstrap/css/*.css</include>
<include>plug-in/easyui/themes/black/*.css</include>
<include>plug-in/easyui/themes/default/*.css</include>
<include>plug-in/Validform/**/*.css</include>
</includes>
<!-- 以下目录和文件不会被压缩 -->
<excludes>
<exclude>plug-in/**/*.min.js</exclude>
<exclude>plug-in/**/*.dev.js</exclude>
<exclude>plug-in/*/css/*.min.css</exclude>
</excludes>
</configuration>
</plugin>
</plugins>
<finalName>jeecg</finalName>
<resources>

67
src/main/java/org/jeecgframework/core/interceptors/AuthInterceptor.java
View File

@ -91,7 +91,7 @@ public class AuthInterceptor implements HandlerInterceptor {
* controller
*/
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
//update-begin--Author:taoYan Date:201706028 for注解实现排除拦截
//判断是否被注解跳过权限认证 先判断类注解然后方法注解 都没有则走原来逻辑
HandlerMethod handlerMethod=(HandlerMethod)object;
JAuth jauthType =handlerMethod.getBean().getClass().getAnnotation(JAuth.class);
@ -109,25 +109,23 @@ public class AuthInterceptor implements HandlerInterceptor {
}
}
}
//update-end--Author:taoYan Date:201706028 for注解实现排除拦截
//update-begin--Author:dangzhenghui Date:20170627 forTASK #2157 【bug】拦截器需要判断过来的请求是否ajax,如果ajax则返回无权限json,非跳转页面
Boolean isAjax=isAjax(request,response);
//update-end--Author:dangzhenghui Date:20170627 forTASK #2157 【bug】拦截器需要判断过来的请求是否ajax,如果ajax则返回无权限json,非跳转页面
String requestPath = ResourceUtil.getRequestPath(request);// 用户访问的资源地址
//logger.info("-----authInterceptor----requestPath------"+requestPath);
//步骤一: 判断是否是排除拦截请求直接返回TRUE
//update-begin--Author:dangzhenghui Date:20170402 for对外接口改造 api 设置为默认对外路径不用进行登陆验证
if (requestPath.length()>3&&"api/".equals(requestPath.substring(0,4))) {
return true;
}
//update-begin--Author:end Date:20170402 for对外接口改造 api 设置为默认对外路径不用进行登陆验证
if (excludeUrls.contains(requestPath)) {
return true;
//update-begin--Author:zhoujf Date:20170426 forTASK #1867 【改造】权限拦截器支持模糊匹配
} else if(moHuContain(excludeContainUrls, requestPath)){
return true;
//update-end--Author:zhoujf Date:20170426 forTASK #1867 【改造】权限拦截器支持模糊匹配
} else {
//步骤二: 权限控制优先重组请求URL(考虑online请求前缀一致问题)
String clickFunctionId = request.getParameter("clickFunctionId");
@ -141,23 +139,23 @@ public class AuthInterceptor implements HandlerInterceptor {
if(requestPath.equals("cgAutoListController.do?list")) {
requestPath += "&id=" + request.getParameter("id");
}
//update-start--author:scott date:20170311 foronline新请求方式,权限控制------------
if(requestPath.endsWith("?olstylecode=")) {
requestPath = requestPath.replace("?olstylecode=", "");
}
//步骤三: 根据重组请求URL,进行权限授权判断
if((!hasMenuAuth(requestPath,clickFunctionId,currLoginUser)) && !currLoginUser.getUserName().equals("admin")){
//update-begin--Author:dangzhenghui Date:20170627 forTASK #2157 【bug】拦截器需要判断过来的请求是否ajax,如果ajax则返回无权限json,非跳转页面
if(isAjax){
processAjax(response);
}else {
response.sendRedirect(request.getSession().getServletContext().getContextPath()+"/loginController.do?noAuth");
}
//update-end--Author:dangzhenghui Date:20170627 forTASK #2157 【bug】拦截器需要判断过来的请求是否ajax,如果ajax则返回无权限json,非跳转页面
return false;
}
//update-end--author:scott date:20170311 foronline新请求方式,权限控制------------
//解决rest风格下 权限失效问题
String functionId="";
@ -168,27 +166,27 @@ public class AuthInterceptor implements HandlerInterceptor {
}else {
realRequestPath=uri;
}
//update-begin--author:zhoujf date:20170307 forTASK #1745 【bug】自定义表单数据权限控制方式 1. 普通控件通过“控件名称”来控制 2. 列表控件,通过“控件名称.表头”来控制
// if(!oConvertUtils.isEmpty(clickFunctionId)){
// functionId = clickFunctionId;
// }else{
//update-begin--author:zhoujf date:20170304 for自定义表单页面控件权限控制-------------
if(realRequestPath.indexOf("autoFormController/af/")>-1 && realRequestPath.indexOf("?")!=-1){
realRequestPath = realRequestPath.substring(0, realRequestPath.indexOf("?"));
}
//update-end--author:scott date:20170304 for自定义表单页面控件权限控制---------------
List<TSFunction> functions = systemService.findByProperty(TSFunction.class, "functionUrl", realRequestPath);
if (functions.size()>0){
functionId = functions.get(0).getId();
}
// }
//update-begin--author:zhoujf date:20170307 forTASK #1745 【bug】自定义表单数据权限控制方式 1. 普通控件通过“控件名称”来控制 2. 列表控件,通过“控件名称.表头”来控制
//Step.1 第一部分处理页面表单和列表的页面控件权限(页面表单字段+页面按钮等控件)
if(!oConvertUtils.isEmpty(functionId)){
//update-begin-author:taoYan date:20170829 for:admin不作数据权限控制
if(!currLoginUser.getUserName().equals("admin")){
//获取菜单对应的页面控制权限(包括表单字段和操作按钮)
//update-begin-author:taoYan date:20170814 for:TASK #2207 【权限bug】多个角色权限并集问题因为是反的控制导致有admin的最大权限反而受小权限控制
List<TSOperation> operations = systemService.getOperationsByUserIdAndFunctionId(currLoginUser.getId(), functionId);
request.setAttribute(Globals.NOAUTO_OPERATIONCODES, operations);
if(operations==null){
@ -201,14 +199,13 @@ public class AuthInterceptor implements HandlerInterceptor {
request.setAttribute(Globals.OPERATIONCODES, operationCodes);
}
}
//update-end-author:taoYan date:20170829 for:admin不作数据权限控制
//Set<String> operationCodes = systemService.getOperationCodesByUserIdAndFunctionId(currLoginUser.getId(), functionId);
//request.setAttribute(Globals.OPERATIONCODES, operationCodes);
//}
//if(!oConvertUtils.isEmpty(functionId)){
//update-begin--Author:scott Date:20170330 for[online表单按钮\链接权限]jeecg 统一规则采用反的控制,授权的进行按钮或者字段 隐藏\禁用--------------------
// List<TSOperation> allOperation=this.systemService.findByProperty(TSOperation.class, "TSFunction.id", functionId);
// List<TSOperation> newall = new ArrayList<TSOperation>();
@ -217,10 +214,10 @@ public class AuthInterceptor implements HandlerInterceptor {
// //s=s.replaceAll(" ", "");
// newall.add(s);
// }
// //---author:jg_xugj----start-----date:20151210--------for#781 【oracle兼容】兼容问题fun.operation!='' 在oracle 数据下不正确
// String hasOperSql="SELECT operation FROM t_s_role_function fun, t_s_role_user role WHERE " +
// "fun.functionid='"+functionId+"' AND fun.operation is not null AND fun.roleid=role.roleid AND role.userid='"+currLoginUser.getId()+"' ";
// //---author:jg_xugj----end-----date:20151210--------for#781 【oracle兼容】兼容问题fun.operation!='' 在oracle 数据下不正确
// List<String> hasOperList = this.systemService.findListbySql(hasOperSql);
// for(String operationIds:hasOperList){
// for(String operationId:operationIds.split(",")){
@ -246,8 +243,7 @@ public class AuthInterceptor implements HandlerInterceptor {
}
}
request.setAttribute(Globals.NOAUTO_OPERATIONCODES, newall);*/
//update-end--Author:scott Date:20170330 for[online表单按钮权限\链接]jeecg 统一规则采用反的控制,授权的进行按钮或者字段 隐藏\禁用--------------------
//update-end-author:taoYan date:20170814 for:TASK #2207 【权限bug】多个角色权限并集问题因为是反的控制导致有admin的最大权限反而受小权限控制
//Step.2 第二部分处理列表数据级权限 (菜单数据规则集合)
List<TSDataRule> MENU_DATA_AUTHOR_RULES = new ArrayList<TSDataRule>();
@ -256,7 +252,7 @@ public class AuthInterceptor implements HandlerInterceptor {
//数据权限规则的查询
//查询所有的当前这个用户所对应的角色和菜单的datarule的数据规则id
//update-begin-author:taoYan date:20170829 for:admin不作数据权限控制
if(!currLoginUser.getUserName().equals("admin")){
//Globals.BUTTON_AUTHORITY_CHECK
Set<String> dataruleCodes = systemService.getOperationCodesByUserIdAndDataId(currLoginUser.getId(), functionId);
@ -267,7 +263,7 @@ public class AuthInterceptor implements HandlerInterceptor {
MENU_DATA_AUTHOR_RULE_SQL += SysContextSqlConvert.setSqlModel(dataRule);
}
}
//update-end-author:taoYan date:20170829 for:admin不作数据权限控制
JeecgDataAutorUtils.installDataSearchConditon(request, MENU_DATA_AUTHOR_RULES);//菜单数据规则集合
JeecgDataAutorUtils.installDataSearchConditon(request, MENU_DATA_AUTHOR_RULE_SQL);//菜单数据规则sql
@ -282,7 +278,6 @@ public class AuthInterceptor implements HandlerInterceptor {
}
}
//update-start--author:scott date:20170225 for重构权限判断提高效率---------------
/**
* 访
* @param requestPath
@ -292,7 +287,7 @@ public class AuthInterceptor implements HandlerInterceptor {
*/
private boolean hasMenuAuth(String requestPath,String clickFunctionId,TSUser currLoginUser){
String userid = currLoginUser.getId();
//update-start--author:scott -------- date:20170330 -------- for菜单访问权限由模糊匹配改成精确匹配TODO ---------------
//step.1 先判断请求是否配置菜单,没有配置菜单默认不作权限控制[注意:这里不限制权限类型菜单]
String hasMenuSql = "select count(*) from t_s_function where functiontype = 0 and functionurl = '"+requestPath+"'";
Long hasMenuCount = systemService.getCountForJdbc(hasMenuSql);
@ -318,9 +313,9 @@ public class AuthInterceptor implements HandlerInterceptor {
}else{
return true;
}
//update-end--author:scott -------- date:20170330 -------- 菜单访问权限由模糊匹配改成精确匹配TODO ---------------
}
//update-end--author:scott date:20170225 for重构权限判断提高效率---------------
/**
*
@ -335,14 +330,14 @@ public class AuthInterceptor implements HandlerInterceptor {
}
private void forward(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//update-start--Author:scott Date:20160803 for无登陆情况跳转登陆页
//超时,未登陆页面跳转
//response.sendRedirect(request.getServletContext().getContextPath()+"/loginController.do?login");
// update-start--Author:chenjin Date:20160828 forTASK #1324 【bug】Session超时后重新登录页面显示在标签里,让它重新显示登录页面
response.sendRedirect(request.getSession().getServletContext().getContextPath()+"/webpage/login/timeout.jsp");
// update-end--Author:chenjin Date:20160828 forTASK #1324 【bug】Session超时后重新登录页面显示在标签里,让它重新显示登录页面
//request.getRequestDispatcher("loginController.do?login").forward(request, response);
//update-start--Author:scott Date:20160803 for无登陆情况跳转登陆页
}
/**
@ -367,7 +362,7 @@ public class AuthInterceptor implements HandlerInterceptor {
private boolean isAjax(HttpServletRequest request, HttpServletResponse response){
return oConvertUtils.isNotEmpty(request.getHeader("X-Requested-With"));
}
//update-begin--Author:dangzhenghui Date:20170627 forTASK #2157 【bug】拦截器需要判断过来的请求是否ajax,如果ajax则返回无权限json,非跳转页面
private void processAjax(HttpServletResponse response){
AjaxJson json = new AjaxJson();
json.setSuccess(false);
@ -383,5 +378,5 @@ public class AuthInterceptor implements HandlerInterceptor {
pw.close();
}
}
//update-end--Author:dangzhenghui Date:20170627 forTASK #2157 【bug】拦截器需要判断过来的请求是否ajax,如果ajax则返回无权限json,非跳转页面
}