public interface PermAPI
限定符和类型 | 方法和说明 |
---|---|
int |
appendACResource(java.lang.String resourceId,
java.lang.String resourceType,
int accessMode,
java.lang.String assignmentId,
java.lang.String assignmentType)
追加一个AC授权
|
java.lang.String |
createPermission(java.lang.String name,
java.lang.String desc,
java.lang.String categoryName)
创建一个权限组
|
java.lang.String |
createPermissionAssn(java.lang.String assignmentType,
java.lang.String assignmentId,
java.lang.String permissionId)
为分配对象创建一个授权
|
java.lang.String |
createPermissionList(java.lang.String permissionId,
java.lang.String resourceType,
java.lang.String resourceId)
为权限组创建一个权限资源
|
java.util.List<AccessControlModel> |
getACListByResource(java.lang.String resourceType,
java.lang.String resourceId)
获得为resourceType/resourceId分配的访问权限列表
|
java.util.List<AccessControlModel> |
getACListByResource(java.lang.String resourceType,
java.lang.String resourceId,
int accessMode)
获得为resourceType/resourceId/accessMode分配的访问权限列表
|
ACPluginProfile |
getACProfile(java.lang.String resourceType)
根据resourceType返回该类资源的AC插件配置对象
|
java.util.List<AccessControlModel> |
getACResourceList(java.lang.String uid,
java.lang.String resourceType,
int accessMode)
获得user能访问的某类资源集合
|
java.util.List<UserModel> |
getUserListByAC(java.lang.String resourceId,
java.lang.String resourceType)
根据资源ID和资源类型反查授权的用户列表(全部访问模式)
|
java.util.List<UserModel> |
getUserListByAC(java.lang.String resourceId,
java.lang.String resourceType,
int accessMode)
根据资源ID和资源类型反查授权的用户列表(指定访问模式)
|
java.util.List<UserModel> |
getUserListByNavMenu(java.lang.String navId)
根据导航菜单ID反查可访问的用户列表
|
boolean |
havingACPermission(java.lang.String uid,
java.lang.String resourceType,
java.lang.String resourceId,
int accessMode)
AC授权验证。
|
boolean |
havingACPermission(java.lang.String uid,
java.lang.String resourceType,
java.lang.String resourceId,
int accessMode,
boolean restrict)
AC授权验证。
|
boolean |
havingBoItemModelPermission(UserContext userContext,
java.lang.String boItemId,
java.lang.String permType,
ProcessInstance processInst,
TaskInstance taskInst)
判断某一用户是否拥有对BO表字段的数据权限
|
boolean |
havingBoItemModelPermission(UserContext userContext,
java.lang.String boItemId,
java.lang.String permType,
ProcessInstance processInst,
TaskInstance taskInst,
java.util.Map<java.lang.String,java.util.List<PermissionListModel>> bufferData)
判断某一用户是否拥有对BO表字段的数据权限
|
boolean |
havingBoItemModelPermission(UserContext userContext,
java.lang.String boModelId,
java.lang.String boItemId,
java.lang.String permType,
ProcessInstance processInst,
TaskInstance taskInst)
判断某一用户是否拥有对BO表字段的数据权限
|
boolean |
havingBoItemModelPermission(UserContext userContext,
java.lang.String boModelId,
java.lang.String boItemId,
java.lang.String permType,
ProcessInstance processInst,
TaskInstance taskInst,
java.util.Map<java.lang.String,java.util.List<PermissionListModel>> bufferData)
判断某一用户是否拥有对BO表字段的数据权限
|
boolean |
havingBoModelPermission(UserContext userContext,
java.lang.String boModelId,
java.lang.String permType,
ProcessInstance processInst,
TaskInstance taskInst)
判断某一用户是否拥有对BO表的数据权限(仅作为子表时判断)
|
boolean |
havingBoModelPermission(UserContext userContext,
java.lang.String boModelId,
java.lang.String permType,
ProcessInstance processInst,
TaskInstance taskInst,
java.util.Map<java.lang.String,java.util.List<PermissionListModel>> bufferData)
判断某一用户是否拥有对BO表的数据权限(仅作为子表时判断)
|
boolean |
havingBPAOrgPermission(java.lang.String uid,
java.lang.String orgId,
java.lang.String resourceType)
判断某一用户是否有BPA组织分析权限
|
boolean |
havingBPAProcessPermission(java.lang.String uid,
java.lang.String processId,
java.lang.String resourceType)
判断某一用户是否有BPA流程分析权限
|
boolean |
havingMobileAppPermission(java.lang.String uid,
java.lang.String appId)
判断是否有移动应用访问权限
|
boolean |
havingMobilePolicyPermission(java.lang.String uid,
java.lang.String policyId)
判断是否有移动策略配置访问权限
|
boolean |
havingNavMenuPermission(java.lang.String uid,
java.lang.String navId)
判断是否有导航菜单访问权限
|
boolean |
havingSecurityLevel(java.lang.String uid,
java.lang.String securityLevel)
判断是否有指定的保密级别
|
boolean |
havingStartDWPermission(java.lang.String uid,
java.lang.String appId,
java.lang.String processGroupId)
判断是否有DW启动权限
|
boolean |
havingStartProcessPermission(java.lang.String uid,
java.lang.String processDefVersionId)
判断是否有流程启动权限
|
boolean |
havingUserInPermission(java.lang.String uid,
java.lang.String permissionId)
判断某一用户是否隶属于一个指定的组
|
boolean |
isAc(java.lang.String resourceType,
java.lang.String resourceId,
int accessMode)
判断是否设置了AC授权
|
boolean |
isSystemAdministrator(java.lang.String uid)
是否为平台管理员
|
void |
removeAC(java.lang.String resourceType,
java.lang.String resourceId)
删除某资源的AC授权信息
|
void |
removePermission(java.lang.String permissionId)
删除一个权限组,同时与该权限组相关的资源项、分配定义等一并删除
|
void |
removePermissionAssnByPerm(java.lang.String permissionId)
删除与指定权限组Id有关的全部权限分配
|
void |
removePermissionAssnByRole(java.lang.String roleId)
删除与角色有关的全部权限分配
|
void |
removePermissionAssnByUser(java.lang.String userId)
删除与账户有关的全部权限分配
|
void |
removePermissionList(java.lang.String permissionListId)
删除一个权限资源
|
void |
removePermissionListByPerm(java.lang.String permissionId)
清空一个权限组的全部资源定义
|
int appendACResource(java.lang.String resourceId, java.lang.String resourceType, int accessMode, java.lang.String assignmentId, java.lang.String assignmentType)
java.lang.String createPermission(java.lang.String name, java.lang.String desc, java.lang.String categoryName)
name
- 权限组名称desc
- 描述categoryName
- 分类名java.lang.String createPermissionList(java.lang.String permissionId, java.lang.String resourceType, java.lang.String resourceId)
permissionId
- 权限组IdresourceType
- 资源类型,见PermissionConst常量resourceId
- 资源IdPermissionConst.PERMISSION_RESOURCE_TYPE_DOCUMENT_LAYER
,
PermissionConst.PERMISSION_RESOURCE_TYPE_FUNCTION
,
PermissionConst.PERMISSION_RESOURCE_TYPE_MOBILE_APP
,
PermissionConst.PERMISSION_RESOURCE_TYPE_MOBILE_POLICY
,
PermissionConst.PERMISSION_RESOURCE_TYPE_PROCESS
,
PermissionConst.PERMISSION_RESOURCE_TYPE_ROLE
java.lang.String createPermissionAssn(java.lang.String assignmentType, java.lang.String assignmentId, java.lang.String permissionId)
assignmentType
- 分配对象类型,如角色、人,参见PermissionConstassignmentId
- 分配对象IdpermissionId
- 权限组IdPermissionConst.PERMISSION_ASSIGNMENT_TYPE_USER
,
PermissionConst.PERMISSION_ASSIGNMENT_TYPE_ROLE
void removePermission(java.lang.String permissionId)
permissionId
- 权限组Idvoid removePermissionList(java.lang.String permissionListId)
permissionListId
- 权限资源Idvoid removePermissionListByPerm(java.lang.String permissionId)
permissionId
- 权限组Idvoid removePermissionAssnByPerm(java.lang.String permissionId)
permissionId
- 权限组Idvoid removePermissionAssnByRole(java.lang.String roleId)
roleId
- 角色Idvoid removePermissionAssnByUser(java.lang.String userId)
userId
- 账户Idboolean isSystemAdministrator(java.lang.String uid)
uid
- 一个合法的AWS登录账户名ACPluginProfile getACProfile(java.lang.String resourceType)
resourceType
- 资源类型boolean isAc(java.lang.String resourceType, java.lang.String resourceId, int accessMode)
resourceType
- 资源类型resourceId
- 资源唯一标识accessMode
- 授权模式void removeAC(java.lang.String resourceType, java.lang.String resourceId)
resourceType
- 资源类型resourceId
- 资源唯一标识java.util.List<AccessControlModel> getACListByResource(java.lang.String resourceType, java.lang.String resourceId)
resourceType
- 资源类型resourceId
- 资源唯一标识java.util.List<AccessControlModel> getACListByResource(java.lang.String resourceType, java.lang.String resourceId, int accessMode)
resourceType
- 资源类型resourceId
- 资源唯一标识accessMode
- 访问模式boolean havingACPermission(java.lang.String uid, java.lang.String resourceType, java.lang.String resourceId, int accessMode)
该方法判断机制为强制判断方式,仅授权的可访问,不授权无访问权限。
uid
- 一个合法的AWS登录账户名resourceType
- 资源类型resourceId
- 资源唯一标识accessMode
- 访问模式boolean havingACPermission(java.lang.String uid, java.lang.String resourceType, java.lang.String resourceId, int accessMode, boolean restrict)
该方法会优先判断管理员或者系统管理员(三元模式)有权限。
uid
- 一个合法的AWS登录账户名resourceType
- 资源类型resourceId
- 资源唯一标识accessMode
- 访问模式restrict
- 约束判断方式,true表示强制判断方式,仅授权的可访问,false宽松判断方式,分为两种情况:没有任何授权时均可访问;有授权时,授权的可访问;java.util.List<AccessControlModel> getACResourceList(java.lang.String uid, java.lang.String resourceType, int accessMode)
uid
- 一个合法的AWS登录账户名resourceType
- 资源类型accessMode
- 授权模式boolean havingUserInPermission(java.lang.String uid, java.lang.String permissionId)
uid
- 一个合法的AWS登录账户名permissionId
- 权限组IDboolean havingNavMenuPermission(java.lang.String uid, java.lang.String navId)
uid
- 一个合法的AWS登录账户名navId
- 菜单唯一标识boolean havingStartProcessPermission(java.lang.String uid, java.lang.String processDefVersionId)
uid
- 一个合法的AWS登录账户名processDefVersionId
- 流程定义版本IDboolean havingStartDWPermission(java.lang.String uid, java.lang.String appId, java.lang.String processGroupId)
uid
- 一个合法的AWS登录账户名processGroupId
- 流程组IDboolean havingMobileAppPermission(java.lang.String uid, java.lang.String appId)
uid
- 一个合法的AWS登录账户名appId
- 应用唯一标识boolean havingMobilePolicyPermission(java.lang.String uid, java.lang.String policyId)
uid
- 一个合法的AWS登录账户名policyId
- 策略配置唯一标识boolean havingSecurityLevel(java.lang.String uid, java.lang.String securityLevel)
uid
- 一个合法的AWS登录账户名securityLevel
- 保密级别,可传入:AWFDocumentLayerUnit#SECURITY1
:普通;AWFDocumentLayerUnit#SECURITY2
:秘密;AWFDocumentLayerUnit#SECURITY2
:机密java.util.List<UserModel> getUserListByNavMenu(java.lang.String navId)
resourceId
- 资源IDjava.util.List<UserModel> getUserListByAC(java.lang.String resourceId, java.lang.String resourceType)
resourceId
- 资源IDresourceType
- 资源类型java.util.List<UserModel> getUserListByAC(java.lang.String resourceId, java.lang.String resourceType, int accessMode)
resourceId
- 资源IDresourceType
- 资源类型acAccessMode
- ac访问模式boolean havingBoModelPermission(UserContext userContext, java.lang.String boModelId, java.lang.String permType, ProcessInstance processInst, TaskInstance taskInst, java.util.Map<java.lang.String,java.util.List<PermissionListModel>> bufferData)
uid
- 用户UIDboModelId
- boModel的IdpermType
- 权限类型(FormEngineConst.FORM_TABLE_SECURITY_SHOW:显示权限,FormEngineConst.FORM_TABLE_SECURITY_ADD:添加权限,FormEngineConst.FORM_TABLE_SECURITY_DEL:编辑权限)processInst
- 流程实例(为@公式提供支持,可根据需要)taskInst
- 任务实例(为@公式提供支持,可根据需要)bufferData
- 外层提供一个临时的缓存,大数据量时优化速度(根据需要可为空)boolean havingBoItemModelPermission(UserContext userContext, java.lang.String boModelId, java.lang.String boItemId, java.lang.String permType, ProcessInstance processInst, TaskInstance taskInst, java.util.Map<java.lang.String,java.util.List<PermissionListModel>> bufferData)
uid
- 用户UIDboModelId
- boModel的IdboItemId
- boItemModel的字段IdpermType
- 权限类型(FormEngineConst.FORM_FIELD_SECURITY_HIDE:显示权限,FormEngineConst.FORM_FIELD_SECURITY_READONLY:只读权限)processInst
- 流程实例(为@公式提供支持,可根据需要)taskInst
- 任务实例(为@公式提供支持,可根据需要)bufferData
- 外层提供一个临时的缓存,大数据量时优化速度(根据需要可为空)boolean havingBoItemModelPermission(UserContext userContext, java.lang.String boItemId, java.lang.String permType, ProcessInstance processInst, TaskInstance taskInst, java.util.Map<java.lang.String,java.util.List<PermissionListModel>> bufferData)
uid
- 用户UIDboItemId
- boItemModel的字段IdpermType
- 权限类型(FormEngineConst.FORM_FIELD_SECURITY_HIDE:显示权限,FormEngineConst.FORM_FIELD_SECURITY_READONLY:只读权限)processInst
- 流程实例(为@公式提供支持,可根据需要)taskInst
- 任务实例(为@公式提供支持,可根据需要)bufferData
- 外层提供一个临时的缓存,大数据量时优化速度(根据需要可为空)boolean havingBoModelPermission(UserContext userContext, java.lang.String boModelId, java.lang.String permType, ProcessInstance processInst, TaskInstance taskInst)
uid
- 用户UIDboModelId
- boModel的IdpermType
- 权限类型(FormEngineConst.FORM_TABLE_SECURITY_SHOW:显示权限,FormEngineConst.FORM_TABLE_SECURITY_ADD:添加权限,FormEngineConst.FORM_TABLE_SECURITY_DEL:编辑权限)processInst
- 流程实例(为@公式提供支持,可根据需要)taskInst
- 任务实例(为@公式提供支持,可根据需要)boolean havingBoItemModelPermission(UserContext userContext, java.lang.String boModelId, java.lang.String boItemId, java.lang.String permType, ProcessInstance processInst, TaskInstance taskInst)
uid
- 用户UIDboModelId
- boModel的IdboItemId
- boItemModel的字段IdpermType
- 权限类型(FormEngineConst.FORM_FIELD_SECURITY_HIDE:显示权限,FormEngineConst.FORM_FIELD_SECURITY_READONLY:只读权限)processInst
- 流程实例(为@公式提供支持,可根据需要)taskInst
- 任务实例(为@公式提供支持,可根据需要)boolean havingBoItemModelPermission(UserContext userContext, java.lang.String boItemId, java.lang.String permType, ProcessInstance processInst, TaskInstance taskInst)
uid
- 用户UIDboItemId
- boItemModel的字段IdpermType
- 权限类型(FormEngineConst.FORM_FIELD_SECURITY_HIDE:显示权限,FormEngineConst.FORM_FIELD_SECURITY_READONLY:只读权限)processInst
- 流程实例(为@公式提供支持,可根据需要)taskInst
- 任务实例(为@公式提供支持,可根据需要)boolean havingBPAOrgPermission(java.lang.String uid, java.lang.String orgId, java.lang.String resourceType)
uid
- 账户uidresourceId
- 常量+组织ID,其中AWS_NODE_RT_ID_Org为整个组织机构、组织单元前缀为AWS_NODE_OC_ID_、部门前缀为AWS_NODE_OD_ID_、人员前缀为AWS_NODE_OU_ID_resourceType
- BPAConstant.PERM_RESOURCETYPE_ORGboolean havingBPAProcessPermission(java.lang.String uid, java.lang.String processId, java.lang.String resourceType)
uid
- 账户uidprocessId
- 流程类别IDresourceType
- BPAConstant.PERM_RESOURCETYPE_PROCESSCopyright © Actionsoft Co., Ltd. All Rights Reserved.