三元管理3

o2server/x_base_core_project/src/main/java/com/x/base/core/project/config/TernaryManagement.java

@@ -141,8 +141,6 @@ public class TernaryManagement extends ConfigObject {
         o.roleList = new ArrayList<>();
         if(isSystemManager(name)){
             o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.SystemManager));
-            o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.PersonManager));
-            o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.GroupManager));
             o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.ProcessPlatformManager));
             o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.MeetingManager));
             o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.QueryManager));
@@ -155,7 +153,6 @@ public class TernaryManagement extends ConfigObject {
             o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.TeamWorkManager));
         }else if(isSecurityManager(name)){
             o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.SecurityManager));
-            o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.OrganizationManager));
         }else if(isAuditManager(name)){
             o.roleList.add(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.AuditManager));
         }

o2server/x_base_core_project/src/main/java/com/x/base/core/project/http/EffectivePerson.java

@@ -135,6 +135,19 @@ public class EffectivePerson extends GsonPropertyObject {
 		}
 	}
 
+	public boolean isSecurityManager() {
+		switch (this.tokenType) {
+			case manager:
+				return true;
+			case securityManager:
+				return true;
+			case cipher:
+				return true;
+			default:
+				return false;
+		}
+	}
+
 	public boolean isAnonymous() {
 		switch (this.tokenType) {
 		case anonymous:

o2server/x_organization_assemble_control/src/main/java/com/x/organization/assemble/control/Business.java

@@ -224,31 +224,6 @@ public class Business {
 		return false;
 	}
 
-	public boolean editableUnitDuty(EffectivePerson effectivePerson, Unit unit) throws Exception {
-		if (effectivePerson.isManager()) {
-			return true;
-		}
-		if (this.hasAnyRole(effectivePerson, OrganizationDefinition.Manager, OrganizationDefinition.OrganizationManager,
-				OrganizationDefinition.UnitManager, OrganizationDefinition.SecurityManager)) {
-			return true;
-		}
-		if (ListTools.isNotEmpty(unit.getControllerList())) {
-			List<Person> os = this.person().pick(unit.getControllerList());
-			List<String> list = ListTools.extractProperty(os, JpaObject.DISTINGUISHEDNAME, String.class, true, true);
-			if (ListTools.contains(list, effectivePerson.getDistinguishedName())) {
-				return true;
-			}
-		}
-		for (Unit u : unit().pick(unit().listSupNested(unit.getId()))) {
-			List<Person> os = this.person().pick(u.getControllerList());
-			List<String> list = ListTools.extractProperty(os, JpaObject.DISTINGUISHEDNAME, String.class, true, true);
-			if (ListTools.contains(list, effectivePerson.getDistinguishedName())) {
-				return true;
-			}
-		}
-		return false;
-	}
-
 	public boolean editable(EffectivePerson effectivePerson, Person person) throws Exception {
 		if (effectivePerson.isManager()) {
 			return true;
@@ -261,7 +236,7 @@ public class Business {
 	}
 
 	public boolean editable(EffectivePerson effectivePerson, Role role) throws Exception {
-		if (effectivePerson.isManager()) {
+		if (effectivePerson.isSecurityManager()) {
 			return true;
 		}
 		if (this.hasAnyRole(effectivePerson, OrganizationDefinition.Manager, OrganizationDefinition.OrganizationManager,

o2server/x_organization_assemble_control/src/main/java/com/x/organization/assemble/control/jaxrs/unitduty/ActionCreate.java

@@ -30,7 +30,7 @@ class ActionCreate extends BaseAction {
 			if (null == unit) {
 				throw new ExceptionUnitNotExist(wi.getUnit());
 			}
-			if (!business.editableUnitDuty(effectivePerson, unit)) {
+			if (!business.editable(effectivePerson, unit)) {
 				throw new ExceptionDenyEditUnit(effectivePerson, unit.getName());
 			}
 			if (StringUtils.isEmpty(wi.getName())) {

o2server/x_organization_assemble_control/src/main/java/com/x/organization/assemble/control/jaxrs/unitduty/ActionDelete.java

@@ -26,7 +26,7 @@ class ActionDelete extends BaseAction {
 			if (null == unit) {
 				throw new ExceptionUnitNotExist(o.getUnit());
 			}
-			if (!business.editableUnitDuty(effectivePerson, unit)) {
+			if (!business.editable(effectivePerson, unit)) {
 				throw new ExceptionDenyEditUnit(effectivePerson, unit.getName());
 			}
 			/** pick出来的需要重新取出 */

o2server/x_organization_assemble_control/src/main/java/com/x/organization/assemble/control/jaxrs/unitduty/ActionEdit.java

@@ -35,7 +35,7 @@ class ActionEdit extends BaseAction {
 			if (null == unit) {
 				throw new ExceptionUnitNotExist(o.getUnit());
 			}
-			if (!business.editableUnitDuty(effectivePerson, unit)) {
+			if (!business.editable(effectivePerson, unit)) {
 				throw new ExceptionDenyEditUnit(effectivePerson, unit.getName());
 			}
 			if (StringUtils.isEmpty(wi.getName())) {

o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionSetTernaryManagement.java

@@ -37,11 +37,11 @@ public class ActionSetTernaryManagement extends BaseAction {
 		Wi.copier.copy(wi, Config.ternaryManagement());
 		Config.ternaryManagement().save();
 		this.configFlush(effectivePerson);
-		if(BooleanUtils.isTrue(Config.ternaryManagement().getEnable())){
+		/*if(BooleanUtils.isTrue(Config.ternaryManagement().getEnable())){
 			this.saveDefaultRole();
 		}else{
 			this.deleteDefaultRole();
-		}
+		}*/
 		Wo wo = new Wo();
 		wo.setValue(true);
 		result.setData(wo);