当前位置: 首页 > 工具软件 > Apache Aurora > 使用案例 >

Hand-Aurora-bm常见设计

尚棋
2023-12-01

BM数据查询新增权限

BM使用权限

通过在BM的数据过滤中,增加权限.查询某张表,sch_task_authorize,获得role_id,进而可以获得权限信息.如果有数据,则可以查询

<bm:data-filters>
  <bm:data-filter enforceOperations="query" expression="exists( select 1  from sch_task_authorize a where a.task_code = t1.task_code and a.role_id =  ${/session/@role_id})"/>
</bm:data-filters>

或者参考

<ns1:data-filter enforceOperations="query" expression="exists(  select 1 from sch_task_authorize a where a.task_code = t1.task_code and  a.role_id = ${/session/@role_id} AND a.start_date &lt; sysdate AND  (a.end_date is null or a.end_date &gt; sysdate))"/>

使用JS

控制BM权限查询

<bm:features>
  <s:bm-script><![CDATA[
		var role_code = $ctx.session.role_code;
    if(role_code != 'ADMIN'){
    	var cx =  Packages.aurora.javascript.Context.getCurrentContext();
      Packages.aurora.plugin.script.engine.ScriptImportor.defineExternScript(cx, this,  $ctx.getData(), "aut_authority_bm_validate.js");
    }
	]]></s:bm-script>
</bm:features>

根据角色,判断当前是否启用

<s:bm-script><![CDATA[
    var role_code = $ctx.session.role_code;
      if(role_code != 'R7001' && role_code != 'R7002' && role_code !=  'R7003'){
          $ctx.parameter.company_id = $ctx.session.company_id;
          $ctx.parameter.user_id = $ctx.session.user_id;
          $ctx.parameter.authority_flag = 'Y';
          $ctx.parameter.trx_category = 'CONTRACT';
          $ctx.parameter.trx_id = 't1.contract_id';
          var cx =  Packages.aurora.javascript.Context.getCurrentContext();
       Packages.aurora.plugin.script.engine.ScriptImportor.defineExternScript(cx, this, $ctx.getData(), "aut_authority_bm_validate.js");
      }
]]></s:bm-script>

权限SQL

(${@authority_flag}= 'Y' AND EXISTS (SELECT 1 FROM  aut_authority_mv v WHERE v.trx_category = ${@trx_category}  AND v.authorized_user_id = ${/session/@user_id} AND  v.company_id = ${/session/@company_id} AND trunc(SYSDATE)  BETWEEN v.trx_user_start_date AND  nvl(v.trx_user_end_date,trunc(sysdate)) AND trunc(SYSDATE)  BETWEEN v.owner_user_start_date AND  nvl(v.owner_user_end_date,trunc(sysdate)) AND v.trx_id =  ${:@trx_id}))

标准调用输出BM

调用带输出的
注意, outputPath="/parameter/@app_key" 必须这么写,不能简写,否则没有返回值

<bm:model xmlns:o="aurora.database.local.oracle"  xmlns:f="aurora.database.features"  xmlns:bm="http://www.aurora-framework.org/schema/bm"  needAccessControl="false">
    <bm:operations>
        <bm:operation name="update">
              <bm:parameters>
                    <bm:parameter name="invoice_hd_id"  dataType="java.lang.Integer" input="true" inputPath="@invoice_hd_id"/>
                    <bm:parameter name="user_id"  dataType="java.lang.Integer" input="true"  inputPath="/session/@user_id"/>
                    <bm:parameter name="app_id"  dataType="java.lang.String" input="false" output="true"  outputPath="/parameter/@app_id"/>
                    <bm:parameter name="app_key"  dataType="java.lang.String" input="false" output="true"  outputPath="/parameter/@app_key"/>
                    <bm:parameter name="rc4_key"  dataType="java.lang.String" input="false" output="true"  outputPath="/parameter/@rc4_key"/>
                    <bm:parameter name="ws_request_id"  dataType="java.lang.Integer" input="false" output="true"  outputPath="/parameter/@ws_request_id"/>
                    <bm:parameter name="bill_data"  dataType="java.lang.String" input="false" output="true"  outputPath="/parameter/@bill_data"/>
              </bm:parameters>
            <bm:update-sql><![CDATA[
                    begin
                       zhangqian_ele_pkg.get_ele_invoice_info(p_invoice_hd_id =>  ${@invoice_hd_id},
                                                                p_user_id       =>  ${/session/@user_id},
                                                             o_app_id        =>  ${@app_id},
                                                             o_app_key       =>  ${@app_key},
                                                             o_rc4_key       =>  ${@rc4_key},
                                                             o_ws_request_id =>  ${@ws_request_id},
                                                             o_bill_data     =>  ${@bill_data});
                    end;
              ]]></bm:update-sql>
        </bm:operation>
    </bm:operations>
</bm:model>

查找并进行创建节点

<s:server-script><![CDATA[
    function getVerifyCode(str,checkWord){
        var newStr = new java.lang.String(str+checkWord);
        //md5
        var md5 = java.security.MessageDigest.getInstance("MD5");
        md5.update(newStr.getBytes("utf8"));
        //base64
        var result = new  java.lang.String(org.apache.commons.codec.binary.Base64.encodeBase64(md5.digest()));
        result = String(result);
        
        $ctx.parameter.encryptStr = result;

        return result;
    }

    getVerifyCode($ctx.parameter.sourceStr,$ctx.parameter.checkWord);
      
    $ctx.createChildByTag('/sfexpressService/arg0').setText($ctx.parameter.sourceStr);
    $ctx.createChildByTag('/sfexpressService/arg1').setText($ctx.parameter.encryptStr);

]]></s:server-script>

通过URL访问新建的BM完成查询

将其输入到浏览器地址栏中

http://127.0.0.1:8080/hls/autocrud/
{你的BM文件的位置}
/query?ORDER_FIELD=position_code&pagesize=15&pagenum=1&_fetchall=false&_autocount=true
 类似资料: