Comments (12)
TommyLemon
commented on April 29, 2024
1
@Leowuqunqun @wanghaisheng
这样可以的。不过APIJSON提供了自动化权限校验,以及各种安全机制来保证后端的安全:
#12
from apijson.
wanghaisheng
commented on April 29, 2024
前面再加一层api server来控制吧 用户和库表字段关联起来 字段可以过滤 库表应该可以灵活可配
from apijson.
Leowuqunqun
commented on April 29, 2024
@TommyLemon 开发者平台之类的要怎么办 文档要手动写了么
from apijson.
TommyLemon
commented on April 29, 2024
@Leowuqunqun
目前APIJSON提供了通用文档(GitHub主页) 和 自动化生成的数据库文档(APIJSON在线解析网页)、非开放请求格式的文档(网页底部),还能自动生成请求代码。
平台确实要写权限配置的文档,打算做一个自动解析model注解生成文档的工具,反正解析也很简单。
如果是内部用,Java后端的model类可以直接给Android客户端用,注解里权限配置很清楚。
@MethodAccess(
POST = {UNKNOWN, ADMIN} //只允许未登录角色和管理员角色新增User,默认配置是 {LOGIN, ADMIN}
)
public class User {}默认的权限配置在MethodAccess里
/**请求方法权限,只允许某些角色通过对应方法访问
* @author Lemon
*/
@Documented
@Retention(RUNTIME)
@Target(TYPE)
public @interface MethodAccess {
/**@see {@link RequestMethod#GET}
* @return 该请求方法允许的角色 default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] GET() default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#HEAD}
* @return 该请求方法允许的角色 default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] HEAD() default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#GETS}
* @return 该请求方法允许的角色 default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] GETS() default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#HEADS}
* @return 该请求方法允许的角色 default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] HEADS() default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#POST}
* @return 该请求方法允许的角色 default {LOGIN, ADMIN};
*/
RequestRole[] POST() default {LOGIN, ADMIN};
/**@see {@link RequestMethod#PUT}
* @return 该请求方法允许的角色 default {OWNER, ADMIN};
*/
RequestRole[] PUT() default {OWNER, ADMIN};
/**@see {@link RequestMethod#DELETE}
* @return 该请求方法允许的角色 default {OWNER, ADMIN};
*/
RequestRole[] DELETE() default {OWNER, ADMIN};
}这是角色属性类RequestRole
/**来访的用户角色
* @author Lemon
*/
public enum RequestRole {
/**未登录,不明身份的用户
*/
UNKNOWN,
/**已登录的用户
*/
LOGIN,
/**联系人,必须已登录
*/
CONTACT,
/**圈子成员(CONTACT + OWNER),必须已登录
*/
CIRCLE,
/**拥有者,必须已登录
*/
OWNER,
/**管理员,必须已登录
*/
ADMIN;
}感谢支持^_^
from apijson.
TommyLemon
commented on April 29, 2024
@Leowuqunqun
已支持自动生成
数据字典(information_schema.tables,information_schema.columns)、
访问权限(Access.sql)、
远程函数(Funciton.sql)、
非开放请求(Request.sql)
4 种文档,
见自动化接口管理工具 APIJSONAuto 右侧上滑出来的具体文档。
http://apijson.org/
from apijson.
TommyLemon
commented on April 29, 2024
from apijson.
TommyLemon
commented on April 29, 2024
from apijson.
TommyLemon
commented on April 29, 2024
from apijson.
TommyLemon
commented on April 29, 2024
from apijson.
TommyLemon
commented on April 29, 2024
@Leowuqunqun @wanghaisheng APIJSON 3.6.5 已支持直接在数据库 Access 表配置权限,不需要写代码了
https://github.com/APIJSON/APIJSON/releases/tag/3.6.5
from apijson.
Leowuqunqun
commented on April 29, 2024
@TommyLemon nice
from apijson.
TommyLemon
commented on April 29, 2024
腾讯 APIJSON 的路由插件,对外暴露类 RESTful 接口,内部转成 APIJSON 接口执行。
https://github.com/APIJSON/apijson-router
APIJSON 最新版 5.0.0:
增强各种功能;腾讯负责人公开称赞;登记万科发起的采筑电商
https://github.com/Tencent/APIJSON/releases/tag/5.0.0
from apijson.
Related Issues (20)
- [Ecosystem 生态] apijson-mongodb,NoSQL 数据库 MongoDB 的 APIJSON 插件
- [InfluxDB] APIJSON 新增支持时序数据库(物联网) InfluxDB
- 【CHINA TELECOM **电信】【500 强】天翼云申请了 APIJSON 相关发明专利
- APIJSON 插件 apijson-influxdb 开源,支持物联网时序数据库
- APIJSON 插件 apijson-milvus 开源,支持 AI 向量数据库 Milvus
- APIJSON 6.3 发布,阿里专家推荐・登记企业 +2
- [Bug] APIJSON-DEMO中的Function.sql父类方法名错误 HOT 3
- APIJSON 是否可以集成 dynamic-datasource 作为多数据源的注入 HOT 6
- 【SHEIN】全球跨境电商巨头 SHEIN 内网链接了 APIJSON, apijson-framework, APIJSON-Demo
- 不能生成admin角色的用户 HOT 2
- 希望对apijson事务有一个系统的介绍 HOT 2
- 【Lenovo 联想】【500 强】全球最大电脑厂商联想内网链接了 APIJSON
- [SHEIN] The intranet of China's biggest cross-border e-commerce company SHEIN linked APIJSON and apijson-framework
- [Lenovo][Fortune 500] The intranet of the biggest PC company Lenovo linked APIJSON
- 【Xiaomi 小米】【500 强】内网部署的飞书内部文档链接了 APIJSON-Demo
- [Xiaomi][Fortune 500] Linked APIJSON-Demo in its official Lark(by ByteDance) website
- [CHINA TELECOM][Fortune 500] China's biggest network provider CHINA TELECOM applied an OpenAPI patent for a low-code platform using APIJSON
- 两张表进行内链查询时,第二张表查询生成的库为默认sys HOT 7
- [Bug]字符 getMethodDefination(method,arguments,type,exceptions,language) 对应的远程函数 getMethodDefination(JSONObject request, String method, String arguments, String type, String exceptions, String language) 不在后端 apijson.demo.DemoFunctionParser 内,也不在父类中!如果需要则先新增对应方法! 请检查函数名和参数数量是否与已定义的函数一致! HOT 1
- [ORACLE] 子查询内部默认添加分页语句,导致in函数无法实现,提示Error Msg = ORA-00913: 值过多的报错 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apijson.