背景:越秀提单 R20210309-2197,某用户在当前登录组织A下对 某通知单 点 生成凭证,提示该用户 没有组织B的 通知单生成凭证 的业务权限
按钮事件验权流程:
com.kingdee.bos.ctrl.swing.KDWorkButton.fireActionPerformed(ActionEvent)
com.kingdee.bos.appframework.client.servicebinding.ActionProxy.actionPerformed(ActionEvent)
com.kingdee.bos.appframework.client.servicebinding.ActionProxy.actionPerformedInvoke(ActionParams)
com.kingdee.bos.appframework.client.servicebinding.ActionProxy.beforeAction()
com.kingdee.eas.framework.client.service.PermissionService.beforeActionPerformed(Map)
com.kingdee.eas.framework.client.service.PermissionService.handlePermissionForItemAction(IItemAction)
com.kingdee.eas.base.permission.client.util.PermissionHelper.checkFunctionPermission(IObjectPK, IObjectPK, IMetaDataPK, ItemAction, String, boolean, Map)
...
框架初始化上下文uiContext对象中orgPk的流程:
业务继承com.kingdee.eas.framework.client.ListUI 可能重写initMainBizOrg方法,导致最终uiContext中的org非当前登录组织
如:
com.kingdee.eas.fi.gl.cslacct.client.RequisitionListUI.initMainBizOrg(List)
com.kingdee.eas.framework.client.ListUI.initMainBizOrg(List)
com.kingdee.eas.framework.client.CoreUI.initUIMainOrgContext(String)
(getUIContext().put(this.getMainBizOrgType(),FrameWorkUtils.getCurrentOrgUnit(mainOrgContext,getMainBizOrgType()));)
com.kingdee.bos.ui.face.BOSUIContext.put(Object, Object)
推荐阅读