dbuser.java

一套完整的工商12315的源程序jsp部分在12315里,后台JAVA部分在gs12315src里,没有打包数据库.

package com.gs.db.dbimp;

import com.gs.db.*;
import com.gs.util.*;

import java.util.*;
import java.text.*;
import java.sql.*;
import java.security.*;

public class DbUser implements User, Cacheable {

    /** DATABASE QUERIES **/
    private static final String LOAD_PROPERTIES =
        "SELECT * FROM gsUserMenu WHERE userID=?";
    private static final String DELETE_PROPERTIES =
        "DELETE FROM gsUserMenu WHERE userID=?";
    private static final String INSERT_PROPERTY =
        "INSERT INTO gsUserMenu(userID,IDMenue) VALUES(?,?)";
    private static final String LOAD_USER_BY_USERNAME =
        "SELECT * FROM gsUser WHERE user_id=?";
    private static final String LOAD_USER_BY_ID =
        "SELECT * FROM gsUser WHERE userID=?";
    private static final String INSERT_USER =
        "INSERT INTO gsUser(userID,user_id,passwordhash, email, myname,status) " +
        "VALUES(?,?,?,?,?,?)";
    private static final String SAVE_USER =
        "UPDATE gsUser SET passwordhash=?,email=?, myname=?,status=?,user_id=?" +
        " WHERE userID=?";

    /**
     * user id of -2 means no user id has been set yet. -1 is reserved for
     * "anonymous user" and 0 is reserved for "all users".
     */
    private int id = -2;

    private String username;
    private String passwordHash;
    private String name = "";
    private String email;
    private int status;
    private Properties properties;
    private String[] menus = null;
    private Object propertyLock = new Object();
    private Object menusLock = new Object();

    /**
     * Create a new DbUser with all required fields.
     *
     * @param username the username for the user.
     * @param password a password for the user.
     * @param email the email address for the user.
     */
    //tested
    protected DbUser(String username, String password, String email) {
        this.id = SequenceAction.getId("user")!=null?Integer.parseInt(SequenceAction.getId("user")):1;
        this.username = username;
        //Compute hash of password.
        this.passwordHash = StringUtils.hash(password);
        this.email = email;
        properties = new Properties();
        menus = new String[0];
        status = 1;         //active
        insertIntoDb();
    }
    /**
     * Load a DbUser object specified by userID.
     *
     * @param userID the userID of the user to load.
     */
    protected DbUser(int userID) throws UserNotFoundException {
        this.id = userID;
        loadFromDb();
        loadProperties();
    }

    /**
     * Load a DbUser object specified by username.
     *
     * @param username the username of the user to load.
     */
    protected DbUser(String username) throws UserNotFoundException {
        this.username = username;
        loadFromDb();
        loadProperties();
    }

    /**
     * Returns the user's id. All ids must be unique in the system.
     *
     * @return the user's id.
     */

    public int getID() {
        return id;
    }

    /**
     * Test is the user is disabled
     *
     * @return true or false
     */

    public boolean isDisabled()
    {
        return 0>=status;
    }
    public boolean isDelete()
    {
        return -1==status;
    }

    /**
     * Returns true if the User object is an anonymous user object.
     *
     * @return true if the user is anonymous.
     */
    public boolean isAnonymous() {
        return (id==-1);
    }

    /**
     * Returns the user's username. All usernames must be unique in the system.
     *
     * @return the username of the user.
     */
     public String getUsername() {
        //return StringUtils.escapeHTMLTags(username);
        return username;
    }

    /**
     * Returns the user's name. The user's name does not have to be to be
     * unique in the system. Some users may opt to not let others see their
     * name for privacy reasons. In that case, the user can set nameVisible to
     * false. In that case, a call to this method will return null.
     *
     * @return the name of the user.
     */
    public String getName() {
        return StringUtils.escapeHTMLTags(name);
    }

    /**
     * Sets the user's name. The user's name does not have to be to be
     * unique in the system.
     *
     * @param name new name for the user.
     * @throws UnauthorizedException if does not have ADMIN permissions.
     */
     public void setName(String name) throws UnauthorizedException {
        this.name = name;
        saveToDb();
    }

    /**
     * Sets the users's password. The password should be passed in as
     * plain text. The way the password is stored is implementation dependent.
     * However, it is recommended to at least hash passwords with an
     * algorithm such as MD5.
     *
     * @param password new password for the user.
     * @throws UnauthorizedException if does not have ADMIN permissions.
     */
    public void setPassword(String password) throws UnauthorizedException {
        //Compute hash of password.
        this.passwordHash = StringUtils.hash(password);
        saveToDb();
    }

    /**
     * Returns the user's password in hashed form. This method is only intended
     * for system administration functions and can be ignored by skin writers.
     *
     * @return the hashed password.
     * @throws UnauthorizedException if does not have ADMIN permissions.
     */
    public String getPasswordHash() throws UnauthorizedException {
        return passwordHash;
    }

    /**
     * Sets the user's password in hashed form. This method is only intended
     * for system administration functions and can be ignored by skin writers.
     *
     * @param hashedPassword the hashedPassword for the user.
     * @throws UnauthorizedException if does not have ADMIN permissions.
     */
    public void setPasswordHash(String passwordHash) {
        this.passwordHash = passwordHash;
        saveToDb();
    }

    /**
     * Returns the user's email address. Email should be considered to be
     * a required field of a user account since it is critical to many
     * user operations performing. If the user sets emailVisible to false,
     * this method will always return null.
     *
     * @return the email address of the user.
     */
    public String getEmail() {
        return StringUtils.escapeHTMLTags(email);
    }

    /**
     * enable/diable the user, if the user is disabled it cannot
     * login any more
     *
     * @param flag: true-enable / false -disable
     * @throws UnauthorizedException if does not have ADMIN permissions.
     */
    public void enable( boolean flag  ) throws UnauthorizedException
    {
        status = flag? 1:0;
        saveToDb();
    }

    /**
     * Sets the user's email address. Email should be considered to be
     * a required field of a user account since it is critical to many
     * user operations performing.
     *
     * @param email new email address for the user.
     * @throws UnauthorizedException if does not have ADMIN permissions.
     */
    public void setEmail(String email) throws UnauthorizedException {
        this.email = email;
        saveToDb();
    }

    /**
     * Returns an extended property of the user. Each user can have an
     * arbitrary number of extended properties. This lets particular skins
     * or filters provide enhanced functionality that is not part of the base
     * interface.
     *
     * @param name the name of the property to get.
     * @return the value of the property
     */
    public String getProperty(String name) {
        return StringUtils.escapeHTMLTags((String)properties.get(name));
    }

    /**
     * Returns an Enumeration of all the names of the extended user properties.
     *
     * @return an Enumeration of the property names.
     */
    public Enumeration propertyNames() {
        return properties.propertyNames();
    }

    /**
     * Sets an extended property of the user. Each user can have an
     * arbitrary number of extended properties. This lets particular skins
     * or filters provide enhanced functionality that is not part of the base
     * interface.
     *
     * @param name the name of the property to set.
     * @param value the new value for the property.
     */
    public void setProperty(String name, String value) throws UnauthorizedException {
        properties.put(name, value);
        saveProperties();
    }

    /**
     * Returns the permissions for the user that correspond to the
     * passed-in Authorization.
     *
     * @param authorization the auth token to look up permissions with.
     */
    public IofficePermissions getPermissions(Authorization authorization) {
    	//sj<
    	if ( 0 == id )
    	{
    		//anonymous user or all user
    		return IofficePermissions.anonymous();
    	}
    	if ( -1 == id || authorization.getUserID() == id)
    	{
    		return IofficePermissions.userDefault();
    	}
        else {
            return IofficePermissions.none();
        }
        //>sj
    }

    /**
     * Returns true if the handle on the object has the permission specified.
     * A list of possible permissions can be found in the ForumPermissions
     * class. Certain methods of this class are restricted to certain
     * permissions as specified in the method comments.
     *
     * @see ForumPermissions
     */
    public boolean hasPermission(int type) {
        return true;
    }

    //FROM THE CACHEABLE INTERFACE//

    public int getSize() {
        //Approximate the size of the object in bytes by calculating the size
        //of each field.
        int size = 0;
        size += CacheSizes.sizeOfObject();              //overhead of object
        size += CacheSizes.sizeOfInt()+2;                 //id, status
        size += CacheSizes.sizeOfString(username);      //username