📄 leafpriv.java
字号:
package cn.js.fan.module.cms;
import java.sql.*;
import java.util.*;
import cn.js.fan.base.*;
import cn.js.fan.db.*;
import cn.js.fan.module.pvg.*;
import cn.js.fan.util.*;
public class LeafPriv extends ObjectDbA {
private String dirCode = "", name = "";
int id, see = 1, append = 0, del = 0, modify = 0;
public static final int TYPE_USERGROUP = 0;
public static final int TYPE_USER = 1;
public static final int PRIV_SEE = 0;
public static final int PRIV_APPEND = 1;
public static final int PRIV_MODIFY = 2;
public static final int PRIV_DEL = 3;
public static final int PRIV_EXAMINE = 4;
public LeafPriv(int id) {
this.id = id;
load();
init();
}
public LeafPriv() {
init();
}
public LeafPriv(String dirCode) {
this.dirCode = dirCode;
init();
}
public void init() {
super.init();
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public void setQueryList() {
QUERY_LIST =
"select id from dir_priv where dir_code=? order by type, name";
}
public void setQueryLoad() {
QUERY_LOAD =
"select dir_code,name,type,see,append,del,modify,examine from dir_priv where id=?";
}
public void setQueryDel() {
QUERY_DEL = "delete from dir_priv where id=?";
}
public void setQuerySave() {
QUERY_SAVE =
"update dir_priv set see=?,append=?,del=?,modify=?,examine=? where id=?";
}
public void setQueryAdd() {
QUERY_ADD =
"insert into dir_priv (name,type,see,append,del,modify,examine,dir_code) values (?,?,?,?,?,?,?,?)";
}
public void load() {
ResultSet rs = null;
Conn conn = new Conn(connname);
PreparedStatement ps = null;
try {
ps = conn.prepareStatement(QUERY_LOAD);
ps.setInt(1, id);
rs = conn.executePreQuery();
if (rs != null && rs.next()) {
dirCode = rs.getString(1);
name = rs.getString(2);
type = rs.getInt(3);
see = rs.getInt(4);
append = rs.getInt(5);
del = rs.getInt(6);
modify = rs.getInt(7);
examine = rs.getInt(8);
loaded = true;
}
} catch (Exception e) {
logger.error("load: " + e.getMessage());
} finally {
/*
if (ps != null) {
try {
ps.close();
} catch (Exception e) {}
ps = null;
}*/
if (conn != null) {
conn.close();
conn = null;
}
}
}
public String getDirCode() {
return dirCode;
}
public void setDirCode(String code) {
this.dirCode = code;
}
public String getName() {
return name;
}
public void setType(int t) {
this.type = t;
}
public void setName(String n) {
this.name = n;
}
public int getType() {
return type;
}
public boolean isLoaded() {
return loaded;
}
public String toString() {
return "LeafPriv is " + dirCode + ":" + name;
}
private int type = 0;
public synchronized boolean save() {
RMConn conn = new RMConn(connname);
int r = 0;
try {
PreparedStatement ps = conn.prepareStatement(QUERY_SAVE);
ps.setInt(1, see);
ps.setInt(2, append);
ps.setInt(3, del);
ps.setInt(4, modify);
ps.setInt(5, examine);
ps.setInt(6, id);
r = conn.executePreUpdate();
} catch (SQLException e) {
logger.error("save:" + e.getMessage());
}
return r == 1 ? true : false;
}
public boolean canUserSee(String username) {
if (username==null)
username = "";
// logger.info("username=" + username);
if (username.equals(User.ADMIN))
return true;
User user = new User();
UserGroup[] groups = null;
if (username != null)
user = user.getUser(username);
if (user.isLoaded())
groups = user.getGroup();
Leaf lf = new Leaf();
lf = lf.getLeaf(dirCode);
return canUserDo(lf, user, groups, this.PRIV_SEE);
}
/**
* 查询单个结点leaf(并不往上查其父节点),user对其是否有权限
* @param leaf Leaf 节点
* @param username String
* @return boolean
*/
public boolean canUserDo(Leaf leaf, User user, UserGroup[] groups, int privType) {
LeafPriv leafPriv = new LeafPriv(leaf.getCode());
// list该节点的所有拥有权限的用户
Vector r = leafPriv.list();
Iterator ir = r.iterator();
while (ir.hasNext()) {
// 遍历每个权限项
LeafPriv lp = (LeafPriv) ir.next();
// 权限项对应的是组用户
if (lp.getType() == lp.TYPE_USERGROUP) {
// 组为everyone
if (lp.getName().equals(UserGroup.EVERYONE)) {
if (privType==this.PRIV_APPEND) {
if (lp.getAppend() == 1)
return true;
}
else if (privType==this.PRIV_DEL) {
if (lp.getDel() == 1)
return true;
}
else if (privType==this.PRIV_MODIFY) {
if (lp.getModify()==1)
return true;
}
else if (privType==this.PRIV_SEE) {
if (lp.getSee()==1)
return true;
}
else if (privType==this.PRIV_EXAMINE) {
if (lp.getExamine()==1)
return true;
}
} else {
if (groups != null) {
int len = groups.length;
// 判断该用户所在的组是否有权限
for (int i = 0; i < len; i++) {
if (groups[i].getCode().equals(lp.getName())) {
if (privType == this.PRIV_APPEND) {
if (lp.getAppend() == 1)
return true;
} else if (privType == this.PRIV_DEL) {
if (lp.getDel() == 1)
return true;
} else if (privType == this.PRIV_MODIFY) {
if (lp.getModify() == 1)
return true;
} else if (privType == this.PRIV_SEE) {
if (lp.getSee() == 1)
return true;
}
else if (privType == this.PRIV_EXAMINE) {
if (lp.getExamine() == 1)
return true;
}
break;
}
}
}
}
} else { // 个人用户
if (lp.getName().equals(user.getName())) {
if (privType==this.PRIV_APPEND) {
if (lp.getAppend() == 1)
return true;
}
else if (privType==this.PRIV_DEL) {
if (lp.getDel() == 1)
return true;
}
else if (privType==this.PRIV_MODIFY) {
if (lp.getModify()==1)
return true;
}
else if (privType==this.PRIV_SEE) {
if (lp.getSee()==1)
return true;
}
else if (privType==this.PRIV_EXAMINE) {
if (lp.getExamine()==1)
return true;
}
}
}
}
return false;
}
public boolean canUserDo(String username, int privType) {
if (username==null)
return false;
if (username.equals(User.ADMIN))
return true;
User user = new User();
user = user.getUser(username);
// 判断用户是否具有管理员的权限
String[] privs = user.getPrivs();
if (privs!=null) {
int len = privs.length;
for (int i=0; i<len; i++) {
// 拥有管理员权限
if (privs[i].equals(Priv.PRIV_ADMIN))
return true;
}
}
UserGroup[] groups = user.getGroup();
// 如果属于管理员组,则拥有全部权限
// logger.info("groups[i].code=" + groups[i].getCode());
for (int i = 0; i < groups.length; i++)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -