userpower.java
来自「社区文章采用的是平板、树形自由选择的两种展示方式」· Java 代码 · 共 411 行
JAVA
411 行
/*
* Created on 2007-3-8
* Last modified on 2008-1-1
* Powered by YeQiangWei.com
*/
package com.yeqiangwei.club.service.security;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.yeqiangwei.club.service.topic.ReplyService;
import com.yeqiangwei.club.service.topic.TopicService;
import com.yeqiangwei.club.service.user.UserLogin;
import com.yeqiangwei.club.service.user.UserService;
import com.yeqiangwei.club.service.ServiceLocator;
import com.yeqiangwei.club.service.ServiceWrapper;
import com.yeqiangwei.cache.Cache;
import com.yeqiangwei.cache.CacheFactory;
import com.yeqiangwei.club.cache.CacheRegion;
import com.yeqiangwei.club.model.Group;
import com.yeqiangwei.club.model.Reply;
import com.yeqiangwei.club.model.Role;
import com.yeqiangwei.club.model.Topic;
import com.yeqiangwei.club.model.User;
import com.yeqiangwei.club.util.BeanUtils;
import com.yeqiangwei.club.util.MessageUtils;
import com.yeqiangwei.club.util.Utils;
import com.yeqiangwei.club.view.model.UserView;
import org.apache.log4j.Logger;
import com.yeqiangwei.util.ParamUtils;
import com.yeqiangwei.util.StringHelper;
import com.yeqiangwei.util.TypeChange;
import com.yeqiangwei.util.Validator;
/*
* 此类的职责是根据用户的浏览页面获取定位用户所在的用户组,定位用户角色获取权限内容.
*/
public class UserPower {
private static final Logger logger = Logger.getLogger(UserPower.class);
public static final int BROWSEPOWER = 0;
public static final int OPERATEPOWER = 1;
public static final int ADMINPOWER = 2;
public static final Cache<Permission> CACHE_PERMISSION = CacheFactory.<Permission>creator(CacheRegion.PERMISSION);
public static final Cache<Boolean> CACHE_POWER = CacheFactory.<Boolean>creator(CacheRegion.USER_POWER);
public UserPower(){
}
private TopicService getTopicService() {
return ServiceWrapper.<TopicService>getSingletonInstance(ServiceLocator.TOPIC);
}
private ReplyService getReplyService() {
return ServiceWrapper.<ReplyService>getSingletonInstance(ServiceLocator.REPLY);
}
private GroupService getGroupService() {
return ServiceWrapper.<GroupService>getSingletonInstance(ServiceLocator.GROUP);
}
/*
private GroupOfForumService getGroupOfForumService() {
return ServiceWrapper.<GroupOfForumService>getSingletonInstance(ServiceLocator.GROUPOFFORUM);
}
*/
private RoleService getRoleService() {
return ServiceWrapper.<RoleService>getSingletonInstance(ServiceLocator.ROLE);
}
public Permission getPermission(User user, int forumId){
int userId = 0;
if(!Validator.isEmpty(user)){
userId = user.getUserId();
}
String key = "User-Permission:userId="+userId+",forumId="+forumId;
Permission permission = CACHE_PERMISSION.get(key);
if(!Validator.isEmpty(permission)){
return permission;
}
permission = new Permission();
permission.setUser(user);
Group group = this.getGroupService().userInGroup(user,forumId);
List<String> slist = null;
if(group!=null){
slist = StringHelper.stringToList(group.getRoleIds(),"|");
}
logger.debug("Group.getRoleIds()="+group.getRoleIds()+ " at Forum("+forumId+")");
if(!Validator.isEmpty(slist)){
for(int i=0; i<slist.size(); i++){
int roleId = TypeChange.stringToInt(String.valueOf(slist.get(i)));
Role role = this.getRoleService().findById(roleId);
logger.debug("Role name is "+role.getRoleName()+ " at Forum("+forumId+")");
if(role.getForumId()>0){
if(role.getForumId()==forumId){
logger.debug("Loop Roles break at Forum("+forumId+")");
permission.setRole(role);
break;
}else{
continue;
}
}else{
permission.setRole(role);
}
logger.debug(permission.getRole().getBrowsePower());
}
}
CACHE_PERMISSION.put(key, permission);
return permission;
}
private Permission getPermission(HttpServletRequest request){
return this.getPermission(UserLogin.getUser(request),ParamUtils.getIntParameter(request,"forumId"));
}
public boolean canAccess(Permission permission, int which, int locator){
String adminPower = null;
String opreatePower = null;
String browsePower = null;
Role role = permission.getRole();
if(Validator.isEmpty(role)){
return false;
}
adminPower = role.getAdminPower();
opreatePower = role.getOperatePower();
browsePower = role.getBrowsePower();
Boolean bea = CACHE_POWER.get("canAccess:roleId="+role.getRoleId()+",whitch="+which+",locator="+locator);
if(!Validator.isEmpty(bea)){
return bea;
}
String per = "0";
switch(which){
case 0:
per = StringHelper.locator(browsePower,locator,"|","0");
break;
case 1:
per = StringHelper.locator(opreatePower,locator,"|","0");
break;
case 2:
per = StringHelper.locator(adminPower,locator,"|","0");
break;
}
if(per.equals("1")){
bea = new Boolean(true);
}else{
bea = new Boolean(false);
}
CACHE_POWER.put("canAccess:roleId="+role.getRoleId()+",whitch="+which+",locator="+locator,bea);
return bea;
}
/**
*
* @param user
* @param forumId
* @param locator 权限字符串定位
* @param whichPower 权限类型 浏览权限、管理权限、操作权限
* @return
*/
public boolean canAccess(User user, int forumId, int which, int locator){
return this.canAccess(this.getPermission(user, forumId),which,locator);
}
public boolean canAccess(UserView v, int forumId, int which, int locator){
User user = new User();
BeanUtils.copyProperties(user,v);
return this.canAccess(user,forumId,which,locator);
}
public boolean canAccess(HttpServletRequest request,int which, int locator){
return this.canAccess(this.getPermission(UserLogin.getUser(request)
, ParamUtils.getIntParameter(request,"forumId"))
,which,locator);
}
public boolean canAccess(HttpServletRequest request, HttpServletResponse response){
String act = ParamUtils.getStringParameter(request,"act");
Permission p = this.getPermission(request);
String uri = request.getRequestURI();
boolean permission = true;
if(uri.equals("/club/main.jsp")&&!this.canAccess(p,UserPower.BROWSEPOWER,0)){//浏览首页
request.setAttribute("message",MessageUtils.getMessage("error_browse"));
permission = false;
}
else if(uri.equals("/club/forum.jsp")&&!this.canAccess(p,UserPower.BROWSEPOWER,1)){//浏览版面
request.setAttribute("message",MessageUtils.getMessage("error_browse"));
permission = false;
}
else if(uri.equals("/club/thread.jsp")){//浏览帖子
//boolean crawler = false;
if(!Utils.isSpider(request)&&(
(!this.canAccess(p,UserPower.BROWSEPOWER,2))//浏览普通贴
||(ParamUtils.getByteParameter(request,"better",(byte)0)==1&&!this.canAccess(p,UserPower.BROWSEPOWER,3))//浏览精华
)
){
request.setAttribute("message",MessageUtils.getMessage("error_browse"));
permission = false;
}
}
else if(uri.equals("/club/onlines.jsp")&&!this.canAccess(p,UserPower.BROWSEPOWER,10)){//浏览在线名单
request.setAttribute("message",MessageUtils.getMessage("error_browse"));
permission = false;
}
else if(uri.equals("/club/trash.jsp")&&!this.canAccess(p,UserPower.ADMINPOWER,12)){
//清理回收站
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
else if(uri.equals("/club/post.jsp")
||uri.equals("/club/posted.jsp")
||uri.equals("/club/topicAdmin.jsp")
||uri.equals("/club/topic.do")
)
{
if(act.equals("addtopic")&&!this.canAccess(p,UserPower.OPERATEPOWER,0)){ //发表主题
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
else if(act.equals("addreply")&&!this.canAccess(p,UserPower.OPERATEPOWER,1)){ //发表回复
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
/*
else if((act.equals("edittopic")||act.equals("editreply"))
&&!this.canAccess(p,UserPower.OPERATEPOWER,3)
)
{//编辑文章
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
*/
else if(act.equals("movetopic")&&!this.canAccess(p,UserPower.ADMINPOWER,2))
{//移动文章
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
else if((act.equals("trashtopic")||act.equals("trashreply"))&&!this.canAccess(p,UserPower.ADMINPOWER,1))
{//删除文章
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
else if((act.equals("better"))&&!this.canAccess(p,UserPower.ADMINPOWER,4))
{//设置精华
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
else if((act.equals("manage"))&&!this.canAccess(p,UserPower.ADMINPOWER,3))
{//评分
request.setAttribute("message",MessageUtils.getMessage("error_power"));
permission = false;
}
else{
permission = this.canUpdate(request,act);
}
}
else if(uri.equals("/club/messageAjax.do")
||(uri.equals("/club/users.do")&&(act.equals("addfriend")||act.equals("delfriends")))
){
if(Validator.isEmpty(p.getUser())){
try {
response.setContentType("text/HTML;charset=UTF-8");
PrintWriter out = response.getWriter();
out.print(MessageUtils.getMessage("error_notlogin"));
out.close();
} catch (IOException e) {
logger.error(e.toString());
}
return false;
}
}
else if(uri.equals("/club/profile.jsp")
||uri.equals("/club/password.jsp")
||uri.equals("/club/photo.jsp")
||uri.equals("/club/friend.jsp")
||uri.equals("/club/friends.jsp")
||uri.equals("/club/message.jsp")
||uri.equals("/club/photoUpload.do")
||act.equals("delfriends")
||act.equals("addfriend")
||uri.equals("/club/email.jsp")
||uri.equals("/club/favoriteTopic.jsp")
||uri.equals("/club/userSettings.jsp")
||uri.equals("/club/myInfo.jsp")
||uri.equals("/music/myLike.jsp")
||uri.equals("/music/myCommend.jsp")
){ //非登录用户禁止使用的功能
if(Validator.isEmpty(p.getUser())){
request.setAttribute("message",MessageUtils.getMessage("error_notlogin"));
permission = false;
}
logger.debug(uri);
}
else if(uri.indexOf("/admin/")!=-1&&uri.indexOf("login.jsp")==-1&&!act.equals("adminLogin"))
{
com.yeqiangwei.club.controller.action.AdminAction.loginInit(request,response);
if(Validator.isEmpty(UserLogin.getAdmin(request))){
return false;
}
}
logger.debug("uri="+uri+",act="+act+",permission="+permission);
return permission;
}
public boolean canUpdate(HttpServletRequest request, String act){
if(act.equals("edittopic")){
int topicId = ParamUtils.getIntParameter(request,"topicId");
Topic model = this.getTopicService().findById(topicId);
if(!Validator.isEmpty(model)){
return this.canUpdate(request,model);
}else{
request.setAttribute("message",MessageUtils.getMessage("error_notfind"));
}
}
else if(act.equals("editreply")){
int replyId = ParamUtils.getIntParameter(request,"replyId");
Reply model = this.getReplyService().findById(replyId);
if(!Validator.isEmpty(model)){
return this.canUpdate(request,model);
}else{
request.setAttribute("message",MessageUtils.getMessage("error_notfind"));
}
}
return true;
}
public boolean canUpdate(HttpServletRequest request, Topic model){
return this.canUpdate(request, model.getForumId(), model.getUserId(),UserLogin.getUser(request),model.getReplys());
}
public boolean canUpdate(HttpServletRequest request, Reply model){
return this.canUpdate(request, model.getForumId(), model.getUserId(),UserLogin.getUser(request),model.getReplys());
}
/**
*
* @param request
* @param userId 文章作者
* @param user 当前操作用户
* @return
*/
public boolean canUpdate(HttpServletRequest request, int forumId, int userId, User user, int replys){
/*
* 是否具备编辑他人文章的权限
*/
boolean updateadmin = this.canAccess(user,forumId,UserPower.ADMINPOWER,0);
/*
* 是否具备编辑被回复过的文章的权限
*/
boolean updatereplyed = this.canAccess(user,forumId,UserPower.OPERATEPOWER,4);
/*
* 是否具备编辑自己文章的权限
*/
boolean updatemy = this.canAccess(user,forumId,UserPower.OPERATEPOWER,3);
boolean permission = false;
if(!updateadmin){
/*
* 如果用户编辑的是自己的文章
*/
if(user!=null&& user.getUserId()==userId){
/*
* 如果用户编辑的是自己的文章
*/
if(updatemy){
permission = true;
request.setAttribute("message",null);
}else{
permission = false;
request.setAttribute("message",MessageUtils.getMessage("error_power"));
}
/*
* 判断是否具备编辑被回复过的文章权限
*/
if(replys>0&&!updatereplyed){
permission = false;
request.setAttribute("message",MessageUtils.getMessage("error_update_replyed"));
}else{
permission = true;
request.setAttribute("message",null);
}
}else{
permission = false;
request.setAttribute("message",MessageUtils.getMessage("error_power"));
}
}else{
permission = true;
request.setAttribute("message",null);
}
return permission;
}
public UserService getUserService() {
return ServiceWrapper.<UserService>getSingletonInstance(ServiceLocator.USER);
}
}
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?