hxexrequestprocessor.java

asp制作的在线考试系统

package cn.hxex.exam.struts;

import java.io.IOException;
import java.util.Set;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.RequestProcessor;

import cn.hxex.exam.cache.Cache;
import cn.hxex.exam.cache.CacheFactory;
import cn.hxex.exam.config.ConfigConstants;
import cn.hxex.exam.config.ExamConfigUtil;
import cn.hxex.exam.exception.ExamSystemException;
import cn.hxex.exam.model.Action;
import cn.hxex.exam.model.Function;
import cn.hxex.exam.model.Role;
import cn.hxex.exam.model.User;
import cn.hxex.exam.util.HxexStringUtils;

public class HxexRequestProcessor extends RequestProcessor
{
	protected final Log log = LogFactory.getLog(HxexRequestProcessor.class);

	/**
	 * 用户认证方法
	 */
	@Override
	protected boolean processRoles(HttpServletRequest request,
			HttpServletResponse response, ActionMapping mapping)
			throws IOException, ServletException
	{
		// 得到映射的路径
		String path = mapping.getPath();
		// 得到用户所要调用的Action方法的名字
		String method = request.getParameter(mapping.getParameter());
		if (HxexStringUtils.isEmpty(method))
		{
			method = StrutsConstants.DEFAULT_METHOD;
		}

		// 取得不需要校验权限的Action方法
		String[] roles = mapping.getRoleNames();
		if (roles != null && roles.length > 0)
		{
			// 进行方法的判断
			for (String role : roles)
			{
				if (method.equals(role))
				{
					request.setAttribute(StrutsConstants.REQUEST_CHECK_FLAG,
							true);
					return true;
				}
			}
		}

		// 得到Session对象和用户对象
		HttpSession session = request.getSession();
		User u = (User) session.getAttribute(StrutsConstants.SESSION_USER);

		// 如果用于对象不存在，那么说明用户没有登录
		if (u == null)
		{
			// 用户没有执行的权限，跳转到错误页面
			processLocale( request, response );
			RequestDispatcher rd = 
				request.getRequestDispatcher( "/errors/noauthority.jsp" );
			rd.forward( request, response );
			return false;
		}

		// 判断用户是否为超级用户
		String superusers = ExamConfigUtil
				.getSysConfigValue(ConfigConstants.SUPER_USER);
		String[] users = HxexStringUtils.splitString(superusers,
				ConfigConstants.USER_DELIM);
		if (HxexStringUtils.contains(users, u.getName()))
		{
			request.setAttribute(StrutsConstants.REQUEST_CHECK_FLAG, true);
			return true;
		}

		// 得到用户的角色信息
		Cache cache = CacheFactory.getCache();
		Role role = (Role) cache.get(u.getUserType());
		if (role == null)
		{
			throw new ExamSystemException("Couldn't find the role!");
		}

		// 进行用户执行功能的判断
		Set<Function> functions = role.getFunctions();
		for (Function function : functions)
		{
			Set<Action> actions = function.getActions();
			for (Action action : actions)
			{
				if (path.equals(action.getPath())
						&& method.equals(action.getParameter()))
				{
					request.setAttribute(StrutsConstants.REQUEST_CHECK_FLAG,
							true);
					return true;
				}
			}
		}

		// 用户没有执行的权限，跳转到错误页面
		processLocale( request, response );
		RequestDispatcher rd = 
			request.getRequestDispatcher( "/errors/noauthority.jsp" );
		rd.forward( request, response );
		return false;
	}
	
	@Override
	protected void processLocale( HttpServletRequest request, HttpServletResponse response )
	{
		super.processLocale( request, response );
        try
        {
                request.setCharacterEncoding( "utf-8" );
        }
        catch( Exception ex )
        {
        }
	}
}