archivelistaction.java

一套完整的档案管理系统

package com.stsc.archive.file;

import java.io.IOException;
import java.util.Hashtable;
import java.util.Locale;
import java.util.Properties;
import java.sql.Connection;
import java.sql.Statement;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.sql.DataSource;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionServlet;
import org.apache.struts.util.MessageResources;

import com.stsc.util.STPoolDataSet;
import com.stsc.util.STResultSet;
import com.stsc.util.PageCt;

import com.stsc.archive.manage.*;

/**
 * Implementation of <strong>Action</strong> that show archive list.
 *
 * @author Lu Tianxiong
 * @version $Revision: 1.0 $ $Date: 2003/04/04 11:56:08 $
 */

public final class ArchiveListAction extends Action {
	

    // --------------------------------------------------------- private Methods

	 /**
	  * 逻辑变量flag控制sql语句后面是加where还是加and。
	  */ 

	private boolean flag = false;

	 /**
	  * 方法generateSql调用方法createSql根据输入条件创建查询语句。
	  */

	private String generateSql(HttpServletRequest request){

		//String sql = "SELECT * FROM FARCHIVE ";
		String sql="";
		
		flag = true;

        sql = sql + createSql(request.getParameter("serialno"),"SERIALNO","Int")
				  +	createSql(request.getParameter("archivetype"),"ARCHIVETYPE","String")
				  +	createSql(request.getParameter("code"),"CODE","String")
				  +	createSql(request.getParameter("category"),"CATEGORY","String")
				  +	createSql(request.getParameter("filetype"),"FILETYPE","String")

				//2003-05-22 add by liqf add
				//一般文献类型标识
				  + createSql(request.getParameter("literaturetype"),"literaturetype","String")
				//流程跟踪
				  +createSql(request.getParameter("recordtransfer"),"recordtransfer","String")
				//页数
				+createSql(request.getParameter("pagenumber"),"pagenumber","Int")
				//电子文档名
			      + createSql(request.getParameter("electronicfilename"),"electronicfilename","String")
				//份数
				  +createSql(request.getParameter("copys"),"copys","Int")
				//实物借出份数
			      + createSql(request.getParameter("lendnum"),"lendnum","Int")
				//传阅意见
				 + createSql(request.getParameter("suggest"),"suggest","String")
				//保管期限（天）
				 + createSql(request.getParameter("securityterm"),"securityterm","Int")
				//归档稿本、版本情况说明
			      + createSql(request.getParameter("filingscripts"),"filingscripts","String")
				//历次物理归档情况
			      + createSql(request.getParameter("filingtrace"),"filingtrace","String")
				//解密日期
				  +	createSql(request.getParameter("startdecryptiondate"),"decryptiondate","StartDate")
				  +	createSql(request.getParameter("enddecryptiondate"),"decryptiondate","EndDate")
				//销毁日期
				  + createSql(request.getParameter("startdestroydate"),"destroydate","StartDate")
				  +	createSql(request.getParameter("enddestroydate"),"destroydate","EndDate")
				//档案人员再次鉴定时间
				  + createSql(request.getParameter("startreappraisedates"),"reappraisedates","StartDate")
				  +	createSql(request.getParameter("startreappraisedates"),"reappraisedates","EndDate")
				//案卷号
			      + createSql(request.getParameter("volumnno"),"volumnno","String")
					 //案卷号
			      + createSql(request.getParameter("flowno"),"flowno","String")

				  +	createSql(request.getParameter("title"),"TITLE","String")
				  +	createSql(request.getParameter("titleremark"),"TITLEREMARK","String")
				  +	createSql(request.getParameter("fileno"),"FILENO","String")
				  +	createSql(request.getParameter("startfiledate"),"FILEDATE","StartDate")
				  +	createSql(request.getParameter("endfiledate"),"FILEDATE","EndDate")
				  +	createSql(request.getParameter("duty"),"DUTY","String")
				  +	createSql(request.getParameter("otherduty"),"OTHERDUTY","String")
				  +	createSql(request.getParameter("attachmenttitle"),"ATTACHMENTTITLE","String")
				  +	createSql(request.getParameter("keyword"),"KEYWORD","String")
				  +	createSql(request.getParameter("memo"),"MEMO","String")
				  +	createSql(request.getParameter("annotation"),"ANNOTATION","String")
				  +	createSql(request.getParameter("abstractmsg"),"ABSTRACT","String")
				  +	createSql(request.getParameter("securityclass"),"SECURITYCLASS","String")
				  +	createSql(request.getParameter("retentionperiod"),"RETENTIONPERIOD","String")
				  +	createSql(request.getParameter("startarchivedate"),"ARCHIVEDATE","StartDate")
				  +	createSql(request.getParameter("endarchivedate"),"ARCHIVEDATE","EndDate")
				  +	createSql(request.getParameter("archivalcode"),"ARCHIVALCODE","String")
				  +	createSql(request.getParameter("archiveno"),"ARCHIVENO","String")
				  +	createSql(request.getParameter("handover"),"HANDOVER","String");
		
		System.out.println("sql==="+sql);
		
		return sql;
	}

	 /**
	  * 方法createSql根据传入的字段值valueField，字段名valueName，和字段类型valueType构成sql语句。
	  * 同时对于逻辑变量flag进行判断和控制，使sql语句后面加上正确的and或者where。
	  */

	private String createSql(String valueField,String valueName,String valueType){

		String sql = "";

		if ((valueField != null)&&(!valueField.trim().equals(""))){
			if (valueType.equals("String"))
			{
				sql += valueName+" LIKE '%"+valueField.trim()+"%'";
			} else if (valueType.equals("Int"))
			{
				sql += valueName+" = "+valueField.trim();
			} else if (valueType.equals("StartDate"))
			{
				sql += valueName+" >= cdate('"+valueField.trim()+"')";
			}else if (valueType.equals("EndDate"))
			{
				sql += valueName+" <= cdate('"+valueField.trim()+"')";
			}

			if (flag)
			{
				sql = " AND " + sql;
			} else {
				sql = " WHERE " + sql;
				flag = true;
			}
		}

		return sql;
	}

    // --------------------------------------------------------- Public Methods

    public ActionForward perform(ActionMapping mapping,
				 ActionForm form,
				 HttpServletRequest request,
				 HttpServletResponse response)
	throws IOException, ServletException {

		// Extract attributes we will need
		//Locale locale = getLocale(request);
		MessageResources messages = getResources();

		// Validate the request parameters specified by the user
		ActionErrors errors = new ActionErrors();
		// Save our logged-in user in the session
		HttpSession session = request.getSession();
		//2003-05-20 add by liqf
		//取得用户权限
		User userInfo = (User)(session.getAttribute(Constants.CURRENT_USER_KEY));
		boolean info=userInfo.hasPopedom(6);
		//测试用，
		//boolean info=true;
		String sql = "SELECT * FROM FARCHIVE ";
		if(info==true){
			//2003-05-29 add by liqf
			if(userInfo.hasPopedom(4) && !userInfo.hasPopedom(5)){
				//秘密级用户只能查看普通和秘密级别的文件
				//sql+=" WHERE DELETED='1' AND SECURITYCLASS<>'机密'";
				sql+=" WHERE  SECURITYCLASS<>'机密'";
			}else if(userInfo.hasPopedom(5)){
				//最高级别用户
				sql+=" WHERE DELETED IN('0','1') ";
			}else if(!userInfo.hasPopedom(4) && !userInfo.hasPopedom(5)){
				//普通用户
				//sql+=" WHERE DELETED='1' AND SECURITYCLASS='普通'";
				sql+=" WHERE SECURITYCLASS='普通'";
			}
		}else{
			//2003-05-29 add by liqf
			if(userInfo.hasPopedom(4) && !userInfo.hasPopedom(5)){
				//秘密级用户只能查看普通和秘密级别的文件
				sql+=" WHERE DELETED<>'1' AND SECURITYCLASS<>'机密'";
			}else if(userInfo.hasPopedom(5)){
				//最高级别用户