📄 aclmanagerimpl.java
字号:
package com.bjsxt.oa.managers.impl;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import com.bjsxt.oa.managers.AclManager;
import com.bjsxt.oa.model.ACL;
import com.bjsxt.oa.model.Permission;
public class AclManagerImpl extends AbstractManager implements AclManager {
public void addOrUpdateRolePermission(int roleId, String resourceSn,
int permission, boolean yes) {
ACL acl = findRoleAcl(roleId,resourceSn);
if(acl != null){
acl.setPermission(permission, yes);
getHibernateTemplate().update(acl);
return;
}
acl = new ACL();
acl.setPrincipalType(ACL.TYPE_ROLE);
acl.setPrincipalSn(roleId);
acl.setResourceSn(resourceSn);
acl.setPermission(permission, yes);
getHibernateTemplate().save(acl);
}
public void addOrUpdateUserExtends(int userId, String resourceSn,
boolean yes) {
ACL acl = findUserAcl(userId,resourceSn);
if(acl != null){
acl.setExtends(yes);
getHibernateTemplate().update(acl);
return;
}
acl = new ACL();
acl.setPrincipalType(ACL.TYPE_USER);
acl.setPrincipalSn(userId);
acl.setResourceSn(resourceSn);
acl.setExtends(yes);
getHibernateTemplate().save(acl);
}
public void addOrUpdateUserPermission(int userId, String resourceSn,
int permission, boolean yes) {
ACL acl = findUserAcl(userId,resourceSn);
if(acl != null){
acl.setPermission(permission, yes);
getHibernateTemplate().update(acl);
return;
}
acl = new ACL();
acl.setPrincipalType(ACL.TYPE_USER);
acl.setPrincipalSn(userId);
acl.setResourceSn(resourceSn);
acl.setPermission(permission, yes);
getHibernateTemplate().save(acl);
}
public void delRolePermission(int roleId, String resourceSn) {
ACL acl = findRoleAcl(roleId,resourceSn);
if(acl != null){
getHibernateTemplate().delete(acl);
}
}
public void delUserPermission(int userId, String resourceSn) {
ACL acl = findUserAcl(userId,resourceSn);
if(acl != null){
getHibernateTemplate().delete(acl);
}
}
public boolean hasPermission(int userId, String resourceSn, int permission) {
//查找用户授权
ACL acl = findUserAcl(userId,resourceSn);
if(acl != null){
int yesOrNo = acl.getPermission(permission);
if(yesOrNo != ACL.ACL_NEUTRAL){
return yesOrNo == ACL.ACL_YES?true:false;
}
}
//按优先级别从高到低排序,查找用户拥有的角色列表
String hql_role = "select r.id from UsersRoles ur " +
"join ur.role r join ur.user u " +
"where u.id = ? order by ur.orderNo";
List roleIds = getHibernateTemplate().find(hql_role,userId);
if(roleIds != null && !roleIds.isEmpty()){
for(int i=0; i<roleIds.size(); i++){
acl = findRoleAcl((Integer)roleIds.get(i),resourceSn);
if(acl != null){
return acl.getPermission(permission) == ACL.ACL_YES ? true : false;
}
}
}
return false;
}
public List searchModules(int userId) {
//按优先级别从低到高排序,查找用户拥有的角色列表
String hql_role = "select r.id from UsersRoles ur " +
"join ur.role r join ur.user u " +
"where u.id = ? order by ur.orderNo desc";
List roleIds = getHibernateTemplate().find(hql_role,userId);
Map resourceAclMap = new HashMap();
//找出这些角色的授权,并添加到临时容器中!
if(roleIds != null && !roleIds.isEmpty()){
for(int i=0; i<roleIds.size(); i++){
//根据角色标识查找其所有的授权,并添加到容器中
List acls = findAclsWithRoleId((Integer)roleIds.get(i));
for (Iterator iter = acls.iterator(); iter.hasNext();) {
ACL acl = (ACL) iter.next();
//根据资源标识,将acl添加到容器中,如果有授权冲突,
//则后面的授权(即优先级更高的角色授权)将覆盖前面的授权
resourceAclMap.put(acl.getResourceSn(), acl);
}
}
}
//查找用户对应的授权列表
List acls = findAclsWithUserId(userId);
for (Iterator iter = acls.iterator(); iter.hasNext();) {
ACL acl = (ACL) iter.next();
resourceAclMap.put(acl.getResourceSn(), acl);
}
//查找出那些未被授予读取权限的acl对象
List deleteit = new ArrayList();
Set entrySet = resourceAclMap.entrySet();
for (Iterator iter = entrySet.iterator(); iter.hasNext();) {
Map.Entry entry = (Map.Entry) iter.next();
ACL acl = (ACL)entry.getValue();
if(acl.getPermission(Permission.READ) != ACL.ACL_YES){
//这个模块应该被从最终列表中删除
deleteit.add(entry.getKey());
}
}
//将这些应该被删除的模块从最终列表中删除
for (Iterator iter = deleteit.iterator(); iter.hasNext();) {
String resourceSn = (String) iter.next();
resourceAclMap.remove(resourceSn);
}
Set resourceSns = resourceAclMap.keySet();
if(resourceSns.isEmpty()){
return new ArrayList();
}
//根据资源标识,获得最终的资源对象列表!
return getSession()
.createQuery("select m from Module m where m.sn in (:sns) order by m.orderNo")
.setParameterList("sns", resourceSns)
.list();
}
public List searchRolePermission(int roleId) {
String sql = "select resourceSn,1&aclState,2&aclState,4&aclState,8&aclState from t_acl where principalType='"+ACL.TYPE_ROLE+"' and principalSn = "+roleId;
return getSession().createSQLQuery(sql).list();
}
public List searchUserPermission(int userId) {
String sql = "select resourceSn,1&aclState,2&aclState,4&aclState,8&aclState,aclTriState from t_acl where principalType='"+ACL.TYPE_USER+"' and principalSn = "+userId;
return getSession().createSQLQuery(sql).list();
}
private List findAclsWithRoleId(int roleId){
return getHibernateTemplate().find(
"select acl from ACL acl where acl.principalType = ? and acl.principalSn = ? ",
new Object[]{ACL.TYPE_ROLE,roleId}
);
}
//查找出分配给某个用户的具有明确授权的ACL对象列表
private List findAclsWithUserId(int userId){
return getHibernateTemplate().find(
"select acl from ACL acl where acl.principalType = ? and acl.principalSn = ? and acl.aclTriState = 0",
new Object[]{ACL.TYPE_USER,userId}
);
}
private ACL findRoleAcl(int roleId,String resourceSn){
return (ACL)getSession()
.createQuery(
"select acl from ACL acl where " +
"acl.principalType = ? and acl.principalSn = ? " +
"and acl.resourceSn = ?")
.setParameter(0, ACL.TYPE_ROLE)
.setParameter(1, roleId)
.setParameter(2, resourceSn)
.uniqueResult();
}
private ACL findUserAcl(int userId,String resourceSn){
return (ACL)getSession()
.createQuery(
"select acl from ACL acl where " +
"acl.principalType = ? and acl.principalSn = ? " +
"and acl.resourceSn = ?")
.setParameter(0, ACL.TYPE_USER)
.setParameter(1, userId)
.setParameter(2, resourceSn)
.uniqueResult();
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -