📄 positionaction.java
字号:
// }
// if (rightIds != null) {//2008-12-12 hrw add,从页面取到的rightIds有可能为空
// for (int i = 0; i < rightIds.length; i++) {
// String rid = rightIds[i];
// int rightId = Integer.parseInt(rid);
// logger.debug("权限ID: " + rid);
//
// String dataAreaIds = "";// 数据范围对象
// if (useScheme != null && useScheme.equals("1")) {
// logger.debug("使用方案授权 ");
// String scheme = request.getParameter("scheme");
// int id = 0;
// if (scheme != null && !scheme.equals("")) {
// id = Integer.parseInt(scheme);
// dataAreaIds = dataAreaSchemeMgr.findTreeviewIdsById(id);
// }
// } else {
// logger.debug("逐步授权 ");
// /*
// * 在rightTree.js里,每个树节点都挂一下隐藏域,隐藏域属性ID,name均为 节点ID + "_area"
// * 字符串, 隐藏域存储数据范围页面返回的部门节点ID集合组成的字符串
// */
// dataAreaIds = request.getParameter(rid + "_area");// 数据范围对象
// //dataAreaIds 不能为null
// if(dataAreaIds == null){
// dataAreaIds = "";
// }
// }
//
// logger.debug("数据范围ID: " + dataAreaIds);
// try {
// /*
// * 保存授权对象, 权限对象以及数据范围对象三者的关系
// * 因为对不同授权对象授予的权限对象是一样的,所以先循环权限表,再为每一个授权对象授予同一权限
// * 每一个隐藏域里存放的数据范围对象ID集合也都是对应一个权限
// */
// for (int j = 0; j < treeViews.size(); j++) {
// Treeview t = treeViews.get(j);
// int positionId = t.getId();
// // 保存授权对象, 权限对象以及数据范围对象三者的关系
// positionMgr.saveThreeObjRelation(positionId, rightId,
// dataAreaIds);
// }
// } catch (SystemException e) {
// logger.error(e.getMessage());
// isSuccessfull = false;
// }
// }
// }
// if (isSuccessfull) {// 授权成功
// // 获取当前用户信息
// User user = (User) request.getSession().getAttribute(
// Constants.SESSION_USER);
// // 获取全局会话
// ServletContext application = request.getSession()
// .getServletContext();
// // 获取用户信息
// Map userInfo = (Map) application
// .getAttribute(SystemConstant.APPLICATION_USER_INFO);
// if (userInfo != null) {
// logger.debug("userInfo: " + userInfo + " userInfo.size: "
// + userInfo.size());
// // 遍历所有有被修改权限的岗位
// for (int i = 0; i < treeViews.size(); i++) {
// // 获取该岗位所有权限
// List<Rights> rights = positionMgr
// .getAllRightsByPositionId(treeViews.get(i).getId());
//
// // 遍历存放用户session的Map对象
// for (Object o : userInfo.keySet()) {
// Integer userId = (Integer) o;
// logger.debug("key: " + userId);
//
// // 不是本人的ID(管理员)
// if (!userId.equals(user.getId())) {
// // 获取Session
// HttpSession session = (HttpSession) userInfo.get(o);
// logger.debug("session: " + session);
// User u = (User) session
// .getAttribute(Constants.SESSION_USER);
// logger.debug("user: " + u);
// logger.debug("u.getTreeview().getId(): "
// + u.getTreeview().getId());
// logger.debug("treeViews.get(i).getId(): "
// + treeViews.get(i).getId());
// // 如果当前获取的用户是属于该岗位,就修改此用户Session
// if (u.getTreeview().getId().equals(
// treeViews.get(i).getId())) {
// // 设入用户权限是否被修改的值
// session
// .setAttribute(
// SystemConstant.SESSION_RIGHTS_IS_UPDATED,
// true);
// // 设入岗位所拥有的权限集合
// session.setAttribute(
// SystemConstant.SESSION_RIGHTS, rights);
//
// }
// }
// }
// }
// }
// }
return getObjToPage(mapping, form, request, response);
}
/**
* Method addDataAreaScheme 添加数据范围授权方案
*
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward [ /admin/authorization/addScheme.jsp ]
* @throws IOException
*/
public ActionForward addDataAreaScheme(ActionMapping mapping,
ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws IOException {
// 定义转向页面变量
String forward = "addScheme";
String message = "";
// 获取页面传递参数
String schemeName = request.getParameter("schemeName");
logger.debug("方案名称是: " + schemeName);
/* treeviewIds存放所有节点ID,用豆号隔开 */
String treeviewIds = "";
String saveType = request.getParameter("saveType");
// 判断此操作是页面添加还是另存,saveType的值: 1为页面添加,2为另存
if (saveType != null && saveType.equals("1")) {
String[] deptIds = request.getParameterValues("dept");
if (deptIds != null && !deptIds.equals("")) {
for (int i = 0; i < deptIds.length; i++) {
treeviewIds += "," + deptIds[i];
}
}
} else if (saveType != null && saveType.equals("2")) {
treeviewIds = request.getParameter("treeviewIds");
}
logger.debug("ID集合是: " + treeviewIds);
// 实例化数据范围授权方案的对象
DataAreaScheme dataAreaScheme = new DataAreaScheme();
dataAreaScheme.setSchemeName(schemeName);
dataAreaScheme.setTreeviewIds(treeviewIds);
try {
// 调用逻辑类里的属性DAO
dataAreaSchemeMgr.getDataAreaSchemeDAO().save(dataAreaScheme);
message = "保存方案成功";
} catch (Exception e) {
message = "保存方案失败";
}
// 判断此操作是页面添加还是另存,saveType的值: 1为页面添加,2为另存
if (saveType != null && saveType.equals("1")) {
request.setAttribute("message", message);
return mapping.findForward(forward);
} else if (saveType != null && saveType.equals("2")) {
PrintWriter out = response.getWriter();
out.print("<script>");
out
.print("window.opener.document.getElementById('message').innerHTML='<font color=red>"
+ message + "</font>';");
out.print("window.close();");
out.print("</script>");
return null;
}
return null;
}
@SuppressWarnings("unchecked")
public ActionForward getUserRightsToPage(ActionMapping mapping,
ActionForm form, HttpServletRequest request,
HttpServletResponse response) {
logger.debug("开始处理......");
PositionForm pForm = (PositionForm) form;
//1为该用户权限跟岗位不一致,2为权限跟岗位权限一致,用户岗位授权时,若权限不跟岗位一致时,以用户权限为主。
int rightsFlag = Constants.RIGHTS_USER_FLAG;
// 定义转向页面变量
String forward = "userRights";
// 获取页面传递参数
int userId = pForm.getUserId();
@SuppressWarnings("unused")
UserRightsFlag userRightsFlag = userRightsMgr.getUserRightsFlagDAO().findById(userId);
if(userRightsFlag != null){
if(userRightsFlag.getFlag() == Constants.RIGHTS_POSITION_FLAG){
rightsFlag = Constants.RIGHTS_POSITION_FLAG;
}
}else{
rightsFlag = Constants.RIGHTS_POSITION_FLAG;
}
if (rightsFlag == Constants.RIGHTS_USER_FLAG) {
List<UserRights> userRishts = userRightsMgr.getUserRightsDao().findByUserId(userId);
Map<String, WebRightsView> webRightsViews = rightsMgr
.getWebRightsView(userRishts,Constants.USER_RIGHTS_FALG,Constants.JSPRIGHTSCONTROL_NO);
request.setAttribute("webRightsViews", webRightsViews);
} else {
// rightsFlag = Constants.RIGHTS_POSITION_FLAG;
int positionId = userMgr.findById(userId).getTreeview().getId();
// 根据ID获取Treeview实体对象
Treeview treeview = treeViewMgr.getTreeviewDao().findById(
positionId);
if (treeview == null) {
treeview = new Treeview();
}
// 获取岗位已有权限
List<PositionRights> positionRights = positionMgr
.getRightsByPositionId(positionId);
Map<String, WebRightsView> webRightsViews = rightsMgr
.getWebRightsView(positionRights, Constants.POSITION_FLAG,Constants.JSPRIGHTSCONTROL_NO);
request.setAttribute("webRightsViews", webRightsViews);
logger.debug("webRightsViews : " + webRightsViews.size());
// request.setAttribute("positionRights", positionRights);
request.setAttribute("treeview", treeview);
}
User user = userMgr.findById(userId);
logger.debug("rightsFlag : " + rightsFlag);
request.setAttribute("rightsFlag", rightsFlag);
request.setAttribute("user", user);
logger.debug("完成!");
return mapping.findForward(forward);
}
/**
* Method getRightsToPage 根据权限树节点ID,获取节点对象跳转到数据范围授权页面deptTree.jsp
*
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward getUserRightsAreaToPage(ActionMapping mapping,
ActionForm form, HttpServletRequest request,
HttpServletResponse response) {
// 定义转向页面变量
String forward = "deptTree1";
PositionForm pForm = (PositionForm)form;
logger.debug("RightsFlag : " + pForm.getRightsFlag());
if(pForm.getRightsFlag() == Constants.RIGHTS_POSITION_FLAG){
return getRightsToPage(mapping, form, request, response);
}
int rightsId = pForm.getRightsId();
int userId = pForm.getUserId();
String dataArea = request.getParameter("dataArea");
logger.debug("dataArea : " + dataArea);
if (dataArea == null) {
dataArea = "";
}
logger.debug("dataArea : " + dataArea);
// end add
try {
// 根据ID获取Rights实体对象
Rights rights = rightsMgr.getRightsDAO().findById(rightsId);
// 根据ID获取User实体对象
User user = userMgr.findById(userId);
logger.debug("userID " + userId);
if (rights == null) {
rights = new Rights();
}
if (user == null) {
user = new User();
}
// 获取权限已有数据范围
// 如果数据范围在页面有重新选过,不再从数据库取。
List<UserRightsArea> userRightsArea = new ArrayList<UserRightsArea>();
if (!"".equals(dataArea) && dataArea != null) {
String[] dataAreas = dataArea.split(",");
logger.debug("dataAreas : " + dataAreas.length);
userRightsArea = authorizationMgr
.conversionUserRightsArea(dataAreas);
} else {
userRightsArea = userRightsMgr.getUserRightsAreaDao().findDataAreaByRidUid(userId, rightsId);
}
logger.debug("user权限数据范围长度 " + userRightsArea.size());
String prJavascriptStr = SetupTreeView.getSetupObjTreeView("", 1,
userRightsArea,Constants.USER_RIGHTS_FALG);
request.setAttribute("prJavascriptStr", prJavascriptStr);
// modify end
request.setAttribute("rights", rights);
request.setAttribute("user", user);
} catch (SystemException e) {
logger.error(e.getMessage());
request.setAttribute("info", e.getMessage());
}
return mapping.findForward(forward);
}
public ActionForward authorizationUserRights(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
// 获取页面传递参数
PositionForm pForm = (PositionForm)form;
int userId = pForm.getUserId();
int positionId = pForm.getPositionId();
int rightsFlag = pForm.getRightsFlag();
logger.debug("rightsFlag : " + rightsFlag);
String useScheme = request.getParameter("useScheme");// 使用方案授权
String[] rightIds = request.getParameterValues("right");// 权限对象
logger.debug("授权对象是: " + userId);
logger.debug("权限对象是: " + rightIds);
authorizationMgr.authorizationUserRights(userId, useScheme, rightIds, rightsFlag,positionId, request);
return getUserRightsToPage(mapping, form, request, response);
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -