users_editaction.java

J2EE架构的权限系统

//Created by MyEclipse Struts
// XSL source (default): platform:/plugin/com.genuitec.eclipse.cross.easystruts.eclipse_3.8.4/xslt/JavaClass.xsl

package com.infosys.struts.action;

import java.util.Date;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.sf.hibernate.HibernateException;
import net.sf.hibernate.Session;
import net.sf.hibernate.Transaction;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.infosys.common.Constants;
import org.infosys.logic.GroupList;
import org.infosys.logic.InfoTips;
import org.infosys.security.Check;
import org.infosys.security.UserData;
import org.infosys.util.RecordLog;

import com.infosys.Hibernate.PUserBase;
import com.infosys.Hibernate.PUserExt;
import com.infosys.Hibernate.SessionFactory;
import com.infosys.struts.form.Users_editForm;

/** 
 * MyEclipse Struts
 * Creation date: 08-26-2005
 * 
 * XDoclet definition:
 * @struts:action path="/admin/users_edit" name="users_editForm" input="/admin/users_edit.jsp" scope="request" validate="true"
 * @struts:action-forward name="admin/users_edit" path="/admin/users_edit.jsp"
 */
public class Users_editAction extends Action {

	// --------------------------------------------------------- Instance Variables

	// --------------------------------------------------------- Methods

	/** 
	 * Method execute
	 * @param mapping
	 * @param form
	 * @param request
	 * @param response
	 * @return ActionForward
	 */
	public ActionForward execute(
			ActionMapping mapping,
			ActionForm form,
			HttpServletRequest request,
			HttpServletResponse response) {
			Users_editForm users_editForm = (Users_editForm) form;
			//验证登录以及权限
			String isrights=Check.isRights(request,response,"users_man.do");
			if(!isrights.equals("OK")){
				org.infosys.security.Check.redirectErr(request,response,"err.do?errmsg="+isrights);
				return null;
			}else{
				//业务逻辑
				String status=null;
				Session session;
				Transaction tx=null;
				try {
					PUserExt userExt;
					PUserBase userBase;
					String sessionUserid=UserData.userInfo(request).get("userid").toString();
					session = SessionFactory.currentSession();
					tx=session.beginTransaction();
					if(users_editForm.getAction()!=null && users_editForm.getAction().equalsIgnoreCase("save")){
						//检验url地址是否重复，重复不可行(因：权限点管理是基于url判断的)
						String userAccount=users_editForm.getAccount();
						List checkUser=session.find("from PUserExt a where a.account='"+userAccount+"' and a.userid<>'"+users_editForm.getId()+"'");
						if(checkUser.size()>0){
							status="数据库中用户帐号不可重复";
						}else{
							if(users_editForm.getId().equals(sessionUserid)){
								status=Constants.TIPS_USER_SELF_ERROR;
							}else{
								userExt=new PUserExt(users_editForm.getId());
								userExt.setAccount(userAccount);
								userExt.setPasswd(users_editForm.getPasswd());
								userExt.setGroupid(users_editForm.getGroupid());
								userExt.setStatus(users_editForm.getStatus());
								userExt.setRegtime(new Date());
								session.update(userExt);  //保存扩展信息
								
								userBase=new PUserBase(users_editForm.getId());
								userBase.setName(users_editForm.getName());
								userBase.setEmail(users_editForm.getEmail());
								userBase.setFax(users_editForm.getFax());
								userBase.setIdno(users_editForm.getIdno());
								userBase.setIdtype(users_editForm.getIdtype());
								userBase.setSex(users_editForm.getSex());
								userBase.setTel(users_editForm.getTel());
								session.update(userBase); //保存基础信息
								
								RecordLog.log(request,"Edit user:"+users_editForm.getAccount(),session);
								tx.commit();
								
								status=Constants.PROCESS_DATABASE_EDIT_OK;
							}
						}
						checkUser=null;
						InfoTips infotips=new InfoTips();
						infotips.setTipsInfo(status);
						request.setAttribute("InfoTips",infotips);
					}
					//显示权限组数据
					List list=session.find("from PUserExt a,PUserBase b where a.userid=b.userid and a.userid='"+users_editForm.getId()+"'");
					Object[] obj=(Object[])list.get(0);
					list=null;
					userExt=(PUserExt)obj[0];
					userBase=(PUserBase)obj[1];
					users_editForm.setAccount(userExt.getAccount());
					users_editForm.setPasswd(userExt.getPasswd());
					users_editForm.setGroupid(userExt.getGroupid());
					users_editForm.setStatus(userExt.getStatus());
					
					users_editForm.setName(userBase.getName());
					users_editForm.setEmail(userBase.getEmail());
					users_editForm.setFax(userBase.getFax());
					users_editForm.setIdno(userBase.getIdno());
					users_editForm.setIdtype(userBase.getIdtype());
					users_editForm.setSex(userBase.getSex());
					users_editForm.setTel(userBase.getTel());
					userExt=null;
					userBase=null;
				} catch (HibernateException e) {
					e.printStackTrace();
				} finally {
					try {
						tx.rollback();
						SessionFactory.closeSession();
					} catch (HibernateException e1) {
						e1.printStackTrace();
					}
				}

				request.setAttribute("GroupList",new GroupList(users_editForm.getGroupid()));
				return mapping.findForward("admin/users_edit");
			}
		}

}