public String updateAuthorization() {
User user = userService.findUserById(userid);
if (user == null) {
ret.put("retCode", "1001");
ret.put("retMSG", "该用户不存在");
return "success";
}
Integer auth = 0;
String[] newauths = newauthorization.split(",");
for (int i = 0; i < newauths.length; i++) {
Permission per = permissionService.findPermissionByValue(Integer.parseInt(newauths[i]));
if (per != null) {
Double d = Math.pow(2, per.getValue());
auth += d.intValue();
}
}
user.setAuthorization(auth);
userService.updateUser(user);
ret.put("retCode", "1000");
ret.put("retMSG", "权限更新成功");
return "success";
}
public String authorized() {
User user = userService.findUserById(userid);
if (user == null) {
ret.put("retCode", "1001");
ret.put("retMSG", "该用户不存在");
return "success";
}
Permission per = permissionService.findPermissionById(permissionid);
if (per == null) {
ret.put("retCode", "1001");
ret.put("retMSG", "该权限不存在");
return "success";
}
if (Utils.authorized(user.getAuthorization(), per.getValue())) {
ret.put("retCode", "1000");
ret.put("retMSG", "有权限操作");
return "success";
} else {
ret.put("retCode", "1001");
ret.put("retMSG", "没有权限操作");
return "success";
}
}
public String getUserAuthorization() {
User user = userService.findUserById(userid);
if (user == null) {
ret.put("retCode", "1001");
ret.put("retMSG", "该用户不存在");
return "success";
}
Integer userauth = user.getAuthorization();
List<Permission> pers = permissionService.findAllPermissions();
List<Permission> auth = new ArrayList<Permission>();
// magic here, don't touch
for (int i = 0; i < pers.size(); i++) {
Double d = Math.pow(2, pers.get(i).getValue());
if ((userauth & d.intValue()) != 0) {
auth.add(pers.get(i));
}
}
JSONArray ja = JSONArray.fromObject(auth);
ret.put("auth", ja);
ret.put("retCode", "1000");
ret.put("retMSG", "操作成功");
return "success";
}