/* * 根据用户来获取用户的权限 * prur 传入一个用户编号 * pp传入一个父节点编号 */ public List<PmPermission> getUserPermission(PmRUserRole prur, PmPermission pp) throws Exception { StringBuffer sb = new StringBuffer(); sb.append("from PmPermission where permissionId in(select rolePermissionPid "); sb.append("from PmRRolePermissioin where rolePermissionRid in "); sb.append( "(select roleUserRid from PmRUserRole where roleUserUid=?)) and permissionParentId=? "); Object[] obj = new Object[2]; obj[0] = prur.getRoleUserUid(); obj[1] = pp.getPermissionParentId(); if (prur != null) { List<PmPermission> listPermission = (List<PmPermission>) this.query(sb.toString(), obj); if (listPermission != null && listPermission.size() > 0) { return listPermission; } } return null; }
/* * 通过传入的url和用户编号来查询用户是否有权限 * 如果用户来查询过一次后会到静态对象mapAppliction中来获得对象 * 但是这个地方会有一个bug如果信息被修改了,不会自动更新mapAppliction对象中的信息 */ public List<Map> boolUserPermission(String url, String userId) throws Exception { try { Object objMap = null; // 缓存是否有传入的用户信息 if (mapAppliction != null && mapAppliction.size() > 0) { objMap = mapAppliction.get(userId); } // 缓存没有用户信息到数据库中查,则直接返回缓存中的用户信息 if (objMap == null) { String sql1 = "select pr.role_id from pm_r_user_role prur LEFT JOIN pm_role pr on prur.ROLE_USER_RID=pr.role_id where prur.ROLE_USER_UID=? and pr.ROLE_STATUS=0"; Object[] obj = new Object[1]; obj[0] = userId; List<Map> list = this.executeQuery(sql1, obj); // 检测用户是否有分配了角色 if (list != null && list.size() > 0) { StringBuffer sb = new StringBuffer(); // 循环构建角色参数 for (int i = 0; i < list.size(); i++) { if (i != 0) { sb.append(","); } sb.append(list.get(i).get("ROLE_ID")); } String sql = "select pp.PERMISSION_URI from pm_permission pp LEFT JOIN pm_r_role_permissioin prrp on prrp.ROLE_PERMISSION_PID=pp.PERMISSION_ID where prrp.ROLE_PERMISSION_STATUS=0 and pp.PERMISSION_URI !='' and prrp.ROLE_PERMISSION_RID in (" + sb.toString() + ") group by pp.PERMISSION_URI"; // 根据角色找出对应的权限 List lists = this.executeQuery(sql); long time = System.currentTimeMillis(); mapAppliction.put(userId, lists); return lists; } else { return null; } } else { return (List<Map>) objMap; } } catch (Exception e) { throw e; } }
/* * 查询用户的单个角色 */ public boolean boolUserPermission(PmRUserRole prur, PmPermission pp) throws Exception { StringBuffer sb = new StringBuffer(); sb.append( "select count(*) as count from pm_r_user_role prur LEFT JOIN pm_r_role_permissioin prrp on prur.ROLE_USER_RID=prrp.ROLE_PERMISSION_RID"); sb.append(" LEFT JOIN pm_permission pp on pp.PERMISSION_ID=prrp.ROLE_PERMISSION_PID"); sb.append(" where prur.ROLE_USER_UID=? and pp.PERMISSION_URI=?"); Object[] obj = new Object[2]; obj[0] = prur.getRoleUserUid(); obj[1] = pp.getPermissionUri(); // 判断传入参数是否为空,查询用户和uri是否存在 if (prur != null && pp != null) { List<Map> listCount = (List<Map>) this.executeQuery(sb.toString(), obj); // 返回的记录数是否大于0 if (listCount != null && listCount.size() > 0) { if (Integer.parseInt(listCount.get(0).get("count").toString()) > 0) { return true; } } } return false; }
/* * 根据角色获取权限 * role角色编号 */ public List<PmPermission> getRolePermission(PmRole role) throws Exception { try { StringBuffer sb = new StringBuffer(); sb.append( "from PmPermission where permissionId in " + "(select rolePermissionPid from PmRRolePermissioin where rolePermissionRid=? and rolePermissionStatus=0)"); Object[] obj = new Object[1]; obj[0] = role.getRoleId(); List<PmPermission> listPermission = (List<PmPermission>) this.query(sb.toString(), obj); // 集合不为空且长度大于0返回集合 if (listPermission != null && listPermission.size() > 0) { return listPermission; } } catch (Exception e) { throw e; } return null; }
/* * 根据用户来获取用户的权限 * prur 传入一个用户编号 */ public List<Map> getUserPermission(PmRUserRole prur) throws Exception { // 检测缓存中是否有传入的用户,有则从缓存中取得用户信息,没有则从数据库中查询 if (!(userMap != null && userMap.size() > 0 && userMap.get(prur.getRoleUserUid()) != null)) { StringBuffer sb = new StringBuffer(); sb.append( "select * from pm_permission where PERMISSION_ID in (select role_permission_pid from pm_r_role_permissioin where role_permission_rid in (select role_user_rid from pm_r_user_role where role_user_uid=?) and role_permission_status=0)"); Object[] obj = new Object[1]; obj[0] = prur.getRoleUserUid(); if (prur != null) { List<Map> listPermission = (List<Map>) this.executeQuery(sb.toString(), obj); if (listPermission != null && listPermission.size() > 0) { userMap.put(prur.getRoleUserUid(), listPermission); return listPermission; } else { return null; } } } else { return (List<Map>) userMap.get(prur.getRoleUserUid()); } return null; }