private String convertUnitJsonWithCheck(List<SgccIniUnit> list, String ifCheck) { SgccIniUnit unit = null; String nodeStr = "["; for (int j = 0; j < list.size(); j++) { int count = list.size(); unit = (SgccIniUnit) list.get(j); String id = unit.getUnitid(); String name = unit.getUnitname(); String unitTypeId = unit.getUnitTypeId(); String attachUnitId = unit.getAttachUnitid(); nodeStr += "{id:'" + id + "'" + ",text:'" + name + "'" + ",unitTypeId:'" + unitTypeId + "'" + ",attachUnitId:'" + attachUnitId + "'" + ",description:'" + id + name + "'"; int leaf = this.systemMgm.getUnitCountByParentId(id, true); if (leaf > 0) { nodeStr += ",leaf:false"; } else { nodeStr += ",leaf:true"; } if (ifCheck.equals("none")) { nodeStr += "}"; } else { String check = "false"; nodeStr += ",checked:" + check + "}"; } if (j == count - 1) { nodeStr += "]"; } else { nodeStr += ","; } } // System.out.println("" + nodeStr); return nodeStr; }
public void authentication(HttpServletRequest request, HttpServletResponse response) throws IOException { String msg = Constant.SUCCESS; String stackTrace = ""; String username = request.getParameter("username"); String password = request.getParameter("password"); String verifyCode = request.getParameter("verifycode"); // 中煤物资采购系统需要用到验证码 Object codeObject = request.getSession().getAttribute("verifyCode"); /*String sessionCode = (String) request.getSession().getAttribute( "verifyCode"); if (loginAudit.get(username) == null) { LoginEvent event = new LoginEvent(); event.count = 0; loginAudit.put(username, event); } else { System.out.println("The count is " + (loginAudit.get(username)).count); } int failCount = (loginAudit.get(username)).count; int LOGIN_FAIL_LIMIT = BusinessConstants.LOGIN_FAIL_LIMIT;*/ try { /*if (failCount > LOGIN_FAIL_LIMIT) { Date lasttime = (loginAudit.get(username)).time; Date now = new Date(); String str = ""; if ((now.getTime() - lasttime.getTime()) > 86400000 || username.equals("system") || username.equals("Administrator")) { (loginAudit.get(username)).count = 0; failCount = 0; str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,今日内不允许登陆!"; } else { (loginAudit.get(username)).time = new Date(); System.out.println("The lock is " + (loginAudit.get(username)).locked); if (!(loginAudit.get(username)).locked) this.systemMgm.lockUser(username); str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,用户已经被锁定!"; } throw new BusinessException(str); } if (verifyCode == null || !verifyCode.equals(sessionCode)) { // (loginAudit.get(username)).count += 1; throw new BusinessException(BusinessConstants.MSG_USER_VERITY); }*/ // 只有系统配置了NEED_VERIFY_CODE=1才会进行验证码校验,目前用于中煤物资采购系统 if (Constant.propsMap.get("NEED_VERIFY_CODE") != null && Constant.propsMap.get("NEED_VERIFY_CODE").equals("1")) { String sessionCode = (String) codeObject; if (verifyCode == null || !verifyCode.equals(sessionCode)) { throw new BusinessException(BusinessConstants.MSG_USER_VERITY); } } RockUser user = this.systemMgm.authentication(username, password); SgccIniUnit unit = this.systemMgm.getUnitById(user.getPosid()); String unitid = user.getUnitid(); String unitname = this.systemMgm.getUserUnitName(user); SgccIniUnit belongUnit = this.systemMgm.getBelongUnit(user.getUnitid()); String roles = this.systemMgm.getUserRoleType(user); this.systemMgm.userLogon(user); this.systemMgm.saveUserLoginTimeAndIp(user.getUserid(), this.getIpAddr(request)); HttpSession s = request.getSession(); s.setAttribute(Constant.USER, user); s.setAttribute(Constant.USERID, user.getUserid()); s.setAttribute(Constant.USERNAME, user.getRealname()); s.setAttribute(Constant.USERACCOUNT, username); s.setAttribute(Constant.UNITTYPE, unit.getUnitTypeId()); s.setAttribute(Constant.USERUNITID, unitid); s.setAttribute(Constant.USERUNITNAME, unitname); s.setAttribute(Constant.USERBELONGUNITID, belongUnit.getUnitid()); s.setAttribute(Constant.USERBELONGUNITNAME, belongUnit.getUnitname()); s.setAttribute(Constant.USERBELONGUNITTYPEID, belongUnit.getUnitTypeId()); // liangwj(2011-10-24):系统业务不支持用户归属于多个部门,所以所在部门及岗位信息直接从rock_user中读取,而不再从rock_user2dept表中读取 s.setAttribute( Constant.USERDEPTID, (user.getDeptId() == null ? user.getUnitid() : user.getDeptId())); s.setAttribute( Constant.USERPOSID, (user.getPosid() == null ? user.getUnitid() : user.getPosid())); s.setAttribute(Constant.USERMODULES, this.systemMgm.getUserModules(user)); s.setAttribute(Constant.ROLETYPE, roles.split("`")[0]); s.setAttribute(Constant.ISLEADER, roles.split("`")[1]); if (unitid.equals(user.getDeptId()) && unitid.equals(user.getPosid())) { s.setAttribute(Constant.USERDEPTPOSNAME, unitname); } else { s.setAttribute(Constant.USERDEPTPOSNAME, this.systemMgm.getUserDeptPosInfo(user)); } if (roles.split("`")[0].equals("0")) { s.setAttribute(Constant.APPOrgRootID, Constant.DefaultOrgRootID); s.setAttribute(Constant.APPOrgRootNAME, Constant.DefaultOrgRootNAME); } else { s.setAttribute(Constant.APPOrgRootID, unitid); s.setAttribute(Constant.APPOrgRootNAME, unitname); } // 设置当前项目单位及可管理的项目单位 List<SgccIniUnit> pids = this.systemMgm.getPidsByUnitid(belongUnit.getUnitid()); StringBuilder USERPIDS = new StringBuilder(); StringBuilder USERPNAMES = new StringBuilder(); for (int i = 0, j = pids.size(); i < j; i++) { SgccIniUnit hbm = pids.get(i); if (i == 0) { s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid()); s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname()); } else { if ((hbm.getUnitid()).equals(belongUnit.getUnitid())) { s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid()); s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname()); } } USERPIDS.append(hbm.getUnitid()).append(","); USERPNAMES.append(hbm.getUnitname()).append(","); } if (pids.size() > 0) { String userpids = USERPIDS.toString(); String userpnames = USERPNAMES.toString(); s.setAttribute(Constant.USERPIDS, userpids.substring(0, userpids.length() - 1)); s.setAttribute(Constant.USERPNAMES, userpnames.substring(0, userpnames.length() - 1)); } else { s.setAttribute(Constant.USERPIDS, null); s.setAttribute(Constant.USERPNAMES, null); s.setAttribute(Constant.CURRENTAPPPID, null); s.setAttribute(Constant.CURRENTAPPPNAME, null); } // 只有系统配置了NEED_OPERATE_HISTORY=1才会启用日志添加操作,目前用于中煤物资采购系统 if (Constant.propsMap.get("NEED_OPERATE_HISTORY") != null && Constant.propsMap.get("NEED_OPERATE_HISTORY").equals("1")) { OperateHistoryService operateHistoryService = (OperateHistoryService) this.wac.getBean("operateHistoryService"); operateHistoryService.addOperateHistory( user.getUserid(), user.getUnitid(), "LOGIN", "登录" + Constant.DefaultModuleRootName + "成功", "SUCCESS"); } log.info("===== [" + username + " : " + user.getRealname() + "] ========="); } catch (Exception e) { /*failCount++; (loginAudit.get(username)).count = failCount; (loginAudit.get(username)).time = new Date();*/ msg = getSQLErrorMsg(e); stackTrace = getStackTrace(e); } if (request.getParameter("target") != null) { StringBuffer sbf = new StringBuffer(""); if (msg.equals(Constant.SUCCESS)) { /* * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>"); * sbf.append(request.getParameter("target")); * sbf.append(".location.href='"); */ // (loginAudit.get(username)).count = 0; if (Constant.indexType == null || Constant.indexType.equals("") || Constant.indexType.equals("0")) { sbf.append(Constant.APPINDEXPAGE + ".jsp"); } else { sbf.append(Constant.APPINDEXPAGE + Constant.indexType + ".jsp"); } sendMsgResponseLogin(msg, stackTrace, sbf.toString(), response); // sbf.append("';</script>"); } else { /* * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>alert('"); * sbf.append(msg); sbf.append("');history.back();</script>"); */ sendMsgResponse(msg, stackTrace, 0, response); } // outputString(response, sbf.toString()); } else { sendMsgResponse(msg, stackTrace, 0, response); } }