@WebMethod
public ModelAndView modifyPwd(int uid, String oldPwd, String newPwd) {
ModelAndView mv = new ModelAndView();
User po = dao.get(User.class, uid);
if (po != null) {
if (!po.pwd.equals(SecurityHelper.Md5(oldPwd))) {
throw new GException(PlatformExceptionType.BusinessException, "原密码不正确,请重新输入后重试");
}
po.pwd = SecurityHelper.Md5(newPwd);
dao.saveOrUpdate(po);
}
return mv;
}
@WebMethod
public ModelAndView save(User user, Integer groupId, String roleIds) {
ModelAndView mv = new ModelAndView();
if (StringUtils.isEmpty(user.account)) {
throw new GException(PlatformExceptionType.BusinessException, "用户账号不能为空");
}
if (StringUtils.isEmpty(user.name)) {
throw new GException(PlatformExceptionType.BusinessException, "用户姓名不能为空");
}
if (StringUtils.isEmpty(user.pwd)) {
throw new GException(PlatformExceptionType.BusinessException, "请先设置密码");
}
user.isSuperAdmin = 0;
user.addtime = new Date();
user.pwd = SecurityHelper.Md5(user.pwd);
// TODO
dao.saveOrUpdate(user);
if (groupId != null) {
UserGroup ug = new UserGroup();
ug.gid = groupId;
ug.uid = user.id;
dao.saveOrUpdate(ug);
}
if (roleIds != null && roleIds.length() != 0) {
String[] Ids = roleIds.split(",");
for (int i = 0; i < Ids.length; i++) {
UserRole rg = new UserRole();
rg.roleId = Integer.valueOf(Ids[i]);
rg.uid = user.id;
dao.saveOrUpdate(rg);
}
}
return mv;
}
@WebMethod
public ModelAndView update(User user, String roleIds) {
ModelAndView mv = new ModelAndView();
if (StringUtils.isEmpty(user.name)) {
throw new GException(PlatformExceptionType.BusinessException, "用户名不能为空");
}
User po = dao.get(User.class, user.id);
po.account = user.account;
po.name = user.name;
// String pwd = user.pwd.replace("*", "");
if (StringUtils.isNotEmpty(user.pwd)) {
po.pwd = SecurityHelper.Md5(user.pwd);
}
po.tel = user.tel;
dao.saveOrUpdate(po);
ThreadSession.getHttpSession().setAttribute(MakesiteConstant.Session_Attr_User, po);
if (roleIds != null && roleIds.length() != 0) {
String[] Ids = roleIds.split(",");
dao.execute("delete from UserRole where uid=?", user.id);
for (int i = 0; i < Ids.length; i++) {
if (StringUtils.isEmpty(Ids[i])) {
continue;
}
UserRole rg = new UserRole();
rg.roleId = Integer.valueOf(Ids[i]);
rg.uid = user.id;
dao.saveOrUpdate(rg);
}
} else {
}
return mv;
}
@WebMethod
public ModelAndView login(User user, String _site) {
ModelAndView mv = new ModelAndView();
String pwd = SecurityHelper.Md5(user.pwd);
User po =
dao.getUniqueByParams(
User.class,
new String[] {"account", "pwd", "_site"},
new Object[] {user.account, pwd, _site});
if (po == null) {
throw new GException(PlatformExceptionType.BusinessException, "用户名或密码不正确。");
}
po.lasttime = new Date();
dao.saveOrUpdate(po);
ThreadSession.getHttpSession().setAttribute(MakesiteConstant.Session_Attr_User, po);
List<Map> result =
dao.listAsMap(
"select ra.authId as authId from UserRole ur ,RoleAuth ra where ur.roleId=ra.roleId and ur.uid=?",
po.id);
StringBuilder authList = new StringBuilder("");
for (Map map : result) {
authList.append(map.get("authId").toString());
}
ThreadSession.getHttpSession()
.setAttribute(MakesiteConstant.Session_Auth_List, authList.toString());
String serverName = DataHelper.getServerName(ThreadSession.HttpServletRequest.get());
if (!onlineUserCountMap.containsKey(serverName)) {
onlineUserCountMap.put(serverName, 1);
} else {
onlineUserCountMap.put(serverName, onlineUserCountMap.get(serverName) + 1);
}
String text;
try {
text =
FileUtils.readFileToString(
new File(
ThreadSession.HttpServletRequest.get().getServletContext().getRealPath("/")
+ File.separator
+ "auths.json"),
"utf8");
JSONArray jarr = JSONArray.fromObject(text);
List<String> urlList = new ArrayList<String>();
for (int i = 0; i < jarr.size(); i++) {
JSONObject jobj = jarr.getJSONObject(i);
if (authList.toString().contains(jobj.getString("id"))) {
continue;
}
String urls = jobj.getString("urls");
for (String url : urls.split(",")) {
urlList.add(url);
}
}
ThreadSession.getHttpSession().setAttribute(MakesiteConstant.Session_Auth_Urls, urlList);
} catch (IOException e) {
e.printStackTrace();
}
return mv;
}