예제 #1
0
  /** 去新增用户页面 */
  @RequestMapping(value = "/goAddU")
  public ModelAndView goAddU() throws Exception {
    ModelAndView mv = this.getModelAndView();
    PageData pd = new PageData();
    pd = this.getPageData();

    // 从session获取用户信息
    Subject currentUser = SecurityUtils.getSubject();
    Session session = currentUser.getSession();
    User user = (User) session.getAttribute(Const.SESSION_USER);
    pd.put("USERID", user.getUSER_ID());
    pd.put("ROLEID", user.getROLE_ID());

    logger.info("pd:" + gson.toJson(pd));

    List<Role> roleList = null;
    if (userService.isAdmin(user.getROLE_ID())) {
      roleList = roleService.listAllERRoles(); // 列出所有角色
    } else if (userService.isCooper(user.getROLE_ID())) {
      roleList = roleService.listSubUserRole(userService.SUBUSER_CODE); // 列出所有二级角色
    }

    mv.setViewName("system/user/user_edit");
    mv.addObject("msg", "saveU");
    mv.addObject("pd", pd);
    mv.addObject("roleList", roleList);

    return mv;
  }
예제 #2
0
  /** 显示用户列表(用户组) */
  @RequestMapping(value = "/listUsers")
  public ModelAndView listUsers(Page page) throws Exception {
    ModelAndView mv = this.getModelAndView();
    PageData pd = new PageData();
    pd = this.getPageData();

    String USERNAME = pd.getString("USERNAME");

    if (null != USERNAME && !"".equals(USERNAME)) {
      USERNAME = USERNAME.trim();
      pd.put("USERNAME", USERNAME);
    }

    String lastLoginStart = pd.getString("lastLoginStart");
    String lastLoginEnd = pd.getString("lastLoginEnd");

    if (lastLoginStart != null && !"".equals(lastLoginStart)) {
      lastLoginStart = lastLoginStart + " 00:00:00";
      pd.put("lastLoginStart", lastLoginStart);
    }
    if (lastLoginEnd != null && !"".equals(lastLoginEnd)) {
      lastLoginEnd = lastLoginEnd + " 00:00:00";
      pd.put("lastLoginEnd", lastLoginEnd);
    }

    // 从session获取用户信息
    Subject currentUser = SecurityUtils.getSubject();
    Session session = currentUser.getSession();
    User user = (User) session.getAttribute(Const.SESSION_USER);
    pd.put("USERID", user.getUSER_ID());
    pd.put("ROLEID", user.getROLE_ID());

    logger.info("pd:" + gson.toJson(pd));

    page.setPd(pd);
    List<PageData> userList = null;
    List<Role> roleList = null;
    if (userService.isAdmin(user.getROLE_ID())) {
      userList = userService.listPdPageUser(page); // 列出用户列表
      roleList = roleService.listAllERRoles(); // 列出所有角色

    } else if (userService.isCooper(user.getROLE_ID())) {
      userList = userService.listSubUser(page); // 列出用户列表
      roleList = roleService.listSubUserRole(userService.SUBUSER_CODE); // 列出所有二级角色
    }

    mv.setViewName("system/user/user_list");
    mv.addObject("userList", userList);
    mv.addObject("roleList", roleList);

    mv.addObject("pd", pd);
    mv.addObject(Const.SESSION_QX, this.getHC()); // 按钮权限
    return mv;
  }
예제 #3
0
  /** 保存用户 */
  @RequestMapping(value = "/saveU")
  public ModelAndView saveU(PrintWriter out) throws Exception {
    ModelAndView mv = this.getModelAndView();
    PageData pd = new PageData();
    pd = this.getPageData();

    pd.put("USER_ID", this.get32UUID()); // ID
    pd.put("RIGHTS", ""); // 权限
    pd.put("LAST_LOGIN", ""); // 最后登录时间
    pd.put("IP", ""); // IP
    pd.put("STATUS", "0"); // 状态
    pd.put("SKIN", "default"); // 默认皮肤

    // 从session获取用户信息
    Subject currentUser = SecurityUtils.getSubject();
    Session session = currentUser.getSession();
    User user = (User) session.getAttribute(Const.SESSION_USER);
    pd.put("CREATOR", user.getUSER_ID());

    logger.info("pd:" + gson.toJson(pd));

    pd.put(
        "PASSWORD",
        new SimpleHash("SHA-1", pd.getString("USERNAME"), pd.getString("PASSWORD")).toString());

    if (null == userService.findByUId(pd)) {
      if (Jurisdiction.buttonJurisdiction(menuUrl, "add")) {
        userService.saveU(pd);
      } // 判断新增权限
      mv.addObject("msg", "success");
    } else {
      mv.addObject("msg", "failed");
    }
    mv.setViewName("save_result");
    return mv;
  }
예제 #4
0
  /** 请求登录,验证用户 */
  @RequestMapping(value = "/login_login", produces = "application/json;charset=UTF-8")
  @ResponseBody
  public Object login() throws Exception {
    Map<String, String> map = new HashMap<String, String>();
    PageData pd = new PageData();
    pd = this.getPageData();
    String errInfo = "";
    String KEYDATA[] = pd.getString("KEYDATA").split(",fh,");

    if (null != KEYDATA && KEYDATA.length == 3) {
      // shiro管理的session
      Subject currentUser = SecurityUtils.getSubject();
      Session session = currentUser.getSession();
      String sessionCode =
          (String) session.getAttribute(Const.SESSION_SECURITY_CODE); // 获取session中的验证码

      String code = KEYDATA[2];
      if (null == code || "".equals(code)) {
        errInfo = "nullcode"; // 验证码为空
      } else {
        String USERNAME = KEYDATA[0];
        String PASSWORD = KEYDATA[1];
        pd.put("USERNAME", USERNAME);
        if (Tools.notEmpty(sessionCode) && sessionCode.equalsIgnoreCase(code)) {
          String passwd = new SimpleHash("SHA-1", USERNAME, PASSWORD).toString(); // 密码加密
          pd.put("PASSWORD", passwd);
          pd = userService.getUserByNameAndPwd(pd);
          if (pd != null) {
            pd.put("LAST_LOGIN", DateUtil.getTime().toString());
            userService.updateLastLogin(pd);
            User user = new User();
            user.setUSER_ID(pd.getString("USER_ID"));
            user.setUSERNAME(pd.getString("USERNAME"));
            user.setPASSWORD(pd.getString("PASSWORD"));
            user.setNAME(pd.getString("NAME"));
            user.setRIGHTS(pd.getString("RIGHTS"));
            user.setROLE_ID(pd.getString("ROLE_ID"));
            user.setLAST_LOGIN(pd.getString("LAST_LOGIN"));
            user.setIP(pd.getString("IP"));
            user.setSTATUS(pd.getString("STATUS"));
            session.setAttribute(Const.SESSION_USER, user);
            session.removeAttribute(Const.SESSION_SECURITY_CODE);

            // shiro加入身份验证
            Subject subject = SecurityUtils.getSubject();
            UsernamePasswordToken token = new UsernamePasswordToken(USERNAME, PASSWORD);
            try {
              subject.login(token);
            } catch (AuthenticationException e) {
              errInfo = "身份验证失败!";
            }

          } else {
            errInfo = "usererror"; // 用户名或密码有误
          }
        } else {
          errInfo = "codeerror"; // 验证码输入有误
        }
        if (Tools.isEmpty(errInfo)) {
          errInfo = "success"; // 验证成功
        }
      }
    } else {
      errInfo = "error"; // 缺少参数
    }
    map.put("result", errInfo);
    return AppUtil.returnObject(new PageData(), map);
  }
예제 #5
0
  /** 访问系统首页 */
  @RequestMapping(value = "/main/{changeMenu}")
  public ModelAndView login_index(@PathVariable("changeMenu") String changeMenu) {
    ModelAndView mv = this.getModelAndView();
    PageData pd = new PageData();
    pd = this.getPageData();
    try {

      // shiro管理的session
      Subject currentUser = SecurityUtils.getSubject();
      Session session = currentUser.getSession();

      User user = (User) session.getAttribute(Const.SESSION_USER);
      if (user != null) {

        User userr = (User) session.getAttribute(Const.SESSION_USERROL);
        if (null == userr) {
          user = userService.getUserAndRoleById(user.getUSER_ID());
          session.setAttribute(Const.SESSION_USERROL, user);
        } else {
          user = userr;
        }
        Role role = user.getRole();
        String roleRights = role != null ? role.getRIGHTS() : "";
        // 避免每次拦截用户操作时查询数据库,以下将用户所属角色权限、用户权限限都存入session
        session.setAttribute(Const.SESSION_ROLE_RIGHTS, roleRights); // 将角色权限存入session
        session.setAttribute(Const.SESSION_USERNAME, user.getUSERNAME()); // 放入用户名

        List<Menu> allmenuList = new ArrayList<Menu>();

        if (null == session.getAttribute(Const.SESSION_allmenuList)) {
          allmenuList = menuService.listAllMenu();
          if (Tools.notEmpty(roleRights)) {
            for (Menu menu : allmenuList) {
              menu.setHasMenu(RightsHelper.testRights(roleRights, menu.getMENU_ID()));
              if (menu.isHasMenu()) {
                List<Menu> subMenuList = menu.getSubMenu();
                for (Menu sub : subMenuList) {
                  sub.setHasMenu(RightsHelper.testRights(roleRights, sub.getMENU_ID()));
                }
              }
            }
          }
          session.setAttribute(Const.SESSION_allmenuList, allmenuList); // 菜单权限放入session中
        } else {
          allmenuList = (List<Menu>) session.getAttribute(Const.SESSION_allmenuList);
        }

        // 切换菜单=====
        List<Menu> menuList = new ArrayList<Menu>();
        // if(null == session.getAttribute(Const.SESSION_menuList) ||
        // ("yes".equals(pd.getString("changeMenu")))){
        if (null == session.getAttribute(Const.SESSION_menuList) || ("yes".equals(changeMenu))) {
          List<Menu> menuList1 = new ArrayList<Menu>();
          List<Menu> menuList2 = new ArrayList<Menu>();

          // 拆分菜单
          for (int i = 0; i < allmenuList.size(); i++) {
            Menu menu = allmenuList.get(i);
            if ("1".equals(menu.getMENU_TYPE())) {
              menuList1.add(menu);
            } else {
              menuList2.add(menu);
            }
          }

          session.removeAttribute(Const.SESSION_menuList);
          if ("2".equals(session.getAttribute("changeMenu"))) {
            session.setAttribute(Const.SESSION_menuList, menuList1);
            session.removeAttribute("changeMenu");
            session.setAttribute("changeMenu", "1");
            menuList = menuList1;
          } else {
            session.setAttribute(Const.SESSION_menuList, menuList2);
            session.removeAttribute("changeMenu");
            session.setAttribute("changeMenu", "2");
            menuList = menuList2;
          }
        } else {
          menuList = (List<Menu>) session.getAttribute(Const.SESSION_menuList);
        }
        // 切换菜单=====

        if (null == session.getAttribute(Const.SESSION_QX)) {
          session.setAttribute(Const.SESSION_QX, this.getUQX(session)); // 按钮权限放到session中
        }

        // FusionCharts 报表
        //			 	String strXML = "<graph caption='前12个月订单销量柱状图' xAxisName='月份' yAxisName='值'
        // decimalPrecision='0' formatNumberScale='0'><set name='2013-05' value='4'
        // color='AFD8F8'/><set name='2013-04' value='0' color='AFD8F8'/><set name='2013-03'
        // value='0' color='AFD8F8'/><set name='2013-02' value='0' color='AFD8F8'/><set
        // name='2013-01' value='0' color='AFD8F8'/><set name='2012-01' value='0'
        // color='AFD8F8'/><set name='2012-11' value='0' color='AFD8F8'/><set name='2012-10'
        // value='0' color='AFD8F8'/><set name='2012-09' value='0' color='AFD8F8'/><set
        // name='2012-08' value='0' color='AFD8F8'/><set name='2012-07' value='0'
        // color='AFD8F8'/><set name='2012-06' value='0' color='AFD8F8'/></graph>" ;
        //			 	mv.addObject("strXML", strXML);
        // FusionCharts 报表

        // 读取websocket配置
        String strWEBSOCKET = Tools.readTxtFile(Const.WEBSOCKET); // 读取WEBSOCKET配置
        if (null != strWEBSOCKET && !"".equals(strWEBSOCKET)) {
          String strIW[] = strWEBSOCKET.split(",fh,");
          if (strIW.length == 4) {
            pd.put("WIMIP", strIW[0]);
            pd.put("WIMPORT", strIW[1]);
            pd.put("OLIP", strIW[2]);
            pd.put("OLPORT", strIW[3]);
          }
        }
        // 读取websocket配置

        mv.setViewName("system/admin/index");
        mv.addObject("user", user);
        mv.addObject("menuList", menuList);
      } else {
        mv.setViewName("system/admin/login"); // session失效后跳转登录页面
      }

    } catch (Exception e) {
      mv.setViewName("system/admin/login");
      logger.error(e.getMessage(), e);
    }
    pd.put("SYSNAME", Tools.readTxtFile(Const.SYSNAME)); // 读取系统名称
    mv.addObject("pd", pd);
    return mv;
  }