/** * 保存用户权限 * * @param ppm * @param loginid * @throws MatechException */ public void SavePopedom(String ppm, String loginid) throws MatechException { try { ps = conn.prepareStatement("update k_user set Popedom = ? where loginid ='" + loginid + "'"); ps.setString(1, ppm); ps.executeUpdate(); // ps.execute("Flush tables"); ps.close(); } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } }
/** * 得到部门的树 * * @param parentid 部门的autoid,机构ID为555555 * @return * @throws Exception */ public String getATreeTable(String parentid) throws MatechException { ResultSet rs = null; StringBuffer sb = new StringBuffer(""); try { String sql = "select * from k_department where parentid='" + parentid + "' order by property"; ps = conn.prepareStatement(sql); rs = ps.executeQuery(); sb.append("<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" >"); while (rs.next()) { sb.append("<tr height=\"20\" style=\"cursor: hand;\">"); sb.append( "<td width=\"20\" align=\"center\" nowrap onclick=\"getSubTree(" + rs.getString("autoid") + ");\">"); sb.append( "<img id=\"ActImg" + rs.getString("autoid") + "\" src=\"images/nofollow.jpg\" width=\"11\" height=\"11\" />"); sb.append("</td>"); sb.append("<td align=left valign=\"bottom\" nowrap>"); sb.append( "<input type=\"checkbox\" name=\"departname\" value=\"" + rs.getString("autoid") + "\" onclick=\"getBUser();\" >" + "<span onclick=\"getSubTree(" + rs.getString("autoid") + ");\"><font size=2>" + rs.getString("departname") + "</font></span>"); sb.append("</td></tr>"); sb.append( "<tr><td id='subImg" + rs.getString("autoid") + "' style='display:block'></td><td align=\"left\" valign=\"bottom\" style='display:block' id='subTree" + rs.getString("autoid") + "'>"); sb.append(getATreeTable(rs.getString("autoid"))); sb.append("</td></tr>"); } sb.append("</table>"); return sb.toString(); } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } finally { DbUtil.close(rs); } }
/** * 得到系统菜单树 * * @param pid * @param loginid * @return * @throws MatechException */ public String getPopedomTree(String pid, String loginid) throws MatechException { try { if (pid == null || pid.equals("")) { return ""; } if (loginid == null || loginid.equals("")) { return ""; } this.loginid = loginid; return getSubTree(pid, getUserPpmAll(loginid), getUserRolePpm(loginid)); } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } }
/** * 得到角色的所有权限 * * @param loginid * @param conn * @return * @throws MatechException */ public String getRolePpm(String loginid) throws MatechException { String ppm = ""; ResultSet rs = null; try { ps = conn.prepareStatement("select popedom from k_role b where id='" + loginid + "'"); rs = ps.executeQuery(); while (rs.next()) { ppm += rs.getString(1); } return ppm; } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } finally { DbUtil.close(rs); } }
/** * 得到项目权限 * * @param userid 用户登录名 * @return */ public String getProjectPopedomById(String id) throws MatechException { String ppm = ""; ResultSet rs = null; try { ps = conn.prepareStatement("select Popedom from k_user where id ='" + id + "'"); rs = ps.executeQuery(); if (rs.next()) { ppm = rs.getString(1) + ""; } rs.close(); ps.close(); } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } finally { DbUtil.close(rs); } return ppm; }
/** * 得到用户的所有权限 * * @param loginid * @return * @throws MatechException */ public String getUserPpmAll(String loginid) throws MatechException { String ppm = ""; ResultSet rs = null; try { String sql = "select popedom from k_user where loginid ='" + loginid + "' union select b.popedom from k_userrole a, k_role b,k_user c where c.loginid='" + loginid + "' and a.rid = b.id and a.userid=c.id and c.state=0"; ps = conn.prepareStatement(sql); rs = ps.executeQuery(); while (rs.next()) { ppm += rs.getString(1); } return ppm; } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } finally { DbUtil.close(rs); } }
/** * 输出脚本 * * @param taskid * @return * @throws Exception */ public String getScript(String taskid) throws Exception { PreparedStatement ps = null; ResultSet rs = null; String level = ""; String result = ""; try { new DBConnect().changeDataBaseByProjectid(conn, this.projectId); ps = conn.prepareStatement( "select parenttaskid,level0 from jbpm_z_task where projectid=? and taskid=?"); ps.setString(1, this.projectId); while (!level.equals("0")) { ps.setString(2, taskid); rs = ps.executeQuery(); if (rs.next()) { result = "getSubTree('" + taskid + "');" + result; level = rs.getString("level0"); taskid = rs.getString("parenttaskid"); } else { break; } } } catch (Exception e) { Debug.print(Debug.iError, "输出脚本出错", e); throw e; } finally { DbUtil.close(rs); DbUtil.close(ps); } return result; }
/** * 获得子树 * * @param parentTaskId * @return * @throws Exception */ public String getSubTree(String parentTaskId) throws Exception { ASFuntion asf = new ASFuntion(); PreparedStatement ps = null; ResultSet rs = null; if (parentTaskId == null) { return ""; } try { String sql = "select distinct IsLeaf,TaskID,TaskName,ManuID,b.name,taskcode,user1,user2,user3,User4,user5,a.property,ismust " + " from jbpm_z_Task a left join k_user b on a.user0=b.id " + " where ParentTaskID = ? " + " and ProjectID = ? " + " and (property not like 'A%' or property is null) "; // 不显示叶子节点,也就是底稿 if (!isleaf) { sql += " and isleaf=0 "; } sql += " order by orderid,taskcode"; ps = conn.prepareStatement(sql); ps.setString(1, parentTaskId); ps.setString(2, this.projectId); rs = ps.executeQuery(); int i = 0; StringBuffer sb = new StringBuffer(""); while (rs.next()) { i++; String taskusr = rs.getString(5); if (taskusr != null && !"".equals(taskusr)) { taskusr = "******" + taskusr + ")"; } else { taskusr = ""; } String property = rs.getString(12); // coalition.gif String taskId = rs.getString(2); String tcode = rs.getString(6); String taskName = rs.getString(3); String manuId = rs.getString(4); String url = ""; if ("22".equals(property)) { tcode = "<img src=\"../images/coalition.gif\" width=\"18\" height=\"16\"> " + tcode; } sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"); if (rs.getInt(1) == 0) { sb.append("<tr style=\"cursor: hand;\">"); sb.append( "<td onclick=\"getSubTree('" + taskId + "');\" width=\"11\" height=\"11\" align=\"right\">"); sb.append( "<img id=\"ActImg" + taskId + "\" src=\"../images/plus.jpg\" width=\"11\" height=\"11\" />"); sb.append("</td>"); sb.append( "<td onclick=\"showObj('" + taskId + "');\" align=left valign=\"bottom\" nowrap>"); if (isleaf) { // 显示底稿列表 url = "/AuditSystem/oa/task.do?method=list&parentTaskId=" + taskId; } else { // 不显示底稿列表,只显示程序和目标 url = "/AuditSystem/oa/task.do?method=tarAndPro&parentTaskId=" + taskId + "&projectId=" + this.projectId + "&isLeaf=" + isleaf; } sb.append( "<a id=\"a" + taskId + "\" href=\"" + url + "\" target='TaskMainFrame' onclick='doIt(this);'> "); sb.append("<font size=2> " + tcode + " " + taskName); sb.append("</a></td></tr>"); } else { String user1 = asf.showNull(rs.getString(7)); String user2 = asf.showNull(rs.getString(8)); String user3 = asf.showNull(rs.getString(9)); String user4 = asf.showNull(rs.getString(10)); String user5 = asf.showNull(rs.getString(11)); // String ismust = asf.showNull(rs.getString(13)); String stateHTML = ""; // getTaskStateHTML(ismust); String picName = ""; if (!"".equals(user1)) { picName = "1"; } if (!"".equals(user5)) { picName = "5"; } if (!"".equals(user2)) { picName = "2"; } if (!"".equals(user3)) { picName = "3"; } if (!"".equals(user4)) { picName = "4"; } sb.append("<tr style=\"cursor: hand;\">"); sb.append("<td width=\"27\" height=\"16\" nowrap align=\"right\">"); String extendName = taskName; if (extendName.lastIndexOf(".") <= -1) { continue; } extendName = extendName.substring(extendName.lastIndexOf(".")); if (".doc".equalsIgnoreCase(extendName)) { picName = "word" + picName + ".gif"; } else if (".xls".equalsIgnoreCase(extendName)) { picName = "excel" + picName + ".gif"; } sb.append("<img id=\"ActImg\" src=\"../images/office/" + picName + "\" />"); sb.append("</td>"); String goUrl = "'" + manuId + "','" + taskId + "'"; String style = "style=\"cursor:hand;\""; String title = ""; String isuntread = "no"; if (!"".equals(user4)) { style = " style=\" cursor:hand;font-weight:bold; color:red; \" "; title = " title=\"被退回的底稿\" "; isuntread = "yes"; } sb.append("<td align=left valign=\"bottom\" nowrap>"); sb.append( "<a isuntread='" + isuntread + "'" + title + " id='a" + taskId + "' " + style + " onclick=\"doIt(this);"); sb.append(" goUrl(" + goUrl + ");\" > "); sb.append(tcode + " " + taskName + " " + taskusr + " " + stateHTML); sb.append("</a>"); sb.append("</td></tr>"); } sb.append("<tr>"); sb.append("<td id='subImg" + taskId + "' style='display:none'></td>"); sb.append("<td id='subTree" + taskId + "' style='display:none'></td>"); sb.append("</tr>"); sb.append("</table>"); } return sb.toString(); } catch (Exception e) { Debug.print(Debug.iError, "获得子树失败", e); throw e; } finally { DbUtil.close(rs); DbUtil.close(ps); } }
public String getSubTree1(String pid, String ppm, String onlyPpm) throws MatechException { ResultSet rs = null; try { DbUtil db = new DbUtil(conn); String strSql = ""; if ("role".equals(this.property)) { strSql = " and (a.property = '' or a.property is null or a.property <= '" + this.userRoleOptimization + "') "; } String sql = "select depth,menu_id,name,ctype,parentid,id from s_sysmenu a where parentid = '" + pid + "' and id in (" + SysPpm + ") and parentid <> '000'and ctype<>'000' " + strSql + "order by seq_no,menu_id"; // System.out.println(sql); ps = conn.prepareStatement(sql); rs = ps.executeQuery(); int i = 0; StringBuffer sb = new StringBuffer(""); int depth = 0; String menu_id = ""; String name = ""; String type = " <font size=2 color=blue>[菜单项]</font>"; String state = ""; String parentid = ""; String powerid = ""; String ctype = ""; String only = ""; // conn.close(); while (rs.next()) { depth = rs.getInt("depth"); menu_id = rs.getString("menu_id"); name = rs.getString("NAME"); ctype = rs.getString("ctype"); parentid = rs.getString("parentid"); powerid = rs.getString("id"); state = ""; only = ""; if (ppm.indexOf("." + powerid + ".") >= 0) { state = "checked"; } if ("02".equals(rs.getString(4))) { type = " <font size=2 color=red>[按钮]</font>"; } else { type = " <font size=2 color=blue>[菜单项]</font>"; } if (this.userPopedom) { if (depth != 1 && !"02".equals(ctype)) { // 人员与部门权限:判断是否已授权 1为已授权 // 1、property 2、loginid roleid ASFuntion CHF = new ASFuntion(); String userpopedom = ""; if ("role".equals(this.property)) { // 角色的部门授权 sql = "select 1 from k_userpopedom a where a.userid = ? and a.menuid =? and a.property =? "; userpopedom = CHF.showNull( db.queryForString(sql, new String[] {this.roleid, powerid, this.property})); } else { // 用户的部门授权 sql = "select 1 from k_userpopedom a,k_user b where a.userid = b.id and b.loginid = ? and a.menuid =? and a.property =? "; userpopedom = CHF.showNull( db.queryForString(sql, new String[] {this.loginid, powerid, this.property})); } if ("1".equals(userpopedom)) { type += " <input type='hidden' id='departmentid" + powerid + "' name='departmentid' value='' >" + "<input type='hidden' id='menuid" + powerid + "' name='menuid' value='" + powerid + "' >" + "<a href=\"javascript:void(0);\" onclick=\"getUserPopedom('" + powerid + "');\");\">[部门授权]<font color=red>(已授权)</font></a>"; } else { type += " <input type='hidden' id='departmentid" + powerid + "' name='departmentid' value='' >" + "<input type='hidden' id='menuid" + powerid + "' name='menuid' value='" + powerid + "' >" + "<a href=\"javascript:void(0);\" onclick=\"getUserPopedom('" + powerid + "');\");\">[部门授权]</a>"; } if ("role".equals(this.property)) { // 只有角色才有 // 通过SQL得到哪些菜单要字段权限 strSql = "select 1 from k_Field where menuid = '" + powerid + "' limit 1"; String ifTrue = CHF.showNull(db.queryForString(strSql)); if ("1".equals(ifTrue)) { type += " " + "<input type='hidden' id='omenuid" + powerid + "' name='omenuid' value='" + powerid + "' >" + "<input type='hidden' id='reading" + powerid + "' name='reading' value='' >" + "<input type='hidden' id='editing" + powerid + "' name='editing' value='' >" + "<a href=\"javascript:void(0);\" onclick=\"getFieldPopedom('" + powerid + "');\");\">[字段权限]</a>"; } } } } if (onlyPpm.indexOf("." + powerid + ".") >= 0) { only = " disabled "; } i++; sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"); if (depth > 0) { sb.append("<tr style=\"cursor: hand;\">"); sb.append( "<td width=\"20\" height=\"18\" align=\"right\" onclick=\"getSubTree(" + menu_id + ");\">"); sb.append( "<img id=\"ActImg" + menu_id + "\" src=\"images/plus.jpg\" width=\"11\" height=\"11\" />"); sb.append("</td>"); sb.append( "<td align=left valign=\"bottom\" nowrap> <input type='checkbox' menuName='" + name + "' id='" + parentid + "' name='MenuID' Menu='" + menu_id + "' value='" + powerid + "' MyID='" + menu_id + "' ParentID='" + parentid + "' onclick='setCountEnable(); setEnableTree(this);' " + state + only + "><span onclick=\"getSubTree(" + menu_id + ");\"><font size=2>" + name + "</font></span>" + type + "</td>"); sb.append("</tr>"); sb.append("<tr>"); sb.append("<td id='subImg" + menu_id + "' style='display:none'></td>"); sb.append( "<td id='subTree" + menu_id + "' style='display:none'>" + getSubTree1(menu_id, ppm, onlyPpm) + "</td>"); sb.append("</tr>"); sb.append("</table>"); } else { sb.append("<tr style=\"cursor: hand;\">"); sb.append("<td width=\"20\" height=\"18\" align=\"right\">"); sb.append( "<img id=\"ActImg" + menu_id + "\" src=\"images/sjx1.gif\" width=\"11\" height=\"11\" />"); sb.append("</td>"); sb.append( "<td align=left valign=\"bottom\" nowrap> <input type='checkbox' menuName='" + name + "' id='" + parentid + "' name='MenuID' Menu='" + menu_id + "' value='" + powerid + "' depth=0 MyID='" + menu_id + "' ParentID='" + parentid + "' onclick='setCountEnable();setEnableTree(this);' " + state + only + "><font size=2>" + name + "</font> " + type + "</td>"); sb.append("</tr>"); sb.append("<tr>"); sb.append("<td id='subImg" + menu_id + "' style='display:none'></td>"); sb.append("<td id='subTree" + menu_id + "' style='display:none'></td>"); sb.append("</tr>"); sb.append("</table>"); } } rs.close(); ps.close(); return sb.toString(); } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } finally { DbUtil.close(rs); } }
/** * 通过系统权限得到系统所有菜单 * * @param pid * @param ppm * @param onlyPpm * @param conn * @return * @throws MatechException */ public String getSubTree(String pid, String ppm, String onlyPpm) throws MatechException { ResultSet rs = null; try { String sql = "select * from s_config where sname = '启用的中心' "; ps = conn.prepareStatement(sql); rs = ps.executeQuery(); boolean bool = false; if (rs.next()) { String svalue = rs.getString("svalue"); if (!"".equals(svalue)) { bool = true; } } StringBuffer sb = new StringBuffer(""); if (bool) { sql = "select DISTINCT menuversion,c.Autoid " + " from k_menuversion a ,s_config b,k_dic c " + " where b.sname = '启用的中心' " + " AND c.ctype = 'dogversion' " + " AND a.menuversion = c.Name " + " and concat(',',b.svalue,',') like concat('%,',a.menuversion,',%') " + " ORDER BY c.Autoid "; ps = conn.prepareStatement(sql); rs = ps.executeQuery(); String menuversion = ""; String menuverid = ""; int opt = 0; while (rs.next()) { menuversion = rs.getString("menuversion"); menuverid = rs.getString("Autoid"); sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"); sb.append("<tr style=\"cursor: hand;\">"); sb.append("<td width=\"20\" height=\"18\" align=\"right\" >"); sb.append(""); sb.append("</td>"); sb.append( "<td align=left valign=\"bottom\" nowrap> <font size=2>" + menuversion + "</font></td>"); sb.append("</tr>"); sb.append("<tr>"); sb.append("<td id='subImg' ></td>"); sb.append( "<td id='subTree' >" + getSubTree1(pid, ppm, onlyPpm, menuversion, menuverid) + "</td>"); sb.append("</tr>"); sb.append("</table>"); opt++; } } else { sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"); sb.append("<tr style=\"cursor: hand;\">"); sb.append("<td width=\"20\" height=\"18\" align=\"right\" >"); sb.append(""); sb.append("</td>"); sb.append("<td align=left valign=\"bottom\" nowrap> <font size=2>审计作业中心</font></td>"); sb.append("</tr>"); sb.append("<tr>"); sb.append("<td id='subImg' ></td>"); sb.append("<td id='subTree' >" + getSubTree1(pid, ppm, onlyPpm) + "</td>"); sb.append("</tr>"); sb.append("</table>"); // sb.append(getSubTree1(pid, ppm, onlyPpm)); } return sb.toString(); } catch (Exception e) { Debug.print(Debug.iError, "访问失败", e); throw new MatechException("访问失败:" + e.getMessage(), e); } finally { DbUtil.close(rs); } }