예제 #1
0
 /**
  * 保存用户权限
  *
  * @param ppm
  * @param loginid
  * @throws MatechException
  */
 public void SavePopedom(String ppm, String loginid) throws MatechException {
   try {
     ps = conn.prepareStatement("update k_user set Popedom = ? where loginid ='" + loginid + "'");
     ps.setString(1, ppm);
     ps.executeUpdate();
     // ps.execute("Flush tables");
     ps.close();
   } catch (Exception e) {
     Debug.print(Debug.iError, "访问失败", e);
     throw new MatechException("访问失败:" + e.getMessage(), e);
   }
 }
예제 #2
0
  /**
   * 得到部门的树
   *
   * @param parentid 部门的autoid,机构ID为555555
   * @return
   * @throws Exception
   */
  public String getATreeTable(String parentid) throws MatechException {
    ResultSet rs = null;
    StringBuffer sb = new StringBuffer("");
    try {
      String sql = "select * from k_department where parentid='" + parentid + "' order by property";

      ps = conn.prepareStatement(sql);
      rs = ps.executeQuery();
      sb.append("<table  border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" >");
      while (rs.next()) {
        sb.append("<tr height=\"20\" style=\"cursor: hand;\">");
        sb.append(
            "<td width=\"20\" align=\"center\"  nowrap onclick=\"getSubTree("
                + rs.getString("autoid")
                + ");\">");
        sb.append(
            "<img id=\"ActImg"
                + rs.getString("autoid")
                + "\" src=\"images/nofollow.jpg\" width=\"11\" height=\"11\" />");
        sb.append("</td>");
        sb.append("<td align=left valign=\"bottom\"  nowrap>");
        sb.append(
            "<input type=\"checkbox\" name=\"departname\" value=\""
                + rs.getString("autoid")
                + "\" onclick=\"getBUser();\" >"
                + "<span onclick=\"getSubTree("
                + rs.getString("autoid")
                + ");\"><font size=2>"
                + rs.getString("departname")
                + "</font></span>");
        sb.append("</td></tr>");

        sb.append(
            "<tr><td id='subImg"
                + rs.getString("autoid")
                + "' style='display:block'></td><td align=\"left\" valign=\"bottom\" style='display:block' id='subTree"
                + rs.getString("autoid")
                + "'>");
        sb.append(getATreeTable(rs.getString("autoid")));
        sb.append("</td></tr>");
      }
      sb.append("</table>");

      return sb.toString();
    } catch (Exception e) {
      Debug.print(Debug.iError, "访问失败", e);
      throw new MatechException("访问失败:" + e.getMessage(), e);
    } finally {
      DbUtil.close(rs);
    }
  }
예제 #3
0
 /**
  * 得到系统菜单树
  *
  * @param pid
  * @param loginid
  * @return
  * @throws MatechException
  */
 public String getPopedomTree(String pid, String loginid) throws MatechException {
   try {
     if (pid == null || pid.equals("")) {
       return "";
     }
     if (loginid == null || loginid.equals("")) {
       return "";
     }
     this.loginid = loginid;
     return getSubTree(pid, getUserPpmAll(loginid), getUserRolePpm(loginid));
   } catch (Exception e) {
     Debug.print(Debug.iError, "访问失败", e);
     throw new MatechException("访问失败:" + e.getMessage(), e);
   }
 }
예제 #4
0
 /**
  * 得到角色的所有权限
  *
  * @param loginid
  * @param conn
  * @return
  * @throws MatechException
  */
 public String getRolePpm(String loginid) throws MatechException {
   String ppm = "";
   ResultSet rs = null;
   try {
     ps = conn.prepareStatement("select popedom from  k_role b where id='" + loginid + "'");
     rs = ps.executeQuery();
     while (rs.next()) {
       ppm += rs.getString(1);
     }
     return ppm;
   } catch (Exception e) {
     Debug.print(Debug.iError, "访问失败", e);
     throw new MatechException("访问失败:" + e.getMessage(), e);
   } finally {
     DbUtil.close(rs);
   }
 }
예제 #5
0
  /**
   * 得到项目权限
   *
   * @param userid 用户登录名
   * @return
   */
  public String getProjectPopedomById(String id) throws MatechException {
    String ppm = "";
    ResultSet rs = null;
    try {
      ps = conn.prepareStatement("select Popedom from k_user where id ='" + id + "'");
      rs = ps.executeQuery();
      if (rs.next()) {
        ppm = rs.getString(1) + "";
      }
      rs.close();
      ps.close();

    } catch (Exception e) {
      Debug.print(Debug.iError, "访问失败", e);
      throw new MatechException("访问失败:" + e.getMessage(), e);
    } finally {
      DbUtil.close(rs);
    }
    return ppm;
  }
예제 #6
0
 /**
  * 得到用户的所有权限
  *
  * @param loginid
  * @return
  * @throws MatechException
  */
 public String getUserPpmAll(String loginid) throws MatechException {
   String ppm = "";
   ResultSet rs = null;
   try {
     String sql =
         "select popedom from k_user where loginid ='"
             + loginid
             + "' union select b.popedom from k_userrole a, k_role b,k_user c where c.loginid='"
             + loginid
             + "' and a.rid = b.id and a.userid=c.id and c.state=0";
     ps = conn.prepareStatement(sql);
     rs = ps.executeQuery();
     while (rs.next()) {
       ppm += rs.getString(1);
     }
     return ppm;
   } catch (Exception e) {
     Debug.print(Debug.iError, "访问失败", e);
     throw new MatechException("访问失败:" + e.getMessage(), e);
   } finally {
     DbUtil.close(rs);
   }
 }
  /**
   * 输出脚本
   *
   * @param taskid
   * @return
   * @throws Exception
   */
  public String getScript(String taskid) throws Exception {

    PreparedStatement ps = null;
    ResultSet rs = null;
    String level = "";
    String result = "";

    try {
      new DBConnect().changeDataBaseByProjectid(conn, this.projectId);

      ps =
          conn.prepareStatement(
              "select parenttaskid,level0 from jbpm_z_task where projectid=? and taskid=?");
      ps.setString(1, this.projectId);

      while (!level.equals("0")) {
        ps.setString(2, taskid);
        rs = ps.executeQuery();
        if (rs.next()) {
          result = "getSubTree('" + taskid + "');" + result;
          level = rs.getString("level0");
          taskid = rs.getString("parenttaskid");
        } else {
          break;
        }
      }
    } catch (Exception e) {
      Debug.print(Debug.iError, "输出脚本出错", e);
      throw e;
    } finally {
      DbUtil.close(rs);
      DbUtil.close(ps);
    }

    return result;
  }
  /**
   * 获得子树
   *
   * @param parentTaskId
   * @return
   * @throws Exception
   */
  public String getSubTree(String parentTaskId) throws Exception {
    ASFuntion asf = new ASFuntion();
    PreparedStatement ps = null;
    ResultSet rs = null;

    if (parentTaskId == null) {
      return "";
    }

    try {

      String sql =
          "select distinct IsLeaf,TaskID,TaskName,ManuID,b.name,taskcode,user1,user2,user3,User4,user5,a.property,ismust "
              + " from jbpm_z_Task a left join k_user b on  a.user0=b.id  "
              + " where ParentTaskID = ? "
              + " and ProjectID = ? "
              + " and (property not like 'A%' or property is null) ";

      // 不显示叶子节点,也就是底稿
      if (!isleaf) {
        sql += " and isleaf=0 ";
      }

      sql += " order by orderid,taskcode";

      ps = conn.prepareStatement(sql);
      ps.setString(1, parentTaskId);
      ps.setString(2, this.projectId);

      rs = ps.executeQuery();

      int i = 0;
      StringBuffer sb = new StringBuffer("");

      while (rs.next()) {
        i++;
        String taskusr = rs.getString(5);

        if (taskusr != null && !"".equals(taskusr)) {
          taskusr = "******" + taskusr + ")";
        } else {
          taskusr = "";
        }

        String property = rs.getString(12);

        // coalition.gif

        String taskId = rs.getString(2);
        String tcode = rs.getString(6);
        String taskName = rs.getString(3);
        String manuId = rs.getString(4);
        String url = "";

        if ("22".equals(property)) {
          tcode = "<img src=\"../images/coalition.gif\" width=\"18\" height=\"16\">&nbsp;" + tcode;
        }

        sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">");

        if (rs.getInt(1) == 0) {
          sb.append("<tr style=\"cursor: hand;\">");
          sb.append(
              "<td onclick=\"getSubTree('"
                  + taskId
                  + "');\" width=\"11\" height=\"11\" align=\"right\">");
          sb.append(
              "<img id=\"ActImg"
                  + taskId
                  + "\" src=\"../images/plus.jpg\" width=\"11\" height=\"11\" />");
          sb.append("</td>");
          sb.append(
              "<td onclick=\"showObj('" + taskId + "');\" align=left valign=\"bottom\" nowrap>");

          if (isleaf) {
            // 显示底稿列表
            url = "/AuditSystem/oa/task.do?method=list&parentTaskId=" + taskId;
          } else {
            // 不显示底稿列表,只显示程序和目标
            url =
                "/AuditSystem/oa/task.do?method=tarAndPro&parentTaskId="
                    + taskId
                    + "&projectId="
                    + this.projectId
                    + "&isLeaf="
                    + isleaf;
          }

          sb.append(
              "<a id=\"a"
                  + taskId
                  + "\" href=\""
                  + url
                  + "\" target='TaskMainFrame' onclick='doIt(this);'> ");
          sb.append("<font size=2>&nbsp;" + tcode + " " + taskName);
          sb.append("</a></td></tr>");
        } else {
          String user1 = asf.showNull(rs.getString(7));
          String user2 = asf.showNull(rs.getString(8));
          String user3 = asf.showNull(rs.getString(9));
          String user4 = asf.showNull(rs.getString(10));
          String user5 = asf.showNull(rs.getString(11));
          // String ismust = asf.showNull(rs.getString(13));
          String stateHTML = ""; // getTaskStateHTML(ismust);

          String picName = "";

          if (!"".equals(user1)) {
            picName = "1";
          }

          if (!"".equals(user5)) {
            picName = "5";
          }

          if (!"".equals(user2)) {
            picName = "2";
          }

          if (!"".equals(user3)) {
            picName = "3";
          }

          if (!"".equals(user4)) {
            picName = "4";
          }

          sb.append("<tr style=\"cursor: hand;\">");
          sb.append("<td width=\"27\" height=\"16\" nowrap align=\"right\">");
          String extendName = taskName;

          if (extendName.lastIndexOf(".") <= -1) {
            continue;
          }

          extendName = extendName.substring(extendName.lastIndexOf("."));

          if (".doc".equalsIgnoreCase(extendName)) {
            picName = "word" + picName + ".gif";
          } else if (".xls".equalsIgnoreCase(extendName)) {
            picName = "excel" + picName + ".gif";
          }

          sb.append("<img id=\"ActImg\" src=\"../images/office/" + picName + "\" />");
          sb.append("</td>");

          String goUrl = "'" + manuId + "','" + taskId + "'";

          String style = "style=\"cursor:hand;\"";
          String title = "";
          String isuntread = "no";
          if (!"".equals(user4)) {
            style = " style=\" cursor:hand;font-weight:bold; color:red; \" ";
            title = " title=\"被退回的底稿\" ";
            isuntread = "yes";
          }

          sb.append("<td align=left valign=\"bottom\" nowrap>");
          sb.append(
              "<a isuntread='"
                  + isuntread
                  + "'"
                  + title
                  + " id='a"
                  + taskId
                  + "' "
                  + style
                  + " onclick=\"doIt(this);");
          sb.append(" goUrl(" + goUrl + ");\" >&nbsp;");
          sb.append(tcode + " " + taskName + " " + taskusr + " " + stateHTML);
          sb.append("</a>");
          sb.append("</td></tr>");
        }

        sb.append("<tr>");
        sb.append("<td id='subImg" + taskId + "' style='display:none'></td>");
        sb.append("<td id='subTree" + taskId + "' style='display:none'></td>");
        sb.append("</tr>");
        sb.append("</table>");
      }
      return sb.toString();
    } catch (Exception e) {
      Debug.print(Debug.iError, "获得子树失败", e);
      throw e;
    } finally {
      DbUtil.close(rs);
      DbUtil.close(ps);
    }
  }
예제 #9
0
  public String getSubTree1(String pid, String ppm, String onlyPpm) throws MatechException {
    ResultSet rs = null;
    try {

      DbUtil db = new DbUtil(conn);

      String strSql = "";
      if ("role".equals(this.property)) {
        strSql =
            "	and (a.property = '' or  a.property is null or a.property <= '"
                + this.userRoleOptimization
                + "') ";
      }

      String sql =
          "select depth,menu_id,name,ctype,parentid,id from s_sysmenu a where parentid = '"
              + pid
              + "' and id in ("
              + SysPpm
              + ") and parentid <> '000'and ctype<>'000' "
              + strSql
              + "order by seq_no,menu_id";
      //			System.out.println(sql);
      ps = conn.prepareStatement(sql);
      rs = ps.executeQuery();
      int i = 0;
      StringBuffer sb = new StringBuffer("");
      int depth = 0;
      String menu_id = "";
      String name = "";
      String type = "&nbsp;<font size=2 color=blue>[菜单项]</font>";
      String state = "";
      String parentid = "";
      String powerid = "";
      String ctype = "";
      String only = "";

      // conn.close();
      while (rs.next()) {
        depth = rs.getInt("depth");
        menu_id = rs.getString("menu_id");
        name = rs.getString("NAME");
        ctype = rs.getString("ctype");
        parentid = rs.getString("parentid");
        powerid = rs.getString("id");
        state = "";
        only = "";
        if (ppm.indexOf("." + powerid + ".") >= 0) {
          state = "checked";
        }
        if ("02".equals(rs.getString(4))) {
          type = "&nbsp;<font size=2 color=red>[按钮]</font>";
        } else {
          type = "&nbsp;<font size=2 color=blue>[菜单项]</font>";
        }

        if (this.userPopedom) {
          if (depth != 1 && !"02".equals(ctype)) {
            // 人员与部门权限:判断是否已授权 1为已授权
            // 1、property 2、loginid roleid
            ASFuntion CHF = new ASFuntion();
            String userpopedom = "";
            if ("role".equals(this.property)) {
              // 角色的部门授权
              sql =
                  "select 1 from k_userpopedom a where a.userid = ? and a.menuid =? and a.property =? ";
              userpopedom =
                  CHF.showNull(
                      db.queryForString(sql, new String[] {this.roleid, powerid, this.property}));
            } else {
              // 用户的部门授权
              sql =
                  "select 1 from k_userpopedom a,k_user b where a.userid = b.id and b.loginid = ? and a.menuid =? and a.property =? ";
              userpopedom =
                  CHF.showNull(
                      db.queryForString(sql, new String[] {this.loginid, powerid, this.property}));
            }
            if ("1".equals(userpopedom)) {
              type +=
                  "&nbsp;<input type='hidden' id='departmentid"
                      + powerid
                      + "' name='departmentid' value='' >"
                      + "<input type='hidden' id='menuid"
                      + powerid
                      + "' name='menuid' value='"
                      + powerid
                      + "' >"
                      + "<a href=\"javascript:void(0);\" onclick=\"getUserPopedom('"
                      + powerid
                      + "');\");\">[部门授权]<font color=red>(已授权)</font></a>";
            } else {
              type +=
                  "&nbsp;<input type='hidden' id='departmentid"
                      + powerid
                      + "' name='departmentid' value='' >"
                      + "<input type='hidden' id='menuid"
                      + powerid
                      + "' name='menuid' value='"
                      + powerid
                      + "' >"
                      + "<a href=\"javascript:void(0);\" onclick=\"getUserPopedom('"
                      + powerid
                      + "');\");\">[部门授权]</a>";
            }

            if ("role".equals(this.property)) {
              // 只有角色才有
              // 通过SQL得到哪些菜单要字段权限
              strSql = "select 1 from k_Field where menuid = '" + powerid + "' limit 1";
              String ifTrue = CHF.showNull(db.queryForString(strSql));
              if ("1".equals(ifTrue)) {
                type +=
                    "&nbsp;"
                        + "<input type='hidden' id='omenuid"
                        + powerid
                        + "' name='omenuid' value='"
                        + powerid
                        + "' >"
                        + "<input type='hidden' id='reading"
                        + powerid
                        + "' name='reading' value='' >"
                        + "<input type='hidden' id='editing"
                        + powerid
                        + "' name='editing' value='' >"
                        + "<a href=\"javascript:void(0);\" onclick=\"getFieldPopedom('"
                        + powerid
                        + "');\");\">[字段权限]</a>";
              }
            }
          }
        }

        if (onlyPpm.indexOf("." + powerid + ".") >= 0) {
          only = " disabled ";
        }

        i++;
        sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">");
        if (depth > 0) {
          sb.append("<tr style=\"cursor: hand;\">");
          sb.append(
              "<td width=\"20\" height=\"18\" align=\"right\" onclick=\"getSubTree("
                  + menu_id
                  + ");\">");
          sb.append(
              "<img id=\"ActImg"
                  + menu_id
                  + "\" src=\"images/plus.jpg\" width=\"11\" height=\"11\" />");
          sb.append("</td>");
          sb.append(
              "<td align=left valign=\"bottom\" nowrap>&nbsp;<input type='checkbox' menuName='"
                  + name
                  + "' id='"
                  + parentid
                  + "'  name='MenuID' Menu='"
                  + menu_id
                  + "' value='"
                  + powerid
                  + "' MyID='"
                  + menu_id
                  + "' ParentID='"
                  + parentid
                  + "' onclick='setCountEnable(); setEnableTree(this);' "
                  + state
                  + only
                  + "><span onclick=\"getSubTree("
                  + menu_id
                  + ");\"><font size=2>"
                  + name
                  + "</font></span>"
                  + type
                  + "</td>");
          sb.append("</tr>");
          sb.append("<tr>");
          sb.append("<td id='subImg" + menu_id + "' style='display:none'></td>");
          sb.append(
              "<td id='subTree"
                  + menu_id
                  + "' style='display:none'>"
                  + getSubTree1(menu_id, ppm, onlyPpm)
                  + "</td>");
          sb.append("</tr>");
          sb.append("</table>");
        } else {
          sb.append("<tr style=\"cursor: hand;\">");
          sb.append("<td width=\"20\" height=\"18\" align=\"right\">");
          sb.append(
              "<img id=\"ActImg"
                  + menu_id
                  + "\" src=\"images/sjx1.gif\" width=\"11\" height=\"11\" />");
          sb.append("</td>");
          sb.append(
              "<td align=left valign=\"bottom\" nowrap>&nbsp;<input type='checkbox' menuName='"
                  + name
                  + "' id='"
                  + parentid
                  + "' name='MenuID' Menu='"
                  + menu_id
                  + "' value='"
                  + powerid
                  + "' depth=0 MyID='"
                  + menu_id
                  + "' ParentID='"
                  + parentid
                  + "' onclick='setCountEnable();setEnableTree(this);' "
                  + state
                  + only
                  + "><font size=2>"
                  + name
                  + "</font>&nbsp;"
                  + type
                  + "</td>");
          sb.append("</tr>");
          sb.append("<tr>");
          sb.append("<td id='subImg" + menu_id + "' style='display:none'></td>");
          sb.append("<td id='subTree" + menu_id + "' style='display:none'></td>");
          sb.append("</tr>");
          sb.append("</table>");
        }
      }
      rs.close();
      ps.close();
      return sb.toString();
    } catch (Exception e) {
      Debug.print(Debug.iError, "访问失败", e);
      throw new MatechException("访问失败:" + e.getMessage(), e);
    } finally {
      DbUtil.close(rs);
    }
  }
예제 #10
0
  /**
   * 通过系统权限得到系统所有菜单
   *
   * @param pid
   * @param ppm
   * @param onlyPpm
   * @param conn
   * @return
   * @throws MatechException
   */
  public String getSubTree(String pid, String ppm, String onlyPpm) throws MatechException {
    ResultSet rs = null;
    try {
      String sql = "select * from s_config where sname = '启用的中心' ";
      ps = conn.prepareStatement(sql);
      rs = ps.executeQuery();
      boolean bool = false;
      if (rs.next()) {
        String svalue = rs.getString("svalue");
        if (!"".equals(svalue)) {
          bool = true;
        }
      }
      StringBuffer sb = new StringBuffer("");
      if (bool) {
        sql =
            "select DISTINCT menuversion,c.Autoid 	"
                + "	from k_menuversion a ,s_config b,k_dic c  	"
                + "	where b.sname = '启用的中心' 	"
                + "	AND c.ctype = 'dogversion' "
                + "	AND a.menuversion = c.Name "
                + "	and concat(',',b.svalue,',') like concat('%,',a.menuversion,',%') "
                + "	ORDER BY c.Autoid	";
        ps = conn.prepareStatement(sql);
        rs = ps.executeQuery();

        String menuversion = "";
        String menuverid = "";
        int opt = 0;
        while (rs.next()) {
          menuversion = rs.getString("menuversion");
          menuverid = rs.getString("Autoid");

          sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">");
          sb.append("<tr style=\"cursor: hand;\">");
          sb.append("<td width=\"20\" height=\"18\" align=\"right\" >");
          sb.append("");
          sb.append("</td>");
          sb.append(
              "<td align=left valign=\"bottom\" nowrap>&nbsp;<font size=2>"
                  + menuversion
                  + "</font></td>");
          sb.append("</tr>");
          sb.append("<tr>");
          sb.append("<td id='subImg' ></td>");
          sb.append(
              "<td id='subTree' >"
                  + getSubTree1(pid, ppm, onlyPpm, menuversion, menuverid)
                  + "</td>");
          sb.append("</tr>");
          sb.append("</table>");

          opt++;
        }
      } else {
        sb.append("<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">");
        sb.append("<tr style=\"cursor: hand;\">");
        sb.append("<td width=\"20\" height=\"18\" align=\"right\" >");
        sb.append("");
        sb.append("</td>");
        sb.append("<td align=left valign=\"bottom\" nowrap>&nbsp;<font size=2>审计作业中心</font></td>");
        sb.append("</tr>");
        sb.append("<tr>");
        sb.append("<td id='subImg' ></td>");
        sb.append("<td id='subTree' >" + getSubTree1(pid, ppm, onlyPpm) + "</td>");
        sb.append("</tr>");
        sb.append("</table>");

        //				sb.append(getSubTree1(pid, ppm, onlyPpm));
      }
      return sb.toString();
    } catch (Exception e) {
      Debug.print(Debug.iError, "访问失败", e);
      throw new MatechException("访问失败:" + e.getMessage(), e);
    } finally {
      DbUtil.close(rs);
    }
  }