Exemplo n.º 1
0
 /**
  * 根据请求地址判断用户是否有权访问该url
  *
  * @param requestUrl 请求URL地址
  * @param userId 用户ID
  * @return
  */
 @Cacheable(
     value = {CacheConstants.RESOURCE_USER_AUTHORITY_URLS_CACHE},
     key = "#requestUrl + #userId +'isAuthority'")
 public boolean isAuthority(String requestUrl, Long userId)
     throws DaoException, SystemException, ServiceException {
   // 如果是超级管理员 直接允许被授权
   if (userManager.getSuperUser().getId().equals(userId)) {
     return true;
   }
   // 检查该URL是否需要拦截
   boolean isInterceptorUrl = this.isInterceptorUrl(requestUrl);
   if (isInterceptorUrl) {
     // 用户权限
     List<String> userAuthoritys = this.getUserAuthoritysByUserId(userId);
     for (String markUrl : userAuthoritys) {
       String[] markUrls = markUrl.split(";");
       for (int i = 0; i < markUrls.length; i++) {
         if (StringUtils.isNotBlank(markUrls[i])
             && StringUtils.simpleWildcardMatch(markUrls[i], requestUrl)) {
           return true;
         }
       }
     }
     return false;
   }
   logger.debug(
       "缓存:{}",
       CacheConstants.RESOURCE_USER_AUTHORITY_URLS_CACHE
           + "参数:requestUrl="
           + requestUrl
           + ",userId="
           + userId);
   return true;
 }
Exemplo n.º 2
0
 /**
  * 根据用户ID查找用户拥有的URL权限
  *
  * @param userId 用户ID
  * @return List<String> 用户拥有的markUrl地址
  */
 public List<String> getUserAuthoritysByUserId(Long userId)
     throws DaoException, SystemException, ServiceException {
   List<String> userAuthoritys = Lists.newArrayList();
   List<TreeNode> treeNodes = this.getResourceTreeByUserId(userId);
   for (TreeNode node : treeNodes) {
     Object obj = node.getAttributes().get("markUrl");
     if (obj != null) {
       String markUrl = (String) obj;
       if (StringUtils.isNotBlank(markUrl)) {
         userAuthoritys.add(markUrl);
       }
     }
     // 二级目录
     List<TreeNode> childrenNodes = node.getChildren();
     for (TreeNode childrenNode : childrenNodes) {
       Object childrenObj = childrenNode.getAttributes().get("markUrl");
       if (childrenObj != null) {
         String markUrl = (String) childrenObj;
         if (StringUtils.isNotBlank(markUrl)) {
           userAuthoritys.add(markUrl);
         }
       }
     }
   }
   return userAuthoritys;
 }
Exemplo n.º 3
0
 /**
  * 根据name得到Resource.
  *
  * @param name 资源名称
  * @return
  * @throws DaoException
  * @throws SystemException
  * @throws ServiceException
  */
 public Resource getByName(String name) throws DaoException, SystemException, ServiceException {
   if (StringUtils.isBlank(name)) {
     return null;
   }
   name = StringUtils.strip(name); // 去除两边空格
   return resourceDao.findUniqueBy("name", name);
 }
Exemplo n.º 4
0
 /**
  * 检查某个URL是都需要拦截
  *
  * @param requestUrl 检查的URL地址
  * @return
  */
 public boolean isInterceptorUrl(String requestUrl)
     throws DaoException, SystemException, ServiceException {
   List<String> markUrlList = this.getAllInterceptorUrls();
   for (String markUrl : markUrlList) {
     String[] markUrls = markUrl.split(";");
     for (int i = 0; i < markUrls.length; i++) {
       if (StringUtils.isNotBlank(markUrls[i])
           && StringUtils.simpleWildcardMatch(markUrls[i], requestUrl)) {
         return true;
       }
     }
   }
   return false;
 }
Exemplo n.º 5
0
  /**
   * combogrid
   *
   * @return
   * @throws Exception
   */
  @RequestMapping(value = {"combogrid"})
  @ResponseBody
  public Datagrid<User> combogrid(
      @RequestParam(value = "ids", required = false) List<Long> ids,
      String loginNameOrName,
      Integer rows)
      throws Exception {
    Criterion statusCriterion = Restrictions.eq("status", StatusState.normal.getValue());
    Criterion[] criterions = new Criterion[0];
    criterions = (Criterion[]) ArrayUtils.add(criterions, 0, statusCriterion);
    Criterion criterion = null;
    if (Collections3.isNotEmpty(ids)) {
      // in条件
      Criterion inCriterion = Restrictions.in("id", ids);

      if (StringUtils.isNotBlank(loginNameOrName)) {
        Criterion loginNameCriterion =
            Restrictions.like("loginName", loginNameOrName, MatchMode.ANYWHERE);
        Criterion nameCriterion = Restrictions.like("name", loginNameOrName, MatchMode.ANYWHERE);
        Criterion criterion1 = Restrictions.or(loginNameCriterion, nameCriterion);
        criterion = Restrictions.or(inCriterion, criterion1);
      } else {
        criterion = inCriterion;
      }
      // 合并查询条件
      criterions = (Criterion[]) ArrayUtils.add(criterions, 0, criterion);
    } else {
      if (StringUtils.isNotBlank(loginNameOrName)) {
        Criterion loginNameCriterion =
            Restrictions.like("loginName", loginNameOrName, MatchMode.ANYWHERE);
        Criterion nameCriterion = Restrictions.like("name", loginNameOrName, MatchMode.ANYWHERE);
        criterion = Restrictions.or(loginNameCriterion, nameCriterion);
        // 合并查询条件
        criterions = (Criterion[]) ArrayUtils.add(criterions, 0, criterion);
      }
    }

    // 分页查询
    Page<User> p = new Page<User>(rows); // 分页对象
    p = userManager.findByCriteria(p, criterions);
    Datagrid<User> dg = new Datagrid<User>(p.getTotalCount(), p.getResult());
    return dg;
  }
Exemplo n.º 6
0
 /**
  * 查找需要拦截的所有url规则
  *
  * @return
  */
 public List<String> getAllInterceptorUrls()
     throws DaoException, SystemException, ServiceException {
   List<String> markUrls = Lists.newArrayList();
   // 查找所有资源
   //        List<Resource> resources = this.findBy("NEI_status",StatusState.delete.getValue());
   List<Resource> resources = this.getAll();
   for (Resource resource : resources) {
     if (StringUtils.isNotBlank(resource.getMarkUrl())) {
       markUrls.add(resource.getMarkUrl());
     }
   }
   return markUrls;
 }
Exemplo n.º 7
0
  /**
   * 性别下拉框
   *
   * @throws Exception
   */
  @RequestMapping(value = {"sexTypeCombobox"})
  @ResponseBody
  public List<Combobox> sexTypeCombobox(String selectType) throws Exception {
    List<Combobox> cList = Lists.newArrayList();

    // 为combobox添加  "---全部---"、"---请选择---"
    if (!StringUtils.isBlank(selectType)) {
      SelectType s = SelectType.getSelectTypeValue(selectType);
      if (s != null) {
        Combobox selectCombobox = new Combobox("", s.getDescription());
        cList.add(selectCombobox);
      }
    }
    SexType[] _enums = SexType.values();
    for (int i = 0; i < _enums.length; i++) {
      Combobox combobox = new Combobox(_enums[i].getValue().toString(), _enums[i].getDescription());
      cList.add(combobox);
    }
    return cList;
  }
Exemplo n.º 8
0
 /**
  * 修改用户密码. <br>
  * 参数upateOperate 需要密码"1" 不需要密码"0".
  */
 @RequestMapping(value = {"updateUserPassword"})
 @ResponseBody
 public Result updateUserPassword(
     @ModelAttribute("model") User user, String upateOperate, String newPassword)
     throws Exception {
   Result result;
   if (!StringUtils.isEmpty(upateOperate)) {
     User u = userManager.loadById(user.getId());
     if (u != null) {
       boolean isCheck = true;
       // 需要输入原始密码
       if (AppConstants.USER_UPDATE_PASSWORD_YES.equals(upateOperate)) {
         String originalPassword = u.getPassword(); // 数据库存储的原始密码
         String pagePassword = u.getPassword(); // 页面输入的原始密码(未加密)
         if (!originalPassword.equals(Encrypt.e(pagePassword))) {
           isCheck = false;
         }
       }
       // 不需要输入原始密码
       if (AppConstants.USER_UPDATE_PASSWORD_NO.equals(upateOperate)) {
         isCheck = true;
       }
       if (isCheck) {
         u.setPassword(Encrypt.e(newPassword));
         userManager.saveEntity(u);
         result = Result.successResult();
       } else {
         result = new Result(Result.WARN, "原始密码输入错误.", "password");
       }
     } else {
       result = new Result(Result.ERROR, "修改的用户不存在或已被删除.", null);
     }
   } else {
     result = Result.errorResult();
     logger.warn("请求参数错误,未设置参数[upateOperate].");
   }
   logger.debug(result.toString());
   return result;
 }
Exemplo n.º 9
0
 public List<Menu> getAppMenusByUserId(Long userId) {
   List<Menu> menus = Lists.newArrayList();
   List<Resource> resources = Lists.newArrayList();
   User user = userManager.loadById(userId);
   User superUser = userManager.getSuperUser();
   if (user != null && superUser != null && user.getId() == superUser.getId()) { // 超级用户
     resources = super.getAll();
   } else if (user != null) {
     resources = getResourcesByUserId(userId);
   }
   for (Resource resource : resources) {
     if (StringUtils.isNotBlank(resource.getUrl())) {
       if (ResourceState.menu.getValue().equals(resource.getType())) {
         Menu menu = new Menu();
         menu.setId(resource.getId().toString());
         menu.setText(resource.getName());
         menu.setHref(resource.getUrl());
         menus.add(menu);
       }
     }
   }
   return menus;
 }
Exemplo n.º 10
0
 /**
  * 根据编码得到Resource.
  *
  * @param code 资源编码
  * @return
  * @throws DaoException
  * @throws SystemException
  * @throws ServiceException
  */
 public Resource getByCode(String code) throws DaoException, SystemException, ServiceException {
   if (StringUtils.isBlank(code)) {
     return null;
   }
   return resourceDao.findUniqueBy("code", code);
 }