Пример #1
0
 // 删除
 public String delete() throws Exception {
   Json _json = new Json();
   try {
     if (this.getId() != null) { // 删除一条
       this.getCrudService().delete(this.getId());
     } else { // 删除一批
       if (this.getIds() != null && this.getIds().length() > 0) {
         Long[] ids = cn.bc.core.util.StringUtils.stringArray2LongArray(this.getIds().split(","));
         this.getCrudService().delete(ids);
       } else {
         throw new CoreException("must set property id or ids");
       }
     }
     _json.put("success", true);
     _json.put("msg", getText("form.delete.success"));
     json = _json.toString();
     return "json";
   } catch (PermissionDeniedException e) {
     // 执行没有权限的操作
     _json.put("msg", getDeleteExceptionMsg(e));
     _json.put("e", e.getClass().getSimpleName());
   } catch (InnerLimitedException e) {
     // 删除内置对象
     _json.put("msg", getDeleteExceptionMsg(e));
     _json.put("e", e.getClass().getSimpleName());
   } catch (NotExistsException e) {
     // 执行没有权限的操作
     _json.put("msg", getDeleteExceptionMsg(e));
     _json.put("e", e.getClass().getSimpleName());
   } catch (ConstraintViolationException e) {
     // 违反约束关联引发的异常
     _json.put("msg", getDeleteExceptionMsg(e));
     _json.put("e", e.getClass().getSimpleName());
   } catch (Exception e) {
     // 其他异常
     dealOtherDeleteException(_json, e);
   }
   _json.put("success", false);
   json = _json.toString();
   return "json";
 }
Пример #2
0
  @Override
  protected Condition getGridSpecalCondition() {
    OrCondition orCondition = new OrCondition();
    AndCondition operateFoldersCondition = new AndCondition();
    AndCondition publicFoldersCondition = new AndCondition();
    // 状态条件
    Condition statusCondition = null;
    Condition typeCondition = null;
    // Condition userCondition = null;
    Condition authorityCondition = null;
    Condition eliminateCondition = null;
    // Condition tierCondition = null;

    // 状态
    if (status != null && status.length() > 0) {
      String[] ss = status.split(",");
      if (ss.length == 1) {
        statusCondition = new EqualsCondition("f.status_", new Integer(ss[0]));
      } else {
        statusCondition = new InCondition("f.status_", StringUtils.stringArray2IntegerArray(ss));
      }
    }
    // 文件夹类型
    typeCondition = new EqualsCondition("f.type_", NetdiskFile.TYPE_FOLDER);
    // 当前用户只能查看自己上传的文件
    SystemContext context = (SystemContext) this.getContext();
    // userCondition = new EqualsCondition("f.author_id", context
    // .getUserHistory().getId());

    // 文件夹不能隶属于自己
    if (folderId != null) {
      eliminateCondition = new NotEqualsCondition("f.id", folderId);
    }
    // 父级文件夹不能隶属子级
    // 当前用户有权限查看的文件
    Serializable[] ids = this.netdiskFileService.getUserSharFileId2All(context.getUser().getId());
    // 查找当前文件的父级
    // 可以操作的文件夹id
    List<Object> operateId = new ArrayList<Object>();
    if (folderId != null) {
      Serializable[] myselfAndChildId = this.netdiskFileService.getMyselfAndChildFileId(folderId);
      // 排除自己与子文件id后来的数组
      List<Object> eliminateId = new ArrayList<Object>();
      if (ids != null) {
        for (Serializable id : ids) {
          boolean isIn = false;
          for (Serializable pid : myselfAndChildId) {
            if (id.equals(pid)) {
              isIn = true;
              break;
            }
          }
          if (!isIn) {
            eliminateId.add(id);
          }
        }
        // 找出可操作的id
        if (!eliminateId.isEmpty()) {
          for (int i = 0; i < eliminateId.size(); i++) {
            // 查看当前文件是否设置访问权限,如果有就根据当前的权限来判断
            NetdiskShare myNetdiskShare =
                this.netdiskFileService.getNetdiskShare(
                    context.getUser().getId(), Long.valueOf(eliminateId.get(i).toString()));
            // 如果是自己的建的文件夹也操作
            NetdiskFile netdiskFile =
                this.netdiskFileService.load(Long.valueOf(eliminateId.get(i).toString()));
            if (netdiskFile.getAuthor().getId().equals(context.getUserHistory().getId())) {
              operateId.add(eliminateId.get(i));
            } else if (myNetdiskShare != null) {
              if (haveAuthority(myNetdiskShare.getRole(), 0)) {
                // 如果有权限就添加
                operateId.add(eliminateId.get(i));
              }
            } else {
              // 获取当前的文件和父级文件
              Serializable[] ParentIds =
                  this.netdiskFileService.getMyselfAndParentsFileId(
                      Long.valueOf(eliminateId.get(i).toString()));
              // 判断当前文件或父级文件夹该用户是否拥有编辑权限
              for (Serializable pid : ParentIds) {
                boolean isOwer = false;
                NetdiskFile nf = this.netdiskFileService.load(pid);
                Set<NetdiskShare> netdiskShare = nf.getFileVisitors();
                if (!netdiskShare.isEmpty()) {
                  Iterator<NetdiskShare> n = netdiskShare.iterator();
                  while (n.hasNext()) {
                    NetdiskShare ns = n.next();
                    if (ns.getAid().equals(context.getUser().getId())) {
                      if (haveAuthority(ns.getRole(), 0)) {
                        // 如果有权限就添加
                        operateId.add(eliminateId.get(i));
                        isOwer = true;
                        break;
                      }
                    }
                  }
                  if (isOwer) {
                    break;
                  }
                }
              }
            }
          }
        }
      }

      // 组装条件
      String qlStr4File = "";
      if (operateId.size() != 0) {
        for (int i = 0; i < operateId.size(); i++) {
          if (i + 1 != operateId.size()) {
            qlStr4File += "?,";
          } else {
            qlStr4File += "?";
          }
        }
      }
      authorityCondition =
          orCondition
              .add(
                  (operateId.size() != 0
                      ? new QlCondition("f.id in (" + qlStr4File + ")", operateId)
                      : null))
              .setAddBracket(true);
    }
    // 如果是公共硬盘管理员可以选择公共硬盘的文件夹
    Condition publicCondition = null;
    if (this.isPublicHardDiskManagement()) {
      publicCondition = new EqualsCondition("f.folder_type", NetdiskFile.FOLDER_TYPE_PUBLIC);
    }

    // 可以操作的文件夹不为空和有权限的
    if (operateId.size() != 0 && publicCondition != null) {
      return ConditionUtils.mix2OrCondition(
          operateFoldersCondition
              .add(statusCondition, typeCondition, eliminateCondition, authorityCondition)
              .setAddBracket(true),
          publicFoldersCondition
              .add(statusCondition, publicCondition, typeCondition)
              .setAddBracket(true));
      // 没有公共硬盘管理权限的
    } else if (operateId.size() != 0 && publicCondition == null) {
      return operateFoldersCondition.add(
          statusCondition, typeCondition, eliminateCondition, authorityCondition);
      // 没有可以操作的文件但有公共权限的
    } else if (operateId.size() == 0 && publicCondition != null) {
      return publicFoldersCondition.add(statusCondition, publicCondition, typeCondition);
    } else {
      return null;
    }
  }