package data.bi.api;
import java.util.HashMap; import java.util.List; import java.util.Map;
import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger; import org.sPRingframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody;
import com.google.gson.Gson;
import data.bi.entity.IndexImgUrl; import data.bi.entity.IndexModuleContent; import data.bi.entity.Permission; import data.bi.entity.ReportLink; import data.bi.entity.User; import data.bi.entity.help.ModuleContent; import data.bi.entity.help.Modules; import data.bi.entity.help.UserPermission; import data.bi.service.BIDataService; import data.bi.service.BISupportService;
/** * 基于操作用户的action * * @author json * */ @Controller @RequestMapping public class BIUserServer { private Logger logs = Logger.getLogger(getClass()); @Resource(name = “biDataService”) private BIDataService service; @Resource(name = “bISupportService”) private BISupportService supportservice;
@RequestMapping(value = "givemodules", produces = "text/html;charset=UTF-8")@ResponseBodypublic String giveModules(HttpServletResponse response, HttpServletRequest request) { /** * 获取所有的模块 */ Gson gson = new Gson(); return gson.toJson(service.getModules());}@RequestMapping(value = "adduser", produces = "text/html;charset=UTF-8")@ResponseBodypublic String addUsers(HttpServletRequest request, HttpServletResponse response, User u, Modules m, String token) { /** * 需求添加用户并分配权限 * * 为了防止恶意添加权限,在添加用户或者添加权限时,需提供存储在cookie里的user对应的value值 * ,然后从session中获取对应值的角色,如果是admin,则可以添加角色 * * 步骤: 1.先判断用户是否登陆,如果尚未登陆,直接返回尚未登陆 * 2.从session中获取对应值的角色,如果不是admin怎返回您不是管理员,不能对此进行操作 3.添加用户,以及分配权限 接口: * 1.判断用户是否登陆,以及用户是否是admin管理员的身份的接口 2.添加用户的接口 3.添加权限的接口 * 4.根据用户名查找对应的用户id的接口 */ // response.addHeader("access-Control-Allow-Origin", "*"); String msg = ""; // 判断用户是否登陆 // String tok=(String) request.getSession().getAttribute("user"); // if(tok==null||!tok.equals(token)){ // msg="您尚未登陆或登陆已过期,请重新登陆!!!"; // }else{ try { String role = (String) request.getSession().getAttribute(token); if (role.equals("admin")) { boolean flag = service.userIsExist(u); if (!flag) { // 添加用户 service.insert_User_table(u); if (u.getUser_role().equals("0")) { User us = service.queryUserByUserName(u); String userid = us.getUser_id(); if (m.getModule1() != null) { Permission p = new Permission(); p.setModule_id(m.getModule1()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule2() != null) { Permission p = new Permission(); p.setModule_id(m.getModule2()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule3() != null) { Permission p = new Permission(); p.setModule_id(m.getModule3()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule4() != null) { Permission p = new Permission(); p.setModule_id(m.getModule4()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule5() != null) { Permission p = new Permission(); p.setModule_id(m.getModule5()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule6() != null) { Permission p = new Permission(); p.setModule_id(m.getModule6()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule7() != null) { Permission p = new Permission(); p.setModule_id(m.getModule7()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule8() != null) { Permission p = new Permission(); p.setModule_id(m.getModule8()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule9() != null) { Permission p = new Permission(); p.setModule_id(m.getModule9()); p.setUser_id(userid); service.grantPermission(p); } } // 可以根据插入数据库的数据判断 msg = "添加成功!!!"; } else { msg = "用户名已存在!!!"; } } else { msg = "您不是管理员,不能操作此模块"; } } catch (Exception e) { msg = "您不是管理员,不能操作此模块"; } // } return msg;}@RequestMapping(value = "addpermission", produces = "text/html;charset=UTF-8")@ResponseBodypublic String addPermission(HttpServletRequest request, HttpServletResponse response, User u, Modules m, String token) { /** * 添加权限 */ String msg = ""; try { String role = (String) request.getSession().getAttribute(token); if (role.equals("admin")) { User us = service.queryUserByUserName(u); String userid = us.getUser_id(); if (m.getModule1() != null) { Permission p = new Permission(); p.setModule_id(m.getModule1()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule2() != null) { Permission p = new Permission(); p.setModule_id(m.getModule2()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule3() != null) { Permission p = new Permission(); p.setModule_id(m.getModule3()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule4() != null) { Permission p = new Permission(); p.setModule_id(m.getModule4()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule5() != null) { Permission p = new Permission(); p.setModule_id(m.getModule5()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule6() != null) { Permission p = new Permission(); p.setModule_id(m.getModule6()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule7() != null) { Permission p = new Permission(); p.setModule_id(m.getModule7()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule8() != null) { Permission p = new Permission(); p.setModule_id(m.getModule8()); p.setUser_id(userid); service.grantPermission(p); } if (m.getModule9() != null) { Permission p = new Permission(); p.setModule_id(m.getModule9()); p.setUser_id(userid); service.grantPermission(p); } msg = "true"; } else { msg = "您不是管理员,不能操作此模块"; } } catch (Exception e) { msg = "您不是管理员,不能操作此模块"; } return msg;}@RequestMapping(value = "decreatepermission", produces = "text/html;charset=UTF-8")@ResponseBodypublic String decreatePermission(HttpServletRequest request, HttpServletResponse response, User u, Modules m, String token) { /** * 删除权限 */ String msg = ""; try { String role = (String) request.getSession().getAttribute(token); if (role.equals("admin")) { if (m.getModule1() != null) { Permission p = new Permission(); p.setModule_id(m.getModule1()); service.deleteUserPer(p, u); } if (m.getModule2() != null) { Permission p = new Permission(); p.setModule_id(m.getModule2()); service.deleteUserPer(p, u); } if (m.getModule3() != null) { Permission p = new Permission(); p.setModule_id(m.getModule3()); service.deleteUserPer(p, u); } if (m.getModule4() != null) { Permission p = new Permission(); p.setModule_id(m.getModule4()); service.deleteUserPer(p, u); } if (m.getModule5() != null) { Permission p = new Permission(); p.setModule_id(m.getModule5()); service.deleteUserPer(p, u); } if (m.getModule6() != null) { Permission p = new Permission(); p.setModule_id(m.getModule6()); service.deleteUserPer(p, u); } if (m.getModule7() != null) { Permission p = new Permission(); p.setModule_id(m.getModule7()); service.deleteUserPer(p, u); } if (m.getModule8() != null) { Permission p = new Permission(); p.setModule_id(m.getModule8()); service.deleteUserPer(p, u); } if (m.getModule9() != null) { Permission p = new Permission(); p.setModule_id(m.getModule9()); service.deleteUserPer(p, u); } msg="true"; } else { msg = "您不是管理员,不能操作此模块"; } } catch (Exception e) { e.printStackTrace(); msg = "您不是管理员,不能操作此模块"; } return msg;}@RequestMapping(value = "userlogin", produces = "text/html;charset=UTF-8")@ResponseBodypublic String userlogin(HttpServletRequest request, HttpServletResponse response, User u) { /** * 需求: 用户登录 步骤: 1.查看用户名和密码是否正确 * 2.正确后生成一个随机的uuid存储到session中,存储为user对应的值为uuid * 3.存储对应得uuid和用户的角色到session中方便创建角色以及一些管理员的一些操作的判断 user:uuid * uuid:管理员/用户权限 接口: 1.根据用户名和密码查看用户是否正确 2.根据用户id查寻用户的权限 */ // response.addHeader("Access-Control-Allow-Origin", "*"); logs.info("我到login的action中了"); Map<String, Object> map = service.UserLogin(u); boolean flag = (boolean) map.get("flag"); String token = ""; if (flag) { User user = (User) map.get("user"); // 生成token token = java.util.UUID.randomUUID().toString(); request.getSession().setAttribute("user", token); request.getSession().setAttribute("users", user); if (user.getUser_role().equals("1")) { String role = (String) map.get("uuid"); request.getSession().setAttribute(token, role); } else { @SuppressWarnings("unchecked") List<UserPermission> list = (List<UserPermission>) map .get("uuid"); request.getSession().setAttribute(token, list); } } return token;}@RequestMapping(value = "queryper", produces = "text/html;charset=UTF-8")@ResponseBodypublic String queryUserPower(HttpServletResponse response, HttpServletRequest request, User u) { /** * 根据管理员传入的userid查询用户已有的权限和没有的权限 */ String msg = ""; Map<String, Object> map = service.getUserPers(u); if (!(boolean) map.get("flag")) { return "error"; } Gson gson = new Gson(); msg = gson.toJson(map); return msg;}@RequestMapping(value = "userloginout", produces = "text/html;charset=UTF-8")@ResponseBodypublic String userLogOut(HttpServletRequest request, HttpServletResponse response) { // response.addHeader("Access-Control-Allow-Origin", "*"); String token = (String) request.getSession().getAttribute("user"); request.getSession().removeAttribute(token); request.getSession().removeAttribute("user"); return null;}@RequestMapping(value = "checkadmin", produces = "text/html;charset=UTF-8")@ResponseBodypublic String checkadmin(HttpServletRequest request,HttpServletResponse response,String token){ boolean flag=true; String msg=""; String role = (String) request.getSession().getAttribute(token); if(role!=null&&role.equals("admin")){ User user=(User) request.getSession().getAttribute("users"); msg=user.getUser_name(); }else{ flag=false; msg="您不是管理员,无权访问该页面"; } HashMap<String, Object> map = new HashMap<String, Object>(); map.put("flag", flag); map.put("msg", msg); Gson gson=new Gson(); return gson.toJson(map);}@RequestMapping(value="updatepass",produces="text/html;charset=UTF-8")@ResponseBodypublic String updatePass(HttpServletRequest request,HttpServletResponse response,User u,String token){ boolean flag=true; String msg=""; String role = (String) request.getSession().getAttribute(token); if(role!=null&&role.equals("admin")){ int num=service.updateUserPassWord(u); if(num>0){ msg=u.getUser_password(); }else{ flag=false; msg="网络延迟,请重新尝试!!!"; } }else{ flag=false; msg="您不是管理员,或尚未登陆!!!"; } HashMap<String, Object> map = new HashMap<String, Object>(); map.put("flag", flag); map.put("msg", msg); Gson gson=new Gson(); return gson.toJson(map);}@RequestMapping(value="getlink",produces="text/html;charset=UTF-8")@ResponseBodypublic String getLinks(HttpServletRequest request,HttpServletResponse response,ReportLink r){ if(r.getId()!=0){ ReportLink rl=supportservice.getLinkById(r); if(rl!=null){ Gson gson=new Gson(); return gson.toJson(rl); }else{ return "没有查找到该id所对应的链接"; } }else{ return "请输入id参数"; }}@RequestMapping(value="getimgs",produces="text/html;charset=UTF-8")@ResponseBodypublic String getImgs(HttpServletRequest request,HttpServletResponse response){ List<IndexImgUrl> list=supportservice.getAllImgs(); Gson gson=new Gson(); return gson.toJson(list);}@RequestMapping(value="getcontent",produces="text/html;charset=UTF-8")@ResponseBodypublic String getContent(HttpServletRequest request,HttpServletResponse response){ List<ModuleContent> list=supportservice.getModuleContent(); Gson gson=new Gson(); return gson.toJson(list);}@RequestMapping(value="getuserinfo",produces="text/html;charset=UTF-8")@ResponseBodypublic String getUserInfo(HttpServletRequest request,HttpServletResponse response){ List<User> list=supportservice.getUserInfo(); Gson gson=new Gson(); return gson.toJson(list);}@RequestMapping(value="getuserbyUsername",produces="text/html;charset=UTF-8")@ResponseBodypublic String getuserbyUsername(HttpServletRequest request,HttpServletResponse response, String user_name,String user_password){ User u = new User(); u.setUser_name(user_name); boolean flag = service.userIsExist(u); if (flag == true) { u.setUser_name(user_name); u.setUser_password(user_password); service.updateUserPassword(u); Gson gson=new Gson(); return gson.toJson(1); } return null;}@RequestMapping(value="getuserbyUser",produces="text/html;charset=UTF-8")@ResponseBodypublic String getuserbyUser(HttpServletRequest request,HttpServletResponse response, String user_name,String user_password){ User u = new User(); u.setUser_name(user_name); Gson gson=new Gson(); User u1 =service.queryUserByUserName(u); System.out.println(u1.getUser_name()+u1.getUser_password()+u1.getUser_role()); return gson.toJson(service.queryUserByUserName(u));}@RequestMapping(value="delUser",produces="text/html;charset=UTF-8")@ResponseBodypublic String getdelUser(HttpServletRequest request,HttpServletResponse response, String id){ Permission p = new Permission(); p.setUser_id(id); service.delPermission(p); User u = new User(); u.setUser_id(id); service.delUser(u); Gson gson=new Gson(); return gson.toJson(1);}}
新闻热点
疑难解答
