View Javadoc
1   /**
2    * Copyright By Grandsoft Company Limited.  
3    * 2012-3-1 下午02:12:42
4    */
5   package gboat2.web.action;
6   
7   import gboat2.base.bridge.GboatAppContext;
8   import gboat2.base.bridge.util.json.JsonUtil;
9   import gboat2.base.core.annotation.Domain;
10  import gboat2.base.core.annotation.ListDomain;
11  import gboat2.base.core.annotation.Module;
12  import gboat2.base.core.annotation.Operation;
13  import gboat2.base.core.annotation.Operations;
14  import gboat2.base.core.dao.Page;
15  import gboat2.base.core.dao.QuerySupport;
16  import gboat2.base.core.logging.IBusinessLogService;
17  import gboat2.base.core.logging.Level;
18  import gboat2.base.core.util.SpringContextUtil;
19  import gboat2.base.core.web.BaseActionSupport;
20  import gboat2.base.core.web.JsonResult;
21  import gboat2.base.core.web.JsonResultSupport;
22  import gboat2.web.Constants;
23  import gboat2.web.business.IAuthorityBusiness;
24  import gboat2.web.business.IDataLevelAuthorityBusiness;
25  import gboat2.web.business.IDataLevelBusiness;
26  import gboat2.web.business.IGroupBusiness;
27  import gboat2.web.business.ISystemConfigBusiness;
28  import gboat2.web.business.IUserBusiness;
29  import gboat2.web.model.AuthorityOperationVO;
30  import gboat2.web.model.AuthorityResourceVO;
31  import gboat2.web.model.DataLevel;
32  import gboat2.web.model.Group;
33  import gboat2.web.model.Profile;
34  import gboat2.web.model.Resource;
35  import gboat2.web.model.SystemConfig;
36  import gboat2.web.model.User;
37  import gboat2.web.model.UserGroupOrganMapper;
38  import gboat2.web.model.UserRoleGroupOrganVO;
39  import gboat2.web.model.UserURGOMapperVO;
40  import gboat2.web.service.IOrganizationService;
41  import gboat2.web.util.CXFClient;
42  
43  import java.util.Date;
44  import java.util.List;
45  import java.util.Map;
46  
47  import net.sf.json.JSONArray;
48  import net.sf.json.JSONObject;
49  
50  import org.apache.commons.lang3.StringUtils;
51  import org.apache.struts2.convention.annotation.ResultPath;
52  import org.springframework.beans.factory.annotation.Autowired;
53  
54  import com.fasterxml.jackson.databind.node.ObjectNode;
55  
56  /**
57   * 用户管理
58   * 
59   * @author zhaop
60   * @author wangsr 2013-03-22
61   * @since jdk1.6
62   * @date 2012-3-1
63   * 
64   */
65  @ResultPath(value = "/content/user")
66  @ListDomain(value = UserURGOMapperVO.class)
67  @Domain(value = User.class)
68  @Module(name = "用户管理", desc = "管理用户")
69  @Operations(value = {
70          @Operation(name = "新增用户", code = "add", desc = "新增用户"),
71          @Operation(name = "编辑", code = "edit", desc = "编辑用户"),
72  		@Operation(name = "删除", code = "delete", desc = "删除"),
73  		@Operation(name = "修改密码", code = "updatepass", desc = "修改用户密码")
74  })
75  public class UserAction extends BaseActionSupport {
76  
77  	private static final long serialVersionUID = 1L;
78  
79  	private String loginId;
80  
81  	private String organId;
82  
83  	private String organName;
84  
85  	private String groupId;
86  
87  	private String roleId;
88  
89  	private String serviceAddr;
90  
91  	private String serviceType;
92  
93  	private String password;
94  
95  	private String userId;
96  
97  	private String groupRoleId;
98  
99  	private String systemId;
100 
101 	private String authForId;
102 
103 	private String resId;
104 
105 	private String dataLevelId;
106 
107 	/** 用户修改密码中的原密码字段 */
108 	private String oldPassword;
109 	
110 	private List<Group> groups;
111 
112 	@Autowired
113 	private IUserBusiness userService;
114 
115 	@Autowired
116 	private IGroupBusiness groupService;
117 
118 	@Autowired
119 	private IBusinessLogService loggerService;
120 
121 	@Autowired
122 	private IDataLevelBusiness dataLevelBusi;
123 
124 	@Autowired
125 	private ISystemConfigBusiness systemCfgBusi;
126 
127 	@Autowired
128 	private IAuthorityBusiness authBusi;
129 
130 	@Autowired
131 	private IDataLevelAuthorityBusiness dataLevelAuthorityBusi;
132 
133 	public void setDataLevel() {
134 		boolean retFlag = this.authBusi.setDataLevelAuthority(groupId, roleId, userId, resId, dataLevelId);
135 		GboatAppContext.output(new JsonResult(retFlag));
136 	}
137 
138 	@Operation(name = "权限管理", code = "userAuthority", desc = "用户权限管理")
139 	public void userAuthority() {
140 	}
141 
142 	/**初始化用户权限编辑页的准备数据*/
143 	public void initEditUserAuth() {
144 		this.get_M(); // 查询到要编辑的对象
145 		List<DataLevel> allDataLevel = this.dataLevelBusi.findAllDataLevel();
146 		List<UserRoleGroupOrganVO> allRole = this.userService.getMapperVOByUserId(this.getSID());
147 		List<SystemConfig> allSys = this.systemCfgBusi.getAllSysCfg();
148 
149 		JSONObject root = new JSONObject();
150 
151 		// 所有系统
152 		JSONArray systems = new JSONArray();
153 		for (SystemConfig cfg : allSys) {
154 			JSONArray arr = new JSONArray();
155 			arr.add(cfg.getSystemId());
156 			arr.add(cfg.getSystemName());
157 			systems.add(arr);
158 		}
159 
160 		// 所有的数据级别
161 		JSONArray levels = new JSONArray();
162 		for (DataLevel level : allDataLevel) {
163 			JSONArray arr = new JSONArray();
164 			arr.add(level.getLevelId());
165 			arr.add(level.getLevelName());
166 			levels.add(arr);
167 		}
168 
169 		// 该用户组的所有角色
170 		JSONArray roles = new JSONArray();
171 		for (UserRoleGroupOrganVO grv : allRole) {
172 			JSONArray arr = new JSONArray();
173 			arr.add(grv.getGroupId() + "." + grv.getRoleId());
174 			arr.add(grv.getRoleName() + "(" + grv.getGroupName() + ")");
175 			roles.add(arr);
176 		}
177 
178 		root.accumulate("systems", systems);
179 		root.accumulate("levels", levels);
180 		root.accumulate("roles", roles);
181 
182 		JsonResultSupport.output(root);
183 	}
184 
185 	// 取得组角色的权限树,用于用户权限的配置
186 	public void findResourceTreeForRoleOfGroup() {
187 		Resource root = this.userService.findResourceTreeForRoleOfGroup(groupRoleId, systemId);
188 		GboatAppContext.output(root.getChildren());
189 	}
190 
191 	public void backAuthorityToRole() {
192 		if (StringUtils.isNotEmpty(authForId)) {
193 			// 删除客户定制的权限
194 			authBusi.deleteAuthorityOfCustom(authForId, systemId);
195 			// 删除客户定制的数据级别
196 			if (authForId.split(".").length > 1) {
197 				this.dataLevelAuthorityBusi.deleteDataLevelAuthority(authForId.split(".")[0], authForId.split(".")[1]);
198 			}
199 			GboatAppContext.output(JsonResult.SUCCESS);
200 		}
201 	}
202 
203 	// 取得具体用户的权限,回填权限树
204 	public void findResourceForUser() {
205 		//authForId:gid.rid.uid
206 		List<AuthorityResourceVO> allRes = this.userService.findResourceForUser(authForId, systemId);
207 		JSONObject root = new JSONObject();
208 		// 角色拥有模块的ID
209 		JSONArray resIds = new JSONArray();
210 		String inheritFlag = "false";
211 		for (AuthorityResourceVO authRes : allRes) {
212 			resIds.add(authRes.getResId());
213 			inheritFlag = authRes.getInheritFlag();
214 		}
215 		root.accumulate("inheritFlag", inheritFlag);
216 		root.accumulate("resIds", resIds);
217 		JsonResultSupport.output(root);
218 
219 	}
220 
221 	//取得登录用户的对该模块的数据界别权限
222 	public void findDataLevelForUser() {
223 		String[] rgId = this.groupRoleId.split("\\.");
224 		String gId = rgId[0];
225 		String rId = rgId[1];
226 		String dataLevelOfResource = this.userService.findDataLevelForUser(gId, rId, resId, userId);
227 		JSONObject obj = new JSONObject();
228 		obj.accumulate("dataLevelOfResource", dataLevelOfResource);
229 		JsonResultSupport.output(obj);
230 	}
231 
232 	//取得组角色对模块的操作权限,用于用户的权限配置。
233 	public void findOperationsForRoleOfGroup() {
234 		String[] rgId = this.groupRoleId.split("\\.");
235 		String gId = rgId[0];
236 		String rId = rgId[1];
237 		List<AuthorityOperationVO> allOperas = this.authBusi.findOperationsForRoleOfGroup(gId, rId, resId);
238 		// 前台checkbox
239 		JSONArray items = new JSONArray();
240 		//items : [{boxLabel : '显示文字',name : '提交后台的参数名称',inputValue : '提交值'}}
241 		for (AuthorityOperationVO opera : allOperas) {
242 			JSONObject obj = new JSONObject();
243 			obj.accumulate("boxLabel", opera.getOperationName());
244 			obj.accumulate("name", "operations");
245 			obj.accumulate("inputValue", opera.getOperationId());
246 			obj.accumulate("operationId", opera.getOperationId());
247 			items.add(obj);
248 		}
249 		JsonResultSupport.output(items);
250 	}
251 
252 	//取得登录用户对模块的操作权限,用于回填
253 	public void findOperationsForUser() {
254 		String[] rgId = this.groupRoleId.split("\\.");
255 		String gId = rgId[0];
256 		String rId = rgId[1];
257 		List<AuthorityOperationVO> ownOperas = this.authBusi.findOperationsForUser(gId, rId, userId, resId);
258 		JSONArray arr = new JSONArray();
259 		for (AuthorityOperationVO auOpe : ownOperas) {
260 			arr.add(auOpe.getOperationId());
261 		}
262 		JsonResultSupport.output(arr);
263 	}
264 
265 	@Override
266 	protected void initList(Map<String, Object> params) {
267 		params.put("_loginId_like", loginId);
268 		params.put("_organName_like", organName);
269 		params.put("_groupId", groupId);
270 		params.put(QuerySupport.PARAM_DISTINCT, true);
271 	}
272 
273 	@SuppressWarnings("unchecked")
274 	@Override
275 	protected void postList(Page pageinfo) {
276 		List<UserURGOMapperVO> list = pageinfo.getResult();
277 		for (UserURGOMapperVO mapper : list) {
278 			List<UserRoleGroupOrganVO> mapperVO = userService.getMapperVOByUserId(mapper.getUserId());
279 			String status = "";
280 			for (UserRoleGroupOrganVO mvo : mapperVO) {
281 				if (status == "") {
282 					status = mvo.getOrganName() + "——" + mvo.getGroupName() + "——" + mvo.getRoleName();
283 				} else {
284 					status += " , " + mvo.getOrganName() + "——" + mvo.getGroupName() + "——" + mvo.getRoleName();
285 				}
286 			}
287 			mapper.setDescription(status);
288 		}
289 		
290 		groups = groupService.getAllGroup();
291 	}
292 
293 	/**
294 	 * 获取用户信息
295 	 * @return
296 	 * @author zhaop
297 	 */
298 	public void showUser() {
299 		User user = (User) userService.get(User.class, getSID());
300 		List<UserRoleGroupOrganVO> mapper = userService.getMapperVOByUserId(getSID());
301 		JSONObject obj = JsonResultSupport.wrap(user, true).accumulate("status", mapper);
302 		JsonResultSupport.output(obj);
303 	}
304 
305 	/**
306 	 * 保存user,同时保存用户,角色,用户组,组织机构关联表相关数据
307 	 * 
308 	 * @return
309 	 * @author zhaop
310 	 */
311 	public void saveUser() {
312 		User user = (User) getModel();
313 		String userId = "";
314 		if (user.getUserId() == null) {
315 			user.setCommitTime(new Date());
316 			userService.save(user);
317 			//初始化用户信息
318 			user = userService.getUserByLoginId(user.getLoginId());
319 			Profile profile = new Profile();
320 			profile.setUserId(user.getUserId());
321 			profile.setTheme(Constants.DEFAULT_THEME);
322 			profile.setWallPaper(Constants.DEFAULT_THEME);
323 			profile.setStretch("0");
324 
325 			userService.save(profile);
326 			loggerService.log(Level.INFO, "新增", "新增用户  : " + user.getUserNameZh());
327 			userId = userService.getUserByLoginId(user.getLoginId()).getUserId();
328 		} else {
329 			userId = user.getUserId();
330 			User oldUser = (User) userService.get(User.class, userId);
331 			user.setCommitTime(oldUser.getCommitTime());
332 			user.setPassword(oldUser.getPassword());
333 			user.setVisible(oldUser.getVisible());
334 
335 			userService.update(user);
336 			loggerService.log(Level.INFO, "编辑", "编辑用户  : " + user.getUserNameZh());
337 			userService.deleteURGOMapperByUserId(userId);
338 		}
339 
340 		String[] organIds = organId.split("-");
341 		String[] organNames = organName.split("-");
342 		String[] groupIds = groupId.split("-");
343 		String[] roleIds = roleId.split("-");
344 		for (int i = 0; i < organIds.length; i++) {
345 			UserGroupOrganMapper mapper = new UserGroupOrganMapper();
346 			mapper.setUserId(userId);
347 			mapper.setGroupId(groupIds[i]);
348 			mapper.setRoleId(roleIds[i]);
349 			mapper.setOrganId(organIds[i]);
350 			mapper.setOrganName(organNames[i]);
351 			userService.save(mapper);
352 		}
353 		JsonResultSupport.output(JsonResultSupport.wrap(true));
354 	}
355 
356 	/**
357 	 * 删除user,同时删除用户,角色,用户组,组织机构关联表相关数据
358 	 * 
359 	 * @author zhaop
360 	 */
361 	public void deleteUserRoleGroupOrgan() {
362 		User user = (User) userService.get(User.class, getSID());
363 		userService.delete(user);
364 		userService.deleteURGOMapperByUserId(getSID());
365 		loggerService.log(Level.INFO, "删除", "删除用户 : " + user.getUserNameZh());
366 		GboatAppContext.output(JsonResult.SUCCESS);
367 	}
368 
369 	/**
370 	 * 根据id删除mapper
371 	 * 
372 	 * @author zhaop
373 	 */
374 	public void deleteMapperById() {
375 		userService.delete(userService.get(UserGroupOrganMapper.class, getSID()));
376 		GboatAppContext.output(JsonResult.SUCCESS);
377 	}
378 
379 	/**
380 	 * 判断用户名是否存在
381 	 * 
382 	 * @return
383 	 * @author zhaop
384 	 */
385 	public void userExist() {
386 		JSONObject jsonString = new JSONObject();
387 		User userExist = null;
388 		if (getSID() == null) {//新增
389 			User user = (User) getModel();
390 			userExist = userService.getUserByLoginId(user.getLoginId());
391 			if (userExist == null) {//用户名可用
392 				jsonString.accumulate("valid", true);
393 			} else {//用户名不可用
394 				jsonString.accumulate("valid", false);
395 				jsonString.accumulate("reason", "用户名已经被占用");
396 			}
397 		} else {
398 			userExist = userService.getUserByLoginId(loginId);
399 			if (userExist == null) {//用户可用
400 				jsonString.accumulate("valid", true);
401 			} else {//用户名不可用
402 				if (userExist.getUserId().equals(getSID())) {
403 					jsonString.accumulate("valid", true);
404 				} else {
405 					jsonString.accumulate("valid", false);
406 					jsonString.accumulate("reason", "用户名已经被占用");
407 				}
408 			}
409 		}
410 		GboatAppContext.output(jsonString);
411 	}
412 
413 	/**
414 	 * 根据id获取UserRoleGroupOrganMapper
415 	 * 
416 	 * @return
417 	 * @author zhaop
418 	 */
419 	public void showMapperById() {
420 	    GboatAppContext.output(JsonResult.createSuccess(userService.getMapperVOByUserId(getSID())));
421 	}
422 
423 	/**
424 	 * 根据groupId获取所有的GroupOrganVO
425 	 * 
426 	 * @return
427 	 * @author zhaop
428 	 */
429 	public void showGroupOrganMapperById() {
430 	    GboatAppContext.output(JsonResult.createSuccess(userService.getGroupOrganByGroupId(getSID())));
431 	}
432 
433 	public String showAllGroup() {
434 	    GboatAppContext.output(JsonResult.createSuccess(groupService.getAllGroup()));
435 		return null;
436 	}
437 
438 	/**
439 	 * 跳转到修改密码的页面
440      * @author hemw
441 	 * @return
442 	 */
443 	public String password() {
444 		return "password";
445 	}
446 
447     /**
448      * 动态验证密码是否和原来的密码相同
449      * 接收SID,判断SID是否存在,存在则使用SID获取用户信息,不存在则通过session获取用户信息
450      */
451     public void passwordConfirm() {
452         String userId = StringUtils.defaultIfBlank(getSID(), GboatAppContext.getUserSession().getUserId());
453         User user = (User) userService.get(User.class, userId);
454         User newUser = (User) getModel();
455         ObjectNode result = JsonUtil.generateMapper().createObjectNode();
456         if (StringUtils.equals(newUser.getPassword(), user.getPassword())) {  //新旧密码一致
457             result.put("valid", false);
458             result.put("reason", "新旧密码不可以相同");
459         } else {
460             result.put("valid", true);
461         }
462         GboatAppContext.output(result);
463     }
464 
465 	/**
466 	 * 修改密码
467 	 * @return
468 	 */
469 	public String passwordModify() {
470 		User user = (User) getModel();
471 		String userId = StringUtils.defaultIfBlank(user.getUserId(), GboatAppContext.getUserSession().getUserId());
472 		User oldUser = (User) userService.get(User.class, userId);
473 		oldUser.setPassword(user.getPassword());
474 		oldUser.setPasswordModify("N");
475 		userService.update(oldUser);
476 		GboatAppContext.output(JsonResult.SUCCESS);
477 		return null;
478 	}
479 
480 	/**
481 	 * 用户修改密码功能
482 	 * @author hemw
483 	 */
484 	public void passwordModifyByUser() {
485 	    User model = (User) getModel();
486 	    String userId = StringUtils.defaultIfBlank(model.getUserId(), GboatAppContext.getUserSession().getUserId());
487 	    User user = (User) userService.get(User.class, userId);
488    
489 		// 验证原密码
490 		if (!StringUtils.equals(oldPassword, user.getPassword())) {
491 		    GboatAppContext.output(JsonResult.createFailure("原密码输入错误"));
492 			return;
493 		}
494 		
495 		// 检查新旧密码是否相同
496 		if (StringUtils.equals(model.getPassword(), user.getPassword())) {
497 		    GboatAppContext.output(JsonResult.createFailure("新旧密码不可以相同"));
498 		    return;
499         }
500 		
501 		user.setPassword(model.getPassword()); // 更新新密码
502 		user.setPasswordModify("N"); // 设置为登录时不需要修改密码
503 		userService.update(user);
504 		GboatAppContext.output(JsonResult.SUCCESS);
505 	}
506 
507 	public String showOrgansByAddr() {
508 		IOrganizationService organService;
509 		if (serviceType.equals("1")) {
510 			Object bean = SpringContextUtil.getInstance().getBeanOfId(serviceAddr);
511 			organService = (IOrganizationService) bean;
512 		} else {
513 			organService = CXFClient.getInstance().createOrganWebService(serviceAddr);
514 		}
515 		if (organService != null) {
516 			Page organs = organService.searchOrgans(1, 20, organName);
517 			JsonResultSupport.outputPage(organs);
518 		} else {
519 		    GboatAppContext.output(JsonResult.SUCCESS);
520 		}
521 		return null;
522 	}
523 
524 	public String getLoginId() {
525 		return loginId;
526 	}
527 
528 	public void setLoginId(String loginId) {
529 		this.loginId = loginId;
530 	}
531 
532 	public String getOrganName() {
533 		return organName;
534 	}
535 
536 	public void setOrganName(String organName) {
537 		this.organName = organName;
538 	}
539 
540 	public String getOrganId() {
541 		return organId;
542 	}
543 
544 	public void setOrganId(String organId) {
545 		this.organId = organId;
546 	}
547 
548 	public String getRoleId() {
549 		return roleId;
550 	}
551 
552 	public void setRoleId(String roleId) {
553 		this.roleId = roleId;
554 	}
555 
556 	public String getGroupId() {
557 		return groupId;
558 	}
559 
560 	public void setGroupId(String groupId) {
561 		this.groupId = groupId;
562 	}
563 
564 	public String getServiceAddr() {
565 		return serviceAddr;
566 	}
567 
568 	public void setServiceAddr(String serviceAddr) {
569 		this.serviceAddr = serviceAddr;
570 	}
571 
572 	public String getPassword() {
573 		return password;
574 	}
575 
576 	public void setPassword(String password) {
577 		this.password = password;
578 	}
579 
580 	public String getServiceType() {
581 		return serviceType;
582 	}
583 
584 	public void setServiceType(String serviceType) {
585 		this.serviceType = serviceType;
586 	}
587 
588 	public String getOldPassword() {
589 		return oldPassword;
590 	}
591 
592 	public void setOldPassword(String oldPassword) {
593 		this.oldPassword = oldPassword;
594 	}
595 
596 	public String getUserId() {
597 		return userId;
598 	}
599 
600 	public void setUserId(String userId) {
601 		this.userId = userId;
602 	}
603 
604 	public String getGroupRoleId() {
605 		return groupRoleId;
606 	}
607 
608 	public void setGroupRoleId(String groupRoleId) {
609 		this.groupRoleId = groupRoleId;
610 	}
611 
612 	public String getSystemId() {
613 		return systemId;
614 	}
615 
616 	public String getAuthForId() {
617 		return authForId;
618 	}
619 
620 	public void setSystemId(String systemId) {
621 		this.systemId = systemId;
622 	}
623 
624 	public void setAuthForId(String authForId) {
625 		this.authForId = authForId;
626 	}
627 
628 	public String getResId() {
629 		return resId;
630 	}
631 
632 	public void setResId(String resId) {
633 		this.resId = resId;
634 	}
635 
636 	public String getDataLevelId() {
637 		return dataLevelId;
638 	}
639 
640 	public void setDataLevelId(String dataLevelId) {
641 		this.dataLevelId = dataLevelId;
642 	}
643 
644     public List<Group> getGroups() {
645         return groups;
646     }
647 }