/**
* @Title: AuthorityService.java
* @Package com.glacier.frame.service.system
* @author songjundong
* @email 985776597@qq.com
* @date 2014-8-18 下午2:47:36
* @company (开发公司) 珠海市冰川软件有限公司
* @copyright (版权) 本文件归属珠海市冰川软件有限公司所有
* @version V1.0
* @modify (修改)
* <p>
第一次修改:
时间:2014-8-18
修改人:songjundong
修改内容简介 :
</p>
* @Review (审核人) :songjundong
*
*/
package com.glacier.frame.service.system;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;
import com.glacier.frame.dao.system.ActionMapper;
import com.glacier.frame.dao.system.AuthorityMapper;
import com.glacier.frame.dao.system.DepRoleMapper;
import com.glacier.frame.dao.system.MenuMapper;
import com.glacier.frame.dao.system.RoleMapper;
import com.glacier.frame.dao.system.UserMapper;
import com.glacier.frame.dao.system.UserRoleMapper;
import com.glacier.frame.dto.service.system.AuthMenuActionDTO;
import com.glacier.frame.entity.common.util.CommonBuiltin;
import com.glacier.frame.entity.system.Action;
import com.glacier.frame.entity.system.ActionExample;
import com.glacier.frame.entity.system.Authority;
import com.glacier.frame.entity.system.AuthorityExample;
import com.glacier.frame.entity.system.DepRoleExample;
import com.glacier.frame.entity.system.DepRoleKey;
import com.glacier.frame.entity.system.Menu;
import com.glacier.frame.entity.system.MenuExample;
import com.glacier.frame.entity.system.Role;
import com.glacier.frame.entity.system.RoleExample;
import com.glacier.frame.entity.system.User;
import com.glacier.frame.entity.system.UserRoleExample;
import com.glacier.frame.entity.system.UserRoleKey;
import com.glacier.frame.util.MethodLog;
import com.glacier.jqueryui.util.JqReturnJson;
import com.glacier.jqueryui.util.Tree;
/***
* @ClassName: AuthorityService
* @Description: TODO(权限)
* @author songjundong
* @email 985776597@QQ.com
* @date 2014-8-18 下午2:47:36
*/
@Service
@Transactional(readOnly = true, propagation = Propagation.REQUIRED)
public class AuthorityService {
@Autowired
private UserMapper userMapper;
@Autowired
private MenuMapper menuMapper;
@Autowired
private ActionMapper actionMapper;
@Autowired
private AuthorityMapper authorityMapper;
@Autowired
private RoleMapper roleMapper;
@Autowired
private UserRoleMapper userRoleMapper;
@Autowired
private DepRoleMapper depRoleMapper;
/**
* @Title: getPrincipalUserMenu
* @Description: TODO(获取用户可用Menu)
* @param @return 设定文件
* @return String 返回类型
* @throws
*/
public Object getPrincipalUserMenu() {
User principalUser = (User) SecurityUtils.getSubject().getPrincipal();// 获取已认证对象
List<Menu> principalMenus = menuMapper.selectByUserId(principalUser.getUserId());
List<Tree> principalMenuTrees = new ArrayList<Tree>();
for (Menu menu : principalMenus) {
Tree menuTree = new Tree();
Map<String, String> treeAttributes = new HashMap<String, String>();
menuTree.setId(menu.getMenuId());
menuTree.setPid(menu.getPid());
menuTree.setText(menu.getMenuCnName());
menuTree.setIconCls(menu.getIconCls());
treeAttributes.put("url", menu.getUrl());
menuTree.setAttributes(treeAttributes);
//menuTree.setState("closed");//会出现无穷循环
principalMenuTrees.add(menuTree);
}
return principalMenuTrees;
}
/**
* @Title: getAuthsByRoleId
* @Description: TODO(根据角色获取权限)
* @param @param roleId
* @param @return
* @throws 备注
* <p>
* 已检查测试:Green
* <p>
*/
public Object getAuthsByRoleId(String roleId) {
List<AuthMenuActionDTO> returnAuthList = new ArrayList<AuthMenuActionDTO>();// 要返回的List数据
List<Menu> sysNaviMenus = menuMapper.selectByExample(new MenuExample());// 获取系统导航菜单列表
if (null != sysNaviMenus && sysNaviMenus.size() > 0) {
AuthorityExample authorityExample = new AuthorityExample();
authorityExample.createCriteria().andRoleIdEqualTo(roleId);
List<Authority> roleAuths = authorityMapper.selectByExample(authorityExample);// 获取角色权限
Map<String, Authority> authsMap = new HashMap<String, Authority>();
for (Authority authority : roleAuths) {
authsMap.put(authority.getMenuId() + "_" + authority.getRoleId(), authority);// 以menuId和roleId构建权限Map
}
for (Menu menu : sysNaviMenus) {
String menuId = menu.getMenuId();
String menuParentId = menu.getPid();
String menuCnName = menu.getMenuCnName();
String iconCls = menu.getIconCls();
// 构建菜单列表树
AuthMenuActionDTO authMenuActionVO = new AuthMenuActionDTO();
authMenuActionVO.setId(menuId);
authMenuActionVO.setPid(menuParentId);
authMenuActionVO.setMenuName(menuCnName);
authMenuActionVO.setIconCls(iconCls);
if (authsMap.containsKey(menu.getMenuId() + "_" + roleId)) {
authMenuActionVO.setChecked(true);
}
String[] ownActions = null;
Authority roleAuth = authsMap.get(menuId + "_" + roleId);
if (null != roleAuth && StringUtils.isNotBlank(roleAuth.getActions())) {
ownActions = roleAuth.getActions().split(",");
}
// 查找菜单所有的操作集合
ActionExample actionExample = new ActionExample();
actionExample.createCriteria().andMenuIdEqualTo(menuId);
actionExample.setOrderByClause("temp_action.order_num asc");
List<Action> actions = actionMapper.selectByExample(actionExample);
StringBuilder menuActionsBuilder = new StringBuilder();// 构建操作返回字符串,拼复选框,后台编写提高效率
if (null != actions && actions.size() > 0) {
menuActionsBuilder.append("<table class='auth_table'>");
Map<String, List<Action>> panelActionsMap = new HashMap<String, List<Action>>();
for (Action action : actions) {
if (panelActionsMap.containsKey(action.getPanelCnName())) {
panelActionsMap.get(action.getPanelCnName()).add(action);
} else {
List<Action> actionTemps = new ArrayList<Action>();
actionTemps.add(action);
panelActionsMap.put(action.getPanelCnName(), actionTemps);
}
}
Set<String> keySet = panelActionsMap.keySet();
for (Iterator<String> it = keySet.iterator(); it.hasNext();) {
String key = it.next();
List<Action> actionTemps = panelActionsMap.get(key);
menuActionsBuilder.append("<tr><td><span class='label label-info'>");
menuActionsBuilder.append(key + ":");
menuActionsBuilder.append("</span></td><td>");
for (Action action : actionTemps) {
menuActionsBuilder.append("<input name='actionCB' type='checkbox' id='" + menu.getMenuId() + ":" + action.getPanelEnName() + "_" + action.getActionEnName() + "' ");
boolean checked = false;
if (null != ownActions && ownActions.length > 0) {
for (String ownAction : ownActions) {
if ((action.getPanelEnName() + "_" + action.getActionEnName()).equals(ownAction)) {
checked = true;
}
}
}
if (checked) {
menuActionsBuilder.append("checked=" + checked);
}
menuActionsBuilder.append(" /><span class='auth_span'>" + action.getActionCnName() + "</span> ");
}
}
menuActionsBuilder.append("</td></tr></table>");
String menuActions = menuActionsBuilder.toString();
authMenuActionVO.setActions(menuActions);
}
returnAuthList.add(authMenuActionVO);
}
}
return returnAuthList;
}
/**
* @Title: getRolesAndRational
* @Description: TODO(根据用户Id获取角色列表)
* @param @param userId
* @param @return
* @throws 备注
*<p>
*已检查测试:Green
*<p>
*/
public Object getRolesAndRational(String userId) {
RoleExample roleExample = new RoleExample();// 后面做优化,需要
List<Role> roles = roleMapper.selectByExample(roleExample);
UserRoleExample userRoleExample = new UserRoleExample();
userRoleExample.createCriteria().andUserIdEqualTo(userId);
List<UserRoleKey> userRoleList = userRoleMapper.selectByExample(userRoleExample);// 查找传入用户Id拥有的角色
for (Role role : roles) {
UserRoleKey userRoleKey = new UserRoleKey();
userRoleKey.setUserId(userId);
userRoleKey.setRoleId(role.getRoleId());
if (userRoleList.contains(userRoleKey)) {
role.setChecked(true);
}
}
return roles;
}
/**
* @Title: getRolesAndRationalByDepId
* @Description: TODO(根据部门Id获取角色列表)
* @param @param depId
* @param @return
* @throws
* 备注<p>已检查测试:Green<p>
*/
public Object getRolesAndRationalByDepId(String depId) {
RoleExample roleExample = new RoleExample();// 后面做优化,需要
List<Role> roles = roleMapper.selectByExample(roleExample);
DepRoleExample depRoleExample = new DepRoleExample();
depRoleExample.createCriteria().andDepIdEqualTo(depId);
List<DepRoleKey> depRoleList = depRoleMapper.selectByExample(depRoleExample);// 查找传入用户Id拥有的角色
for (Role role : roles) {
DepRoleKey depRoleKey = new DepRoleKey();
depRoleKey.setDepId(depId);
depRoleKey.setRoleId(role.getRoleId());
if (depRoleList.contains(depRoleKey)) {
role.setChecked(true);
}
}
return roles;
}
/**
* @Title: saveRoleAuths
* @Description: TODO(保存角色权限)
* @param @param roleId
* @param @param menuIds
* @param @param authActions
* @param @return
* @throws 备注
*<p>
*已检查测试:Green
*<p>
*/
@Transactional(readOnly = false)
@MethodLog(opera = "RoleList_auth")
public Object saveRoleAuths(String roleId, Set<String> menuIds, Set<String> authActions) {
JqReturnJson returnResult = new JqReturnJson();// 构建返回结果,默认结果为false
int count = 0;
Subject pricipalSubject = SecurityUtils.getSubject();//管理员类型用户只有所属创建者才能对其进行分配角色
User pricipalUser = (User) pricipalSubject.getPrincipal();
// 管理员类型用户只有所属创建者才能进行修改
Role originalRole = roleMapper.selectByPrimaryKey(roleId);// 获取原角色相关信息
// 管理员类型角色只有所属创建者才能进行修改
if (originalRole.getBuiltin() == CommonBuiltin.admin) {
if (!pricipalUser.getUserId().equals(originalRole.getCreater())) {
returnResult.setMsg("管理员类型角色只有所属创建者才能对其进行授权");
return returnResult;
}
}
AuthorityExample authExample = new AuthorityExample();
authExample.createCriteria().andRoleIdEqualTo(roleId);
authorityMapper.deleteByExample(authExample);// 先删除角色权限关联表中的roleId的数据
if (null != menuIds && menuIds.size() > 0) {// 判断关联数据是否为空
for (String menuId : menuIds) {// 循环插入关联表数据
Authority authorityTemp = new Authority();
authorityTemp.setRoleId(roleId);
authorityTemp.setMenuId(menuId);
count = authorityMapper.insert(authorityTemp);// 插入关联表数据
}
}
if (null != authActions && authActions.size() > 0) {
Map<String, String> menuMap = new HashMap<String, String>();
for (String menuAction : authActions) {
String[] menuActionString = menuAction.split(":");
String menuId = menuActionString[0];
String actionString = menuActionString[1];
if (menuMap.containsKey(menuId)) {
StringBuilder actions = new StringBuilder(menuMap.get(menuId));
actions.append("," + actionString);
menuMap.put(menuId, actions.toString());
} else {
menuMap.put(menuId, actionString);
}
}
for (Entry<String, String> entry : menuMap.entrySet()) {
Authority Authority = new Authority();
Authority.setRoleId(roleId);
Authority.setMenuId(entry.getKey());
Authority.setActions(entry.getValue());
count = authorityMapper.updateByPrimaryKey(Authority);
}
}
if (count > 0) {
returnResult.setSuccess(true);
returnResult.setMsg("权限信息已保存");
} else {
returnResult.setMsg("权限信息更新失败");
}
return returnResult;
}
/**
* @Title: saveRolesAndRational
* @Description: TODO(保存用户角色关联)
* @param @param userId
* @param @param roleIds
* @param @return
* @throws 备注
*<p>
*已检查测试:Green
*<p>
*/
@Transactional(readOnly = false)
@MethodLog(opera = "RoleList_assign")
public Object saveRolesAndRational(String userId, Set<String> roleIds) {
JqReturnJson returnResult = new JqReturnJson();// 构建返回结果,默认结果为false
int count = 0;
Subject pricipalSubject = SecurityUtils.getSubject();//管理员类型用户只有所属创建者才能对其进行分配角色
User pricipalUser = (User) pricipalSubject.getPrincipal();
User originalUser = userMapper.selectByPrimaryKey(userId);// 获取原用户相关信息
// 管理员类型用户只有所属创建者才能进行修改
if (originalUser.getBuiltin() == CommonBuiltin.admin) {
if (!pricipalUser.getUserId().equals(originalUser.getCreater())) {
returnResult.setMsg("管理员类型用户只有所属创建者才能对其进行分配角色");
return returnResult;
}
}
UserRoleExample userRoleExample = new UserRoleExample();
userRoleExample.createCriteria().andUserIdEqualTo(userId);
count = userRoleMapper.deleteByExample(userRoleExample);
if (null != roleIds && roleIds.size() > 0) {
for (String roleId : roleIds) {
UserRoleKey userRoleKey = new UserRoleKey();
userRoleKey.setUserId(userId);
userRoleKey.setRoleId(roleId);
count += userRoleMapper.insert(userRoleKey);// 插入用户和角色关联表数据
}
}
if (count > 0) {
returnResult.setSuccess(true);
returnResult.setMsg("角色分配成功");
} else {
returnResult.setMsg("系统出现未知错误,角色分配失败");
}
return returnResult;
}
/**
* @Title: saveRolesAndRationalByDepId
* @Description: TODO(为部门分配角色)
* @param @param depId
* @param @param roleIds
* @param @return
* @throws
* 备注<p>已检查测试:Green<p>
*/
@Transactional(readOnly = false)
@MethodLog(opera = "RoleList_assignByDepId")
public Object saveRolesAndRationalByDepId(String depId, Set<String> roleIds) {
JqReturnJson returnResult = new JqReturnJson();// 构建返回结果,默认结果为false
int count = 0;
DepRoleExample depRoleExample = new DepRoleExample();
depRoleExample.createCriteria().andDepIdEqualTo(depId);
count = depRoleMapper.deleteByExample(depRoleExample);
if (null != roleIds && roleIds.size() > 0) {
for (String roleId : roleIds) {
DepRoleKey depRoleKey = new DepRoleKey();
depRoleKey.setDepId(depId);
depRoleKey.setRoleId(roleId);
count += depRoleMapper.insert(depRoleKey);// 插入用户和角色关联表数据
}
}
if (count > 0) {
returnResult.setSuccess(true);
returnResult.setMsg("角色分配成功");
} else {
returnResult.setMsg("系统出现未知错误,角色分配失败");
}
return returnResult;
}
}