常见用户接口

package data.bi.api;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.google.gson.Gson;

import data.bi.entity.IndexImgUrl;
import data.bi.entity.IndexModuleContent;
import data.bi.entity.Permission;
import data.bi.entity.ReportLink;
import data.bi.entity.User;
import data.bi.entity.help.ModuleContent;
import data.bi.entity.help.Modules;
import data.bi.entity.help.UserPermission;
import data.bi.service.BIDataService;
import data.bi.service.BISupportService;

/**
* 基于操作用户的action
*
* @author json
*
*/
@Controller
@RequestMapping
public class BIUserServer {
private Logger logs = Logger.getLogger(getClass());
@Resource(name = “biDataService”)
private BIDataService service;
@Resource(name = “bISupportService”)
private BISupportService supportservice;

@RequestMapping(value = "givemodules", produces = "text/html;charset=UTF-8")
@ResponseBody
public String giveModules(HttpServletResponse response,
        HttpServletRequest request) {
    /**
     * 获取所有的模块
     */
    Gson gson = new Gson();
    return gson.toJson(service.getModules());
}

@RequestMapping(value = "adduser", produces = "text/html;charset=UTF-8")
@ResponseBody
public String addUsers(HttpServletRequest request,
        HttpServletResponse response, User u, Modules m, String token) {
    /**
     * 需求添加用户并分配权限
     * 
     * 为了防止恶意添加权限,在添加用户或者添加权限时,需提供存储在cookie里的user对应的value值
     * ,然后从session中获取对应值的角色,如果是admin,则可以添加角色
     * 
     * 步骤: 1.先判断用户是否登陆,如果尚未登陆,直接返回尚未登陆
     * 2.从session中获取对应值的角色,如果不是admin怎返回您不是管理员,不能对此进行操作 3.添加用户,以及分配权限 接口:
     * 1.判断用户是否登陆,以及用户是否是admin管理员的身份的接口 2.添加用户的接口 3.添加权限的接口
     * 4.根据用户名查找对应的用户id的接口
     */
    // response.addHeader("Access-Control-Allow-Origin", "*");
    String msg = "";

    // 判断用户是否登陆
    // String tok=(String) request.getSession().getAttribute("user");
    // if(tok==null||!tok.equals(token)){
    // msg="您尚未登陆或登陆已过期,请重新登陆!!!";
    // }else{
    try {
        String role = (String) request.getSession().getAttribute(token);
        if (role.equals("admin")) {
            boolean flag = service.userIsExist(u);
            if (!flag) {
                // 添加用户
                service.insert_User_table(u);
                if (u.getUser_role().equals("0")) {
                    User us = service.queryUserByUserName(u);
                    String userid = us.getUser_id();
                    if (m.getModule1() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule1());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule2() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule2());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule3() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule3());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule4() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule4());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule5() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule5());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule6() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule6());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule7() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule7());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule8() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule8());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                    if (m.getModule9() != null) {
                        Permission p = new Permission();
                        p.setModule_id(m.getModule9());
                        p.setUser_id(userid);
                        service.grantPermission(p);
                    }
                }
                // 可以根据插入数据库的数据判断
                msg = "添加成功!!!";
            } else {
                msg = "用户名已存在!!!";
            }
        } else {
            msg = "您不是管理员,不能操作此模块";
        }
    } catch (Exception e) {
        msg = "您不是管理员,不能操作此模块";
    }
    // }
    return msg;
}

@RequestMapping(value = "addpermission", produces = "text/html;charset=UTF-8")
@ResponseBody
public String addPermission(HttpServletRequest request,
        HttpServletResponse response, User u, Modules m, String token) {
    /**
     * 添加权限
     */
    String msg = "";
    try {
        String role = (String) request.getSession().getAttribute(token);
        if (role.equals("admin")) {
            User us = service.queryUserByUserName(u);
            String userid = us.getUser_id();
            if (m.getModule1() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule1());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule2() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule2());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule3() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule3());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule4() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule4());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule5() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule5());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule6() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule6());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule7() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule7());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule8() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule8());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            if (m.getModule9() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule9());
                p.setUser_id(userid);
                service.grantPermission(p);
            }
            msg = "true";
        } else {
            msg = "您不是管理员,不能操作此模块";
        }
    } catch (Exception e) {
        msg = "您不是管理员,不能操作此模块";
    }
    return msg;
}

@RequestMapping(value = "decreatepermission", produces = "text/html;charset=UTF-8")
@ResponseBody
public String decreatePermission(HttpServletRequest request,
        HttpServletResponse response, User u, Modules m, String token) {
    /**
     * 删除权限
     */
    String msg = "";
    try {
        String role = (String) request.getSession().getAttribute(token);
        if (role.equals("admin")) {
            if (m.getModule1() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule1());
                service.deleteUserPer(p, u);
            }
            if (m.getModule2() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule2());
                service.deleteUserPer(p, u);
            }
            if (m.getModule3() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule3());
                service.deleteUserPer(p, u);
            }
            if (m.getModule4() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule4());
                service.deleteUserPer(p, u);
            }
            if (m.getModule5() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule5());
                service.deleteUserPer(p, u);
            }
            if (m.getModule6() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule6());
                service.deleteUserPer(p, u);
            }
            if (m.getModule7() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule7());
                service.deleteUserPer(p, u);
            }
            if (m.getModule8() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule8());
                service.deleteUserPer(p, u);
            }
            if (m.getModule9() != null) {
                Permission p = new Permission();
                p.setModule_id(m.getModule9());
                service.deleteUserPer(p, u);
            }
            msg="true";
        } else {
            msg = "您不是管理员,不能操作此模块";
        }
    } catch (Exception e) {
        e.printStackTrace();
        msg = "您不是管理员,不能操作此模块";
    }
    return msg;
}

@RequestMapping(value = "userlogin", produces = "text/html;charset=UTF-8")
@ResponseBody
public String userlogin(HttpServletRequest request,
        HttpServletResponse response, User u) {
    /**
     * 需求: 用户登录 步骤: 1.查看用户名和密码是否正确
     * 2.正确后生成一个随机的uuid存储到session中,存储为user对应的值为uuid
     * 3.存储对应得uuid和用户的角色到session中方便创建角色以及一些管理员的一些操作的判断 user:uuid
     * uuid:管理员/用户权限 接口: 1.根据用户名和密码查看用户是否正确 2.根据用户id查寻用户的权限
     */
    // response.addHeader("Access-Control-Allow-Origin", "*");
    logs.info("我到login的action中了");
    Map<String, Object> map = service.UserLogin(u);
    boolean flag = (boolean) map.get("flag");
    String token = "";
    if (flag) {
        User user = (User) map.get("user");
        // 生成token
        token = java.util.UUID.randomUUID().toString();
        request.getSession().setAttribute("user", token);
        request.getSession().setAttribute("users", user);
        if (user.getUser_role().equals("1")) {
            String role = (String) map.get("uuid");
            request.getSession().setAttribute(token, role);
        } else {
            @SuppressWarnings("unchecked")
            List<UserPermission> list = (List<UserPermission>) map
                    .get("uuid");
            request.getSession().setAttribute(token, list);
        }
    }
    return token;
}

@RequestMapping(value = "queryper", produces = "text/html;charset=UTF-8")
@ResponseBody
public String queryUserPower(HttpServletResponse response,
        HttpServletRequest request, User u) {
    /**
     * 根据管理员传入的userid查询用户已有的权限和没有的权限
     */
    String msg = "";
    Map<String, Object> map = service.getUserPers(u);
    if (!(boolean) map.get("flag")) {
        return "error";
    }
    Gson gson = new Gson();
    msg = gson.toJson(map);
    return msg;
}

@RequestMapping(value = "userloginout", produces = "text/html;charset=UTF-8")
@ResponseBody
public String userLogOut(HttpServletRequest request,
        HttpServletResponse response) {
    // response.addHeader("Access-Control-Allow-Origin", "*");
    String token = (String) request.getSession().getAttribute("user");
    request.getSession().removeAttribute(token);
    request.getSession().removeAttribute("user");
    return null;
}
@RequestMapping(value = "checkadmin", produces = "text/html;charset=UTF-8")
@ResponseBody
public String checkadmin(HttpServletRequest request,HttpServletResponse response,String token){
    boolean flag=true;
    String msg="";
    String role = (String) request.getSession().getAttribute(token);
    if(role!=null&&role.equals("admin")){
        User user=(User) request.getSession().getAttribute("users");
        msg=user.getUser_name();
    }else{
        flag=false;
        msg="您不是管理员,无权访问该页面";
    }
    HashMap<String, Object> map = new HashMap<String, Object>();
    map.put("flag", flag);
    map.put("msg", msg);
    Gson gson=new Gson();
    return gson.toJson(map);
}
@RequestMapping(value="updatepass",produces="text/html;charset=UTF-8")
@ResponseBody
public String updatePass(HttpServletRequest request,HttpServletResponse response,User u,String token){
    boolean flag=true;
    String msg="";
    String role = (String) request.getSession().getAttribute(token);
    if(role!=null&&role.equals("admin")){
        int num=service.updateUserPassword(u);
        if(num>0){
            msg=u.getUser_password();
        }else{
            flag=false;
            msg="网络延迟,请重新尝试!!!";
        }
    }else{
        flag=false;
        msg="您不是管理员,或尚未登陆!!!";
    }
    HashMap<String, Object> map = new HashMap<String, Object>();
    map.put("flag", flag);
    map.put("msg", msg);
    Gson gson=new Gson();
    return gson.toJson(map);
}
@RequestMapping(value="getlink",produces="text/html;charset=UTF-8")
@ResponseBody
public String getLinks(HttpServletRequest request,HttpServletResponse response,ReportLink r){
    if(r.getId()!=0){
        ReportLink rl=supportservice.getLinkById(r);
        if(rl!=null){
            Gson gson=new Gson();
            return gson.toJson(rl);
        }else{
            return "没有查找到该id所对应的链接";
        }
    }else{
        return "请输入id参数";
    }
}
@RequestMapping(value="getimgs",produces="text/html;charset=UTF-8")
@ResponseBody
public String getImgs(HttpServletRequest request,HttpServletResponse response){
    List<IndexImgUrl> list=supportservice.getAllImgs();
    Gson gson=new Gson();
    return gson.toJson(list);
}
@RequestMapping(value="getcontent",produces="text/html;charset=UTF-8")
@ResponseBody
public String getContent(HttpServletRequest request,HttpServletResponse response){
    List<ModuleContent> list=supportservice.getModuleContent();
    Gson gson=new Gson();
    return gson.toJson(list);
}


@RequestMapping(value="getuserinfo",produces="text/html;charset=UTF-8")
@ResponseBody
public String getUserInfo(HttpServletRequest request,HttpServletResponse response){

    List<User> list=supportservice.getUserInfo();
    Gson gson=new Gson();
    return gson.toJson(list);
}
@RequestMapping(value="getuserbyUsername",produces="text/html;charset=UTF-8")
@ResponseBody
public String getuserbyUsername(HttpServletRequest request,HttpServletResponse response,
        String user_name,String user_password){

    User u = new User();
    u.setUser_name(user_name);

    boolean flag = service.userIsExist(u);
    if (flag == true) {

        u.setUser_name(user_name);
        u.setUser_password(user_password);
        service.updateUserPassword(u);
        Gson gson=new Gson();
        return gson.toJson(1);
    }
    return null;
}

@RequestMapping(value="getuserbyUser",produces="text/html;charset=UTF-8")
@ResponseBody
public String getuserbyUser(HttpServletRequest request,HttpServletResponse response,
        String user_name,String user_password){
    User u = new User();
    u.setUser_name(user_name);
    Gson gson=new Gson();
    User u1 =service.queryUserByUserName(u);
    System.out.println(u1.getUser_name()+u1.getUser_password()+u1.getUser_role());
    return gson.toJson(service.queryUserByUserName(u));

}

@RequestMapping(value="delUser",produces="text/html;charset=UTF-8")
@ResponseBody
public String getdelUser(HttpServletRequest request,HttpServletResponse response,
        String id){
    Permission p = new Permission();
    p.setUser_id(id);
    service.delPermission(p);
    User u = new User();
    u.setUser_id(id);
    service.delUser(u);


    Gson gson=new Gson();
    return gson.toJson(1);

}

}

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值