package data.bi.api;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.google.gson.Gson;
import data.bi.entity.IndexImgUrl;
import data.bi.entity.IndexModuleContent;
import data.bi.entity.Permission;
import data.bi.entity.ReportLink;
import data.bi.entity.User;
import data.bi.entity.help.ModuleContent;
import data.bi.entity.help.Modules;
import data.bi.entity.help.UserPermission;
import data.bi.service.BIDataService;
import data.bi.service.BISupportService;
/**
* 基于操作用户的action
*
* @author json
*
*/
@Controller
@RequestMapping
public class BIUserServer {
private Logger logs = Logger.getLogger(getClass());
@Resource(name = “biDataService”)
private BIDataService service;
@Resource(name = “bISupportService”)
private BISupportService supportservice;
@RequestMapping(value = "givemodules", produces = "text/html;charset=UTF-8")
@ResponseBody
public String giveModules(HttpServletResponse response,
HttpServletRequest request) {
/**
* 获取所有的模块
*/
Gson gson = new Gson();
return gson.toJson(service.getModules());
}
@RequestMapping(value = "adduser", produces = "text/html;charset=UTF-8")
@ResponseBody
public String addUsers(HttpServletRequest request,
HttpServletResponse response, User u, Modules m, String token) {
/**
* 需求添加用户并分配权限
*
* 为了防止恶意添加权限,在添加用户或者添加权限时,需提供存储在cookie里的user对应的value值
* ,然后从session中获取对应值的角色,如果是admin,则可以添加角色
*
* 步骤: 1.先判断用户是否登陆,如果尚未登陆,直接返回尚未登陆
* 2.从session中获取对应值的角色,如果不是admin怎返回您不是管理员,不能对此进行操作 3.添加用户,以及分配权限 接口:
* 1.判断用户是否登陆,以及用户是否是admin管理员的身份的接口 2.添加用户的接口 3.添加权限的接口
* 4.根据用户名查找对应的用户id的接口
*/
// response.addHeader("Access-Control-Allow-Origin", "*");
String msg = "";
// 判断用户是否登陆
// String tok=(String) request.getSession().getAttribute("user");
// if(tok==null||!tok.equals(token)){
// msg="您尚未登陆或登陆已过期,请重新登陆!!!";
// }else{
try {
String role = (String) request.getSession().getAttribute(token);
if (role.equals("admin")) {
boolean flag = service.userIsExist(u);
if (!flag) {
// 添加用户
service.insert_User_table(u);
if (u.getUser_role().equals("0")) {
User us = service.queryUserByUserName(u);
String userid = us.getUser_id();
if (m.getModule1() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule1());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule2() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule2());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule3() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule3());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule4() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule4());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule5() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule5());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule6() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule6());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule7() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule7());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule8() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule8());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule9() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule9());
p.setUser_id(userid);
service.grantPermission(p);
}
}
// 可以根据插入数据库的数据判断
msg = "添加成功!!!";
} else {
msg = "用户名已存在!!!";
}
} else {
msg = "您不是管理员,不能操作此模块";
}
} catch (Exception e) {
msg = "您不是管理员,不能操作此模块";
}
// }
return msg;
}
@RequestMapping(value = "addpermission", produces = "text/html;charset=UTF-8")
@ResponseBody
public String addPermission(HttpServletRequest request,
HttpServletResponse response, User u, Modules m, String token) {
/**
* 添加权限
*/
String msg = "";
try {
String role = (String) request.getSession().getAttribute(token);
if (role.equals("admin")) {
User us = service.queryUserByUserName(u);
String userid = us.getUser_id();
if (m.getModule1() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule1());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule2() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule2());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule3() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule3());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule4() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule4());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule5() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule5());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule6() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule6());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule7() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule7());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule8() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule8());
p.setUser_id(userid);
service.grantPermission(p);
}
if (m.getModule9() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule9());
p.setUser_id(userid);
service.grantPermission(p);
}
msg = "true";
} else {
msg = "您不是管理员,不能操作此模块";
}
} catch (Exception e) {
msg = "您不是管理员,不能操作此模块";
}
return msg;
}
@RequestMapping(value = "decreatepermission", produces = "text/html;charset=UTF-8")
@ResponseBody
public String decreatePermission(HttpServletRequest request,
HttpServletResponse response, User u, Modules m, String token) {
/**
* 删除权限
*/
String msg = "";
try {
String role = (String) request.getSession().getAttribute(token);
if (role.equals("admin")) {
if (m.getModule1() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule1());
service.deleteUserPer(p, u);
}
if (m.getModule2() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule2());
service.deleteUserPer(p, u);
}
if (m.getModule3() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule3());
service.deleteUserPer(p, u);
}
if (m.getModule4() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule4());
service.deleteUserPer(p, u);
}
if (m.getModule5() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule5());
service.deleteUserPer(p, u);
}
if (m.getModule6() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule6());
service.deleteUserPer(p, u);
}
if (m.getModule7() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule7());
service.deleteUserPer(p, u);
}
if (m.getModule8() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule8());
service.deleteUserPer(p, u);
}
if (m.getModule9() != null) {
Permission p = new Permission();
p.setModule_id(m.getModule9());
service.deleteUserPer(p, u);
}
msg="true";
} else {
msg = "您不是管理员,不能操作此模块";
}
} catch (Exception e) {
e.printStackTrace();
msg = "您不是管理员,不能操作此模块";
}
return msg;
}
@RequestMapping(value = "userlogin", produces = "text/html;charset=UTF-8")
@ResponseBody
public String userlogin(HttpServletRequest request,
HttpServletResponse response, User u) {
/**
* 需求: 用户登录 步骤: 1.查看用户名和密码是否正确
* 2.正确后生成一个随机的uuid存储到session中,存储为user对应的值为uuid
* 3.存储对应得uuid和用户的角色到session中方便创建角色以及一些管理员的一些操作的判断 user:uuid
* uuid:管理员/用户权限 接口: 1.根据用户名和密码查看用户是否正确 2.根据用户id查寻用户的权限
*/
// response.addHeader("Access-Control-Allow-Origin", "*");
logs.info("我到login的action中了");
Map<String, Object> map = service.UserLogin(u);
boolean flag = (boolean) map.get("flag");
String token = "";
if (flag) {
User user = (User) map.get("user");
// 生成token
token = java.util.UUID.randomUUID().toString();
request.getSession().setAttribute("user", token);
request.getSession().setAttribute("users", user);
if (user.getUser_role().equals("1")) {
String role = (String) map.get("uuid");
request.getSession().setAttribute(token, role);
} else {
@SuppressWarnings("unchecked")
List<UserPermission> list = (List<UserPermission>) map
.get("uuid");
request.getSession().setAttribute(token, list);
}
}
return token;
}
@RequestMapping(value = "queryper", produces = "text/html;charset=UTF-8")
@ResponseBody
public String queryUserPower(HttpServletResponse response,
HttpServletRequest request, User u) {
/**
* 根据管理员传入的userid查询用户已有的权限和没有的权限
*/
String msg = "";
Map<String, Object> map = service.getUserPers(u);
if (!(boolean) map.get("flag")) {
return "error";
}
Gson gson = new Gson();
msg = gson.toJson(map);
return msg;
}
@RequestMapping(value = "userloginout", produces = "text/html;charset=UTF-8")
@ResponseBody
public String userLogOut(HttpServletRequest request,
HttpServletResponse response) {
// response.addHeader("Access-Control-Allow-Origin", "*");
String token = (String) request.getSession().getAttribute("user");
request.getSession().removeAttribute(token);
request.getSession().removeAttribute("user");
return null;
}
@RequestMapping(value = "checkadmin", produces = "text/html;charset=UTF-8")
@ResponseBody
public String checkadmin(HttpServletRequest request,HttpServletResponse response,String token){
boolean flag=true;
String msg="";
String role = (String) request.getSession().getAttribute(token);
if(role!=null&&role.equals("admin")){
User user=(User) request.getSession().getAttribute("users");
msg=user.getUser_name();
}else{
flag=false;
msg="您不是管理员,无权访问该页面";
}
HashMap<String, Object> map = new HashMap<String, Object>();
map.put("flag", flag);
map.put("msg", msg);
Gson gson=new Gson();
return gson.toJson(map);
}
@RequestMapping(value="updatepass",produces="text/html;charset=UTF-8")
@ResponseBody
public String updatePass(HttpServletRequest request,HttpServletResponse response,User u,String token){
boolean flag=true;
String msg="";
String role = (String) request.getSession().getAttribute(token);
if(role!=null&&role.equals("admin")){
int num=service.updateUserPassword(u);
if(num>0){
msg=u.getUser_password();
}else{
flag=false;
msg="网络延迟,请重新尝试!!!";
}
}else{
flag=false;
msg="您不是管理员,或尚未登陆!!!";
}
HashMap<String, Object> map = new HashMap<String, Object>();
map.put("flag", flag);
map.put("msg", msg);
Gson gson=new Gson();
return gson.toJson(map);
}
@RequestMapping(value="getlink",produces="text/html;charset=UTF-8")
@ResponseBody
public String getLinks(HttpServletRequest request,HttpServletResponse response,ReportLink r){
if(r.getId()!=0){
ReportLink rl=supportservice.getLinkById(r);
if(rl!=null){
Gson gson=new Gson();
return gson.toJson(rl);
}else{
return "没有查找到该id所对应的链接";
}
}else{
return "请输入id参数";
}
}
@RequestMapping(value="getimgs",produces="text/html;charset=UTF-8")
@ResponseBody
public String getImgs(HttpServletRequest request,HttpServletResponse response){
List<IndexImgUrl> list=supportservice.getAllImgs();
Gson gson=new Gson();
return gson.toJson(list);
}
@RequestMapping(value="getcontent",produces="text/html;charset=UTF-8")
@ResponseBody
public String getContent(HttpServletRequest request,HttpServletResponse response){
List<ModuleContent> list=supportservice.getModuleContent();
Gson gson=new Gson();
return gson.toJson(list);
}
@RequestMapping(value="getuserinfo",produces="text/html;charset=UTF-8")
@ResponseBody
public String getUserInfo(HttpServletRequest request,HttpServletResponse response){
List<User> list=supportservice.getUserInfo();
Gson gson=new Gson();
return gson.toJson(list);
}
@RequestMapping(value="getuserbyUsername",produces="text/html;charset=UTF-8")
@ResponseBody
public String getuserbyUsername(HttpServletRequest request,HttpServletResponse response,
String user_name,String user_password){
User u = new User();
u.setUser_name(user_name);
boolean flag = service.userIsExist(u);
if (flag == true) {
u.setUser_name(user_name);
u.setUser_password(user_password);
service.updateUserPassword(u);
Gson gson=new Gson();
return gson.toJson(1);
}
return null;
}
@RequestMapping(value="getuserbyUser",produces="text/html;charset=UTF-8")
@ResponseBody
public String getuserbyUser(HttpServletRequest request,HttpServletResponse response,
String user_name,String user_password){
User u = new User();
u.setUser_name(user_name);
Gson gson=new Gson();
User u1 =service.queryUserByUserName(u);
System.out.println(u1.getUser_name()+u1.getUser_password()+u1.getUser_role());
return gson.toJson(service.queryUserByUserName(u));
}
@RequestMapping(value="delUser",produces="text/html;charset=UTF-8")
@ResponseBody
public String getdelUser(HttpServletRequest request,HttpServletResponse response,
String id){
Permission p = new Permission();
p.setUser_id(id);
service.delPermission(p);
User u = new User();
u.setUser_id(id);
service.delUser(u);
Gson gson=new Gson();
return gson.toJson(1);
}
}