package com.snda.youni.monitor.console.utils;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.snda.youni.monitor.console.biz.impl.menu.RoleResourceServiceImpl;
import com.snda.youni.monitor.console.biz.impl.menu.UserRoleServiceImpl;
import com.snda.youni.monitor.console.dao.bean.menu.RoleResourcePOJO;
import com.snda.youni.monitor.console.dao.bean.menu.UserPOJO;
import com.snda.youni.monitor.console.dao.bean.menu.UserRolePOJO;
public class AccessInterceptor implements HandlerInterceptor{
@Autowired
private RoleResourceServiceImpl roleResourceServiceImpl;
@Autowired
private UserRoleServiceImpl userRoleServiceImpl;
@Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object arg2) throws Exception {
HttpSession session=request.getSession();
UserPOJO user=(UserPOJO)session.getAttribute("user");
boolean hasPermision=false;
if(user!=null){
//查询用户的角色
Map map=new HashMap();
map.put("userId", user.getUserId());
List<UserRolePOJO> list=userRoleServiceImpl.query(map);
for(UserRolePOJO ur:list){
if(ur.getRoleName().equals("superAdmin")){
hasPermision=true;
break;
}
}
if(hasPermision){
// response.sendRedirect("/monitor/admin/superAdmin.htm");
return true;
}else{
Map map1=new HashMap();
map1.put("roleId", user.getRoleId());
List<RoleResourcePOJO> list1=roleResourceServiceImpl.query(map1);//查询该用户是否有权限
for(RoleResourcePOJO roleResource:list1){
String visitUrl=request.getRequestURI();
if(visitUrl.equals(roleResource.getResourceUrl())){
hasPermision=true;
return true;
}
}
}
}
response.setContentType("text/html;charset=UTF-8");
response.getWriter().print("relogin");
//response.sendRedirect("/monitor/authority/checkFail.htm");
return false;
}
}