PageRenderTime 38ms CodeModel.GetById 25ms app.highlight 11ms RepoModel.GetById 0ms app.codeStats 0ms

/src/main/java/com/jeecms/cms/action/admin/main/CmsAdminGlobalAct.java

https://gitlab.com/spiderworts/ab_pc_cms
Java | 281 lines | 243 code | 30 blank | 8 comment | 23 complexity | 81b5889e043262d2b37aa7328ddf5618 MD5 | raw file
  1package com.jeecms.cms.action.admin.main;
  2
  3import static com.jeecms.common.page.SimplePage.cpn;
  4
  5import java.util.List;
  6
  7import javax.servlet.http.HttpServletRequest;
  8import javax.servlet.http.HttpServletResponse;
  9
 10import org.apache.shiro.authz.annotation.RequiresPermissions;
 11import org.slf4j.Logger;
 12import org.slf4j.LoggerFactory;
 13import org.springframework.stereotype.Controller;
 14import org.springframework.ui.ModelMap;
 15import org.springframework.web.bind.annotation.RequestMapping;
 16
 17import com.jeecms.common.page.Pagination;
 18import com.jeecms.common.web.CookieUtils;
 19import com.jeecms.common.web.RequestUtils;
 20import com.jeecms.core.entity.CmsGroup;
 21import com.jeecms.core.entity.CmsRole;
 22import com.jeecms.core.entity.CmsSite;
 23import com.jeecms.core.entity.CmsUser;
 24import com.jeecms.core.entity.CmsUserExt;
 25import com.jeecms.core.web.WebErrors;
 26import com.jeecms.core.web.util.CmsUtils;
 27
 28/**
 29 * 全站管理员ACTION
 30 * 
 31 */
 32@Controller
 33public class CmsAdminGlobalAct extends CmsAdminAbstract {
 34	private static final Logger log = LoggerFactory
 35			.getLogger(CmsAdminGlobalAct.class);
 36
 37	@RequiresPermissions("admin_global:v_list")
 38	@RequestMapping("/admin_global/v_list.do")
 39	public String list(String queryUsername, String queryEmail,
 40			Integer queryGroupId, Boolean queryDisabled, Integer pageNo,
 41			HttpServletRequest request, ModelMap model) {
 42		CmsUser currUser = CmsUtils.getUser(request);
 43		Pagination pagination = manager.getPage(queryUsername, queryEmail,
 44				null, queryGroupId, queryDisabled, true, currUser.getRank(),
 45				cpn(pageNo), CookieUtils.getPageSize(request));
 46		model.addAttribute("pagination", pagination);
 47
 48		model.addAttribute("queryUsername", queryUsername);
 49		model.addAttribute("queryEmail", queryEmail);
 50		model.addAttribute("queryGroupId", queryGroupId);
 51		model.addAttribute("queryDisabled", queryDisabled);
 52
 53		return "admin/global/list";
 54	}
 55
 56	@RequiresPermissions("admin_global:v_add")
 57	@RequestMapping("/admin_global/v_add.do")
 58	public String add(HttpServletRequest request, ModelMap model) {
 59		CmsSite site = CmsUtils.getSite(request);
 60		CmsUser currUser = CmsUtils.getUser(request);
 61		List<CmsGroup> groupList = cmsGroupMng.getList();
 62		List<CmsSite> siteList = cmsSiteMng.getList();
 63		List<CmsRole> roleList = cmsRoleMng.getList();
 64		model.addAttribute("site", site);
 65		model.addAttribute("groupList", groupList);
 66		model.addAttribute("siteList", siteList);
 67		model.addAttribute("roleList", roleList);
 68		model.addAttribute("currRank", currUser.getRank());
 69		return "admin/global/add";
 70	}
 71
 72	@RequiresPermissions("admin_global:v_edit")
 73	@RequestMapping("/admin_global/v_edit.do")
 74	public String edit(Integer id, Integer queryGroupId, Boolean queryDisabled,
 75			HttpServletRequest request, ModelMap model) {
 76		CmsSite site = CmsUtils.getSite(request);
 77		String queryUsername = RequestUtils.getQueryParam(request,
 78				"queryUsername");
 79		String queryEmail = RequestUtils.getQueryParam(request, "queryEmail");
 80		CmsUser currUser = CmsUtils.getUser(request);
 81		WebErrors errors = validateEdit(id, request);
 82		if (errors.hasErrors()) {
 83			return errors.showErrorPage(model);
 84		}
 85		CmsUser admin = manager.findById(id);
 86
 87		List<CmsGroup> groupList = cmsGroupMng.getList();
 88		List<CmsSite> siteList = cmsSiteMng.getList();
 89		List<CmsRole> roleList = cmsRoleMng.getList();
 90
 91		model.addAttribute("cmsAdmin", admin);
 92		model.addAttribute("site", site);
 93		model.addAttribute("siteIds", admin.getSiteIds());
 94		model.addAttribute("roleIds", admin.getRoleIds());
 95		model.addAttribute("groupList", groupList);
 96		model.addAttribute("siteList", siteList);
 97		model.addAttribute("roleList", roleList);
 98		model.addAttribute("currRank", currUser.getRank());
 99
100		model.addAttribute("queryUsername", queryUsername);
101		model.addAttribute("queryEmail", queryEmail);
102		model.addAttribute("queryGroupId", queryGroupId);
103		model.addAttribute("queryDisabled", queryDisabled);
104		return "admin/global/edit";
105	}
106
107	@RequiresPermissions("admin_global:o_save")
108	@RequestMapping("/admin_global/o_save.do")
109	public String save(CmsUser bean, CmsUserExt ext, String username,
110			String email, String password, Boolean selfAdmin, Integer rank, Integer groupId,
111			Integer[] roleIds,Integer[] channelIds, Integer[] siteIds,
112			Byte[] steps, Boolean[] allChannels, HttpServletRequest request,
113			ModelMap model) {
114		WebErrors errors = validateSave(bean, siteIds, steps, allChannels,
115				request);
116		if (errors.hasErrors()) {
117			return errors.showErrorPage(model);
118		}
119		String ip = RequestUtils.getIpAddr(request);
120		bean = manager.saveAdmin(username, email, password, ip, false,
121				selfAdmin, rank, groupId, roleIds, channelIds, siteIds, steps,
122				allChannels, ext);
123		log.info("save CmsAdmin id={}", bean.getId());
124		cmsLogMng.operating(request, "cmsUser.log.save", "id=" + bean.getId()
125				+ ";username=" + bean.getUsername());
126		return "redirect:v_list.do";
127	}
128
129	@RequiresPermissions("admin_global:o_update")
130	@RequestMapping("/admin_global/o_update.do")
131	public String update(CmsUser bean, CmsUserExt ext, String password,
132			Integer groupId,Integer[] roleIds, Integer[] channelIds,
133			Integer[] siteIds, Byte[] steps, Boolean[] allChannels,
134			String queryUsername, String queryEmail, Integer queryGroupId,
135			Boolean queryDisabled, Integer pageNo, HttpServletRequest request,
136			ModelMap model) {
137		WebErrors errors = validateUpdate(bean.getId(),bean.getRank(), request);
138		if (errors.hasErrors()) {
139			return errors.showErrorPage(model);
140		}
141		bean = manager.updateAdmin(bean, ext, password, groupId, roleIds,
142				channelIds, siteIds, steps, allChannels);
143		log.info("update CmsAdmin id={}.", bean.getId());
144		cmsLogMng.operating(request, "cmsUser.log.update", "id=" + bean.getId()
145				+ ";username=" + bean.getUsername());
146		return list(queryUsername, queryEmail, queryGroupId, queryDisabled,
147				pageNo, request, model);
148	}
149
150	@RequiresPermissions("admin_global:o_delete")
151	@RequestMapping("/admin_global/o_delete.do")
152	public String delete(Integer[] ids, Integer queryGroupId,
153			Boolean queryDisabled, Integer pageNo, HttpServletRequest request,
154			ModelMap model) {
155		String queryUsername = RequestUtils.getQueryParam(request,
156				"queryUsername");
157		String queryEmail = RequestUtils.getQueryParam(request, "queryEmail");
158		WebErrors errors = validateDelete(ids, request);
159		if (errors.hasErrors()) {
160			return errors.showErrorPage(model);
161		}
162		CmsUser[] beans = manager.deleteByIds(ids);
163		for (CmsUser bean : beans) {
164			log.info("delete CmsAdmin id={}", bean.getId());
165			cmsLogMng.operating(request, "cmsUser.log.delete", "id="
166					+ bean.getId() + ";username=" + bean.getUsername());
167		}
168		return list(queryUsername, queryEmail, queryGroupId, queryDisabled,
169				pageNo, request, model);
170	}
171
172	@RequiresPermissions("admin_global:v_channels_add")
173	@RequestMapping(value = "/admin_global/v_channels_add.do")
174	public String channelsAdd(Integer siteId, HttpServletRequest request,
175			HttpServletResponse response, ModelMap model) {
176		return channelsAddJson(siteId, request, response, model);
177	}
178
179	@RequiresPermissions("admin_global:v_channels_edit")
180	@RequestMapping(value = "/admin_global/v_channels_edit.do")
181	public String channelsEdit(Integer userId, Integer siteId,
182			HttpServletRequest request, HttpServletResponse response,
183			ModelMap model) {
184		return channelsEditJson(userId, siteId, request, response, model);
185	}
186
187	@RequiresPermissions("admin_global:v_check_username")
188	@RequestMapping(value = "/admin_global/v_check_username.do")
189	public void checkUsername(HttpServletRequest request, HttpServletResponse response) {
190		checkUserJson(request, response);
191	}
192
193	@RequiresPermissions("admin_global:v_check_email")
194	@RequestMapping(value = "/admin_global/v_check_email.do")
195	public void checkEmail(String email, HttpServletResponse response) {
196		checkEmailJson(email, response);
197	}
198	
199	
200
201	private WebErrors validateSave(CmsUser bean, Integer[] siteIds,
202			Byte[] steps, Boolean[] allChannels, HttpServletRequest request) {
203		WebErrors errors = WebErrors.create(request);
204		if (siteIds != null) {
205			if (steps == null) {
206				errors.addError("steps cannot be null");
207				return errors;
208			}
209			if (allChannels == null) {
210				errors.addError("allChannels cannot be null");
211				return errors;
212			}
213			if (siteIds.length != steps.length
214					|| siteIds.length != allChannels.length) {
215				errors.addError("siteIds length, steps length,"
216						+ " allChannels length not equals");
217				return errors;
218			}
219		}
220		return errors;
221	}
222
223	private WebErrors validateEdit(Integer id, HttpServletRequest request) {
224		WebErrors errors = WebErrors.create(request);
225		if (vldExist(id, errors)) {
226			return errors;
227		}
228		// TODO 检查管理员rank
229		return errors;
230	}
231
232	private WebErrors validateUpdate(Integer id, Integer rank,HttpServletRequest request) {
233		WebErrors errors = WebErrors.create(request);
234		if (vldExist(id, errors)) {
235			return errors;
236		}
237		if (vldParams(id,rank, request, errors)) {
238			return errors;
239		}
240		// TODO 检查管理员rank
241		return errors;
242	}
243
244	private WebErrors validateDelete(Integer[] ids, HttpServletRequest request) {
245		WebErrors errors = WebErrors.create(request);
246		errors.ifEmpty(ids, "ids");
247		for (Integer id : ids) {
248			vldExist(id, errors);
249		}
250		return errors;
251	}
252
253	private boolean vldExist(Integer id, WebErrors errors) {
254		if (errors.ifNull(id, "id")) {
255			return true;
256		}
257		CmsUser entity = manager.findById(id);
258		if (errors.ifNotExist(entity, CmsUser.class, id)) {
259			return true;
260		}
261		return false;
262	}
263	
264	private boolean vldParams(Integer id,Integer rank, HttpServletRequest request,
265			WebErrors errors) {
266		CmsUser user = CmsUtils.getUser(request);
267		CmsUser entity = manager.findById(id);
268		//提升等级大于当前登录用户
269		if (rank > user.getRank()) {
270			errors.addErrorCode("error.noPermissionToRaiseRank", id);
271			return true;
272		}
273		//修改的用户等级大于当前登录用户 无权限
274		if (entity.getRank() > user.getRank()) {
275			errors.addErrorCode("error.noPermission", CmsUser.class, id);
276			return true;
277		}
278		return false;
279	}
280
281}