?? rightbean.java
字號:
package client.chaowei.intraweb.bean.util;
/**
* <p>Company: 大連超維計算機技術有限公司</p>
* <p>Class Name </p>
* <p>Description </p>
* <p>Created Date </p>
* @Created Author 陳永財
* @Version 1.0
*/
import java.sql.*;
import javax.sql.*;
import javax.naming.*;
import java.util.Vector;
import java.util.StringTokenizer;
import client.chaowei.intraweb.bean.data.*;
import client.chaowei.intraweb.bean.util.*;
public class RightBean {
private Connection conn = null;
private DataSource ds = null;
private InitialContext ctx = null;
private ResultSet rs = null;
private Statement st = null;
public RightBean() {
}
public Statement DBInit() throws java.lang.Exception {
//初始化數據庫
ctx=new InitialContext();
String dsName="jdbc/jnpc";
ds=(javax.sql.DataSource)ctx.lookup(dsName);
conn=ds.getConnection();
st=conn.createStatement(java.sql.ResultSet.TYPE_SCROLL_INSENSITIVE,java.sql.ResultSet.CONCUR_READ_ONLY);
return st;
}
/*
* 用戶時候有添加權限
* @param: userid :用戶登陸編號
* @param: menuId :模塊編號
* @return 返回值, 有添加權限返回True,沒有添加權限返回False
*/
public boolean isHaveAdd(String userId,int menuId) {
return isHaveRight(userId,menuId,1);
}
/*
* 用戶是否有修改權限
* @param: userid :用戶登陸編號
* @param: menuId :模塊編號
* @return 返回值, 有修改權限返回True,沒有修改權限返回False
*/
public boolean isHaveModify(String userId,int menuId) {
return isHaveRight(userId,menuId,2);
}
/*
* 用戶是否有刪除權限
* @param: userid :用戶登陸編號
* @param: menuId :模塊編號
* @return 返回值, 有刪除權限返回True,沒有刪除權限返回False
*/
public boolean isHaveDelete(String userId,int menuId) {
return isHaveRight(userId,menuId,4);
}
/*
* 用戶登錄身份驗證
* @param: userid :用戶登陸編號
* @param: passwd :用戶登陸密碼
* @return 返回值, 驗證正確返回1,不正確返回0,數據庫錯誤返回-1
*/
public boolean isHaveRight(String userid,int menuId,int flag) {
// 用戶沒有權限
boolean reHaveRight = false;
StringBuffer strBuffer = new StringBuffer();
try {
SqlGenerator oracle = new SqlGenerator();
// 設置查詢登陸人在當前模塊的權限
strBuffer.append("select right_code from menu_user ");
strBuffer.append("where menu_id=");
strBuffer.append(menuId);
strBuffer.append(" and user_id='");
strBuffer.append(userid);
strBuffer.append("'");
// 取得登陸人在當前模塊的權限Code
String rightCode = oracle.getSnglRowSnglCol(strBuffer.toString(),"right_code");
switch (flag) {
case 1:
if (rightCode.equals("1") || rightCode.equals("3") ||
rightCode.equals("5") || rightCode.equals("7")) {
// 解析責任人read權限
reHaveRight = true;
}
break;
case 2:
if (rightCode.equals("2") || rightCode.equals("3") ||
rightCode.equals("6") || rightCode.equals("7")) {
// 解析責任人modify權限
reHaveRight = true;
}
break;
case 4:
if (rightCode.equals("4") || rightCode.equals("5") ||
rightCode.equals("6") || rightCode.equals("7")) {
// 解析責任人modify權限
reHaveRight = true;
}
break;
}
} catch (Exception e){
System.out.println("RightVerify.java-->isHaveAdd() e1:" + e.getMessage());
}
return reHaveRight ;
}
public String computeDigest(String msg){
try {
java.security.MessageDigest alg = java.security.MessageDigest.getInstance("SHA-1");
alg.reset();
alg.update(msg.getBytes());
byte[] hash = alg.digest();
String digest = "";
for (int i = 0;i < hash.length;i++){
int v = hash[i] & 0xFF;
if( v < 16 ) digest += "0";
digest += Integer.toString(v,16).toUpperCase();
}
return digest;
}catch (Exception e) {
return msg;
}
}
//得到某人在某系統下的所有權限,包括代理的權限,和公有權限
public Vector getRights(String userID,String systemID) {
String sqlStr = "";
String all = "";
Vector rightIDs = new Vector();
try {
DBInit();
//從用戶權限表里得到通過角色賦給用戶的權限和接受的代理權限
sqlStr = " select r.define from st_role r,st_user_role u where r.roleid=u.roleid"
+ " and (u.userid = '"+Global.sqlFilter(userID)+"' or u.proxy_userid='"+Global.sqlFilter(userID)+"') "
+ " and subStr(r.define,1,2)= '"+Global.sqlFilter(systemID)+"' ";
rs=st.executeQuery(sqlStr);
while (rs.next()){
all = all.trim()+rs.getString(1);
}
//從function里得到公有權限
sqlStr = "";
sqlStr = " select funid from st_function where subStr(funid,1,2)= '"+Global.sqlFilter(systemID)+"' "
+ " and length(funid)=6 and ifpublic='y' order by 1";
rs = st.executeQuery(sqlStr);
while(rs.next()){
all = all.trim()+rs.getString(1)+",";
}
//對all字符串進行解析,去掉重復的權限
StringTokenizer tokenizer = new StringTokenizer(all);
String temp = "";
while (tokenizer.hasMoreTokens()) {
temp = tokenizer.nextToken(",");
if (!rightIDs.contains(temp))
rightIDs.addElement(temp);
}
CloseDB();
} catch(Exception e){
CloseDB();
return null;
}
return rightIDs;
}
public Vector getAdminUserIDs(String userID,String systemID,
String right1,String right2,String right3) {
Vector adminUserID = new Vector();
String sqlStr = "";
String all = "";
try {
DBInit();
//從用戶權限表里得到通過角色賦給用戶的權限和接受的代理權限
sqlStr = " select u.userid,r.define from st_role r,st_user_role u where r.roleid=u.roleid"
+ " and (u.userid = '" + Global.sqlFilter(userID)
+ "' or u.proxy_userid='" + Global.sqlFilter(userID) + "') "
+ " and subStr(r.define,1,2)= '" + Global.sqlFilter(systemID) + "' ";
rs = st.executeQuery(sqlStr);
while (rs.next()) {
String define = rs.getString(2);
if (define.indexOf(right1)!=-1 && define.indexOf(right2)!=-1 && define.indexOf(right3)!=-1) {
all = all.trim() + rs.getString(1);
}
}
//對all字符串進行解析,去掉重復的權限
StringTokenizer tokenizer = new StringTokenizer(all);
String temp = "";
while (tokenizer.hasMoreTokens()) {
temp = tokenizer.nextToken(",");
if (!adminUserID.contains(temp))
adminUserID.addElement(temp);
}
CloseDB();
}
catch (Exception e) {
CloseDB();
return null;
}
return adminUserID;
}
//是否有某個權限
public boolean isHaveRight(String userID,String functionID) {
boolean isHave = false;
String systemid =functionID.substring(0,2);
Vector rightIDs = new Vector();
rightIDs = this.getRights(userID,systemid);
if (rightIDs != null || rightIDs.size() != 0) {
if (rightIDs.contains(functionID))
isHave = true;
}
return isHave;
}
//for pdb 得到某部門有此權限的員工編號
//輸入部門編號,權限編號
//輸出該部門有此權限的員工編號
public Vector getAuditUserID(String depid,String funid) {
Vector users = new Vector();
String sqlStr="";
sqlStr = "select distinct(userid) from st_user_role u,st_role r ,view_pay_employee e "
+ "where r.roleid=u.roleid and define like '%"+Global.sqlFilter(funid)+"%' and "
+ "org='"+Global.sqlFilter(depid)+"' and userid = e.id order by 1";
try {
DBInit();
rs = st.executeQuery(sqlStr);
while (rs.next())
users.addElement(rs.getString(1));
CloseDB();
} catch (Exception e){
CloseDB();
return null;
}
return users;
}
public Vector getSignUserID(String funid) {
Vector signUserID = new Vector();
String sqlStr="";
sqlStr = "select distinct(userid) from st_user_role u,st_role r "
+ "where r.roleid=u.roleid and define like '%"+Global.sqlFilter(funid)+"%' order by 1";
try {
DBInit();
rs = st.executeQuery(sqlStr);
while (rs.next())
signUserID.addElement(rs.getString(1));
CloseDB();
} catch (Exception e){
CloseDB();
return null;
}
return signUserID;
}
//for pdb 得到權限
//輸入用戶編號和系統編號
//輸出此用戶(包括被代理人)和權限列表
public java.util.Hashtable rightList(String userID,String systemID){
String sqlStr = "";
String all = "";
java.util.Hashtable rightList = new java.util.Hashtable();
try {
DBInit();
//得到此人和權限的列表
sqlStr = " select r.define from st_role r,st_user_role u where r.roleid=u.roleid"
+ " and u.userid = '"+Global.sqlFilter(userID)+"'"
+ " and subStr(r.define,1,2)= '"+Global.sqlFilter(systemID)+"' ";
rs=st.executeQuery(sqlStr);
while (rs.next()){
all = all.trim()+rs.getString(1);
}
//從function里得到公有權限
sqlStr = "";
sqlStr = " select funid from st_function where subStr(funid,1,2)= '"+Global.sqlFilter(systemID)+"' "
+ " and length(funid)=6 and ifpublic='y' order by 1";
rs = st.executeQuery(sqlStr);
while(rs.next()){
all = all.trim()+rs.getString(1)+",";
}
rightList.put(userID,all);
//得到給此人代理的被代理人用戶編號和權限的列表
all = "";
sqlStr = " select distinct(userid) from st_role r,st_user_role u where r.roleid=u.roleid"
+ " and proxy_userid= '"+Global.sqlFilter(userID)+"' and subStr(r.define,1,2)='"+Global.sqlFilter(systemID)+"' order by 1";
rs = st.executeQuery(sqlStr);
Vector store = new Vector();
String temp = "";
while (rs.next()){
store.addElement(rs.getString(1));
}
for(int i = 0; i<store.size();i++){
all = "";
temp = store.elementAt(i).toString();
sqlStr = " select r.define from st_role r,st_user_role u where r.roleid=u.roleid"
+ " and userid = '"+Global.sqlFilter(temp)+"' and proxy_userid='"+Global.sqlFilter(userID)+"'"
+ " and subStr(r.define,1,2)= '"+Global.sqlFilter(systemID)+"' ";
rs = st.executeQuery(sqlStr);
while (rs.next()){
all = all.trim()+rs.getString(1);
}
if (!all.equals(""))
rightList.put(temp,all);
}
CloseDB();
} catch(Exception e){
e.printStackTrace();
CloseDB();
return null;
}
return rightList;
}
public String VerifyUser(String userid,String passwd){
String flag = "1"; //用戶登錄非正常
String sqlStr="";
passwd = computeDigest(passwd);
sqlStr = "select userid from st_rightuser where userid='"+Global.sqlFilter(userid)+"' and passwd='"+Global.sqlFilter(passwd)+"'";
try {
DBInit();
rs = st.executeQuery(sqlStr);
if (rs.next())
flag = "0"; //正確的用戶登錄
CloseDB();
} catch (Exception e){
CloseDB();
return "2";
}
return flag ;
}
public String CloseDB() {
try {
if (rs != null)
rs.close();
if (st != null)
st.close();
if (conn != null)
conn.close();
} catch (Exception e){
return null;
}
return "ok";
}
}
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -