diff --git a/roncoo-pay-app-reconciliation/src/main/resources/spring-task.xml b/roncoo-pay-app-reconciliation/src/main/resources/spring-task.xml index da34ecc2..a3a778de 100644 --- a/roncoo-pay-app-reconciliation/src/main/resources/spring-task.xml +++ b/roncoo-pay-app-reconciliation/src/main/resources/spring-task.xml @@ -8,7 +8,7 @@ http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-3.2.xsd"> - + diff --git a/roncoo-pay-common-core/src/main/java/com/roncoo/pay/common/core/enums/PublicStatusEnum.java b/roncoo-pay-common-core/src/main/java/com/roncoo/pay/common/core/enums/PublicStatusEnum.java index 25db38c7..a2f00c6c 100644 --- a/roncoo-pay-common-core/src/main/java/com/roncoo/pay/common/core/enums/PublicStatusEnum.java +++ b/roncoo-pay-common-core/src/main/java/com/roncoo/pay/common/core/enums/PublicStatusEnum.java @@ -53,6 +53,7 @@ public static Map> toMap() { for (int num = 0; num < ary.length; num++) { Map map = new HashMap(); String key = ary[num].name(); + map.put("value", ary[num].name()); map.put("desc", ary[num].getDesc()); enumMap.put(key, map); } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/PmsRolePermissionDao.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/PmsRolePermissionDao.java index bd96637b..9fea7da3 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/PmsRolePermissionDao.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/PmsRolePermissionDao.java @@ -44,4 +44,8 @@ public interface PmsRolePermissionDao extends PermissionBaseDao listByRoleIds(String roleIdsStr); + + public void deleteByRoleIdAndPermissionId(Long roleId, Long permissionId); + + public void deleteByRoleId(Long roleId); } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/impl/PmsRolePermissionDaoImpl.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/impl/PmsRolePermissionDaoImpl.java index 50455a98..91c7c260 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/impl/PmsRolePermissionDaoImpl.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/dao/impl/PmsRolePermissionDaoImpl.java @@ -16,7 +16,9 @@ package com.roncoo.pay.permission.dao.impl; import java.util.Arrays; +import java.util.HashMap; import java.util.List; +import java.util.Map; import org.springframework.stereotype.Repository; @@ -54,4 +56,15 @@ public List listByRoleIds(String roleIdsStr) { List roldIds = Arrays.asList(roleIdsStr.split(",")); return super.getSqlSession().selectList(getStatement("listByRoleIds"), roldIds); } + + public void deleteByRoleIdAndPermissionId(Long roleId, Long permissionId){ + Map paramMap = new HashMap(); + paramMap.put("roleId", roleId); + paramMap.put("permissionId", permissionId); + super.getSqlSession().delete(getStatement("deleteByRoleIdAndPermissionId"), paramMap); + } + + public void deleteByRoleId(Long roleId){ + super.getSqlSession().delete(getStatement("deleteByRoleId"), roleId); + } } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsMenuRoleService.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsMenuRoleService.java index 212c88f7..2e0dc825 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsMenuRoleService.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsMenuRoleService.java @@ -40,4 +40,6 @@ public interface PmsMenuRoleService { */ public void deleteByRoleId(Long roleId); + public void saveRoleMenu(Long roleId, String roleMenuStr); + } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsPermissionService.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsPermissionService.java index 7b60544f..62236c50 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsPermissionService.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsPermissionService.java @@ -97,5 +97,10 @@ public interface PmsPermissionService { * @return */ String getPermissionIdsByRoleId(Long roleId); + + /** + * 查询所有的权限 + */ + List listAll(); } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsRolePermissionService.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsRolePermissionService.java index 4799c9b2..76fd48ce 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsRolePermissionService.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/PmsRolePermissionService.java @@ -64,5 +64,10 @@ public interface PmsRolePermissionService { * @return */ PageBean listPage(PageParam pageParam, PmsRolePermission pmsRolePermission); + + /** + * 保存角色和权限之间的关联关系 + */ + void saveRolePermission(Long roleId, String rolePermissionStr); } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsMenuRoleServiceImpl.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsMenuRoleServiceImpl.java index 18411331..f78f3fa1 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsMenuRoleServiceImpl.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsMenuRoleServiceImpl.java @@ -19,7 +19,9 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; +import com.alibaba.druid.util.StringUtils; import com.roncoo.pay.permission.dao.PmsMenuRoleDao; import com.roncoo.pay.permission.entity.PmsMenuRole; import com.roncoo.pay.permission.service.PmsMenuRoleService; @@ -62,4 +64,20 @@ public void deleteByRoleId(Long roleId) { pmsMenuRoleDao.deleteByRoleId(roleId); } + @Transactional(rollbackFor = Exception.class) + public void saveRoleMenu(Long roleId, String roleMenuStr){ + // 删除原来的角色与权限关联 + pmsMenuRoleDao.deleteByRoleId(roleId); + if (!StringUtils.isEmpty(roleMenuStr)) { + // 创建新的关联 + String[] menuIds = roleMenuStr.split(","); + for (int i = 0; i < menuIds.length; i++) { + Long menuId = Long.valueOf(menuIds[i]); + PmsMenuRole item = new PmsMenuRole(); + item.setMenuId(menuId); + item.setRoleId(roleId); + pmsMenuRoleDao.insert(item); + } + } + } } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsOperatorServiceImpl.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsOperatorServiceImpl.java index 3fe1ba39..853bf9f3 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsOperatorServiceImpl.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsOperatorServiceImpl.java @@ -15,6 +15,7 @@ */ package com.roncoo.pay.permission.service.impl; +import java.util.Date; import java.util.HashMap; import java.util.Iterator; import java.util.List; @@ -25,6 +26,7 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import com.roncoo.pay.common.core.enums.PublicStatusEnum; import com.roncoo.pay.common.core.page.PageBean; import com.roncoo.pay.common.core.page.PageParam; import com.roncoo.pay.permission.dao.PmsOperatorDao; @@ -153,16 +155,16 @@ public void saveOperator(PmsOperator pmsOperator, String roleOperatorStr) { pmsOperatorDao.insert(pmsOperator); // 保存角色关联信息 if (StringUtils.isNotBlank(roleOperatorStr) && roleOperatorStr.length() > 0) { - saveOrUpdateOperatorRole(pmsOperator.getId(), roleOperatorStr); + saveOrUpdateOperatorRole(pmsOperator, roleOperatorStr); } } /** * 保存用户和角色之间的关联关系 */ - private void saveOrUpdateOperatorRole(long operatorId, String roleIdsStr) { + private void saveOrUpdateOperatorRole(PmsOperator pmsOperator, String roleIdsStr) { // 删除原来的角色与操作员关联 - List listPmsOperatorRoles = pmsOperatorRoleDao.listByOperatorId(operatorId); + List listPmsOperatorRoles = pmsOperatorRoleDao.listByOperatorId(pmsOperator.getId()); Map delMap = new HashMap(); for (PmsOperatorRole pmsOperatorRole : listPmsOperatorRoles) { delMap.put(pmsOperatorRole.getRoleId(), pmsOperatorRole); @@ -174,8 +176,11 @@ private void saveOrUpdateOperatorRole(long operatorId, String roleIdsStr) { long roleId = Long.parseLong(roleIds[i]); if (delMap.get(roleId) == null) { PmsOperatorRole pmsOperatorRole = new PmsOperatorRole(); - pmsOperatorRole.setOperatorId(operatorId); + pmsOperatorRole.setOperatorId(pmsOperator.getId()); pmsOperatorRole.setRoleId(roleId); + pmsOperatorRole.setCreater(pmsOperator.getCreater()); + pmsOperatorRole.setCreateTime(new Date()); + pmsOperatorRole.setStatus(PublicStatusEnum.ACTIVE.name()); pmsOperatorRoleDao.insert(pmsOperatorRole); } else { delMap.remove(roleId); @@ -186,7 +191,7 @@ private void saveOrUpdateOperatorRole(long operatorId, String roleIdsStr) { Iterator iterator = delMap.keySet().iterator(); while (iterator.hasNext()) { long roleId = iterator.next(); - pmsOperatorRoleDao.deleteByRoleIdAndOperatorId(roleId, operatorId); + pmsOperatorRoleDao.deleteByRoleIdAndOperatorId(roleId, pmsOperator.getId()); } } @@ -201,7 +206,7 @@ private void saveOrUpdateOperatorRole(long operatorId, String roleIdsStr) { public void updateOperator(PmsOperator pmsOperator, String roleOperatorStr) { pmsOperatorDao.update(pmsOperator); // 更新角色信息 - this.saveOrUpdateOperatorRole(pmsOperator.getId(), roleOperatorStr); + this.saveOrUpdateOperatorRole(pmsOperator, roleOperatorStr); } } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsPermissionServiceImpl.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsPermissionServiceImpl.java index 2be267a5..0abb3e1a 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsPermissionServiceImpl.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsPermissionServiceImpl.java @@ -141,4 +141,11 @@ public String getPermissionIdsByRoleId(Long roleId) { return actionIds.toString(); } + /** + * 查询所有的权限 + */ + public List listAll() { + Map paramMap = new HashMap(); + return pmsPermissionDao.listBy(paramMap); + } } diff --git a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsRolePermissionServiceImpl.java b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsRolePermissionServiceImpl.java index a6d8fe24..d9be74f1 100644 --- a/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsRolePermissionServiceImpl.java +++ b/roncoo-pay-service/src/main/java/com/roncoo/pay/permission/service/impl/PmsRolePermissionServiceImpl.java @@ -17,12 +17,14 @@ import java.util.HashMap; import java.util.HashSet; +import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; import com.alibaba.druid.util.StringUtils; import com.roncoo.pay.common.core.page.PageBean; @@ -134,5 +136,25 @@ public PageBean listPage(PageParam pageParam, PmsRolePermission pmsRolePermissio Map paramMap = new HashMap(); return pmsRolePermissionDao.listPage(pageParam, paramMap); } + + /** + * 保存角色和权限之间的关联关系 + */ + @Transactional(rollbackFor = Exception.class) + public void saveRolePermission(Long roleId, String rolePermissionStr){ + // 删除原来的角色与权限关联 + pmsRolePermissionDao.deleteByRoleId(roleId); + if (!StringUtils.isEmpty(rolePermissionStr)) { + // 创建新的关联 + String[] permissionIds = rolePermissionStr.split(","); + for (int i = 0; i < permissionIds.length; i++) { + Long permissionId = Long.valueOf(permissionIds[i]); + PmsRolePermission item = new PmsRolePermission(); + item.setPermissionId(permissionId); + item.setRoleId(roleId); + pmsRolePermissionDao.insert(item); + } + } + } } diff --git a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuMapper.xml b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuMapper.xml index f1460da9..8e617f8f 100644 --- a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuMapper.xml +++ b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuMapper.xml @@ -39,7 +39,7 @@ where ID = #{id} and VERSION = #{version} - + delete from where ID = #{id} diff --git a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuRoleMapper.xml b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuRoleMapper.xml index 76ffcbdc..56b9d4dc 100644 --- a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuRoleMapper.xml +++ b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsMenuRoleMapper.xml @@ -36,8 +36,12 @@ diff --git a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsOperatorMapper.xml b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsOperatorMapper.xml index 36ea078f..ce396dcd 100644 --- a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsOperatorMapper.xml +++ b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsOperatorMapper.xml @@ -4,7 +4,7 @@ PMS_OPERATOR - PMS_OPERATOR_ROLE + PMS_ROLE_OPERATOR @@ -72,7 +72,7 @@ order by ID - + delete from where ID = #{id} @@ -82,7 +82,7 @@ and login_name = #{loginName} and status = #{status} - and type = #{type} + and type = #{type} and REALNAME like CONCAT(CONCAT('%', #{realName}), '%') @@ -110,7 +110,7 @@ select O.* from O LEFT JOIN - + RO ON O.ID = RO.operator_id WHERE RO.role_id = #{roleId} diff --git a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsPermissionMapper.xml b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsPermissionMapper.xml index ad13afe4..9846b2af 100644 --- a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsPermissionMapper.xml +++ b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsPermissionMapper.xml @@ -84,9 +84,16 @@ where permission = #{permission} and id != #{id} + + - - + delete from where id = #{id} @@ -108,7 +115,7 @@ - + order by create_time desc limit #{pageFirst}, #{pageSize} @@ -120,5 +127,14 @@ + \ No newline at end of file diff --git a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRoleMapper.xml b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRoleMapper.xml index a993550e..b7b87cb4 100644 --- a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRoleMapper.xml +++ b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRoleMapper.xml @@ -75,7 +75,7 @@ order by id - + delete from where id = #{id} diff --git a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRolePermissionMapper.xml b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRolePermissionMapper.xml index a7471165..32eb52b3 100644 --- a/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRolePermissionMapper.xml +++ b/roncoo-pay-service/src/main/resources/mybatis/mapper/permission/PmsRolePermissionMapper.xml @@ -63,5 +63,11 @@ where role_id = #{roleId} + + + delete from + + where role_id = #{roleId} and permission_id = #{permissionId} + \ No newline at end of file diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/controller/login/LoginController.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/controller/login/LoginController.java index 0cef5a4e..04910393 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/controller/login/LoginController.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/controller/login/LoginController.java @@ -205,7 +205,7 @@ private void buildAdminPermissionTree(String pId, StringBuffer treeBuf, List men String level = map.get("level").toString();// 菜单层级(1、2、3、4) String url = map.get("url").toString(); // ACTION访问地址 String navTabId = ""; - if (StringUtil.isEmpty(map.get("targetName"))) { + if (!StringUtil.isEmpty(map.get("targetName"))) { navTabId = map.get("targetName").toString(); // 用于刷新查询页面 } diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsMenuController.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsMenuController.java index d4714c0b..1d077489 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsMenuController.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsMenuController.java @@ -102,8 +102,17 @@ public String addPmsMenu(HttpServletRequest req, PmsMenu pmsMenu, Model model, D if (list.size() > 0) { return operateError("同级菜单名称不能重复", model); } - pmsMenu.setCreater(getPmsOperator().getRealName()); + pmsMenu.setCreater(getPmsOperator().getLoginName()); pmsMenu.setStatus(PublicStatusEnum.ACTIVE.name()); + pmsMenu.setIsLeaf("YES"); + if (null != pmsMenu.getParent().getId()) { + pmsMenu.setLevel(pmsMenu.getParent().getLevel()+1); + }else{ + pmsMenu.setLevel(1L); + PmsMenu parent = new PmsMenu(); + parent.setId(0l); + pmsMenu.setParent(parent); + } pmsMenuService.savaMenu(pmsMenu); } catch (Exception e) { // 记录系统操作日志 diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsOperatorController.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsOperatorController.java index 5d16cdf6..702f8e5e 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsOperatorController.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsOperatorController.java @@ -16,6 +16,7 @@ */ package com.roncoo.pay.permission.controller; +import java.util.Date; import java.util.List; import java.util.regex.Pattern; @@ -29,6 +30,7 @@ import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; import com.roncoo.pay.common.core.dwz.DwzAjax; import com.roncoo.pay.common.core.enums.PublicStatusEnum; @@ -77,8 +79,7 @@ public String listPmsOperator(HttpServletRequest req, PageParam pageParam, PmsOp PageBean pageBean = pmsOperatorService.listPage(pageParam, operator); model.addAttribute(pageBean); - model.addAttribute("publicStatus", PublicStatusEnum.toList()); - model.addAttribute("OperatorTypeEnumList", OperatorTypeEnum.toList()); + model.addAttribute("OperatorStatusEnum", PublicStatusEnum.toMap()); model.addAttribute("OperatorTypeEnum", OperatorTypeEnum.toMap()); return "pms/pmsOperatorList"; } catch (Exception e) { @@ -94,9 +95,9 @@ public String listPmsOperator(HttpServletRequest req, PageParam pageParam, PmsOp */ @RequiresPermissions("pms:operator:view") @RequestMapping("/viewUI") - public String viewPmsOperatorUI(HttpServletRequest req, Long operatorId, Model model) { + public String viewPmsOperatorUI(HttpServletRequest req, Long id, Model model) { try { - PmsOperator pmsOperator = pmsOperatorService.getDataById(operatorId); + PmsOperator pmsOperator = pmsOperatorService.getDataById(id); if (pmsOperator == null) { return operateError("无法获取要查看的数据", model); } @@ -106,12 +107,11 @@ public String viewPmsOperatorUI(HttpServletRequest req, Long operatorId, Model m return operateError("权限不足", model); } - // super.pushData(pmsOperator); // 准备角色列表 model.addAttribute("rolesList", pmsRoleService.listAllRole()); // 准备该用户拥有的角色ID字符串 - List lisPmsOperatorRoles = pmsOperatorRoleService.listOperatorRoleByOperatorId(operatorId); + List lisPmsOperatorRoles = pmsOperatorRoleService.listOperatorRoleByOperatorId(id); StringBuffer owenedRoleIdBuffer = new StringBuffer(""); for (PmsOperatorRole pmsOperatorRole : lisPmsOperatorRoles) { owenedRoleIdBuffer.append(pmsOperatorRole.getRoleId()); @@ -121,6 +121,7 @@ public String viewPmsOperatorUI(HttpServletRequest req, Long operatorId, Model m if (StringUtils.isNotBlank(owenedRoleIds) && owenedRoleIds.length() > 0) { owenedRoleIds = owenedRoleIds.substring(0, owenedRoleIds.length() - 1); } + model.addAttribute("pmsOperator", pmsOperator); model.addAttribute("owenedRoleIds", owenedRoleIds); return "/pms/pmsOperatorView"; } catch (Exception e) { @@ -139,7 +140,7 @@ public String viewPmsOperatorUI(HttpServletRequest req, Long operatorId, Model m public String addPmsOperatorUI(HttpServletRequest req, Model model) { try { model.addAttribute("rolesList", pmsRoleService.listAllRole()); - model.addAttribute("OperatorStatusEnumList", PublicStatusEnum.values()); + model.addAttribute("OperatorStatusEnumList", PublicStatusEnum.toList()); return "/pms/pmsOperatorAdd"; } catch (Exception e) { log.error("== addPmsOperatorUI exception:", e); @@ -153,19 +154,15 @@ public String addPmsOperatorUI(HttpServletRequest req, Model model) { */ @RequiresPermissions("pms:operator:add") @RequestMapping("/add") - public String addPmsOperator(HttpServletRequest req, PmsOperator pmsOperator, String selectVal, Model model, DwzAjax dwz) { + public String addPmsOperator(HttpServletRequest req, PmsOperator pmsOperator, @RequestParam("selectVal") String selectVal, Model model, DwzAjax dwz) { try { pmsOperator.setType(OperatorTypeEnum.USER.name()); // 类型( // "0":'普通操作员',"1":'超级管理员'),只能添加普通操作员 - String roleOperatorStr = getRoleOperatorStr(selectVal); // 表单数据校验 String validateMsg = validatePmsOperator(pmsOperator, roleOperatorStr); - // if (!loginPwdFormat(loginPwd)) { - // return operateError("登录密码必须由字母、数字、特殊符号组成"); - // } if (StringUtils.isNotBlank(validateMsg)) { return operateError(validateMsg, model); // 返回错误信息 @@ -178,7 +175,8 @@ public String addPmsOperator(HttpServletRequest req, PmsOperator pmsOperator, St } PasswordHelper.encryptPassword(pmsOperator); - + pmsOperator.setCreater(getPmsOperator().getLoginName()); + pmsOperator.setCreateTime(new Date()); pmsOperatorService.saveOperator(pmsOperator, roleOperatorStr); return operateSuccess(model, dwz); @@ -240,23 +238,23 @@ private String validatePmsOperator(PmsOperator operator, String roleOperatorStr) * (operator.getLoginName().contains(specialChar)) { msg += * "登录名不能包含特殊字符,"; } */ - if (!realNameFormat(operator.getRealName())) { - msg += "操作员姓名必须为中文!"; - } +// if (!realNameFormat(operator.getRealName())) { +// msg += "操作员姓名必须为中文!"; +// } // if (!emailFormat(operator.getLoginName())) { // msg += "账户名格式必须为邮箱地址!"; // } // 登录密码 - String loginPwd = operator.getLoginPwd(); - String loginPwdMsg = ValidateUtils.lengthValidate("登录密码", loginPwd, true, 6, 50); - /* - * if (StringUtils.isBlank(loginPwdMsg) && - * !ValidateUtils.isAlphanumeric(loginPwd)) { loginPwdMsg += - * "登录密码应为字母或数字组成,"; } - */ - msg += loginPwdMsg; +// String loginPwd = operator.getLoginPwd(); +// String loginPwdMsg = ValidateUtils.lengthValidate("登录密码", loginPwd, true, 6, 50); +// /* +// * if (StringUtils.isBlank(loginPwdMsg) && +// * !ValidateUtils.isAlphanumeric(loginPwd)) { loginPwdMsg += +// * "登录密码应为字母或数字组成,"; } +// */ +// msg += loginPwdMsg; // 手机号码 String mobileNo = operator.getMobileNo(); @@ -288,10 +286,9 @@ private String validatePmsOperator(PmsOperator operator, String roleOperatorStr) * * @return * */ - @RequiresPermissions("pms:operator:delete") @RequestMapping("/delete") - public String deleteOperatorStatus(HttpServletRequest req, Long operatorId, Model model, DwzAjax dwz) { - pmsOperatorService.deleteOperatorById(operatorId); + public String deleteOperatorStatus(HttpServletRequest req, Long id, Model model, DwzAjax dwz) { + pmsOperatorService.deleteOperatorById(id); return this.operateSuccess(model, dwz); } @@ -302,9 +299,9 @@ public String deleteOperatorStatus(HttpServletRequest req, Long operatorId, Mode */ @RequiresPermissions("pms:operator:edit") @RequestMapping("/editUI") - public String editPmsOperatorUI(HttpServletRequest req, Long operatorId, Model model) { + public String editPmsOperatorUI(HttpServletRequest req, Long id, Model model) { try { - PmsOperator pmsOperator = pmsOperatorService.getDataById(operatorId); + PmsOperator pmsOperator = pmsOperatorService.getDataById(id); if (pmsOperator == null) { return operateError("无法获取要修改的数据", model); } @@ -313,13 +310,11 @@ public String editPmsOperatorUI(HttpServletRequest req, Long operatorId, Model m if (OperatorTypeEnum.USER.name().equals(this.getPmsOperator().getType()) && OperatorTypeEnum.ADMIN.name().equals(pmsOperator.getType())) { return operateError("权限不足", model); } - - // super.pushData(pmsOperator); // 准备角色列表 model.addAttribute("rolesList", pmsRoleService.listAllRole()); // 准备该用户拥有的角色ID字符串 - List lisPmsOperatorRoles = pmsOperatorRoleService.listOperatorRoleByOperatorId(operatorId); + List lisPmsOperatorRoles = pmsOperatorRoleService.listOperatorRoleByOperatorId(id); StringBuffer owenedRoleIdBuffer = new StringBuffer(""); for (PmsOperatorRole pmsOperatorRole : lisPmsOperatorRoles) { owenedRoleIdBuffer.append(pmsOperatorRole.getRoleId()); @@ -333,8 +328,8 @@ public String editPmsOperatorUI(HttpServletRequest req, Long operatorId, Model m model.addAttribute("OperatorStatusEnum", PublicStatusEnum.toMap()); model.addAttribute("OperatorTypeEnum", OperatorTypeEnum.toMap()); - - return "pms/"; + model.addAttribute("pmsOperator", pmsOperator); + return "pms/pmsOperatorEdit"; } catch (Exception e) { log.error("== editPmsOperatorUI exception:", e); return operateError("获取修改数据失败", model); @@ -390,7 +385,7 @@ public String editPmsOperator(HttpServletRequest req, PmsOperator operator, Stri * @return operateSuccess or operateError . */ @RequiresPermissions("pms:operator:changestatus") - @RequestMapping("/changestatus") + @RequestMapping("/changeStatus") public String changeOperatorStatus(HttpServletRequest req, PmsOperator operator, Model model, DwzAjax dwz) { try { Long operatorId = operator.getId(); @@ -411,7 +406,7 @@ public String changeOperatorStatus(HttpServletRequest req, PmsOperator operator, // 2014-01-02,由删除改为修改状态 // pmsPermissionBiz.deleteOperator(id); // 激活的变冻结,冻结的则变激活 - if (pmsOperator.getStatus() == PublicStatusEnum.ACTIVE.name()) { + if (pmsOperator.getStatus().equals(PublicStatusEnum.ACTIVE.name())) { if ("ADMIN".equals(pmsOperator.getType())) { return operateError("【" + pmsOperator.getLoginName() + "】为超级管理员,不能冻结", model); } @@ -446,7 +441,7 @@ public String resetOperatorPwdUI(HttpServletRequest req, Long id, Model model) { return operateError("权限不足", model); } - model.addAttribute("operatorId", operator.getId()); + model.addAttribute("operator", operator); return "pms/pmsOperatorResetPwd"; } @@ -458,9 +453,9 @@ public String resetOperatorPwdUI(HttpServletRequest req, Long id, Model model) { */ @RequiresPermissions("pms:operator:resetpwd") @RequestMapping("/resetPwd") - public String resetOperatorPwd(HttpServletRequest req, Long operatorId, String newPwd, String newPwd2, Model model, DwzAjax dwz) { + public String resetOperatorPwd(HttpServletRequest req, Long id, String newPwd, String newPwd2, Model model, DwzAjax dwz) { try { - PmsOperator operator = pmsOperatorService.getDataById(operatorId); + PmsOperator operator = pmsOperatorService.getDataById(id); if (operator == null) { return operateError("无法获取要重置密码的操作员信息", model); } @@ -470,9 +465,6 @@ public String resetOperatorPwd(HttpServletRequest req, Long operatorId, String n return operateError("权限不足", model); } - if (!loginPwdFormat(newPwd)) { - return operateError("登录密码必须由字母、数字、特殊符号组成", model); - } String validateMsg = validatePassword(newPwd, newPwd2); if (StringUtils.isNotBlank(validateMsg)) { diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsPermissionController.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsPermissionController.java index a334180c..3cc0727f 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsPermissionController.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsPermissionController.java @@ -15,6 +15,7 @@ */ package com.roncoo.pay.permission.controller; +import java.util.Date; import java.util.List; import javax.servlet.http.HttpServletRequest; @@ -29,6 +30,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import com.roncoo.pay.common.core.dwz.DwzAjax; +import com.roncoo.pay.common.core.enums.PublicStatusEnum; import com.roncoo.pay.common.core.page.PageBean; import com.roncoo.pay.common.core.page.PageParam; import com.roncoo.pay.controller.common.BaseController; @@ -67,6 +69,7 @@ public String listPmsPermission(HttpServletRequest req, PageParam pageParam, Pms try { PageBean pageBean = pmsPermissionService.listPage(pageParam, pmsPermission); model.addAttribute(pageBean); + model.addAttribute("pageParam", pageParam); return "pms/pmsPermissionList"; } catch (Exception e) { log.error("== listPmsPermission exception:", e); @@ -113,7 +116,9 @@ public String addPmsPermission(HttpServletRequest req, PmsPermission pmsPermissi if (checkPermission != null) { return operateError("权限【" + permission + "】已存在", model); } - + pmsPermission.setStatus(PublicStatusEnum.ACTIVE.name()); + pmsPermission.setCreater(getPmsOperator().getLoginName()); + pmsPermission.setCreateTime(new Date()); pmsPermissionService.saveData(pmsPermission); return operateSuccess(model, dwz); // 返回operateSuccess视图,并提示“操作成功” diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsRoleController.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsRoleController.java index ab00fbe9..df397a89 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsRoleController.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/controller/PmsRoleController.java @@ -16,6 +16,7 @@ package com.roncoo.pay.permission.controller; import java.util.Date; +import java.util.List; import javax.servlet.http.HttpServletRequest; @@ -27,6 +28,7 @@ import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; import com.roncoo.pay.common.core.dwz.DwzAjax; import com.roncoo.pay.common.core.page.PageBean; @@ -34,11 +36,14 @@ import com.roncoo.pay.controller.common.BaseController; import com.roncoo.pay.permission.biz.PmsMenuBiz; import com.roncoo.pay.permission.entity.PmsOperator; +import com.roncoo.pay.permission.entity.PmsPermission; import com.roncoo.pay.permission.entity.PmsRole; import com.roncoo.pay.permission.enums.OperatorTypeEnum; +import com.roncoo.pay.permission.service.PmsMenuRoleService; import com.roncoo.pay.permission.service.PmsMenuService; import com.roncoo.pay.permission.service.PmsOperatorRoleService; import com.roncoo.pay.permission.service.PmsPermissionService; +import com.roncoo.pay.permission.service.PmsRolePermissionService; import com.roncoo.pay.permission.service.PmsRoleService; import com.roncoo.pay.permission.utils.ValidateUtils; @@ -58,10 +63,12 @@ public class PmsRoleController extends BaseController { @Autowired private PmsMenuService pmsMenuService; @Autowired - private PmsMenuBiz pmsMenuBiz; + private PmsMenuRoleService pmsMenuRoleService; @Autowired private PmsPermissionService pmsPermissionService; @Autowired + private PmsRolePermissionService pmsRolePermissionService; + @Autowired private PmsOperatorRoleService pmsOperatorRoleService; private static Log log = LogFactory.getLog(PmsRoleController.class); @@ -76,10 +83,9 @@ public class PmsRoleController extends BaseController { public String listPmsRole(HttpServletRequest req, PageParam pageParam, PmsRole pmsRole, Model model) { try { PageBean pageBean = pmsRoleService.listPage(pageParam, pmsRole); - PmsOperator operator = this.getPmsOperator(); - model.addAttribute(operator); model.addAttribute(pageBean); - model.addAttribute("OperatorTypeEnum", OperatorTypeEnum.toMap()); + model.addAttribute("pageParam", pageParam); + model.addAttribute("pmsRole", pmsRole); return "pms/pmsRoleList"; } catch (Exception e) { log.error("== listPmsRole exception:", e); @@ -110,7 +116,7 @@ public String addPmsRoleUI(HttpServletRequest req, Model model) { */ @RequiresPermissions("pms:role:add") @RequestMapping("/add") - public String addPmsRole(HttpServletRequest req, Model model, String roleCode, String roleName, String desc, DwzAjax dwz) { + public String addPmsRole(HttpServletRequest req, Model model, @RequestParam("roleCode") String roleCode, @RequestParam("roleName") String roleName, @RequestParam("remark") String remark, DwzAjax dwz) { try { PmsRole roleNameCheck = pmsRoleService.getByRoleNameOrRoleCode(roleName, null); if (roleNameCheck != null) { @@ -126,7 +132,7 @@ public String addPmsRole(HttpServletRequest req, Model model, String roleCode, S PmsRole pmsRole = new PmsRole(); pmsRole.setRoleCode(roleCode); pmsRole.setRoleName(roleName); - pmsRole.setRemark(desc); + pmsRole.setRemark(remark); pmsRole.setCreateTime(new Date()); // 表单数据校验 @@ -254,7 +260,7 @@ public String deletePmsRole(HttpServletRequest req, Model model, Long roleId, Dw return operateError("删除失败", model); } } - + /** * 分配权限UI * @@ -262,10 +268,98 @@ public String deletePmsRole(HttpServletRequest req, Model model, Long roleId, Dw */ @SuppressWarnings("unchecked") @RequiresPermissions("pms:role:assignpermission") - @RequestMapping("/assignPermission") + @RequestMapping("/assignPermissionUI") public String assignPermissionUI(HttpServletRequest req, Model model, Long roleId) { - return "pms/assignPermissionUI"; + PmsRole role = pmsRoleService.getDataById(roleId); + if (role == null) { + return operateError("无法获取角色信息", model); + } + // 普通操作员没有修改超级管理员角色的权限 + if (OperatorTypeEnum.USER.name().equals(this.getPmsOperator().getType()) && "admin".equals(role.getRoleName())) { + return operateError("权限不足", model); + } + + String permissionIds = pmsPermissionService.getPermissionIdsByRoleId(roleId); // 根据角色查找角色对应的功能权限ID集 + List permissionList = pmsPermissionService.listAll(); + List operatorList = pmsOperatorRoleService.listOperatorByRoleId(roleId); + + model.addAttribute("permissionIds", permissionIds); + model.addAttribute("permissionList", permissionList); + model.addAttribute("operatorList", operatorList); + model.addAttribute("role", role); + return "/pms/assignPermissionUI"; } + /** + * 分配角色权限 + */ + @RequiresPermissions("pms:role:assignpermission") + @RequestMapping("/assignPermission") + public String assignPermission(HttpServletRequest req, Model model, @RequestParam("roleId") Long roleId, DwzAjax dwz, @RequestParam("selectVal") String selectVal) { + try { + String rolePermissionStr = getRolePermissionStr(selectVal); + pmsRolePermissionService.saveRolePermission(roleId, rolePermissionStr); + return operateSuccess(model, dwz); + } catch (Exception e) { + log.error("== assignPermission exception:", e); + return operateError("保存失败", model); + } + } + + /** + * 分配菜单UI + * + * @return + */ + @SuppressWarnings("unchecked") + @RequestMapping("/assignMenuUI") + public String assignMenuUI(HttpServletRequest req, Model model, Long roleId) { + PmsRole role = pmsRoleService.getDataById(roleId); + if (role == null) { + return operateError("无法获取角色信息", model); + } + // 普通操作员没有修改超级管理员角色的权限 + if (OperatorTypeEnum.USER.name().equals(this.getPmsOperator().getType()) && "admin".equals(role.getRoleName())) { + return operateError("权限不足", model); + } + + String menuIds = pmsMenuService.getMenuIdsByRoleId(roleId); // 根据角色查找角色对应的菜单ID集 + List menuList = pmsMenuService.getListByParent(null); + List operatorList = pmsOperatorRoleService.listOperatorByRoleId(roleId); + + model.addAttribute("menuIds", menuIds); + model.addAttribute("menuList", menuList); + model.addAttribute("operatorList", operatorList); + model.addAttribute("role", role); + return "/pms/assignMenuUI"; + } + + /** + * 分配角色菜单 + */ + @RequestMapping("/assignMenu") + public String assignMenu(HttpServletRequest req, Model model, @RequestParam("roleId") Long roleId, DwzAjax dwz, @RequestParam("selectVal") String selectVal) { + try { + String roleMenuStr = getRolePermissionStr(selectVal); + pmsMenuRoleService.saveRoleMenu(roleId, roleMenuStr); + return operateSuccess(model, dwz); + } catch (Exception e) { + log.error("== assignPermission exception:", e); + return operateError("保存失败", model); + } + } + + /** + * 得到角色和权限关联的ID字符串 + * + * @return + */ + private String getRolePermissionStr(String selectVal) throws Exception { + String roleStr = selectVal; + if (StringUtils.isNotBlank(roleStr) && roleStr.length() > 0) { + roleStr = roleStr.substring(0, roleStr.length() - 1); + } + return roleStr; + } } diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/credentials/RetryLimitHashedCredentialsMatcher.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/credentials/RetryLimitHashedCredentialsMatcher.java index f9e7117d..3965ab41 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/credentials/RetryLimitHashedCredentialsMatcher.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/credentials/RetryLimitHashedCredentialsMatcher.java @@ -71,11 +71,6 @@ public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo // clear retry count passwordRetryCache.remove(username); - // 对接龙果平台 - if (!"admin".equals(username)) { - username = "guest"; - } - // 根据登录名查询操作员 PmsOperator operator = pmsOperatorService.findOperatorByLoginName(username); Subject subject = SecurityUtils.getSubject(); diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/filter/RcCaptchaFilter.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/filter/RcCaptchaFilter.java index a4145fc9..a7758e03 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/filter/RcCaptchaFilter.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/filter/RcCaptchaFilter.java @@ -75,7 +75,6 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse gc.dispose(); request.getSession().setAttribute("rcCaptcha", rs); - ImageIO.write(bimg, "jpeg", out); try { out.flush(); diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/realm/OperatorRealm.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/realm/OperatorRealm.java index d5ce3933..c3c5252e 100644 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/realm/OperatorRealm.java +++ b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/shiro/realm/OperatorRealm.java @@ -15,8 +15,6 @@ */ package com.roncoo.pay.permission.shiro.realm; -import java.util.HashMap; -import java.util.Map; import java.util.Set; import org.apache.commons.lang.StringUtils; @@ -24,7 +22,6 @@ import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; -import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.LockedAccountException; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.UnknownAccountException; @@ -37,18 +34,11 @@ import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; -import com.alibaba.fastjson.JSON; -import com.alibaba.fastjson.JSONObject; import com.roncoo.pay.common.core.enums.PublicStatusEnum; import com.roncoo.pay.permission.entity.PmsOperator; -import com.roncoo.pay.permission.exception.PermissionException; import com.roncoo.pay.permission.service.PmsOperatorRoleService; import com.roncoo.pay.permission.service.PmsOperatorService; import com.roncoo.pay.permission.service.PmsRolePermissionService; -import com.roncoo.pay.permission.utils.EncryptUtil; -import com.roncoo.pay.permission.utils.PasswordHelper; -import com.roncoo.pay.permission.utils.RonCooSignUtil; -import com.roncoo.pay.permission.utils.RoncooHttpClientUtils; /** * 自定义realm . @@ -77,10 +67,6 @@ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal Session session = subject.getSession(); PmsOperator operator = (PmsOperator) session.getAttribute("PmsOperator"); if (operator == null) { - // 对接龙果平台 - if (!"admin".equals(loginName)) { - loginName = "guest"; - } operator = pmsOperatorService.findOperatorByLoginName(loginName); session.setAttribute("PmsOperator", operator); } @@ -105,87 +91,34 @@ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal return authorizationInfo; } - @SuppressWarnings("unchecked") @Override // 验证的核心方法 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String loginName = (String) token.getPrincipal(); - if (StringUtils.isEmpty(loginName)) { + if (StringUtils.isEmpty(loginName.trim())) { throw new UnknownAccountException();// 没找到帐号 } - if (!"admin".equals(loginName)) { - // 打通龙果平台 - String pwd = new String((char[]) token.getCredentials()); - Long timeStamp = System.currentTimeMillis(); - String key = "rcPayLoginSign268"; - String sign = RonCooSignUtil.getSign(key, timeStamp, loginName); - - // String url = - // "http://192.168.1.181:8080/roncoo-dev-admin/mydata/getByLoginName"; - String url = "http://boss.roncoo.com/mydata/getByLoginName"; - Map params = new HashMap(); - params.put("userName", loginName); - params.put("timeStamp", timeStamp); - params.put("sign", sign); - - String json = JSON.toJSONString(params); - - String httpResponse = RoncooHttpClientUtils.post(url, json); - if (httpResponse.length() < 2) { - throw new PermissionException(PermissionException.RONCOO_NETWORK_EXCEPTION, "网络异常,请联系龙果管理员"); - } - Map parseObject = JSONObject.parseObject(httpResponse, Map.class); - String code = (String) parseObject.get("code"); - - if ("100".equals(code)) { - throw new UnknownAccountException();// 没找到帐号 - } else { - JSONObject data = (JSONObject) parseObject.get("data"); - Map mapInfo = JSONObject.parseObject(data.toJSONString(), Map.class); - String returnPWD = (String) mapInfo.get("pwd"); - String userId = (String) mapInfo.get("userId"); - String str = userId.trim() + pwd.trim(); - String getPwd = EncryptUtil.encodeSHAString(str); - - if (getPwd.trim().equals(returnPWD.trim())) { - - String salt = "183d9f2f0f2ce760e98427a5603d1c73"; - String password = PasswordHelper.getPwd(pwd, salt); - // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现 - SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(loginName, // 登录名 - password, // 密码 - ByteSource.Util.bytes(salt),// salt=username+salt - getName() // realm name - ); - return authenticationInfo; - - } else { - throw new IncorrectCredentialsException();// 密码错误 - } - } - } else { - // 根据登录名查询操作员 - PmsOperator operator = pmsOperatorService.findOperatorByLoginName(loginName); - - if (operator == null) { - throw new UnknownAccountException();// 没找到帐号 - } - - if (PublicStatusEnum.UNACTIVE.equals(operator.getStatus())) { - throw new LockedAccountException(); // 帐号锁定 - } - - // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现 - SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(operator.getLoginName(), // 登录名 - operator.getLoginPwd(), // 密码 - ByteSource.Util.bytes(operator.getCredentialsSalt()), // salt=username+salt - getName() // realm name - ); - - return authenticationInfo; + + // 根据登录名查询操作员 + PmsOperator operator = pmsOperatorService.findOperatorByLoginName(loginName); + + if (operator == null) { + throw new UnknownAccountException();// 没找到帐号 + } + + if (PublicStatusEnum.UNACTIVE.equals(operator.getStatus())) { + throw new LockedAccountException(); // 帐号锁定 } + // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以自定义实现 + SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(operator.getLoginName(), // 登录名 + operator.getLoginPwd(), // 密码 + ByteSource.Util.bytes(operator.getCredentialsSalt()), // salt=username+salt + getName() // realm name + ); + + return authenticationInfo; } @Override diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/EncryptUtil.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/EncryptUtil.java deleted file mode 100644 index 092a9d32..00000000 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/EncryptUtil.java +++ /dev/null @@ -1,153 +0,0 @@ -/* - * Copyright 2015-2102 RonCoo(http://www.roncoo.com) Group. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.roncoo.pay.permission.utils; - -import java.io.IOException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import sun.misc.BASE64Decoder; -import sun.misc.BASE64Encoder; - -import com.alibaba.fastjson.JSON; -import com.alibaba.fastjson.JSONObject; - -/** - * 加密工具类 - * - * 龙果学院:www.roncoo.com - * - * @author:shenjialong - */ -public class EncryptUtil { - - private static final Log LOG = LogFactory.getLog(EncryptUtil.class); - - // 密码盐 - public static final String PWDSALT = "RONCOO"; - - /** - * 私有构造方法,将该工具类设为单例模式. - */ - private EncryptUtil() { - } - - /** - * 用MD5算法进行加密 - * - * @param str - * 需要加密的字符串 - * @return MD5加密后的结果 - */ - public static String encodeMD5String(String str) { - return encode(str, "MD5"); - } - - /** - * 用SHA算法进行加密 - * - * @param str - * 需要加密的字符串 - * @return SHA加密后的结果 - */ - public static String encodeSHAString(String str) { - return encode(str, "SHA"); - } - - /** - * 用base64算法进行加密 - * - * @param str - * 需要加密的字符串 - * @return base64加密后的结果 - */ - public static String encodeBase64String(String str) { - BASE64Encoder encoder = new BASE64Encoder(); - return encoder.encode(str.getBytes()); - } - - /** - * 用base64算法进行解密 - * - * @param str - * 需要解密的字符串 - * @return base64解密后的结果 - * @throws IOException - */ - public static String decodeBase64String(String str) throws IOException { - BASE64Decoder encoder = new BASE64Decoder(); - return new String(encoder.decodeBuffer(str)); - } - - private static String encode(String str, String method) { - MessageDigest mdInst = null; - // 把密文转换成十六进制的字符串形式 - // 单线程用StringBuilder,速度快 多线程用stringbuffer,安全 - StringBuilder dstr = new StringBuilder(); - try { - // 获得MD5摘要算法的 MessageDigest对象 - mdInst = MessageDigest.getInstance(method); - // 使用指定的字节更新摘要 - mdInst.update(str.getBytes()); - // 获得密文 - byte[] md = mdInst.digest(); - for (int i = 0; i < md.length; i++) { - int tmp = md[i]; - if (tmp < 0) { - tmp += 256; - } - if (tmp < 16) { - dstr.append("0"); - } - dstr.append(Integer.toHexString(tmp)); - } - } catch (NoSuchAlgorithmException e) { - LOG.error(e); - } - return dstr.toString(); - } - - public static void main(String[] args) { - String loginName = "513781560@qq.com"; - Long timeStamp = System.currentTimeMillis(); - String key = "rcPayLoginSign268"; - String sign = RonCooSignUtil.getSign(key, timeStamp, loginName); - - String url = "http://192.168.1.181:8080/roncoo-dev-admin/mydata/getByLoginName"; - Map params = new HashMap(); - params.put("userName", loginName); - params.put("timeStamp", timeStamp); - params.put("sign", sign); - String json = JSON.toJSONString(params); - - String httpResponse = RoncooHttpClientUtils.post(url, json); - Map parseObject = JSONObject.parseObject(httpResponse, Map.class); - String code = (String) parseObject.get("code"); - String desc = (String) parseObject.get("desc"); - System.out.println(code); - JSONObject data = (JSONObject) parseObject.get("data"); - - Map mapInfo = JSONObject.parseObject(data.toJSONString(), Map.class); - String returnPWD = (String) mapInfo.get("pwd"); - String userId = (String) mapInfo.get("userId"); - System.out.println(httpResponse); - } -} diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/RonCooSignUtil.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/RonCooSignUtil.java deleted file mode 100644 index b5acf57e..00000000 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/RonCooSignUtil.java +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright 2015-2102 RonCoo(http://www.roncoo.com) Group. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.roncoo.pay.permission.utils; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Arrays; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * 对接龙果平台加密数据 - * - * 龙果学院:www.roncoo.com - * - * @author:shenjialong - */ -public class RonCooSignUtil { - - private static final Log LOG = LogFactory.getLog(RonCooSignUtil.class); - - private RonCooSignUtil() { - - } - - /** - * @param timeStamp - * @param userName - * @param userPwd - * @return - */ - public static String getSign(String token, long timeStamp, String userName) { - - String[] arr = new String[] { token, String.valueOf(timeStamp), userName }; - // 将token、timestamp、nonce、userPwd三个参数进行字典序排序 - Arrays.sort(arr); - StringBuilder content = new StringBuilder(); - for (int i = 0; i < arr.length; i++) { - content.append(arr[i]); - } - MessageDigest md = null; - String tmpStr = null; - - try { - md = MessageDigest.getInstance("SHA-1"); - // 将三个参数字符串拼接成一个字符串进行sha1加密 - byte[] digest = md.digest(content.toString().getBytes()); - tmpStr = byteToStr(digest); - } catch (NoSuchAlgorithmException e) { - LOG.error(e); - } - return tmpStr; - } - - /** - * 将字节数组转换为十六进制字符串 - * - * @param byteArray - * @return - */ - private static String byteToStr(byte[] byteArray) { - String strDigest = ""; - for (int i = 0; i < byteArray.length; i++) { - strDigest += byteToHexStr(byteArray[i]); - } - return strDigest; - } - - /** - * 将字节转换为十六进制字符串 - * - * @param mByte - * @return - */ - private static String byteToHexStr(byte mByte) { - char[] Digit = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; - char[] tempArr = new char[2]; - tempArr[0] = Digit[(mByte >>> 4) & 0X0F]; - tempArr[1] = Digit[mByte & 0X0F]; - - return new String(tempArr); - } - -} diff --git a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/RoncooHttpClientUtils.java b/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/RoncooHttpClientUtils.java deleted file mode 100644 index 6d8ec68e..00000000 --- a/roncoo-pay-web-boss/src/main/java/com/roncoo/pay/permission/utils/RoncooHttpClientUtils.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright 2015-2102 RonCoo(http://www.roncoo.com) Group. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.roncoo.pay.permission.utils; - -import java.io.IOException; -import java.nio.charset.Charset; - -import org.apache.http.HttpResponse; -import org.apache.http.HttpStatus; -import org.apache.http.client.HttpClient; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.entity.StringEntity; -import org.apache.http.impl.client.DefaultHttpClient; -import org.apache.http.util.EntityUtils; - -/** - * httpClientUtils - * - * 龙果学院:www.roncoo.com - * - * @author:shenjialong - */ -public class RoncooHttpClientUtils { - - /** - * 调用 API - * - * @param parameters - * @return - */ - @SuppressWarnings({ "resource", "deprecation" }) - public static String post(String url, String parameters) { - HttpClient httpClient = new DefaultHttpClient(); - HttpPost method = new HttpPost(url); - String body = null; - - if (method != null & parameters != null && !"".equals(parameters.trim())) { - try { - - // 建立一个NameValuePair数组,用于存储欲传送的参数 - method.addHeader("Content-type", "application/json; charset=utf-8"); - method.setHeader("Accept", "application/json"); - method.setEntity(new StringEntity(parameters, Charset.forName("UTF-8"))); - - HttpResponse response = httpClient.execute(method); - - int statusCode = response.getStatusLine().getStatusCode(); - - if (statusCode != HttpStatus.SC_OK) { - return "1";// 返回1表示请求失败 - } - - // Read the response body - body = EntityUtils.toString(response.getEntity()); - - } catch (IOException e) { - // 网络错误 - return "2"; - } finally { - } - - } - return body; - } - -} diff --git a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsMenuLookUp.jsp b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsMenuLookUp.jsp deleted file mode 100644 index 764cc99d..00000000 --- a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsMenuLookUp.jsp +++ /dev/null @@ -1,34 +0,0 @@ -<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> -<%@include file="../../common/taglib/taglib.jsp"%> - - - - -菜单模块 - - - - - -
- -
- -
-
-
-
- ${tree } -
-
-
-
-
-
- \ No newline at end of file diff --git a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsOperatorChangeOwnPwd.jsp b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsOperatorChangeOwnPwd.jsp deleted file mode 100644 index 2d5515f0..00000000 --- a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsOperatorChangeOwnPwd.jsp +++ /dev/null @@ -1,36 +0,0 @@ -<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> -<%@include file="../../common/taglib/taglib.jsp"%> -
-
-
- - - -
- - -
-
- - -
-
- - -
-
-
-
- - 提示:修改密码后要重新登录才能操作! -
-
-
-
    -
  • -
    -
    • -
-
-
-
diff --git a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsOperatorViewOwnInfo.jsp b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsOperatorViewOwnInfo.jsp deleted file mode 100644 index f31562e1..00000000 --- a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/PmsOperatorViewOwnInfo.jsp +++ /dev/null @@ -1,65 +0,0 @@ -<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> -<%@include file="../../common/taglib/taglib.jsp"%> -
-
-
-

- - ${loginName } -

-

- - ${realName } -

-

- - -

-

- - ${mobileNo } -

-

- - - 激活 - 冻结 - -- - -

-

- - - 普通操作员 - 超级管理员 - -- - -

-

- - -

-

- - -

-

- - - - - -- - -

-

- - ${remark } -

-
-
-
    -
    • -
-
-
-
\ No newline at end of file diff --git a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/assignMenuUI.jsp b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/assignMenuUI.jsp new file mode 100644 index 00000000..9f7b6b31 --- /dev/null +++ b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/assignMenuUI.jsp @@ -0,0 +1,113 @@ +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@include file="../../common/taglib/taglib.jsp"%> +
+
+
+ + + + + +
+
+
+ +
+
+
+
+
+
+ 全选 + + + +
+
+
+
+
+ + +
+
+
+ +
+
+
+
+
+ + + + + + + + + + + + + + + + + +
序号登录名用户姓名
${st.index+1}${item.loginName }${item.realName }
+
+
+
+
+
+
+
    +
    • +
    • +
+
+
+
+ diff --git a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/assignPermissionUI.jsp b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/assignPermissionUI.jsp index 285373b1..baca4c77 100644 --- a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/assignPermissionUI.jsp +++ b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/assignPermissionUI.jsp @@ -1,22 +1,32 @@ <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@include file="../../common/taglib/taglib.jsp"%>
+
- - + + + +
- ${menuActionTree } +
+ 全选 + + + +
@@ -43,13 +53,13 @@ - + ${st.index+1} - ${loginName } - ${realName } + ${item.loginName } + ${item.realName } - +
@@ -59,56 +69,45 @@
    -
    • +
+
diff --git a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuAdd.jsp b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuAdd.jsp index 66915e56..7f9d2402 100644 --- a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuAdd.jsp +++ b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuAdd.jsp @@ -11,6 +11,7 @@ +

diff --git a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuList.jsp b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuList.jsp index fd12a9e8..f643f66a 100644 --- a/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuList.jsp +++ b/roncoo-pay-web-boss/src/main/webapp/jsp/pms/pmsMenuList.jsp @@ -71,7 +71,7 @@ ul.rightTools li {