权限 粒度化 到 系统 部门 部门及子部门 个人用户
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//
package cn.com.do1.component.systemmgr.auth;
import cn.com.do1.common.util.string.StringUtil;
import cn.com.do1.component.systemmgr.auth.AuthQuickDac;
import cn.com.do1.component.systemmgr.auth.UserAuth;
import cn.com.do1.component.systemmgr.util.CollectionUtils;
import cn.com.do1.component.systemmgr.util.SystemRoleCacheMgr;
import cn.com.do1.component.systemmgr.util.Constants.ACCESS_LEVEL;
import cn.com.do1.dqdp.core.DqdpAppContext;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
public class AuthOperater {
public AuthOperater() {
}
- //查询 权限code的级别
public static int ckCurrentUserPerAccessLevel(String permissionCode) throws Exception {
if(permissionCode == null) {
throw new Exception("权限代码不能为空!");
} else if(UserAuth.isSuperUser()) {
return ACCESS_LEVEL.ALL.value();
} else {
String[] roleIds = UserAuth.getSessionPerson().getRoleIds().split(",");
ArrayList accessLevList = new ArrayList();
String[] var6 = roleIds;
int var5 = roleIds.length;
for(int var4 = 0; var4 < var5; ++var4) {
String roleid = var6[var4];
List perlist = SystemRoleCacheMgr.getOPermissByRoleId(roleid);
Iterator var9 = perlist.iterator();
while(var9.hasNext()) {
Map per = (Map)var9.next();
if(per.get("PERMISSION_CODE").toString().equalsIgnoreCase(permissionCode)) {
accessLevList.add(Integer.valueOf(per.get("ACCESS_LEVEL").toString()));
}
}
}
if(accessLevList.size() <= 0) {
return ACCESS_LEVEL.NOT_HAS.value();
} else {
return ((Integer)Collections.min(accessLevList)).intValue();
}
}
}
- //检查当前用户是否包含权限code
public static boolean ckCurrentUserHasPer(String permissionCode) throws Exception {
if(permissionCode == null) {
return false;
} else if(UserAuth.isSuperUser()) {
return true;
} else {
UserDetails userDetails = DqdpAppContext.getCurrentUser();
Iterator var3 = userDetails.getAuthorities().iterator();
while(var3.hasNext()) {
GrantedAuthority grantedAuthority = (GrantedAuthority)var3.next();
try {
if("all".equals(permissionCode) || StringUtil.isInContainer(permissionCode.split(","), grantedAuthority.getAuthority())) {
return true;
}
} catch (Exception var4) {
return false;
}
}
return false;
}
}
- //检查用户针对改权限拥有的级别所有的部门id
public static String ckUserModuelPreDepts(String permissionCode) throws Exception {
int accessCode = ckCurrentUserPerAccessLevel(permissionCode);
if(accessCode != ACCESS_LEVEL.NOT_HAS.value() && accessCode != ACCESS_LEVEL.USER.value()) {
if(accessCode != ACCESS_LEVEL.ALL.value() && accessCode != ACCESS_LEVEL.SYSTEM_USER.value()) {
ArrayList deptList = null;
if(accessCode == ACCESS_LEVEL.DEPT.value()) {
deptList = (ArrayList)AuthQuickDac.getContext().searchUserDeptLevelOrg(UserAuth.getSessionUser().getId().toLowerCase());
}
if(accessCode == ACCESS_LEVEL.DEPT_AND_CHILDREN.value()) {
deptList = (ArrayList)AuthQuickDac.getContext().searchUserDChildLevOrg(UserAuth.getSessionUser().getId().toLowerCase());
}
deptList = (ArrayList)CollectionUtils.replaceList(deptList);
return CollectionUtils.listToString(deptList);
} else {
return "all";
}
} else {
return null;
}
}
}
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//
package cn.com.do1.component.systemmgr.auth;
import cn.com.do1.common.dac.QuickDAC;
import cn.com.do1.component.systemmgr.org.model.TbDqdpOrgPO;
import cn.com.do1.component.systemmgr.user.model.TbUserRoleDeptRefPO;
import cn.com.do1.component.systemmgr.util.CollectionUtils;
import cn.com.do1.component.systemmgr.util.SystemCacheUtils;
import cn.com.do1.dqdp.core.DqdpAppContext;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import javax.sql.DataSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class AuthQuickDac {
private static final Logger logger = LoggerFactory.getLogger(AuthQuickDac.class);
private static ReentrantLock lock = new ReentrantLock(true);
private static ThreadLocal<Integer> executeCount = new ThreadLocal();
private static AuthQuickDac authQuickDac;
private DataSource ds;
private AuthQuickDac() {
executeCount.set(Integer.valueOf(5));
this.ds = (DataSource)DqdpAppContext.getSpringContext().getBean("dataSource");
}
public static AuthQuickDac getContext() {
try {
lock.lock();
if(authQuickDac == null) {
authQuickDac = new AuthQuickDac();
}
} finally {
lock.unlock();
}
return authQuickDac;
}
private boolean getLook() {
try {
if(lock.tryLock(30L, TimeUnit.MILLISECONDS)) {
executeCount.set(Integer.valueOf(0));
logger.info("获取锁成功");
return true;
} else {
logger.info("在指定的时间内未能获取到锁");
if(5 <= ((Integer)executeCount.get()).intValue()) {
logger.info("系统连续5次获取锁失败");
return false;
} else {
executeCount.set(Integer.valueOf(((Integer)executeCount.get()).intValue() + 1));
return this.getLook();
}
}
} catch (InterruptedException var2) {
logger.error(var2.getMessage(), var2);
return false;
}
}
public List searchUserDeptLevelOrg(String userid) {
if(!this.getLook()) {
return null;
} else {
QuickDAC quickDAC = null;
try {
quickDAC = new QuickDAC(this.ds.getConnection());
quickDAC.preparedSql("select * from TB_USER_ROLE_DEPT_REF where USER_ID=:userid");
quickDAC.setPreValue("userid", userid);
List e = quickDAC.getList(TbUserRoleDeptRefPO.class);
ArrayList depss = new ArrayList();
if(e.size() > 0) {
Iterator var6 = e.iterator();
while(var6.hasNext()) {
TbUserRoleDeptRefPO tbUserRoleDeptRefPO = (TbUserRoleDeptRefPO)var6.next();
depss.add(tbUserRoleDeptRefPO.getOrgId());
}
}
ArrayList var8 = depss;
return var8;
} catch (Exception var11) {
logger.error(var11.getMessage(), var11);
} finally {
lock.unlock();
quickDAC.destoryWithoutConnection();
}
return null;
}
}
public List searchUserDChildLevOrg(String userid) {
if(!this.getLook()) {
return null;
} else {
QuickDAC quickDAC = null;
try {
quickDAC = new QuickDAC(this.ds.getConnection());
quickDAC.preparedSql("select * from TB_USER_ROLE_DEPT_REF where USER_ID=:userid");
quickDAC.setPreValue("userid", userid);
List e = quickDAC.getList(TbUserRoleDeptRefPO.class);
ArrayList depss = new ArrayList();
Iterator orgid = e.iterator();
while(orgid.hasNext()) {
TbUserRoleDeptRefPO list = (TbUserRoleDeptRefPO)orgid.next();
depss.add(list.getOrgId());
}
depss = (ArrayList)CollectionUtils.replaceList(depss);
ArrayList list1 = new ArrayList();
if(depss.size() > 0) {
Iterator var7 = depss.iterator();
while(var7.hasNext()) {
String orgid1 = (String)var7.next();
if(SystemCacheUtils.getOrgByOrgId(orgid1).get("IS_PARENT").toString().equalsIgnoreCase("0")) {
Map org = SystemCacheUtils.getOrgByOrgId(orgid1);
CollectionUtils.addListToList(list1, this.searchOrgByLRVal(quickDAC, org.get("LEFTVALUE").toString(), org.get("RIGHTVALUE").toString()));
}
}
}
CollectionUtils.addListToList(list1, depss);
ArrayList var10 = list1;
return var10;
} catch (Exception var13) {
logger.error(var13.getMessage(), var13);
} finally {
lock.unlock();
quickDAC.destoryWithoutConnection();
}
return null;
}
}
private List searchOrgByLRVal(QuickDAC qac, String leftVal, String rightVal) throws SQLException {
qac.preparedSql("select * from TB_DQDP_ORGANIZATION where LEFTVALUE >:leftval and RIGHTVALUE <:rightval");
qac.setPreValue("leftval", leftVal);
qac.setPreValue("rightval", rightVal);
List list = qac.getList(TbDqdpOrgPO.class);
ArrayList orgs = new ArrayList();
if(list.size() > 0) {
Iterator var7 = list.iterator();
while(var7.hasNext()) {
TbDqdpOrgPO tbDqdpOrgPO = (TbDqdpOrgPO)var7.next();
orgs.add(tbDqdpOrgPO.getOrganizationId());
}
}
return orgs;
}
}
转载于:https://www.cnblogs.com/signheart/p/35171d5442c61100204cf7b54183cf45.html
权限 粒度化 到 系统 部门 部门及子部门 个人用户相关推荐
- 根据用户所在部门id,返回所在部门id及子部门id
根据用户所在部门id,返回所在部门id及子部门id public StringBuilder getDepId(String depid) {StringBuilder result = new St ...
- Sql server 获得某一部门下的所有子部门。根据子部门获得它的上级部门。
Sql server 获得某一部门下的所有子部门.根据部门获得它的上级部门.以为要用递归呢,原来不需要的,通过自定义函数里,使用个临时表就可以了.@@RowCount作用可真不小啊. 一.准备数据 - ...
- sql查询某个部门及其所以子部门信息
– 查询id26一起研发中心及其所有子级部门 go with temp as( select * from HrmDepartment where id='26' union all select c ...
- java代码递归查找部门和子部门id
1.根据传入部门的id,查找所有子部门id,返回包含传入id和子部门id集合 2.不推荐使用,我是因为数据量小,而且访问此方法的请求少才这样写 3.推荐数据库级别sql的递归查询(我没有成功实现才这样 ...
- Java 递归查询该部门,及其下属部门,所有用户
Java 递归查询该部门,及其下属部门,所有用户: Set<User> userSet 作为传入参数,并将其作为返回值, 随着递归查询,执行 userSet.addAll(users); ...
- linux权限最小化分级,vim可视化Linux系统安全最小化原则 su sudo
一.vim在可视化模式下编辑 crl+v,会变成-- VISUAL BLOCK --,然后用上下左右键去选中. 多行注释: ESC进入命令行模式; Ctrl+v进入VISUAL BLOCK模式 上下左 ...
- SAP GRC 权限合规审计系统
引言 SAP GRC权限合规检查系统(简称AMS-R系统)是SAP ERP应用企业进行权限合规检查.违规数据抓取和IT审计的理想工具. **关键字:**SAP GRC. SAP 合规审计. SAP 财 ...
- C#实现winform软件开机自动启动并最小化到系统托盘
一.开机自动启动: 拖一个CheckBox 1.软件启动时给CheckBox重置状态: RegistryKey R_local = Registry.LocalMachine; ...
- 运维部门工作总结_部门动态 | 主动出击 超前谋划 全面做好园区网络运维工作...
随着冬季的到来 欢乐田园游客量相比客流高峰期 有所减少 公司各部门进入修整备战状态 ......... 为保障园区网络平稳良好运行 工程设备部提前部署.主动出击 狠抓网络运维保障工作 为来年迎接客流高 ...
最新文章
- HDU - 5875 2016 ACM/ICPC 大连网络赛 H题 暴力
- 行列式计算的两种方法
- 1990: 分解质因数
- mysql 文件描述符_MySQL没有发布临时文件描述符
- C++编译代码的时候提示‘getInstance’ is not a member of ‘A’ A a = A::getInstance();解决办法
- FusionCharts使用问题及解决方法(三)-FusionCharts常见问题大全
- 一段C#学习代码(实现通过积分的几何意义计算积分)
- mysql创建用户删除权限_mysql 用户创建、授权及删除、取消权限操作
- 【云计算学习教程】什么是中间件?常见中间件有哪些?
- 开发IE插件Toolbar
- 最新Gxlcms有声小说系统/小说听书系统源码
- 在线分析图片上的字体
- 3轴码垛机械臂运动学逆解
- 成为顶流平台后 新氧阳谋峥嵘显露
- html图片转换特效,css3图片切换效果
- unity制作坦克大战
- 100集华为HCIE安全培训视频教材整理 | Agile Controller终端安全管理特性(一)
- Linux的权限管理操作
- 有什么翻译pdf的软件吗?告诉你几款实用的翻译软件
- 连接ipv6服务器未响应,IPv6过渡技术未响应