package com.vci.client.framework.util; import java.util.ArrayList; import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; import java.util.Locale; import java.util.Map; import com.vci.client.LogonApplication; import com.vci.client.common.ConfigUtils; import com.vci.client.common.objects.RoleObject; import com.vci.client.common.objects.UserObject; import com.vci.client.framework.delegate.FuncOperationClientDelegate; import com.vci.client.framework.delegate.FunctionClientDelegate; import com.vci.client.framework.delegate.RightManagementClientDelegate; import com.vci.client.framework.delegate.RoleRightClientDelegate; import com.vci.client.framework.delegate.SystemCfgClientDelegate; import com.vci.client.framework.rightConfig.object.FuncOperationObject; import com.vci.client.framework.rightConfig.object.FunctionObject; import com.vci.client.framework.rightdistribution.object.RoleRightObject; import com.vci.client.ui.exception.VCIException; import com.vci.client.ui.locale.LocaleDisplay; import com.vci.client.ui.swing.VCIOptionPane; /** * 权限处理 * * @author xf * * 2012-5-22 */ public class RightControlUtil { public final static String CODE_SYSTEM_FLAG = "CodeSystem"; public final static String RM_SYSTEM_FLAT = "RMSystem"; public final static String Prefer_SYSTEM_FLAT = "PreferSystem"; public enum ThreeAdminEnum { /** * 系统管理员 */ SYSADMIN, /** * 审计管理员 */ SECADMIN, /** * 审计管理员 */ AUDITADMIN } /** * 增加、增加分类、创建规则 */ public final static String CREATE = "ADD"; /** * 修改、码值管理、 修改分类 */ public final static String UPDATE = "EDIT"; /** * 删除 、删除分类 */ public final static String DELETE = "DELETE"; /** * 剪切 */ public final static String CUT = "CUT"; /** * 粘贴 */ public final static String PASTE = "PASTE"; /** * 查询 */ public final static String SEARCH = "SEARCH"; /** * 导入 、分配部门 、 下移 */ public final static String IMPORT = "IMPORT"; /** * 集团码导出 */ public final static String EXPORT2 = "EXPORT2"; /** * 集团码导入 */ public final static String IMPORT2 = "IMPORT2"; /** * 批量导入更改 */ public final static String BATCHUPDATE = "BATCHUPDATE"; /** * 导出 、分配角色 、最上端 */ public final static String EXPORT = "EXPORT"; /** * 码值管理 */ public final static String CODEVALUEMANAGE = "CODEVALUEMANAGE"; /** * 集成配置 */ public final static String INTEGRATECONFIG = "INTEGRATECONFIG"; /** * 清除、清空表、清空码值、清除规则、重置、取消设置 */ public final static String CLEAR = "CLEAR"; /** * 冻结 、分配成员 、最下端 */ public final static String FREEZE = "FREEZE"; /** * 解冻 、停用 */ public final static String UNFREZE = "UNFREZE"; /** * 回收、启用、生成表 */ public final static String RECYCLE = "RECYCLE"; /** * 码值申请 */ public final static String CODEAPPLY = "CODEAPPLY"; /** * 授权 、上移、任务处理、设置 */ public final static String RIGHT = "RIGHT"; /** * 报废、统计、 删除表 解锁、任务取消 */ public final static String DISCARD ="DISCARD"; /** * 批量申请 */ public final static String BATCHAPPLY ="BATCHAPPLY"; /** * 批量赋码 */ public final static String BATCHASSIGN ="BATCHASSIGN"; /** * 下载文件 */ public final static String Downloadfile ="DOWNLOADFILE"; /** * 查看文件 */ public final static String Viewfile ="VIEWFILE"; /** * 查看,历史数据查看 */ public final static String VIEW ="VIEW"; /** * 属性授权 */ public final static String attrRight ="ATTRRIGHT"; /** * 分类授权 */ public final static String clsRight ="CLSRIGHT"; /** * 数据授权 */ public final static String DataRight ="DATARIGHT"; /** * 配置主数据 */ public final static String DataConfig ="DATACONFIG"; /** * 当前用户所有权限 */ // private static Map roleRightMap = new HashMap(); /** * 通过用户名获取用户有权限的子级子级模块 */ public static FunctionObject[] getFunctionsByRight(String parentId,String userName){ FunctionObject[] funcObjs = null; try { if(RightControlUtil.isDeveloper(userName)){ funcObjs = new FunctionClientDelegate().getModuleListByParentId(parentId, true); }else if(RightControlUtil.isAdmin(userName)){ funcObjs = new FunctionClientDelegate().getModuleListByParentId(parentId, false); }else{ funcObjs = new FunctionClientDelegate().getModuleListByRoleRight(parentId, userName); } } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return funcObjs; } public static FunctionObject[] getFunctionsByParentId(String parentId, String userName) { FunctionObject[] funcObjs = null; try { if(RightControlUtil.isDeveloper(userName)){ funcObjs = new FunctionClientDelegate().getChildrenFunctionsByParentId(parentId, true); } else { funcObjs = new FunctionClientDelegate().getChildrenFunctionsByParentId(parentId, false); //funcObjs = new FunctionClientDelegate().getModuleListByRoleRight(parentId, userName); } } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return funcObjs; } /** * 用户具有权限的下级节点 * @param parentId * @param userName * @return */ public static FunctionObject[] getChildrenFunctionsByUserName(String parentId, String userName) { FunctionObject[] AllFunction = getFunctionsByParentId(parentId, userName); List functionObjects = new ArrayList(); if(RightControlUtil.isDeveloper(userName) || RightControlUtil.isAdmin(userName)){ for (int i = 0; i < AllFunction.length; i++) { if (!parentId.equals(AllFunction[i].getParentId())) { continue; } functionObjects.add(AllFunction[i]); } return functionObjects.toArray(new FunctionObject[0]); } RoleRightObject[] currentUserRoleRights = getRoleRightByUserName(userName); for (int i = 0; i < AllFunction.length; i++) { if (!parentId.equals(AllFunction[i].getParentId())) { continue; } for (int j = 0; j < currentUserRoleRights.length; j++) { if (currentUserRoleRights[j].getFuncId().equals(AllFunction[i].getId())) { functionObjects.add(AllFunction[i]); break; } } } return functionObjects.toArray(new FunctionObject[0]); } /** * 获取当前用户具有权限的所有模块 * @param parentId, 父模块id * @param userName, 用户名 * @return */ public static Map> getAllChildrenFunctionsByUserName(String parentId, String userName) { FunctionObject[] AllFunction = getFunctionsByParentId(parentId, userName); Map> map = new LinkedHashMap>(); boolean isAllShow = RightControlUtil.isDeveloper(userName) || RightControlUtil.isAdmin(userName) || !isFunctionSwithOn(); //System.out.println("================= " + isAllShow + " ====================="); RoleRightObject[] currentUserRoleRights = null; if (!isAllShow) { currentUserRoleRights = getFunctionRoleRightByUserName(userName); } boolean isHasRight = false; for (int i = 0; i < AllFunction.length; i++) { isHasRight = false; if (isAllShow) { isHasRight = true; } else { for (int j = 0; j < currentUserRoleRights.length; j++) { if (!isAllShow && !currentUserRoleRights[j].getFuncId().equals(AllFunction[i].getId())) { continue; } isHasRight = true; break; } } if (!isHasRight) { continue; } String cparentId = AllFunction[i].getParentId(); List clist = null; if (map.containsKey(cparentId)) { clist = map.get(cparentId); } else { clist = new ArrayList(); } clist.add(AllFunction[i]); map.put(cparentId, clist); } return map; } /** * 获取当前用户具有权限的所有模块 * @param parentId, 父模块id * @param userName, 用户名 * @param currentUserRoleRights, 当前用户具有的权限 * @return */ public static Map> getAllChildrenFunctionsByUserName(String parentId, String userName, RoleRightObject[] userRoleRights) { Map> mapRight = new LinkedHashMap>(); for (int i = 0; i < userRoleRights.length; i++) { RoleRightObject right = userRoleRights[i]; List lstRight = null; if (mapRight.containsKey(right.getFuncId())) { lstRight = mapRight.get(right.getFuncId()); } else { lstRight = new ArrayList(); } lstRight.add(right); mapRight.put(right.getFuncId(), lstRight); } FunctionObject[] AllFunction = getFunctionsByParentId(parentId, userName); Map> map = new LinkedHashMap>(); boolean isAllShow = RightControlUtil.isDeveloper(userName) || RightControlUtil.isAdmin(userName) || !isFunctionSwithOn(); boolean isHasRight = false; FunctionObject func; for (int i = 0; i < AllFunction.length; i++) { func = AllFunction[i]; //System.out.println("=== FUNC:ID=" + func.getId()+ " ParentID=" + func.getParentId() + "; Name=" + func.getName()); isHasRight = false; if (isAllShow) { isHasRight = true; } else { List lstRight = null; if (mapRight.containsKey(func.getId())) { lstRight = mapRight.get(func.getId()); //System.out.println(" === 有授权信息"); } if (lstRight == null) isHasRight = false; else{ if (lstRight.size() > 0) isHasRight = true; // for (int j = 0; j < lstRight.size(); j++) { // long lRight = lstRight.get(j).getRightValue(); // if (lRight != 0){ // isHasRight = true; // //System.out.println(" === 有授权"); // // break; // } // } } } if (!isHasRight) { continue; } String cparentId = func.getParentId(); //System.out.println("####==== ParentId=" + cparentId + "; Func=" + func.getName()); List lstFunc = null; if (map.containsKey(cparentId)) { lstFunc = map.get(cparentId); } else { lstFunc = new ArrayList(); } lstFunc.add(func); map.put(cparentId, lstFunc); } return map; } public static Map> getAllChildrenFunctionsByUserNameV2(String parentId, String userName, RoleRightObject[] currentUserRoleRights) { Map> map = new LinkedHashMap>(); try{ FunctionObject[] functions = new FunctionClientDelegate().getModuleListByParentId(parentId, true); for (int i = 0; i < functions.length; i++){ String cparentId = functions[i].getParentId(); List clist = null; if (map.containsKey(cparentId)) { clist = map.get(cparentId); } else { clist = new ArrayList(); } clist.add(functions[i]); map.put(cparentId, clist); getSubChildrenFunctions(functions[i].getId(), userName, map); } return map; } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return map; /*FunctionObject[] AllFunction = getFunctionsByParentId(parentId, userName); Map> map = new LinkedHashMap>(); boolean isAllShow = RightControlUtil.isDeveloper(userName) || RightControlUtil.isAdmin(userName) || !isFunctionSwithOn(); boolean isHasRight = false; for (int i = 0; i < AllFunction.length; i++) { isHasRight = false; if (isAllShow) { isHasRight = true; } else { for (int j = 0; j < currentUserRoleRights.length; j++) { if (currentUserRoleRights[j].getFuncId().equals(AllFunction[i].getId())) { long lRight = currentUserRoleRights[j].getRightValue(); if (lRight != 0){ isHasRight = true; break; } } //isHasRight = true; //break; } } if (!isHasRight) { continue; } String cparentId = AllFunction[i].getParentId(); List clist = null; if (map.containsKey(cparentId)) { clist = map.get(cparentId); } else { clist = new ArrayList(); } clist.add(AllFunction[i]); map.put(cparentId, clist); } return map;*/ } public static void getSubChildrenFunctions(String parentId, String userName, Map> map) { try{ FunctionObject[] functions = new FunctionClientDelegate().getModuleListByParentId(parentId, true); for (int i = 0; i < functions.length; i++){ String cparentId = functions[i].getParentId(); List clist = null; if (map.containsKey(cparentId)) { clist = map.get(cparentId); } else { clist = new ArrayList(); } clist.add(functions[i]); map.put(cparentId, clist); getSubChildrenFunctions(functions[i].getId(), userName, map); } } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } /*FunctionObject[] AllFunction = getFunctionsByParentId(parentId, userName); Map> map = new LinkedHashMap>(); boolean isAllShow = RightControlUtil.isDeveloper(userName) || RightControlUtil.isAdmin(userName) || !isFunctionSwithOn(); boolean isHasRight = false; for (int i = 0; i < AllFunction.length; i++) { isHasRight = false; if (isAllShow) { isHasRight = true; } else { for (int j = 0; j < currentUserRoleRights.length; j++) { if (currentUserRoleRights[j].getFuncId().equals(AllFunction[i].getId())) { long lRight = currentUserRoleRights[j].getRightValue(); if (lRight != 0){ isHasRight = true; break; } } //isHasRight = true; //break; } } if (!isHasRight) { continue; } String cparentId = AllFunction[i].getParentId(); List clist = null; if (map.containsKey(cparentId)) { clist = map.get(cparentId); } else { clist = new ArrayList(); } clist.add(AllFunction[i]); map.put(cparentId, clist); } return map;*/ } /** * 判断功能权限是否开启 * @return */ public static boolean isFunctionSwithOn() { String functionRightSwith = ConfigUtils.getConfigValue("function.right.swith"); if(functionRightSwith != null && "on".equalsIgnoreCase(functionRightSwith)){ return true; } return false; } /** * 判断UI权限是否开启 * @return */ public static boolean isUIRightSwithOn() { String functionRightSwith = ConfigUtils.getConfigValue("ui.right.swith"); if(functionRightSwith != null && "on".equalsIgnoreCase(functionRightSwith)){ return true; } return false; } /** * 获取当前用户的权限 * @param parentId * @param userName * @return */ public static RoleRightObject[] getRoleRightByUserName(String userName){ RoleRightObject[] roleRightObjs = null; try { roleRightObjs = new RoleRightClientDelegate().getRoleRightByUserName(userName); } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return roleRightObjs; } public static Map> getRoleRightMapByUserName(String userName){ Map> mapRight = new HashMap>(); try { RoleRightObject[] rights = new RoleRightClientDelegate().getRoleRightByUserName(userName); for (RoleRightObject right : rights) { if (!mapRight.containsKey(right.getFuncId())) mapRight.put(right.getFuncId(), new ArrayList()); mapRight.get(right.getFuncId()).add(right); } } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return mapRight; } /** * 获取当前用户具有的功能模块权限 * @param userName * @return */ public static RoleRightObject[] getFunctionRoleRightByUserName(String userName){ RoleRightObject[] roleRightObjs = null; try { roleRightObjs = new RoleRightClientDelegate().getFunctionRoleRightByUserName(userName); } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return roleRightObjs; } public static Map> getFunctionRoleRightMapByUserName(String userName){ Map> mapRight = new HashMap>(); try { RoleRightObject[] rights = new RoleRightClientDelegate().getFunctionRoleRightByUserName(userName); for (RoleRightObject right : rights) { if (!mapRight.containsKey(right.getFuncId())) mapRight.put(right.getFuncId(), new ArrayList()); mapRight.get(right.getFuncId()).add(right); } } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return mapRight; } /** * 获得当前用户权限 * @param userName * @param currentUserRoleRights * @return */ public static RoleRightObject[] getRoleRightByUserName(String userName, RoleRightObject[] currentUserRoleRights){ RoleRightObject[] roleRightObjs = null; try { if (currentUserRoleRights == null || currentUserRoleRights.length == 0) { roleRightObjs = new RoleRightClientDelegate().getRoleRightByUserName(userName); } else { return currentUserRoleRights; } } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return roleRightObjs; } /** * 根据模块ID和用户名获取当前用户对当前模块的权限 * @param funcId * @param userName * @return */ public static boolean checkOperateRightByModule(String funcId,String identify){ String userName = LogonApplication.getUserEntityObject().getUserName(); if(RightControlUtil.isDeveloper(userName)){ return true; } try { RoleRightObject[] roleRightObjs = new RoleRightClientDelegate().getRoleRightByModule(funcId, userName); FuncOperationObject funcOperation = new FuncOperationClientDelegate().getFuncOperationByIdentify(funcId, identify); /**modify by ligang 当操作类型为空时,系统取的operNum的值是默认的0,权限加载出错 *funcOperation为空时,表明操作在该模块中没有配置 *直接返回fasle,系统不处理 */ if("".equals(funcOperation.getId())) { return false; } if (!funcOperation.getIsValid()) { return false; } if(RightControlUtil.isAdmin(userName)){ return true; } long operNum = funcOperation.getNumber(); for(int i = 0;i < roleRightObjs.length;i++){ if(hasRight(roleRightObjs[i].getRightValue(),operNum)){ return true; } } } catch (VCIException e) { e.printStackTrace(); VCIOptionPane.showError(LogonApplication.frame, LocaleDisplay.getI18nString(e, "RMIPFramework", Locale.getDefault())); } return false; } private static boolean hasRight(long rightValue, long operNum){ boolean res = false; //long preValue = (long)Math.pow(2, operNum); long preValue = (rightValue >> operNum) & 1; //if(preValue == (rightValue & preValue)){ if (preValue == 1) { res = true; } return res; } // add by xchao 2012.09.20 统一归整管理员、开发者用户判断 // 以便将来有可能修改管理员、开发者用户,对于判断依然有效 private static String userNameAdmin = getValueByKey("user.admin"); private static String userNameDeveloper = getValueByKey("user.developer"); private static String userNameRoot = getValueByKey("user.rooter"); public static String getUserNameRoot() { return userNameRoot; } public static String getUserNameAdmin() { return userNameAdmin; } public static String getUserNameDeveloper() { return userNameDeveloper; } public static boolean isAdmin(String userName){ return userName.equals(getUserNameAdmin()); } public static boolean isDeveloper(String userName){ return userName.equals(getUserNameDeveloper()); } public static boolean isRoot(String userName){ return userName.equals(getUserNameRoot()); } public static boolean isAdminOrDeveloperOrRoot(String userName){ return isAdmin(userName) || isDeveloper(userName)||isRoot(userName); } public static boolean isThreeAdmin(ThreeAdminEnum eType) { RightManagementClientDelegate delegate = new RightManagementClientDelegate(LogonApplication.getUserEntityObject()); UserObject user = LogonApplication.getUserObject(); try { RoleObject[] roles = delegate.fetchRoleInfoByUserId(user.getId()); for (RoleObject role : roles) { if (eType == ThreeAdminEnum.SYSADMIN && role.getName().equalsIgnoreCase("系统管理员")){ return true; } else if (eType == ThreeAdminEnum.SECADMIN && role.getName().equalsIgnoreCase("安全管理员")){ return true; } else if (eType == ThreeAdminEnum.AUDITADMIN && role.getName().equalsIgnoreCase("审计管理员")){ return true; } } } catch (VCIException e) { // TODO Auto-generated catch block e.printStackTrace(); } return false; } public static boolean isThreeAdmin(String userName, ThreeAdminEnum eType) { RightManagementClientDelegate delegate = new RightManagementClientDelegate(LogonApplication.getUserEntityObject()); try { RoleObject[] roles = delegate.fetchRoleInfoByUserName(userName); for (RoleObject role : roles) { if (eType == ThreeAdminEnum.SYSADMIN && role.getName().equalsIgnoreCase("系统管理员")){ return true; } else if (eType == ThreeAdminEnum.SECADMIN && role.getName().equalsIgnoreCase("安全管理员")){ return true; } else if (eType == ThreeAdminEnum.AUDITADMIN && role.getName().equalsIgnoreCase("审计管理员")){ return true; } } } catch (VCIException e) { // TODO Auto-generated catch block e.printStackTrace(); } return false; } public static boolean isThreeAdminCurUser() { RightManagementClientDelegate delegate = new RightManagementClientDelegate(LogonApplication.getUserEntityObject()); UserObject user = LogonApplication.getUserObject(); try { RoleObject[] roles = delegate.fetchRoleInfoByUserId(user.getId()); for (RoleObject role : roles) { if (role.getName().equalsIgnoreCase("系统管理员")){ return true; } else if (role.getName().equalsIgnoreCase("安全管理员")){ return true; } else if (role.getName().equalsIgnoreCase("审计管理员")){ return true; } } } catch (VCIException e) { // TODO Auto-generated catch block e.printStackTrace(); } return false; } public static boolean isThreeAdmin(String userName) { RightManagementClientDelegate delegate = new RightManagementClientDelegate(LogonApplication.getUserEntityObject()); //UserObject user = LogonApplication.getUserObject(); try { RoleObject[] roles = delegate.fetchRoleInfoByUserName(userName); for (RoleObject role : roles) { if (role.getName().equalsIgnoreCase("系统管理员")){ return true; } else if (role.getName().equalsIgnoreCase("安全管理员")){ return true; } else if (role.getName().equalsIgnoreCase("审计管理员")){ return true; } } } catch (VCIException e) { // TODO Auto-generated catch block e.printStackTrace(); } return false; } private static String getValueByKey(String key){ String res = ""; try{ res = new SystemCfgClientDelegate().getConfigValue(key); }catch(VCIException ex){ ex.printStackTrace(); } return res; } }