package dynamic.sys; import com.alibaba.druid.util.StringUtils; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import dynamic.model.Sys_Admins; import dynamic.utills.JsonUtil; import microbee.http.annotation.Controller; import microbee.http.annotation.ExcludeL; import microbee.http.annotation.ModelResources; import microbee.http.apps.dbnet.ConditionPJ; import microbee.http.apps.dbnet.Sequence; import microbee.http.apps.dynamic.HoContext; import microbee.http.utills.EmailSenderUtil; import java.awt.image.BufferedImage; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.text.SimpleDateFormat; import java.util.*; @Controller public class Sys_Permission { @ModelResources Sys_Admins sys_admins; /** * 登录接口 * @param hoContext * @return */ @ExcludeL public String sys_doLogin(HoContext hoContext){ // 获取参数 Map params = hoContext.httpRequest.getParams(); String pwd = params.get("pwd"); String yzma = params.get("yzma"); Map resultmap = new HashMap(); String uname = params.get("uname"); resultmap.put("loginStatus",9);//登录成功 resultmap.put("uname",uname); //判断uname是否为空 if(StringUtils.isEmpty(uname)){ resultmap.put("loginStatus",1); //用户名为空 return JSON.toJSONString(resultmap); } //判断pwd是否为空 if(StringUtils.isEmpty(pwd)){ //密码为空 resultmap.put("loginStatus",2); return JSON.toJSONString(resultmap); } if(StringUtils.isEmpty(yzma)){ //验证码为空 resultmap.put("loginStatus",3); return JSON.toJSONString(resultmap); } String yanz = hoContext.httpRequest.getSession("yzcode")==null?null:hoContext.httpRequest.getSession("yzcode").toString(); if(!yzma.equalsIgnoreCase(yanz)){ resultmap.put("loginStatus",4); //验证码错误 return JSON.toJSONString(resultmap); } // 将参数添加到list集合中 List datas = new ArrayList(); //添加uname datas.add(uname); //根据uname查询admin String sql = "select * from sys_admins where uname = ? limit 1"; List> listadmin = hoContext.dataActions.connActionQuery(sql, datas); if(listadmin.size()<1){ resultmap.put("loginStatus",5); //无此用户 return JSON.toJSONString(resultmap); } System.out.println(JSON.toJSONString(listadmin)); String dbpwd = listadmin.get(0).get("pwd").toString(); String inputpwd = codeRe(pwd); if(!dbpwd.equals(inputpwd)){ resultmap.put("loginStatus",6); //密码错误 return JSON.toJSONString(resultmap); } listadmin.get(0).remove("pwd"); hoContext.httpRequest.setSession("admin",listadmin.get(0)); //根据当前登录用户oid查询该用户所属机构信息 int oid = Integer.parseInt(listadmin.get(0).get("oid").toString()); //根据oid查询organization String organization_sql = "select * from sys_organization where id = ? "; List organizations = new ArrayList(); organizations.add(oid); List> organization_res = hoContext.dataActions.connActionQuery(organization_sql,organizations); String oname =""; for (Map organizationmap:organization_res ) { //获取oname值 oname = organizationmap.get("oname").toString(); } resultmap.put("oname",oname); resultmap.put("oid",listadmin.get(0).get("oid")); resultmap.put("rid",listadmin.get(0).get("rid")); resultmap.put("bid",listadmin.get(0).get("bid")); resultmap.put("id",listadmin.get(0).get("id")); resultmap.put("status",listadmin.get(0).get("status")); resultmap.put("rtime",listadmin.get(0).get("rtime")); return JSON.toJSONString(resultmap); } /** * 获取权限菜单(按pid) * @param hoContext * @return */ public String sys_manulst(HoContext hoContext){ // 获取参数 Map params = hoContext.httpRequest.getParams(); String pid = params.get("pid"); Map resultMap = new HashMap(); Object admins = hoContext.httpRequest.getSession("admin"); Map adminmap = (Map) admins; if(admins==null){ resultMap.put("1001","no login"); return JSON.toJSONString(resultMap); } int rid = Integer.parseInt(adminmap.get("rid").toString()); //获取role List roledatas = new ArrayList(); roledatas.add(rid); String role_sql = "select * from sys_role where id = ? "; List> role_res = hoContext.dataActions.connActionQuery(role_sql,roledatas); if(role_res.size()<1){ resultMap.put("1001","role is empty"); return JSON.toJSONString(resultMap); } //获取Permission List permissiondatas = new ArrayList(); permissiondatas.add(pid); String permission_sql = "select * from sys_permission where pid = ? order by rand"; List> permission_res = hoContext.dataActions.connActionQuery(permission_sql,permissiondatas); if(permission_res.size()<1){ resultMap.put("1001","permissions is empty"); return JSON.toJSONString(resultMap); } List> reprmss = new ArrayList<>(); //我的权限 String permissions =role_res.get(0).get("permission").toString(); List prmid = Arrays.asList(permissions.split("@")); for (Map permission:permission_res){ //判断是否在权限表中 if(prmid.contains(permission.get("id")+"")){ reprmss.add(permission); } } reprmss = removeDuplicate(reprmss);//去重复 resultMap.put("1000",reprmss); return JSON.toJSONString(resultMap); } /** * 获取所有权限菜单 */ public String sys_manulstAll(HoContext hoContext){ // 获取参数 Map params = hoContext.httpRequest.getParams(); Map resultMap = new HashMap(); Object admins = hoContext.httpRequest.getSession("admin"); Map adminmap = (Map) admins; if(admins==null){ resultMap.put("1001","no login"); return JSON.toJSONString(resultMap); } int rid = Integer.parseInt(adminmap.get("rid").toString()); //获取role List roledatas = new ArrayList(); roledatas.add(rid); String role_sql = "select * from sys_role where id = ? "; List> role_res = hoContext.dataActions.connActionQuery(role_sql,roledatas); if(role_res.size()<1){ resultMap.put("1001","role is empty"); return JSON.toJSONString(resultMap); } //获取Permission List permissiondatas = new ArrayList(); String permission_sql = "select * from sys_permission order by rand"; List> permission_res = hoContext.dataActions.connActionQuery(permission_sql,permissiondatas); if(permission_res.size()<1){ resultMap.put("1001","permissions is empty"); return JSON.toJSONString(resultMap); } List> reprmss = new ArrayList<>(); //我的权限 String permissions =role_res.get(0).get("permission").toString(); List prmid = Arrays.asList(permissions.split("@")); for (Map permission:permission_res){ //判断是否在权限表中 if(prmid.contains(permission.get("id")+"")){ reprmss.add(permission); } } List> resp = new ArrayList<>(); //组装三级结构 resp = parseMenuTree(reprmss); resultMap.put("1000",resp); return JSON.toJSONString(resultMap); } /** * @方法名: parseMenuTree
* @描述: 组装菜单
* @param list 数据库里面获取到的全量菜单列表 * @return */ private List> parseMenuTree(List> list){ List> result = new ArrayList<>(); // 1、获取第一级节点 for (Map menu:list ) { if(0 ==Integer.parseInt(menu.get("pid").toString())){ result.add(menu); } } // 2、递归获取子节点 for (Map parent:result) { parent = recursiveTree(parent, list); } return result; } /** * 组装数据 * @param parent * @param list * @return */ public Map recursiveTree(Map parent, List> list) { List> ChildsNode = new ArrayList<>(); for (Map menu:list ) { if(Objects.equals(parent.get("id"),menu.get("pid"))) { menu = recursiveTree(menu, list); ChildsNode.add(menu); parent.put("ChildsNode",ChildsNode); } } return parent; } /** * 添加管理员用户 * @param hoContext * @return */ public String addadmin(HoContext hoContext){ SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); Map result = new HashMap(); result.put("code",500); result.put("msg","失败"); Map params = hoContext.httpRequest.getParams(); Map paramsItem = new HashMap(); paramsItem.put("uname",params.get("uname")); paramsItem.put("pwd", codeRe(params.get("pwd"))); paramsItem.put("phone",params.get("phone")); paramsItem.put("email",params.get("email")); paramsItem.put("status",params.get("status")); paramsItem.put("rid",params.get("rid")); paramsItem.put("oid",params.get("oid")); paramsItem.put("county",params.get("county")); paramsItem.put("business",params.get("business")); paramsItem.put("bid",params.get("bid")); paramsItem.put("rtime",sdf.format(new Date())); String res = hoContext.dataActions.connActionInsert("sys_admins", paramsItem); // 判断是否添加成功 int key = Integer.parseInt(String.valueOf(JsonUtil.parseJSONMap(res).get("GENERATED_KEY"))); if (key>0){ result.put("code",200); result.put("msg","成功"); } return JSON.toJSONString(result); } /** * 修改管理员用户 * @param hoContext * @return */ public String upadmin(HoContext hoContext){ Map result = new HashMap(); result.put("code",500); result.put("msg","失败"); Map params = hoContext.httpRequest.getParams(); Map up_sets = new HashMap<>(); up_sets.put("uname",params.get("uname")); if(params.get("pwd")!=null){ up_sets.put("pwd", codeRe(params.get("pwd"))); } up_sets.put("phone",params.get("phone")); up_sets.put("email",params.get("email")); up_sets.put("status",params.get("status")); up_sets.put("rid",params.get("rid")); up_sets.put("oid",params.get("oid")); up_sets.put("county",params.get("county")); up_sets.put("business",params.get("business")); up_sets.put("bid",params.get("bid")==null ? 0:params.get("bid")); List condition = new ArrayList<>(); ConditionPJ conditionPJ = new ConditionPJ(); conditionPJ.setLgc(1); conditionPJ.setKy("id"); conditionPJ.setOprt("mcb_eq"); conditionPJ.setVl(params.get("id")); condition.add(conditionPJ); //根据id修改管理员 String res = hoContext.dataActions.connActionRenew("sys_admins",up_sets,condition); JSONObject up_jsonObject = JSONObject.parseObject(res); String up_res = up_jsonObject.get("res").toString(); if("1".equals(up_res)){ result.put("code",200); result.put("msg","成功"); } return JSON.toJSONString(result); } /** * 密码生成 * @param str * @return */ public String codeRe(String str){ /** 创建MD5加密对象 */ MessageDigest md5 = null; try { md5 = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } /** 进行加密 */ md5.update(str.getBytes()); /** 获取加密后的字节数组 */ byte[] md5Bytes = md5.digest(); String res = ""; for (int i = 0; i < md5Bytes.length; i++){ int temp = md5Bytes[i] & 0xFF; if (temp <= 0XF){ // 转化成十六进制不够两位,前面加零 res += "0"; } res += Integer.toHexString(temp); } return res; } /** * list去重复 * @param list * @return */ public List removeDuplicate(List> list) { for ( int i = 0 ; i < list.size() - 1 ; i ++ ) { for ( int j = list.size() - 1 ; j > i; j -- ) { if (list.get(j).get("id")==(list.get(i).get("id"))) { list.remove(j); } } } return list; } /** * 获取验证码 * @param hoContext * @return */ @ExcludeL public void yanzhenga(HoContext hoContext) { CodeCheck codeCheck = new CodeCheck(); Map image = codeCheck.getImage(); hoContext.httpRequest.setSession("yzcode", image.get("code")); System.out.println(hoContext.httpRequest.getSession("yzcode")); hoContext.httpResponse.printImage((BufferedImage) image.get("image")); } /** * 退出登录 * @param hoContext * @return */ public String loginout(HoContext hoContext){ //定义返回值 Map resultmap = new HashMap(); hoContext.httpRequest.setSession("admin",null); Object admins = hoContext.httpRequest.getSession("admin"); if(admins!=null && admins!=""){ hoContext.httpRequest.setSession("admin",null); } resultmap.put("code","1000"); resultmap.put("msg","退出成功"); return JSON.toJSONString(resultmap); } /** * 发送验证码到Email中 * * @param hoContext * @return */ @ExcludeL public String sendEmail(HoContext hoContext) { Map res = new HashMap<>(); Map params = hoContext.httpRequest.getParams(); String uname = params.get("uname"); String email = params.get("email"); if(StringUtils.isEmpty(uname)){ res.put("code", 1); res.put("msg", "账号不能为空!"); return JSONObject.toJSONString(res); } if(StringUtils.isEmpty(email)){ res.put("code", 2); res.put("msg", "邮箱不能为空!"); return JSONObject.toJSONString(res); } EmailSenderUtil emailSenderUtil = new EmailSenderUtil("", "bzLIl1Ksrs20Vsqa", "", ""); //根据账号用户表 List conditionPJList = new ArrayList<>(); conditionPJList.add(ConditionPJ.init(1, "uname", "mcb_eq", uname)); List> listzh = sys_admins.gainAll(conditionPJList, Sequence.init("id", 0)); if (listzh.size() < 1) { res.put("code", 3); res.put("msg", "未找到该账号!"); return JSONObject.toJSONString(res); } //根据账号和邮箱查询用户表信息 conditionPJList.add(ConditionPJ.init(1, "email", "mcb_eq", email)); List> list = sys_admins.gainAll(conditionPJList, Sequence.init("id", 0)); //判断list大于零证明有此账户 if (list.size() < 1) { res.put("code", 4); res.put("msg", "账号和邮箱不匹配请验证后在发送!"); return JSONObject.toJSONString(res); } //根据账号和邮箱发送验证码到邮箱 String code = generateCode(); try { emailSenderUtil.sendEmail(email, "密码重置消息", "您的账号:" + uname + "验证码为 ( " + code + " )"); String key = uname +"_code"; hoContext.httpRequest.setSession(key, code); res.put("code",9); res.put("msg","发送成功!"); } catch (Exception e) { e.printStackTrace(); res.put("code", 5); res.put("msg", "邮箱发送异常!"); return JSONObject.toJSONString(res); } return JSONObject.toJSONString(res); } //生成6位验证码 public static String generateCode() { SecureRandom random = new SecureRandom(); StringBuilder code = new StringBuilder(); for (int i = 0; i < 6; i++) { code.append(random.nextInt(10)); } return code.toString(); } /** * 密码修改 * * @param hoContext * @return */ @ExcludeL public String uppwd(HoContext hoContext) { Map res = new HashMap<>(); res.put("code",9); res.put("msg","修改成功!"); Map params = hoContext.httpRequest.getParams(); String uname = params.get("uname"); String pwd = params.get("pwd"); String code = params.get("code"); if (StringUtils.isEmpty(uname)) { res.put("code", 1); res.put("msg", "用户名称不能为空!"); return JSONObject.toJSONString(res); } if (StringUtils.isEmpty(pwd)) { res.put("code", 2); res.put("msg", "用户密码不能为空!"); return JSONObject.toJSONString(res); } if (StringUtils.isEmpty(code)) { res.put("code", 3); res.put("msg", "验证码不能为空!"); return JSONObject.toJSONString(res); } String key = uname +"_code"; String yanz = hoContext.httpRequest.getSession(key) == null ? null : hoContext.httpRequest.getSession(uname + "_code").toString(); if (!code.equalsIgnoreCase(yanz)) { res.put("code", 4); res.put("msg", "验证码错误!"); return JSON.toJSONString(res); } //根据账号用户表 List conditionPJList = new ArrayList<>(); conditionPJList.add(ConditionPJ.init(1, "uname", "mcb_eq", uname)); List> listzh = sys_admins.gainAll(conditionPJList, Sequence.init("id", 0)); if (listzh.size() < 1) { res.put("code", 5); res.put("msg", "未找到该账号!"); return JSONObject.toJSONString(res); } Map hashMap = new HashMap<>(); hashMap.put("pwd", codeRe(pwd)); // 根据名称更新密码数据 boolean byIdbo = sys_admins.updateByIdbo(hashMap, listzh.get(0).get("id")); if(!byIdbo){ res.put("code", 6); res.put("msg", "密码更新失败!"); return JSONObject.toJSONString(res); } return JSONObject.toJSONString(res); } }