package restcontroller.webmanage.role; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import common.Controller; import common.YosException; import common.annotation.API; import common.annotation.CACHEING; import common.annotation.CACHEING_CLEAN; import common.annotation.cm; import common.data.Row; import common.data.Rows; import common.data.RowsMap; import common.data.SQLFactory; import restcontroller.R; import java.util.ArrayList; import java.util.HashMap; @API(title = "管理端-权限管理") public class role extends Controller { public role(JSONObject content) throws YosException { super(content); } @API(title = "角色列表查询", apiversion = R.ID20221101131902.v1.class) @CACHEING public String query_roleList() throws YosException { /* 过滤条件设置 */ StringBuffer where = new StringBuffer(" 1=1 "); if (content.containsKey("where")) { JSONObject whereObject = content.getJSONObject("where"); if (whereObject.containsKey("condition") && !"".equals(whereObject.getString("condition"))) { where.append(" and("); where.append("t1.rolename like'%").append(whereObject.getString("condition")).append("%' "); where.append("or t1.remarks like'%").append(whereObject.getString("condition")).append("%' "); where.append(")"); } if (whereObject.containsKey("usertype") && !"".equals(whereObject.getString("usertype"))) { where.append(" and("); where.append("t1.usertype like'%").append(whereObject.getString("usertype")).append("%' "); where.append(")"); } if (whereObject.containsKey("issystem") && !"".equals(whereObject.getString("issystem"))) { where.append(" and("); where.append("t1.issystem ='").append(whereObject.getString("issystem")).append("'"); where.append(")"); } } SQLFactory sqlFactory = new SQLFactory(this, "角色列表查询", pageSize, pageNumber, pageSorting); sqlFactory.addParameter("siteid", siteid); sqlFactory.addParameter_SQL("where", where); Rows rows = dbConnect.runSqlQuery(sqlFactory); HashMap usertypemap = getOptionType("usertype"); for (Row row : rows) { row.put("usertypename", usertypemap.get(row.getString("usertype"))); } return getSucReturnObject().setData(rows).toString(); } @API(title = "角色详情查询") @CACHEING public String query_roleMain() throws YosException { long roleid = content.getLong("roleid"); SQLFactory rolesql = new SQLFactory(this, "角色详情查询"); rolesql.addParameter("roleid", roleid); rolesql.addParameter("siteid", siteid); Rows roleRows = dbConnect.runSqlQuery(rolesql); for (Row roleRow : roleRows) { roleRow.put("usertypename", getOptionType("usertype").get(roleRow.getString("usertype"))); SQLFactory appsql = new SQLFactory(this, "角色详情查询_授权应用"); StringBuffer where = new StringBuffer(" 1=1 "); if (content.containsKey("where")) { JSONObject whereObject = content.getJSONObject("where"); if (whereObject.containsKey("condition") && !"".equals(whereObject.getString("condition"))) { where.append(" and("); where.append("t4.systemappname like'%").append(whereObject.getString("condition")).append("%' "); where.append("or t3.systemmodulename like'%").append(whereObject.getString("condition")).append("%' "); where.append("or t1.systemname like'%").append(whereObject.getString("condition")).append("%' "); where.append(")"); } } appsql.addParameter_SQL("where", where); appsql.addParameter("roleid", roleid); Rows appRows = dbConnect.runSqlQuery(appsql); SQLFactory optionsql = new SQLFactory(this, "角色详情查询_授权功能"); optionsql.addParameter("roleid", roleid); RowsMap optionRowsMap = dbConnect.runSqlQuery(optionsql).toRowsMap("systemappid"); SQLFactory fieldlimitsql = new SQLFactory(this, "角色详情查询_隐藏栏位限制"); fieldlimitsql.addParameter("roleid", roleid); RowsMap fieldlimitRowsMap = dbConnect.runSqlQuery(fieldlimitsql).toRowsMap("systemappid"); for (Row appRow : appRows) { appRow.put("options", optionRowsMap.get(appRow.getString("systemappid"))); appRow.put("hiddenfields", fieldlimitRowsMap.get(appRow.getString("systemappid"))); } roleRow.put("apps", appRows); } return getSucReturnObject().setData(roleRows.get(0)).toString(); } @API(title = "角色新增修改") @CACHEING_CLEAN(cms = {@cm(clazz = role.class, method = {"query_roleList", "query_roleMain"})}) public String insertormodify_role() throws YosException { long roleid = content.getLongValue("roleid"); String rolename = content.getString("rolename", "sys_role"); String remarks = content.getString("remarks", "sys_role"); String usertype = content.getString("usertype", "sys_role"); JSONArray fielddatatypelimit = new JSONArray(); if (content.containsKey("fielddatatypelimit")) { fielddatatypelimit = content.getJSONArray("fielddatatypelimit"); } SQLFactory sqlFactory = null; if (roleid <= 0 || dbConnect.runSqlQuery("select roleid from sys_role where roleid=" + roleid).isEmpty()) { roleid = createTableID("sys_role"); sqlFactory = new SQLFactory(this, "角色新增"); sqlFactory.addParameter("roleid", roleid); sqlFactory.addParameter("isshieldinfo", content.getLongValue("isshieldinfo")); sqlFactory.addParameter("siteid", siteid); sqlFactory.addParameter("rolename", rolename); sqlFactory.addParameter("remarks", remarks); sqlFactory.addParameter("usertype", usertype); sqlFactory.addParameter("fielddatatypelimit", fielddatatypelimit); sqlFactory.addParameter("createby", username); content.put("roleid", roleid); } else { if (dbConnect.runSqlQuery("select * from sys_role where issystem=1 and roleid=" + roleid).isNotEmpty()) { //return getErrReturnObject().setErrMsg("系统预设权限组不可修改").toString(); } sqlFactory = new SQLFactory(this, "角色修改"); sqlFactory.addParameter("roleid", roleid); sqlFactory.addParameter("rolename", rolename); sqlFactory.addParameter("isshieldinfo", content.getLongValue("isshieldinfo")); sqlFactory.addParameter("remarks", remarks); sqlFactory.addParameter("usertype", usertype); sqlFactory.addParameter("changeby", username); sqlFactory.addParameter("fielddatatypelimit", fielddatatypelimit); } dbConnect.runSqlUpdate(sqlFactory); return query_roleMain(); } @API(title = "角色删除", apiversion = R.ID20221101132002.v1.class) @CACHEING_CLEAN(cms = {@cm(clazz = role.class, method = {"query_roleList", "query_roleMain"})}) public String delete_role() throws YosException { JSONArray roleids = content.getJSONArray("roleids"); String sql = "select * from sys_role where issystem=1 and roleid in " + roleids.toJavaList(Long.class); sql = sql.replace("[", "(").replace("]", ")"); if (dbConnect.runSqlQuery(sql).isNotEmpty()) { return getErrReturnObject().setErrMsg("系统预设权限组不可删除").toString(); } ArrayList sqlilist = new ArrayList<>(); for (Object id : roleids) { Long roleid = Long.parseLong(id.toString()); sqlilist.add("delete from sys_role where roleid=" + roleid); sqlilist.add("delete from sys_roleappoptionauth where roleid=" + roleid); sqlilist.add("delete from sys_roleapphiddenfieldlimit where roleid=" + roleid); sqlilist.add("delete from sys_userrole where roleid=" + roleid); sqlilist.add("delete from sys_role_datalimit where roleid=" + roleid); sqlilist.add("delete from sys_rolereportauth where roleid=" + roleid); } dbConnect.runSqlUpdate(sqlilist); for (Object id : roleids) { Long roleid = Long.parseLong(id.toString()); logroleout(roleid); } return getSucReturnObject().toString(); } /** * 系统应用选择 * * @return */ @API(title = "角色授权系统应用选择") @CACHEING public String query_appselect() throws YosException { /* 过滤条件设置 */ StringBuffer where = new StringBuffer(" 1=1 "); if (content.containsKey("where")) { JSONObject whereObject = content.getJSONObject("where"); if (whereObject.containsKey("condition") && !"".equals(whereObject.getString("condition"))) { where.append(" and("); where.append("t1.systemname like'%").append(whereObject.getString("condition")).append("%' "); where.append("or t2.systemclientname like'%").append(whereObject.getString("condition")).append("%' "); where.append("or t3.systemmodulename like'%").append(whereObject.getString("condition")).append("%' "); where.append("or t4.systemappname like'%").append(whereObject.getString("condition")).append("%' "); where.append(")"); } if (whereObject.containsKey("systemname") && !"".equals(whereObject.getString("systemname"))) { where.append(" and("); where.append("t1.systemname like'%").append(whereObject.getString("systemname")).append("%' "); where.append(")"); } if (whereObject.containsKey("systemclientname") && !"".equals(whereObject.getString("systemclientname"))) { where.append(" and("); where.append("t2.systemclientname like'%").append(whereObject.getString("systemclientname")).append("%' "); where.append(")"); } if (whereObject.containsKey("systemmodulename") && !"".equals(whereObject.getString("systemmodulename"))) { where.append(" and("); where.append("t3.systemmodulename like'%").append(whereObject.getString("systemmodulename")).append("%' "); where.append(")"); } if (whereObject.containsKey("systemappname") && !"".equals(whereObject.getString("systemappname"))) { where.append(" and("); where.append("t4.systemappname like'%").append(whereObject.getString("systemappname")).append("%' "); where.append(")"); } } SQLFactory appselectsql = new SQLFactory(this, "应用授权选择", pageSize, pageNumber, pageSorting); appselectsql.addParameter_SQL("where", where); Rows approws = dbConnect.runSqlQuery(appselectsql); return getSucReturnObject().setData(approws).toString(); } /** * 系统应用功能选择 * * @return */ @API(title = "角色授权系统功能选择") @CACHEING public String query_appoptionselect() throws YosException { long roleid = content.getLongValue("roleid"); long systemappid = content.getLong("systemappid"); SQLFactory optionselectsql = new SQLFactory(this, "应用功能授权选择"); optionselectsql.addParameter_in("systemappid", systemappid); optionselectsql.addParameter("roleid", roleid); Rows optionRows = dbConnect.runSqlQuery(optionselectsql.getSQL()); return getSucReturnObject().setData(optionRows).toString(); } /** * 系统应用隐藏栏位选择 * * @return */ @API(title = "角色授权系统隐藏栏位选择") @CACHEING public String query_apphiddenfieldselect() throws YosException { long roleid = content.getLongValue("roleid"); long systemappid = content.getLong("systemappid"); SQLFactory hiddenfieldselectsql = new SQLFactory(this, "应用隐藏栏位选择"); hiddenfieldselectsql.addParameter_in("systemappid", systemappid); hiddenfieldselectsql.addParameter("roleid", roleid); Rows hiddenfieldsRows = dbConnect.runSqlQuery(hiddenfieldselectsql.getSQL()); return getSucReturnObject().setData(hiddenfieldsRows).toString(); } /** * 角色应用功能授权 * * @return */ @API(title = "角色应用功能授权") @CACHEING_CLEAN(cms = {@cm(clazz = role.class, method = {"query_roleMain", "query_appoptionselect"})}) public String add_appauth() throws YosException { JSONArray apparrays = content.getJSONArray("systemapps"); long roleid = content.getLong("roleid"); ArrayList sqllist = new ArrayList<>(); for (Object o : apparrays) { JSONObject appObject = (JSONObject) o; long systemappid = appObject.getLong("systemappid"); JSONArray optionids = appObject.getJSONArray("optionids"); for (Object optionid : optionids) { SQLFactory sqlFactory = new SQLFactory(this, "角色功能授权"); sqlFactory.addParameter("roleid", roleid); sqlFactory.addParameter("optionauthid", createTableID("sys_roleappoptionauth")); sqlFactory.addParameter("systemappid", systemappid); sqlFactory.addParameter("optionid", optionid.toString()); sqllist.add(sqlFactory.getSQL()); } JSONArray hiddenfields = appObject.getJSONArray("hiddenfields"); for (Object hiddenfieldid : hiddenfields) { SQLFactory sqlFactory = new SQLFactory(this, "角色隐藏栏位授权"); sqlFactory.addParameter("roleid", roleid); sqlFactory.addParameter("hiddenfieldlimitid", createTableID("sys_roleapphiddenfieldlimit")); sqlFactory.addParameter("systemappid", systemappid); sqlFactory.addParameter("hiddenfieldid", hiddenfieldid.toString()); sqllist.add(sqlFactory.getSQL()); } } dbConnect.runSqlUpdate(sqllist); logroleout(roleid); return getSucReturnObject().toString(); } /** * 角色应用功能授权取消 * * @return */ @API(title = "角色应用功能取消授权") @CACHEING_CLEAN(cms = {@cm(clazz = role.class, method = {"query_roleMain"})}) public String delete_appauth() throws YosException { JSONArray apparrays = content.getJSONArray("systemapps"); long roleid = content.getLong("roleid"); ArrayList sqllist = new ArrayList<>(); for (Object o : apparrays) { JSONObject appObject = (JSONObject) o; long systemappid = appObject.getLong("systemappid"); JSONArray optionids = appObject.getJSONArray("optionids"); for (Object optionid : optionids) { sqllist.add("delete from sys_roleappoptionauth where roleid=" + roleid + " and systemappid=" + systemappid + " and optionid=" + optionid); } JSONArray hiddenfields = appObject.getJSONArray("hiddenfields"); for (Object hiddenfieldid : hiddenfields) { sqllist.add("delete from sys_roleapphiddenfieldlimit where roleid=" + roleid + " and systemappid=" + systemappid + " and hiddenfieldid=" + hiddenfieldid); } } dbConnect.runSqlUpdate(sqllist); logroleout(roleid); return getSucReturnObject().toString(); } @API(title = "查询角色是否已使用", apiversion = R.ID20221121112102.v1.class) public String isRoleUsed() throws YosException { JSONArray roleids = content.getJSONArray("roleids"); String sql = "SELECT * from sys_userrole WHERE roleid in " + roleids + " and siteid = '" + siteid + "'"; sql = sql.replace("[", "(").replace("]", ")"); Rows rows = dbConnect.runSqlQuery(sql); if (rows.isEmpty()) { //角色没有在使用 return getSucReturnObject().setData(1).toString(); } else { //角色在使用 return getSucReturnObject().setData(2).toString(); } } @API(title = "角色授权,报表选择查询", apiversion = R.ID20221213141501.v1.class) public String roleAuthReportSelect() throws YosException { /* 过滤条件设置 */ StringBuffer where = new StringBuffer(" 1=1 "); if (content.containsKey("where")) { JSONObject whereObject = content.getJSONObject("where"); if (whereObject.containsKey("condition") && !"".equals(whereObject.getString("condition"))) { where.append(" and("); where.append("t2.name like'%").append(whereObject.getString("condition")).append("%' "); where.append(")"); } } long roleid = content.getLong("roleid"); SQLFactory sqlFactory = new SQLFactory(this, "角色授权报表选择查询"); sqlFactory.addParameter("siteid", siteid); sqlFactory.addParameter("roleid", roleid); sqlFactory.addParameter_SQL("where", where); Rows rows = dbConnect.runSqlQuery(sqlFactory.getSQL()); return getSucReturnObject().setData(rows).toString(); } @API(title = "角色报表查询", apiversion = R.ID20221213141601.v1.class) public String roleAuthReportQuery() throws YosException { long roleid = content.getLong("roleid"); SQLFactory sqlFactory = new SQLFactory(this, "角色授权报表查询"); sqlFactory.addParameter("siteid", siteid); sqlFactory.addParameter("roleid", roleid); Rows rows = dbConnect.runSqlQuery(sqlFactory.getSQL()); return getSucReturnObject().setData(rows).toString(); } @API(title = "角色报表删除", apiversion = R.ID20221213141701.v1.class) public String roleAuthReportDelete() throws YosException { long roleid = content.getLong("roleid"); JSONArray sys_reportids = content.getJSONArray("sys_reportids"); ArrayList sqlist = new ArrayList<>(); for (Object o : sys_reportids) { sqlist.add("delete from sys_rolereportauth where roleid=" + roleid + " and sys_reportid=" + o); } dbConnect.runSqlUpdate(sqlist); return getSucReturnObject().toString(); } @API(title = "角色报表添加", apiversion = R.ID20221213141801.v1.class) public String roleAuthReportadd() throws YosException { long roleid = content.getLong("roleid"); JSONArray sys_reportids = content.getJSONArray("sys_reportids"); ArrayList sqlist = new ArrayList<>(); for (Object o : sys_reportids) { SQLFactory sqlFactory = new SQLFactory(this, "角色授权报表新增"); sqlFactory.addParameter("sys_rolereportauthid", createTableID("sys_rolereportauth")); sqlFactory.addParameter("roleid", roleid); sqlFactory.addParameter("sys_reportid", String.valueOf(o)); sqlist.add(sqlFactory.getSQL()); } dbConnect.runSqlUpdate(sqlist); return getSucReturnObject().toString(); } @API(title = "角色数据限制查询", apiversion = R.ID20230216181301.v1.class) public String roleAuthDataLimitQuery() throws YosException { long roleid = content.getLong("roleid"); SQLFactory sqlFactory = new SQLFactory(this, "角色数据限制查询"); sqlFactory.addParameter("siteid", siteid); sqlFactory.addParameter("roleid", roleid); Rows rows = dbConnect.runSqlQuery(sqlFactory.getSQL()); return getSucReturnObject().setData(rows).toString(); } @API(title = "角色数据限制删除", apiversion = R.ID20230216181401.v1.class) public String roleAuthDataLimitDelete() throws YosException { long roleid = content.getLong("roleid"); JSONArray sys_role_datalimitids = content.getJSONArray("sys_role_datalimitids"); ArrayList sqlist = new ArrayList<>(); for (Object o : sys_role_datalimitids) { sqlist.add("delete from sys_role_datalimit where roleid=" + roleid + " and sys_role_datalimitid=" + o); logroleout(roleid); } dbConnect.runSqlUpdate(sqlist); return getSucReturnObject().toString(); } @API(title = "角色数据限制添加修改", apiversion = R.ID20230216181501.v1.class) public String roleAuthDataLimitadd() throws YosException { long roleid = content.getLong("roleid"); long sys_role_datalimitid = content.getLong("sys_role_datalimitid"); String table_name = content.getString("table_name"); String sqlstr = content.getString("sqlstr", true); if (dbConnect.runSqlQuery("select *from sys_role_datalimit where roleid='" + roleid + "' and table_name='" + table_name + "' and sys_role_datalimitid!=" + sys_role_datalimitid).isNotEmpty()) { return getErrReturnObject().setErrMsg("当前角色已存在" + table_name + "表的限制").toString(); } if (sys_role_datalimitid <= 0 || dbConnect.runSqlQuery("select * from sys_role_datalimit where sys_role_datalimitid=" + sys_role_datalimitid).isEmpty()) { SQLFactory sqlFactory = new SQLFactory(this, "角色数据限制新增"); sqlFactory.addParameter("sys_role_datalimitid", createTableID("sys_role_datalimit")); sqlFactory.addParameter("roleid", roleid); sqlFactory.addParameter("table_name", table_name); sqlFactory.addParameter("sqlstr", sqlstr); sqlFactory.addParameter("username", username); sqlFactory.addParameter("userid", userid); dbConnect.runSqlUpdate(sqlFactory.getSQL(false)); } else { dbConnect.runSqlUpdate("update sys_role_datalimit set table_name='" + table_name + "',sqlstr='" + sqlstr + "',changeby='" + username + "',changedate=now(),changeuserid=" + userid + " where roleid=" + roleid + " and sys_role_datalimitid=" + sys_role_datalimitid); } logroleout(roleid); return getSucReturnObject().toString(); } @API(title = "角色授权用户查询", apiversion = R.ID20230302135404.v1.class) public String queryRoles_Users() throws YosException { Long roleid = content.getLong("roleid"); SQLFactory sqlFactory = new SQLFactory(this, "角色授权用户查询", pageSize, pageNumber, pageSorting); sqlFactory.addParameter("siteid", siteid); sqlFactory.addParameter("roleid", roleid); Rows rows = dbConnect.runSqlQuery(sqlFactory.getSQL()); return getSucReturnObject().setData(rows).toString(); } }