/**
* <pre>
* Copyright: Copyright(C) 2011-2012, ketayao.com
* Filename: com.ketayao.ketacustom.controller.IndexController.java
* Class: IndexController
* Date: 2012-8-2
* Author: <a href="mailto:ketayao@gmail.com">ketayao</a>
* Version 1.1.0
* Description:
*
* </pre>
**/
package com.ketayao.ketacustom.controller;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletRequest;
import org.apache.shiro.authz.annotation.RequiresUser;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import com.ketayao.ketacustom.SecurityConstants;
import com.ketayao.ketacustom.entity.main.Module;
import com.ketayao.ketacustom.entity.main.Permission;
import com.ketayao.ketacustom.entity.main.User;
import com.ketayao.ketacustom.exception.ServiceException;
import com.ketayao.ketacustom.log.Log;
import com.ketayao.ketacustom.log.LogMessageObject;
import com.ketayao.ketacustom.log.impl.LogUitls;
import com.ketayao.ketacustom.service.ModuleService;
import com.ketayao.ketacustom.service.OrganizationService;
import com.ketayao.ketacustom.service.UserService;
import com.ketayao.ketacustom.shiro.ShiroUser;
import com.ketayao.ketacustom.util.dwz.AjaxObject;
import com.ketayao.utils.SecurityUtils;
/**
*
* @author <a href="mailto:ketayao@gmail.com">ketayao</a>
* Version 1.1.0
* @since 2012-8-2 下午5:45:57
*/
@Controller
@RequestMapping("/management/index")
public class IndexController {
@Autowired
private UserService userService;
@Autowired
private ModuleService moduleService;
@Autowired
private OrganizationService organizationService;
private static final String INDEX = "management/index/index";
private static final String UPDATE_PASSWORD = "management/index/updatePwd";
private static final String UPDATE_BASE = "management/index/updateBase";
@Log(message="{0}登录了系统。")
@RequiresUser
@RequestMapping(value="", method=RequestMethod.GET)
public String index(ServletRequest request, Map<String, Object> map) {
ShiroUser shiroUser = SecurityUtils.getShiroUser();
Module menuModule = getMenuModule(SecurityUtils.getSubject());
map.put(SecurityConstants.LOGIN_USER, shiroUser.getUser());
map.put("menuModule", menuModule);
LogUitls.putArgs(LogMessageObject.newWrite().setObjects(new Object[]{shiroUser.getLoginName()}));
return INDEX;
}
private Module getMenuModule(Subject subject) {
Module rootModule = moduleService.getTree();
check(rootModule, subject);
return rootModule;
}
private void check(Module module, Subject subject) {
List<Module> list1 = new ArrayList<Module>();
for (Module m1 : module.getChildren()) {
// 只加入拥有show权限的Module
if (subject.isPermitted(m1.getSn() + ":" + Permission.PERMISSION_SHOW)) {
check(m1, subject);
list1.add(m1);
}
}
module.setChildren(list1);
}
@RequiresUser
@RequestMapping(value="/updatePwd", method=RequestMethod.GET)
public String preUpdatePassword() {
return UPDATE_PASSWORD;
}
@Log(message="{0}修改了密码。")
@RequiresUser
@RequestMapping(value="/updatePwd", method=RequestMethod.POST)
public @ResponseBody String updatePassword(ServletRequest request, String plainPassword,
String newPassword, String rPassword) {
User user = SecurityUtils.getLoginUser();
if (newPassword != null && newPassword.equals(rPassword)) {
user.setPlainPassword(plainPassword);
try {
userService.updatePwd(user, newPassword);
} catch (ServiceException e) {
LogUitls.putArgs(LogMessageObject.newIgnore());//忽略日志
return AjaxObject.newError(e.getMessage()).setCallbackType("").toString();
}
LogUitls.putArgs(LogMessageObject.newWrite().setObjects(new Object[]{user.getUsername()}));
return AjaxObject.newOk("修改密码成功!").toString();
}
return AjaxObject.newError("修改密码失败!").setCallbackType("").toString();
}
@RequiresUser
@RequestMapping(value="/updateBase", method=RequestMethod.GET)
public String preUpdateBase(Map<String, Object> map) {
map.put(SecurityConstants.LOGIN_USER, SecurityUtils.getLoginUser());
return UPDATE_BASE;
}
@Log(message="{0}修改了详细信息。")
@RequiresUser
@RequestMapping(value="/updateBase", method=RequestMethod.POST)
public @ResponseBody String updateBase(User user, ServletRequest request) {
User loginUser = SecurityUtils.getLoginUser();
loginUser.setPhone(user.getPhone());
loginUser.setEmail(user.getEmail());
userService.saveOrUpdate(loginUser);
LogUitls.putArgs(LogMessageObject.newWrite().setObjects(new Object[]{user.getUsername()}));
return AjaxObject.newOk("修改详细信息成功!").toString();
}
}