67,549
社区成员




public class UserDaoHibernate extends BaseDaoHibernate implements
IUserDao {
/**
* 增加用户
*
* @param user
*/
public Long addUser(User user) {
return addEntityRetVal(user);
}
/**
* 通过id删除用户
*
* @param user
*/
public void deleteUser(Long id) {
User userPO = (User) getHibernateTemplate().load(
User.class, id);
deleteEntity(userPO);
}
/**
* 删除用户
*
* @param user
*/
public void deleteUser(User user) {
User userPO = (User) getHibernateTemplate().load(
User.class, user.getUserid());
deleteEntity(userPO);
}
/**
* 更新用户
*
* @param user
*/
public void updateUser(User user) {
User userPO = (User) getHibernateTemplate().load(
User.class, user.getUserid());
BeanUtil.copyProperties(userPO, user);
updateEntity(userPO);
}
/**
* 通过id查询用户
*
* @param id
* @return
*/
public User queryUserById(Long id) {
return (User) getHibernateTemplate().load(User.class, id);
}
/**
* 通过用户名字查询用户实体 -- 这个方法存在SQL注入攻击问题
* @param usernme
* @return
*/
public User queryUserByName(String username){
String hql = "select u from User u where u.username = '" + username + "'";
return (User) this.queryObjectByHql(hql);
}
/**
* 查询所有用户
*
* @return
*/
public List<User> queryAllUser() {
return queryAllEntitys(User.class);
}
/**
* 分页查询用户
*/
public List<User> queryAllUser(String hql, int currentPage,
int pageSize) {
return queryAllEntitys(currentPage,pageSize,hql); //调用的是有currentPage的分页方法
}
/**
*
* 通过用户id查询用户名称,查不到返回 null
* @param id
* @return
*/
public String queryNameById(Long id){
String hql = " from User d where d.userId = ?";
List<?> users = getHibernateTemplate().find(hql,id);
if(users.size()>0){
return ((User)users.get(0)).getUsername();
}else{
return null;
}
}
/**
* 得到用户分页记录总数
* @param parentId
* @return
*/
/*
public Long queryTotalNumberOfUser(){
String hql = "select count(*) from User";
List<?> childNumber = getHibernateTemplate().find(hql);
return (Long)childNumber.get(0);
}*/
public int queryAllUserNubmer(String hql){
return queryAllEntitysNumer(hql);
}
/**
* 查询用户的权限
* @param userId
* @return
*/
public List<UserAuth> queryFunctionOnlyByUserId(Long userId){
String hql = "select ua from UserAuth ua where ua.userid = " + userId;
List<UserAuth> userAuths = queryAllObjectByHql(hql);
return userAuths;
}
/**
* 查询用户的角色
* @param userId
* @return
*/
@SuppressWarnings("unchecked")
public List<UserRole> queryRoleOnlyByUserId(Long userId){
String hql = "select ur from UserRole ur where ur.userid = " + userId;
List<UserRole> userAuths = queryAllObjectByHql(hql);
return userAuths;
}
}
@WebService
public class UserHelper implements IUserHelper {
private IUserDao userDao = null;
private IDepartmentDao departDao = null;
private IFunctionHelper functionHelper = null;
private IRoleHelper roleHelper = null;
public void setUserDao(IUserDao userDao) {
this.userDao = userDao;
}
public void setFunctionHelper(IFunctionHelper functionHelper) {
this.functionHelper = functionHelper;
}
public void setDepartDao(IDepartmentDao departDao) {
this.departDao = departDao;
}
public void setRoleHelper(IRoleHelper roleHelper) {
this.roleHelper = roleHelper;
}
/**
* 通过id查询权限,没有则返回null
*
* @param id
* @return
*/
public UserVO queryUserById(Long id) throws GeneralException {
User user = null;
try {
user = userDao.queryUserById(id);
} catch (Exception e) {
e.printStackTrace();
throw new GeneralException("error.userDeatil", "通过id查询权限时出错!");
}
// PO 转 VO
UserVO userVO = userPoToVo(user);
return userVO;
}
/**
* 得到所有权限的集合,没有则返回 null
*
* @return
*/
public List<UserVO> queryAllUser() throws GeneralException {
List<UserVO> allFuncVOs = new ArrayList<UserVO>();
List<User> allFuncs = null;
try {
allFuncs = userDao.queryAllUser();
} catch (Exception e) {
throw new GeneralException("error.userList", "得到所有权限的集合时出错!");
}
for (Iterator<?> iterator = allFuncs.iterator(); iterator.hasNext();) {
User user = (User) iterator.next();
// PO 转 VO
UserVO userVO = userPoToVo(user);
allFuncVOs.add(userVO);
}
return allFuncVOs;
}
/**
* 权限的PO 到 VO 转换的方法
*
* @param user
* @return
*/
public UserVO userPoToVo(User user) throws GeneralException {
UserVO userVO = new UserVO();
BeanUtil.copyProperties(userVO, user);
try {
userVO.setDepartName(departDao.queryNameById(user.getDepartid())); // 设置部门名称
} catch (Exception e) {
throw new GeneralException("error.user", " 权限的PO 到 VO 转换时出错!");
}
if(userVO.getStatus().equals("1")){
userVO.setStatus("可用");
}else{
userVO.setStatus("不可用");
}
userVO.setRegisterName("ZHANG");
userVO.setChangerName("ZHANG");
return userVO;
}
/**
* 通过分页查询权限信息集合
*
* @param hql
* @param currentPage
* @param pageSize
* @return
* @throws GeneralException
*/
public List<UserVO> queryUserByPage(String hql, int currentPage,
int pageSize) throws GeneralException {
List<UserVO> allFuncVOs = new ArrayList<UserVO>();
List<User> allFuncs = null;
try {
allFuncs = userDao.queryAllUser(hql, currentPage, pageSize);
} catch (Exception e) {
throw new GeneralException("error.userList", "分页得到权限的集合时出错!");
}
for (Iterator<?> iterator = allFuncs.iterator(); iterator.hasNext();) {
User user = (User) iterator.next();
// PO 转 VO
UserVO userVO = userPoToVo(user);
allFuncVOs.add(userVO);
}
return allFuncVOs;
}
/**
* 返回User分页对象
*
* @param currentPage
* @return
*/
public Pagination getPagination(int currentPage, String hql) {
return new Pagination(currentPage,
DisplayRecordCount.DISPLAY_IN_USER_LIST, userDao
.queryAllUserNubmer(hql));
}
/**
* 查到用户的所有角色ID
*
* @param userId
* @return
* @throws GeneralException
*/
public List<Long> queryAllRoleidsOfUser(Long userId)
throws GeneralException {
List<Long> rolesOfUser = new ArrayList<Long>();
List<UserRole> userRoles = null;
try {
userRoles = userDao.queryRoleOnlyByUserId(userId); // 查到角色权限
} catch (Exception e) {
throw new GeneralException("error.userRoleidsList",
"得到用户的角色ID集合出错!");
}
for (Iterator<?> iterator = userRoles.iterator(); iterator.hasNext();) {
UserRole userRole = (UserRole) iterator.next();
Long roleid = userRole.getRoleid();
rolesOfUser.add(roleid);
}
return rolesOfUser;
}
/**
* 查到用户的所有角色
*
* @param userId
* @return
* @throws GeneralException
*/
public List<RoleVO> queryAllRoleOfUser(Long userId) throws GeneralException {
List<Long> rolesOfUser = new ArrayList<Long>();
List<RoleVO> userRoles = new ArrayList<RoleVO>();
try {
rolesOfUser = queryAllRoleidsOfUser(userId);
for (Iterator<?> iterator = rolesOfUser.iterator(); iterator
.hasNext();) {
Long roleid = (Long) iterator.next();
RoleVO roleVO = roleHelper.queryRoleById(roleid);
userRoles.add(roleVO);
}
} catch (Exception e) {
e.printStackTrace();
throw new GeneralException("error.userRoleList",
"得到用户的角色集合出错!");
}
return userRoles;
}
/**
* 查询用户的所有权限 1.查询所有用户的权限 2.查询所有用户的角色 3.查询所有用户的权限+角色的权限-共同的权限
*
* @param userId
* @return
*/
public List<FunctionVO> queryAllFunctionOfUser(Long userId,String system)
throws GeneralException {
Set<FunctionVO> userAllFuncs = new HashSet<FunctionVO>();
List<FunctionVO> userAllFuncsList = new ArrayList<FunctionVO>();
try {
List<UserAuth> userFuncs = userDao
.queryFunctionOnlyByUserId(userId); // 查到权限
if (userFuncs != null) {
for (Iterator<?> iterator = userFuncs.iterator(); iterator
.hasNext();) {
UserAuth userFunc = (UserAuth) iterator.next();
Long funcId = userFunc.getFuncid();
FunctionVO funcVO = functionHelper
.queryFunctionById(funcId);
userAllFuncs.add(funcVO);
}
}
List<UserRole> userRoles = userDao.queryRoleOnlyByUserId(userId); // 查到角色
if (userRoles != null) {
// 查到所有角色的所有权限,将权限放入到userAllFuncs中
for (Iterator<?> iterator = userRoles.iterator(); iterator
.hasNext();) {
UserRole userRole = (UserRole) iterator.next();
Long roleId = userRole.getRoleid();
List<FunctionVO> funcVOs = roleHelper
.queryFunctionOfRole(roleId);
for (Iterator<?> iterator2 = funcVOs.iterator(); iterator2
.hasNext();) {
FunctionVO functionVO = (FunctionVO) iterator2.next();
userAllFuncs.add(functionVO);
}
}
}
// 将筛选了数据的无序Set集合转换为有序的List集合.一定要从小到大,否则权限树显示就会有问题
for (Iterator<?> iterator = userAllFuncs.iterator(); iterator
.hasNext();) {
FunctionVO userAllFun = (FunctionVO) iterator.next();
if(system.equals("crm")){
if(userAllFun.getFuncid()>=20000000l){
userAllFuncsList.add(userAllFun);
}
}else if(system.equals("hr")){
if(userAllFun.getFuncid()<20000000l){
userAllFuncsList.add(userAllFun);
}
}
}
FunctionComparator fc = new FunctionComparator();
Collections.sort(userAllFuncsList, fc);
} catch (Exception e) {
e.printStackTrace();
throw new GeneralException("error.userAllFuncsList", "得到用户的权限集合出错!");
}
return userAllFuncsList;
}
}