gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1、用户管理恢复用户身份标识字段配置,普通用户不能查看、新建、修改管理员用户;

Browse Source 
2、角色管理恢复角色类型字段配置,普通用户不能查看、新建、修改管理员类型的角色。

Signed-off-by: zhangwei <zhangwei2@iie.ac.cn>
This commit is contained in:
zhangwei
2018-10-15 15:41:01 +08:00
parent b6276cdc8c
commit c59e45b996
6 changed files with 113 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/com/nis/web/controller/sys/UserController.java
View File

@@ -179,6 +179,9 @@ public class UserController extends BaseController{
@RequiresPermissions("sys:user:view") @RequiresPermissions("sys:user:view")
@RequestMapping(value = {"list"}) @RequestMapping(value = {"list"})
public String list(SysUser user, HttpServletRequest request, HttpServletResponse response, Model model) { public String list(SysUser user, HttpServletRequest request, HttpServletResponse response, Model model) {
if(UserUtils.getUser().getIdentity().equals(0)){
user.setIdentity(0);
}
Page<SysUser> page = userService.findUser(new Page<SysUser>(request, response), user); Page<SysUser> page = userService.findUser(new Page<SysUser>(request, response), user);
model.addAttribute("page", page); model.addAttribute("page", page);
return "/sys/userList"; return "/sys/userList";

4
src/main/java/com/nis/web/dao/UserDao.xml
View File

@@ -292,7 +292,9 @@
<if test="loginId != null and loginId !=''"> <if test="loginId != null and loginId !=''">
AND u.login_id=#{loginId} AND u.login_id=#{loginId}
</if> </if>
<if test="identity != null and identity!=1">
AND u.identity=#{identity}
</if>
<if test="name != null and name != ''"> <if test="name != null and name != ''">
AND u.name like AND u.name like

41
src/main/webapp/WEB-INF/views/sys/roleForm.jsp
View File

@@ -106,23 +106,30 @@
</div> </div>
<span class="help-inline"><font color="red">*</font> </span> <span class="help-inline"><font color="red">*</font> </span>
</div> </div>
<input type="hidden" name="roleType" value="user"/>
<%-- <div class="form-group">
<label class="col-md-3 control-label"><spring:message code="role_type"/>:</label> <c:choose>
<div class="col-md-4"> <c:when test="${fns:getUser().identity eq 1}">
<form:input path="roleType" htmlEscape="false" maxlength="50" class="required"/> <div class="form-group">
<span class="help-inline" title="activiti有3种预定义的组类型security-role、assignment、user 如果使用Activiti Explorer需要security-role才能看到manage页签需要assignment才能claim任务"> <label class="col-md-3 control-label"><spring:message code="role_type"/>:</label>
工作流组用户组类型security-role管理员、assignment可进行任务分配、user普通用户</span> <div class="col-md-4">
<form:select path="roleType" class="form-control"> <!-- <form:input path="roleType" htmlEscape="false" maxlength="50" class="required"/>
<form:option value="assignment"><spring:message code="task_allot"/></form:option> <span class="help-inline" title="activiti有3种预定义的组类型security-role、assignment、user 如果使用Activiti Explorer需要security-role才能看到manage页签需要assignment才能claim任务">
<form:option value="security-role"><spring:message code="manager"/></form:option> 工作流组用户组类型security-role管理员、assignment可进行任务分配、user普通用户</span> -->
<form:option value="user"><spring:message code="ordinary_man"/></form:option> <form:select path="roleType" class="form-control">
</form:select> <%-- <form:option value="assignment"><spring:message code="task_allot"/></form:option> --%>
<span class="help-inline" title="activiti有3种预定义的组类型security-role、assignment、user 如果使用Activiti Explorer需要security-role才能看到manage页签需要assignment才能claim任务"> <form:option value="security-role"><spring:message code="manager"/></form:option>
<spring:message code="role_type_info"/></span> <form:option value="user"><spring:message code="ordinary_man"/></form:option>
</div> </form:select>
</div> <%-- <span class="help-inline" title="activiti有3种预定义的组类型security-role、assignment、user 如果使用Activiti Explorer需要security-role才能看到manage页签需要assignment才能claim任务">
--%> <spring:message code="role_type_info"/></span> --%>
</div>
</div>
</c:when>
<c:otherwise>
<input type="hidden" name="roleType" value="user"/>
</c:otherwise>
</c:choose>
<div class="form-group"> <div class="form-group">
<label class="col-md-3 control-label"><spring:message code="data_range"/>:</label> <label class="col-md-3 control-label"><spring:message code="data_range"/>:</label>

40
src/main/webapp/WEB-INF/views/sys/roleList.jsp
View File

@@ -40,18 +40,36 @@
<sys:message content="${message}"/> <sys:message content="${message}"/>
<table id="contentTable" class="table table-striped table-bordered table-condensed"> <table id="contentTable" class="table table-striped table-bordered table-condensed">
<tr><th><spring:message code="role_name"/></th><th><spring:message code="data_range"/></th><th><spring:message code="desc"/></th><shiro:hasPermission name="sys:role:edit"><th><spring:message code="operation"/></th></shiro:hasPermission></tr> <tr>
<th><spring:message code="role_name"/></th>
<th><spring:message code="data_range"/></th>
<th><spring:message code="desc"/></th>
<c:if test="${fns:getUser().identity eq 1}">
<th><spring:message code="role_type"/></th>
</c:if>
<shiro:hasPermission name="sys:role:edit">
<th><spring:message code="operation"/></th>
</shiro:hasPermission>
</tr>
<c:forEach items="${list}" var="role"> <c:forEach items="${list}" var="role">
<tr> <c:if test="${fns:getUser().identity eq 1 or (fns:getUser().identity eq 0 and role.roleType eq 'user')}">
<td><a href="form?id=${role.id}">${role.name}</a></td> <tr>
<td>${fns:getDictLabel('SYS_DATA_SCOPE',role.dataScope,'无')}</td> <td><a href="form?id=${role.id}">${role.name}</a></td>
<td title="${role.remark}">${fns:abbr(role.remark,30)}</td> <td>${fns:getDictLabel('SYS_DATA_SCOPE',role.dataScope,'无')}</td>
<shiro:hasPermission name="sys:role:edit"><td> <td title="${role.remark}">${fns:abbr(role.remark,30)}</td>
<%--<a href="${ctx}/sys/role/assign?id=${role.id}"><spring:message code="allot"/></a> --%> <c:if test="${fns:getUser().identity eq 1}">
<a href="${ctx}/sys/role/form?id=${role.id}"><spring:message code="edit"/></a> <td>
<a href="${ctx}/sys/role/delete?id=${role.id}" onclick="return confirmx('<spring:message code="sure_delete"/>', this.href)"><spring:message code="delete"/></a> <c:if test="${role.roleType eq 'user' }"><spring:message code="ordinary_man"/></c:if>
</td></shiro:hasPermission> <c:if test="${role.roleType eq 'security-role' }"><spring:message code="manager"/></c:if>
</tr> </td>
</c:if>
<shiro:hasPermission name="sys:role:edit"><td>
<%--<a href="${ctx}/sys/role/assign?id=${role.id}"><spring:message code="allot"/></a> --%>
<a href="${ctx}/sys/role/form?id=${role.id}"><spring:message code="edit"/></a>
<a href="${ctx}/sys/role/delete?id=${role.id}" onclick="return confirmx('<spring:message code="sure_delete"/>', this.href)"><spring:message code="delete"/></a>
</td></shiro:hasPermission>
</tr>
</c:if>
</c:forEach> </c:forEach>
</table> </table>

56
src/main/webapp/WEB-INF/views/sys/userForm.jsp
View File

@@ -12,12 +12,12 @@
$("#inputForm").validate({ $("#inputForm").validate({
rules: { rules: {
loginId: {remote: "${ctx}/sys/user/checkLoginName?oldLoginId=" + encodeURIComponent('${user.loginId}')}, loginId: {remote: "${ctx}/sys/user/checkLoginName?oldLoginId=" + encodeURIComponent('${user.loginId}')},
// 'office.name': {officeIsValid: true }, 'office.name': {officeIsValid: true },
'entity.name': {required: true } 'entity.name': {required: true }
}, },
messages: { messages: {
loginId: {remote: "<spring:message code='name_existed'/>"}, loginId: {remote: "<spring:message code='name_existed'/>"},
// 'office.name': {officeIsValid: "<spring:message code='company_range'/>"}, 'office.name': {officeIsValid: "<spring:message code='company_range'/>"},
confirmNewPassword: {equalTo: "<spring:message code='equal_password'/>"} confirmNewPassword: {equalTo: "<spring:message code='equal_password'/>"}
}, },
submitHandler: function(form){ submitHandler: function(form){
@@ -121,18 +121,18 @@
</div> </div>
<span class="help-inline"><font color="red">*</font> </span> <span class="help-inline"><font color="red">*</font> </span>
</div> </div>
<input type="hidden" name="company.id" value="0"/> <!-- <input type="hidden" name="company.id" value="0"/> -->
<input type="hidden" name="entity.id" value="0"/> <input type="hidden" name="entity.id" value="0"/>
<input type="hidden" name="office.id" value="0"/> <input type="hidden" name="office.id" value="0"/>
<%-- <div class="form-group"> <div class="form-group">
<label class="col-md-3 control-label"><spring:message code="owner_company"/>:</label> <label class="col-md-3 control-label"><spring:message code="organizer"/>:</label>
<div class="col-md-4"> <div class="col-md-4">
<sys:treeselect id="company" name="company.id" value="${user.company.id}" labelName="company.name" labelValue="${user.company.name}" <sys:treeselect id="company" name="company.id" value="${user.company.id}" labelName="company.name" labelValue="${user.company.name}"
title="company" url="/sys/office/treeData?type=1" cssClass="required form-control" notAllowSelectRoot="true"/> title="company" url="/sys/office/treeData" cssClass="required form-control" notAllowSelectRoot="true"/>
</div> </div>
</div> </div>
<div class="form-group"> <%-- <div class="form-group">
<label class="col-md-3 control-label"><spring:message code="organizer"/>:</label> <label class="col-md-3 control-label"><spring:message code="organizer"/>:</label>
<div class="col-md-4"> <div class="col-md-4">
<sys:treeselect id="entity" name="entity.id" value="${user.entity.id}" labelName="entity.name" labelValue="${user.entity.name}" <sys:treeselect id="entity" name="entity.id" value="${user.entity.id}" labelName="entity.name" labelValue="${user.entity.name}"
@@ -172,18 +172,24 @@
</div> </div>
<span class="help-inline"><font color="red">*</font> </span> <span class="help-inline"><font color="red">*</font> </span>
</div> </div>
<input type="hidden" name="identity" value="0"/> <c:choose>
<%-- <div class="form-group"> <c:when test="${fns:getUser().identity eq 1}">
<label class="col-md-3 control-label"><spring:message code="identify_mark"></spring:message>:</label> <div class="form-group">
<div class="col-md-4 "> <label class="col-md-3 control-label"><spring:message code="identify_mark"></spring:message>:</label>
<form:select path="identity" class="selectpicker select2 form-control"> <div class="col-md-4 ">
<form:option value="0"><spring:message code="ordinary_man"/></form:option> <form:select path="identity" class="selectpicker select2 form-control">
<form:option value="1"><spring:message code="manager"/></form:option> <form:option value="0"><spring:message code="ordinary_man"/></form:option>
</form:select> <form:option value="1"><spring:message code="manager"/></form:option>
<span class="help-inline"><font><spring:message code="manager_info"/></font></span> </form:select>
</div> <span class="help-inline"><font><spring:message code="manager_info"/></font></span>
</div>
</div> --%>
</div>
</c:when>
<c:otherwise>
<input type="hidden" name="identity" value="0"/>
</c:otherwise>
</c:choose>
<input type="hidden" name="email" value="0"/> <input type="hidden" name="email" value="0"/>
<%-- <div class="form-group"> <%-- <div class="form-group">
<label class="col-md-3 control-label"><spring:message code="mail"/>:</label> <label class="col-md-3 control-label"><spring:message code="mail"/>:</label>
@@ -201,10 +207,12 @@
<div class="mt-checkbox-inline"> <div class="mt-checkbox-inline">
<c:forEach items="${allRoles}" var="role"> <c:forEach items="${allRoles}" var="role">
<label class="mt-checkbox"> <c:if test="${fns:getUser().identity eq 1 or (fns:getUser().identity eq 0 and role.roleType eq 'user' )}">
<form:checkbox path="roleIdList" value="${role.id }" class="required" /> ${role.name } <label class="mt-checkbox">
<span></span> <form:checkbox path="roleIdList" value="${role.id }" class="required" /> ${role.name }
</label> <span></span>
</label>
</c:if>
</c:forEach> </c:forEach>
<span class="help-inline "><font color="red">*</font> </span> <span class="help-inline "><font color="red">*</font> </span>
@@ -229,7 +237,9 @@
<div class="row"> <div class="row">
<div class="col-md-offset-3 col-md-9"> <div class="col-md-offset-3 col-md-9">
<shiro:hasPermission name="sys:user:edit"></shiro:hasPermission> <shiro:hasPermission name="sys:user:edit"></shiro:hasPermission>
<c:if test="${fns:getUser().id ne user.id }">
<button type="submit" class="btn blue"><spring:message code="submit"></spring:message></button> <button type="submit" class="btn blue"><spring:message code="submit"></spring:message></button>
</c:if>
<button type="button" class="btn blue btn-outline" onclick="history.go(-1)"><spring:message code="cancel"></spring:message></button> <button type="button" class="btn blue btn-outline" onclick="history.go(-1)"><spring:message code="cancel"></spring:message></button>
</div> </div>
</div> </div>

27
src/main/webapp/WEB-INF/views/sys/userList.jsp
View File

@@ -119,11 +119,14 @@
class="table table-striped table-bordered table-condensed"> class="table table-striped table-bordered table-condensed">
<thead> <thead>
<tr> <tr>
<%-- <th><spring:message code="company" /></th>
<th><spring:message code="group" /></th> --%> <%--<th><spring:message code="group" /></th> --%>
<th class="sort-column login_id"><spring:message code="login_name" /></th> <th class="sort-column login_id"><spring:message code="login_name" /></th>
<th class="sort-column name"><spring:message code="name" /></th> <th class="sort-column name"><spring:message code="name" /></th>
<%-- <th><spring:message code="identify_mark" /></th> --%> <th><spring:message code="organizer" /></th>
<c:if test="${fns:getUser().identity eq 1}">
<th><spring:message code="identify_mark" /></th>
</c:if>
<%-- <th><spring:message code="mail" /></th> --%> <%-- <th><spring:message code="mail" /></th> --%>
<th><spring:message code="create_time" /></th> <th><spring:message code="create_time" /></th>
<%--<th>角色</th> --%> <%--<th>角色</th> --%>
@@ -135,14 +138,26 @@
<tbody> <tbody>
<c:forEach items="${page.list}" var="user"> <c:forEach items="${page.list}" var="user">
<tr> <tr>
<td><a href="${ctx}/sys/user/form?id=${user.id}">${user.loginId}</a></td> <td><a href="${ctx}/sys/user/form?id=${user.id}">${user.loginId}</a></td>
<td>${user.name}</td> <td>${user.name}</td>
<td>${user.company.name }</td>
<c:if test="${fns:getUser().identity eq 1}">
<td>
<c:if test="${user.identity eq 0 }"><spring:message code="ordinary_man"/></c:if>
<c:if test="${user.identity eq 1 }"><spring:message code="manager"/></c:if>
</td>
</c:if>
<td><fmt:formatDate value="${user.createTime}" <td><fmt:formatDate value="${user.createTime}"
pattern="yyyy-MM-dd HH:mm:ss" /></td> pattern="yyyy-MM-dd HH:mm:ss" /></td>
<shiro:hasPermission name="sys:user:edit"></shiro:hasPermission> <shiro:hasPermission name="sys:user:edit"></shiro:hasPermission>
<td><a href="${ctx}/sys/user/form?id=${user.id}"><spring:message code="edit" /></a> <a <td>
href="${ctx}/sys/user/delete?id=${user.id}" <c:if test="${fns:getUser().identity eq 1 or (fns:getUser().identity eq 0 and user.identity eq 0)}">
onclick="return confirmx('<spring:message code="sure_delete"/>', this.href)"><spring:message code="delete" /></a></td> <a href="${ctx}/sys/user/form?id=${user.id}"><spring:message code="edit" /></a> <a
href="${ctx}/sys/user/delete?id=${user.id}"
onclick="return confirmx('<spring:message code="sure_delete"/>', this.href)"><spring:message code="delete" /></a>
</c:if>
</td>
</tr> </tr>
</c:forEach> </c:forEach>
</tbody> </tbody>