1、用户管理恢复用户身份标识字段配置，普通用户不能查看、新建、修改管理员用户；

2、角色管理恢复角色类型字段配置，普通用户不能查看、新建、修改管理员类型的角色。 Signed-off-by: zhangwei <zhangwei2@iie.ac.cn>
2018-10-15 15:41:01 +08:00
parent b6276cdc8c
commit c59e45b996
6 changed files with 113 additions and 58 deletions
--- a/src/main/java/com/nis/web/controller/sys/UserController.java
+++ b/src/main/java/com/nis/web/controller/sys/UserController.java
@@ -179,6 +179,9 @@ public class UserController extends BaseController{
 	@RequiresPermissions("sys:user:view")
 	@RequestMapping(value = {"list"})
 	public String list(SysUser user, HttpServletRequest request, HttpServletResponse response, Model model) {
+		if(UserUtils.getUser().getIdentity().equals(0)){
+			user.setIdentity(0);
+		}
 		Page<SysUser> page = userService.findUser(new Page<SysUser>(request, response), user);
        model.addAttribute("page", page);
 		return "/sys/userList";
--- a/src/main/java/com/nis/web/dao/UserDao.xml
+++ b/src/main/java/com/nis/web/dao/UserDao.xml
@@ -292,7 +292,9 @@
 		<if test="loginId != null and loginId !=''">
 			AND u.login_id=#{loginId} 
 		</if>
-			
+		<if test="identity != null and identity!=1">
+			AND u.identity=#{identity} 
+		</if>	
 			
 		<if test="name != null and name != ''">
 			AND u.name like 
--- a/src/main/webapp/WEB-INF/views/sys/roleForm.jsp
+++ b/src/main/webapp/WEB-INF/views/sys/roleForm.jsp
@@ -106,23 +106,30 @@
 									</div>
 										<span class="help-inline"><font color="red">*</font> </span>
 								</div>
-								<input type="hidden" name="roleType" value="user"/>
-								<%-- <div class="form-group">
+								
+								
+								<c:choose>
+									<c:when test="${fns:getUser().identity eq 1}">
+										<div class="form-group">
 											<label class="col-md-3 control-label"><spring:message code="role_type"/>:</label>
 											<div class="col-md-4">
-										<form:input path="roleType" htmlEscape="false" maxlength="50" class="required"/>
+												<!-- <form:input path="roleType" htmlEscape="false" maxlength="50" class="required"/>
 												<span class="help-inline" title="activiti有3种预定义的组类型：security-role、assignment、user 如果使用Activiti Explorer，需要security-role才能看到manage页签，需要assignment才能claim任务">
-											工作流组用户组类型（security-role：管理员、assignment：可进行任务分配、user：普通用户）</span>
+													工作流组用户组类型（security-role：管理员、assignment：可进行任务分配、user：普通用户）</span> -->
 												<form:select path="roleType" class="form-control">
-											<form:option value="assignment"><spring:message code="task_allot"/></form:option>
+													<%-- <form:option value="assignment"><spring:message code="task_allot"/></form:option> --%>
 													<form:option value="security-role"><spring:message code="manager"/></form:option>
 													<form:option value="user"><spring:message code="ordinary_man"/></form:option>
 												</form:select>
-										<span class="help-inline" title="activiti有3种预定义的组类型：security-role、assignment、user 如果使用Activiti Explorer，需要security-role才能看到manage页签，需要assignment才能claim任务">
-											<spring:message code="role_type_info"/></span>
+												<%-- <span class="help-inline" title="activiti有3种预定义的组类型：security-role、assignment、user 如果使用Activiti Explorer，需要security-role才能看到manage页签，需要assignment才能claim任务">
+													<spring:message code="role_type_info"/></span> --%>
 											</div>
 										</div>
-								 --%>
+									</c:when>
+									<c:otherwise>
+										<input type="hidden" name="roleType" value="user"/>
+									</c:otherwise>
+								</c:choose>
 								
 								<div class="form-group">
 									<label class="col-md-3 control-label"><spring:message code="data_range"/>:</label>
--- a/src/main/webapp/WEB-INF/views/sys/roleList.jsp
+++ b/src/main/webapp/WEB-INF/views/sys/roleList.jsp
@@ -40,18 +40,36 @@
 							
 								<sys:message content="${message}"/>
 								<table id="contentTable" class="table table-striped table-bordered table-condensed">
-									<tr><th><spring:message code="role_name"/></th><th><spring:message code="data_range"/></th><th><spring:message code="desc"/></th><shiro:hasPermission name="sys:role:edit"><th><spring:message code="operation"/></th></shiro:hasPermission></tr>
+									<tr>
+										<th><spring:message code="role_name"/></th>
+										<th><spring:message code="data_range"/></th>
+										<th><spring:message code="desc"/></th>
+										<c:if test="${fns:getUser().identity eq 1}">
+											<th><spring:message code="role_type"/></th>
+										</c:if>
+										<shiro:hasPermission name="sys:role:edit">
+											<th><spring:message code="operation"/></th>
+										</shiro:hasPermission>
+									</tr>
 									<c:forEach items="${list}" var="role">
+										<c:if test="${fns:getUser().identity eq 1 or (fns:getUser().identity eq 0 and role.roleType eq 'user')}">
 											<tr>
 												<td><a href="form?id=${role.id}">${role.name}</a></td>
 												<td>${fns:getDictLabel('SYS_DATA_SCOPE',role.dataScope,'无')}</td>
 												<td title="${role.remark}">${fns:abbr(role.remark,30)}</td>
+												<c:if test="${fns:getUser().identity eq 1}">
+													<td>
+														<c:if test="${role.roleType eq 'user' }"><spring:message code="ordinary_man"/></c:if>
+														<c:if test="${role.roleType eq 'security-role' }"><spring:message code="manager"/></c:if>
+													</td>
+												</c:if>
 												<shiro:hasPermission name="sys:role:edit"><td>
 													<%--<a href="${ctx}/sys/role/assign?id=${role.id}"><spring:message code="allot"/></a> --%>
 													<a href="${ctx}/sys/role/form?id=${role.id}"><spring:message code="edit"/></a>
 													<a href="${ctx}/sys/role/delete?id=${role.id}" onclick="return confirmx('<spring:message code="sure_delete"/>', this.href)"><spring:message code="delete"/></a>
 												</td></shiro:hasPermission>	
 											</tr>
+										</c:if>
 									</c:forEach>
 								</table>
 								
--- a/src/main/webapp/WEB-INF/views/sys/userForm.jsp
+++ b/src/main/webapp/WEB-INF/views/sys/userForm.jsp
@@ -12,12 +12,12 @@
 			$("#inputForm").validate({
 				rules: {
 					loginId: {remote: "${ctx}/sys/user/checkLoginName?oldLoginId=" + encodeURIComponent('${user.loginId}')},
-				//	'office.name': {officeIsValid: true },
+					'office.name': {officeIsValid: true },
 					'entity.name': {required: true }
 				},
 				messages: {
 					loginId: {remote: "<spring:message code='name_existed'/>"},
-				//	'office.name': {officeIsValid: "<spring:message code='company_range'/>"},
+					'office.name': {officeIsValid: "<spring:message code='company_range'/>"},
 					confirmNewPassword: {equalTo: "<spring:message code='equal_password'/>"}
 				},
 				submitHandler: function(form){
@@ -121,18 +121,18 @@
 			</div>
 			<span class="help-inline"><font color="red">*</font> </span>
 		</div>
-		<input type="hidden" name="company.id" value="0"/>
+	<!--  	<input type="hidden" name="company.id" value="0"/> -->
 		<input type="hidden" name="entity.id" value="0"/>
 		<input type="hidden" name="office.id" value="0"/>
-		<%-- <div class="form-group">
-			<label class="col-md-3 control-label"><spring:message code="owner_company"/>:</label>
+		<div class="form-group">
+			<label class="col-md-3 control-label"><spring:message code="organizer"/>:</label>
 			<div class="col-md-4">
                <sys:treeselect id="company" name="company.id" value="${user.company.id}" labelName="company.name" labelValue="${user.company.name}"
-					title="company" url="/sys/office/treeData?type=1" cssClass="required  form-control" notAllowSelectRoot="true"/>
+					title="company" url="/sys/office/treeData" cssClass="required  form-control" notAllowSelectRoot="true"/>
 			</div>
 		</div>
 		
-		<div class="form-group">
+		<%-- <div class="form-group">
 			<label class="col-md-3 control-label"><spring:message code="organizer"/>:</label>
 			<div class="col-md-4">
                <sys:treeselect id="entity" name="entity.id" value="${user.entity.id}" labelName="entity.name" labelValue="${user.entity.name}"
@@ -172,8 +172,9 @@
 			</div>
 			<span class="help-inline"><font color="red">*</font> </span>
 		</div>
-		<input type="hidden" name="identity" value="0"/>
-		<%-- <div class="form-group">
+		<c:choose>
+			<c:when test="${fns:getUser().identity eq 1}">
+				<div class="form-group">
 					<label class="col-md-3 control-label"><spring:message code="identify_mark"></spring:message>:</label>
 					<div class="col-md-4 ">
 						<form:select path="identity" class="selectpicker select2 form-control">
@@ -183,7 +184,12 @@
 						<span class="help-inline"><font><spring:message code="manager_info"/></font></span>
 					</div>
 						
-		</div> --%>
+				</div>
+			</c:when>
+			<c:otherwise>
+				<input type="hidden" name="identity" value="0"/>
+			</c:otherwise>
+		</c:choose>
 		<input type="hidden" name="email" value="0"/>
 		<%-- <div class="form-group">
 			<label class="col-md-3 control-label"><spring:message code="mail"/>:</label>
@@ -201,10 +207,12 @@
 				<div class="mt-checkbox-inline">
 			
 					 <c:forEach items="${allRoles}" var="role">
+					 	<c:if test="${fns:getUser().identity eq 1 or (fns:getUser().identity eq 0 and role.roleType eq 'user' )}">
 						 	 <label class="mt-checkbox">
 						 	 	<form:checkbox path="roleIdList" value="${role.id }" class="required" /> ${role.name }
 							 	<span></span>
 						 	 </label>
+					 	 </c:if>
 					 </c:forEach>
 					
 					 <span class="help-inline "><font color="red">*</font> </span>
@@ -229,7 +237,9 @@
 		<div class="row">
 		<div class="col-md-offset-3 col-md-9">
 			<shiro:hasPermission name="sys:user:edit"></shiro:hasPermission>
+			<c:if test="${fns:getUser().id ne user.id }">
 			<button type="submit" class="btn blue"><spring:message code="submit"></spring:message></button>
+			</c:if>
 			<button type="button" class="btn blue btn-outline" onclick="history.go(-1)"><spring:message code="cancel"></spring:message></button>
 		</div>
 		</div>
--- a/src/main/webapp/WEB-INF/views/sys/userList.jsp
+++ b/src/main/webapp/WEB-INF/views/sys/userList.jsp
@@ -119,11 +119,14 @@
 			class="table table-striped table-bordered table-condensed">
 			<thead>
 				<tr>
-					<%-- <th><spring:message code="company" /></th>
-					<th><spring:message code="group" /></th> --%>
+					
+					<%--<th><spring:message code="group" /></th> --%>
 					<th class="sort-column login_id"><spring:message code="login_name" /></th>
 					<th class="sort-column name"><spring:message code="name" /></th>
-					<%-- <th><spring:message code="identify_mark" /></th> --%>
+					 <th><spring:message code="organizer" /></th>
+					<c:if test="${fns:getUser().identity eq 1}">
+						<th><spring:message code="identify_mark" /></th>
+					</c:if>
 					<%-- <th><spring:message code="mail" /></th> --%>
 					<th><spring:message code="create_time" /></th>
 					<%--<th>角色</th> --%>
@@ -135,14 +138,26 @@
 			<tbody>
 				<c:forEach items="${page.list}" var="user">
 					<tr>
+						
 						<td><a href="${ctx}/sys/user/form?id=${user.id}">${user.loginId}</a></td>
 						<td>${user.name}</td>
+						<td>${user.company.name }</td>
+						<c:if test="${fns:getUser().identity eq 1}">
+							<td>
+								<c:if test="${user.identity eq 0 }"><spring:message code="ordinary_man"/></c:if>
+								<c:if test="${user.identity eq 1 }"><spring:message code="manager"/></c:if>
+							</td>
+						</c:if>
 						<td><fmt:formatDate value="${user.createTime}"
 								pattern="yyyy-MM-dd HH:mm:ss" /></td>
 						<shiro:hasPermission name="sys:user:edit"></shiro:hasPermission>
-						<td><a href="${ctx}/sys/user/form?id=${user.id}"><spring:message code="edit" /></a> <a
+						<td>
+							<c:if test="${fns:getUser().identity eq 1 or (fns:getUser().identity eq 0 and user.identity eq 0)}">
+								<a href="${ctx}/sys/user/form?id=${user.id}"><spring:message code="edit" /></a> <a
 								href="${ctx}/sys/user/delete?id=${user.id}"
-							onclick="return confirmx('<spring:message code="sure_delete"/>', this.href)"><spring:message code="delete" /></a></td>
+								onclick="return confirmx('<spring:message code="sure_delete"/>', this.href)"><spring:message code="delete" /></a>
+							</c:if>
+						</td>
 					</tr>
 				</c:forEach>
 			</tbody>