Zhiqim Admin(简版的管理台)是从知启蒙管理台分离出来,保留系统参数表、系统菜单表、操作员、操作日志,去除组织、部门、角色等复杂权限功能,仅保留操作员独立权限功能。系统设计时保留ZmrSessionUser和ZmrOperator类,方便以后升级到知启蒙管理台。
ZmrProfilePresenter.java8KB
/*
* 版权所有 (C) 2015 知启蒙(ZHIQIM) 保留所有权利。[遇见知启蒙,邂逅框架梦]
*
* https://zhiqim.org/project/zhiqim_components/zhiqim_admin.htm
*
* Zhiqim Admin is licensed under Mulan PSL v2.
* You can use this software according to the terms and conditions of the Mulan PSL v2.
* You may obtain a copy of Mulan PSL v2 at:
* http://license.coscl.org.cn/MulanPSL2
* THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
* EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
* MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
* See the Mulan PSL v2 for more details.
*/
package org.zhiqim.manager.presenter;
import java.util.List;
import org.zhiqim.httpd.HttpRequest;
import org.zhiqim.httpd.context.ZmlContexts;
import org.zhiqim.httpd.context.annotation.AnIntercept;
import org.zhiqim.httpd.validate.ones.IsByteLen;
import org.zhiqim.httpd.validate.onex.IsAccountPass;
import org.zhiqim.httpd.validate.two.IsEqual;
import org.zhiqim.kernel.annotation.AnAlias;
import org.zhiqim.kernel.constants.CodeConstants;
import org.zhiqim.kernel.json.Jsons;
import org.zhiqim.kernel.util.Randoms;
import org.zhiqim.kernel.util.Sqls;
import org.zhiqim.kernel.util.Validates;
import org.zhiqim.manager.ZmrBootstrap;
import org.zhiqim.manager.ZmrPassworder;
import org.zhiqim.manager.ZmrSessionUser;
import org.zhiqim.manager.dao.ZmrOperatorDao;
import org.zhiqim.manager.dbo.ZmrAvatar;
import org.zhiqim.manager.dbo.ZmrOperator;
import org.zhiqim.orm.ORM;
import org.zhiqim.orm.dbo.Selector;
import org.zhiqim.orm.dbo.Updater;
/**
* 管理台个人中心控制器
*
* @version v1.0.0 @author zouzhigang 2017-6-5 新建与整理
*/
@AnAlias("ZmrProfilePresenter")
@AnIntercept("chkZmrLogin")
public class ZmrProfilePresenter implements CodeConstants
{
/**修改密码*/
public static void doUpdatePassword(HttpRequest request) throws Exception
{
request.addValidate(new IsByteLen("oldPassword", "密码为6-16位,请输入正确的旧密码", 6, 16));
request.addValidate(new IsAccountPass("newPassword", "新密码不合法,要求6-16位(大小写字母数字和特殊字符必须四选三)"));
request.addValidate(new IsAccountPass("newPassword2", "新密码确认不合法,要求6-16位(大小写字母数字和特殊字符必须四选三)"));
request.addValidate(new IsEqual("newPassword", "newPassword2", "新密码和新密码确认不一致"));
if (!request.chkValidate())
{
request.setResponseError(request.getAlertMsg());
return;
}
String oldPassword = request.getParameter("oldPassword");
String newPassword = request.getParameter("newPassword");
ZmrSessionUser sessionUser = request.getSessionUser(ZmrSessionUser.class);
String operatorCode = sessionUser.getOperatorCode();
ZmrPassworder passworder = ZmrBootstrap.getPassworder();
String oldPassEncode = passworder.encode(operatorCode, oldPassword, sessionUser.getOperatorPassSalt());
ZmrOperator operator = ORM.table().item(ZmrOperator.class, operatorCode);
if(operator == null || !oldPassEncode.equals(operator.getOperatorPass()))
{
request.setResponseError("旧密码不正确");
return;
}
String newPassSalt = Randoms.lettersDigitsSecure(64);
newPassword = passworder.encode(operatorCode, newPassword, newPassSalt);
Updater updater = new Updater();
updater.addMaybe("operatorCode", operatorCode);
updater.addField("operatorPass", newPassword);
updater.addField("operatorPassSalt", newPassSalt);
updater.addField("operatorModified", Sqls.nowTimestamp());
ORM.table().update(ZmrOperator.class, updater);
sessionUser.setOperator(ORM.table().item(ZmrOperator.class, sessionUser.getOperatorCode()));
//增加操作日志
ZmrOperatorDao.addOperateLog(request, "操作员修改密码", Jsons.toString("operatorCode", operatorCode));
}
/** 修改手机号 */
public static void doUpdateMobile(HttpRequest request, String mobile) throws Exception
{
if(!Validates.isMobile11(mobile, false))
{
request.setResponseError("请输入正确的手机号");
return;
}
ZmrSessionUser sessionUser = request.getSessionUser(ZmrSessionUser.class);
Updater updater = new Updater();
updater.addMust("operatorCode", sessionUser.getOperatorCode());
updater.addField("operatorMobile", mobile);
ORM.table().update(ZmrOperator.class, updater);
sessionUser.setOperator(ORM.table().item(ZmrOperator.class, sessionUser.getOperatorCode()));
//增加操作日志
ZmrOperatorDao.addOperateLog(request, "操作员修改手机号", Jsons.toString("operatorCode", sessionUser.getOperatorCode(), "mobile", mobile));
}
/** 修改电子邮箱 */
public static void doUpdateEmail(HttpRequest request, String email) throws Exception
{
if(!Validates.isEmail(email, false))
{
request.setResponseError("请输入正确的邮箱");
return;
}
ZmrSessionUser sessionUser = request.getSessionUser(ZmrSessionUser.class);
Updater updater = new Updater();
updater.addMust("operatorCode", sessionUser.getOperatorCode());
updater.addField("operatorEmail", email);
ORM.table().update(ZmrOperator.class, updater);
sessionUser.setOperator(ORM.table().item(ZmrOperator.class, sessionUser.getOperatorCode()));
//增加操作日志
ZmrOperatorDao.addOperateLog(request, "操作员修改邮箱", Jsons.toString("operatorCode", sessionUser.getOperatorCode(), "email", email));
}
/** 查询系统头像 */
public static String doQuerySysAvatar(HttpRequest request) throws Exception
{
List<ZmrAvatar> list = ORM.table().list(ZmrAvatar.class, new Selector("avatarType", 0).addOrderbyAsc("avatarId"));
return ZmlContexts.parseZmlPath(request, "/zview/zhiqim_manager/presenter/selSysAvatarInfo.zml", "list", list);
}
/** 修改为系统头像 */
public static void doUpdateSysAvatar(HttpRequest request, long avatarId) throws Exception
{
if(ORM.table().count(ZmrAvatar.class, avatarId) == 0)
{
request.setResponseError("选择的头像不存在,请重新选择");
return;
}
ZmrSessionUser sessionUser = request.getSessionUser(ZmrSessionUser.class);
Updater updater = new Updater();
updater.addMust("operatorCode", sessionUser.getOperatorCode());
updater.addField("operatorAvatar", avatarId);
ORM.table().update(ZmrOperator.class, updater);
sessionUser.setOperator(ORM.table().item(ZmrOperator.class, sessionUser.getOperatorCode()));
//增加操作日志
ZmrOperatorDao.addOperateLog(request, "操作员修改头像", Jsons.toString("operatorCode", sessionUser.getOperatorCode(), "avatarId", avatarId));
}
/** 关闭超级管理员权限 */
public static void doCloseSuperAdmin(HttpRequest request) throws Exception
{
ZmrSessionUser sessionUser = request.getSessionUser(ZmrSessionUser.class);
if (!sessionUser.isSuperAdmin())
{
request.setResponseError("你没有关闭超级管理员权限");
return;
}
if (ORM.table().count(ZmrOperator.class, new Selector("operatorType", 1)) == 0)
{
request.setResponseError("还没有设置管理员,不能关闭超级管理员");
return;
}
Updater updater = new Updater();
updater.addField("operatorValid", false);
updater.addMust("operatorType", 0);
ORM.table().update(ZmrOperator.class, updater);
}
}