知启蒙开源平台

Zhiqim Manager（知启蒙管理台）是知启蒙框架中最核心的基础组件，大部分后台组件和产品都依赖该组件。因为管理台提供了核心的系统配置、菜单、操作员、部门、角色等权限功能，以及6种皮肤样式可供选择

森中灵最后提交于4月前修复切换frame模式时未情况includeUrl

ZmrManageMutexRule.java2KB

/*
 * 版权所有 (C) 2015 知启蒙(ZHIQIM) 保留所有权利。[遇见知启蒙，邂逅框架梦]
 * 
 * https://zhiqim.org/project/zhiqim_components/zhiqim_manager.htm
 *
 * Zhiqim Manager is licensed under Mulan PSL v2.
 * You can use this software according to the terms and conditions of the Mulan PSL v2.
 * You may obtain a copy of Mulan PSL v2 at:
 *          http://license.coscl.org.cn/MulanPSL2
 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
 * See the Mulan PSL v2 for more details.
 */
package org.zhiqim.manager.rule;

import org.zhiqim.httpd.HttpRequest;
import org.zhiqim.httpd.context.rule.CheckObjectRule;
import org.zhiqim.kernel.annotation.AnAlias;
import org.zhiqim.kernel.annotation.AnGlobal;
import org.zhiqim.manager.ZmrConstants;
import org.zhiqim.manager.ZmrSessionUser;
import org.zhiqim.manager.dbo.ZmrDept;
import org.zhiqim.manager.dbo.ZmrOperator;
import org.zhiqim.manager.dbo.ZmrRole;
import org.zhiqim.orm.ORM;

/**
 * 页面验证是否有管理权限，部门和角色之间互斥，返回boolean =true表示有，=false表示没有
 *
 * @version v1.0.0 @author zouzhigang 2015-5-28 新建与整理
 */
@AnAlias("ZmrManageMutexRule")
@AnGlobal
public class ZmrManageMutexRule implements CheckObjectRule, ZmrConstants
{
    public boolean check(HttpRequest request, Object obj) throws Exception
    {
        ZmrSessionUser sessionUser = request.getSessionUser(ZmrSessionUser.class);
        if (sessionUser == null)
        {// 用户未登录或超时
            return false;
        }

        if (sessionUser.isSuperAdmin())
        {//1.超级管理员有所有权限
            return true;
        }
        
        if (!(obj instanceof ZmrOperator))
        {//不是操作员对象的返回false
            return false;
        }
        
        ZmrOperator operator = (ZmrOperator)obj;
        if (sessionUser.isAdmin())
        {//2.管理员类型，管理员之间互斥
            if (operator.getOperatorType() > 1)
                return true;
            else
                return false;
        }
        
        //3.管理权限
        if (operator.getOperatorType() <= 1)
        {//管理权限互斥管理员和超级管理员
            return false;
        }
        
        ZmrDept dept = ORM.table().item(ZmrDept.class, _ID_13_);
        ZmrRole role = ORM.table().item(ZmrRole.class, _ID_13_);
        if (ZmrManageRule.hasManageRule(sessionUser.getOperator(), dept, role))
        {//管理权限和管理权限互斥
            if (!ZmrManageRule.hasManageRule(operator, dept, role))
                return true;
        }
        
        return false;
    }
}