Zhiqim Master(运营管理台)是在ZhiqimManager基础上改造成用于运营思路的管理系统,增加余额,和组织结构等,开放组织管理员,可以添加组织内的部门和角色和操作员。并增加该管理台上的一些组件,如充值支付等组件。适用于二级代理管理或该大型组织机构
ZmrManageMutexRule.java4KB
/*
* 版权所有 (C) 2015 知启蒙(ZHIQIM) 保留所有权利。[遇见知启蒙,邂逅框架梦]
*
* https://zhiqim.org/project/zhiqim_components/zhiqim_master.htm
*
* Zhiqim Master is licensed under Mulan PSL v2.
* You can use this software according to the terms and conditions of the Mulan PSL v2.
* You may obtain a copy of Mulan PSL v2 at:
* http://license.coscl.org.cn/MulanPSL2
* THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
* EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
* MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
* See the Mulan PSL v2 for more details.
*/
package org.zhiqim.manager.rule;
import org.zhiqim.httpd.HttpRequest;
import org.zhiqim.httpd.context.rule.CheckObjectRule;
import org.zhiqim.kernel.annotation.AnAlias;
import org.zhiqim.kernel.annotation.AnGlobal;
import org.zhiqim.manager.ZmrConstants;
import org.zhiqim.manager.ZmrSessionUser;
import org.zhiqim.manager.dbo.ZmrDept;
import org.zhiqim.manager.dbo.ZmrOperator;
import org.zhiqim.manager.dbo.ZmrRole;
import org.zhiqim.orm.ORM;
/**
* 页面验证是否有管理权限,部门和角色之间互斥,返回boolean =true表示有,=false表示没有
*
* @version v1.0.0 @author zouzhigang 2015-5-28 新建与整理
*/
@AnAlias("ZmrManageMutexRule")
@AnGlobal
public class ZmrManageMutexRule implements CheckObjectRule, ZmrConstants
{
public boolean check(HttpRequest request, Object obj) throws Exception
{
ZmrSessionUser sessionUser = request.getSessionUser(ZmrSessionUser.class);
if (sessionUser == null)
{// 用户未登录或超时
return false;
}
if (sessionUser.isSuperAdmin())
{//1.超级管理员有所有权限
return true;
}
if (!(obj instanceof ZmrOperator))
{//不是操作员对象的返回false
return false;
}
ZmrOperator operator = (ZmrOperator)obj;
if (sessionUser.isAdmin())
{//2.管理员类型,管理员之间互斥
return hasAdminMutexRule(sessionUser, operator);
}
//3.管理权限
ZmrDept dept = ORM.table().item(ZmrDept.class, sessionUser.getOperatorOrgId(), _ID_13_);
ZmrRole role = ORM.table().item(ZmrRole.class, sessionUser.getOperatorOrgId(), _ID_13_);
if (ZmrManageRule.hasManageRule(sessionUser.getOperator(), dept, role))
{//没有管理权限
return false;
}
//管理权限检查互斥
return hasManageMutexRule(sessionUser, operator);
}
/** 管理员互斥 */
private boolean hasAdminMutexRule(ZmrSessionUser sessionUser, ZmrOperator operator)
{
if (sessionUser.getOperatorOrgId() == _ID_13_)
{//根组织
if (operator.getOperatorType() > 1)
{//可管理所有操作员
return true;
}
if (operator.getOrgId() != _ID_13_)
{//可管理子组织管理员
return true;
}
//同为根组织的管理员互斥
return false;
}
else
{//非根组织
if (sessionUser.getOperatorOrgId() != operator.getOrgId())
{//不可管理别的组织
return false;
}
if (operator.getOperatorType() > 1)
{//可管理所有操作员
return true;
}
//同一组织的管理员互斥
return false;
}
}
/** 管理权限互斥 */
private boolean hasManageMutexRule(ZmrSessionUser sessionUser, ZmrOperator operator) throws Exception
{
if (sessionUser.getOperatorOrgId() == _ID_13_)
{//根组织
if (operator.getOrgId() != _ID_13_)
{//可管理子组织
return true;
}
ZmrDept dept = ORM.table().item(ZmrDept.class, operator.getOrgId(), _ID_13_);
ZmrRole role = ORM.table().item(ZmrRole.class, operator.getOrgId(), _ID_13_);
if (!ZmrManageRule.hasManageRule(operator, dept, role))
{//可管理根组织操作员
return true;
}
//根组织的管理权限互斥
return false;
}
else
{//非根组织
if (sessionUser.getOperatorOrgId() != operator.getOrgId())
{//不可管理别的组织
return false;
}
ZmrDept dept = ORM.table().item(ZmrDept.class, operator.getOrgId(), _ID_13_);
ZmrRole role = ORM.table().item(ZmrRole.class, operator.getOrgId(), _ID_13_);
if (!ZmrManageRule.hasManageRule(operator, dept, role))
{//可管理本组织操作员
return true;
}
//本组织的管理权限互斥
return false;
}
}
}