MenuAuthorityAction.java

//$Id: AuthorityAction.java,v 1.6 2006/08/28 14:40:59 chaostone Exp $
/*
 *
 * Copyright c 2005-2009
 * Licensed under the Apache License, Version 2.0 (the "License")
 * http://www.apache.org/licenses/LICENSE-2.0
 * 
 */
/********************************************************************************
 * @author chaostone
 * 
 * MODIFICATION DESCRIPTION
 * 
 * Name                 Date                Description 
 * ============         ============        ============
 * chaostone            2005-10-09          Created
 * zq                   2007-09-18          修改或替换了下面所有的info()方法
 *  
 ********************************************************************************/

package org.beanfuse.webapp.security.action;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.beanfuse.lang.SeqStringUtil;
import org.beanfuse.query.Condition;
import org.beanfuse.query.EntityQuery;
import org.beanfuse.security.Authority;
import org.beanfuse.security.Group;
import org.beanfuse.security.Resource;
import org.beanfuse.security.User;
import org.beanfuse.security.menu.Menu;
import org.beanfuse.security.menu.MenuAuthority;
import org.beanfuse.security.menu.MenuProfile;
import org.beanfuse.security.menu.service.MenuAuthorityService;
import org.beanfuse.security.service.AuthorityDecisionService;
import org.beanfuse.security.service.GroupService;
import org.beanfuse.struts2.route.Action;

/**
 * 权限分配与管理响应类
 * 
 * @author chaostone 2005-10-9
 */
public class MenuAuthorityAction extends SecurityAction {

	private GroupService groupService;

	private MenuAuthorityService menuAuthorityService;

	private AuthorityDecisionService authorityDecisionService;

	/**
	 * 主页面
	 */
	public String index() {
		User manager = getUser();
		put("manager", manager);
		if (manager.isAdmin()) {
			put("allGroups", entityService.loadAll(Group.class));
		}
		return forward();
	}

	/**
	 * 根据菜单配置来分配权限
	 * 
	 * @author 鄂州蚊子
	 * @param mapping
	 * @param form
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 */
	public String editAuthority() {
		Group ao = groupService.get(getLong("group.id"));
		User user = getUser();

		List categories = new ArrayList();
		categories.add(((Group) ao).getCategory());

		EntityQuery query = new EntityQuery(MenuProfile.class, "menuProfile");
		query.add(new Condition("menuProfile.category in(:categories)", categories));
		List menuProfiles = (List) entityService.search(query);
		put("menuProfiles", menuProfiles);

		Long menuProfileId = getLong("menuProfileId");
		if (null == menuProfileId && !menuProfiles.isEmpty()) {
			menuProfileId = ((MenuProfile) (menuProfiles.get(0))).getId();
		}
		if (null != menuProfileId) {
			MenuProfile menuProfile = (MenuProfile) entityService.get(MenuProfile.class,
					menuProfileId);
			List menus = null;
			Collection resources = null;
			if (user.isAdmin()) {
				menus = menuProfile.getMenus();
				resources = this.entityService.loadAll(Resource.class);
			} else {
				menus = menuAuthorityService.getMenus(menuProfile, user);
				resources = authorityService.getResources(user);
			}
			put("resources", new HashSet(resources));
			put("menus", menus);

			Collection aoMenus = null;
			Set aoResources = new HashSet();
			Map aoResourceAuthorityMap = new HashMap();
			List authorities = null;
			aoMenus = menuAuthorityService.getMenus(menuProfile, (Group) ao);
			authorities = authorityService.getAuthorities(ao);
			for (Iterator iter = authorities.iterator(); iter.hasNext();) {
				Authority authority = (Authority) iter.next();
				aoResources.add(authority.getResource());
				aoResourceAuthorityMap.put(authority.getResource().getId().toString(), authority
						.getId());
			}
			put("aoMenus", new HashSet(aoMenus));
			put("aoResources", aoResources);
			put("aoResourceAuthorityMap", aoResourceAuthorityMap);
		}
		put("ao", ao);
		return forward();
	}

	/**
	 * 显示权限操作提示界面
	 * 
	 * @param mapping
	 * @param form
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 */
	public String prompt() {
		return forward();
	}

	/**
	 * 保存模块级权限
	 * 
	 * @param mapping
	 * @param form
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 */
	public String save() {
		Group mao = groupService.get(getLong("group.id"));
		MenuProfile menuProfile = (MenuProfile) entityService.get(MenuProfile.class,
				getLong("menuProfileId"));

		Set newMenus = new HashSet(entityService.load(Menu.class, "id", SeqStringUtil
				.transformToLong(get("menuId"))));

		Set newResources = new HashSet(entityService.load(Resource.class, "id", SeqStringUtil
				.transformToLong(get("resourceId"))));

		// 管理员拥有的菜单权限和系统资源
		User manager = getUser();
		Set mngMenus = null;
		Set mngResources = new HashSet();
		if (manager.isAdmin()) {
			mngMenus = new HashSet(menuProfile.getMenus());
		} else {
			mngMenus = new HashSet(menuAuthorityService.getMenus(menuProfile, (User) manager));
		}
		for (Iterator iter = mngMenus.iterator(); iter.hasNext();) {
			Menu m = (Menu) iter.next();
			mngResources.addAll(m.getResources());
		}

		// 确定要删除的菜单和系统资源
		Set removedMenus = new HashSet();
		for (Iterator iter = mao.getMenuAuthorities().iterator(); iter.hasNext();) {
			MenuAuthority ma = (MenuAuthority) iter.next();
			if (mngMenus.contains(ma.getMenu()) && ma.getMenu().getProfile().equals(menuProfile)) {
				if (!newMenus.contains(ma.getMenu())) {
					removedMenus.add(ma);
				} else {
					newMenus.remove(ma.getMenu());
				}
			}
		}

		Set removedResources = new HashSet();
		for (Iterator iter = mao.getAuthorities().iterator(); iter.hasNext();) {
			Authority au = (Authority) iter.next();
			if (mngResources.contains(au.getResource())) {
				if (!newResources.contains(au.getResource())) {
					removedResources.add(au);
				} else {
					newResources.remove(au.getResource());
				}
			}
		}

		// 删除菜单和系统资源
		mao.getMenuAuthorities().removeAll(removedMenus);
		mao.getAuthorities().removeAll(removedResources);

		// 添加新的菜单和系统资源
		for (Iterator iterator = newMenus.iterator(); iterator.hasNext();) {
			Menu menu = (Menu) iterator.next();
			MenuAuthority authority = null;
			authority = new org.beanfuse.security.menu.model.MenuAuthority(mao, menu);
			mao.getMenuAuthorities().add(authority);
		}

		for (Iterator iterator = newResources.iterator(); iterator.hasNext();) {
			Resource resource = (Resource) iterator.next();
			Authority authority = null;
			authority = new org.beanfuse.security.model.Authority(mao, resource);
			mao.getAuthorities().add(authority);
		}

		entityService.saveOrUpdate(mao);
		authorityDecisionService.registerGroupAuthorities(mao);

		return redirect(new Action(getClass(), "editAuthority", "&group.id=" + mao.getId()
				+ "&menuProfileId=" + menuProfile.getId()), "info.save.success");
	}

	public void setGroupService(GroupService groupService) {
		this.groupService = groupService;
	}

	public void setMenuAuthorityService(MenuAuthorityService menuAuthorityService) {
		this.menuAuthorityService = menuAuthorityService;
	}

	public AuthorityDecisionService getAuthorityDecisionService() {
		return authorityDecisionService;
	}

	public void setAuthorityDecisionService(AuthorityDecisionService authorityDecisionService) {
		this.authorityDecisionService = authorityDecisionService;
	}

}