package org.xmx0632.deliciousfruit.web.account;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.validation.Valid;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
import org.springside.modules.web.Servlets;
import org.xmx0632.deliciousfruit.entity.Role;
import org.xmx0632.deliciousfruit.entity.Admin;
import org.xmx0632.deliciousfruit.service.account.AdminService;
import com.google.common.collect.Maps;
@Controller
@RequestMapping(value = "/account/admin")
public class AdminController {
private static Map<String, String> allStatus = Maps.newHashMap();
static {
allStatus.put("enabled", "有效");
allStatus.put("disabled", "无效");
}
@Autowired
private AdminService adminService;
// 特别设定多个ReuireRoles之间为Or关系,而不是默认的And.
@RequiresRoles(value = { "Admin", "User" }, logical = Logical.OR)
@RequestMapping(value = "")
public String list(Model model, ServletRequest request) {
Map<String, Object> searchParams = Servlets.getParametersStartingWith(
request, "search_");
List<Admin> users = adminService.searchUser(searchParams);
model.addAttribute("users", users);
model.addAttribute("allStatus", allStatus);
return "account/adminList";
}
@RequiresRoles("Admin")
@RequestMapping(value = "update/{id}", method = RequestMethod.GET)
public String updateForm(@PathVariable("id") Long id, Model model) {
model.addAttribute("user", adminService.getUser(id));
model.addAttribute("allStatus", allStatus);
model.addAttribute("allRoles", adminService.getAllRole());
return "account/adminForm";
}
/**
* 演示自行绑定表单中的checkBox roleList到对象中.
*/
@RequiresPermissions("user:edit")
@RequestMapping(value = "update", method = RequestMethod.POST)
public String update(@Valid @ModelAttribute("user") Admin user,
@RequestParam(value = "roleList") List<Long> checkedRoleList,
RedirectAttributes redirectAttributes) {
// bind roleList
user.getRoleList().clear();
for (Long roleId : checkedRoleList) {
Role role = new Role(roleId);
user.getRoleList().add(role);
}
adminService.saveUser(user);
redirectAttributes.addFlashAttribute("message", "保存用户成功");
return "redirect:/account/admin";
}
@RequestMapping(value = "checkLoginName")
@ResponseBody
public String checkLoginName(
@RequestParam("oldLoginName") String oldLoginName,
@RequestParam("loginName") String loginName) {
if (loginName.equals(oldLoginName)) {
return "true";
} else if (adminService.findUserByLoginName(loginName) == null) {
return "true";
}
return "false";
}
/**
* 所有RequestMapping方法调用前的Model准备方法, 实现Struts2
* Preparable二次部分绑定的效果,先根据form的id从数据库查出User对象,再把Form提交的内容绑定到该对象上。
* 因为仅update()方法的form中有id属性,因此仅在update时实际执行.
*/
@ModelAttribute
public void getUser(@RequestParam(value = "id", required = false) Long id,
Model model) {
if (id != null) {
model.addAttribute("user", adminService.getUser(id));
}
}
/**
* 不自动绑定对象中的roleList属性,另行处理。
*/
@InitBinder
protected void initBinder(WebDataBinder binder) {
binder.setDisallowedFields("roleList");
}
}