基于SSM+apache shiro+layui的网站后台管理系统脚手架项目的代码详情-代码-最代码

首页>代码>基于SSM+apache shiro+layui的网站后台管理系统脚手架项目>/src/com/irs/controller/AdminController.java
001package com.irs.controller;
002 
003import java.awt.image.BufferedImage;
004import java.util.List;
005 
006import javax.imageio.ImageIO;
007import javax.servlet.http.HttpServletRequest;
008import javax.servlet.http.HttpServletResponse;
009 
010import org.apache.commons.lang.StringUtils;
011import org.apache.shiro.SecurityUtils;
012import org.apache.shiro.authc.AuthenticationException;
013import org.apache.shiro.authc.IncorrectCredentialsException;
014import org.apache.shiro.authc.LockedAccountException;
015import org.apache.shiro.authc.UnknownAccountException;
016import org.apache.shiro.authc.UsernamePasswordToken;
017import org.apache.shiro.authz.annotation.RequiresPermissions;
018import org.apache.shiro.subject.Subject;
019import org.springframework.beans.factory.annotation.Autowired;
020import org.springframework.http.MediaType;
021import org.springframework.stereotype.Controller;
022import org.springframework.ui.Model;
023import org.springframework.web.bind.annotation.PathVariable;
024import org.springframework.web.bind.annotation.RequestMapping;
025import org.springframework.web.bind.annotation.RequestParam;
026import org.springframework.web.bind.annotation.ResponseBody;
027 
028import com.google.code.kaptcha.Producer;
029import com.irs.annotation.SysLog;
030import com.irs.pojo.Menu;
031import com.irs.pojo.TbAdmin;
032import com.irs.pojo.TbMenus;
033import com.irs.pojo.TbRoles;
034import com.irs.pojo.XtreeData;
035import com.irs.service.AdminService;
036import com.irs.util.RRException;
037import com.irs.util.ResultUtil;
038import com.irs.util.ShiroUtils;
039import com.irs.util.VerifyCode;
040 
041@Controller
042@RequestMapping("sys")
043public class AdminController {
044    @Autowired
045    private AdminService adminServiceImpl;
046    @Autowired 
047    private Producer captchaProducer = null;
048     
049    @RequestMapping("/main")
050    public String main() {
051        return "page/main";
052    }
053    @RequestMapping("/index")
054    public String index(HttpServletRequest req) {
055        TbAdmin admin = (TbAdmin)SecurityUtils.getSubject().getPrincipal();
056        req.setAttribute("admin", admin);
057        return "redirect:/index.jsp";
058    }
059    @RequestMapping("/refuse")
060    public String refuse() {
061        return "refuse";
062    }
063 
064    /**
065     * 管理员登陆
066     * 
067     * @param req
068     * @param username
069     * @param password
070     * @param vcode
071     * @return
072     */
073    @RequestMapping("/login")
074    @ResponseBody
075    public ResultUtil login(HttpServletRequest req, String username, String password, String vcode) {
076        if(StringUtils.isEmpty(vcode)||StringUtils.isEmpty(username)||StringUtils.isEmpty(password)){
077            throw new RRException("参数不能为空");
078        }
079        String kaptcha = ShiroUtils.getKaptcha("kaptcha").toLowerCase();
080        if(!vcode.toLowerCase().equals(kaptcha)){
081            return ResultUtil.error("验证码不正确");
082        }
083         
084        try{
085            Subject subject = ShiroUtils.getSubject();
086            //md5加密
087            //password=DigestUtils.md5DigestAsHex(password.getBytes());
088            UsernamePasswordToken token = new UsernamePasswordToken(username, password);
089            subject.login(token);
090        }catch (UnknownAccountException e) {
091            return ResultUtil.error(e.getMessage());
092        }catch (IncorrectCredentialsException e) {
093            return ResultUtil.error(e.getMessage());
094        }catch (LockedAccountException e) {
095            return ResultUtil.error(e.getMessage());
096        }catch (AuthenticationException e) {
097            return ResultUtil.error("账户验证失败");
098        }
099        return ResultUtil.ok();
100        /*String vCode = req.getSession().getAttribute("vcode").toString().toLowerCase();
101        if (vcode.toLowerCase().equals(vCode)) {
102            TbAdmin admin = adminServiceImpl.login(username, password);
103            if (admin != null) {
104                // 登陆成功
105                // 将密码置空
106                admin.setPassword("");
107                // 设置用户信息到Session作用域
108                req.getSession().setAttribute("admin", admin);
109                return new ResultUtil(0);
110            }
111            return new ResultUtil(502, "用户名或密码错误！");
112        }
113        return new ResultUtil(501, "验证码错误！");*/
114    }
115 
116    /**
117     * 登出
118     * @param req
119     * @return
120     */
121    @RequestMapping(value="/loginOut")
122    public String loginOut(){
123        ShiroUtils.logout();
124        return "redirect:/login.jsp";
125    }
126     
127    /**
128     * 验证码
129     * 
130     * @param req
131     * @param resp
132     * @throws Exception
133     */
134    @RequestMapping("/vcode")
135    public void vcode(HttpServletRequest req, HttpServletResponse resp) throws Exception {
136//      VerifyCode vc = new VerifyCode();
137//      BufferedImage image = vc.getImage();// 获取一次性验证码图片
138        String text = captchaProducer.createText();
139        BufferedImage image = captchaProducer.createImage(text);
140        // 该方法必须在getImage()方法之后来调用
141        // System.out.println("验证码图片上的文本:"+vc.getText());//获取图片上的文本
142        // 把文本保存到session中，为验证做准备
143        //req.getSession().setAttribute("vcode", vc.getText());
144        //保存到shiro session
145        ShiroUtils.setSessionAttribute("kaptcha", text);
146        //VerifyCode.output(image, resp.getOutputStream());// 把图片写到指定流中
147        ImageIO.write(image, "JPEG", resp.getOutputStream());
148    }
149 
150    /**
151     * 获取用户菜单
152     * @param req
153     * @param resp
154     * @return
155     */
156    @RequestMapping(value = "/getMenus", produces = MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8")
157    @ResponseBody
158    public List<Menu> getMenus(HttpServletRequest req, HttpServletResponse resp) {
159    //TbAdmin admin = (TbAdmin) req.getSession().getAttribute("admin");
160        TbAdmin admin = (TbAdmin)SecurityUtils.getSubject().getPrincipal();
161        List<Menu> menus = null;
162        if (admin != null) {
163            // 得到用户菜单
164            menus = adminServiceImpl.selMenus(admin);
165        }
166        return menus;
167    }
168     
169    @RequestMapping("/adminList")
170    public String adminList() {
171        return "page/admin/adminList";
172    }
173     
174    @RequestMapping("/menuList")
175    public String menuList() {
176        return "page/admin/menuList";
177    }
178     
179    @RequestMapping("/personalData")
180    public String personalData(HttpServletRequest req) {
181//      TbAdmin admin=(TbAdmin) req.getSession().getAttribute("admin");
182        TbAdmin admin = (TbAdmin)SecurityUtils.getSubject().getPrincipal();
183        TbAdmin ad = adminServiceImpl.selAdminById(admin.getId());
184        List<TbRoles> roles = adminServiceImpl.selRoles();
185        req.setAttribute("ad",ad);
186        req.setAttribute("roles", roles);
187        return "page/admin/personalData";
188    }
189     
190    /**
191     * 管理员列表
192     * @param page
193     * @param limit
194     * @return
195     */
196    @RequestMapping("/getAdminList")
197    @RequiresPermissions("sys:admin:list")
198    @ResponseBody
199    public ResultUtil getAdminList(Integer page,Integer limit) {
200        ResultUtil admins = adminServiceImpl.selAdmins(page, limit);
201        return admins;
202    }
203     
204    @RequestMapping("/roleList")
205    @RequiresPermissions("sys:role:list")
206    public String roleList() {
207        return "page/admin/roleList";
208    }
209 
210    /**
211     * 管理员列表
212     * @param req
213     * @param resp
214     * @return
215     */
216    @RequestMapping("/getRoleList")
217    @RequiresPermissions("sys:role:list")
218    @ResponseBody
219    public ResultUtil getRoleList(Integer page,Integer limit) {
220        return adminServiceImpl.selRoles(page, limit);
221    }
222 
223    /**
224     * 跳转编辑角色页面
225     * @param roleId
226     * @param roleName
227     * @param roleRemark
228     * @param req
229     * @return
230     */
231    @RequestMapping("/editRole")
232    @RequiresPermissions("sys:role:update")
233    public String editRole(String roleId,String roleName,String roleRemark,HttpServletRequest req) {
234        TbRoles role=new TbRoles();
235        role.setRoleId(Long.parseLong(roleId));
236        role.setRoleName(roleName);
237        role.setRoleRemark(roleRemark);
238        req.setAttribute("role", role);
239        return "page/admin/editRole";
240    }
241     
242    /**
243     * 得到指定角色权限树
244     * @param roleId
245     * @param roleName
246     * @return
247     */
248    @RequestMapping("/xtreedata")
249    @ResponseBody
250    public List<XtreeData> xtreeData(@RequestParam(value="roleId", defaultValue="-1") Long roleId) {
251        TbAdmin admin=new TbAdmin();
252        admin.setRoleId(roleId);
253        return adminServiceImpl.selXtreeData1(admin);
254    }
255     
256    /**
257     * 更新角色信息
258     * @param roles 角色信息
259     * @param m 权限字符串
260     */
261    @SysLog(value="更新角色信息")
262    @RequestMapping("/updRole")
263    @RequiresPermissions("sys:role:update")
264    @ResponseBody
265    public void updRole(TbRoles role,String m) {
266        //角色信息保存
267        adminServiceImpl.updRole(role, m);
268    }
269     
270    /**
271     * 添加新角色
272     * @param role
273     * @param m
274     */
275    @SysLog(value="添加角色信息")
276    @RequestMapping("/insRole")
277    @RequiresPermissions("sys:role:save")
278    @ResponseBody
279    public ResultUtil insRole(TbRoles role,String m) {
280        TbRoles r = adminServiceImpl.selRoleByRoleName(role.getRoleName());
281        if(r!=null){
282            return new ResultUtil(500, "角色名已存在,请重试！");
283        }
284        //角色信息保存
285        adminServiceImpl.insRole(role, m);
286        return ResultUtil.ok();
287    }
288     
289    /**
290     * 删除指定角色信息
291     * @param roleId
292     * @return
293     */
294    @SysLog(value="删除指定角色信息")
295    @RequestMapping("/delRole/{roleId}")
296    @RequiresPermissions("sys:role:delete")
297    @ResponseBody
298    public ResultUtil delRole(@PathVariable("roleId")Long roleId) {
299        ResultUtil resultUtil=new ResultUtil();
300        try {
301            adminServiceImpl.delRole(roleId);
302            resultUtil.setCode(0);
303        } catch (Exception e) {
304            resultUtil.setCode(500);
305            e.printStackTrace();
306        }
307        return resultUtil;
308    }
309     
310    /**
311     * 批量删除指定角色信息
312     * @param rolesId
313     * @return
314     */
315    @SysLog(value="批量删除指定角色信息")
316    @RequestMapping("/delRoles/{rolesId}")
317    @RequiresPermissions("sys:role:delete")
318    @ResponseBody
319    public ResultUtil delRoles(@PathVariable("rolesId")String rolesId) {
320        ResultUtil resultUtil=new ResultUtil();
321        try {
322            adminServiceImpl.delRoles(rolesId);
323            resultUtil.setCode(0);
324        } catch (Exception e) {
325            resultUtil.setCode(500);
326            e.printStackTrace();
327        }
328        return resultUtil;
329    }
330     
331    @RequestMapping("/addRole")
332    @RequiresPermissions("sys:role:save")
333    public String addRole() {
334        return "page/admin/addRole";
335    }
336     
337    /**
338     * 角色名唯一性检查
339     * @param roleName
340     * @return
341     */
342    @RequestMapping("/checkRoleName/{roleName}")
343    @ResponseBody
344    public ResultUtil checkRoleName(Long roleId, @PathVariable("roleName")String roleName) {
345        TbRoles role = adminServiceImpl.selRoleByRoleName(roleName);
346        if(role==null){
347            return new ResultUtil(0);
348        }else if(role.getRoleId()==roleId){
349            return new ResultUtil(0);
350        }else{
351            return new ResultUtil(500,"角色名已存在！");
352        }
353    }
354     
355    /**
356     * 通过id删除管理员
357     * @param id
358     * @return
359     */
360    @SysLog(value="删除指定管理员")
361    @RequestMapping("/delAdminById/{id}")
362    @RequiresPermissions("sys:admin:delete")
363    @ResponseBody
364    public ResultUtil delAdminById(@PathVariable("id")Long id) {
365        if(id==1){
366            return ResultUtil.error();
367        }
368        try {
369            adminServiceImpl.delAdminById(id);
370            return ResultUtil.ok();
371        } catch (Exception e) {
372            e.printStackTrace();
373            return ResultUtil.error();
374        }
375    }
376     
377    /**
378     * 批量删除指定管理员
379     * @param id
380     * @return
381     */
382    @SysLog(value="批量删除指定管理员")
383    @RequestMapping("/delAdmins/{adminStr}")
384    @RequiresPermissions("sys:admin:delete")
385    @ResponseBody
386    public ResultUtil delAdmins(HttpServletRequest req,@PathVariable("adminStr")String adminStr) {
387        String[] strs = adminStr.split(",");
388        for (String str : strs) {
389            TbAdmin admin = (TbAdmin)SecurityUtils.getSubject().getPrincipal();
390            if((admin.getId()==Long.parseLong(str))){
391                return ResultUtil.error();
392            }
393            if("1".equals(str)){
394                return ResultUtil.error();
395            }
396        }
397        try {
398            adminServiceImpl.delAdmins(adminStr);
399            return ResultUtil.ok();
400        } catch (Exception e) {
401            e.printStackTrace();
402            return ResultUtil.error();
403        }
404    }
405     
406    @RequestMapping("/addAdmin")
407    @RequiresPermissions("sys:admin:save")
408    public String addAdmin(HttpServletRequest req){
409        List<TbRoles> roles = adminServiceImpl.selRoles();
410        req.setAttribute("roles", roles);
411        return "page/admin/addAdmin";
412    }
413     
414    /**
415     * 管理员用户名唯一性检查
416     * @param roleName
417     * @return
418     */
419    @RequestMapping("/checkAdminName/{username}")
420    @ResponseBody
421    public ResultUtil checkAdminName(@PathVariable("username")String username) {
422        TbAdmin admin = adminServiceImpl.selAdminByUserName(username);
423        if(admin!=null){
424            return new ResultUtil(500,"管理员已存在！");
425        }
426        return new ResultUtil(0);
427    }
428     
429    /**
430     * 菜单名唯一性校验
431     * @param title
432     * @return
433     */
434    @RequestMapping("/checkMenuTitle/{title}")
435    @ResponseBody
436    public ResultUtil checkMenuTitle(@PathVariable("title")String title) {
437        TbMenus menu = adminServiceImpl.selMenuByTitle(title);
438        if(menu!=null){
439            return new ResultUtil(500,"菜单已存在！");
440        }
441        return new ResultUtil(0);
442    }
443     
444    /**
445     * 增加管理員
446     * 日期类型会导致数据填充失败，请求没反应
447     * @param username
448     * @return
449     */
450    @SysLog(value="添加管理员")
451    @RequestMapping("/insAdmin")
452    @RequiresPermissions("sys:admin:save")
453    @ResponseBody
454    public ResultUtil insAdmin(TbAdmin admin) {
455        //防止浏览器提交
456        TbAdmin a = adminServiceImpl.selAdminByUserName(admin.getUsername());
457        if(a!=null){
458            return new ResultUtil(500, "用户名已存在,请重试！");
459        }
460        adminServiceImpl.insAdmin(admin);
461        return ResultUtil.ok();
462    }
463     
464    @RequestMapping("/editAdmin/{id}")
465    @RequiresPermissions("sys:admin:update")
466    public String editAdmin(HttpServletRequest req,@PathVariable("id")Long id) {
467        TbAdmin ad = adminServiceImpl.selAdminById(id);
468        List<TbRoles> roles = adminServiceImpl.selRoles();
469        req.setAttribute("ad",ad);
470        req.setAttribute("roles", roles);
471        return "page/admin/editAdmin";
472    }
473     
474    @RequestMapping("/checkAdminByEmail")
475    @ResponseBody
476    public ResultUtil checkAdminByEmail(String eMail,String username) {
477        TbAdmin admin=adminServiceImpl.selAdminByEmail(eMail,username);
478        if(admin!=null){
479            return new ResultUtil(500,"邮箱已被占用！");
480        }
481        return new ResultUtil(0);
482    }
483     
484    /**
485     * 更新管理员信息
486     * @param admin
487     */
488    @SysLog(value="更新管理员信息")
489    @RequestMapping("/updAdmin")
490    @RequiresPermissions("sys:admin:update")
491    @ResponseBody
492    public ResultUtil updAdmin(TbAdmin admin) {
493        if(admin!=null&&admin.getId()==1){
494            return ResultUtil.error("不允许修改!");
495        }
496        try {
497            adminServiceImpl.updAdmin(admin);
498            return ResultUtil.ok();
499        } catch (Exception e) {
500            e.printStackTrace();
501            return ResultUtil.error();
502        }
503    }
504     
505    @RequestMapping("/changePwd")
506    public String changePwd() {
507        return "page/admin/changePwd";
508    }
509     
510    /**
511     * 修改密码
512     * @param req
513     * @param oldPwd
514     * @param newPwd
515     * @return
516     */
517    @SysLog(value="修改密码")
518    @RequestMapping("/updPwd")
519    @ResponseBody
520    public ResultUtil updPwd(HttpServletRequest req,String oldPwd,String newPwd) {
521        TbAdmin user = (TbAdmin)SecurityUtils.getSubject().getPrincipal();
522        if(user!=null){
523            //测试账号不支持修改密码
524            if("test".equals(user.getUsername())){
525                return ResultUtil.error();
526            }
527            TbAdmin admin = adminServiceImpl.login(user.getUsername(), oldPwd);
528            if(admin!=null){
529                admin.setPassword(newPwd);
530                adminServiceImpl.updAdmin1(admin);
531                //修改密码后移除作用域，重新登陆
532                SecurityUtils.getSubject().logout();
533                return ResultUtil.ok();
534            }else{
535                return new ResultUtil(501,"旧密码错误，请重新填写！");
536            }
537        }
538        return new ResultUtil(500,"请求错误！");
539    }
540     
541    @RequestMapping("/druid")
542    @RequiresPermissions("sys:druid:list")
543    public String druid(){
544        return "redirect:/druid/index.html";
545    }
546     
547    /**
548     * 获取菜单信息
549     * @param menu
550     * @return
551     */
552    @RequestMapping("/menuData")
553    @RequiresPermissions("sys:menu:list")
554    @ResponseBody
555    public ResultUtil menuData(){
556        List<TbMenus> list=adminServiceImpl.selMenusByParentId();
557        return ResultUtil.ok(list);
558    }
559     
560    @RequestMapping("/toSaveMenu/{menuId}")
561    @RequiresPermissions("sys:menu:save")
562    public String toSaveMenu(@PathVariable("menuId") Long menuId,Model model){
563        if(menuId!=null&&menuId!=1){
564            TbMenus menus=new TbMenus();
565            menus.setMenuId(menuId);
566            model.addAttribute("menu",menus);
567            model.addAttribute("flag","1");
568            return "page/admin/menuForm";
569        }else{
570            model.addAttribute("msg","不允许操作！");
571            return "page/active";
572        }
573    }
574    @RequestMapping("/toEditMenu/{menuId}")
575    @RequiresPermissions("sys:menu:update")
576    public String toEditMenu(@PathVariable("menuId") Long menuId,Model model){
577        if(menuId!=null&&menuId!=1){
578            TbMenus menus=adminServiceImpl.selMenuById(menuId);
579            model.addAttribute("menu",menus);
580            return "page/admin/menuForm";
581        }else if(menuId==1){
582            model.addAttribute("msg","不允许操作此菜单！");
583            return "page/active";
584        }else{
585            model.addAttribute("msg","不允许操作！");
586            return "page/active";
587        }
588    }
589     
590    @RequestMapping("/menuForm")
591    @RequiresPermissions(value={"sys:menu:save","sys:menu:update"})
592    @ResponseBody
593    public ResultUtil menuForm(TbMenus menus,String flag){
594        if(StringUtils.isBlank(flag)){
595            menus.setSpread("false");
596            adminServiceImpl.updMenu(menus);
597            return ResultUtil.ok("修改成功！");
598        }else if(menus.getMenuId()!=1){
599            menus.setParentId(menus.getMenuId());
600             
601            //规定只能3级菜单
602            TbMenus m=adminServiceImpl.selMenusById(menus.getMenuId());
603            if(m!=null&&m.getParentId()!=0){
604                TbMenus m1=adminServiceImpl.selMenusById(m.getParentId());
605                if(m1!=null&&m1.getParentId()!=0){
606                    return ResultUtil.error("此菜单不允许添加子菜单！");
607                }
608            }
609             
610            menus.setMenuId(null);
611            menus.setSpread("false");
612            adminServiceImpl.insMenu(menus);
613            return ResultUtil.ok("添加成功！");
614        }else{
615            return ResultUtil.error("此菜单不允许操作！");
616        }
617    }
618     
619    //delMenuById
620    @SysLog(value="删除菜单信息")
621    @RequestMapping("/delMenuById/{menuId}")
622    @RequiresPermissions("sys:menu:delete")
623    @ResponseBody
624    public ResultUtil delMenuById(@PathVariable("menuId")Long menuId) {
625        try {
626            if(menuId==1){
627                return ResultUtil.error("此菜单不允许删除！");
628            }
629            //查询是否有子菜单，不允许删除
630            List<TbMenus> data=adminServiceImpl.selMenusById1(menuId);
631            if(data!=null&&data.size()>0){
632                return ResultUtil.error("包含子菜单，不允许删除！");
633            }
634            adminServiceImpl.delMenuById(menuId);
635            return ResultUtil.ok("删除成功");
636        } catch (Exception e) {
637            e.printStackTrace();
638            return ResultUtil.error("系统错误！");
639        }
640    }
641}