CheckHasAdvancedPremission.jsp
2.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
<%@ page language="java" contentType="text/html; charset=UTF-8" %>
<jsp:useBean id="rs" class="weaver.conn.RecordSet" scope="page" />
<%@ page import="weaver.general.*,org.json.*" %>
<%@ page import="weaver.docs.category.security.*"%>
<%@ page import="weaver.hrm.*" %>
<%
response.setHeader("cache-control", "no-cache");
response.setHeader("pragma", "no-cache");
response.setHeader("expires", "Mon 1 Jan 1990 00:00:00 GMT");
//request.setCharacterEncoding("utf-8");
User user = HrmUserVarify.getUser (request , response) ;
if(user == null) return ;
int operationcode = MultiAclManager.OPERATION_CREATEDOC;
int categorytype = MultiAclManager.CATEGORYTYPE_SEC;
String secgoryid= Util.getIntValues(request.getParameter("secgoryid"));
String secnmae= Util.getIntValues(request.getParameter("secnmae"));
boolean hasAdvancedPremission = false;
String checkSql = "select count(1) from DirAccessControlList where ((permissiontype!=4 and usertype!=0 ) and permissiontype!=5) and dirid="
+ secgoryid + " and dirtype=" + categorytype + " and operationcode=" + operationcode + " group by dirid";
rs.executeSql(checkSql);
if (rs.next()) {
if (rs.getInt(1) > 0) {
if (!hasAdvancedPremission) {
hasAdvancedPremission = true;
}
}
}
checkSql = "select count(1) from DocSecCategoryShare where seccategoryid=" +
secgoryid + " and ((operategroup!=3 or sharetype not in (1,5)) and (operategroup!=1 or sharetype not in (1,2))) group by seccategoryid";
rs.executeSql(checkSql);
if (rs.next()) {
if (rs.getInt(1) > 0) {
if (!hasAdvancedPremission) {
hasAdvancedPremission = true;
}
}
}
JSONObject obj = new JSONObject();
obj.put("id",secgoryid);
obj.put("secnmae",secnmae);
obj.put("hasAdvancedPremission",hasAdvancedPremission);
out.println(obj.toString());
%>