Merge remote-tracking branch 'origin/master' into master

sql/qzy/2022/2022.SQL

@@ -21,13 +21,13 @@ alter table tb_goods_release add COLUMN `roleName` varchar(100) DEFAULT NULL COM
 
 #last
 #工程维修相关配置
-alter table tb_repair_config add COLUMN `isCompleteDesc` int(11) DEFAULT '1' COMMENT '完成描述 1-选填 2-必填 3-不展示';
-alter table tb_repair_config add COLUMN `isCompletePhoto` int(11) DEFAULT '1' COMMENT '完成照片 1-选填 2-必填 3-不展示';
-alter table tb_repair_config add COLUMN `isDeliveryConfirm` int(11) DEFAULT '0' COMMENT '派单确认 0-关闭 1-开启';
+alter table tb_repair_config add COLUMN `is_complete_desc` int(11) DEFAULT '1' COMMENT '完成描述 1-选填 2-必填 3-不展示';
+alter table tb_repair_config add COLUMN `is_complete_photo` int(11) DEFAULT '1' COMMENT '完成照片 1-选填 2-必填 3-不展示';
+alter table tb_repair_config add COLUMN `is_delivery_confirm` int(11) DEFAULT '0' COMMENT '派单确认 0-关闭 1-开启';
 
 alter table tb_repair_bills add COLUMN `confirm_status` int(1) DEFAULT '1' COMMENT '确认状态 1-待确认 2-已确认';
-alter table tb_repair_bills add COLUMN `completeDesc` varchar(400) DEFAULT NULL COMMENT '完成描述';
-alter table tb_repair_bills add COLUMN `completePhotoUrl` varchar(2000) DEFAULT NULL COMMENT '完成照片';
+alter table tb_repair_bills add COLUMN `complete_desc` varchar(400) DEFAULT NULL COMMENT '完成描述';
+alter table tb_repair_bills add COLUMN `complete_photo_url` varchar(2000) DEFAULT NULL COMMENT '完成照片';
 
 
 alter table tb_repair_operate_records add COLUMN `is_confirm` int(1) DEFAULT '0' COMMENT '是否确认派单 0-待确定 1-确认';

src/main/java/com/palmnest/dao/dinner/impl/OrderDinnerDaoImpl.java

@@ -3,6 +3,7 @@ package com.palmnest.dao.dinner.impl;
 import java.util.List;
 import java.util.Map;
 
+import com.palmnest.application.Constants;
 import org.openxmlformats.schemas.drawingml.x2006.chart.STScatterStyle;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -196,7 +197,7 @@ public class OrderDinnerDaoImpl extends GenericDaoHibernate<OrderDinner, Long> i
 		if (StringUtils.isEmpty(orgId)) {
 			return null;
 		}
-		sql.append(" select vir.name companyName,sum(od.foodCount) sumCount,c.id,c.userName,dl.name dept,c.userMobile mobile ");
+		sql.append(" select vir.name companyName,sum(od.foodCount) sumCount,c.id,c.user_Name userName,dl.name dept,c.user_Mobile mobile ");
 		if (dateType == 1) {//年度
 			sql.append(" ,(select ifnull(sum(odi.foodCount),0) from tb_order_dinner tod  ");
 			sql.append(" 	left join tb_order_dinner_info odi on tod.id=odi.orderId  ");
@@ -232,11 +233,11 @@ public class OrderDinnerDaoImpl extends GenericDaoHibernate<OrderDinner, Long> i
 			sql.append(" 	and year(od.createTime)=" + year + "  and month(od.createTime)=" + time + "     and tod.isTempOrder=1) tempWorkFood ");
 		}
 		sql.append(" from tb_order_dinner_info od ");
-		sql.append(" inner join tb_user c on od.consId=c.id ");
-		sql.append(" left join tb_department dl on dl.id=c.departmentId ");
+		sql.append(" inner join " + Constants.DATABASE + "tb_user c on od.consId=c.id ");
+		sql.append(" left join " + Constants.DATABASE + "tb_department dl on dl.id=c.department_Id ");
 		sql.append(" left join tb_order_dinner o on o.id=od.orderId ");
-		sql.append(" left join tb_virtualarchitecture vir on vir.id=c.virtualArchId ");
-		sql.append(" where c.organizationId in (" + orgId + ") and o.isEnabled='1' and od.isEnabled='1' and (o.status='2' or o.status='3') ");
+		sql.append(" left join tb_virtualarchitecture vir on vir.id=c.virt_id ");
+		sql.append(" where c.org_id in (" + orgId + ") and o.isEnabled='1' and od.isEnabled='1' and (o.status='2' or o.status='3') ");
 		if (dateType == 1) {//年度
 			sql.append("  and year(od.createTime)=" + year + "   ");
 		} else if (dateType == 2) {//季度
@@ -463,9 +464,9 @@ public class OrderDinnerDaoImpl extends GenericDaoHibernate<OrderDinner, Long> i
 		sql.append("  select vir.name companyName,dl.name dept,sum(od.foodCount) sumCount,od.stapleFood,od.stapleFoodStr  ");
 		sql.append("  from tb_order_dinner_info od  ");
 		sql.append("  LEFT join tb_order_dinner o on o.id=od.orderId  ");
-		sql.append("  left join tb_user c on c.id=od.consId  ");
-		sql.append(" left join tb_department dl on dl.id=c.departmentId ");
-		sql.append(" left join tb_virtualarchitecture vir on vir.id=c.virtualArchId ");
+		sql.append("  left join " + Constants.DATABASE + "tb_user c on c.id=od.consId  ");
+		sql.append(" left join " + Constants.DATABASE + "tb_department dl on dl.id=c.department_Id ");
+		sql.append(" left join tb_virtualarchitecture vir on vir.id=c.virt_id ");
 //			sql.append("  left join tb_consumer c on c.id=od.creator  ");
 		sql.append("  where 1=1  ");
 		if (StringUtils.isNotEmpty(orgId)) {
@@ -479,7 +480,7 @@ public class OrderDinnerDaoImpl extends GenericDaoHibernate<OrderDinner, Long> i
 		} else if (dateType == 3) {//月
 			sql.append("  and year(od.createTime)=" + year + "  and month(od.createTime)=" + time + "   ");
 		}
-		sql.append("  group by c.virtualArchId,dl.id,od.stapleFood  ");
+		sql.append("  group by c.virt_id,dl.id,od.stapleFood  ");
 		return getJdbcTemplate().queryForList(sql.toString());
 	}
 

src/main/java/com/palmnest/service/dinner/service/impl/OrderDinnerServiceImpl.java

@@ -1416,7 +1416,7 @@ public class OrderDinnerServiceImpl implements OrderDinnerService {
 			//		String path=SERVER_ADDRESS+"/upload/OrderExcel.xlsx";
 			//		String path=this.getClass().getClassLoader().getResource("./upload/OrderExcel.xlsx").getPath();
 			//设置导出的excel路径
-			String path = setPath("upload/OrderExcel.xls");
+			String path = setPath("upload/OrderExcel"+orgId+".xls");
 			File   file = new File(new ExcelUtils().getPath(path));
 			System.out.println("path:" + path);
 			String sheetName = "";
@@ -1744,26 +1744,27 @@ public class OrderDinnerServiceImpl implements OrderDinnerService {
 			log.info("getOrderInfoTask/orgIds:" + orgIds);
 			if (StringUtils.isNotEmpty(orgIds)) {
 				String[] orgArr = orgIds.split(",");
-				for (int i = 0; i < orgArr.length; i++) {
-					TbOrganization org = organizationManager.getOrganizationById(Integer.parseInt(orgArr[i]));
-					if (null == org) {
-						continue;
-					}
-					log.info("getOrderInfoTask/orgName:" + org.getName());
-					if ("飞亚达大厦".equals(org.getName())) {
-						log.info("getOrderInfoTask/orgArr[i]:" + orgArr[i]);
-						orgId = orgArr[i];
-					}
-				}
-				log.info("getOrderInfoTask/orgId:" + orgId);
-				if (StringUtils.isNotEmpty(orgId)) {
-					String res = getOrderTime(orgId, "importTime");
-					log.info("getOrderInfoTask/res:" + res);
-					if (StringUtils.isEmpty(res)) {
-					} else {
-						redisExport(orgId);
+				for (String org : orgArr) {
+//					TbOrganization org = organizationManager.getOrganizationById(Integer.parseInt(orgArr[i]));
+//					if (null == org) {
+//						continue;
+//					}
+//					log.info("getOrderInfoTask/orgName:" + org.getName());
+//					if ("飞亚达大厦".equals(org.getName())) {
+//						log.info("getOrderInfoTask/orgArr[i]:" + orgArr[i]);
+//						orgId = orgArr[i];
+//					}
+					log.info("getOrderInfoTask/orgId:" + org);
+					if (StringUtils.isNotEmpty(org)) {
+						String res = getOrderTime(org, "importTime");
+						log.info("getOrderInfoTask/res:" + res);
+						if (StringUtils.isEmpty(res)) {
+						} else {
+							redisExport(org);
+						}
 					}
 				}
+
 			}
 		}
 	}
@@ -1771,7 +1772,7 @@ public class OrderDinnerServiceImpl implements OrderDinnerService {
 	private void redisExport(String orgId) {
 		String time = DateHelper.formatDate(new Date(), DateHelper.DATE);
 		log.info("-------------redisExport---time:" + time + "--------------------------");
-		String key = "getOrder_" + time;
+		String key = "getOrder_" + orgId +"_"+ time;
 		log.info("-------------redisExport---key:" + key + "--------------------------");
 		String mealJson = baseRedisService.get(key);
 		log.info("-------------redisExport---mealJson:" + mealJson + "--------------------------");

src/main/java/com/palmnest/webapp/controller/api/ApiRepairBillController.java

@@ -830,7 +830,7 @@ public class ApiRepairBillController extends BaseFormController {
      */
     @RequestMapping(value = "/completeBill")
     @ResponseBody
-    public AppResultDto completeBill(@RequestParam("id") Long id,MultipartHttpServletRequest request) {
+    public AppResultDto completeBill(@RequestParam("id") Long id,HttpServletRequest request) {
 
 
         String userName = baseRedisService.get(request.getHeader("token"));
@@ -854,31 +854,37 @@ public class ApiRepairBillController extends BaseFormController {
             //完成订单增加两个字段
             bill.setCompleteDesc(completeDesc);
 
-            String           completePhotoUrl     = "";
-            Iterator<String> fileNames  = request.getFileNames();
-            while (fileNames.hasNext()) {
-                MultipartFile multipartFile = request.getFile(fileNames.next());
-
-                //获得文件原始名称
-                InputStream stream   = null;
-                String      fileExt  = null;
-                String      fileName = "";
-                if (multipartFile != null) {
-                    stream = multipartFile.getInputStream();
-                    fileName = multipartFile.getOriginalFilename();
-                    fileName = new String(fileName.getBytes(), "utf-8");
-                    fileExt = StringUtils.isNotEmpty(fileName) ? fileName
-                            .substring(fileName.lastIndexOf("."))
-                            : StringUtils.EMPTY;
+            if (request instanceof MultipartHttpServletRequest){
+
+                MultipartHttpServletRequest multiRequest = (MultipartHttpServletRequest) request;
+
+                String           completePhotoUrl     = "";
+                Iterator<String> fileNames  = multiRequest.getFileNames();
+                while (fileNames.hasNext()) {
+                    MultipartFile multipartFile = multiRequest.getFile(fileNames.next());
+
+                    //获得文件原始名称
+                    InputStream stream   = null;
+                    String      fileExt  = null;
+                    String      fileName = "";
+                    if (multipartFile != null) {
+                        stream = multipartFile.getInputStream();
+                        fileName = multipartFile.getOriginalFilename();
+                        fileName = new String(fileName.getBytes(), "utf-8");
+                        fileExt = StringUtils.isNotEmpty(fileName) ? fileName
+                                .substring(fileName.lastIndexOf("."))
+                                : StringUtils.EMPTY;
+                    }
+
+                    FileUploadUtils fileUploadUtils = new FileUploadUtils();
+                    fileUploadUtils.init();
+                    String url = fileUploadUtils.uploadFile(stream, fileExt);
+                    completePhotoUrl += ";" + fileUploadUtils.fullVisitPath(url);
+                }
+                if (completePhotoUrl.length() > 1) {
+                    bill.setCompletePhotoUrl(completePhotoUrl.substring(1));
                 }
 
-                FileUploadUtils fileUploadUtils = new FileUploadUtils();
-                fileUploadUtils.init();
-                String url = fileUploadUtils.uploadFile(stream, fileExt);
-                completePhotoUrl += ";" + fileUploadUtils.fullVisitPath(url);
-            }
-            if (completePhotoUrl.length() > 1) {
-                bill.setCompletePhotoUrl(completePhotoUrl.substring(1));
             }
 
 

src/main/webapp/WEB-INF/securityNewFilter.xml

@@ -0,0 +1,150 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+             xmlns:beans="http://www.springframework.org/schema/beans" xmlns:p="http://www.springframework.org/schema/p"
+             xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+              http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
+<!-- 增加登录过滤器 -->   
+           
+<!--该路径下的资源不用过滤-->
+    <http pattern="/images/**" security="none"/>
+    <http pattern="/styles/**" security="none"/>
+    <http pattern="/scripts/**" security="none"/>
+    <http pattern="/plugin/**" security="none"/>
+    <http pattern="/upload/**" security="none"/>
+    <http pattern="/app/uploadTemplate/**" security="none"/>
+    <http pattern="/wechat/**" security="none"/>
+    <http pattern="/app/wechat/**" security="none"/>
+    <http pattern="/loginByToken" security="none"/>
+
+    <!--<http use-expressions="true">-->
+    <!--access="isAuthenticated()"-->
+
+    <!--auto-config = true 则使用from-login. 如果不使用该属性 则默认为http-basic(没有session).-->
+    <!-- lowercase-comparisons：表示URL比较前先转为小写。-->
+    <!-- path-type：表示使用Apache Ant的匹配模式。-->
+    <!--access-denied-page：访问拒绝时转向的页面。-->
+    <!-- access-decision-manager-ref：指定了自定义的访问策略管理器。-->
+    <http auto-config="true">
+
+        <http-basic/>
+
+        <!--intercept-url 指定拦截的url
+        通过pattern指定当前intercept-url定义应当作用于哪些url
+        可以通过access属性来指定intercept-url对应URL访问所应当具有的权限
+        -->
+        <intercept-url pattern="/repairBill/**" access="ROLE_ADMIN,ROLE_USER"/>
+
+        <!-- 用于测试权限问题 -->
+        <intercept-url pattern="/api/superdesk-app-auth/**" access="ROLE_ADMIN,ROLE_USER"/>
+
+        <intercept-url pattern="/app/api/**" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/kafka/**" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/lingling/PcPost/**" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/lingling/VisitorPcPost/**" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/appuser/**" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/appweb/**" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/third/**" access="ROLE_ANONYMOUS"/>
+        <!-- <intercept-url pattern="/app/wechat/**" access="ROLE_ANONYMOUS"/> -->
+        <intercept-url pattern="/app/mobile/**" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/estate/**" access="ROLE_ADMIN"/>
+        <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN,ROLE_USER"/>
+        <intercept-url pattern="/app/dto/*" access="ROLE_ANONYMOUS"/>
+        <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
+        <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
+        <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/>
+
+
+
+        <!--login-page：指定登录页面。  -->
+        <!-- login-processing-url：指定了客户在登录页面中按下 Sign In 按钮时要访问的 URL。-->
+        <!-- authentication-failure-url：指定了身份验证失败时跳转到的页面。-->
+        <!-- default-target-url：指定了成功进行身份验证和授权后默认呈现给用户的页面。-->
+        <!-- always-use-default-target：指定了是否在身份验证通过后总是跳转到default-target-url属性指定的URL。
+        authentication-success-handler-ref ：根据权限跳转不同画面(使用authentication-success-handler-ref流向不同action)
+        -->
+        <form-login login-page="/login"
+                    authentication-failure-url="/login?error=true"
+                    login-processing-url="/j_security_check"
+                    authentication-success-handler-ref="authenticationSuccessHandler"/>
+        <custom-filter before="FORM_LOGIN_FILTER" ref="verificationLogin"></custom-filter>
+        
+        <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
+
+
+        <!-- 重点 会话管理-->
+        <session-management>
+            <!-- spring security之并发控制 <concurrency-control  max-sessions:允许用户帐号登录的次数。范例限制用户只能登录一次。-->
+            <!-- 此值表示：用户第二次登录时，前一次的登录信息都被清空。-->
+            <!--   exception-if-maximum-exceeded:默认为false，-->
+            <!-- 当exception-if-maximum-exceeded="true"时系统会拒绝第二次登录。-->
+            <!-- session-registry-alias   spring security自定义sessionRegistry-->
+            <concurrency-control
+                    max-sessions="200000"
+                    error-if-maximum-exceeded="false"
+                    expired-url="/outline.html"
+                    session-registry-alias="sessionRegistry"
+                    session-registry-ref="sessionRegistry"/>
+        </session-management>
+
+    </http>
+
+    <!-- 实现了UserDetailsService的Bean -->
+    <authentication-manager alias="authenticationManager">
+
+        <!-- 正常用户验证 provider -->
+        <authentication-provider user-service-ref="userDao">
+            <!-- 登入 密码 -->
+            <password-encoder ref="passwordEncoder">
+                <salt-source ref="saltSource"/>
+            </password-encoder>
+        </authentication-provider>
+
+        <!-- 企业账号验证 provider -->
+        <authentication-provider ref="virAccountAuthenticationProvider">
+        </authentication-provider>
+
+        <!-- 新服务之窗backend provider -->
+        <authentication-provider ref="spuerdeskAppAuthenticationProvider">
+        </authentication-provider>
+
+    </authentication-manager>
+    <beans:bean id="verificationLogin" class="com.palmnest.webapp.filter.LoginFilterAuthentication">
+        <beans:property name="authenticationManager" ref="authenticationManager"/>   <!-- 身份验证  必须的 -->
+        <beans:property name="authenticationSuccessHandler" ref="authenticationSuccessHandler" />  <!-- 验证通过  必须的 -->
+         <beans:property name="authenticationFailureHandler" ref="authenticationFailureHandler" />   
+         
+    </beans:bean>
+
+    <!--  -->
+    <beans:bean id="authenticationSuccessHandler" class="com.palmnest.webapp.controller.SimpleLoginSuccessHandler"/>
+	  <beans:bean id="authenticationFailureHandler" class="com.palmnest.webapp.controller.LoginFailureHandler" />  
+    <beans:bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource"
+                p:userPropertyToUse="username"/>
+
+    <!-- 配置MultipartResolver 用于文件上传 使用spring的CommosMultipartResolver -->
+    <beans:bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver"
+                p:defaultEncoding="UTF-8"
+                p:maxUploadSize="54000000"
+                p:uploadTempDir="fileUpload/temp"
+    >
+    </beans:bean>
+
+    <!-- 所以我的配置里面只需要加上session-registry-ref就好了 -->
+    <beans:bean id="sessionRegistry"
+                class="com.palmnest.core.security.support.SessionRegistryImpl" scope="singleton">
+        <!-- 发现有 RedisTemplate 后屏蔽 -->
+        <!--<beans:property name="cacheManager" ref="cacheManager"/>-->
+    </beans:bean>
+
+
+    <!-- Override the default password-encoder (SHA) by uncommenting the following and changing the class -->
+    <!-- 已转移至 super_service/src/main/resources/applicationContext-service.xml -->
+    <!-- <bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/> -->
+
+    <global-method-security>
+        <protect-pointcut expression="execution(* *..service.UserManager.getUsers(..))" access="ROLE_ADMIN"/>
+        <protect-pointcut expression="execution(* *..service.UserManager.removeUser(..))" access="ROLE_ADMIN"/>
+    </global-method-security>
+
+</beans:beans>

src/main/webapp/scripts/admin/orderDinner/orderManage.js

@@ -535,7 +535,7 @@ $(function() {
                 },
                 success: function(data) {
                     if (data.code == ERROK) {
-                        location.href = $("#contextPath").val() + "/upload/OrderExcel.xls";
+                        location.href = $("#contextPath").val() + "/upload/OrderExcel"+orgId+".xls";
                         callback && callback();
                     } else {
                         layer.msg(data.msg)