package com.runchain.arch.util.id;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springside.modules.security.springsecurity.SpringSecurityUtils;
import org.springside.modules.utils.spring.SpringContextHolder;
import org.springside.modules.utils.web.struts2.Struts2Utils;
import com.opensymphony.xwork2.ActionContext;
import com.runchain.arch.entity.id.Role;
import com.runchain.arch.entity.id.User;
import com.runchain.arch.service.id.AccountManager;
import com.runchain.arch.util.number.LongUtils;
/**
* 用户工具类.
*
* @author HenryYan
*
*/
public class UserUtil {
private static Logger logger = LoggerFactory.getLogger(UserUtil.class);
/**
* 用于设置sessino中当前用户对象的属性名称
*/
public static String USER = "user";
/**
* 默认密码
* @see DEFAULT_USER_PASSWORD_MD5
*/
public static final String DEFAULT_USER_PASSWORD = "000000";
/**
* 默认MD5密码,对应:000000
* @see #DEFAULT_USER_PASSWORD
*/
public static final String DEFAULT_USER_PASSWORD_MD5 = "670b14728ad9902aecba32e22fa4f6bd";
/**
* ID和用户对象的静态缓存
*/
private static Map<Long, User> STATIC_USER_MAP_CACHE = new HashMap<Long, User>();
/**
* 用户登录名和用户对象的静态缓存
*/
private static Map<String, User> STATIC_USER_MAP_CACHE_LOGINNAME = new HashMap<String, User>();
/**
* 专门用于支持测试的用户对象
*/
private static User MEMORY_USER_FOR_TEST = null;
/**
* 获取当前登录的用户:
* <ul>
* <li>先从内部的测试用户中获取(这样兼容运行时和[单元|集成]测试)</li>
* <li>从HTTP的SESSION中获取,如果没有根据spring security中的登录名从数据库查询</li>
* </ul>
* @return 当前用户对象,没有返回null
*/
public static User getCurrentUser() {
if (MEMORY_USER_FOR_TEST != null) {
return MEMORY_USER_FOR_TEST;
}
return getUserFromSessionIfNoReadLoadSpringSecurity();
}
/**
* 获取当前用户对象,如果session中没有从spring security中获取用户登录名从数据库查询,查询到之后设置到session中
*/
public static User getUserFromSessionIfNoReadLoadSpringSecurity() {
/*
* 当前不在Struts2环境中运行直接返回
*/
if (ActionContext.getContext() == null || Struts2Utils.getSession() == null) {
return null;
}
/*
* 从session中获取用户信息,如果获取到的用户信息不为空但是用户ID为空,
* 原因是服务重启导致,所以需要再次从数据库查询
*/
User user = getUserFromSession();
if (user == null || user.getId() == null) {
String loginName = SpringSecurityUtils.getCurrentUserName();
logger.debug("从spring security中获取用户登录名:{}", loginName);
if (StringUtils.isNotBlank(loginName)) {
user = getUserFromMemoryCache(loginName, true);
Struts2Utils.getSession().setAttribute(USER, user);
} else {
logger.warn("从spring security中获取登录名为空");
}
}
return user;
}
/**
* 从http session的属性中获取当前用户对象
*/
public static User getUserFromSession() {
HttpServletRequest request = Struts2Utils.getRequest();
logger.debug("remote user: {}", request.getRemoteUser());
Object sessionUser = Struts2Utils.getSession().getAttribute(USER);
if (sessionUser == null) {
return null;
}
return (User) sessionUser;
}