Merge remote-tracking branch 'origin/dev' into dev

f6d5bccf · chang_chao@founder.com.cn · bf86a1d0 · 6439ca0b · f6d5bccf · f6d5bccf
Commit f6d5bccf authored Jul 25, 2018 by chang_chao@founder.com.cn
21 changed files
--- a/doc/sql/A0005_20180725重建用户权限视图.txt
+++ b/doc/sql/A0005_20180725重建用户权限视图.txt
+DROP VIEW XZXT.VW_USER_PERMISSION;
+DROP VIEW XZXT.VW_USER_PERMISSION;
+/* Formatted on 2018/7/25 星期三 17:03:37 (QP5 v5.115.810.9015) */
+CREATE OR REPLACE FORCE VIEW XZXT.VW_USER_PERMISSION
+(
+   ID,
+   NAME,
+   MENUNAME,
+   PERMISSION,
+   URL,
+   FLAG,
+   TYPE,
+   ZINDEX,
+   PID,
+   USERID
+)
+AS
+   SELECT   sys_permission_new.id AS id,
+            sys_permission_new.name AS name,
+            sys_permission_new.MENUNAME AS MENUNAME,
+            sys_permission_new.PERMISSION AS PERMISSION,
+            sys_permission_new.url AS url,
+            sys_permission_new.FLAG AS FLAG,
+            sys_permission_new.TYPE AS TYPE,
+            sys_permission_new.zindex AS zindex,
+            sys_permission_new.PID AS PID,
+            sys_user_role.USER_ID AS userid
+     FROM   (   (   sys_user_role
+                 LEFT JOIN
+                    Sys_role_permission
+                 ON ( (sys_user_role.role_id = sys_role_permission.ROLEID
+                       AND sys_user_role.scbz = 0)))
+             LEFT JOIN
+                sys_permission_new
+             ON ( (Sys_role_permission.PERMISSIONID = sys_permission_new.id
+                   AND sys_permission_new.scbz = 0)));
--- a/src/main/java/com/xzxtshiro/controller/AccessController.java
+++ b/src/main/java/com/xzxtshiro/controller/AccessController.java
@@ -9,9 +9,8 @@ import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
 import java.util.List;
 /**
@@ -26,6 +25,7 @@ public class AccessController {
    SysUserService userService;
    @RequestMapping(value = "/login", method = RequestMethod.POST)
+    @ResponseBody
    public String login(SysUser user, Model model){
        String msg=null;
        StringBuffer perList =null;
@@ -48,13 +48,18 @@ public class AccessController {
        }
    }
    @RequestMapping(value = "/queryPermission", method = RequestMethod.POST)
-    public String queryPermission(SysUser user){
+    @ResponseBody
+    public String queryPermission(SysUser user, Model model){
+        System.out.println("id============================="+user.getId());
        List<SysPermissionNew> list=userService.selectSysPermissionNewByUserId(user.getId());
        StringBuffer perList = new StringBuffer();
        for (SysPermissionNew per:list) {
-            perList.append(per.getId()+",");
+            if (per.getId()!=null){
+                perList.append(per.getId()+",");
+            }
        }
-        return perList.toString();
+        String message = perList.toString();
+        return message;
    }
 }
--- a/src/main/java/com/xzxtshiro/controller/admin/PermissionNewController.java
+++ b/src/main/java/com/xzxtshiro/controller/admin/PermissionNewController.java
@@ -2,7 +2,11 @@ package com.xzxtshiro.controller.admin;
 import com.xzxtshiro.pojo.BaseModel;
 import com.xzxtshiro.pojo.SysPermissionNew;
+import com.xzxtshiro.pojo.SysUser;
 import com.xzxtshiro.service.SysPermissionNewService;
+import com.xzxtshiro.service.SysUserService;
+import com.xzxtshiro.util.TokenUtil;
+import com.xzxtshiro.util.ZtreeDataUtil;
 import net.sf.json.JSONArray;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
@@ -26,6 +30,9 @@ public class PermissionNewController {
    @Autowired
    private SysPermissionNewService permissionService;
+    @Autowired
+    private SysUserService userService;
    /**
     * 跳转到权限列表
     *
@@ -48,7 +55,15 @@ public class PermissionNewController {
    @ResponseBody
    @RequestMapping(value = "/list", method = RequestMethod.GET)
    public BaseModel list(SysPermissionNew permission) {
-        return permissionService.selectSysPermissionNewPage(permission);
+        BaseModel perPage = null;
+        SysUser user = TokenUtil.getUser();
+        if ("admin".equals(user.getUsername())){
+            perPage = permissionService.selectSysPermissionNewPage(permission);
+        }else{
+            permission.setUserId(user.getId());
+            perPage = permissionService.selectSysPermissionNewPageByUserId(permission);
+        }
+        return perPage;
    }
    /**
@@ -87,11 +102,9 @@ public class PermissionNewController {
        Integer add = permissionService.add(permission);
        if (add == 0) {
            //添加失败,重新添加
-            model.addAttribute("permission", permission);
+            model.addAttribute("oldPermission", permission);
            model.addAttribute("msg", "权限ID已存在,请重新输入!");
-            List<SysPermissionNew> parantMenus=permissionService.selectAllPermissions();
+            setZtreeData(model,userService,permissionService);
-            JSONArray json = JSONArray.fromObject(parantMenus);
-            model.addAttribute("parantMenus",json);
            return "/admin/permission/add";
        } else {
            return "redirect:/admin/permission/index?msg=success";
@@ -108,10 +121,8 @@ public class PermissionNewController {
    @RequestMapping(value = "/update/{id}", method = RequestMethod.GET)
    public String updateIndex(@PathVariable("id") String id, Model model) {
        SysPermissionNew permission = permissionService.selectPermissionById(id);
-        List<SysPermissionNew> parantMenus=permissionService.selectAllPermissions();
+        setZtreeData(model,userService,permissionService);
-        JSONArray json = JSONArray.fromObject(parantMenus);
+        model.addAttribute("oldPermission",permission);
-        model.addAttribute("parantMenus",json);
-        model.addAttribute("permission",permission);
        return "admin/permission/update";
    }
@@ -144,4 +155,11 @@ public class PermissionNewController {
        }
    }
+    /**
+     * 设置添加与修改页面的ztree数据
+     */
+    public static void setZtreeData(Model model, SysUserService userService, SysPermissionNewService sysPermissionService){
+        new ZtreeDataUtil().setPermissionZtreeData(model,userService,sysPermissionService);
+    }
 }
--- a/src/main/java/com/xzxtshiro/controller/admin/SysRoleController.java
+++ b/src/main/java/com/xzxtshiro/controller/admin/SysRoleController.java
@@ -2,9 +2,12 @@ package com.xzxtshiro.controller.admin;
 import com.xzxtshiro.pojo.BaseModel;
 import com.xzxtshiro.pojo.SysRole;
+import com.xzxtshiro.pojo.SysUser;
 import com.xzxtshiro.service.SysPermissionNewService;
 import com.xzxtshiro.service.SysRoleService;
-import net.sf.json.JSONArray;
+import com.xzxtshiro.service.SysUserService;
+import com.xzxtshiro.util.TokenUtil;
+import com.xzxtshiro.util.ZtreeDataUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
@@ -30,6 +33,9 @@ public class SysRoleController {
    @Autowired
    private SysPermissionNewService sysPermissionService;
+    @Autowired
+    private SysUserService userService;
    /**
     * 跳转到角色列表
     *
@@ -44,14 +50,28 @@ public class SysRoleController {
    }
    /**
     * 根据条件获取角色列表
-     *
+     * 在用户界面，角色的赋值和查询作了如下控制
+     *     角色显示，应当满足这两点:
+     *     1.除admin用户之外，所有用户只显示它自己拥有的角色，
+     *     2.举个栗子：市级管理员/县级管理员在给下面的人赋角色时，只能看到admin给他
+     *            赋予的角色，不能看到更高的角色，需要更高权限，需要向admin申请
+     * 所以，在角色列表展示部分，应当满足如下要求：
+     *    除admin用户只展示登陆用户所拥有的角色
     * @param
     * @return
     */
    @ResponseBody
    @RequestMapping(value = "/list", method = RequestMethod.GET)
    public BaseModel list(SysRole role) {
-        return sysRoleService.selectSysRolePage(role);
+        //获取当前登录用户
+        SysUser dlUser = TokenUtil.getUser();
+        if ("admin".equals(dlUser.getUsername())){
+            return sysRoleService.selectSysRolePage(role);
+        }else{
+            role.setUserId(dlUser.getId());
+            return sysRoleService.selectSysRolePage(role);
+        }
    }
@@ -63,13 +83,7 @@ public class SysRoleController {
     */
    @RequestMapping(value = "/add", method = RequestMethod.GET)
    public String addIndex(Model model) {
-        /**所有的权限*/
+        setZtreeData(model,userService,sysRoleService,sysPermissionService);
-        JSONArray json =sysPermissionService.selectAllPermissions();
-        model.addAttribute("permission",json);
-        /**获取所有的角色*/
-        JSONArray rolejson =  sysRoleService.selectSysRolesByCondition(null);
-        model.addAttribute("role",rolejson);
        return "admin/role/add";
    }
@@ -89,6 +103,14 @@ public class SysRoleController {
    }
    /**
+     * 设置更新和添加页面所需要的权限和角色ztree数据
+     */
+    public static void setZtreeData(Model model,SysUserService userService,SysRoleService roleService,SysPermissionNewService sysPermissionService){
+        new ZtreeDataUtil().setRoleAndPermission(model,userService,roleService,sysPermissionService);
+    }
+    /**
     * 跳转到角色修改页面
     *
     * @param
@@ -97,15 +119,10 @@ public class SysRoleController {
     */
    @RequestMapping(value = "/update/{roleId}", method = RequestMethod.GET)
    public String updateIndex(@PathVariable("roleId") String roleId, Model model) {
+        setZtreeData(model,userService,sysRoleService,sysPermissionService);
        Map<String,Object> roleMap = sysRoleService.selectSysRoleById(roleId);
-        /**所有的权限*/
-        JSONArray json =sysPermissionService.selectAllPermissions();
-        /**获取所有的角色*/
-        JSONArray rolejson =  sysRoleService.selectSysRolesByCondition(null);
-        model.addAttribute("AllPermission",json);
        model.addAttribute("oldPermission",roleMap.get("oldPermission"));
-        model.addAttribute("AllRole",rolejson);
+        model.addAttribute("oldRole", roleMap.get("role"));
-        model.addAttribute("role", roleMap.get("role"));
        return "admin/role/update";
    }

--- a/src/main/java/com/xzxtshiro/controller/admin/SysUserController.java
+++ b/src/main/java/com/xzxtshiro/controller/admin/SysUserController.java
@@ -9,6 +9,7 @@ import com.xzxtshiro.service.SysRoleService;
 import com.xzxtshiro.service.SysUserService;
 import com.xzxtshiro.util.Base64PasswordEncrypter;
 import com.xzxtshiro.util.TokenUtil;
+import com.xzxtshiro.util.ZtreeDataUtil;
 import net.sf.json.JSONArray;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
@@ -46,7 +47,7 @@ public class SysUserController {
        /*if (msg!=null&&msg!=""){
            model.addAttribute("msg","用户添加成功!");
        }*/
-        setAddCS(model,dictitemService,roleService);
+        setZtreeData(model,userService,dictitemService,roleService);
        return "admin/user/list";
    }
@@ -73,19 +74,19 @@ public class SysUserController {
            System.out.println("usergrade===================="+usergrade);
            if (usergrade!=null&&!"".equals(usergrade)){
-                dw = getString(usergrade, dlUser.getUnitcode(), dw);
+                dw = subUnitCode(usergrade, dlUser.getUnitcode(), dw);
            }
        }else{
            //unitcode不为空，则根据unitcode+countycode双层查询
            if (usergrade!=null&&!"".equals(usergrade)){
-                dw = getString(usergrade, user.getUnitcode(), dw);
+                dw = subUnitCode(usergrade, user.getUnitcode(), dw);
            }
        }
        user.setCountycode(dw);
        return userService.selectSysUserPage(user);
    }
-    private static String getString(String usergrade, String unitcode, String dw) {
+    private static String subUnitCode(String usergrade, String unitcode, String dw) {
        if (usergrade.equals("S") || usergrade.equals("T")) {
            dw=unitcode.substring(0, 2);
        } else if (usergrade.equals("D")) {
@@ -109,26 +110,26 @@ public class SysUserController {
     */
    @RequestMapping(value = "/add", method = RequestMethod.GET)
    public String addIndex(Model model) {
-        setAddCS(model,dictitemService,roleService);
+        setZtreeData(model,userService,dictitemService,roleService);
        return "admin/user/add";
    }
    /**
-     * 设置添加用户页面所需要的参数
+     * 设置添加用户页面所需要的角色和单位代码数据
     */
-    private static void setAddCS(Model model, SysDictitemService dictitemService, SysRoleService roleService) {
+    private static void setZtreeData(Model model,SysUserService userService,SysDictitemService dictitemService, SysRoleService roleService) {
-        SysUser user = TokenUtil.getUser();
+        new ZtreeDataUtil().setUnitAndRole(model,dictitemService,userService,roleService);
-        String unitStr = user.getUnitcode();
-        SysDictitem dictitem = new SysDictitem();
-        dictitem.setGroupid("CODE_UNIT");
-        dictitem.setCodeStr(unitStr.substring(0,2)+"%");
-        JSONArray unit = dictitemService.selectDictitemByCondition(dictitem);
-        JSONArray roles = roleService.selectSysRolesByCondition(null);
-        model.addAttribute("role",roles);
-        model.addAttribute("unit", unit);
    }
    /**
+     * 为方便调用现在将role和unit进行拆分，并写入到service层，
+     * 因为这些东西在roleController中，userController都会不止一次调用
+     *
+     *
+     */
+    /**
     * 添加用户---提交
     *
     * @param user
@@ -140,7 +141,7 @@ public class SysUserController {
    public String add(SysUser user, Model model) {
        SysUser add = userService.add(user);
        if (add.getUsername() == null) {
-            setAddCS(model,dictitemService,roleService);
+            setZtreeData(model,userService,dictitemService,roleService);
            model.addAttribute("user", user);
            model.addAttribute("msg", "用户名已存在,请修改用户名!");
            return "admin/user/add";
@@ -163,7 +164,7 @@ public class SysUserController {
        user.setPassword(new Base64PasswordEncrypter().decryptPassword(user.getPassword()));
        List<SysRole> roles = userService.selectSysRoleByUserId(id);
        JSONArray oldRole = JSONArray.fromObject(roles);
-        setAddCS(model,dictitemService,roleService);
+        setZtreeData(model,userService,dictitemService,roleService);
        model.addAttribute("oldRole", oldRole);
        model.addAttribute("user", user);
        return "admin/user/update";
@@ -185,7 +186,7 @@ public class SysUserController {
            //查询用户原先的角色
            List<SysRole> roles = userService.selectSysRoleByUserId(user.getId());
            JSONArray oldRole = JSONArray.fromObject(roles);
-            setAddCS(model,dictitemService,roleService);
+            setZtreeData(model,userService,dictitemService,roleService);
            model.addAttribute("oldRole", oldRole);
            model.addAttribute("user", user);
            model.addAttribute("msg", "用户修改失败!");

--- a/src/main/java/com/xzxtshiro/dao/SysPermissionNewDao.java
+++ b/src/main/java/com/xzxtshiro/dao/SysPermissionNewDao.java
@@ -18,9 +18,26 @@ public interface SysPermissionNewDao {
     */
    List<SysPermissionNew> selectPermission();
+    /**
+     * 查询所有的权限list
+     * @param sysPermission
+     * @return
+     */
    List<SysPermissionNew>  selectSysPermissionNewByCondition(SysPermissionNew sysPermission);
    Integer selectSysPermissionNewCountByCondition(SysPermissionNew sysPermission);
+    /**
+     * 根据userId查询用户所拥有的权限
+     * @param userId
+     * @return
+     */
+    List<SysPermissionNew> selectSysPermissionNewByUserId(SysPermissionNew sysPermission);
+    Integer selectSysPermissionNewCountByUserId(SysPermissionNew sysPermission);
+    /**
+     * 查询所以权限
+     * @return
+     */
    List<SysPermissionNew> selectAllPermissions();
    /**

--- a/src/main/java/com/xzxtshiro/dao/SysRoleDao.java
+++ b/src/main/java/com/xzxtshiro/dao/SysRoleDao.java
@@ -34,7 +34,7 @@ public interface SysRoleDao {
     * @param sysrole
     * @return
     */
-    Integer selectSysRoleCountByCondition(@Param("SysRole") SysRole sysrole);
+    Integer selectSysRoleCountByCondition(SysRole sysrole);
    /**
     * 添加角色
     *

--- a/src/main/java/com/xzxtshiro/mapper/SysDictitemMapper.xml
+++ b/src/main/java/com/xzxtshiro/mapper/SysDictitemMapper.xml
@@ -38,7 +38,7 @@
    <result column="GABXF" property="gabxf" jdbcType="VARCHAR" />
  </resultMap>
  <sql id="Base_Column_List" >
-    ID, CODE, NAME, GROUPID, LEVELID, SPELL, WBZX, LRR, LRSJ, GXR, GXSJ, SIMPLE, LRDWDM, 
+    ID, CODE, NAME, GROUPID, LEVELID, SPELL, WBZX, LRR, LRSJ, GXR, GXSJ, SIMPLE, LRDWDM,
    LRDWMC, GROUPNAME, SCBZ, YYCJ1, YYCJ2, YYCJ3, YYCJ4, PID, ISPARENT, YYCJ7, YYCJ5, 
    YYCJ6, DESCRIPTION, ENDCODE, STARTCODE, YYCJ8, SFQYBMPDBZ, DMMCBM, GXDWDM, GXDWMC, 
    GABXF
@@ -150,7 +150,10 @@
  <select id="selectDictitemByCondition" resultMap="BaseResultMap" parameterType="com.xzxtshiro.pojo.SysDictitem" >
    select 
-    <include refid="Base_Column_List" />
+     ID, CODE, NAME ||'['||CODE||']' as NAME, GROUPID, LEVELID, SPELL, WBZX, LRR, LRSJ, GXR, GXSJ, SIMPLE, LRDWDM,
+    LRDWMC, GROUPNAME, SCBZ, YYCJ1, YYCJ2, YYCJ3, YYCJ4, PID, ISPARENT, YYCJ7, YYCJ5,
+    YYCJ6, DESCRIPTION, ENDCODE, STARTCODE, YYCJ8, SFQYBMPDBZ, DMMCBM, GXDWDM, GXDWMC,
+    GABXF
    from SYS_DICTITEM
    where SCBZ=0
    <include refid="queryWhere" />

--- a/src/main/java/com/xzxtshiro/mapper/SysPermissionNewMapper.xml
+++ b/src/main/java/com/xzxtshiro/mapper/SysPermissionNewMapper.xml
@@ -38,12 +38,41 @@
    ) where rn > ${(page-1)*limit}
  </select>
+  <select id="selectSysPermissionNewByUserId" resultMap="BaseResultMap">
+    select * from (
+    select t.*,rownum rn from (
+    SELECT
+          id,NAME,menuname,permission,url,flag,zindex,pid,userid
+     FROM
+          VW_USER_PERMISSION
+     WHERE
+          userid=#{userId,jdbcType=VARCHAR}
+          and id is not NULL
+          and name is not NULL
+    ) t where ROWNUM <![CDATA[<=]]>
+    ${limit*page}
+    ) where rn > ${(page-1)*limit}
+  </select>
+  <select id="selectSysPermissionNewCountByUserId" resultType="integer">
+    <!---->
+    SELECT
+    count(1)
+    FROM
+    VW_USER_PERMISSION
+    WHERE
+    userid=#{userId,jdbcType=VARCHAR}
+    and id is not NULL
+    and name is not NULL
+  </select>
  <select id="selectAllPermissions" resultMap="BaseResultMap">
      select
-      <include refid="Base_Column_List" />
+      ID, NAME ||'['||ID||']' as NAME, MENUNAME, PID, PERMISSION, URL, DESCRIPTION, TYPE, LRR, LRSJ, GXR, GXSJ,
+      LRDWDM, LRDWMC, SCBZ, IP, ZINDEX,FLAG
      from sys_permission_new
      where SCBZ='0'
  </select>
  <select id="selectSysPermissionNewById" resultMap="BaseResultMap">
    select

--- a/src/main/java/com/xzxtshiro/mapper/SysRoleMapper.xml
+++ b/src/main/java/com/xzxtshiro/mapper/SysRoleMapper.xml
@@ -31,9 +31,16 @@
    select * from (
    select t.*,rownum rn from (
    select
-    <include refid="Base_Column_List" />
+    b.ID, b.ROLENAME, b.DESCRIPTION, b.LRR, b.LRSJ, b.GXR, b.GXSJ, b.LRDWDM, b.LRDWMC, b.SCBZ, b.IP, b.SFFB , b.PID , b.TYPE
-    from SYS_ROLE
+    <if test="userId != null" >
-    where SCBZ='0'
+      from sys_user_role a,sys_role b
+      where b.SCBZ='0'
+      AND A.USER_ID=#{userId,jdbcType=VARCHAR} and A.ROLE_ID=b.id
+    </if>
+    <if test="userId == null" >
+      from sys_role b
+      where b.SCBZ='0'
+    </if>
    ) t where ROWNUM <![CDATA[<=]]>
    ${limit*page}
    ) where rn > ${(page-1)*limit}
@@ -42,9 +49,15 @@
    <!---->
    SELECT
    count(1)
-    FROM
+    <if test="userId != null" >
-    SYS_ROLE
+      from sys_user_role a,sys_role b
-    WHERE scbz='0'
+      where b.SCBZ='0'
+      AND A.USER_ID=#{userId,jdbcType=VARCHAR} and A.ROLE_ID=b.id
+    </if>
+    <if test="userId == null" >
+      from sys_role b
+      where b.SCBZ='0'
+    </if>
  </select>
  <select id="selectSysRolesByCondition" parameterType="com.xzxtshiro.pojo.SysRole" resultMap="BaseResultMap">
     SELECT

--- a/src/main/java/com/xzxtshiro/mapper/SysUserMapper.xml
+++ b/src/main/java/com/xzxtshiro/mapper/SysUserMapper.xml
@@ -437,12 +437,13 @@
  <!--根据userId查询用户拥有的权限-->
  <select id="selectSysPermissionsByUserId" resultType="com.xzxtshiro.pojo.SysPermissionNew" parameterType="java.lang.String">
    SELECT
-          id,name,menuname,permission,url,flag,zindex,pid,userid
+          id,NAME ||'['||id||']' as NAME,menuname,permission,url,flag,zindex,pid,userid
     FROM
          VW_USER_PERMISSION
     WHERE
          userid=#{userId,jdbcType=VARCHAR}
+          and id is not NULL
+          and name is not NULL
  </select>
  <!--根据userid查询角色名-->
  <select id="selectSysRolesByUserId" parameterType="string" resultType="com.xzxtshiro.pojo.SysRole">

--- a/src/main/java/com/xzxtshiro/pojo/SysRole.java
+++ b/src/main/java/com/xzxtshiro/pojo/SysRole.java
@@ -16,6 +16,8 @@ public class SysRole extends BaseModel implements Serializable {
    private static final long serialVersionUID = 1L;
    protected String id;
+    protected String userId;
    protected String rolename;
    protected String description;

--- a/src/main/java/com/xzxtshiro/service/SysPermissionNewService.java
+++ b/src/main/java/com/xzxtshiro/service/SysPermissionNewService.java
@@ -28,6 +28,13 @@ public interface SysPermissionNewService {
    BaseModel selectSysPermissionNewPage(SysPermissionNew permission);
+    /**
+     * 根据userId获取权限列表
+     * @param sysPermission
+     * @return
+     */
+    BaseModel selectSysPermissionNewPageByUserId(SysPermissionNew sysPermission);
    /**
     * 获取所有父级菜单
     *

--- a/src/main/java/com/xzxtshiro/service/imp/SysPermissionNewServiceImpl.java
+++ b/src/main/java/com/xzxtshiro/service/imp/SysPermissionNewServiceImpl.java
@@ -68,6 +68,16 @@ public class SysPermissionNewServiceImpl implements SysPermissionNewService {
    }
    @Override
+    public BaseModel selectSysPermissionNewPageByUserId(SysPermissionNew sysPermission) {
+        List<SysPermissionNew> permissions = permissionNewDao.selectSysPermissionNewByUserId(sysPermission);
+        Integer count = permissionNewDao.selectSysPermissionNewCountByUserId(sysPermission);
+        BaseModel permissionPage = new BaseModel();
+        permissionPage.setCount(count);
+        permissionPage.setData(permissions);
+        return permissionPage;
+    }
+    @Override
    public JSONArray selectAllPermissions() {
        List<SysPermissionNew> parantMenus=permissionNewDao.selectAllPermissions();
        JSONArray json = JSONArray.fromObject(parantMenus);

--- a/src/main/java/com/xzxtshiro/util/ZtreeDataUtil.java
+++ b/src/main/java/com/xzxtshiro/util/ZtreeDataUtil.java
+package com.xzxtshiro.util;
+import com.xzxtshiro.pojo.SysDictitem;
+import com.xzxtshiro.pojo.SysPermissionNew;
+import com.xzxtshiro.pojo.SysRole;
+import com.xzxtshiro.pojo.SysUser;
+import com.xzxtshiro.service.SysDictitemService;
+import com.xzxtshiro.service.SysPermissionNewService;
+import com.xzxtshiro.service.SysRoleService;
+import com.xzxtshiro.service.SysUserService;
+import net.sf.json.JSONArray;
+import org.springframework.ui.Model;
+import java.util.List;
+/**
+ * @author liuys
+ * @desc
+ * @date 2018-07-25 11:20
+ */
+public class ZtreeDataUtil {
+    /**
+     * 设置单位和角色ztree数据
+     * @param model
+     * @param dictitemService
+     * @param userService
+     * @param roleService
+     */
+    public static void setUnitAndRole(Model model,SysDictitemService dictitemService,SysUserService userService,SysRoleService roleService) {
+        setUnitZtreeData(model,dictitemService);
+        setRoleZtreeData(model,userService,roleService);
+    }
+    public static void setRoleAndPermission(Model model,SysUserService userService,SysRoleService roleService,SysPermissionNewService sysPermissionService){
+        setRoleZtreeData(model,userService,roleService);
+        setPermissionZtreeData(model,userService,sysPermissionService);
+    }
+    /**
+     * 设置单位ztree
+     * @param model
+     * @param dictitemService
+     */
+    public static void setUnitZtreeData(Model model,SysDictitemService dictitemService){
+        SysUser user = TokenUtil.getUser();
+        String unitStr = user.getUnitcode();
+        SysDictitem dictitem = new SysDictitem();
+        dictitem.setGroupid("CODE_UNIT");
+        dictitem.setCodeStr(unitStr.substring(0,2)+"%");
+        JSONArray unit = dictitemService.selectDictitemByCondition(dictitem);
+        model.addAttribute("unit", unit);
+    }
+    /**
+     * 设置角色ztree
+     * @param model
+     * @param userService
+     * @param roleService
+     */
+    public static void setRoleZtreeData(Model model,SysUserService userService,SysRoleService roleService){
+        /**
+         * 角色显示，应当满足这两点:
+         * 1.除admin用户之外，所有用户只显示它自己拥有的角色，
+         * 2.举个栗子：市级管理员/县级管理员在给下面的人赋角色时，只能看到admin给他
+         *            赋予的角色，不能看到更高的角色，需要更高权限，需要向admin申请
+         */
+        //获取当前登录用户
+        SysUser dlUser = TokenUtil.getUser();
+        JSONArray roles = null;
+        if ("admin".equals(dlUser.getUsername())){
+            roles = roleService.selectSysRolesByCondition(null);
+        }else{
+            List<SysRole> roleList = userService.selectSysRoleByUserId(dlUser.getId());
+            roles = JSONArray.fromObject(roleList);
+        }
+        model.addAttribute("role",roles);
+    }
+    public static void setPermissionZtreeData(Model model,SysUserService userService,SysPermissionNewService sysPermissionService){
+        //获取当前登录用户
+        SysUser user = TokenUtil.getUser();
+        JSONArray permission = null;
+        if ("admin".equals(user.getUsername())){
+            permission =sysPermissionService.selectAllPermissions();
+        }else{
+            List<SysPermissionNew> list=userService.selectSysPermissionNewByUserId(user.getId());
+            permission = JSONArray.fromObject(list);
+        }
+        model.addAttribute("permission",permission);
+    }
+}
--- a/src/main/webapp/WEB-INF/jsp/admin/permission/add.jsp
+++ b/src/main/webapp/WEB-INF/jsp/admin/permission/add.jsp
@@ -42,14 +42,14 @@
                    <label class="layui-form-label">权限ID</label>
                    <div class="layui-input-block">
                        <input type="text" name="id" lay-verify="required" placeholder="请输入权限ID"
-                               value="${permission.id}" class="layui-input">
+                               value="${oldPermission.id}" class="layui-input">
                    </div>
                </div>
                <div class="layui-form-item">
                    <label class="layui-form-label">权限名称</label>
                    <div class="layui-input-block">
                        <input type="text" name="name" lay-verify="required" placeholder="请输入权限名称"
-                               value="${permission.name}" class="layui-input">
+                               value="${oldPermission.name}" class="layui-input">
                    </div>
                </div>
@@ -57,14 +57,14 @@
                    <label class="layui-form-label">权限代码</label>
                    <div class="layui-input-block">
                        <input type="text" name="permission" lay-verify="required" placeholder="请输入权限代码"
-                               value="${permission.permission}" class="layui-input">
+                               value="${oldPermission.permission}" class="layui-input">
                    </div>
                </div>
                <div class="layui-form-item">
                    <label class="layui-form-label">权限URL</label>
                    <div class="layui-input-block">
                        <input type="text" name="url" lay-verify="required" placeholder="请输入权限URL"
-                               value="${permission.url}" class="layui-input">
+                               value="${oldPermission.url}" class="layui-input">
                    </div>
                </div>
                <div class="layui-form-item">
@@ -197,7 +197,7 @@
            layer.msg(msg, {icon: 5});
            $("#msg").text("");
        }
-        var data = ${parantMenus};
+        var data = ${permission};
        var zNodes =[];
        for (var i=0;i<data.length;i++){
            zNodes.push({id:data[i].id,pId:data[i].pid,name:data[i].name,open:false,file:"core/simpleData"});

--- a/src/main/webapp/WEB-INF/jsp/admin/permission/update.jsp
+++ b/src/main/webapp/WEB-INF/jsp/admin/permission/update.jsp
@@ -44,14 +44,14 @@
                    <label class="layui-form-label">权限ID</label>
                    <div class="layui-input-block">
                        <input type="text" name="id" lay-verify="required" placeholder="请输入权限ID"
-                               value="${permission.id}" class="layui-input">
+                               value="${oldPermission.id}" class="layui-input">
                    </div>
                </div>
                <div class="layui-form-item">
                    <label class="layui-form-label">权限名称</label>
                    <div class="layui-input-block">
                        <input type="text" name="name" lay-verify="required" placeholder="请输入权限名称"
-                               value="${permission.name}" class="layui-input">
+                               value="${oldPermission.name}" class="layui-input">
                    </div>
                </div>
@@ -59,14 +59,14 @@
                    <label class="layui-form-label">权限代码</label>
                    <div class="layui-input-block">
                        <input type="text" name="permission" lay-verify="required" placeholder="请输入权限代码"
-                               value="${permission.permission}" class="layui-input">
+                               value="${oldPermission.permission}" class="layui-input">
                    </div>
                </div>
                <div class="layui-form-item">
                    <label class="layui-form-label">权限URL</label>
                    <div class="layui-input-block">
                        <input type="text" name="url" lay-verify="required" placeholder="请输入权限URL"
-                               value="${permission.url}" class="layui-input">
+                               value="${oldPermission.url}" class="layui-input">
                    </div>
                </div>
                <div class="layui-form-item">
@@ -135,17 +135,16 @@
            layer.msg(msg, {icon: 5});
        }
        //设置角色类型
-        var type = "${permission.type}";
+        var type = "${oldPermission.type}";
        $("#type").val(type);
        form.render('select');
-        var data = ${parantMenus};
+        var data = ${permission};
        var zNodes =[];
-        var bool;
        for (var i=0;i<data.length;i++){
            zNodes.push({id:data[i].id,pId:data[i].pid,name:data[i].name,open:false,file:"core/simpleData"});
-            if(data[i].id=="${permission.pid}"){
+            if(data[i].id=="${oldPermission.pid}"){
-                $("#pid").val(data[i].id);
+                $("#pid").val("${oldPermission.id}");
-                $("#pidName").val(data[i].name);
+                $("#pidName").val("${oldPermission.name}");
            }
        }
        setTree(zNodes,"tree","nocheck","pid","pidName");

--- a/src/main/webapp/WEB-INF/jsp/admin/role/update.jsp
+++ b/src/main/webapp/WEB-INF/jsp/admin/role/update.jsp
@@ -40,12 +40,12 @@
                  action="${pageContext.request.contextPath}/admin/role/update/"
                  method="post">
                <input type="text" name="id" lay-verify="required" placeholder="角色id"
-                       value="${role.id}" hidden>
+                       value="${oldRole.id}" hidden>
                <div class="layui-form-item">
                    <label class="layui-form-label">角色名称</label>
                    <div class="layui-input-block">
                        <input type="text" name="rolename" lay-verify="required" placeholder="请输入角色名称"
-                               value="${role.rolename}"
+                               value="${oldRole.rolename}"
                               class="layui-input">
                    </div>
                </div>
@@ -89,7 +89,7 @@
                    <label class="layui-form-label">描述</label>
                    <div class="layui-input-block">
                        <input type="text" name="description" placeholder="请输入角色描述信息"
-                               class="layui-input" value="${role.description}">
+                               class="layui-input" value="${oldRole.description}">
                    </div>
                </div>
                <div class="layui-form-item" style="text-align: center">
@@ -134,11 +134,11 @@
            layer.msg(msg, {icon: 5});
        }
        //设置角色类型
-        var type = "${role.type}";
+        var type = "${oldRole.type}";
        $("#type").val(type);
        form.render('select');
        //权限树
-        var data = ${AllPermission};
+        var data = ${permission};
        var checkData = ${oldPermission};
        var zNodes =[];
        var oldPerStr = "",oldPerIdStr="";
@@ -160,11 +160,11 @@
        $("#permissionName").val(oldPerStr);
        //设置权限树
        setTree(zNodes,"permissionTree","check","permissionId","permissionName");
-        data = ${AllRole};
+        data = ${role};
        console.log(data);
        var zNodes =[];
        for (var i=0;i<data.length;i++){
-            if (data[i].id=="${role.pid}"){
+            if (data[i].id=="${oldRole.pid}"){
                //设置原有角色回显
                $("#pidName").val(data[i].rolename);
                $("#pid").val(data[i].id);

--- a/src/main/webapp/WEB-INF/jsp/admin/user/update.jsp
+++ b/src/main/webapp/WEB-INF/jsp/admin/user/update.jsp
@@ -168,16 +168,19 @@
        if (msg.length!=""){
            layer.msg(msg, {icon: 5});
        }
-        //设置用户等级
+        //设置原有单位回显
+        var unitname = "${user.unitname}";
+        var unitcode = "${user.unitcode}";
+        $("#unitname").val(unitname);
+        $("#unitcode").val(unitcode);
+        //设置用户等级回显
        var grade = "${user.grade}";
        $("#grade").val(grade);
        form.render('select');
        var data = ${unit};
        var zNodes =[];
        for (var i=0;i<data.length;i++){
-            //设置原有单位回显
-            $("#unitname").val(data[i].name);
-            $("#unitcode").val(data[i].codeStr);
            zNodes.push({id:data[i].codeStr,pId:data[i].pid,name:data[i].name,open:false,file:"core/simpleData"});
        }
        setTree(zNodes,"unit","nocheck","unitcode","unitname");

--- a/src/main/webapp/WEB-INF/jsp/index.jsp
+++ b/src/main/webapp/WEB-INF/jsp/index.jsp
@@ -225,7 +225,6 @@
    });
    //判断当前登录用户
-    debugger;
    var username = "${sessionScope.user.username }";
    console.log(username);
    if (username == '8888') {

--- a/src/main/webapp/resources/common/common.js
+++ b/src/main/webapp/resources/common/common.js
@@ -37,7 +37,11 @@ function setTree(data,treeId,type,kid,vid) {
                        nodes=treeObj.getCheckedNodes(true),
                        v="",k="";
                    for(var i=0;i<nodes.length;i++){
-                        v+=nodes[i].name + ",";
+                        var thisName = nodes[i].name;
+                        if(thisName.indexOf("[")>-1){
+                            thisName=thisName.substring(0,thisName.indexOf("["));
+                        }
+                        v+=thisName + ",";
                        k+=nodes[i].id + ",";
                        console.log("节点id:"+k+"节点名称"+v); //获取选中节点的值
                    }
@@ -68,8 +72,11 @@ function setTree(data,treeId,type,kid,vid) {
                    var treeObj = $.fn.zTree.getZTreeObj(treeNode);
                    var selectedNode = treeObj.getSelectedNodes()[0];
                    $("#"+kid).val(selectedNode.id);
-                    console.log(selectedNode.name);
+                    var thisName = selectedNode.name;
-                    $("#"+vid).val(selectedNode.name);
+                    if(thisName.indexOf("[")>-1){
+                        thisName=thisName.substring(0,thisName.indexOf("["));
+                    }
+                    $("#"+vid).val(thisName);
                    closeTree();
                },
            }
@@ -95,7 +102,7 @@ function setTree(data,treeId,type,kid,vid) {
 function checkTree(treeId){
    layer.open({
        type: 1,
-        area:['350px', '400px'],
+        area:['500px', '530px'],
        title:'请选择',
        skin: 'layui-layer-demo', //加上边框
        content: $("#"+treeId)