package com.lemon.lifecenter.controller; import java.util.ArrayList; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.ModelAndView; import com.lemon.lifecenter.common.LifeCenterConfigVO; import com.lemon.lifecenter.common.LifeCenterController; import com.lemon.lifecenter.common.LifeCenterFunction; import com.lemon.lifecenter.common.LifeCenterPaging; import com.lemon.lifecenter.common.LifeCenterSessionController; import com.lemon.lifecenter.dto.CenterInfoDTO; import com.lemon.lifecenter.dto.GroupListDTO; import com.lemon.lifecenter.dto.LoginDTO; import com.lemon.lifecenter.dto.StaffDTO; import com.lemon.lifecenter.service.CenterService; import com.lemon.lifecenter.service.GroupListService; import com.lemon.lifecenter.service.LoginService; import com.lemon.lifecenter.service.StaffService; // 의료진관리 contorller @Controller @RequestMapping("/staff") public class StaffController extends LifeCenterController { private final Logger logger = LoggerFactory.getLogger(this.getClass()); private LifeCenterPaging paging; @Autowired private LoginService loginService; @Autowired private StaffService memberService; @Autowired private LifeCenterConfigVO config; @Autowired private GroupListService groupListService; @Autowired private CenterService centerService; @RequestMapping("/new") public ModelAndView staffNew( HttpServletRequest request,HttpServletResponse response ) throws Exception { int sesCenterCode = Integer.valueOf( LifeCenterSessionController.getSession( request, "sesCenterCode" ) ) ; int sesGroupIdx = Integer.valueOf( LifeCenterSessionController.getSession( request, "sesGroupIdx" ) ); String sesId = LifeCenterSessionController.getSession( request, "sesId" ); List centerList = memberService.selectCenterList(); ModelAndView mv = setMV("staff/new"); GroupListDTO dto = new GroupListDTO(); List groupList = groupListService.selectGroupList(dto); List selectCenter = new ArrayList(); for( CenterInfoDTO c : centerList ) { if( sesGroupIdx == 1 ) { selectCenter.add( c ); } else { if( c.getCenterCode() == sesCenterCode ) { selectCenter.add( c ); } } } CenterInfoDTO centerDTO = new CenterInfoDTO(); centerDTO.setStaffId( sesId ); centerDTO.setCenterCode( sesCenterCode ); centerService.selectCenterInfoOne( centerDTO ); for( GroupListDTO data : groupList ) { // data.setPermissions( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, data.getPermissions() ) ); data.setEncryptIdx( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, String.valueOf( data.getIdx() ) ) ); } mv.addObject( "centerList", selectCenter ); mv.addObject( "groupList", groupList ); return mv; } @RequestMapping("/new/regist") public String staffNewRegist( @ModelAttribute("dto") final StaffDTO dto, @RequestParam(value="encryptIdx", required=true) String encryptIdx, @RequestParam(value="passwordConfirm", required=true) String passwordConfirm ) throws Exception { // 의료진 관리 -> 의료진 신규등록 컨트롤러 // 의료진 신규등록시 -> 계정 권한은 일반사용자 권한으로 생성? -> 관리자로도 생성? // 센터하나당 관리자 권한 계정은 1개임 (시스템관리자가 센터생성할때 관리자 계정 1개 발급) // System.out.println( "permissions : " + permissions ); // System.out.println( "permissions : " + LifeCenterFunction.aesDecrypt( config.aesKey, config.IV, permissions ) ); System.out.println( "encIdx : " + encryptIdx ); String decryptIdx = LifeCenterFunction.aesDecrypt( config.aesKey, config.IV, encryptIdx ); // password 일치확인 String password = dto.getPassword(); if( !password.equals( passwordConfirm ) ) { // redirect page back } dto.setGroupIdx( Integer.valueOf( decryptIdx ) ); dto.setPassword( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, password ) ); memberService.insertStaff( dto ); return "redirect:../info?staffId=" + dto.getId(); } @RequestMapping("/info") public ModelAndView staffInfo( HttpServletRequest request,HttpServletResponse response, @RequestParam(value="staffId", required=false, defaultValue="") String staffID) { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); StaffDTO dto = new StaffDTO(); dto.setId(staffID); dto = memberService.selectMemberInfo(dto); ModelAndView mv = setMV("staff/info"); mv.addObject("info", dto); mv.addObject( "sesId", sesId ); return mv; } @RequestMapping("/edit") public ModelAndView staffEdit( @RequestParam(value="staffId", required=false, defaultValue="") String staffId) throws Exception { // List centerList = memberService.selectCenterList(); StaffDTO dto = new StaffDTO(); dto.setId(staffId); dto = memberService.selectMemberInfo(dto); // String groupIdx = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, String.valueOf(dto.getGroupIdx())); int centerCode = dto.getCenterCode(); // GroupListDTO gDto = new GroupListDTO(); // List groupList = groupListService.selectGroupList(gDto); // for( GroupListDTO data : groupList ) { // data.setEncryptIdx( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, String.valueOf( data.getIdx() ) ) ); // } ModelAndView mv = setMV("staff/edit"); mv.addObject("info", dto); mv.addObject("centerCode", centerCode); // mv.addObject("groupIdx", groupIdx); // mv.addObject("centerList", centerList); // mv.addObject( "groupList", groupList ); return mv; } @RequestMapping("edit/update") public String editUpdate( HttpServletRequest request,HttpServletResponse response, @ModelAttribute("dto") StaffDTO dto ) throws Exception { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); dto.setUpdateById(sesId); int rts = memberService.updateEditMember(dto); return "redirect:/staff/info?staffId=" + dto.getId(); } @RequestMapping("/myinfo") public ModelAndView staffMyinfo(HttpServletRequest request,HttpServletResponse response) { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); StaffDTO dto = new StaffDTO(); dto.setId(sesId); dto = memberService.selectMemberInfo(dto); String referer = request.getHeader( "Referer" ); logger.error("myinfo refere -- > " + referer); ModelAndView mv = setMV("staff/myinfo"); mv.addObject("info", dto); mv.addObject("returnUrl", referer); return mv; } @RequestMapping("myinfo/update") public String myInfoUpdate( HttpServletRequest request, HttpServletResponse response, @ModelAttribute("dto") final StaffDTO dto, @RequestParam(value="passwordNew", required=false, defaultValue="") String passwordNew, @RequestParam(value="passwordConfirm", required=false, defaultValue="") String passwordConfirm, @RequestParam(value="returnUrl", required=false, defaultValue="") String returnUrl) throws Exception { logger.error("myinfo update returnUrl -- > " + returnUrl); logger.error("dto.id -- > " + dto.getId()); logger.error("dto.getPassword -- > " + dto.getPassword()); String encryptPw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, dto.getPassword()); dto.setPassword(encryptPw); int mCnt = memberService.selectMemberCount(dto); if (mCnt == 1) { if (!passwordNew.equals("")) { if (passwordNew.equals(passwordConfirm)) { dto.setPassword(LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, passwordNew)); } } memberService.updateMember(dto); } else { LifeCenterFunction.scriptMessage( response, "alert( '비밀번호가 일치하지않습니다.' ); history.back();" ); return "/common/blank"; } return "redirect:" + returnUrl; // return "redi"returnUrl; } @RequestMapping("/list") public ModelAndView staffList( @ModelAttribute("dto") final StaffDTO dto, @RequestParam(value="selectState", required=false, defaultValue="") String selectState, @RequestParam(value="sData", required=false, defaultValue="") String sData, @RequestParam(value="useYn", required=false, defaultValue="") String useYn, @RequestParam(value="page", required=false, defaultValue="1") int page, HttpServletRequest request, HttpServletResponse response) { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesCenterCode = LifeCenterSessionController.getSession( request, "sesCenterCode" ); if (selectState.equals("sId")) { dto.setId(sData); } else if (selectState.equals("sName")) { dto.setName(sData); } else { dto.setCenterName(sData); } dto.setCenterCode(Integer.parseInt(sesCenterCode)); dto.setLimit( ( Integer.valueOf( page ) - 1 ) * config.pageDataSize ); dto.setLimitMax( config.pageDataSize ); int total = memberService.selectMemberListCount(dto); List list = new ArrayList(); if (total > 0) { list = memberService.selectMemberList(dto); } String param = ""; paging = LifeCenterPaging.getInstance(); paging.paging(config, total, page, param); ModelAndView mv = setMV("staff/list"); mv.addObject("total", total); mv.addObject("selectState", selectState); mv.addObject("sData", sData); mv.addObject("useYn", useYn); mv.addObject("item", list); mv.addObject("paging", paging); mv.addObject( "sesId", sesId ); return mv; } @RequestMapping( value="/duplicateIdCheck", method = RequestMethod.POST ) @ResponseBody public boolean duplicateIdCheck( @RequestParam( value="staffId", required = false, defaultValue = "" ) String id ) { boolean result = false; // false : 중복 , true : 중복아님 JSONObject obj = new JSONObject(); LoginDTO dto = new LoginDTO(); if( id.trim().equals( "" ) ) { result = false; } else { dto.setId( id.trim() ); int count = loginService.selectMemberIdCount( dto ); if( count == 0 ) { result = true; } } // obj.put( "result" , result ); return result; } @RequestMapping( value="/passwordReset", method = RequestMethod.POST ) @ResponseBody public boolean passwordReset( @RequestParam( value="staffId", required = true ) String id, @RequestParam( value="type", required = true ) String type) throws Exception { logger.error("!!!!!!!!!!!!!!!!!! -- > " + id); boolean result = false; String pw = ""; StaffDTO dto = new StaffDTO(); dto.setId(id); if (type.equals("staff")) { pw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, config.staffResetPw); } else { logger.error("config.centerResetPw -- > " + config.centerResetPw); pw = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, config.centerResetPw); } dto.setPassword(pw); int rts = memberService.updateMemberPwReset(dto); if (rts == 1) { result = true; } return result; } }