团队作业(五):冲刺总结(六)
1.今日任务
- 继续完成后端*.Controller代码的编写,包含但不限于文件的增加和删除,人员权限的赋予和撤销。
- 继续完成后端*.Helper代码的编写,包括但不限于建立数据库链接,对数据库的响应(数据库表的增、删、改、查)。
- 完成访问控制功能的实现,通过对数据库表里Type和status的不同组合实现不同的权限分配(院领导,拟稿人,各部门负责人,管理员等)。
- 导入国密jar包,配置支持国密的JDK,Tomcat实现安全传输功能。
- 继续前端界面的设计
2.遇到的困难
- 如何通过后端代码对数据库实现增删改查操作。
- 如何灵活实现权限的分配。
- 如何实现基于国密算法的加密
3.项目片段
1.删除用户
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import pojo.CRUDHelper;
import javax.servlet.RequestDispatcher;
public class DeleteController extends HttpServlet {
/**
* Constructor of the object.
*/
public DeleteController() {
super();
}
/**
* Destruction of the servlet. <br>
*/
@Override
public void destroy() {
super.destroy(); // Just puts "destroy" string in log
// Put your code here
}
/**
* The doGet method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to get.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
/**
* The doPost method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to post.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=gb2312");
request.setCharacterEncoding("gb2312");
String sql = "";
String str = "";
CRUDHelper ib = new CRUDHelper();
String admin = request.getParameter("admin");
String dep = request.getParameter("dep");
String document = request.getParameter("document");
if(admin != null && !admin.equals("")){
sql = "delete from examine where document in (select id from document where admin="+admin+")";
ib.insertANDupdateANDdel(sql);
sql = "delete from document where admin="+admin;
ib.insertANDupdateANDdel(sql);
sql = "delete from admin where id="+admin;
ib.insertANDupdateANDdel(sql);
str = "/admin/systemuser.jsp";
}
if(dep != null && !dep.equals("")){
sql = "delete from examine where dep in (select id from document where dep="+dep+")";
ib.insertANDupdateANDdel(sql);
sql = "delete from examine where dep="+dep;
ib.insertANDupdateANDdel(sql);
sql = "delete from document where dep="+dep;
ib.insertANDupdateANDdel(sql);
sql = "delete from dep where id="+dep;
ib.insertANDupdateANDdel(sql);
str = "/admin/dep.jsp";
}
if(document != null && !document.equals("")){
sql = "delete from examine where document="+document;
ib.insertANDupdateANDdel(sql);
sql = "delete from document where id="+document;
ib.insertANDupdateANDdel(sql);
str = "/admin/document.jsp";
}
request.getRequestDispatcher(str).forward(request, response);
}
/**
* Initialization of the servlet. <br>
*
* @throws ServletException if an error occure
*/
@Override
public void init() throws ServletException {
// Put your code here
}
}
2.文件管理
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.sql.Time;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import helper.TwoJiaMi;
import helper.FourJiaMi;
import pojo.CRUDHelper;
import pojo.DBHelper;
public class FileController extends HttpServlet {
/**
* Constructor of the object.
*/
public FileController() {
super();
}
/**
* Destruction of the servlet. <br>
*/
@Override
public void destroy() {
super.destroy(); // Just puts "destroy" string in log
// Put your code here
}
/**
* The doGet method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to get.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
/**
* The doPost method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to post.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=gb2312");
request.setCharacterEncoding("gb2312");
CRUDHelper ib = new CRUDHelper();
HttpSession session = request.getSession();
ArrayList adminlogin = (ArrayList)session.getAttribute("adminlogin");
String title = request.getParameter("title");
String content = request.getParameter("content");
String mode = request.getParameter("mode");
String dep = request.getParameter("dep");
//String sm4key = request.getParameter("sm4key");
//String sm4iv = request.getParameter("sm4iv");
//String decryptedKey = Sm2Decrypt.sm2Decrypt(sm4key);
//String decryptedIv = Sm2Decrypt.sm2Decrypt(sm4iv);
System.out.println(title);
System.out.println(content);
try {
//String decryptedTitle = new String(Sm4Decrypt.decryptCbcPkcs5Padding(Sm4Decrypt.hexStrToByte(title), Sm4Decrypt.hexStrToByte(decryptedKey), Sm4Decrypt.hexStrToByte(decryptedIv)), "UTF8");
//System.out.println(decryptedTitle);
//String decryptedContent = new String(Sm4Decrypt.decryptCbcPkcs5Padding(Sm4Decrypt.hexStrToByte(content), Sm4Decrypt.hexStrToByte(decryptedKey), Sm4Decrypt.hexStrToByte(decryptedIv)), "UTF8");
//System.out.println(decryptedContent);
// DateFormat format = new SimpleDateFormat("yyyy-MM-dd kk:mm:ss"); // 这里填写的是想要进行转换的时间格式
String key=FourJiaMi.getRandomString(16);
String encontent=FourJiaMi.encryptSm4(key,content);
Date date = new Date(); // 获取当前时间
java.sql.Date sql_date = new java.sql.Date(date.getTime());
String lingdao = "0";
String taohong = "0";
content="";
// String sql = "insert into document(admin,title,content,mode,dep) values('"+adminlogin.get(0)+"','"+title+"','"+content+"','"+mode+"','"+dep+"')";
String sql = "insert into document(admin,title,content,mode,dep,dates,lingdao,taohong,enkey,encontent) values('"+adminlogin.get(0)+"','"+title+"','"+content+"','"+mode+"','"+dep+"','"+sql_date+"','"+lingdao+"','"+taohong+"','"+key+"','"+encontent+"')";
System.out.println(sql);
int responseText = ib.insertANDupdateANDdel(sql);
if(responseText == -1 ){
request.setAttribute("message","'操作失败!'");
}else{
request.setAttribute("message","'操作成功!'");
// String examine[] = request.getParameterValues("examine");
// sql = "select max(id) as id from document";
// String args[] = {"id"};
// SelectBean sb = new SelectBean();
// ArrayList al = sb.selectRow(args, sql);
// for(int i = 0;i < examine.length;i++){
// sql = "insert into examine(document,dep) values("+al.get(0)+","+examine[i]+")";
// ib.insertANDupdateANDdel(sql);
// }
String examine = request.getParameter("examine");
String state = "0";
sql = "select max(id) as id from document";
String[] args = {"id"};
DBHelper sb = new DBHelper();
ArrayList al = sb.selectRow(args, sql);
sql = "insert into examine(document,dep,state) values("+al.get(0)+","+examine+",'"+state+"')";
ib.insertANDupdateANDdel(sql);
}
request.getRequestDispatcher("/admin/document.jsp").forward(request, response);
} catch (Exception e) {
e.printStackTrace();
}
// DateFormat format = new SimpleDateFormat("yyyy-MM-dd kk:mm:ss"); // 这里填写的是想要进行转换的时间格式
Date date = new Date(); // 获取当前时间
java.sql.Date sql_date = new java.sql.Date(date.getTime());
String lingdao = "0";
String taohong = "0";
// String sql = "insert into document(admin,title,content,mode,dep) values('"+adminlogin.get(0)+"','"+title+"','"+content+"','"+mode+"','"+dep+"')";
/*String sql = "insert into document(admin,title,content,mode,dep,dates,lingdao,taohong) values('"+adminlogin.get(0)+"','"+title+"','"+content+"','"+mode+"','"+dep+"','"+sql_date+"','"+lingdao+"','"+taohong+"')";
int responseText = ib.insertANDupdateANDdel(sql);
if(responseText == -1 ){
request.setAttribute("message","'操作失败!'");
}else{
request.setAttribute("message","'操作成功!'");
// String examine[] = request.getParameterValues("examine");
// sql = "select max(id) as id from document";
// String args[] = {"id"};
// SelectBean sb = new SelectBean();
// ArrayList al = sb.selectRow(args, sql);
// for(int i = 0;i < examine.length;i++){
// sql = "insert into examine(document,dep) values("+al.get(0)+","+examine[i]+")";
// ib.insertANDupdateANDdel(sql);
// }
String examine = request.getParameter("examine");
String state = "0";
sql = "select max(id) as id from document";
String[] args = {"id"};
SelectBean sb = new SelectBean();
ArrayList al = sb.selectRow(args, sql);
sql = "insert into examine(document,dep,state) values("+al.get(0)+","+examine+",'"+state+"')";
ib.insertANDupdateANDdel(sql);
}*/
request.getRequestDispatcher("/admin/document.jsp").forward(request, response);
}
/**
* Initialization of the servlet. <br>
*
* @throws ServletException if an error occurs
*/
@Override
public void init() throws ServletException {
// Put your code here
}
}
3.下载并导入国密算法Jar包
4.配置Tomcat,导入JDK支持国密
5.小组合照
6.燃尽图
陈子昂 | 徐嘉远 | 林梓祺 | 陈鑫 | 陈俊池 | 杨赛 |
---|---|---|---|---|---|
4h | 4h | 3.5h | 3.5h | 3.5h | 4h |