package kr.co.kihyun.tree; import java.sql.ResultSet; import java.io.IOException; import java.io.PrintWriter; import java.sql.SQLException; //import javax.servlet.ServletException; //import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; //import kr.co.kihyun.lang.Encoder; //import kr.co.kihyun.lang.MInteger; //import kr.co.kihyun.lang.MLong; //import kr.co.kihyun.moumi.MoumiConfig; import kr.co.kihyun.db.DBManager; import kr.co.kihyun.lang.MString; import kr.co.kihyun.beans.user.HttpSSOLogin; //import java.util.Calendar; public class MakeJSonDept extends DBManager { public int dataCnt=0,sysAuth; public String userId,sql=null; public PrintWriter out=null; public StringBuffer sbuf=new StringBuffer(); public MakeJSonDept(HttpServletRequest req,HttpServletResponse res) { try { res.setContentType("text/html;charset=UTF-8"); sysAuth=HttpSSOLogin.getSysAuth(req); userId=HttpSSOLogin.getLoginID(req); out=res.getWriter(); String id=req.getParameter("id"); String rootId=req.getParameter("rootId"); String userYN=MString.checkNull(req.getParameter("userYN"),"N"); String gubun=MString.checkNull(req.getParameter("gubun"),"ORGAN"); if(rootId==null || rootId.equals("null") || rootId.equals("ROOT")) { rootId=null; } sbuf.append("["); if(gubun.equals("GROUP")) { makeGroupSql(id,userId); group2JSon(); } else { makeTreeSql(id,rootId); dept2JSon(); if(userYN.equals("Y")) { user2JSon(id); } } sbuf.append("]"); if(dataCnt>0) { sbuf.deleteCharAt(sbuf.lastIndexOf(",")); } out.println(sbuf.toString()); } catch (IOException ioex) { ioex.printStackTrace(); } catch(Exception ex) { //System.out.println("error exception1:"+ex); ex.printStackTrace(); } } public void makeTreeSql(String id,String rootId) { sql=null; if(rootId!=null) { //System.out.println("::makeTreeSql:::rootId!=null:id::::"+id+"::::::::rootId::::::::"+rootId); sql="SELECT ID,NAME,UPPER_DEPT,ORGAN, "; sql+="CASE WHEN SEL_TYPE='Y' AND SEL_TYPE<>'0' THEN 1 ELSE 0 END SEL_TYPE, "; sql+="PRIORITY FROM MOUMI_DEPT WHERE ORGAN IS NOT NULL AND ID='"+rootId+"' "; sql+="OR (UPPER_DEPT='"+rootId+"' AND ID=ORGAN) ORDER BY NAME"; //System.out.println("makeTreeSql::rootId!=null:::"+sql); return; } if(id.equals("ROOT")) { //System.out.println("::makeTreeSql:::id.equals(ROOT):::id::::"+id+"::::::::rootId::::::::"+rootId); sql="SELECT ID,NAME,UPPER_DEPT,ORGAN,"; sql+="CASE WHEN SEL_TYPE='Y' AND SEL_TYPE<>'0' THEN 1 ELSE 0 END SEL_TYPE,"; sql+="PRIORITY FROM MOUMI_DEPT WHERE ORGAN IS NOT NULL AND UPPER_DEPT IS NULL "; sql+="AND SYS_AUTH<3 ORDER BY NAME"; //System.out.println("makeTreeSql:::id.equals(ROOT)::"+sql); return; } sql="SELECT ID,NAME,UPPER_DEPT,ORGAN,"; sql+="CASE WHEN SEL_TYPE='Y' AND SEL_TYPE<>'0' THEN 1 ELSE 0 END SEL_TYPE,"; sql+="PRIORITY FROM MOUMI_DEPT WHERE UPPER_DEPT='"+id+"' AND ID<>UPPER_DEPT AND SYS_AUTH<6 "; sql+="ORDER BY NAME"; //System.out.println("makeTreeSql:::::"+sql); return; } public void makeGroupSql(String id,String userId) { sql=null; if(id.equals("ROOT")) { sql="SELECT UP.ID PART_ID,UP.NAME DEPT_NAME,UP.USER_ID,UP.ID DEPT_ID,'closed' STATE "; sql+="FROM MOUMI_MUSER US,MOUMI_DEPT DT,MOUMI_USER_PART UP LEFT JOIN MOUMI_USER_USER UU ON (UU.PART_ID = UP.ID) "; sql+="WHERE DT.ORGAN IS NOT NULL AND US.ID='"+userId+"' AND US.DEPT_ID=DT.ID "; sql+="AND (UP.USER_ID=US.ID OR UP.USER_ID IN (SELECT ID FROM MOUMI_MUSER WHERE SYS_AUTH=9) "; if(sysAuth!=2) { sql+="OR UP.USER_ID IN (SELECT ID FROM MOUMI_MUSER WHERE SYS_AUTH=2)"; } sql+=") ORDER BY UP.NAME"; //System.out.println("makeGroupSql:::id.equals(ROOT)::"+sql); return; } else { sql="SELECT PART_ID,NAME DEPT_NAME,'' USER_ID,ID DEPT_ID,'opened' STATE FROM MOUMI_USER_DEPT WHERE PART_ID='"+id+"' ORDER BY NAME"; //System.out.println("makeGroupSql:::::"+sql); return; } } public void group2JSon() { int ii=0; ResultSet rs=null; String partId,deptName,userId,deptId,upper,organ,seltype,pri,state="closed"; partId=deptName=userId=deptId=upper=organ=seltype=pri=""; try { rs=execQuery(sql); //System.out.println("group2JSon:::::"+sql); if(rs==null) { return; } while(rs.next()) { partId=MString.checkNull(rs.getString(1)); deptName=MString.checkNull(rs.getString(2)); deptName=new GroupCount().getCount(partId,deptName); userId=MString.checkNull(rs.getString(3)); deptId=MString.checkNull(rs.getString(4)); state=MString.checkNull(rs.getString(5)); sbuf.append("{ \"data\":\""+deptName+"\",\"attr\": { \"ID\":\""+deptId+"\", "); sbuf.append("\"UPPER\":\""+upper+"\",\"ORGAN\":\""+organ+"\", \"SELTYPE\":\""+seltype+"\", "); sbuf.append("\"PRI\":\""+pri+"\",\"REL\":\"GROUP\"},\"state\" : \""+state+"\"}"); sbuf.append(","); dataCnt++; } close(rs); rs=null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch(Exception ex) { //System.out.println("error exception2:"+ex); ex.printStackTrace(); } finally { if(rs!=null) { close(rs); } execClose(); } } public void dept2JSon() { int ii=0; ResultSet rs=null; String deptId,name,upper,organ,seltype,pri; deptId=name=upper=organ=seltype=pri=null; try { rs=execQuery(sql); //System.out.println("dept2JSon:::::"+sql); if(rs==null) { return; } while(rs.next()) { deptId=MString.checkNull(rs.getString(1)); name=MString.checkNull(rs.getString(2)); upper=MString.checkNull(rs.getString(3)); organ=MString.checkNull(rs.getString(4)); seltype=MString.checkNull(rs.getString(5)); pri=MString.checkNull(rs.getString(6)); sbuf.append("{ \"data\":\""+name+"\",\"attr\": { \"ID\":\""+deptId+"\", "); sbuf.append("\"UPPER\":\""+upper+"\",\"ORGAN\":\""+organ+"\", \"SELTYPE\":\""+seltype+"\", "); sbuf.append("\"PRI\":\""+pri+"\",\"REL\":\"DEPT\"},\"state\" : \"closed\"}"); sbuf.append(","); dataCnt++; } close(rs); rs=null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch(Exception ex) { //System.out.println("error exception2:"+ex); ex.printStackTrace(); } finally { if(rs!=null) { close(rs); } execClose(); } } public void user2JSon(String id) { int ii=0; ResultSet rs=null; String userId,name,sysAuth; sql="SELECT ID,sp_cm_dec_fu(NAME),sys_auth FROM MOUMI_MUSER WHERE DEL_TYPE='N' AND DEPT_ID='"+id+"'"; //System.out.println("user2JSon:::::"+sql); try { rs=execQuery(sql); if(rs==null) { return; } while(rs.next()) { userId=MString.checkNull(rs.getString(1)); name=MString.checkNull(rs.getString(2)); sysAuth=MString.checkNull(rs.getString(3)); sbuf.append("{ \"data\":\""+name+"("+userId+")\",\"attr\": { \"ID\":\""+userId+"\", \"SYSAUTH\":\""+sysAuth+"\","); sbuf.append("\"REL\":\"USER\"},\"state\" : \"opened\"}"); sbuf.append(","); dataCnt++; } close(rs); rs=null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch(Exception ex) { //System.out.println("error exception2:"+ex); ex.printStackTrace(); } finally { if(rs!=null) { close(rs); } execClose(); } } }