You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
107 lines
4.7 KiB
107 lines
4.7 KiB
/********************************************************************************************************* |
|
* 프로그램명 : HttpGroupDelete.java 프로그램설명 : 사용자 그룹 삭제 작성자 : 작성일 : 변경일 : |
|
**********************************************************************************************************/ |
|
|
|
package kr.co.kihyun.beans.user; |
|
|
|
import kr.co.kihyun.lang.Encoder; |
|
import java.io.IOException; |
|
import java.io.PrintWriter; |
|
|
|
import javax.jdo.PersistenceManager; |
|
import javax.jdo.Transaction; |
|
import javax.servlet.ServletException; |
|
import javax.servlet.annotation.WebServlet; |
|
import javax.servlet.http.HttpServlet; |
|
import javax.servlet.http.HttpServletRequest; |
|
import javax.servlet.http.HttpServletResponse; |
|
|
|
import kr.co.kihyun.beans.entity.UserPart; |
|
import kr.co.kihyun.beans.entity.util.*; |
|
//import kr.co.kihyun.lang.MLong; |
|
import kr.co.kihyun.lang.MString; |
|
import kr.co.kihyun.moumi.MoumiConfig; |
|
import kr.co.kihyun.text.html.ServletUtil; |
|
import kr.co.kihyun.text.javascript.JavaScriptUtil; |
|
import org.slf4j.LoggerFactory; |
|
import org.slf4j.Logger; |
|
@WebServlet("/servlet/kr.co.kihyun.beans.user.HttpGroupDelete") |
|
public class HttpGroupDelete extends HttpServlet { |
|
private static final Logger LOG = LoggerFactory.getLogger(HttpGroupDelete.class); |
|
/** |
|
* |
|
*/ |
|
private static final long serialVersionUID = 1L; |
|
|
|
public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { |
|
doPost(req, res); |
|
} |
|
|
|
public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { |
|
res.setContentType("text/html"); |
|
res.setContentType("text/html;charset=UTF-8"); |
|
PrintWriter out = res.getWriter(); |
|
|
|
/*********** User HttpSSOLogin check ***********/ |
|
if (!HttpSSOLogin.isLogin(req)) { |
|
String connURL = "parent.parent.location='/totsys/login/login.jsp';"; |
|
out.println(ServletUtil.getJavaScript(connURL)); |
|
return; |
|
} |
|
|
|
String usID = HttpSSOLogin.getLoginID(req); |
|
int sysAuth = HttpSSOLogin.getSysAuth(req); |
|
// Long partID = MLong.parseLong(req.getParameter("partID"), -1L); |
|
String partID = Encoder.toJava(req.getParameter("partID")); //Long타입으로 되어있던 것을 String 타입으로 변경 |
|
String callbackFunc = MString.checkNull(req.getParameter("callbackFunc")); |
|
PersistenceManager pm = new MPersistenceManager(PMF.get().getPersistenceManager()); |
|
Transaction tx = pm.currentTransaction(); |
|
try { |
|
tx.begin(); |
|
|
|
UserPart userPart = pm.getObjectById(UserPart.class, partID); |
|
|
|
if (sysAuth == MoumiConfig.TOTPER && !usID.equals(userPart.getUser(pm).getId())) { |
|
out.println(ServletUtil.alert(MoumiConfig.getMessageBundle().getString("moumi.message.popup.notDeleteGroup"))); |
|
out.println(JavaScriptUtil |
|
.getJavaScript("document.location='/totsys/login/envsetting/group/group_setup.jsp';")); |
|
return; |
|
} |
|
|
|
if (userPart.getUserDepts() != null) |
|
pm.deletePersistentAll(userPart.getUserDepts()); |
|
|
|
if (userPart.getUserUsers() != null) |
|
pm.deletePersistentAll(userPart.getUserUsers()); |
|
|
|
pm.deletePersistent(userPart); |
|
|
|
tx.commit(); |
|
out.println(ServletUtil.alert(MoumiConfig.getMessageBundle().getString("moumi.message.popup.deleteGroupSuccess"))); |
|
if( MString.isNull(callbackFunc) ) { |
|
out.println(JavaScriptUtil |
|
.getJavaScript("document.location='/totsys/login/envsetting/group/group_setup.jsp';")); |
|
}else{ |
|
out.println(ServletUtil.getJavaScript(callbackFunc)); |
|
} |
|
} catch (Exception e) { |
|
e.printStackTrace(); |
|
out.println(ServletUtil.alert(MoumiConfig.getMessageBundle().getString("moumi.message.popup.deleteGroupFail"))); |
|
//v2. 9.크로스사이트 스크립트 (PrintWrier) : Update by KWON,HAN |
|
// out.println(JavaScriptUtil |
|
// .getJavaScript("document.location='/totsys/login/envsetting/group/group_setup.jsp';")); |
|
|
|
// 수정 : 외부 입력값 필터링 |
|
String callbackFunc2 = "document.location='/totsys/login/envsetting/group/group_setup.jsp';"; |
|
String filtered_callbackFunc2 = callbackFunc2.replaceAll("<","").replaceAll(">","").replaceAll("&","").replaceAll(",",""); |
|
LOG.debug("v2 9.크로스사이트 스크립트 (PrintWrier) : HttpGroupDelete.doPost() filtered_callbackFunc2={}, Not Test", filtered_callbackFunc2); |
|
out.println(ServletUtil.getJavaScript(filtered_callbackFunc2)); |
|
//======================================== |
|
|
|
} finally { |
|
if (tx.isActive()) |
|
tx.rollback(); |
|
pm.close(); |
|
} |
|
} |
|
}
|
|
|