如何根据用户的角色将用户登陆到不同的页面

时间:2015-06-13 11:30:59

标签: liferay

我正在使用Liferay,并希望在用户登录后显示不同的登录页面:如果门户网站的管理员尝试登录,他将登陆到页面A,如果访客登录到门户网站,他将登录到页面B. @ Today15我做到了这个..

    package com.landing.page.pagetwo;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.events.Action;
import com.liferay.portal.kernel.events.ActionException;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.struts.LastPath;
import com.liferay.portal.kernel.util.PrefsPropsUtil;
import com.liferay.portal.kernel.util.PropsKeys;
import com.liferay.portal.kernel.util.StringPool;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.kernel.util.WebKeys;
import com.liferay.portal.model.Group;
import com.liferay.portal.model.User;
import com.liferay.portal.service.GroupLocalServiceUtil;
import com.liferay.portal.util.PortalUtil;

public class LandingPage extends Action {

@Override
public void run(HttpServletRequest httpsreq, HttpServletResponse httpsres)
              throws ActionException {
    try {
        doRun(httpsreq, httpsres);
    }
    catch (Exception e) {
        throw new ActionException(e);
    }
}
protected void doRun(
        HttpServletRequest request, HttpServletResponse response)
        throws Exception {

        long companyId = PortalUtil.getCompanyId(request);

        String path =
            PrefsPropsUtil.getString(
                companyId, PropsKeys.DEFAULT_LANDING_PAGE_PATH);

        if (_log.isInfoEnabled()) {
            _log.info(PropsKeys.DEFAULT_LANDING_PAGE_PATH + StringPool.EQUAL +
                path);
        }

        if (Validator.isNull(path)) {
            path = getCustomLandingPage(request);
        }

        HttpSession session = request.getSession();
        session.setAttribute(WebKeys.LAST_PATH, new LastPath(
            StringPool.BLANK, path));

    }
private String getCustomLandingPage(HttpServletRequest request)
        throws PortalException, SystemException {

        String customLandingPagePath = StringPool.BLANK;


        customLandingPagePath = getSitePath(PortalUtil.getUser(request), false);

        return customLandingPagePath;
    }
    private String getSitePath(User user, boolean includeLanguage)
            throws PortalException, SystemException {

            String sitePath = StringPool.BLANK;
            List<Group> userSites = getSites(user.getUserId());

            String language = StringPool.BLANK;

            if (includeLanguage) {
                language = StringPool.SLASH + user.getLocale().getLanguage();
            }

            if ((userSites != null) && !userSites.isEmpty()) {
                String siteFriendlyURL = userSites.get(0).getFriendlyURL();
                sitePath = language + "/group" + siteFriendlyURL + "/pagetwo";
            }

            return sitePath;
        }
    private List<Group> getSites(long userId)
            throws PortalException, SystemException {

            List<Group> sites = new ArrayList<Group>();

            for (Group group : GroupLocalServiceUtil.getUserGroups(userId)) {
                if (group.isRegularSite() &&
                    !"Guest".equalsIgnoreCase(group.getName())) {
                    sites.add(group);
                    break;
                }
            }
            return sites;
        }

        private static Log _log =
            LogFactoryUtil.getLog(LandingPage.class);
}

现在我可以登陆我网站的自定义页面了。但是如何限制其他用户从这个页面着陆,以及如何将他们登陆到其他页面。

2 个答案:

答案 0 :(得分:4)

首先: 所有用户都是来宾,直到登录。每个经过身份验证的用户都将拥有“用户”角色。因此,您必须检查用户是否是管理员。话虽如此,我会采取这种方法: 例如,为角色创建自定义字段并将其命名为landingPage。 创建一个PostLoginHook。

package com.liferay.sample.hook;
import com.liferay.portal.kernel.events.Action;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class LoginAction extends Action {
    public void run(HttpServletRequest req, HttpServletResponse res) {
        System.out.println("## My custom login action");
    }
}

在run方法中,检查landingPage自定义字段的值,然后相应地设置lastPath属性。例如:

Map params = new HashMap();  

params.put("p_l_id", new String[] {"PRI.1.1"});

LastPath lastPath = new LastPath("/c", "/portal/layout", params);

session.setAttribute(WebKeys.LAST_PATH, lastPath);

您可能还想查看Liferay本身的DefaultLandingPageAction类: https://github.com/liferay/liferay-portal/blob/master/portal-impl/src/com/liferay/portal/events/DefaultLandingPageAction.java

我建议您使用自定义字段,以便您可以随时更改目标网页。另一个优点是,您也可以使用其他角色执行此操作。

答案 1 :(得分:-2)

在您对用户进行认证后,请使用以下代码:

<强> C#

string userGroup = "admin"; //Or guess
if (userGroup == "admin")
{
    Server.Transfer("page_A.aspx");
}
else if (userGroup == "guess")
{
    Server.Transfer("page_B.aspx");
}

经典ASP

userGroup = "admin" 'Or guess
if userGroup = "admin" then
    response.redirect("page_A.asp")
elseif userGroup = "guess" then
    response.redirect("page_B.asp")
end if

<强> PHP

$userGroup = "admin"; //Or guess
if (userGroup == "admin")
{
    header("Location: page_A.php");
    die();
}
elseif (userGroup == "guess")
{
    header("Location: page_B.php");
    die();
}

但请记住,在页面A和B中,再次检查用户是否可以访问此页面,因为用户GUESS可以将URL更改为page_A并使用管理员权限执行所有操作!

最好的问候,