在上一篇博文中,通过ssm+shiro,可以实现对页面的访问控制,user:"zhang3"角色是"admin",但是没有给他分配"productManager"的角色,所以他可以访问"查看产品","删除订单",但是访问"删除产品"时会提示
而user:“li4”拥有"productManager"的角色,所以他可以访问"删除产品",却不能访问"删除订单"。
这样一来就实现了权限的分配。
但是这个权限的分配过程,是通过在控制器对应方法上添加@RequirePermission和@RequiredRoles注解实现的。
真正项目开发的时候,这种方式就很有局限性了,当权限配置关系发生变化,每次都要修改代码,编译打包重启系统,这肯定是不能够被接受的。
所以,最好的方式,还是通过动态配置,哪个给不同的用户配置不同的角色,权限,修改之后立马生效这种方式。 为了实现这个效果,就需要基于URL配置的方式来做了。
接下来要做基于URL配置权限的讲解。 但是基于URL配置权限需要自己能够进行权限信息的灵活配置,那么就需要对权限信息一套进行维护。
到这里先看一下整个项目的结构:
1.对表结构进行调整
主要是增加了一些字段
1 DROP DATABASE IF EXISTS shiro; 2 CREATE DATABASE shiro DEFAULT CHARACTER SET utf8; 3 USE shiro; 4 5 drop table if exists user; 6 drop table if exists role; 7 drop table if exists permission; 8 drop table if exists user_role; 9 drop table if exists role_permission; 10 11 create table user ( 12 id bigint auto_increment, 13 name varchar(100), 14 password varchar(100), 15 salt varchar(100), 16 constraint pk_users primary key(id) 17 ) charset=utf8 ENGINE=InnoDB; 18 19 create table role ( 20 id bigint auto_increment, 21 name varchar(100), 22 desc_ varchar(100), 23 constraint pk_roles primary key(id) 24 ) charset=utf8 ENGINE=InnoDB; 25 26 create table permission ( 27 id bigint auto_increment, 28 name varchar(100), 29 desc_ varchar(100), 30 url varchar(100), 31 constraint pk_permissions primary key(id) 32 ) charset=utf8 ENGINE=InnoDB; 33 34 create table user_role ( 35 id bigint auto_increment, 36 uid bigint, 37 rid bigint, 38 constraint pk_users_roles primary key(id) 39 ) charset=utf8 ENGINE=InnoDB; 40 41 create table role_permission ( 42 id bigint auto_increment, 43 rid bigint, 44 pid bigint, 45 constraint pk_roles_permissions primary key(id) 46 ) charset=utf8 ENGINE=InnoDB;
1 INSERT INTO `permission` VALUES (1,'addProduct','增加产品','/addProduct'); 2 INSERT INTO `permission` VALUES (2,'deleteProduct','删除产品','/deleteProduct'); 3 INSERT INTO `permission` VALUES (3,'editeProduct','编辑产品','/editeProduct'); 4 INSERT INTO `permission` VALUES (4,'updateProduct','修改产品','/updateProduct'); 5 INSERT INTO `permission` VALUES (5,'listProduct','查看产品','/listProduct'); 6 INSERT INTO `permission` VALUES (6,'addOrder','增加订单','/addOrder'); 7 INSERT INTO `permission` VALUES (7,'deleteOrder','删除订单','/deleteOrder'); 8 INSERT INTO `permission` VALUES (8,'editeOrder','编辑订单','/editeOrder'); 9 INSERT INTO `permission` VALUES (9,'updateOrder','修改订单','/updateOrder'); 10 INSERT INTO `permission` VALUES (10,'listOrder','查看订单','/listOrder'); 11 INSERT INTO `role` VALUES (1,'admin','超级管理员'); 12 INSERT INTO `role` VALUES (2,'productManager','产品管理员'); 13 INSERT INTO `role` VALUES (3,'orderManager','订单管理员'); 14 INSERT INTO `role_permission` VALUES (1,1,1); 15 INSERT INTO `role_permission` VALUES (2,1,2); 16 INSERT INTO `role_permission` VALUES (3,1,3); 17 INSERT INTO `role_permission` VALUES (4,1,4); 18 INSERT INTO `role_permission` VALUES (5,1,5); 19 INSERT INTO `role_permission` VALUES (6,1,6); 20 INSERT INTO `role_permission` VALUES (7,1,7); 21 INSERT INTO `role_permission` VALUES (8,1,8); 22 INSERT INTO `role_permission` VALUES (9,1,9); 23 INSERT INTO `role_permission` VALUES (10,1,10); 24 INSERT INTO `role_permission` VALUES (11,2,1); 25 INSERT INTO `role_permission` VALUES (12,2,2); 26 INSERT INTO `role_permission` VALUES (13,2,3); 27 INSERT INTO `role_permission` VALUES (14,2,4); 28 INSERT INTO `role_permission` VALUES (15,2,5); 29 INSERT INTO `role_permission` VALUES (50,3,10); 30 INSERT INTO `role_permission` VALUES (51,3,9); 31 INSERT INTO `role_permission` VALUES (52,3,8); 32 INSERT INTO `role_permission` VALUES (53,3,7); 33 INSERT INTO `role_permission` VALUES (54,3,6); 34 INSERT INTO `role_permission` VALUES (55,3,1); 35 INSERT INTO `role_permission` VALUES (56,5,11); 36 INSERT INTO `user` VALUES (1,'zhang3','a7d59dfc5332749cb801f86a24f5f590','e5ykFiNwShfCXvBRPr3wXg=='); 37 INSERT INTO `user` VALUES (2,'li4','43e28304197b9216e45ab1ce8dac831b','jPz19y7arvYIGhuUjsb6sQ=='); 38 INSERT INTO `user_role` VALUES (43,2,2); 39 INSERT INTO `user_role` VALUES (45,1,1);
2.导入逆向工程需要的jar
1 <dependency> 2 <groupId>org.mybatis.generator</groupId> 3 <artifactId>mybatis-generator-core</artifactId> 4 <version>1.3.7</version> 5 </dependency>
3.generatorConfig.xml
用于指定需要生成哪些表的文件
1 <?xml version="1.0" encoding="UTF-8"?> 2 <!DOCTYPE generatorConfiguration 3 PUBLIC "-//mybatis.org//DTD MyBatis Generator Configuration 1.0//EN" 4 "http://mybatis.org/dtd/mybatis-generator-config_1_0.dtd"> 5 <generatorConfiguration> 6 7 <context id="DB2Tables" targetRuntime="MyBatis3"> 8 9 <!--是否在代码中去掉注释--> 10 <commentGenerator> 11 <property name="suppressDate" value="true" /> 12 <property name="suppressAllComments" value="true" /> 13 </commentGenerator> 14 15 <!--数据库链接地址账号密码--> 16 <jdbcConnection driverClass="com.mysql.jdbc.Driver" connectionURL="jdbc:mysql://localhost/shiro" userId="root" password="root"> 17 </jdbcConnection> 18 <!--不知道做什么用的。。。反正贴上来了~--> 19 <javaTypeResolver> 20 <property name="forceBigDecimals" value="false"/> 21 </javaTypeResolver> 22 <!--生成pojo类存放位置--> 23 <javaModelGenerator targetPackage="com.vi.entity" targetProject="src"> 24 <property name="enableSubPackages" value="true"/> 25 <property name="trimStrings" value="true"/> 26 </javaModelGenerator> 27 <!--生成xml映射文件存放位置--> 28 <sqlMapGenerator targetPackage="mapper" targetProject="src/main/resources/mapper"> 29 <property name="enableSubPackages" value="true"/> 30 </sqlMapGenerator> 31 <!--生成mapper类存放位置--> 32 <javaClientGenerator type="XMLMAPPER" targetPackage="com.vi.mapper" targetProject="src"> 33 <property name="enableSubPackages" value="true"/> 34 </javaClientGenerator> 35 36 <!--生成对应表及类名--> 37 <table tableName="user" domainObjectName="User" enableCountByExample="false" enableUpdateByExample="false" enableDeleteByExample="false" enableSelectByExample="true" selectByExampleQueryId="false"> 38 <property name="my.isgen.usekeys" value="true"/> 39 <property name="useActualColumnNames" value="true"/> 40 <generatedKey column="id" sqlStatement="JDBC"/> 41 </table> 42 <table tableName="role" domainObjectName="Role" enableCountByExample="false" enableUpdateByExample="false" enableDeleteByExample="false" enableSelectByExample="true" selectByExampleQueryId="false"> 43 <property name="my.isgen.usekeys" value="true"/> 44 <property name="useActualColumnNames" value="true"/> 45 <generatedKey column="id" sqlStatement="JDBC"/> 46 </table> 47 <table tableName="permission" domainObjectName="Permission" enableCountByExample="false" enableUpdateByExample="false" enableDeleteByExample="false" enableSelectByExample="true" selectByExampleQueryId="false"> 48 <property name="my.isgen.usekeys" value="true"/> 49 <property name="useActualColumnNames" value="true"/> 50 <generatedKey column="id" sqlStatement="JDBC"/> 51 </table> 52 <table tableName="user_role" domainObjectName="UserRole" enableCountByExample="false" enableUpdateByExample="false" enableDeleteByExample="false" enableSelectByExample="true" selectByExampleQueryId="false"> 53 <property name="my.isgen.usekeys" value="true"/> 54 <property name="useActualColumnNames" value="true"/> 55 <generatedKey column="id" sqlStatement="JDBC"/> 56 </table> 57 <table tableName="role_permission" domainObjectName="RolePermission" enableCountByExample="false" enableUpdateByExample="false" enableDeleteByExample="false" enableSelectByExample="true" selectByExampleQueryId="false"> 58 <property name="my.isgen.usekeys" value="true"/> 59 <property name="useActualColumnNames" value="true"/> 60 <generatedKey column="id" sqlStatement="JDBC"/> 61 </table> 62 63 </context> 64 </generatorConfiguration>
4.MybatisGenerator
运行这个程序以获取逆向工程生成的文件。
1 public class MybatisGenerator { 2 public static void main(String[] args) throws Exception { 3 4 List<String> warnings = new ArrayList<String>(); 5 boolean overwrite = true; 6 InputStream is= MybatisGenerator.class.getClassLoader().getResource("generatorConfig.xml").openStream(); 7 ConfigurationParser cp = new ConfigurationParser(warnings); 8 Configuration config = cp.parseConfiguration(is); 9 is.close(); 10 DefaultShellCallback callback = new DefaultShellCallback(overwrite); 11 MyBatisGenerator myBatisGenerator = new MyBatisGenerator(config, callback, warnings); 12 myBatisGenerator.generate(null); 13 14 System.out.println("生成代码成功"); 15 16 } 17 }
5.Service层
UserService.java
1 public interface UserService { 2 /** 3 * 根据用户名获取密码 4 * @param name 5 * @return 6 */ 7 String getPassword(String name); 8 9 /** 10 * 根据用户名查找user 11 * @param name 12 * @return 13 */ 14 User getByName(String name); 15 16 List<User> list(); 17 18 void delete(Long id); 19 20 void add(User user); 21 22 User get(Long id); 23 24 void update(User user); 25 }
RoleService.java
1 public interface RoleService { 2 /** 3 * 根据用户名查找角色名 4 * @param username 5 * @return 6 */ 7 public Set<String> listRoleNames(String username); 8 9 /** 10 * 根据用户名查找角色 11 * @param username 12 * @return 13 */ 14 public Set<Role> listRoles(String username); 15 16 /** 17 * 根据用户查找角色 18 * @param user 19 * @return 20 */ 21 public Set<Role> listRoles(User user); 22 23 public List<Role> list(); 24 25 public void add(Role role); 26 27 public void delete(Long id); 28 29 public Role get(Long id); 30 31 public void update(Role role); 32 }
UserRoleService.java
1 public interface UserRoleService { 2 /** 3 * 给用户赋予对应的角色 4 * @param user 5 * @param roleIds 6 */ 7 void setRoles(User user, long[] roleIds); 8 9 void deleteByUser(long userId); 10 11 void deleteByRole(long roleId); 12 }
PermissionService.java
1 public interface PermissionService { 2 /** 3 * 根据用户名查找权限名 4 * @param username 5 * @return 6 */ 7 Set<String> listPermissions(String username); 8 9 /** 10 * 查询角色对应的权限 11 * @param role 12 * @return 13 */ 14 List<Permission> listByRole(Role role); 15 16 List<Permission> list(); 17 18 void add(Permission permission); 19 20 void delete(Long id); 21 22 Permission get(Long id); 23 24 void update(Permission permission); 25 }
RolePermissionService.java
1 public interface RolePermissionService { 2 /** 3 * 给角色赋予对应的权限 4 * @param role 5 * @param permissonIds 6 */ 7 void setPermissions(Role role, long[] permissonIds); 8 9 void deleteByRole(long roleId); 10 11 void deleteByPermission(long permissionId); 12 }
ServiceImpl
UserServiceImpl
1 @Service 2 public class UserServiceImpl implements UserService { 3 @Autowired 4 UserMapper userMapper; 5 @Autowired 6 UserRoleService userRoleService; 7 8 @Override 9 public String getPassword(String name) { 10 User user = getByName(name); 11 if (user == null) { 12 return null; 13 } 14 return user.getPassword(); 15 } 16 17 @Override 18 public User getByName(String name) { 19 UserExample example = new UserExample(); 20 example.createCriteria().andNameEqualTo(name); 21 List<User> users = userMapper.selectByExample(example); 22 if (users.isEmpty()) { 23 return null; 24 } 25 return users.get(0); 26 } 27 28 @Override 29 public List<User> list() { 30 UserExample example = new UserExample(); 31 example.setOrderByClause("id desc"); 32 return userMapper.selectByExample(example); 33 } 34 35 @Override 36 public void delete(Long id) { 37 userMapper.deleteByPrimaryKey(id); 38 userRoleService.deleteByUser(id); 39 } 40 41 @Override 42 public void add(User user) { 43 userMapper.insert(user); 44 } 45 46 @Override 47 public User get(Long id) { 48 return userMapper.selectByPrimaryKey(id); 49 } 50 51 @Override 52 public void update(User user) { 53 userMapper.updateByPrimaryKeySelective(user); 54 } 55 }
1 @Service 2 public class RoleServiceImpl implements RoleService { 3 @Autowired 4 RoleMapper roleMapper; 5 @Autowired 6 UserRoleMapper userRoleMapper; 7 @Autowired 8 UserService userService; 9 10 @Override 11 public Set<String> listRoleNames(String username) { 12 Set<String> result = new HashSet<>(); 13 List<Role> roles = listRoles(username); 14 for (Role role : roles) { 15 result.add(role.getName()); 16 } 17 return result; 18 } 19 20 @Override 21 public List<Role> listRoles(String username) { 22 List<Role> roles = new ArrayList<>(); 23 User user = userService.getByName(username); 24 if(user==null) 25 return roles; 26 roles = listRoles(user); 27 return roles; 28 } 29 30 @Override 31 public List<Role> listRoles(User user) { 32 List<Role> roles = new ArrayList<>(); 33 UserRoleExample userRoleExample = new UserRoleExample(); 34 userRoleExample.createCriteria().andUidEqualTo(user.getId()); 35 List<UserRole> userRoles = userRoleMapper.selectByExample(userRoleExample); 36 for (UserRole userRole : userRoles) { 37 roles.add(roleMapper.selectByPrimaryKey(userRole.getRid())); 38 39 } 40 return roles; 41 } 42 43 @Override 44 public List<Role> list() { 45 RoleExample example = new RoleExample(); 46 example.setOrderByClause("id desc"); 47 return roleMapper.selectByExample(example); 48 } 49 50 @Override 51 public void add(Role role) { 52 roleMapper.insert(role); 53 } 54 55 @Override 56 public void delete(Long id) { 57 roleMapper.deleteByPrimaryKey(id); 58 } 59 60 @Override 61 public Role get(Long id) { 62 return roleMapper.selectByPrimaryKey(id); 63 } 64 65 @Override 66 public void update(Role role) { 67 roleMapper.updateByPrimaryKeySelective(role); 68 } 69 }
1 @Service 2 public class PermissionServiceImpl implements PermissionService { 3 @Autowired 4 PermissionMapper permissionMapper; 5 @Autowired 6 UserService userService; 7 @Autowired 8 RoleService roleService; 9 @Autowired 10 RolePermissionMapper rolePermissionMapper; 11 12 @Override 13 public Set<String> listPermissions(String username) { 14 Set<String> result = new HashSet<>(); 15 List<Role> roles = roleService.listRoles(username); 16 List<RolePermission> rolePermissions = new ArrayList<>(); 17 for (Role role : roles) { 18 RolePermissionExample example = new RolePermissionExample(); 19 example.createCriteria().andRidEqualTo(role.getId()); 20 List<RolePermission> list = rolePermissionMapper.selectByExample(example); 21 rolePermissions.addAll(list); 22 } 23 for (RolePermission rolePermission : rolePermissions) { 24 Permission p = permissionMapper.selectByPrimaryKey(rolePermission.getPid()); 25 result.add(p.getName()); 26 } 27 return result; 28 } 29 30 @Override 31 public List<Permission> listByRole(Role role) { 32 List<Permission> result = new ArrayList<>(); 33 RolePermissionExample example = new RolePermissionExample(); 34 example.createCriteria().andRidEqualTo(role.getId()); 35 List<RolePermission> rolePermissions = rolePermissionMapper.selectByExample(example); 36 for (RolePermission rolePermission : rolePermissions) { 37 result.add(permissionMapper.selectByPrimaryKey(rolePermission.getPid())); 38 } 39 return result; 40 } 41 42 @Override 43 public List<Permission> list() { 44 PermissionExample example = new PermissionExample(); 45 example.setOrderByClause("id desc"); 46 return permissionMapper.selectByExample(example); 47 } 48 49 @Override 50 public void add(Permission permission) { 51 permissionMapper.insert(permission); 52 } 53 54 @Override 55 public void delete(Long id) { 56 permissionMapper.deleteByPrimaryKey(id); 57 } 58 59 @Override 60 public Permission get(Long id) { 61 return permissionMapper.selectByPrimaryKey(id); 62 } 63 64 @Override 65 public void update(Permission permission) { 66 permissionMapper.updateByPrimaryKeySelective(permission); 67 } 68 }
1 @Service 2 public class UserRoleServiceImpl implements UserRoleService { 3 @Autowired 4 UserRoleMapper userRoleMapper; 5 @Override 6 public void setRoles(User user, long[] roleIds) { 7 //删除当前用户所有角色 8 UserRoleExample userRoleExample = new UserRoleExample(); 9 userRoleExample.createCriteria().andUidEqualTo(user.getId()); 10 List<UserRole> userRoles = userRoleMapper.selectByExample(userRoleExample); 11 for (UserRole userRole : userRoles) { 12 userRoleMapper.deleteByPrimaryKey(userRole.getId()); 13 } 14 15 //设置新的角色关系 16 if (null != roleIds) { 17 for (long rid : roleIds) { 18 UserRole userRole = new UserRole(); 19 userRole.setRid(rid); 20 userRole.setUid(user.getId()); 21 userRoleMapper.insert(userRole); 22 } 23 } 24 } 25 26 @Override 27 public void deleteByUser(long userId) { 28 UserRoleExample userRoleExample = new UserRoleExample(); 29 userRoleExample.createCriteria().andUidEqualTo(userId); 30 List<UserRole> userRoles = userRoleMapper.selectByExample(userRoleExample); 31 for (UserRole userRole : userRoles) { 32 userRoleMapper.deleteByPrimaryKey(userRole.getId()); 33 } 34 } 35 36 @Override 37 public void deleteByRole(long roleId) { 38 UserRoleExample userRoleExample = new UserRoleExample(); 39 userRoleExample.createCriteria().andRidEqualTo(roleId); 40 List<UserRole> userRoles = userRoleMapper.selectByExample(userRoleExample); 41 for (UserRole userRole : userRoles) { 42 userRoleMapper.deleteByPrimaryKey(userRole.getId()); 43 } 44 } 45 }
1 @Service 2 public class RolePermissionServiceImpl implements RolePermissionService { 3 @Autowired 4 RoleService roleService; 5 @Autowired 6 PermissionService permissionService; 7 @Autowired 8 RolePermissionMapper rolePermissionMapper; 9 10 @Override 11 public void setPermissions(Role role, long[] permissonIds) { 12 //删除当前角色的所有权限 13 RolePermissionExample rolePermissionExample = new RolePermissionExample(); 14 rolePermissionExample.createCriteria().andRidEqualTo(role.getId()); 15 List<RolePermission> list = rolePermissionMapper.selectByExample(rolePermissionExample); 16 for (RolePermission rolePermission : list) { 17 rolePermissionMapper.deleteByPrimaryKey(rolePermission.getId()); 18 } 19 //设置新的权限关系 20 if (permissonIds != null) { 21 for (long id : permissonIds) { 22 RolePermission rolePermission = new RolePermission(); 23 rolePermission.setRid(role.getId()); 24 rolePermission.setPid(id); 25 rolePermissionMapper.insert(rolePermission); 26 } 27 } 28 } 29 30 @Override 31 public void deleteByRole(long roleId) { 32 RolePermissionExample rolePermissionExample = new RolePermissionExample(); 33 rolePermissionExample.createCriteria().andRidEqualTo(roleId); 34 List<RolePermission> rolePermissions = rolePermissionMapper.selectByExample(rolePermissionExample); 35 for (RolePermission rolePermission : rolePermissions) { 36 rolePermissionMapper.deleteByPrimaryKey(rolePermission.getId()); 37 } 38 } 39 40 @Override 41 public void deleteByPermission(long permissionId) { 42 RolePermissionExample rolePermissionExample = new RolePermissionExample(); 43 rolePermissionExample.createCriteria().andPidEqualTo(permissionId); 44 List<RolePermission> rolePermissions = rolePermissionMapper.selectByExample(rolePermissionExample); 45 for (RolePermission rolePermission : rolePermissions) { 46 rolePermissionMapper.deleteByPrimaryKey(rolePermission.getId()); 47 } 48 } 49 }
6.控制层
1 @Controller 2 public class UserController { 3 @Autowired 4 UserService userService; 5 @Autowired 6 RoleService roleService; 7 @Autowired 8 UserRoleService userRoleService; 9 10 @RequestMapping("/listUser") 11 public String list(Model model) { 12 List<User> users = userService.list(); 13 model.addAttribute("users", users); 14 Map<User,List<Role>> user_roles = new HashMap<>(); 15 for (User user : users) { 16 List<Role> roles = roleService.listRoles(user); 17 user_roles.put(user, roles); 18 } 19 model.addAttribute("user_roles", user_roles); 20 return "listUer"; 21 } 22 23 @RequestMapping("/editUser") 24 public String edit(Model model, long id) { 25 List<Role> roles = roleService.list(); 26 model.addAttribute("roles", roles); 27 User user = userService.get(id); 28 model.addAttribute("user", user); 29 List<Role> currentRoles = roleService.listRoles(user); 30 model.addAttribute("currentRoles", currentRoles); 31 return "editUser"; 32 } 33 34 @RequestMapping("/deleteUser") 35 public String delete(Model model, long id) { 36 userService.delete(id); 37 return "redirect:listUser"; 38 } 39 40 @RequestMapping("/updateUser") 41 public String update(User user,long[] roleIds) { 42 userRoleService.setRoles(user,roleIds); 43 String password = user.getPassword(); 44 //如果数据里没有密码就不用更新 45 if (password.length() != 0) {//给输入的密码加盐加密 46 String salt = new SecureRandomNumberGenerator().nextBytes().toString(); 47 int times = 2; 48 String method = "md5"; 49 String encryptPassword = new SimpleHash(method, password, salt, times).toString(); 50 user.setPassword(encryptPassword); 51 user.setSalt(salt); 52 } 53 userService.update(user); 54 return "redirect:listUser"; 55 } 56 57 58 @RequestMapping("/addUser") 59 public String add(Model model,String name,String password) { 60 String salt = new SecureRandomNumberGenerator().nextBytes().toString(); 61 String encryptPassword = new SimpleHash("md5", password, salt, 2).toString(); 62 User user = new User(); 63 user.setPassword(encryptPassword); 64 user.setName(name); 65 user.setSalt(salt); 66 userService.add(user); 67 model.addAttribute("user",user); 68 return "redirect:listUser"; 69 } 70 }
UserController.java
1 @Controller 2 public class UserController { 3 @Autowired 4 UserService userService; 5 @Autowired 6 RoleService roleService; 7 @Autowired 8 UserRoleService userRoleService; 9 10 @RequestMapping("/listUser") 11 public String list(Model model) { 12 List<User> users = userService.list(); 13 model.addAttribute("users", users); 14 Map<User,List<Role>> user_roles = new HashMap<>(); 15 for (User user : users) { 16 List<Role> roles = roleService.listRoles(user); 17 user_roles.put(user, roles); 18 } 19 model.addAttribute("user_roles", user_roles); 20 return "listUer"; 21 } 22 23 @RequestMapping("/editUser") 24 public String edit(Model model, long id) { 25 List<Role> roles = roleService.list(); 26 model.addAttribute("roles", roles); 27 User user = userService.get(id); 28 model.addAttribute("user", user); 29 List<Role> currentRoles = roleService.listRoles(user); 30 model.addAttribute("currentRoles", currentRoles); 31 return "editUser"; 32 } 33 34 @RequestMapping("/deleteUser") 35 public String delete(Model model, long id) { 36 userService.delete(id); 37 return "redirect:listUser"; 38 } 39 40 @RequestMapping("/updateUser") 41 public String update(User user,long[] roleIds) { 42 userRoleService.setRoles(user,roleIds); 43 String password = user.getPassword(); 44 //如果数据里没有密码就不用更新 45 if (password.length() != 0) {//给输入的密码加盐加密 46 String salt = new SecureRandomNumberGenerator().nextBytes().toString(); 47 int times = 2; 48 String method = "md5"; 49 String encryptPassword = new SimpleHash(method, password, salt, times).toString(); 50 user.setPassword(encryptPassword); 51 user.setSalt(salt); 52 } 53 userService.update(user); 54 return "redirect:listUser"; 55 } 56 57 58 @RequestMapping("/addUser") 59 public String add(Model model,String name,String password) { 60 String salt = new SecureRandomNumberGenerator().nextBytes().toString(); 61 String encryptPassword = new SimpleHash("md5", password, salt, 2).toString(); 62 User user = new User(); 63 user.setPassword(encryptPassword); 64 user.setName(name); 65 user.setSalt(salt); 66 userService.add(user); 67 model.addAttribute("user",user); 68 return "redirect:listUser"; 69 } 70 }
RoleController.java
1 @Controller 2 @RequestMapping("/config") 3 public class RoleController { 4 @Autowired 5 RoleService roleService; 6 @Autowired 7 RolePermissionService rolePermissionService; 8 @Autowired 9 PermissionService permissionService; 10 11 @RequestMapping("/listRole") 12 public String list(Model model) { 13 List<Role> roles = roleService.list(); 14 model.addAttribute("roles", roles); 15 16 Map<Role, List<Permission>> role_permissions = new HashMap<>(); 17 for (Role role : roles) { 18 List<Permission> permissions = permissionService.listByRole(role); 19 role_permissions.put(role, permissions); 20 } 21 return "listRole"; 22 } 23 24 @RequestMapping("/editRole") 25 public String list(Model model, long id) { 26 Role role = roleService.get(id); 27 model.addAttribute("role", role); 28 29 List<Permission> permissions = permissionService.list(); 30 model.addAttribute("permissions", permissions); 31 32 List<Permission> currentPermissions = permissionService.listByRole(role); 33 model.addAttribute("currentPermissions", currentPermissions); 34 35 return "editRole"; 36 } 37 38 @RequestMapping("/updateRole") 39 public String update(Role role, long[] permissionIds) { 40 rolePermissionService.setPermissions(role,permissionIds); 41 roleService.update(role); 42 return "redirect:listRole"; 43 } 44 45 @RequestMapping("/addRole") 46 public String add(Model model, Role role) { 47 System.out.println(role.getName()); 48 System.out.println(role.getDesc_()); 49 roleService.add(role); 50 return "listRole"; 51 } 52 53 @RequestMapping("/deleteRole") 54 public String delete(long id) { 55 roleService.delete(id); 56 rolePermissionService.deleteByRole(id); 57 return "redirect:listRole"; 58 } 59 }
PermissionController.java
1 @Controller 2 @RequestMapping("/config") 3 public class PermissionController { 4 @Autowired 5 PermissionService permissionService; 6 7 @RequestMapping("/listPermission") 8 public String list(Model model) { 9 List<Permission> permissions = new ArrayList<>(); 10 permissions = permissionService.list(); 11 model.addAttribute("permissions", permissions); 12 return "listPermission"; 13 } 14 15 @RequestMapping("/editPermission") 16 public String edit(Model model, long id) { 17 Permission permission = permissionService.get(id); 18 model.addAttribute("permission", permission); 19 return "editPermission"; 20 } 21 22 @RequestMapping("/updatePermission") 23 public String update(Permission permission) { 24 permissionService.update(permission); 25 return "redirect:listPermission"; 26 } 27 28 @RequestMapping("/addPermission") 29 public String list(Permission permission) { 30 System.out.println(permission.getName()); 31 System.out.println(permission.getDesc_()); 32 permissionService.add(permission); 33 return "redirect:listPermission"; 34 } 35 36 @RequestMapping("/deletePermission") 37 public String list(long id) { 38 permissionService.delete(id); 39 return "redirect:listPermission"; 40 } 41 }
7.JSP
首先准备一个menu.jsp,这个在其他的jsp中也会被用到
1 <%-- 2 Created by IntelliJ IDEA. 3 User: vi 4 --%> 5 <%@ page contentType="text/html;charset=UTF-8" language="java" pageEncoding="UTF-8" isELIgnored="false" %> 6 <style> 7 8 </style> 9 <div class="menu" > 10 <a href="listUser">用户管理</a> 11 <a href="listRole">角色管理</a> 12 <a href="listPermission">权限管理</a> 13 </div>
style.css
span.desc { margin-left: 20px; color: gray; } div.workingDiv { margin: 200px auto; max- 1013px; height: 500px; position: relative; } div.workingDiv a { display: inline-block; } div.loginDiv { text-align: left; } div.errorInfo { color: red; font-size: 0.65em; } div.menu { 100px; margin: 20px; text-align: center; float: left; } div.menu a { text-decoration: none; display: block; margin: 20px; } div.menu a:hover { color: #C40000; } div.right { position: absolute; left: 150px; } div table { 800px; margin: 10px; }
listUser.jsp
<%-- Created by IntelliJ IDEA. User: vi --%> <html> <%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %> <head> <link rel="stylesheet" type="text/css" href="../static/css/style.css"/> <!--引入bootstrap--> <script type="text/javascript" src="../static/js/jquery/2.0.0/jquery.min.js"></script> <link rel="stylesheet" type="text/css" href="../static/css/bootstrap/3.3.6/bootstrap.css"> <script type="text/javascript" src="../static/js/bootstrap/3.3.6/bootstrap.js"></script> <title>用户管理</title> <style> div table { 600px; margin: 10px; } </style> </head> <body> <div class="workingDiv"> <%@ include file="include/menu.jsp" %> <div class="right"> <table class="table table-bordered" style="500px;"> <tr> <th>id</th> <th>用户名</th> <th>密码</th> <th>加密盐</th> <th>角色</th> <th>编辑</th> <th>删除</th> </tr> <c:forEach items="${users}" var="user"> <tr> <td>${user.id}</td> <td>${user.name}</td> <td>${fn:substring(user.password,0,5)}...</td> <td>${fn:substring(user.salt,0,5)}...</td> <td> <c:forEach items="${user_roles[user]}" var="role"> ${role.name}<br> </c:forEach> </td> <td> <a href="editUser?id=${user.id}"><span class="glyphicon glyphicon-edit"></span></a> </td> <td> <a href="deleteUser?id=${user.id}"><span class="glyphicon glyphicon-trash"></span></a> </td> </tr> </c:forEach> </table> <div class="addOrEdit" style="margin:10px;400px;"> <form action="addUser" method="post"> <input placeholder="用户名" name="name" class="form-control" style="200px;"><br> <input placeholder="密码" type="password" name="password" class="form-control" style="200px;"><br> <input type="submit" value="增加" class="form-control" style="80px;"> </form> </div> </div> </div> </body> </html>
editUser.jsp
1 <%-- 2 Created by IntelliJ IDEA. 3 User: vi 4 --%> 5 <%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %> 6 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> 7 <html> 8 <head> 9 <title>编辑用户</title> 10 <link rel="stylesheet" type="text/css" href="../static/css/style.css"/> 11 <!--引入bootstrap--> 12 <script type="text/javascript" src="../static/js/jquery/2.0.0/jquery.min.js"></script> 13 <link rel="stylesheet" type="text/css" href="../static/css/bootstrap/3.3.6/bootstrap.css"> 14 <script type="text/javascript" src="../static/js/bootstrap/3.3.6/bootstrap.js"></script> 15 <style> 16 div table { 17 600px; 18 margin: 10px auto; 19 } 20 21 div input { 22 margin: 10px; 23 } 24 </style> 25 </head> 26 <body> 27 <div class="workingDiv"> 28 <%@ include file="include/menu.jsp" %> 29 30 <div class="right"> 31 <div class="addOrEdit"> 32 <form action="updateUser" method="post"> 33 用户名:<input type="text" value="${user.name}" class="form-control" style="200px"><br> 34 密码: <input type="password" placeholder="如果不修改请置空" value="" class="form-control" 35 style="200px"/><br> 36 配置角色:<br> 37 <c:forEach items="${roles}" var="role"> 38 <c:set var="hasRole" value="fasle"></c:set> 39 <c:forEach items="${currentRoles}" var="curRole"> 40 <c:if test="${role.id==curRole.id}"> 41 <c:set var="hasRole" value="true"></c:set> 42 </c:if> 43 </c:forEach> 44 <input type="checkbox" ${hasRole?'checked':''} value="${role.id}" name="roleIds">${role.name}<br> 45 </c:forEach> 46 <input type="hidden" name="id" value="${user.id}"> 47 <input type="submit" value="修改" class="form-control" style="80px;"> 48 </form> 49 </div> 50 </div> 51 </div> 52 </body> 53 </html>
listRole.jsp
1 <%-- 2 Created by IntelliJ IDEA. 3 User: vi 4 --%> 5 <%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %> 6 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> 7 <html> 8 <head> 9 <title>角色管理</title> 10 <link rel="stylesheet" type="text/css" href="../static/css/style.css"/> 11 <!--引入bootstrap--> 12 <script type="text/javascript" src="../static/js/jquery/2.0.0/jquery.min.js"></script> 13 <link rel="stylesheet" type="text/css" href="../static/css/bootstrap/3.3.6/bootstrap.css"> 14 <script type="text/javascript" src="../static/js/bootstrap/3.3.6/bootstrap.js"></script> 15 16 </head> 17 <body> 18 <div class="workingDiv"> 19 <%@ include file="include/menu.jsp" %> 20 <div class="right"> 21 <table class="table table-bordered"> 22 <thead> 23 <tr> 24 <th>id</th> 25 <th>角色名称</th> 26 <th width="100px">角色描述</th> 27 <th>权限</th> 28 <th width="100px">编辑 29 <th width="100px">删除</th> 30 </tr> 31 </thead> 32 <tbody> 33 <c:forEach items="${roles}" var="role"> 34 <tr> 35 <td>${role.id}</td> 36 <td>${role.name}</td> 37 <td>${role.desc_}</td> 38 <td>${role_permissions[role]}</td> 39 <td><a href="editRole?id=${role.id}"><span class="glyphicon glyphicon-edit"></span></a></td> 40 <td><a href="deleteRole?id=${role.id}"><span class="glyphicon glyphicon-trash"></span></a></td> 41 </tr> 42 </c:forEach> 43 </tbody> 44 </table> 45 <form action="addRole" method="post"> 46 <input type="text" name="name" placeholder="角色名称" class="form-control" style="200px"/><br> 47 <input type="text" name="desc_" placeholder="角色描述" class="form-control" style="200px"/><br> 48 <input type="submit" value="增加" class="form-control" style="80px;"/> 49 </form> 50 </div> 51 52 </div> 53 54 </body> 55 </html>
editRole.jsp
1 <%-- 2 Created by IntelliJ IDEA. 3 User: vi 4 --%> 5 <%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %> 6 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> 7 8 <html> 9 <head> 10 <title>角色编辑</title> 11 <link rel="stylesheet" type="text/css" href="../static/css/style.css"/> 12 <!--引入bootstrap--> 13 <script type="text/javascript" src="../static/js/jquery/2.0.0/jquery.min.js"></script> 14 <link rel="stylesheet" type="text/css" href="../static/css/bootstrap/3.3.6/bootstrap.css"> 15 <script type="text/javascript" src="../static/js/bootstrap/3.3.6/bootstrap.js"></script> 16 </head> 17 <body> 18 <div class="workingDiv"> 19 <%@ include file="include/menu.jsp" %> 20 <div class="right"> 21 <form action="updateRole"> 22 角色名称:<input type="text" name="name" value="${role.name}" class="form-control" style="200px;"><br> 23 角色描述:<input type="text" name="desc_" value="${role.desc_}" class="form-control" style="200px;"><br> 24 配置权限:<br> 25 <c:forEach items="${permissions}" var="permission"> 26 <c:set var="hasRole" value="false"/> 27 <c:forEach items="${currentPermissions}" var="curPermission"> 28 <c:if test="${permission.id==curPermission.id}"> 29 <c:set var="hasRole" value="true"/> 30 </c:if> 31 </c:forEach> 32 <input type="checkbox" ${hasRole?"checked":""} value="${permission.id}" name="permissionIds">${permission.name}<br> 33 </c:forEach> 34 <input type="hidden" name="id" value="${role.id}"> 35 <input type="submit" value="修改" class="form-control" style="80px;margin-top:10px;"> 36 </form> 37 38 </div> 39 40 </div> 41 </body> 42 </html>
listPermission.jsp
1 <%-- 2 Created by IntelliJ IDEA. 3 User: vi 4 --%> 5 <%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %> 6 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> 7 <html> 8 <head> 9 <title>权限管理</title> 10 <link rel="stylesheet" type="text/css" href="../static/css/style.css"/> 11 <!--引入bootstrap--> 12 <script type="text/javascript" src="../static/js/jquery/2.0.0/jquery.min.js"></script> 13 <link rel="stylesheet" type="text/css" href="../static/css/bootstrap/3.3.6/bootstrap.css"> 14 <script type="text/javascript" src="../static/js/bootstrap/3.3.6/bootstrap.js"></script> 15 <style> 16 div table { 17 600px; 18 margin: 10px; 19 } 20 </style> 21 </head> 22 <body> 23 <div class="workingDiv"> 24 <%@ include file="include/menu.jsp" %> 25 <div class="right"> 26 <table class="table table-bordered"> 27 <thead> 28 <tr> 29 <th>id</th> 30 <th>权限名称</th> 31 <th>权限描述</th> 32 <th>权限对应的路径</th> 33 <th>编辑</th> 34 <th>删除</th> 35 </tr> 36 </thead> 37 <tbody> 38 <c:forEach items="${permissions}" var="permission"> 39 <tr> 40 <td>${permission.id}</td> 41 <td>${permission.name}</td> 42 <td>${permission.desc_}</td> 43 <td>${permission.url}</td> 44 <td><a href="editPermission?id=${permission.id}"><span class="glyphicon glyphicon-edit"></span></a></td> 45 <td><a href="deletePermission?id=${permission.id}"><span class="glyphicon glyphicon-trash"></span></a></td> 46 </tr> 47 </c:forEach> 48 </tbody> 49 </table> 50 51 <form action="addPermission" method="post"> 52 <input type="text" name="name" placeholder="权限名称" class="form-control" style="200px;"><br> 53 <input type="text" name="desc_" placeholder="权限描述" class="form-control" style="200px;"><br> 54 <input type="text" name="url" placeholder="权限对应的url" class="form-control" style="200px;"><br> 55 <input type="submit" value="增加"> 56 </form> 57 </div> 58 </div> 59 </body> 60 </html>
editPermission.jsp
<%-- Created by IntelliJ IDEA. User: vi --%> <%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <html> <head> <title>权限编辑</title> <link rel="stylesheet" type="text/css" href="../static/css/style.css"/> <!--引入bootstrap--> <script type="text/javascript" src="../static/js/jquery/2.0.0/jquery.min.js"></script> <link rel="stylesheet" type="text/css" href="../static/css/bootstrap/3.3.6/bootstrap.css"> <script type="text/javascript" src="../static/js/bootstrap/3.3.6/bootstrap.js"></script> </head> <body> <div class="workingDiv"> <%@ include file="include/menu.jsp" %> <div class="right"> <form action="updatePermission" method="post"> 权限名称:<input type="text" name="name" value="${permission.name}" class="form-control" style="200px;"><br> 权限描述:<input type="text" name="desc_" value="${permission.desc_}" class="form-control" style="200px"><br> 权限对应的URL:<input type="text" name="url" value="${permission.url}" class="form-control" style="200px"><br> <input type="hidden" value="${permission.id}" name="id"> <input type="submit" value="修改" class="form-control" style="80px;"> </form> </div> </div> </body> </html>
效果图分别如下:
1.listUser.jsp
2.editUser.jsp
3.listRole.jsp
4.editRole.jsp
5.listPermission.jsp
6.editPermission.jsp
出于篇幅考虑,接下一篇: