權限管理實踐-----1

 權限管理

 

權限組 group

public class Group implements Serializable {

 

private int g_id;

private String g_name;

private int flag;

private String g_sn;

private Set<User> users;

 

public int getG_id() {

return g_id;

}

 

public void setG_id(int gId) {

g_id = gId;

}

 

public String getG_name() {

return g_name;

}

 

public void setG_name(String gName) {

g_name = gName;

}

 

public String getG_sn() {

return g_sn;

}

 

public void setG_sn(String gSn) {

g_sn = gSn;

}

 

public int getFlag() {

return flag;

}

 

public void setFlag(int flag) {

this.flag = flag;

}

 

public Set<User> getUsers() {

return users;

}

 

public void setUsers(Set<User> users) {

this.users = users;

}

}

 

用戶 user

public class User implements Serializable {

public int getU_id() {

return u_id;

}

 

public void setU_id(int uId) {

u_id = uId;

}

 

public String getU_name() {

return u_name;

}

 

public void setU_name(String uName) {

u_name = uName;

}

 

public String getU_pwd() {

return u_pwd;

}

 

public void setU_pwd(String uPwd) {

u_pwd = uPwd;

}

 

public int getFlag() {

return flag;

}

 

public void setFlag(int flag) {

this.flag = flag;

}

 

public Group getGroup() {

return group;

}

 

public void setGroup(Group group) {

this.group = group;

}

 

public Employee getEmp() {

return emp;

}

 

public void setEmp(Employee emp) {

this.emp = emp;

}

 

private int u_id;

private String u_name;

private String u_pwd;

private int flag;

private Group group;

private Employee emp;

}

 

權限 impower

public class Impower {

public int getIm_id() {

return im_id;

}

 

public void setIm_id(int imId) {

im_id = imId;

}

 

public int getMainBody_id() {

return mainBody_id;

}

 

public void setMainBody_id(int mainBodyId) {

mainBody_id = mainBodyId;

}

 

public String getMainBody_type() {

return mainBody_type;

}

 

public void setMainBody_type(String mainBodyType) {

mainBody_type = mainBodyType;

}

 

public int getModule_id() {

return module_id;

}

 

public void setModule_id(int moduleId) {

module_id = moduleId;

}

 

public int getSaveOption() {

return saveOption;

}

 

public void setSaveOption(int saveOption) {

this.saveOption = saveOption;

}

 

public int getQueryOption() {

return queryOption;

}

 

public void setQueryOption(int queryOption) {

this.queryOption = queryOption;

}

 

public int getUpdateOption() {

return updateOption;

}

 

public void setUpdateOption(int updateOption) {

this.updateOption = updateOption;

}

 

public int getDeleteOption() {

return deleteOption;

}

 

public void setDeleteOption(int deleteOption) {

this.deleteOption = deleteOption;

}

 

public static final String GROUP_TYPE = "group";

public static final String USER_TYPE = "user";

private int im_id;

private int mainBody_id;

private String mainBody_type;

private int module_id;

private int saveOption;

private int queryOption;

private int updateOption;

private int deleteOption;

    

//授權

public void setOption(String str) {

this.setDeleteOption(0);

this.setQueryOption(0);

this.setSaveOption(0);

this.setUpdateOption(0);

String[] strs = str.split(",");

for(int i=0;i<strs.length;i++) {

if("a".equals(strs[i])) {

this.setSaveOption(1);

}else if("r".equals(strs[i])) {

this.setQueryOption(1);

} else if("u".equals(strs[i])) {

this.setUpdateOption(1);

} else if("d".equals(strs[i])) {

this.setDeleteOption(1);

}

}

}

}

 

權限組裏包含用戶集合 權限組有啥權限（impower） 用戶也可以由單獨的權限 

 

 

 

頁面權限控制

認證條件jsdtl

自定義jstl

<function>

      <name>hasOption</name>

      <function-class>com.common.CheckOption</function-class>

      <function-signature>boolean hasOption(int,java.lang.String,java.lang.String)</function-signature>

</function>

 

webxml配置

<!-- 配置JSTL標籤 -->

<jsp-config>

  <taglib>

     <taglib-uri>http://www.g.com/oa/oa</taglib-uri>

     <taglib-location>/WEB-INF/g.tld</taglib-location>

  </taglib>

</jsp-config>

<%@ taglib uri="http://www.g.com/oa/oa" prefix="g"%>

<c:choose>

<c:when test="${g:hasOption(person.u_id,'部門管理','a')}">

<div class="button" style="float:left" onclick="showAddDep()">

添加

</div>

</c:when>

<c:otherwise>

<div class="button" style="float:left" onclick="javascript:void(alert('你沒有該權限'))">

添加

</div>

</c:otherwise>

</c:choose>

 

 

/**

 * 認證方法 (JSTL)

 * 

 * @author Administrator

 * 

 */

public class CheckOption {

private static ImpowerServiceFinder isf;

 

 

// 只能是靜態方法

public static boolean hasOption(int u_id, String m_name, String str) {

return isf.hasOptionAt(u_id, m_name, str);

}

public void setIsf(ImpowerServiceFinder isf) {

CheckOption.isf = isf;

}

 

}

 

//判斷用戶是否有權限

boolean CheckOption(權限字符串，用戶id，模塊id )

 

 

 

//得到用戶可以訪問的模塊  (組的權限覆蓋了用戶的權限)

public List<Module> findByUser(int u_id) {

Map<Integer, Impower> maps = new HashMap<Integer, Impower>();

//得到用戶的權限列表 並裝在MAP中

List<Impower> u_imps = findByUserId(u_id);

for(Impower u_imp:u_imps) {

maps.put(u_imp.getModule_id(), u_imp);

}

//得到組的權限列表

User user = usf.findById(User.class, u_id);

int g_id = user.getGroup().getG_id();

List<Impower> g_imps = findByGroupId(g_id);

for(Impower g_imp:g_imps) {

maps.put(g_imp.getModule_id(), g_imp);

}

//得到一個集合 用於裝沒有查看操作權限對象的模塊ID

List<Integer> nrID = new ArrayList<Integer>();

Set<Map.Entry<Integer, Impower>> entrys = maps.entrySet();

for(Map.Entry<Integer, Impower> entry : entrys) {

Impower imp = entry.getValue();

if(imp.getQueryOption()==0) {

nrID.add(entry.getKey());

}

}

//刪除沒有查看功能的模塊

for(Integer key : nrID) {

maps.remove(key);

}

//如果沒有模塊

if(maps.isEmpty()) {

return new ArrayList<Module>();

}

Set<Integer> sets = maps.keySet();

String hql = "from Module m where m.m_id in (:ids)";

List<Module> mods = msf.findAllByCollection(Module.class, hql, sets);

return mods;

}