企業級權限管理項目(八)
授權操作
創建表
角色關係表
CREATE TABLE sys_user_role(
userId number,
roleId number,
PRIMARY KEY(userId,roleId), --聯合主鍵:兩個不能同時一樣
FOREIGN KEY (userId) REFERENCES sys_USER(id),
FOREIGN KEY (roleId) REFERENCES sys_role(id)
)
角色權限表
CREATE TABLE sys_role_permission(
permissionId number,
roleId number,
PRIMARY KEY(permissionId,roleId),
FOREIGN KEY (permissionId) REFERENCES sys_permission(id),
FOREIGN KEY (roleId) REFERENCES sys_role(id)
)
在實體類中添加新的屬性
爲什麼要new出來:不new出來的話,有些框架如果沒有查詢到,則去調用這個集合會出現null
SysUser:
//一個用戶對應多個角色
private List<Role> roleList = new ArrayList<>();
Role:
//一個角色被多個用戶擁有
private List<SysUser> userList = new ArrayList<>();
//一個角色擁有多個權限
private List<Permission> permissionList = new ArrayList<>();
Permission:
//一個權限可以被多個角色所擁有
private List<Role> roleList = new ArrayList<>();
用戶詳情
實現點擊詳情後進入用戶詳情頁面
顯示用戶名,點擊顯示角色列表,再點擊角色,顯示權限列表
前端
<tbody>
<c:forEach items="${user.roleList}" var="role">
<tr data-tt-id="${role.id}" data-tt-parent-id="0">
<td>${role.roleName }</td>
<td>${role.roleDesc }</td>
</tr>
<c:forEach items="${role.permissionList}" var="permission">
<tr data-tt-id="${role.id}-${permission.id}" data-tt-parent-id="${role.id}">
<td>${permission.permissionName}</td>
<td>${permission.url}</td>
</tr>
</c:forEach>
</c:forEach>
</tbody>
UserController
/**
* 查詢某用戶的詳情
* @param userId
* @return
*/
@RequestMapping("/details")
public ModelAndView details(Integer userId){
//查詢數據
SysUser user = userService.findById(userId);
ModelAndView modelAndView = new ModelAndView();
modelAndView.addObject("user",user);
modelAndView.setViewName("user-show");
return modelAndView;
}
UserService
@Override
public SysUser findById(Integer userId) {
return userDao.findById(userId);
}
UserDao
/**
* 根據id查詢
* @param userId
* @return
*/
@Select("select * from sys_user where id = #{userId}")
@Results({
@Result(property = "id", column = "id"),
@Result(property = "roleList", column = "id", javaType = List.class,
//根據userId查詢角色列表findRoleListByUserId
many = @Many(select = "com.itheima.dao.RoleDao.findRoleListByUserId"))
})
SysUser findById(Integer userId);
RoleDao
/**
* 根據userId得到角色列表
* @param userId
* @return
*/
@Select("select r.* from sys_user_role ur , sys_role r where r.id=ur.roleid and userid = #{userId}")
@Results({
@Result(property = "id", column = "id"),
@Result(property = "permissionList", column = "id", javaType = List.class,
many = @Many(select = "com.itheima.dao.PermissionDao.findPermissionListByRoleId"))
})
List<Role> findRoleListByUserId(Integer userId);
PermissionDao
/**
* 根據角色id查詢權限列表
* @param roleId
* @return
*/
@Select("select p.* from sys_role_permission rp , sys_permission p where rp.permissionid = p.id and roleid = #{roleId}")
List<Permission> findPermissionListByRoleId(Integer roleId);
添加角色
一、添加角色回顯
點擊添加角色,進入添加角色頁面
顯示所有的角色,將用戶已有的角色打上√
二、添加數據
點擊保存按鈕,將用戶原有的角色全部刪除,添加新的角色
前端
引入一個新的標籤庫fn
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<form
action="${pageContext.request.contextPath}/user/addRolesToUser"
method="post">
<!-- 正文區域 -->
<section class="content">
<input type="hidden" name="userId" value="${userId}">
<table id="dataList"
class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right: 0px">
<input id="selall"
type="checkbox" class="icheckbox_square-blue"></th>
<th class="sorting_asc">ID</th>
<th class="sorting">角色名稱</th>
<th class="sorting">角色描述</th>
</tr>
</thead>
<tbody>
<c:forEach items="${roleList}" var="role">
<tr>
<td><input name="ids" type="checkbox" ${fn:contains(str,",".concat(role.id).concat(","))?"checked":""} value="${role.id}"></td>
<td>${role.id}</td>
<td>${role.roleName }</td>
<td>${role.roleDesc}</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--訂單信息/--> <!--工具欄-->
<div class="box-tools text-center">
<button type="submit" class="btn bg-maroon">保存</button>
<button type="button" class="btn bg-default"
onclick="history.back(-1);">返回</button>
</div>
<!--工具欄/--> </section>
<!-- 正文區域 /-->
</form>
UserController
/**
* 用戶添加角色的數據回顯
* @param userId
* @return
*/
@RequestMapping("/addRoleToUserUI")
public ModelAndView addRoleToUserUI(Integer userId){
//查詢數據
//所有的角色
List<Role> roleList = roleService.findAll();
//當前用戶擁有的角色
SysUser user = userService.findById(userId);
List<Role> userRoleList = user.getRoleList();
//把該用戶擁有的角色id拼接一個字符串
//str=,1,,2,,3,,4,,5,,6,,12,
StringBuilder sb = new StringBuilder();
for (Role role : userRoleList) {
sb.append(",");
sb.append(role.getId());
sb.append(",");
}
//創建ModelAndView
ModelAndView modelAndView = new ModelAndView();
//添加所有的角色列表
modelAndView.addObject("roleList",roleList);
//已經擁有的角色列表
modelAndView.addObject("str",sb.toString());
//操作的用戶
modelAndView.addObject("userId",user.getId());
modelAndView.setViewName("user-role-add");
return modelAndView;
}
/**
*
* @param ids 給用戶添加的角色的id數組
* @param userId 給哪個用戶添加角色
* @return
*/
@RequestMapping("/addRolesToUser")
public String addRolesToUser(Integer[] ids, Integer userId){
userService.addRolesToUser(ids,userId);
return "redirect:/user/findAll";
}
UserService
@Override
public SysUser findById(Integer userId) {
return userDao.findById(userId);
}
@Override
public void addRolesToUser(Integer[] ids, Integer userId) {
//先清空該用戶擁有的所有角色
userDao.delRolesFromUser(userId);
//維護新的角色
//判斷數組是否爲空
if(ids!=null){
for (Integer id : ids) {
userDao.saveRoleToUser(userId,id);
}
}
}
UserDao
/**
* 根據id查詢
* @param userId
* @return
*/
@Select("select * from sys_user where id = #{userId}")
@Results({
@Result(property = "id", column = "id"),
@Result(property = "roleList", column = "id", javaType = List.class,
//根據userId查詢角色列表findRoleListByUserId
many = @Many(select = "com.itheima.dao.RoleDao.findRoleListByUserId", fetchType = FetchType.LAZY))
})
SysUser findById(Integer userId);
/**
* 刪除用戶原來的角色
* @param userId
*/
@Delete("delete from sys_user_role where userId = #{userId}")
void delRolesFromUser(Integer userId);
/**
* 維護新的關係
* 給用戶添加角色
* @param userId
* @param id
*/
@Insert("insert into sys_user_role values(#{param1},#{param2})")
void saveRoleToUser(Integer userId, Integer id);
添加權限
和上述的需求差不多,先回顯再保存
前端
<form
action="${pageContext.request.contextPath}/role/addPermissionsToRole"
method="post">
<!-- 正文區域 -->
<section class="content"> <input type="hidden" name="roleId"
value="${roleId}">
<table id="dataList"
class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right: 0px">
<input id="selall"
type="checkbox" class="icheckbox_square-blue"></th>
<th class="sorting_asc">ID</th>
<th class="sorting">權限名稱</th>
<th class="sorting">URL</th>
</tr>
</thead>
<tbody>
<c:forEach items="${permissionList}" var="permission">
<tr>
<td><input name="ids" type="checkbox" ${fn:contains(str,",".concat(permission.id).concat(","))?"checked":""} value="${permission.id}"></td>
<td>${permission.id}</td>
<td>${permission.permissionName }</td>
<td>${permission.url}</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--訂單信息/--> <!--工具欄-->
<div class="box-tools text-center">
<button type="submit" class="btn bg-maroon">保存</button>
<button type="button" class="btn bg-default"
onclick="history.back(-1);">返回</button>
</div>
<!--工具欄/--> </section>
<!-- 正文區域 /-->
</form>
RoleController
/**
* 添加權限到角色的數據回顯
* @param roleId
* @return
*/
@RequestMapping("/addPermissionsToRoleUI")
public ModelAndView addPermissionsToRoleUI(Integer roleId){
//查詢數據
//所有的權限
List<Permission> permissionList = permissionService.findAll();
//已有的權限
Role role = roleService.findById(roleId);
//把已經擁有的權限id拼接爲字符串
StringBuilder sb = new StringBuilder();
for (Permission permission : role.getPermissionList()) {
sb.append(",");
sb.append(permission.getId());
sb.append(",");
}
//modelAndView
ModelAndView modelAndView = new ModelAndView();
modelAndView.addObject("permissionList",permissionList);
modelAndView.addObject("str",sb.toString());
//角色id:保存權限時使用
modelAndView.addObject("roleId",role.getId());
modelAndView.setViewName("role-permission-add");
return modelAndView;
}
/**
* 添加權限到角色
* @param roleId 角色id
* @param ids 勾選的角色的權限id
* @return
*/
@RequestMapping("/addPermissionsToRole")
public String addPermissionsToRole(Integer roleId,Integer[] ids){
//保存
roleService.addPermissionsToRole(roleId,ids);
//請求查詢全部
return "redirect:/role/findAll";
}
RoleService
@Override
public Role findById(Integer roleId) {
return roleDao.findById(roleId);
}
@Override
public void addPermissionsToRole(Integer roleId, Integer[] ids) {
//刪除原權限
roleDao.delPermissionsFromRole(roleId);
//維護新的關係
if(ids!=null){
for (Integer id : ids) {
roleDao.addPermissionToRole(roleId,id);
}
}
}
RoleDao
/**
* 根據id查詢
*
* @param roleId
* @return
*/
@Select("select * from sys_role where id=#{roleId}")
@Results({
@Result(property = "id", column = "id"),
@Result(property = "permissionList", column = "id", javaType = List.class,
many = @Many(select = "com.itheima.dao.PermissionDao.findPermissionListByRoleId", fetchType = FetchType.LAZY))
})
Role findById(Integer roleId);
/**
* 刪除角色所有的權限
* @param roleId
*/
@Delete("delete from sys_role_permission where roleId = #{roleId}")
void delPermissionsFromRole(Integer roleId);
/**
* 維護新關係
* @param roleId
* @param id
*/
@Insert("insert into sys_role_permission values(#{param2},#{param1})")
void addPermissionToRole(Integer roleId, Integer id);