SSM集成SpringSecurity（七）基於RBAC實現菜單權限 ——上

準備環境

一：把mybatis配置進來

(1): 在resources目下新增jdbc.properties配置文件，用於配置數據庫的相關信息

jdbc.url = jdbc:mysql://IP地址:3306/ssm_security

jdbc.driverClass = com.mysql.jdbc.Driver

jdbc.username = 數據庫用戶名

jdbc.password = 數據庫密碼

(2): 修改applicationContext.xml文件

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:context="http://www.springframework.org/schema/context"

xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.alibaba.com/schema/stat"

xsi:schemaLocation="http://www.springframework.org/schema/beans

http://www.springframework.org/schema/beans/spring-beans.xsd

http://www.springframework.org/schema/context

http://www.springframework.org/schema/context/spring-context.xsd

http://www.springframework.org/schema/aop

http://www.springframework.org/schema/aop/spring-aop.xsd http://www.alibaba.com/schema/stat http://www.alibaba.com/schema/stat.xsd">



<context:property-placeholder location="classpath:jdbc.properties"/>



<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource">

<property name="url" value="${jdbc.url}"/>

<property name="driverClassName" value="${jdbc.driverClass}"/>

<property name="username" value="${jdbc.username}"/>

<property name="password" value="${jdbc.password}"/>

<property name="maxActive" value="10"/>

<property name="maxWait" value="3000"/>

</bean>



<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">

<property name="dataSource" ref="dataSource"/>



<property name="typeAliasesPackage" value="com.xhc.domain"/>

</bean>



<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">

<property name="basePackage" value="com.xhc.mapper"/>

</bean>



<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">

<property name="dataSource" ref="dataSource"/>

</bean>

<tx:annotation-driven/>

<context:component-scan base-package="com.xhc.service"/>

</beans>

新建配置文件中掃描的包，目前爲止的package如下圖

(3): resources下新增日誌配置文件：log4j.properties

### direct log messages to stdout ###

log4j.appender.stdout=org.apache.log4j.ConsoleAppender

log4j.appender.stdout.Target=System.err

log4j.appender.stdout.layout=org.apache.log4j.PatternLayout

log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n

### direct messages to file mylog.log ###

log4j.appender.file=org.apache.log4j.FileAppender

log4j.appender.file.File=c\:mylog.log

log4j.appender.file.layout=org.apache.log4j.PatternLayout

log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n

### set log levels - for more verbose logging change 'info' to 'debug' ###

log4j.rootLogger=debug, stdout

二：什麼是RBAC

百度是這樣解釋的

RBAC（Role-based Access control），即基於角色的訪問控制。首先RBAC不是一項技術，它是一個模型概念，一般用於系統權限的設計。

用戶擁有什麼角色，而這些角色又包含什麼權限，這些權限保護着哪些資源。

在系統中，用戶最終的目的是訪問資源，但是出於安全考慮，用戶不能直接訪問資源。

RBAC設計的優勢在於新增用戶時，直接賦予角色就可以了，不需要和底層的權限資源打交道。而且一個角色可以賦予多個用戶。

三：設計表並初始化數據

由RBAC模型可知，我們至少需要5張表。

用戶表 sys_user
角色表 sys_role
權限表 sys_permission
用戶角色關係表 sys_user_role
角色權限關係表 sys_role_permission

用戶通過用戶角色表找到對應的角色（一個用戶可以有多個角色），然後角色通過角色權限表找到對應的權限。

建表和初始化的sql語句如下，直接複製運行或保存爲.sql文件執行

SET NAMES utf8mb4;

SET FOREIGN_KEY_CHECKS = 0;

-- ----------------------------

-- Table structure for sys_permission

-- ----------------------------

DROP TABLE IF EXISTS `sys_permission`;

CREATE TABLE `sys_permission` (

`id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'id',

`permName` varchar(255) DEFAULT '' COMMENT '權限名稱',

`permTag` varchar(255) DEFAULT '' COMMENT '權限標記',

PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;

-- ----------------------------

-- Records of sys_permission

-- ----------------------------

BEGIN;

INSERT INTO `sys_permission` VALUES (1, '商品顯示', 'ROLE_LIST_GOODS');

INSERT INTO `sys_permission` VALUES (2, '商品添加', 'ROLE_ADD_GOODS');

INSERT INTO `sys_permission` VALUES (3, '商品刪除', 'ROLE_DELETE_GOODS');

INSERT INTO `sys_permission` VALUES (4, '刪除修改', 'ROLE_UPDATE_GOODS');

COMMIT;

-- ----------------------------

-- Table structure for sys_role

-- ----------------------------

DROP TABLE IF EXISTS `sys_role`;

CREATE TABLE `sys_role` (

`id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'id',

`roleName` varchar(255) DEFAULT '' COMMENT '角色名稱',

`roleDesc` varchar(255) DEFAULT '' COMMENT '角色描述',

PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;

-- ----------------------------

-- Records of sys_role

-- ----------------------------

BEGIN;

INSERT INTO `sys_role` VALUES (1, '普通操作員', '普通操作員');

INSERT INTO `sys_role` VALUES (2, '高級操作員', '高級操作員');

COMMIT;

-- ----------------------------

-- Table structure for sys_role_permission

-- ----------------------------

DROP TABLE IF EXISTS `sys_role_permission`;

CREATE TABLE `sys_role_permission` (

`id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'id',

`role_id` int(11) DEFAULT NULL,

`perm_id` int(11) DEFAULT NULL,

PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;

-- ----------------------------

-- Records of sys_role_permission

-- ----------------------------

BEGIN;

INSERT INTO `sys_role_permission` VALUES (1, 1, 1);

INSERT INTO `sys_role_permission` VALUES (2, 1, 2);

INSERT INTO `sys_role_permission` VALUES (3, 2, 3);

INSERT INTO `sys_role_permission` VALUES (4, 2, 4);

COMMIT;

-- ----------------------------

-- Table structure for sys_user

-- ----------------------------

DROP TABLE IF EXISTS `sys_user`;

CREATE TABLE `sys_user` (

`id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'id',

`username` varchar(255) DEFAULT NULL COMMENT '用戶名',

`realname` varchar(255) DEFAULT NULL COMMENT '真實姓名',

`password` varchar(255) DEFAULT NULL COMMENT '密碼',

`createDate` datetime DEFAULT NULL COMMENT '創建日期',

`lastLoginTime` datetime DEFAULT NULL COMMENT '最後一次登錄時間',

`enabled` int(2) DEFAULT '1',

`accountNonExpired` int(2) DEFAULT '1',

`accountNonLocked` int(2) DEFAULT '1',

`credentialsNonExpired` int(2) DEFAULT '1',

PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;

-- ----------------------------

-- Records of sys_user

-- ----------------------------

BEGIN;

INSERT INTO `sys_user` VALUES (1, 'xhc1', '許洪昌', '123456', '2020-02-10 19:28:25', NULL, 1, 1, 1, 1);

INSERT INTO `sys_user` VALUES (2, 'xhc2', '小許', '123456', '2020-02-04 19:28:49', NULL, 1, 1, 1, 1);

COMMIT;

-- ----------------------------

-- Table structure for sys_user_role

-- ----------------------------

DROP TABLE IF EXISTS `sys_user_role`;

CREATE TABLE `sys_user_role` (

`id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'id',

`user_id` int(11) DEFAULT NULL,

`role_id` int(11) DEFAULT NULL,

PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;

-- ----------------------------

-- Records of sys_user_role

-- ----------------------------

BEGIN;

INSERT INTO `sys_user_role` VALUES (1, 1, 1);

INSERT INTO `sys_user_role` VALUES (2, 2, 2);

COMMIT;

SET FOREIGN_KEY_CHECKS = 1;

四：domain包下建立實體

package com.xhc.domain;

/**

* 權限

*/

public class Permission {

private Integer id;

private String permName;

private String permTag;

public Integer getId() {

return id;

}

public void setId(Integer id) {

this.id = id;

}

public String getPermName() {

return permName;

}

public void setPermName(String permName) {

this.permName = permName;

}

public String getPermTag() {

return permTag;

}

public void setPermTag(String permTag) {

this.permTag = permTag;

}

}

package com.xhc.domain;

/**

* 角色

*/

public class Role {

private Integer id;

private String roleName;

private String roleDesc;

public Integer getId() {

return id;

}

public void setId(Integer id) {

this.id = id;

}

public String getRoleName() {

return roleName;

}

public void setRoleName(String roleName) {

this.roleName = roleName;

}

public String getRoleDesc() {

return roleDesc;

}

public void setRoleDesc(String roleDesc) {

this.roleDesc = roleDesc;

}

}

package com.xhc.domain;

import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.core.userdetails.UserDetails;

import java.util.ArrayList;

import java.util.Date;

import java.util.List;

/**

* 用戶

*/

public class User implements UserDetails{

private Integer id;

private String username;

private String realname;

private String password;

private Date createDate;

private Date lastLoginTime;

private boolean enabled;

private boolean accountNonExpired;

private boolean accountNonLocked;

private boolean credentialsNonExpired;

//用戶擁有的所有權限

private List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();

public List<GrantedAuthority> getAuthorities() {

return authorities;

}

public void setAuthorities(List<GrantedAuthority> authorities) {

this.authorities = authorities;

}

public Integer getId() {

return id;

}

public void setId(Integer id) {

this.id = id;

}

@Override

public String getUsername() {

return username;

}

public void setUsername(String username) {

this.username = username;

}

public String getRealname() {

return realname;

}

public void setRealname(String realname) {

this.realname = realname;

}

@Override

public String getPassword() {

return password;

}

public void setPassword(String password) {

this.password = password;

}

public Date getCreateDate() {

return createDate;

}

public void setCreateDate(Date createDate) {

this.createDate = createDate;

}

public Date getLastLoginTime() {

return lastLoginTime;

}

public void setLastLoginTime(Date lastLoginTime) {

this.lastLoginTime = lastLoginTime;

}

@Override

public boolean isEnabled() {

return enabled;

}

public void setEnabled(boolean enabled) {

this.enabled = enabled;

}

@Override

public boolean isAccountNonExpired() {

return accountNonExpired;

}

public void setAccountNonExpired(boolean accountNonExpired) {

this.accountNonExpired = accountNonExpired;

}

@Override

public boolean isAccountNonLocked() {

return accountNonLocked;

}

public void setAccountNonLocked(boolean accountNonLocked) {

this.accountNonLocked = accountNonLocked;

}

@Override

public boolean isCredentialsNonExpired() {

return credentialsNonExpired;

}

public void setCredentialsNonExpired(boolean credentialsNonExpired) {

this.credentialsNonExpired = credentialsNonExpired;

}

@Override

public String toString() {

return "User{" +

"id=" + id +

", username='" + username + '\'' +

", realname='" + realname + '\'' +

", password='" + password + '\'' +

", createDate=" + createDate +

", lastLoginTime=" + lastLoginTime +

", enabled=" + enabled +

", accountNonExpired=" + accountNonExpired +

", accountNonLocked=" + accountNonLocked +

", credentialsNonExpired=" + credentialsNonExpired +

", authorities=" + authorities +

'}';

}

}

SSM集成SpringSecurity（七）基於RBAC實現菜單權限 ——上

準備環境

一：把mybatis配置進來

二：什麼是RBAC

三：設計表並初始化數據

四：domain包下建立實體

2024年DataOps趨勢預測：AI不會取代數據工程師

雲原生週刊：K8s 中的服務和網絡｜ 2024.4.29

通過Http鏈接地址爬取有贊微信商城商品信息及下載至EXCEL

[轉帖]cpupower

今天，昨天，近七天，近30天，近90天，js封裝

華爲云云原生FinOps解決方案，釋放雲原生最大價值

Ubuntu下安裝配置gitLab（二）修改默認端口

Ubuntu下安裝配置gitLab（一）

Ubuntu下安裝配置gitLab（三）基本操作

解決：druid版本升級導致控制檯無法訪問，404

解決Element中的el-dialog在第一次使用後無法再次觸發mounted的問題

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結