完善后台模块RBAC权限管理功能
Bosen
parent
a20653e20b
commit
84443fa32a
|
|
@ -6,9 +6,11 @@ import com.example.jieyue.common.mapper.*;
|
|||
import com.example.jieyue.common.utils.IsEmptyUtil;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
|
@ -38,37 +40,50 @@ public class AdminRbacController {
|
|||
List<SysRole> roleList = roleMapper.findAll();
|
||||
// 权限列表
|
||||
List<SysAccess> accessList = accessMapper.findAll();
|
||||
// 用户角儿关联表
|
||||
List<SysAdminRole> adminRoleList = adminRoleMapper.findAll();
|
||||
// 角色权限关联表
|
||||
List<SysRoleAccess> roleAccessList = roleAccessMapper.findAll();
|
||||
|
||||
modelAndView.addObject("adminList",adminList);
|
||||
modelAndView.addObject("roleList",roleList);
|
||||
modelAndView.addObject("accessList",accessList);
|
||||
modelAndView.addObject("adminRoleList",adminRoleList);
|
||||
modelAndView.addObject("roleAccessList",roleAccessList);
|
||||
|
||||
modelAndView.setViewName("admin/rbac/index");
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
/*
|
||||
* 编辑管理员的角色页面
|
||||
* todo
|
||||
*/
|
||||
@RequestMapping("/admin/rbac/update-admin-role")
|
||||
public ModelAndView updateAdminRole(ModelAndView modelAndView,int adminId){
|
||||
// 获取管理员角色信息
|
||||
SysAdminRole adminRole = adminRoleMapper.findByAdminId(adminId);
|
||||
|
||||
modelAndView.addObject("adminRole",adminRole);
|
||||
modelAndView.setViewName("updateRoleAccess");
|
||||
@RequestMapping("/admin/alert")
|
||||
public ModelAndView adminAlert(ModelAndView modelAndView) {
|
||||
modelAndView.setViewName("admin/rbac/alert");
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
/*
|
||||
* 执行编辑管理员的角色操作
|
||||
* todo
|
||||
* 编辑管理员的角色页面
|
||||
*/
|
||||
@RequestMapping("/admin/rbac/update-admin-role-action")
|
||||
public ModelAndView updateAdminRoleAction(ModelAndView modelAndView,int adminId,String roles){
|
||||
|
||||
modelAndView.setViewName("updateRoleAccess");
|
||||
@RequestMapping("/admin/rbac/update-admin-role")
|
||||
public ModelAndView updateAdminRole(ModelAndView modelAndView, HttpServletRequest request, int admin, @RequestParam(defaultValue = "0") int role) {
|
||||
modelAndView.setViewName("redirect:/admin/rbac");
|
||||
if (role == 0) {
|
||||
modelAndView.addObject("msg","未对管理员角色进行修改");
|
||||
return modelAndView;
|
||||
}
|
||||
int sql = 0;// sql执行结果接收变量
|
||||
if (adminRoleMapper.countByAdminId(admin) == 0) {
|
||||
// 此管理员还未设置角色
|
||||
sql = adminRoleMapper.insert(admin, role);
|
||||
} else {
|
||||
// 修改管理员角色
|
||||
sql = adminRoleMapper.updateRoleByAdminId(admin, role);
|
||||
}
|
||||
if (sql == 1) {
|
||||
modelAndView.addObject("msg", "设置管理员角色成功!");
|
||||
} else {
|
||||
modelAndView.addObject("msg", "设置管理员角色失败!");
|
||||
}
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -127,13 +127,13 @@ public class AdminLoginService {
|
|||
SysAdmin admin = adminMapper.selectByEmail(email);
|
||||
if (admin!=null && admin.getMark()==0){
|
||||
int res1 = adminMapper.updateMark(1,email);
|
||||
if (res1==1){
|
||||
if (res1 == 1){
|
||||
// 设置用户角色,设置失败则回滚
|
||||
/*if (adminRoleMapper.updateStatus(1,admin.getId()) != 1){
|
||||
if (adminRoleMapper.updateStatus(1,admin.getId()) != 1){
|
||||
// 执行回滚
|
||||
TransactionAspectSupport.currentTransactionStatus().setRollbackOnly();
|
||||
return 0;
|
||||
}*/
|
||||
}
|
||||
return 1;
|
||||
}else{
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
package com.example.jieyue.common.component;
|
||||
|
||||
import com.example.jieyue.common.entity.*;
|
||||
import com.example.jieyue.common.mapper.*;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
|
@ -9,6 +10,7 @@ import org.springframework.web.servlet.ModelAndView;
|
|||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import java.util.List;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
|
|
@ -23,16 +25,6 @@ import java.util.regex.Pattern;
|
|||
*/
|
||||
@Component
|
||||
public class LoginHandlerInterceptor implements HandlerInterceptor {
|
||||
@Autowired
|
||||
SysAdminMapper adminMapper;
|
||||
@Autowired
|
||||
SysRoleMapper roleMapper;
|
||||
@Autowired
|
||||
SysAccessMapper accessMapper;
|
||||
@Autowired
|
||||
SysAdminRoleMapper adminRoleMapper;
|
||||
@Autowired
|
||||
SysRoleAccessMapper roleAccessMapper;
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||
|
|
@ -78,14 +70,4 @@ public class LoginHandlerInterceptor implements HandlerInterceptor {
|
|||
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>管理员权限判断</p>
|
||||
* @author Bosen
|
||||
* 2020/12/7 7:09
|
||||
*/
|
||||
public boolean checkAdminAccess(int adminId,String url){
|
||||
int roleId = adminRoleMapper.findByAdminId(adminId).getRoleId();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,111 @@
|
|||
package com.example.jieyue.common.component;
|
||||
|
||||
import com.example.jieyue.common.entity.*;
|
||||
import com.example.jieyue.common.mapper.*;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.servlet.HandlerInterceptor;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.util.List;
|
||||
|
||||
@Component
|
||||
public class RBACHandlerInterceptor implements HandlerInterceptor {
|
||||
|
||||
private static SysAdminMapper adminMapper;
|
||||
|
||||
private static SysRoleMapper roleMapper;
|
||||
|
||||
private static SysAccessMapper accessMapper;
|
||||
|
||||
private static SysAdminRoleMapper adminRoleMapper;
|
||||
|
||||
private static SysRoleAccessMapper roleAccessMapper;
|
||||
|
||||
@Autowired
|
||||
public void setAdminMapper(SysAdminMapper adminMapper) {
|
||||
RBACHandlerInterceptor.adminMapper = adminMapper;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void setRoleMapper(SysRoleMapper roleMapper) {
|
||||
RBACHandlerInterceptor.roleMapper = roleMapper;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void setAccessMapper(SysAccessMapper accessMapper) {
|
||||
RBACHandlerInterceptor.accessMapper = accessMapper;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void setAdminRoleMapper(SysAdminRoleMapper adminRoleMapper) {
|
||||
RBACHandlerInterceptor.adminRoleMapper = adminRoleMapper;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void setRoleAccessMapper(SysRoleAccessMapper roleAccessMapper) {
|
||||
RBACHandlerInterceptor.roleAccessMapper = roleAccessMapper;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||
if (!checkRbac(request)) {
|
||||
response.setCharacterEncoding("UTF-8");
|
||||
response.getWriter().write("" +
|
||||
"<html>" +
|
||||
"<head>" +
|
||||
"<meta charset='utf-8'>" +
|
||||
"<title>权限不足</title>" +
|
||||
"</head>" +
|
||||
"<body>" +
|
||||
"<script>" +
|
||||
" alert('你未拥有该权限!');" +
|
||||
" window.history.back();" +
|
||||
"</script>" +
|
||||
"</body>" +
|
||||
"</html>");
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
/*
|
||||
* 检查权限
|
||||
*/
|
||||
public boolean checkRbac(HttpServletRequest request) {
|
||||
try {
|
||||
// 获取当前请求的地址
|
||||
String curUrl = request.getRequestURI();
|
||||
|
||||
// 获取当前管理员的信息
|
||||
SysAdmin admin = (SysAdmin) request.getSession().getAttribute("admin");
|
||||
if (admin.getId() == 1) {
|
||||
// 不限制id为1的管理员
|
||||
return true;
|
||||
}
|
||||
|
||||
// 获取角色信息
|
||||
SysAdminRole adminRole = adminRoleMapper.findByAdminId(admin.getId());
|
||||
|
||||
SysRole role = roleMapper.findById(adminRole.getRoleId());
|
||||
if (role == null || role.getStatus() == 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// 获取权限信息
|
||||
List<SysRoleAccess> roleAccessList = roleAccessMapper.findByRoleId(role.getId());
|
||||
for (SysRoleAccess roleAccess : roleAccessList) {
|
||||
SysAccess access = accessMapper.findById(roleAccess.getAccessId());
|
||||
if (access == null) {
|
||||
continue;
|
||||
}
|
||||
if (access.getUrl().equals(curUrl) && access.getStatus() == 1) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
return false;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
package com.example.jieyue.common.config;
|
||||
|
||||
import com.example.jieyue.common.component.LoginHandlerInterceptor;
|
||||
import com.example.jieyue.common.component.RBACHandlerInterceptor;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
|
|
@ -30,6 +31,13 @@ public class AdminWebMvcConfigurer implements WebMvcConfigurer {
|
|||
"/css/**","/js/**","/image/**","/fonts/**","/mapping/**","/data/**",
|
||||
"/lib/*/*/**"
|
||||
);
|
||||
registry.addInterceptor(new RBACHandlerInterceptor())
|
||||
.addPathPatterns("/admin/**")
|
||||
.excludePathPatterns(
|
||||
"/admin/login","/admin/logout","/admin/do-login","/admin/sign-up","/admin/sign-check",
|
||||
"/css/**","/js/**","/image/**","/fonts/**","/mapping/**","/data/**",
|
||||
"/lib/*/*/**", "/admin/home", "/admin"
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ import java.util.List;
|
|||
public interface SysAccessMapper {
|
||||
List<SysAccess> findAll();
|
||||
|
||||
SysAccess findById(int id);
|
||||
|
||||
int countByName(String name);
|
||||
|
||||
int insert(String name,String url);
|
||||
|
|
|
|||
|
|
@ -9,6 +9,10 @@ import java.util.List;
|
|||
public interface SysAdminRoleMapper {
|
||||
List<SysAdminRole> findAll();
|
||||
|
||||
int updateRoleByAdminId(int adminId, int roleId);
|
||||
|
||||
int countByAdminId(int adminId);
|
||||
|
||||
SysAdminRole findByAdminId(int adminId);
|
||||
|
||||
int insert(int adminId,int roleId);
|
||||
|
|
|
|||
|
|
@ -13,6 +13,10 @@
|
|||
select * from sys_access;
|
||||
</select>
|
||||
|
||||
<select id="findById" resultMap="SysAccessMap">
|
||||
select * from sys_access where id = #{id} and status = 1;
|
||||
</select>
|
||||
|
||||
<select id="countByName" resultType="INTEGER">
|
||||
select count(*) from sys_access where name = #{name};
|
||||
</select>
|
||||
|
|
|
|||
|
|
@ -13,6 +13,14 @@
|
|||
select * from sys_admin_role;
|
||||
</select>
|
||||
|
||||
<select id="countByAdminId" resultType="java.lang.Integer">
|
||||
select count(*) from sys_admin_role where admin_id = #{adminId};
|
||||
</select>
|
||||
|
||||
<update id="updateRoleByAdminId">
|
||||
update sys_admin_role set role_id = #{roleId} where admin_id = #{adminId};
|
||||
</update>
|
||||
|
||||
<select id="findByAdminId" resultMap="SysAccessRoleMap">
|
||||
select * from sys_admin_role where admin_id = #{adminId};
|
||||
</select>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>权限不足</title>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
alert("你未拥有该权限!");
|
||||
history.back(-2);
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
|
@ -101,15 +101,28 @@
|
|||
<td th:text="${admin.getName()}"></td>
|
||||
<td th:text="${admin.getEmail()}"></td>
|
||||
<td>
|
||||
<form style="display: inline;">
|
||||
<form method="post" th:action="@{/admin/rbac/update-admin-role}" style="display: inline;">
|
||||
<label style="display: inline;">
|
||||
<select name="role" style="display: inline;width: 150px">
|
||||
<option th:each="role : ${roleList}" th:value=" ${role.getId()}">
|
||||
[[${role.getName()}]]
|
||||
<option name="role" th:value="0" selected disabled style="background: lightgrey">
|
||||
未定义角色
|
||||
</option>
|
||||
<div th:each="role : ${roleList}">
|
||||
<div th:each="adminRole : ${adminRoleList}">
|
||||
<div th:if="${role.getId() eq adminRole.getRoleId() && adminRole.getAdminId() eq admin.getId()}">
|
||||
<option name="role" th:value="0" selected disabled style="background: lightgrey">
|
||||
[[${role.getName()}]]
|
||||
</option>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<option th:each="role : ${roleList}" name="role" th:value="${role.getId()}" th:text="${role.getName()}">
|
||||
<input name="role" th:value="${role.getId()}"/>
|
||||
<input name="admin" th:value="${admin.getId()}"/>
|
||||
</option>
|
||||
</select>
|
||||
<input name="admin" th:value="${admin.getId()}" hidden="hidden">
|
||||
<input value="修改" type="submit" style="width: 50px;height: 30px">
|
||||
<input value="修改" type="submit" style="width: 50px;height: 30px;background: deepskyblue;color: white">
|
||||
</label>
|
||||
</form>
|
||||
</td>
|
||||
|
|
|
|||
Loading…
Reference in New Issue