基于jsp+servlet+mysql+bootstrap的权限设计

最新推荐文章于 2022-10-19 15:47:08 发布
最新推荐文章于 2022-10-19 15:47:08 发布
阅读量545 收藏 5
点赞数 1
分类专栏: javaweb 文章标签: java mysql servlet
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/biancheng4/article/details/126809251
版权
1.数据库设计采用RABC(基于角色的访问控制)
	# Host: localhost  (Version: 5.7.26)
# Date: 2022-09-11 20:45:00
# Generator: MySQL-Front 5.3  (Build 4.234)

/*!40101 SET NAMES utf8 */;

#
# Structure for table "sys_permission"
#

DROP TABLE IF EXISTS `sys_permission`;
CREATE TABLE `sys_permission` (
  `Id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(32) DEFAULT NULL,
  `keyword` varchar(64) DEFAULT NULL,
  `description` varchar(128) DEFAULT NULL,
  PRIMARY KEY (`Id`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COMMENT='权限';

#
# Data for table "sys_permission"
#

/*!40000 ALTER TABLE `sys_permission` DISABLE KEYS */;
INSERT INTO `sys_permission` VALUES (1,'菜单添加','MENU_ADD',NULL);
/*!40000 ALTER TABLE `sys_permission` ENABLE KEYS */;

#
# Structure for table "sys_role"
#

DROP TABLE IF EXISTS `sys_role`;
CREATE TABLE `sys_role` (
  `Id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(32) DEFAULT NULL COMMENT '角色名称',
  `keyword` varchar(64) DEFAULT NULL COMMENT '角色字段',
  `description` varchar(128) DEFAULT NULL COMMENT '角色描述',
  PRIMARY KEY (`Id`)
) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COMMENT='角色表';

#
# Data for table "sys_role"
#

/*!40000 ALTER TABLE `sys_role` DISABLE KEYS */;
INSERT INTO `sys_role` VALUES (1,'管理员','ROLE_ADMIN',NULL),(2,'教师','ROLE_TEACHER',NULL);
/*!40000 ALTER TABLE `sys_role` ENABLE KEYS */;

#
# Structure for table "sys_role_permission"
#

DROP TABLE IF EXISTS `sys_role_permission`;
CREATE TABLE `sys_role_permission` (
  `Id` int(11) NOT NULL AUTO_INCREMENT,
  `role_id` int(11) NOT NULL DEFAULT '0' COMMENT '角色id',
  `permission_id` int(11) NOT NULL DEFAULT '0' COMMENT '权限id',
  PRIMARY KEY (`Id`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COMMENT='角色与权限的连接';

#
# Data for table "sys_role_permission"
#

/*!40000 ALTER TABLE `sys_role_permission` DISABLE KEYS */;
INSERT INTO `sys_role_permission` VALUES (1,1,1);
/*!40000 ALTER TABLE `sys_role_permission` ENABLE KEYS */;

#
# Structure for table "sys_user"
#

DROP TABLE IF EXISTS `sys_user`;
CREATE TABLE `sys_user` (
  `Id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(255) DEFAULT NULL COMMENT '用户名',
  `password` varchar(255) DEFAULT NULL COMMENT '密码',
  `gender` tinyint(1) DEFAULT NULL COMMENT '性别 0女 1男',
  `createBy` varchar(255) DEFAULT NULL COMMENT '创建者',
  `state` tinyint(1) DEFAULT NULL COMMENT '状态 0正常 1封禁',
  `creationDate` date DEFAULT NULL COMMENT '创建时间',
  `modifyBy` varchar(255) DEFAULT NULL COMMENT '修改者',
  `modifyDate` date DEFAULT NULL COMMENT '修改时间',
  PRIMARY KEY (`Id`)
) ENGINE=MyISAM AUTO_INCREMENT=14 DEFAULT CHARSET=utf8;

#
# Data for table "sys_user"
#

/*!40000 ALTER TABLE `sys_user` DISABLE KEYS */;
INSERT INTO `sys_user` VALUES (1,'admin','123456',1,'admin',0,NULL,NULL,NULL),(3,'test1','12345',1,'admin',1,'2022-09-08','admin','2022-09-08'),(4,'admin','123456',1,'admin',0,NULL,'',NULL),(5,'test1','12345',1,'admin',1,'2022-09-08','admin','2022-09-08'),(6,'admin','123456',1,'admin',0,NULL,'',NULL),(7,'test1','12345',1,'admin',1,'2022-09-08','admin','2022-09-08'),(8,'admin','123456',1,'admin',0,NULL,'',NULL),(9,'test1','12345',1,'admin',1,'2022-09-08','admin','2022-09-08'),(10,'admin','123456',1,'admin',0,NULL,'',NULL),(11,'test1','12345',1,'admin',1,'2022-09-08','admin','2022-09-08'),(12,'admin','123456',1,'admin',0,NULL,'',NULL),(13,'test1','12345',1,'admin',1,'2022-09-08','admin','2022-09-08');
/*!40000 ALTER TABLE `sys_user` ENABLE KEYS */;

#
# Structure for table "sys_user_role"
#

DROP TABLE IF EXISTS `sys_user_role`;
CREATE TABLE `sys_user_role` (
  `Id` int(11) NOT NULL AUTO_INCREMENT,
  `user_id` int(11) NOT NULL DEFAULT '0' COMMENT '用户主键',
  `role_id` int(11) NOT NULL DEFAULT '0' COMMENT '角色主键',
  PRIMARY KEY (`Id`)
) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=utf8 COMMENT='用户与角色链接';

#
# Data for table "sys_user_role"
#

/*!40000 ALTER TABLE `sys_user_role` DISABLE KEYS */;
INSERT INTO `sys_user_role` VALUES (2,3,1),(3,5,1),(4,5,2),(7,6,1),(8,6,2),(10,8,1);
/*!40000 ALTER TABLE `sys_user_role` ENABLE KEYS */;
2.查询并保存权限的servlet
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {


    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String username = req.getParameter("username");
        String password = req.getParameter("password");
        String autoLogin = req.getParameter("autoLogin");
        ServletContext context = this.getServletContext();
        String contextPath = context.getContextPath();

        if (username == null){
            req.setAttribute("error", "用户名不能为空");
            req.getRequestDispatcher(contextPath + "/login.jsp").forward(req, resp);
        }

        SysUser user = getUser(username);

        if (user == null){
            req.setAttribute("error", "无此用户");
            req.getRequestDispatcher(contextPath + "/login.jsp").forward(req, resp);
        }

        boolean b = passwordsThan(password, user);

        if (!b){
            req.setAttribute("error", "用户名或密码错误");
            req.getRequestDispatcher(contextPath + "/login.jsp").forward(req, resp);
        }

        Set<String> roleManger = new HashSet<>();
        Set<String> permissionManger = new HashSet<>();

        Set<SysRole> role = new HashSet<>();
        if (user != null) {
            role = getRole(user.getId());
        }
        for (SysRole sysRole : role) {
            roleManger.add(sysRole.getKeyword());
            Set<SysPermission> permission = getPermission(sysRole.getId());
            for (SysPermission sysPermission : permission) {
                permissionManger.add(sysPermission.getKeyword());
            }
        }



        //将用户信息存储在会话中
        req.getSession().setAttribute(ConstantUtil.SESSION_USER, user);
        req.getSession().setAttribute(ConstantUtil.SESSION_ROLE, roleManger);
        req.getSession().setAttribute(ConstantUtil.SESSION_PERMISSION, permissionManger);
        SysUser user1 = (SysUser) req.getSession().getAttribute("user");
        if (ConstantUtil.ON.equals(autoLogin)){
            rememberMe(user1);
        }
        //跳转首页

        resp.sendRedirect(contextPath + "/jsp/index.jsp");
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doGet(req,resp);
    }

    /**
     * 通过用户名获取用户信息
     * @param username 用户名
     * @return SysUser
     */
    private SysUser getUser(String username){
        UserServiceImpl userService = new UserServiceImpl();
        return userService.loginByUsername(username);
    }

    /**
     * 通过用户id获取角色
     * @param userId
     * @return
     */
    private Set<SysRole> getRole(Integer userId){
        RoleServiceImpl roleService = new RoleServiceImpl();
        return roleService.findRoleByUserId(userId);
    }

    /**
     * 通过角色id获取权限
     * @param roleId
     * @return
     */
    private Set<SysPermission> getPermission(Integer roleId){
        PermissionServiceImpl permission = new PermissionServiceImpl();
        return permission.findPermissionByRoleId(roleId);
    }

    /**
     * 密码比对
     * @param password  密码
     * @param user      用户
     * @return  真值/假值
     */
    private boolean passwordsThan(String password, SysUser user){

        if (user == null){
            return false;
        }

        if (password.equals(user.getPassword())){
            return true;
        }
        return false;
    }

    /**
     * 记住我功能
     * @param user 用户信息
     */
    private void rememberMe(SysUser user){
        Cookie cookie = new Cookie("rememberMe", user.getUsername());
        cookie.setMaxAge(ConstantUtil.TIME);
    }

}
3.userService用户接口类
public interface UserService {

    /**
     * 登录
     * @param username 用户名
     * @return 用户信息 SysUser
     */
    SysUser loginByUsername(String username);

    /**
     * 查询所有用户
     * @return
     */
    List<SysUser> getList();

    /**
     * 存储用户
     * @param user
     * @return
     */
    boolean saveUser(SysUser user);

    /**
     * 更新用户
     * @param user
     * @return
     */
    boolean updateUserByUserId(SysUser user);

    /**
     * 删除用户
     * @param userId
     * @return
     */
    boolean deleteUser(Integer userId);

    /**
     * 关联角色与用户
     * @param userId
     * @param roleId
     * @return
     */
    boolean relevanceUserRole(Integer userId, Integer roleId);

    /**
     * 删除角色与用户关联
     * @param userId
     * @param roleId
     * @return
     */
    boolean removeUserRole(Integer userId, Integer roleId);

    /**
     * 分页查询所有数据
     * @param current
     * @param pagerNumber
     * @return
     */
    List<SysUser> getListByPage(Integer current, Integer pagerNumber);
}
4.UserServiceImpl用户接口实现类
public class UserServiceImpl implements UserService{

    private UserDao userDao;

    public UserServiceImpl() {
        userDao = new UserDaoImpl();
    }

    @Override
    public SysUser loginByUsername(String username) {
        Connection connection = null;
        SysUser user = null;

        try {
            connection = BaseDao.getConnection();
            user = userDao.getLoginUserByUsername(connection, username);
        } finally {
            BaseDao.closeResource(connection, null, null);
        }

        return user;
    }

    @Override
    public List<SysUser> getList() {
        Connection connection = null;
        List<SysUser> user = null;

        try {
            connection = BaseDao.getConnection();
            user = userDao.getList(connection);
        } finally {
            BaseDao.closeResource(connection, null, null);
        }

        return user;
    }

    @Override
    public boolean saveUser(SysUser user) {
        Connection connection = null;
        boolean flag = false;
        connection = BaseDao.getConnection();
        int i = userDao.saveUser(connection, user);
        if (i > 0){
            flag = true;
        }

        return flag;
    }

    @Override
    public boolean updateUserByUserId(SysUser user) {
        Connection connection = null;
        boolean flag = false;
        connection = BaseDao.getConnection();
        int i = userDao.updateUserByUserId(connection, user);
        if (i > 0){
            flag = true;
        }

        return flag;
    }

    @Override
    public boolean deleteUser(Integer userId) {
        Connection connection = null;
        boolean flag = false;
        connection = BaseDao.getConnection();
        int i = userDao.deleteUser(connection, userId);
        if (i > 0){
            flag = true;
        }

        return flag;
    }

    @Override
    public boolean relevanceUserRole(Integer userId, Integer roleId) {
        Connection connection = null;
        boolean flag = false;
        connection = BaseDao.getConnection();
        int i = userDao.relevanceUserRole(connection, userId, roleId);
        if (i > 0){
            flag = true;
        }
        return flag;
    }

    @Override
    public boolean removeUserRole(Integer userId, Integer roleId) {
        Connection connection = null;
        boolean flag = false;
        connection = BaseDao.getConnection();
        int i = userDao.removeUserRole(connection, userId, roleId);
        if (i > 0){
            flag = true;
        }
        return flag;
    }

    @Override
    public List<SysUser> getListByPage(Integer current, Integer pagerNumber) {
        Connection connection = null;
        List<SysUser> user = null;
        try {
            connection = BaseDao.getConnection();
            user = userDao.getListByPage(connection, current, pagerNumber);
        } finally {
            BaseDao.closeResource(connection, null, null);
        }
        return user;
    }
}
5.UserDao用户数据库接口类
public interface UserDao {

    /**
     * 通过用户名获取用户
     * @param connection  数据库连接对象
     * @param username    用户名
     * @return SysUser
     */
    SysUser getLoginUserByUsername(Connection connection, String username);

    /**
     * 查询所有用户
     * @param connection
     * @return
     */
    List<SysUser>  getList(Connection connection);

    /**
     * 存储用户
     * @param user
     * @param connection
     * @return
     */
    int saveUser(Connection connection, SysUser user);

    /**
     * 更新用户
     * @param connection
     * @param user
     * @return
     */
    int updateUserByUserId(Connection connection, SysUser user);

    /**
     * 删除用户
     * @param userId
     * @param connection
     * @return
     */
    int deleteUser(Connection connection, Integer userId);

    /**
     * 关联角色与用户
     * @param connection
     * @param userId
     * @param roleId
     * @return
     */
    int relevanceUserRole(Connection connection, Integer userId, Integer roleId);

    /**
     * 删除角色与用户关联
     * @param connection
     * @param userId
     * @param roleId
     * @return
     */
    int removeUserRole(Connection connection, Integer userId, Integer roleId);

    /**
     * 分页查询用户
     * @param connection
     * @param current
     * @param pageNumber
     * @return
     */
    List<SysUser> getListByPage(Connection connection, Integer current, Integer pageNumber);
}
6.UserDaoImpl数据库设计
public class UserDaoImpl implements UserDao{

    @Override
    public SysUser getLoginUserByUsername(Connection connection, String username) {
        PreparedStatement preparedStatement = null;
        ResultSet rs = null;
        SysUser user = null;
        String sql = "select * from sys_user where username = ?";
        Object[] params = {username};

        try {
            rs = BaseDao.execute(connection, sql, params, preparedStatement, rs);
            if (rs.next()){
                user = new SysUser();
                user.setId(rs.getInt("Id"));
                user.setUsername(rs.getString("username"));
                user.setPassword(rs.getString("password"));
                user.setGender(rs.getInt("gender"));
                user.setCreateBy(rs.getString("createBy"));
                user.setState(rs.getInt("state"));
                user.setCreationDate(rs.getDate("creationDate"));
                user.setModifyBy(rs.getString("modifyBy"));
                user.setModifyDate(rs.getDate("modifyDate"));
            }
            BaseDao.closeResource(null, preparedStatement, rs);
        } catch (SQLException throwable) {
            throwable.printStackTrace();
        }
        return user;
    }

    @Override
    public List<SysUser> getList(Connection connection) {
        PreparedStatement preparedStatement = null;
        ResultSet rs = null;
        SysUser user;
        String sql = "select * from sys_user";

        Object[] params = new Object[0];
        List<SysUser> users = new ArrayList<>();
        try {
            rs = BaseDao.execute(connection, sql, params, preparedStatement, rs);
            while (rs.next()){
                user = new SysUser();
                user.setId(rs.getInt("Id"));
                user.setUsername(rs.getString("username"));
                user.setPassword(rs.getString("password"));
                user.setGender(rs.getInt("gender"));
                user.setCreateBy(rs.getString("createBy"));
                user.setState(rs.getInt("state"));
                user.setCreationDate(rs.getDate("creationDate"));
                user.setModifyBy(rs.getString("modifyBy"));
                user.setModifyDate(rs.getDate("modifyDate"));
                users.add(user);
            }
            BaseDao.closeResource(null, preparedStatement, rs);
        } catch (SQLException throwable) {
            throwable.printStackTrace();
        }
        return users;
    }

    @Override
    public int saveUser(Connection connection, SysUser user) {
        PreparedStatement preparedStatement = null;
        String sql = "INSERT INTO sys_user(username, `password`, gender, createBy, state, creationDate, modifyBy, modifyDate) VALUES(?,?,?,?,?,?,?,?)";
        Object[] params = {user.getUsername(), user.getPassword(), user.getGender(), user.getCreateBy(), user.getState(), user.getCreationDate(), user.getModifyBy(), user.getModifyDate()};
        int execute = 0;
        try {
            execute = BaseDao.execute(connection, sql, params, preparedStatement);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        BaseDao.closeResource(null, preparedStatement, null);
        return execute;
    }

    @Override
    public int updateUserByUserId(Connection connection, SysUser user) {
        PreparedStatement preparedStatement = null;
        String sql = "UPDATE sys_user set username = ?, `password` = ?, gender = ?, createBy = ?, state = ?, creationDate =?, modifyBy = ?, modifyDate = ? where Id = ?";
        Object[] params = {user.getUsername(), user.getPassword(), user.getGender(), user.getCreateBy(), user.getState(), user.getCreationDate(), user.getModifyBy(), user.getModifyDate(), user.getId()};
        int execute = 0;
        try {
            execute = BaseDao.execute(connection, sql, params, preparedStatement);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        BaseDao.closeResource(null, preparedStatement, null);
        return execute;
    }

    @Override
    public int deleteUser(Connection connection, Integer userId) {
        PreparedStatement preparedStatement = null;
        String sql = "delete from sys_user where Id = ?";
        Object[] params = {userId};
        int execute = 0;
        try {
            execute = BaseDao.execute(connection, sql, params, preparedStatement);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        BaseDao.closeResource(null, preparedStatement, null);
        return execute;
    }

    @Override
    public int relevanceUserRole(Connection connection, Integer userId, Integer roleId) {
        PreparedStatement preparedStatement = null;
        String sql = "INSERT INTO sys_user_role(user_id, role_id) VALUES(?,?)";
        Object[] params = {userId, roleId};
        int execute = 0;
        try {
            execute = BaseDao.execute(connection, sql, params, preparedStatement);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        BaseDao.closeResource(null, preparedStatement, null);
        return execute;
    }

    @Override
    public int removeUserRole(Connection connection, Integer userId, Integer roleId) {
        PreparedStatement preparedStatement = null;
        String sql = "delete from sys_user_role where user_id = ? and role_id = ?";
        Object[] params = {userId, roleId};
        int execute = 0;
        try {
            execute = BaseDao.execute(connection, sql, params, preparedStatement);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        BaseDao.closeResource(null, preparedStatement, null);
        return execute;
    }

    @Override
    public List<SysUser> getListByPage(Connection connection, Integer current, Integer pageNumber) {
        PreparedStatement preparedStatement = null;
        ResultSet rs = null;
        SysUser user;
        String sql = "select * from sys_user limit ?, ?";
        Object[] params = {current,pageNumber};
        List<SysUser> users = new ArrayList<>();
        try {
            rs = BaseDao.execute(connection, sql, params, preparedStatement, rs);
            while (rs.next()){
                user = new SysUser();
                user.setId(rs.getInt("Id"));
                user.setUsername(rs.getString("username"));
                user.setPassword(rs.getString("password"));
                user.setGender(rs.getInt("gender"));
                user.setCreateBy(rs.getString("createBy"));
                user.setState(rs.getInt("state"));
                user.setCreationDate(rs.getDate("creationDate"));
                user.setModifyBy(rs.getString("modifyBy"));
                user.setModifyDate(rs.getDate("modifyDate"));
                users.add(user);
            }
            BaseDao.closeResource(null, preparedStatement, rs);
        } catch (SQLException throwable) {
            throwable.printStackTrace();
        }
        return users;
    }
}
7.角色
7.1.角色接口类
public interface RoleService {

    /**
     * 通过用户id查角色
     * @param userId
     * @return
     */
    Set<SysRole> findRoleByUserId(Integer userId);

    /**
     * 获取所有角色
     * @return
     */
    List<SysRole> getList();

    /**
     * 通过角色名获取id
     * @param roleName
     * @return
     */
    SysRole getIdByName(String roleName);
}
7.2 角色接口实现类
public class RoleServiceImpl implements RoleService{

    private RoleDao roleDao;

    public RoleServiceImpl() {
        roleDao = new RoleDaoImpl();
    }

    @Override
    public Set<SysRole> findRoleByUserId(Integer userId) {
        Connection connection = null;
        Set<SysRole> roles = null;
        try {
            connection = BaseDao.getConnection();
            roles = roleDao.findRoleByUserId(connection, userId);
        } finally {
            BaseDao.closeResource(connection, null, null);
        }

        return roles;
    }

    @Override
    public List<SysRole> getList() {
        Connection connection = null;
        List<SysRole> roles = null;

        try {
            connection = BaseDao.getConnection();
            roles = roleDao.getList(connection);
        } finally {
            BaseDao.closeResource(connection, null, null);
        }

        return roles;
    }

    @Override
    public SysRole getIdByName(String roleName) {
        Connection connection = null;
        SysRole role = null;

        try {
            connection = BaseDao.getConnection();
            role = roleDao.getRoleByRoleName(connection, roleName);
        } finally {
            BaseDao.closeResource(connection, null, null);
        }

        return role;
    }
}
7.3角色数据库接口类
public interface RoleDao {

    /**
     * 通过userid获得角色
     * @param userId
     * @param connection
     * @return
     */
    Set<SysRole> findRoleByUserId(Connection connection, Integer userId);

    /**
     * 获取所有角色
     * @param connection
     * @return
     */
    List<SysRole> getList(Connection connection);

    /**
     * 通过角色名查询角色id
     * @param connection
     * @param roleName
     * @return
     */
    SysRole getRoleByRoleName(Connection connection, String roleName);
}
7.4角色数据库接口实现类
public class RoleDaoImpl implements RoleDao{


    @Override
    public Set<SysRole> findRoleByUserId(Connection connection, Integer userId) {
        PreparedStatement statement = null;
        ResultSet rs = null;
        Object[] params = {userId};
        String sql = "select r.* from sys_role r,sys_user_role ur where r.id = ur.role_id and ur.user_id = ?";
        Set<SysRole> roles = new HashSet<>();

        try {
            rs = BaseDao.execute(connection, sql, params, statement, rs);
            while (rs.next()){
                SysRole sysRole = new SysRole();
                sysRole.setId(rs.getInt("Id"));
                sysRole.setName(rs.getString("name"));
                sysRole.setKeyword(rs.getString("keyword"));
                sysRole.setDescription(rs.getString("description"));
                roles.add(sysRole);

            }
            BaseDao.closeResource(null, statement, rs);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        return roles;
    }

    @Override
    public List<SysRole> getList(Connection connection) {
        PreparedStatement preparedStatement = null;
        ResultSet rs = null;
        SysRole role;
        String sql = "select * from sys_role";

        Object[] params = new Object[0];
        List<SysRole> roles = new ArrayList<>();
        try {
            rs = BaseDao.execute(connection, sql, params, preparedStatement, rs);
            while (rs.next()){
                role = new SysRole();
                role.setId(rs.getInt("Id"));
                role.setName(rs.getString("name"));
                role.setKeyword(rs.getString("keyword"));
                role.setDescription(rs.getString("description"));
                roles.add(role);
            }
            BaseDao.closeResource(null, preparedStatement, rs);
        } catch (SQLException throwable) {
            throwable.printStackTrace();
        }
        return roles;
    }

    @Override
    public SysRole getRoleByRoleName(Connection connection, String roleName) {
        PreparedStatement statement = null;
        ResultSet rs = null;
        Object[] params = {roleName};
        String sql = "select * from sys_role where name = ?";
        SysRole sysRole = null;
        try {
            rs = BaseDao.execute(connection, sql, params, statement, rs);
            while (rs.next()){
                sysRole = new SysRole();
                sysRole.setId(rs.getInt("Id"));
                sysRole.setName(rs.getString("name"));
                sysRole.setKeyword(rs.getString("keyword"));
                sysRole.setDescription(rs.getString("description"));
            }
            BaseDao.closeResource(null, statement, rs);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        return sysRole;
    }
}
8.权限
8.1权限接口类
public interface PermissionService {

    /**
     * 通过角色id查权限
     * @param roleId
     * @return
     */
    Set<SysPermission> findPermissionByRoleId(Integer roleId);
}
8.2权限接口实现类
public class PermissionServiceImpl implements PermissionService{

    private PermissionDao permissionDao;

    public PermissionServiceImpl() {
        permissionDao = new PermissionDaoImpl();
    }

    @Override
    public Set<SysPermission> findPermissionByRoleId(Integer roleId) {
        Connection connection = null;
        Set<SysPermission> permissionSet = null;
        try {
            connection = BaseDao.getConnection();
            permissionSet = permissionDao.findPermissionByRole(connection, roleId);
        } finally {
            BaseDao.closeResource(connection, null, null);
        }

        return permissionSet;
    }

}
8.3权限数据库接口类
public interface PermissionDao {

    /**
     * 通过角色id查看角色
     * @param roleId
     * @param connection
     * @return
     */
    Set<SysPermission> findPermissionByRole(Connection connection, Integer roleId);
}
8.4权限数据库接口实现类
public class PermissionDaoImpl implements PermissionDao{


    @Override
    public Set<SysPermission> findPermissionByRole(Connection connection, Integer roleId) {
        PreparedStatement statement = null;
        ResultSet rs = null;
        Object[] params = {roleId};
        String sql = "SELECT p.* FROM sys_permission p, sys_role_permission rp WHERE rp.permission_id = p.Id AND rp.role_id = ?";
        Set<SysPermission> permissionSet = new HashSet<>();

        try {
            rs = BaseDao.execute(connection, sql, params, statement, rs);
            while (rs.next()){
                SysPermission sysPermission = new SysPermission();
                sysPermission.setId(rs.getInt("Id"));
                sysPermission.setName(rs.getString("name"));
                sysPermission.setKeyword(rs.getString("keyword"));
                sysPermission.setDescription(rs.getString("description"));
                permissionSet.add(sysPermission);
            }
            BaseDao.closeResource(null, statement, rs);
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        return permissionSet;
    }
}
9.拦截器
9.1编码拦截器
public class CharacterEncodingFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        servletRequest.setCharacterEncoding("utf-8");
        servletResponse.setCharacterEncoding("utf-8");
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override
    public void destroy() {

    }
}
9.2url拦截(判断是否登录)
@WebFilter(filterName = "intercept", urlPatterns = "/jsp/*")
public class JavaWebStartFilter implements Filter {


    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        //记住我
//        Cookie[] cookies = req.getCookies();
//        boolean flag = true;
//        if (SIGN.equals(req.getContextPath())){
//            for (Cookie cookie : cookies) {
//                if (AUTO_LOGIN.equals(cookie.getName())){
//                    flag = false;
//                    break;
//                }
//            }
//        }


        SysUser attribute = (SysUser) req.getSession().getAttribute(ConstantUtil.SESSION_USER);

        if (attribute != null){
            chain.doFilter(request, response);
        } else {
            HttpServletResponse rep = (HttpServletResponse) response;
            rep.sendRedirect(req.getContextPath() + "/");
        }
    }

    @Override
    public void destroy() {

    }
}
10.jsp根据权限判断显隐
    <% if (role.contains("ROLE_ADMIN")) { %>
                        <li class="nav-item nav-item-has-subnav">
                            <a href="javascript:void(0)"><i class="mdi mdi-palette"></i> <span>UI 元素</span></a>
                            <ul class="nav nav-subnav">
                                <li> <a class="multitabs" href="lyear_ui_buttons.html">按钮</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_cards.html">卡片</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_grid.html">格栅</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_icons.html">图标</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_tables.html">表格</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_modals.html">模态框</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_tooltips_popover.html">提示 / 弹出框</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_alerts.html">警告框</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_pagination.html">分页</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_progress.html">进度条</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_tabs.html">标签页</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_typography.html">排版</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_step.html">步骤</a> </li>
                                <li> <a class="multitabs" href="lyear_ui_other.html">其他</a> </li>
                            </ul>
                        </li>
                        <% } %>

                        <% if (role.contains("ROLE_ALL")) { %>
                            <li class="nav-item nav-item-has-subnav">
                                <a href="javascript:void(0)"><i class="mdi mdi-format-align-justify"></i> <span>表单</span></a>
                                <ul class="nav nav-subnav">
                                    <li> <a class="multitabs" href="lyear_forms_elements.html">基本元素</a> </li>
                                    <li> <a class="multitabs" href="lyear_forms_radio.html">单选框</a> </li>
                                    <li> <a class="multitabs" href="lyear_forms_checkbox.html">复选框</a> </li>
                                    <li> <a class="multitabs" href="lyear_forms_switch.html">开关</a> </li>
                                </ul>
                            </li>
                        <% } %>
11.页面显示

在这里插入图片描述

12.用户授权设计
@WebServlet("/user/roleConnect")
public class UserRoleServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doPost(req, resp);
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String userId = req.getParameter("user_id");
        String role = req.getParameter("role_name");
        String wu = "无";

        String[] split = role.split(",");

        RoleServiceImpl roleService = new RoleServiceImpl();
        Set<SysRole> roleByUserId = roleService.findRoleByUserId(Integer.valueOf(userId));

        //查询原先拥有的权限
        List<Integer> hasRoleId = new ArrayList<>();
        for (SysRole sysRole : roleByUserId) {
            hasRoleId.add(sysRole.getId());
        }




        if (wu.equals(split[0])){
            for (Integer integer : hasRoleId) {
                removeUserRole(Integer.valueOf(userId), integer);
            }
        } else {

            //新选择的权限
            List<Integer> ids = new ArrayList<>();
            for (String s : split) {
                Integer roleIdByName = getRoleIdByName(s);
                ids.add(roleIdByName);
            }

            if (hasRoleId.size() == 0){
                for (Integer id : ids) {
                    connectUserRole(Integer.valueOf(userId), id);
                }
            }

            System.out.println("用户id" + userId);
            System.out.println("角色" + role);


            //相同的权限id
            List<Integer> simile = new ArrayList<>();


            //去除与原先不同的
            for (Integer integer : hasRoleId) {
                if (ids.contains(integer)){
                    simile.add(integer);
                } else {
                    removeUserRole(Integer.valueOf(userId), integer);
                }
            }

            System.out.println("相同" + simile.size());

            if (simile.size() == 0){
                System.out.println("没有相同的");
                for (Integer integer : hasRoleId) {
                    removeUserRole(Integer.valueOf(userId), integer);
                }
            } else {
                //将新权限剩下的插入
                for (Integer id : ids) {
                    if (!simile.contains(id)){
                        connectUserRole(Integer.valueOf(userId), id);
                    }
                }
            }
        }



    }

    /**
     * 连接用户与角色
     * @param userId
     * @param roleId
     * @return
     */
    private boolean connectUserRole(Integer userId, Integer roleId){
        UserServiceImpl userService = new UserServiceImpl();
        return userService.relevanceUserRole(userId, roleId);
    }

    /**
     * 清除用户与角色
     * @param userId
     * @param roleId
     * @return
     */
    private boolean removeUserRole(Integer userId, Integer roleId){
        UserServiceImpl userService = new UserServiceImpl();
        return userService.removeUserRole(userId, roleId);
    }

    /**
     * 通过角色名称获取id
     * @param roleName
     * @return
     */
    private Integer getRoleIdByName(String roleName){
        RoleServiceImpl roleService = new RoleServiceImpl();
        SysRole idByName = roleService.getIdByName(roleName);
        return idByName.getId();
    }
}
13.jsp授权
 let userId;
    let value;

    function submitRole(){
        value = $('#sel').val()
        console.log("选择的" + value)
        if (value == null){
            value = ['无']
        }
        $.ajax({
            url: '/user/roleConnect',
            type: 'POST',
            data:{
                user_id: userId,
                role_name: value.toString()
            },
            success: function (data){
                console.log(data)
                lightyear.notify('授权成功', 'success', 3000);
                location.reload();
            },
            error: function (){
                console.log("错误")
            }
        })
    }

    $('#exampleModal').on('show.bs.modal', function (event) {
        var button = $(event.relatedTarget)
        var recipient = button.data('whatever')
        var modal = $(this)
        userId = button.data("id"); //122
        getRole(userId)
    })

    function getRole(userId){
        $.ajax({
            url: '/role/getRole',
            type: 'POST',
            data:{
                userId: userId,
            },
            success: function (data){
                let newRole = []
                let roles = data.role
                newRole = roles.map((item) => {
                    return item.name
                })
                console.log(newRole)
                showRoleList(newRole)
            },
            error: function (){
                console.log("错误")
            }
        })
    }

    function showRoleList(newRole){
        $('.selectpicker').selectpicker('val', newRole);
    }

html

<div class="modal fade" id="exampleModal" tabindex="-1" role="dialog" aria-labelledby="exampleModalLabel">
        <div class="modal-dialog" role="document">
            <div class="modal-content">
                <div class="modal-header">
                    <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
                    <h4 class="modal-title" id="exampleModalLabel">授权角色</h4>
                </div>
                <div class="modal-body">
                    <form>
                        <label>角色选择</label>
                        <select id="sel" class="selectpicker" multiple title="请选择">
                            <c:forEach items="${roleList}" var="role">
                                <option>${role.name}</option>
                            </c:forEach>
                        </select>
                    </form>
                </div>
                <div class="modal-footer">
                    <button type="button" class="btn btn-default" data-dismiss="modal">关闭</button>
                    <button onclick="submitRole()" type="button" data-dismiss="modal" class="btn btn-success">确认</button>
                </div>
            </div>
        </div>
    </div>
    
    ```

在这里插入图片描述
-----持续更新中------

基于JSP+Servlet+bootstrap开发电影院购票系统.zip
12-16
基于JSP+Servlet+bootstrap开发的电影院网络购票系统,内含需求说明书,源代码,数据库文件。功能齐全,优质毕业设计内容。可实现选座购票,查询添加等等操作。内容详尽,功能完善;分前台和后台管理员两模块内容,可实现电影管理,分类查询等等操作;
jsp+servlet+bootstrap日记本系统
08-24
基于jsp+servlet+bootstrap日记本系统,适合初学者练手学习!
基于Jsp+Servlet+MySQL+Bootstrap的酒店管理系统
m0_59652139的博客
04-21 724
项目运行截图 系统登录 入住 选择房间 入住 房间管理 订单管理 订单续费 用户登记 订单预览 业务数据 在未来宾馆行业的竞争中,提高宾馆的管理效率,提供高质量的服务,对客人提出的要求要不断完善,同时及时更新宾馆的实时动态等着将会是宾馆管理的目标与方向,在经济越来越发达的今天,只有将宾馆与计算机实现计算机化,智能化,信息化等发面发展,才能更加提高宾馆的管理效率,经济效益。 该系统主要服务于管理者,可以很好的提高宾馆的运作效率,对于宾馆的信息
JSP权限控制源码
web开发自学
12-14 358
JSP权限控制源码 偶然翻到很多年前,刚学Java的时候学的一段代码。或许,现在让写,还写不出来了。技术如潮、不进则退。还是年轻好啊,思路清晰、精神充沛。 [java] &lt;%@ page contentType="text/html; charset=gb2312" %&gt; &lt;%@ page import="qlsoft.PWebs.Business.PermitBe...
jsp+servlet+bootstrap开发java web五邑大学在线考试管理系统(可做课程设计
wuqiwan的博客
05-09 571
项目描述考试对于考试管理者来说无疑是一件非常繁重的工作,在线考试管理系统的出现,使考试变成一件简单易行的事情。 本系统实现学生在线考试、查询成绩、登录、登出等功能。 运行环境: jdk8+tomcat8+mysql+IntelliJ IDEA 项目技术: jsp+servlet+jdbc 数据库连接: servlet session+ 自定义filter+C3P0连接池 + bootstrap 数据库文件在项目sql文件 jar包文件压缩包内 测试帐号:test 密码:test 注意事项 : 1
基于JSP+Servlet+JDBC+MySQL+Bootstrap的考勤管理系统.zip
12-30
基于JSP+Servlet+JDBC+MySQL+Bootstrap的考勤管理系统 基于JSP+Servlet+JDBC+MySQL+Bootstrap的考勤管理系统 基于JSP+Servlet+JDBC+MySQL+Bootstrap的考勤管理系统 基于JSP+Servlet+JDBC+MySQL+Bootstrap的考勤管理...
基于JSP+Servlet+JDBC+MySQL+Bootstrap的考勤管理系统源码+项目说明.zip
最新发布
01-11
【资源说明】 1、该资源包括项目的全部源码,下载可以直接使用! 2、本项目适合作为计算机、数学、电子信息等专业的课程设计、期末大作业和...基于JSP+Servlet+JDBC+MySQL+Bootstrap的考勤管理系统源码+项目说明.zip
jsp权限控制
11-17
用于做权限的开发,有需要的童鞋可以下载,很简单
JSP权限控制
sun5208的专栏
10-24 1466
感觉文章很好就转一下,首先感谢这位仁兄!http://www.blogjava.net/wake/archive/2006/04/28/43843.html近几天不是很忙,就想看看关于 WEB 方式 (Jsp) 后台权限控制的设计实现问题 , 在 Google 搜了一下,一大堆的东西,当看到头大的时候决定自己先试着做一个简单例子。 先推荐大家有时间看一下关于 RBAC 即角色访问控制 (Role
JSP 权限控制
weixin_30355437的博客
05-01 91
想法:在数据库里面留下自己的权限值。把拥有不同权限的页面存放到不同的文件夹中,并把这些文件夹名称存放发到数据库中,当用户登录时不存用户权限,在session中。每访问一个页面的时候就判断这些东西。 转载于:https://www.cnblogs.com/Acmen/archive/2011/05/01/2034122.html...
jsp权限控制,jsp自定义标签实现
08-12
Struts2拦截器:需要配置action进行拦截。而且。有时候我们并不想让用户看到不改属于他操作的按钮。(sturts可以进行判断,但有写复杂) 使用jsp自定义标签的功能实现权限的控制。(如果用户没有某个模块的删除权限,就不现实这个删除按钮) 在整个项目中所有的页面都可以引入自定义的标签去做到权限的控制。 自定义标签文件 删除 可以控制页面中的每个元素,只需要一个类就能够实现
期刊稿件管理系统(jsp+servlet+mysql+bootstrap前端)
07-08
1.实现作者、投稿人、审稿人(编辑部、专家、主编)的信息管理 ; 2.实现作者在线投稿(文件上传与下载)、审稿人三级审稿; 3.网页设计不同于其他多年前的代码,绝对美观; 4.内含报告(面向对象分析,包含类图、系统用例图、数据流图、事件跟踪图)及sql数据库文件。
jsp做的权限管理系统
09-09
jsp 权限管理系统,完整原代码,可在Myeclipse 6.0.1下直接运行。
JSP+servlet+Bbootstrap博客论坛源码
09-30
JSP+servlet+Bbootstrap博客论坛源码,根目录有数据库SQL文件直接导入表即可。
JSP权限控制(一)
dizhang的专栏
07-15 2899
JSP权限控制(一) 近几天不是很忙,就想看看关于 WEB 方式 (Jsp) 后台权限控制的设计实现问题 , 在 Google 搜了一下,一大堆的东西,当看到头大的时候决定自己先试着做一个简单例子。   先推荐大家有时间看一下关于 RBAC 即角色访问控制 (Role Based  Access Control) 的相关文章,虽然已经是个老话题了 , 但如果要在一个大的项目中实现权限控制的
java开发考试管理系统_jsp+servlet+bootstrap开发java web五邑大学在线考试管理系统
weixin_30249465的博客
02-25 304
项目描述考试对于考试管理者来说无疑是一件非常繁重的工作,在线考试管理系统的出现,使考试变成一件简单易行的事情。本系统实现学生在线考试、查询成绩、登录、登出等功能。运行环境jdk8+tomcat8+mysql+IntelliJ IDEA项目技术(必填)jsp+servlet+jdbc数据库连接+servlet session+ 自定义filter+C3P0连接池 + bootstrap数据库文件...
基于Java+Servlet+jsp+bootstrap实现的图书管理系统的设计与实现
qq_28917403的博客
10-19 865
图书管理系统 包含管理员、学生两种角色 管理员角色包含以下功能: 管理员登录、图书管理、分类管理、借阅信息、归还信息、公告管理、读者管理、我的 等功能。 学生角色包含以下功能: 学生登录、注册、图书查询、借阅信息、借阅历史、我的 等功能。
基于JSP+Servlet+MySQL+Bootstrap的人力资源管理系统
code51博客
06-30 458
登陆首页首页信息添加应聘信息正在上传…重新上传取消人才浏览职位管理职位浏览部门管理培训管理培训列表培训列表奖金录入奖金管理用户管理公告管理登陆首页技术描述开发工具: Idea/Eclipse 数据库: mysql Jar包仓库: Jar包 前段框架:jquery/Jsp 后端框架: Jsp/Servlet资料说明基于JSP+Servlet+MySQL+Bootstrap的人力资源管理系统,包含管理员角色。整体功能包含招聘管理,部门管理,培训管理,奖金管理,用户管理,系统管理等...
JSP权限控制(二)
sun5208的专栏
10-24 1945
1 )首先建立管理用户表,其中 UserPopedom 记录用户的权限字符,其实也就是一些 JSP 或者 ACTION 的文件名: CREATE TABLE [dbo].[AdminUser] (   [UserID] [varchar] (50) COLLATE Chinese_PRC_CI_AS NULL ,   [UserName] [varchar] (50) COLLATE Chines
基于JSP+Servlet+MySQL的教材订购系统开发
通过整合以上知识点,可以更好地理解一个基于 JSPServletMySQL 的教材订购系统的开发与部署过程,以及相关的技术栈细节。这些知识对于进行 Web 应用开发的开发者而言,是必不可少的技能。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值