2010.04.08(3)———hibernate annotation 多对多和简单权限管理

原创 于 2010-05-07 17:49:20 发布 · 73 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#Hibernate #项目管理 #Java #Servlet #JSP

本文介绍了一个基于Hibernate注解实现的多对多关系映射及权限管理系统。通过具体实例展示了如何在用户、角色与权限间建立关联,并利用过滤器实现访问控制。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

2010.04.08(3)———hibernate annotation 多对多和简单权限管理

参考:http://www.iteye.com/topic/314635

user---多对多---group----多对多----action
用户------------角色---------------权限


数据库


//用户表
create table cp_user(
id varchar2(32) primary key,
name varchar2(50) unique not null,
password varchar2(50) not null
)

insert into cp_user values(1,'admin','admin');
insert into cp_user values(2,'cody','cody');
insert into cp_user values(3,'xiaodu','xiaodu');


//角色表
create table cp_group(
id varchar2(32) primary key,
name varchar2(50) unique not null

)

insert into cp_group values(1,'区领导');
insert into cp_group values(2,'科室领导');
insert into cp_group values(3,'科员');

//权限表
create table cp_action(
id varchar2(32) primary key,
name varchar2(200) unique not null,
p_id varchar2(32) not null,
url varchar2(100) not null unique
)

insert into cp_action values(1,'地图主页面',0,'map.jsp');
insert into cp_action values(2,'根据项目的图表展示',0,'chart1.jsp');
insert into cp_action values(3,'根据开工状态的图表展示',0,'chart2.jsp');
insert into cp_action values(4,'地图主页面数据来源',0,'map_value.do');
insert into cp_action values(5,'根据项目的图表展示数据来源',0,'map_chart1.do');
insert into cp_action values(6,'根据开工状态的图表展示数据来源',0,'map_chart2.do');
insert into cp_action values(7,'删除点标注',0,'map_control.do');

//用户角色表
create table cp_user_group(
user_id varchar2(32) references cp_user(id),
group_id varchar2(32) references cp_group(id),
primary key(user_id,group_id)
)

insert into cp_user_group values('1','1');
insert into cp_user_group values('1','2');
insert into cp_user_group values('2','2');
insert into cp_user_group values('2','3');
insert into cp_user_group values('3','3');


//角色权限表
create table cp_group_action(
group_id varchar2(32) references cp_group(id),
action_id varchar2(32) references cp_action(id),
state number(1) not null ,
check(state in (0,1)),
primary key(action_id,group_id)
)


insert into cp_group_action values('1','1',1);
insert into cp_group_action values('1','2',1);
insert into cp_group_action values('1','3',1);
insert into cp_group_action values('1','4',1);
insert into cp_group_action values('1','5',1);
insert into cp_group_action values('1','6',1);
insert into cp_group_action values('1','7',1);

insert into cp_group_action values('2','1',1);
insert into cp_group_action values('2','2',1);
insert into cp_group_action values('2','3',1);
insert into cp_group_action values('2','4',1);
insert into cp_group_action values('2','5',1);
insert into cp_group_action values('2','6',1);

insert into cp_group_action values('3','1',1);
insert into cp_group_action values('3','2',1);
insert into cp_group_action values('3','4',1);
insert into cp_group_action values('3','5',1);


pojo类

用户:

package pojo;

import java.util.HashSet;
import java.util.Set;

import javax.persistence.CascadeType;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.Table;

import org.hibernate.annotations.GenericGenerator;

@Entity
@Table(name="cp_user")
public class User {
	@Id
	@GeneratedValue(generator = "system-uuid")    
	@GenericGenerator(name = "system-uuid", strategy = "uuid.hex") 
	private String id;
	private String name;
	private String password;
	@ManyToMany(cascade=CascadeType.ALL ,fetch = FetchType.EAGER)
	@JoinTable(name="cp_user_group",
			joinColumns={@JoinColumn(name="user_id", referencedColumnName="id")},
			inverseJoinColumns={@JoinColumn(name="group_id",referencedColumnName="id")}
	)
	private Set<Group> groups = new HashSet<Group>(); 
	public String getId() {
		return id;
	}
	public void setId(String id) {
		this.id = id;
	}
	public String getName() {
		return name;
	}
	public void setName(String name) {
		this.name = name;
	}
	public String getPassword() {
		return password;
	}
	public void setPassword(String password) {
		this.password = password;
	}

	public Set<Group> getGroups() {
		return groups;
	}
	public void setGroups(Set<Group> groups) {
		this.groups = groups;
	}


}

角色:

package pojo;

import java.util.HashSet;
import java.util.Set;

import javax.persistence.CascadeType;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.ManyToMany;
import javax.persistence.Table;

import org.hibernate.annotations.GenericGenerator;

@Entity
@Table(name="cp_group")
public class Group {
	@Id
	@GeneratedValue(generator = "system-uuid")    
	@GenericGenerator(name = "system-uuid", strategy = "uuid.hex")
	private String id;
	private String name;
	@ManyToMany(cascade=CascadeType.ALL ,fetch = FetchType.EAGER,mappedBy="groups")
	private Set<User> users = new HashSet<User>();
	@ManyToMany(cascade=CascadeType.ALL ,fetch = FetchType.EAGER,mappedBy="groups")
	private Set<Action> actions = new HashSet<Action>();
	public String getId() {
		return id;
	}
	public void setId(String id) {
		this.id = id;
	}
	public String getName() {
		return name;
	}
	public void setName(String name) {
		this.name = name;
	}

	public Set<User> getUsers() {
		return users;
	}
	public void setUsers(Set<User> users) {
		this.users = users;
	}
	public Set<Action> getActions() {
		return actions;
	}
	public void setActions(Set<Action> actions) {
		this.actions = actions;
	}


}

权限:

package pojo;

import java.util.HashSet;
import java.util.Set;

import javax.persistence.CascadeType;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.Table;

import org.hibernate.annotations.GenericGenerator;

@Entity
@Table(name="cp_action")
public class Action {
	@Id
	@GeneratedValue(generator = "system-uuid")    
	@GenericGenerator(name = "system-uuid", strategy = "uuid.hex")
	private String id;
	private String name;
	private String p_id;
	private String url;
	@ManyToMany(cascade=CascadeType.ALL ,fetch = FetchType.EAGER)
	@JoinTable(name="cp_group_action",
			joinColumns={@JoinColumn(name="action_id", referencedColumnName="id")},
			inverseJoinColumns={@JoinColumn(name="group_id",referencedColumnName="id")}
	)
	private Set<Group> groups = new HashSet<Group>();
	public String getId() {
		return id;
	}
	public void setId(String id) {
		this.id = id;
	}
	public String getName() {
		return name;
	}
	public void setName(String name) {
		this.name = name;
	}
	public String getP_id() {
		return p_id;
	}
	public void setP_id(String p_id) {
		this.p_id = p_id;
	}
	public String getUrl() {
		return url;
	}
	public void setUrl(String url) {
		this.url = url;
	}
	public Set<Group> getGroups() {
		return groups;
	}
	public void setGroups(Set<Group> groups) {
		this.groups = groups;
	}


}

过滤器 filter

package util;

import java.io.IOException;
import java.util.Set;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import pojo.Action;
import pojo.Group;
import pojo.User;

public class UserFilter extends HttpServlet implements Filter{

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		// TODO Auto-generated method stub
		HttpServletRequest req = (HttpServletRequest)request;      
		//System.out.println(req.getServletPath());      

		HttpServletResponse res = (HttpServletResponse)response;      
		HttpSession ses = req.getSession();      
		User user =(User) ses.getAttribute("user");   
		if(user ==null){      
			res.sendRedirect("../login.jsp");      
		}else{      
			Boolean allow= false ;
			Set<Group> groups = user.getGroups();
			for(Group g : groups){
				Set<Action> actions =  g.getActions();
				for(Action a : actions){
					if(a.getUrl().equals(req.getServletPath()))
						allow = true;
				}
			}
			if(allow){
				chain.doFilter(request, response);
			}else{
				res.sendRedirect("../error_quanxin.jsp");
			}
		} 
	}
	public void init(FilterConfig filterConfig) throws ServletException {
		// TODO Auto-generated method stub

	}

}


web.xml

<filter>
  <filter-name>userFilter</filter-name>
  <filter-class>util.UserFilter</filter-class>
</filter>
<filter-mapping>
  <filter-name>userFilter</filter-name>
  <url-pattern>/admin/*</url-pattern>
</filter-mapping>
cody123
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值