权限就是控制功能的使用(功能对应着URL)。
对功能的控制就是对URL的访问控制。
在我们的程序中,一个功能对应一个或两个URL:
1,例如列表或删除功能,只对应一个URL.
2,例如添加或修改功能,对应两个URL:..add, ..addUI
权限方案:
用户 *----* 角色 *----* 权限
与权限相关的功能具体有哪些:
初始化数据:...
分配权限:...
使用权限:...
初始化数据(安装)
权限数据。
超级管理员。
分配权限
给角色分配权限。
用户的权限就是用户所有角色的权限。
使用权限
1,登录、注销、主页面。
2,左侧的菜单是根据权限显示的。
3,右侧页面中的链接是根据权限显示的。
4,拦截每一个action请求,验证用户是否有权限访问。
实体:
javaBean --> hbm.xml --> 建表
Privilege.java
public class Privilege { private Long id; private String url; private String name; //权限名称 private Set<Role> roles = new HashSet<Role>(); private String parent; //上级权限 private Set<Privilege> children = new HashSet<Privilege>(); public Long getId() { return id; } public void setId(Long id) { this.id = id; } public String getUrl() { return url; } public void setUrl(String url) { this.url = url; } public String getName() { return name; } public void setName(String name) { this.name = name; } public Set<Role> getRoles() { return roles; } public void setRoles(Set<Role> roles) { this.roles = roles; } public String getParent() { return parent; } public void setParent(String parent) { this.parent = parent; } public Set<Privilege> getChildren() { return children; } public void setChildren(Set<Privilege> children) { this.children = children; } }
Role.hbm.xml
<hibernate-mapping package="cn.itcast.oa.domain"> <class name="Role" table="itcast_role"> <id name="id"> <generator class="native" /> </id> <property name="name"></property> <property name="description"></property> <!-- users属性,本类与User的多对多 --> <set name="users" table="itcast_user_role"> <key column="roleId"></key> <many-to-many class="User" column="userId"></many-to-many> </set> <!-- privileges属性,本来与Privilege的多对多 --> <set name="privileges" table="itcast_role_privilege"> <key column="roleId"></key> <many-to-many class="Privilege"></many-to-many> </set> </class> </hibernate-mapping>
Privilege.hbm.xml
<hibernate-mapping package="cn.itcast.oa.domain"> <class name="Privilege" table="itcast_privilege"> <id name="id"> <generator class="native" /> </id> <property name="url"></property> <property name="name"></property> <!-- roles属性,本类与Role的多对多 --> <set name="roles" table="itcast_role_privilege"> <key column="privilegeId"></key> <many-to-many class="Role" column="userId"></many-to-many> </set> <!-- parent属性,本类与Privilege(上级)的多对一 --> <many-to-one name="parent" class="Privilege" column="parentId"></many-to-one> <!-- children属性,本类与Privilege(下级)的一对多 --> <set name="children" > <key column="parentId"></key> <one-to-many class="Privilege"/> </set> </class> </hibernate-mapping>
加到hibernate.cfg.xml
<mapping resource="cn/itcast/oa/domain/Privilege.hbm.xml" />
运行SpringTest.java中的testSessionFactory()方法生成表结构看对不对
顶级菜单的作用是对二级菜单分类,没有具体的url地址
Privilege.java
public class Privilege { private Long id; private String url; private String name; //权限名称 private Set<Role> roles = new HashSet<Role>(); private Privilege parent; //上级权限 private Set<Privilege> children = new HashSet<Privilege>(); public Privilege(){} public Privilege(String name, String url, Privilege parent) { this.name = name; this.url = url; this.parent = parent; } public Long getId() { return id; } public void setId(Long id) { this.id = id; } public String getUrl() { return url; } public void setUrl(String url) { this.url = url; } public String getName() { return name; } public void setName(String name) { this.name = name; } public Set<Role> getRoles() { return roles; } public void setRoles(Set<Role> roles) { this.roles = roles; } public Privilege getParent() { return parent; } public void setParent(Privilege parent) { this.parent = parent; } public Set<Privilege> getChildren() { return children; } public void setChildren(Set<Privilege> children) { this.children = children; } }
Installer.java
@Controller public class Installer { @Resource private SessionFactory sessionFactory; /** * 执行安装 */ @Transactional public void install() { Session session = sessionFactory.getCurrentSession(); //保存超级管理员用户 User user = new User(); user.setLoginName("admin"); user.setName("超级管理员"); user.setPassword(DigestUtils.md5Hex("admin")); session.save(user); //保存 //保存权限数据 Privilege menu, menu1, menu2,menu3,menu4,menu5; menu = new Privilege("系统管理", null, null); menu1 = new Privilege("岗位管理", "/role_list",menu); menu2 = new Privilege("部门管理", "/department_list",menu); menu3 = new Privilege("用户管理", "/user_list",menu); session.save(menu); session.save(menu1); session.save(menu2); session.save(menu3); session.save(new Privilege("岗位列表", "/role_list", menu1)); session.save(new Privilege("岗位删除", "/role_delete", menu1)); session.save(new Privilege("岗位添加", "/role_add", menu1)); session.save(new Privilege("岗位修改", "/role_edit", menu1)); session.save(new Privilege("部门列表", "/department_list", menu2)); session.save(new Privilege("部门删除", "/department_delete", menu2)); session.save(new Privilege("部门添加", "/department_add", menu2)); session.save(new Privilege("部门修改", "/department_edit", menu2)); session.save(new Privilege("用户列表", "/user_list", menu3)); session.save(new Privilege("用户删除", "/user_delete", menu3)); session.save(new Privilege("用户添加", "/user_add", menu3)); session.save(new Privilege("用户修改", "/user_edit", menu3)); session.save(new Privilege("初始化密码", "/user_initPassword", menu3)); menu = new Privilege("网上交流", null, null); menu1 = new Privilege("论坛管理", "/forumManage_list",menu); menu2 = new Privilege("论坛", "/forum_list",menu); session.save(menu); session.save(menu1); session.save(menu2); menu = new Privilege("审批流转", null, null); menu1 = new Privilege("审批流程管理", "/processDefinition_list",menu); menu2 = new Privilege("申请模板管理", "/template_list",menu); menu3 = new Privilege("起草申请", "/flow_templateList",menu); menu4 = new Privilege("待我审批", "/flow_myTaskList",menu); menu5 = new Privilege("我的申请查询", "/flow_myApplicationList",menu); session.save(menu); session.save(menu1); session.save(menu2); session.save(menu3); session.save(menu4); session.save(menu5); } public static void main(String[] args) { ApplicationContext ac = new ClassPathXmlApplicationContext("applicationContext.xml"); Installer installer = (Installer) ac.getBean("installer"); installer.install(); } }
权限模块_整体方案说明_设计实体&映射实体_实现初始化权限数据的功能
原文:http://www.cnblogs.com/justdoitba/p/7772364.html